#!/usr/bin/python
# -*- coding: utf-8 -*-
#
-# Copyright 1999, 2000 Martin Pool <mbp@humbug.org.au>
-# Copyright 2002 Gerardo Poggiali
-# Copyright 2007, 2008, 2009 Bernie Innocenti <bernie@codewiz.org>
+# Copyright (C) 1999, 2000 Martin Pool <mbp@humbug.org.au>
+# Copyright (C) 2002 Gerardo Poggiali
+# Copyright (C) 2007, 2008, 2009 Bernie Innocenti <bernie@codewiz.org>
#
# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
__version__ = '4.0-' + '$Id$'[4:11]
-from time import clock
+from time import clock, localtime, gmtime, strftime
start_time = clock()
title_done = False
-import cgi, sys, os, re, errno, stat
+import cgi, sys, os, re, errno, stat, glob
image_ext = 'png|gif|jpg|jpeg|bmp|ico'
video_ext = "ogg|ogv|oga" # Not supported by Firefox 3.5: mkv|mpg|mpeg|mp4|avi|asf|flv|wmv|qt
-image_re = re.compile(r".*\.(" + image_ext + "|" + video_ext + ")", re.IGNORECASE)
-video_re = re.compile(r".*\.(" + video_ext + ")", re.IGNORECASE)
+image_re = re.compile(r".*\.(" + image_ext + "|" + video_ext + ")$", re.IGNORECASE)
+video_re = re.compile(r".*\.(" + video_ext + ")$", re.IGNORECASE)
# FIXME: we accept stuff like foo/../bar and we shouldn't
-file_re = re.compile(r"([A-Za-z0-9_\-][A-Za-z0-9_\.\-/]*)")
-url_re = re.compile(r"[a-z]{3,8}://[^\s'\"]+\S")
+file_re = re.compile(r"([A-Za-z0-9_\-][A-Za-z0-9_\.\-/]*)$")
+url_re = re.compile(r"[a-z]{3,8}://[^\s'\"]+\S$")
ext_re = re.compile(r"\.([^\./]+)$")
# CGI stuff ---------------------------------------------------------
def script_name():
return os.environ.get('SCRIPT_NAME', '')
+#TODO: move post-edit hook into wiki, then kill this
+def script_path():
+ return os.path.split(os.environ.get('SCRIPT_FILENAME', ''))[0]
+
def query_string():
path_info = os.environ.get('PATH_INFO', '')
if len(path_info) and path_info[0] == '/':
else:
return os.environ.get('QUERY_STRING', '') or 'FrontPage'
-def privileged_path():
- return config_get('privileged_url') or script_name()
+def is_privileged():
+ purl = config_get('privileged_url')
+ return (purl is not None) and os.environ.get('SCRIPT_URI', '').startswith(purl)
def remote_user():
user = os.environ.get('REMOTE_USER', '')
def relative_url(pathname, privileged=False):
if not is_external_url(pathname):
if privileged:
- url = privileged_path()
+ url = config_get('privileged_url') or script_name()
else:
url = script_name()
pathname = url + '/' + pathname
return ''
# Formatting stuff --------------------------------------------------
-def emit_header(mime_type="text/html"):
+def emit_header(mtime=None, mime_type="text/html"):
+ if mtime:
+ print("Last-Modified: " + strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime(mtime)))
print("Content-type: " + mime_type + "; charset=utf-8\n")
def send_guru(msg_text, msg_type):
print('<pre id="guru" onclick="this.style.display = \'none\'" class="' + msg_type + '">')
if msg_type == 'error':
print(' Software Failure. Press left mouse button to continue.\n')
- print(msg_text)
+ print(cgi.escape(msg_text))
if msg_type == 'error':
print '\n Guru Meditation #DEADBEEF.ABADC0DE'
- print('</pre><script language="JavaScript" type="text/javascript" src="%s" defer="defer"></script>' \
+ print('</pre><script type="text/javascript" src="%s" defer="defer"></script>' \
% relative_url('sys/GuruMeditation.js'))
-def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=False):
+def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=False, mtime=None):
global title_done
if title_done: return
- # Head
- emit_header()
- print('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"')
- print(' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">')
- print('<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">')
-
+ # HEAD
+ emit_header(mtime)
+ print('<!doctype html>\n<html lang="en">')
print("<head><title>%s: %s</title>" % (config_get('site_name', "Unconfigured Wiki"), text))
- print(' <meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8" />')
+ print(' <meta charset="UTF-8">')
