ref: b1b24632fd227a2c6eb106e3ef9934b0a85c863b
parent: 134e75cd09665e1a9fa7e2b037bc4eb5d1b1aa11
author: uriel <uriel@engel.se.cat-v.org>
date: Tue Oct 21 12:59:26 EDT 2008
Add edit template for dirdir
--- /dev/null
+++ b/lib/_apps/dirdir/edit.tpl
@@ -1,0 +1,56 @@
+%{+get_post_args edit_wiki_page edit_text edit_preview edit_save
+
+# XXX SECURITY HOLE! should sanitize form input and make sure we only edit files we are allowed
+# This is a start, but should be way more careful
+edit_file = `{echo $sitedir/$edit_wiki_page.md|sed 's/\.\.*/./g'}+
+if(! ~ $"edit_preview '') {+%}
+ <H2>Preview:</H2>
+ <div id="preview">
+% echo $edit_text | $formatter
+ </div>
+ <hr /><hr />
+%{+}
+if not if (! ~ $"edit_save '') {+ dirdir_dir = $edit_file^'_werc/dirdir/'
+
+ if(! test -d $dirdir_dir)
+ mkdir -p $dirdir_dir
+
+ dirdir_verdir = $dirdir_dir/`{date -n}^/+ mkdir $dirdir_verdir
+
+ echo $loggin_user > $dirdir_verdir/author
+ echo $edit_text > $dirdir_verdir/data
+ echo $edit_text > $edit_file
+%}
+<h1>Saved <a href="%($edit_wiki_page%)">%($edit_wiki_page%)!</a></h1>
+%{+}
+if not {+%}
+
+<div>
+ <h1>Editing %($req_path%)</h1>
+ <br />
+ <form action="/_apps/dirdir/edit" method="post">
+ <input type="hidden" name="edit_wiki_page" value="%($edit_wiki_page%)"
+ <textarea name="edit_text" id="edit_text" cols="80" rows="43">%{+
+if(~ $#edit_text 0 && test -f $edit_file)
+ cat $edit_file | escape_html
+if not
+ echo $edit_text | escape_html
+
+ %}</textarea>
+ <br />
+ <input type="submit" name="edit_save" value="Save"/>
+ <input type="submit" name="edit_preview" value="Preview" />
+ <small>DirDir documents are written using <a href="http://daringfireball.net/projects/markdown/syntax">Markdown syntax</a>.</small>
+ </form>
+</div>
+% }
+