shithub: werc

Download patch

ref: 5a0b39aaf3107a3db595cfba75bb963bee77b6d0
parent: 5f4bcc168c1685d2dbbfa29b83ef42113c89e234
author: uriel <[email protected]>
date: Sun Jan 25 22:37:47 EST 2009

Upgrade and cleanup dirdir, move to app framework, and its implementation more elegant and reliable.

--- a/apps/dirdir/app.rc
+++ b/apps/dirdir/app.rc
@@ -1,14 +1,24 @@
 fn dirdir_init {
-    if(! ~ $#enable_wiki 0 && test -f $local_path.md && check_user $wiki_editors_group) 
-        ll_add handlers_bar_left  dirdir_controls
+    if(! ~ $#enable_wiki 0 &&  check_user $wiki_editors_group admin) {
+        if(test -f $local_path.md)
+            ll_add handlers_bar_left  dirdir_controls
+
+        if(~ $req_path */dirdir_edit && ~ $REQUEST_METHOD POST) {
+            get_post_args edit_wiki_page edit_text edit_preview edit_save
+            # XXX SECURITY! should sanitize input and ensure we only edit files 
+            # we are allowed. This is a start, but should be way more careful
+            edit_file = `{echo $sitedir/$edit_wiki_page|sed -e 's/\.\.*/./g' -e 's,/$,/index,' | sed 's/$/.md/'}
+            tpl=`{get_lib_file dirdir/edit.tpl apps/dirdir/edit.tpl}
+            handler_body_main=(tpl_handler $tpl)
+        }
+
+    }
 }
 
 fn dirdir_controls {
     # Display 'Edit', 'History', etc, links
-    echo '<form action="/_apps/dirdir/edit" method="POST">'
+    echo '<form action="dirdir_edit" method="POST">'
     echo '<input type="hidden" name="edit_wiki_page" value="'^$req_path^'" />'
     echo '<input type="submit" name="" value="Edit page" />'
     echo '</form>'
-
-
 }
--- /dev/null
+++ b/apps/dirdir/edit.tpl
@@ -1,0 +1,46 @@
+% if (~ $"edit_save '') {
+<div>
+    <h1>Editing %($edit_wiki_page%)</h1>
+    <br />
+    <form action="dirdir_edit" method="post">
+        <input type="hidden" name="edit_wiki_page" value="%($edit_wiki_page%)"
+        <textarea name="edit_text" id="edit_text" cols="80" rows="43">%{
+
+            if(~ $#edit_text 0 && test -f $edit_file)
+                cat $edit_file | escape_html
+            if not
+                echo $edit_text | escape_html
+
+        %}</textarea>
+        <br />
+        <input type="submit" name="edit_save" value="Save"/>
+        <input type="submit" name="edit_preview" value="Preview" />
+        <small>DirDir documents are written using <a href="http://daringfireball.net/projects/markdown/syntax">Markdown syntax</a>.</small>
+    </form>
+</div>
+% }
+
+% if(! ~ $"edit_preview '') {
+            <H2>Preview:</H2>
+            <div id="preview">
+%               echo $edit_text | $formatter
+            </div>
+            <hr /><hr />
+% }
+% if not if(! ~ $"edit_save '') {
+%{
+    dirdir_dir = $edit_file^'_werc/dirdir/'
+
+    if(! test -d  $dirdir_dir)
+        mkdir -p $dirdir_dir
+
+    dirdir_verdir = $dirdir_dir/`{date -n}^/
+    mkdir $dirdir_verdir
+
+    echo $loggin_user > $dirdir_verdir/author
+    echo $edit_text > $dirdir_verdir/data 
+    echo $edit_text > $edit_file
+%}
+<h1>Saved <a href="%($edit_wiki_page%)">%($edit_wiki_page%)!</a></h1>
+% }
+