if not name:
print(' <meta name="robots" content="noindex,nofollow" />')
rel, href = link
print(' <link rel="%s" href="%s" />' % (rel, relative_url(href)))
- editable = name and writable and config_get('privileged_url') is not None
+ editable = name and writable and is_privileged()
if editable:
print(' <link rel="alternate" type="application/x-wiki" title="Edit this page" href="%s" />' \
- % (privileged_path() + '?a=edit&q=' + name))
+ % relative_url('?a=edit&q=' + name, privileged=True))
history = config_get('history_url')
if history is not None:
print('</head>')
- # Body
+ # BODY
if editable:
- print('<body ondblclick="location.href=\'' + privileged_path() + '?a=edit&q=' + name + '\'">')
+ print('<body ondblclick="location.href=\'' + relative_url('?a=edit&q=' + name, privileged=True) + '\'">')
else:
print('<body>')
title_done = True
send_guru(msg_text, msg_type)
- # Navbar
- print('<div class="nav">')
+ # NAVBAR
+ print('<nav><div class="nav">')
print link_tag('FrontPage', config_get('site_icon', 'Home'), cssclass='navlink')
if name:
print(' <b>' + link_tag('?fullsearch=' + name, text, cssclass='navlink') + '</b> ')
if user != 'AnonymousCoward':
print(' | <span class="login"><i><b>' + link_tag('User/' + user, user) + '</b></i></span>')
- print('<hr /></div>')
+ print('<hr /></div></nav>')
def send_httperror(status="403 Not Found", query=""):
print("Status: %s" % status)
if text is None:
text = humanlink(dest)
elif image_re.match(text):
- text = '<img border="0" src="' + relative_url(text) + '" alt="' + text + '" />'
+ text = '<img style="border: 0" src="' + relative_url(text) + '" alt="' + text + '" />'
link_class = kvargs.get('class', kvargs.get('cssclass', None))
if not link_class:
elif image_re.match(name):
return '<a href="%s"><img border="0" src="%s" alt="%s" /></a>' % (url, url + url_args(kvargs), descr)
elif file_re.match(name) and not ext_re.search(name): # FIXME: this guesses a wiki page
- return Page(name).send_naked(kvargs)
+ Page(name).send_naked(kvargs) # FIXME: we should return the page as a string rather than print it
+ return ''
else:
return '<iframe width="100%%" scrolling="auto" frameborder="0" src="%s"><a href="%s">%s</a></iframe>' \
% (url, url, name)
+def link_inline_glob(pattern, descr=None, kvargs={}):
+ if not url_re.match(pattern) and bool(set(pattern) & set('?*[')):
+ s = ''
+ for name in glob.glob(pattern):
+ s += link_inline(name, descr, kvargs)
+ return s
+ else:
+ return link_inline(pattern, descr, kvargs)
+
# Search ---------------------------------------------------
def print_search_stats(hits, searched):
else:
send_httperror("403 Forbidden", pagename)
-# Used by macros/WordIndex and macros/TitleIndex
+# Used by sys/macros/WordIndex and sys/macros/TitleIndex
def make_index_key():
links = ['<a href="#%s">%s</a>' % (ch, ch) for ch in 'abcdefghijklmnopqrstuvwxyz']
return '<p style="text-align: center">' + ' | '.join(links) + '</p>'
if search_re is None:
# FIXME: WikiWord is too restrictive now!
search_re = re.compile(r"^\b((([A-Z][a-z0-9]+){2,}/)*([A-Z][a-z0-9]+){2,})\b$")
- return sorted(filter(search_re.match, os.listdir(dirname or config_get('data_dir', 'data'))))
+ return sorted(filter(search_re.match, os.listdir(dirname or '.')))
-def send_footer(mod_string=None):
+def send_footer(mtime=None):
if config_get('debug_cgi', False):
cgi.print_arguments()
cgi.print_form(form)
cgi.print_environ()
- link_inline("sys/footer", kvargs = { 'LAST_MODIFIED': mod_string })
+ link_inline("sys/footer", kvargs = {
+ 'LAST_MODIFIED': strftime(config_get('datetime_fmt', '%a %d %b %Y %I:%M %p'), localtime(mtime))
+ })
print("</body></html>")
def _macro_ELAPSED_TIME(*args, **kvargs):
self.h_level = 0
self.in_pre = self.in_html = self.in_table = self.in_li = False
self.in_header = True
- self.list_indents = []
+ self.list_indents = [] # a list of pairs (indent_level, list_type) to track nested lists
self.tr_cnt = 0
self.styles = {
#wiki html enabled?
