-#! /usr/bin/env python
+#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# Copyright 1999, 2000 Martin Pool <mbp@humbug.org.au>
# Copyright 2002 Gerardo Poggiali
-# Copyright 2007 Bernardo Innocenti <bernie@codewiz.org>
+# Copyright 2007, 2008 Bernardo Innocenti <bernie@codewiz.org>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# Regular expression defining a WikiWord
# (but this definition is also assumed in other places)
-file_re = re.compile(r"^\b([A-Za-z0-9_\.\-]+)\b$")
-word_re = re.compile(r"^\b([A-Z][a-z]+){2,}\b$")
+file_re = re.compile(r"^\b([A-Za-z0-9_\.\-/]+)\b$")
+word_re = re.compile(r"^\b((([A-Z][a-z]+){2,}/)*([A-Z][a-z]+){2,})\b$")
img_re = re.compile(r"^.*\.(png|gif|jpg|jpeg)$", re.IGNORECASE)
url_re = re.compile(r"^[a-z]{3,8}://[^\s'\"]+\S$")
except:
return addr
+def relative_url(path, privileged=False):
+ if not (url_re.match(path) or path.startswith('/')):
+ if privileged:
+ url = privileged_path()
+ else:
+ url = script_name()
+ path = url + '/' + path
+ return path
+
# Formatting stuff --------------------------------------------------
def emit_header(type="text/html"):
print ' <meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8" />'
if not name:
print ' <meta name="robots" content="noindex,nofollow" />'
- if globals().has_key('css_url'):
- print ' <link rel="stylesheet" type="text/css" href="%s" />' % css_url
+ for css in css_url:
+ print ' <link rel="stylesheet" type="text/css" href="%s" />' % relative_url(css)
print '</head>'
# Body
if name:
print ' | ' + link_tag('?raw=' + name, 'Raw Text', 'navlink')
if privileged_url is not None:
- print ' | ' + link_tag('?edit=' + name, 'Edit Page', 'navlink', authentication=True)
+ print ' | ' + link_tag('?edit=' + name, 'Edit Page', 'navlink', privileged=True)
else:
print ' | <i>Immutable Page</i>'
print '<hr /></div>'
-def link_tag(params, text=None, ss_class=None, authentication=False):
+def link_tag(params, text=None, ss_class=None, privileged=False):
if text is None:
text = params # default
classattr = ''
# Prevent crawlers from following links potentially added by spammers or to generated pages
if ss_class == 'external' or ss_class == 'navlink':
classattr += 'rel="nofollow" '
- if authentication:
- path = privileged_path()
- else:
- path = script_name()
- return '<a %shref="%s/%s">%s</a>' % (classattr, path, params, text)
+ elif url_re.match(params):
+ classattr += 'rel="nofollow" '
+ return '<a %shref="%s">%s</a>' % (classattr, relative_url(params, privileged=privileged), text)
# Search ---------------------------------------------------
for name in pages:
letter = string.lower(name[0])
if letter != current_letter:
- s = s + '<a name="%s"><h3>%s</h3></a>' % (letter, letter)
+ s += '<a name="%s"><h3>%s</h3></a>' % (letter, letter)
current_letter = letter
else:
- s = s + '<br />'
- s = s + Page(name).link_to()
+ s += '<br />'
+ s += Page(name).link_to()
return s
def __init__(self, raw):
self.raw = raw
self.h_level = 0
- self.in_pre = self.in_table = self.in_var = self.in_em = self.in_b = False
+ self.in_pre = self.in_table = False
self.in_header = True
self.list_indents = []
self.tr_cnt = self.h_cnt = 0
+ self.styles = {
+ #wiki html enabled?
+ "//": ["em", False],
+ "''": ["em", False],
+ "**": ["b", False],
+ "'''": ["b", False],
+ "##": ["tt", False],
+ "``": ["tt", False],
+ "__": ["u", False],
+ "^^": ["sup", False],
+ ",,": ["sub", False]
+ }
def _b_repl(self, word):
- self.in_b = not self.in_b
- return ['</strong>', '<strong>'][self.in_b]
-
- def _em_repl(self, word):
- self.in_em = not self.in_em
- return ['</em>', '<em>'][self.in_em]
+ style = self.styles[word]
+ style[1] = not style[1]
+ return ['</','<'][style[1]] + style[0] + '>'
def _tit_repl(self, word):
if self.h_level:
return Page(word).link_to()
def _img_repl(self, word):
- path = script_name() + '/' + word;
+ path = relative_url(word)
return '<a href="%s"><img border="0" src="%s" /></a>' % (path, path)
def _url_repl(self, word):
return '<a href="%s" rel="nofollow" class="external">%s</a>' % (word, word)
def _hurl_repl(self, word):
- m = re.compile("\[\[(\S+)(?:\s*\|\s*([^\]]*)|)\]\]").match(word)
+ m = re.compile("\[\[([^ \t\n\r\f\v\|]+)(?:\s*\|\s*([^\]]+)|)\]\]").match(word)
name = m.group(1)
descr = m.group(2) or name
if macro:
return apply(macro, (name, descr))
elif img_re.match(name):
- return '<a href="%s"><img border="0" src="%s" alt="%s" /></a>' % (name, name, descr)
- elif url_re.match(name):
- return '<a href="%s" rel="nofollow" class="external">%s</a>' % (name, descr)
- elif name.startswith('/'):
- return '<a href="%s">%s</a>' % (name, descr)
+ name = relative_url(name)
+ # The "extthumb" nonsense works around a limitation of the HTML block model
+ return '<div class="extthumb"><div class="thumb"><a href="%s"><img border="0" src="%s" alt="%s" /></a><div class="caption">%s</div></div></div>' % (name, name, descr, descr)
else:
+ if img_re.match(descr):
+ descr = '<img border="0" src="' + descr + '" />'
+
return link_tag(name, descr, 'wikilink')
def _email_repl(self, word):
return ''
def _hi_repl(self, word):
- if word == 'FIXME':
- cl = 'error'
- elif word == 'DONE':
- cl = 'success'
- elif word == 'TODO':
- cl = 'notice'
- return '<strong class="highlight ' + cl + '">' + word + '</strong>'
-
- def _var_repl(self, word):
- if word == '{{' and not self.in_var:
- self.in_var = True
- return '<code>'
- elif self.in_var:
- self.in_var = False
- return '</code>'
- return ''
+ return '<strong class="highlight ' + word + '">' + word + '</strong>'
def _tr_repl(self, word):
out = ''
scan_re = re.compile(
r"(?:"
# Formatting
- + r"(?P<b>\*\*|''')"
- + r"|(?P<em>//|'')"
+ + r"(?P<b>\*\*|'''|//|''|##|``|__|\^\^|,,)"
+ r"|(?P<tit>\={2,6})"
+ r"|(?P<br>\\\\)"
+ r"|(?P<rule>^-{3,})"
# Links
+ r"|(?P<img>\b[a-zA-Z0-9_-]+\.(png|gif|jpg|jpeg|bmp))"
+ r"|(?P<word>\b(?:[A-Z][a-z]+){2,}\b)"
- + r"|(?P<hurl>\[\[(\S+)(?:\s*\|\s*([^\]]*)|)\]\])"
+ + r"|(?P<hurl>\[\[([^ \t\n\r\f\v\|]+)(?:\s*\|\s*([^\]]+)|)\]\])"
+ r"|(?P<url>(http|https|ftp|mailto)\:[^\s'\"]+\S)"
+ r"|(?P<email>[-\w._+]+\@[\w.-]+)"
# Lists, divs, spans
+ r"|(?P<li>^\s+[\*#] +)"
+ r"|(?P<pre>\{\{\{|\s*\}\}\})"
- + r"|(?P<var>\{\{|\}\})"
# Tables
+ r"|(?P<tr>^\s*\|\|(=|)\s*)"
pre_re = re.compile(
r"(?:"
+ r"(?P<pre>\s*\}\}\})"
+ + r"|(?P<ent>[<>&])"
+ r")")
blank_re = re.compile(r"^\s*$")
indent_re = re.compile(r"^\s*")
self.page_name = page_name
self.msg = ''
self.msg_type = 'error'
- self.attrs = {}
def split_title(self):
# look for the end of words and the start of a new word,
return path.join(data_dir, self.page_name)
def _tmp_filename(self):
- return path.join(data_dir, ('#' + self.page_name + '.' + `os.getpid()` + '#'))
+ return path.join(data_dir, ('#' + self.page_name.replace('/','_') + '.' + `os.getpid()` + '#'))
def exists(self):
try:
except OSError, er:
if er.errno == errno.ENOENT:
return False
- else:
- raise er
+ raise er
def link_to(self):
word = self.page_name
raise er
def get_attrs(self):
- if self.attrs:
+ if self.__dict__.has_key('attrs'):
return self.attrs
+ self.attrs = {}
try:
file = open(self._text_filename(), 'rt')
attr_re = re.compile(r"^#(\S*)(.*)$")
raise er
return self.attrs
+ def get_attr(self, name, default):
+ return self.get_attrs().get(name, default)
+
def can(self, action, default=True):
- attrs = self.get_attrs()
try:
- # SomeUser:read,write All:read
- acl = attrs["acl"]
+ #acl SomeUser:read,write All:read
+ acl = self.get_attr("acl", None)
for rule in acl.split():
(user,perms) = rule.split(':')
if user == remote_user() or user == "All":
- if action in perms.split(','):
- return True
- else:
- return False
+ return action in perms.split(',')
return False
except Exception, er:
pass
page_name = None
if self.can_write():
page_name = self.page_name
+
+ #FIXME: are there security implications?
+ #css foo.css bar.css
+ global css_url
+ css_url = css_url + self.get_attr("css", "").split()
+
send_title(page_name, self.split_title(), msg=self.msg, msg_type=self.msg_type)
if self.can_read():
PageFormatter(self.get_raw_body()).print_html()
+ ' for ' + cgi.escape(remote_user())
+ ' from ' + cgi.escape(get_hostname(remote_host()))
+ '</b></p>')
- print '<div class="editor"><form method="post" action="%s/%s">' % (script_name(), self.page_name)
+ print '<div class="editor"><form method="post" action="%s">' % relative_url(self.page_name)
print '<input type="hidden" name="savepage" value="%s">' % (self.page_name)
print """<textarea wrap="off" spellcheck="true" id="editor" name="savetext" rows="17" cols="100">%s</textarea>""" % (preview or self.get_raw_body())
print """