",,": ["sub", False],
"''": ["em", False], # LEGACY
"'''": ["b", False], # LEGACY
- "``": ["tt", False], # LEGACY
}
def _b_repl(self, word):
return '<br />'
def _rule_repl(self, word):
- return self._undent() + '\n<hr size="%d" noshade="noshade" />\n' % (len(word) - 2)
+ return '\n<hr size="%d" noshade="noshade" />\n' % (len(word) - 2)
def _macro_repl(self, word):
try:
return self.kvargs[args[0]]
macro = globals().get('_macro_' + args[0])
if not macro:
- exec(open("macros/" + args[0] + ".py").read(), globals())
+ exec(open("sys/macros/" + args[0] + ".py").read(), globals())
macro = globals().get('_macro_' + args[0])
return macro(*args, **kvargs)
except Exception, e:
- msg = cgi.escape(word) + ": " + cgi.escape(e.message)
+ msg = cgi.escape(word) + ": " + cgi.escape(str(e))
if not self.in_html:
msg = '<strong class="error">' + msg + '</strong>'
return msg
# This double div nonsense works around a limitation of the HTML block model
return '<div class="' + kvargs.get('class', 'thumb') + '">' \
+ '<div class="innerthumb">' \
- + link_inline(name, descr, kvargs) \
+ + link_inline_glob(name, descr, kvargs) \
+ '<div class="caption">' + descr + '</div></div></div>'
else:
- return link_inline(name, None, kvargs)
+ return link_inline_glob(name, None, kvargs)
def _html_repl(self, word):
if not self.in_html and word.startswith('<div'): word = '</p>' + word
return ''
def _indent_level(self):
- return len(self.list_indents) and self.list_indents[-1]
+ return len(self.list_indents) and self.list_indents[-1][0]
- def _indent_to(self, new_level):
+ def _indent_to(self, new_level, list_type=''):
if self._indent_level() == new_level:
return ''
s = '</p>'
while self._indent_level() > new_level:
- del(self.list_indents[-1])
if self.in_li:
s += '</li>'
self.in_li = False # FIXME
- s += '</ul>\n'
+ s += '</' + self.list_indents[-1][1] + '>\n'
+ del(self.list_indents[-1])
+
+ list_type = ('ul', 'ol')[list_type == '#']
while self._indent_level() < new_level:
- self.list_indents.append(new_level)
- s += '<ul>\n'
+ self.list_indents.append((new_level, list_type))
+ s += '<' + list_type + '>\n'
s += '<p>'
return s
- def _undent(self):
- res = '</p>'
- res += '</ul>' * len(self.list_indents)
- res += '<p>'
- self.list_indents = []
- return res
-
def replace(self, match):
for rule, hit in list(match.groupdict().items()):
if hit:
scan_re = re.compile(r"""(?:
# Styles and formatting ("--" must cling to a word to disambiguate it from the dash)
- (?P<b> \*\* | // | \#\# | __ | --\b | \b-- | \^\^ | ,, | ''' | '' | `` )
+ (?P<b> \*\* | // | \#\# | __ | --\b | \b-- | \^\^ | ,, | ''' | '' )
| (?P<tit> \={2,6})
| (?P<br> \\\\)
| (?P<rule> ^-{3,})
| (?P<ent>[<>&])"
)""", re.VERBOSE)
blank_re = re.compile(r"^\s*$")
- indent_re = re.compile(r"^\s*")
+ indent_re = re.compile(r"^(\s*)(\*|\#|)")
tr_re = re.compile(r"^\s*\|\|")
eol_re = re.compile(r"\r?\n")
# For each line, we scan through looking for magic strings, outputting verbatim any intervening text
print('</p><p>')
else:
indent = indent_re.match(self.line)
- #3.0: print(self._indent_to(len(indent.group(0))), end=' ')
- print(self._indent_to(len(indent.group(0))))
+ print(self._indent_to(len(indent.group(1)), indent.group(2)))
+ # Stand back! Here we apply the monster regex that does all the parsing
print(re.sub(scan_re, self.replace, self.line))
if self.in_pre: print('</pre>')
if self.in_table: print('</tbody></table><p>')
- print(self._undent())
+ print(self._indent_to(0))
print('</p></div>')
class Page:
def __init__(self, page_name):
- self.page_name = page_name
+ self.page_name = page_name.rstrip('/');
self.msg_text = ''
self.msg_type = 'error'
return re.sub('([a-z])([A-Z])', r'\1 \2', self.page_name)
def _filename(self):
- return os.path.join(config_get('data_dir', 'data'), self.page_name)
+ return self.page_name
def _tmp_filename(self):
- return os.path.join(config_get('data_dir', 'data'), ('#' + self.page_name.replace('/','_') + '.' + str(os.getpid()) + '#'))
+ return self.page_name + '.tmp' + str(os.getpid()) + '#'
- def exists(self):
+ def _mtime(self):
try:
- os.stat(self._filename())
- return True
+ return os.stat(self._filename()).st_mtime
except OSError, err:
if err.errno == errno.ENOENT:
- return False
+ return None
raise err
+ def exists(self):
+ if self._mtime():
+ return True
+ return False
+
def get_raw_body(self, default=None):
try:
return open(self._filename(), 'rb').read()
out = '== '
pathname = ''
for dirname in self.page_name.strip('/').split('/'):
- pathname = (pathname + '/' + dirname) if pathname else dirname
+ pathname = (pathname and pathname + '/' ) + dirname
out += '[[' + pathname + '|' + dirname + ']]/'
out += ' ==\n'
for filename in page_list(self._filename(), file_re):
if image_re.match(filename):
- maxwidth = config_get(image_maxwidth, '')
+ maxwidth = config_get('image_maxwidth', '400')
if maxwidth:
maxwidth = ' | maxwidth=' + str(maxwidth)
out += '{{' + self.page_name + '/' + filename + ' | ' + humanlink(filename) + maxwidth + ' | class=thumbleft}}\n'
#print "bernie: pragmas[" + m.group(1) + "] = " + m.group(2) + "<br>\n"
except IOError, err:
if err.errno != errno.ENOENT and err.errno != errno.EISDIR:
- raise er
+ raise err
return self._pragmas
def pragma(self, name, default):
link_urls += [ [ "stylesheet", value ] ]
send_title(self.page_name, self.split_title(),
- msg_text=self.msg_text, msg_type=self.msg_type, writable=self.can_write())
+ msg_text=self.msg_text, msg_type=self.msg_type, writable=self.can_write(), mtime=self._mtime())
self.send_naked()
- send_footer(self._last_modified())
-
- def _last_modified(self):
- try:
- from time import localtime, strftime
- modtime = localtime(os.stat(self._filename())[stat.ST_MTIME])
- except OSError, err:
- if err.errno != errno.ENOENT:
- raise err
- return None
- return strftime(config_get(datetime_fmt, '%a %d %b %Y %I:%M %p'), modtime)
+ send_footer(mtime=self._mtime())
def send_editor(self, preview=None):
send_title(None, 'Edit ' + self.split_title(), msg_text=self.msg_text, msg_type=self.msg_type)
def send_raw(self, mimetype='text/plain', args=[]):
if not self.can_read():
- send_title(None, msg_text='Read access denied by ACLs', msg_type='notice')
+ send_title(None, msg_text='Read access denied by ACLs', msg_type='notice', mtime=self._mtime())
return
+ emit_header(self._mtime(), mimetype)
if 'maxwidth' in args:
import subprocess
- emit_header(mimetype)
sys.stdout.flush()
subprocess.check_call(['gm', 'convert', self._filename(),
'-scale', args['maxwidth'].value + ' >', '-'])
else:
body = self.get_raw_body()
- emit_header(mimetype)
print(body)
def _write_file(self, data):
except OSError, err:
if err.errno != errno.ENOENT: raise err
path = os.path.split(name)[0]
- if not os.path.exists(path):
+ if path and not os.path.exists(path):
os.makedirs(path)
os.rename(tmp_filename, name)
def save(self, newdata, changelog):
if not self.can_write():
- self.msg_text = 'Write access denied by ACLs'
- self.msg_type = 'error'
+ self.msg_text = 'Write access denied by Access Control List'
+ return
+ if not is_privileged():
+ self.msg_text = 'Unauthenticated access denied'
return
self._write_file(newdata)
import subprocess
cmd = [
config_get('post_edit_hook'),
- os.path.join(config_get('data_dir', 'data'), self.page_name), remote_user(),
+ self.page_name, remote_user(),
remote_host(), changelog ]
child = subprocess.Popen(cmd, stdout=subprocess.PIPE, close_fds=True)
output = child.stdout.read()
try:
exec(open("geekigeeki.conf.py").read())
+ os.chdir(config_get('data_dir', 'data'))
form = cgi.FieldStorage()
action = form.getvalue('a', 'get')
handler = globals().get('handle_' + action)