X-Git-Url: http://git.tremily.us/?p=ikiwiki.git;a=blobdiff_plain;f=ikiwiki;h=4246c7e785a42fdcefd4977d2c1a75dfa3ceb62e;hp=1ea8d082a547957932bb829c360f9c16b81a487d;hb=09902169560ec64800c5622d87fd2d85c246fc93;hpb=798c48a1a6ec32274ba031660bdd3eeef462e468

diff --git a/ikiwiki b/ikiwiki
index 1ea8d082a..4246c7e78 100755
--- a/ikiwiki
+++ b/ikiwiki
@@ -13,27 +13,34 @@ BEGIN {
 }
 
 $ENV{PATH}="/usr/local/bin:/usr/bin:/bin";
-my ($srcdir, $templatedir, $destdir, %links, %oldlinks, %oldpagemtime,
-    %renderedfiles, %pagesources);
-my $wiki_link_regexp=qr/\[\[([^\s]+)\]\]/;
-my $wiki_file_regexp=qr/(^[-A-Za-z0-9_.:\/+]+$)/;
-my $wiki_file_prune_regexp=qr!((^|/).svn/|\.\.|^\.|\/\.|\.html?$)!;
-my $verbose=0;
-my $wikiname="wiki";
-my $default_pagetype=".mdwn";
-my $cgi=0;
-my $url="";
-my $cgiurl="";
-my $historyurl="";
-my $svn=1;
-my $anonok=0;
+my (%links, %oldlinks, %oldpagemtime, %renderedfiles, %pagesources);
+
+my %config=(
+	wiki_file_prune_regexp => qr{((^|/).svn/|\.\.|^\.|\/\.|\.html?$)},
+	wiki_link_regexp => qr/\[\[([^\s]+)\]\]/,
+	wiki_file_regexp => qr/(^[-A-Za-z0-9_.:\/+]+$)/,
+	verbose => 0,
+	wikiname => "wiki",
+	default_pageext => ".mdwn",
+	cgi => 0,
+	url => "",
+	cgiurl => "",
+	historyurl => "",
+	svn => 1,
+	anonok => 0,
+	rebuild => 0,
+	wrapper => 0,
+	srcdir => undef,
+	destdir => undef,
+	templatedir => undef,
+);
 
 sub usage { #{{{
 	die "usage: ikiwiki [options] source templates dest\n";
 } #}}}
 
 sub error ($) { #{{{
-	if ($cgi) {
+	if ($config{cgi}) {
 		print "Content-type: text/html\n\n";
 		print misctemplate("Error", "<p>Error: @_</p>");
 		exit 1;
@@ -44,11 +51,12 @@ sub error ($) { #{{{
 } #}}}
 
 sub debug ($) { #{{{
-	if (! $cgi) {
-		print "@_\n" if $verbose;
+	return unless $config{verbose};
+	if (! $config{cgi}) {
+		print "@_\n";
 	}
 	else {
-		print STDERR "@_\n" if $verbose;
+		print STDERR "@_\n";
 	}
 } #}}}
 
@@ -120,7 +128,6 @@ sub writefile ($$) { #{{{
 
 	my $dir=dirname($file);
 	if (! -d $dir) {
-		print STDERR ">>$dir<<\n";
 		my $d="";
 		foreach my $s (split(m!/+!, $dir)) {
 			$d.="$s/";
@@ -139,7 +146,7 @@ sub findlinks ($) { #{{{
 	my $content=shift;
 
 	my @links;
-	while ($content =~ /$wiki_link_regexp/g) {
+	while ($content =~ /$config{wiki_link_regexp}/g) {
 		push @links, lc($1);
 	}
 	return @links;
@@ -178,11 +185,12 @@ sub isinlinableimage ($) { #{{{
 sub htmllink { #{{{
 	my $page=shift;
 	my $link=shift;
-	my $noimagelink=shift;
+	my $noimageinline=shift; # don't turn links into inline html images
+	my $createsubpage=shift; # force creation of a subpage if page DNE
 
 	my $bestlink=bestlink($page, $link);
 
-	return $link if $page eq $bestlink;
+	return $link if length $bestlink && $page eq $bestlink;
 	
 	# TODO BUG: %renderedfiles may not have it, if the linked to page
 	# was also added and isn't yet rendered! Note that this bug is
@@ -192,12 +200,17 @@ sub htmllink { #{{{
 		$bestlink=htmlpage($bestlink);
 	}
 	if (! grep { $_ eq $bestlink } values %renderedfiles) {
-		return "<a href=\"$cgiurl?do=create&page=$link&from=$page\">?</a>$link"
+		if (! $createsubpage) {
+			return "<a href=\"$config{cgiurl}?do=create&page=$link&from=$page\">?</a>$link"
+		}
+		else {
+			return "<a href=\"$config{cgiurl}?do=create&page=$page/$link\">?</a>$link"
+		}
 	}
 	
 	$bestlink=File::Spec->abs2rel($bestlink, dirname($page));
 	
-	if (! $noimagelink && isinlinableimage($bestlink)) {
+	if (! $noimageinline && isinlinableimage($bestlink)) {
 		return "<img src=\"$bestlink\">";
 	}
 	return "<a href=\"$bestlink\">$link</a>";
@@ -207,7 +220,7 @@ sub linkify ($$) { #{{{
 	my $content=shift;
 	my $file=shift;
 
-	$content =~ s/$wiki_link_regexp/htmllink(pagename($file), $1)/eg;
+	$content =~ s/$config{wiki_link_regexp}/htmllink(pagename($file), $1)/eg;
 	
 	return $content;
 } #}}}
@@ -246,8 +259,7 @@ sub backlinks ($) { #{{{
 		}
 	}
 
-	# TODO sort by page name
-	return @links;
+	return sort { $a->{page} cmp $b->{page} } @links;
 } #}}}
 	
 sub parentlinks ($) { #{{{
@@ -266,14 +278,14 @@ sub parentlinks ($) { #{{{
 		}
 		$path.="../";
 	}
-	unshift @ret, { url => $path , page => $wikiname };
+	unshift @ret, { url => $path , page => $config{wikiname} };
 	return @ret;
 } #}}}
 
 sub indexlink () { #{{{
-	return "<a href=\"$url\">$wikiname</a>";
+	return "<a href=\"$config{url}\">$config{wikiname}</a>";
 } #}}}
-	
+
 sub finalize ($$) { #{{{
 	my $content=shift;
 	my $page=shift;
@@ -282,37 +294,52 @@ sub finalize ($$) { #{{{
 	$title=~s/_/ /g;
 	
 	my $template=HTML::Template->new(blind_cache => 1,
-		filename => "$templatedir/page.tmpl");
+		filename => "$config{templatedir}/page.tmpl");
 	
-	if (length $cgiurl) {
-		$template->param(editurl => "$cgiurl?do=edit&page=$page");
-		if ($svn) {
-			$template->param(recentchangesurl => "$cgiurl?do=recentchanges");
+	if (length $config{cgiurl}) {
+		$template->param(editurl => "$config{cgiurl}?do=edit&page=$page");
+		if ($config{svn}) {
+			$template->param(recentchangesurl => "$config{cgiurl}?do=recentchanges");
 		}
 	}
 
-	if (length $historyurl) {
-		my $u=$historyurl;
+	if (length $config{historyurl}) {
+		my $u=$config{historyurl};
 		$u=~s/\[\[\]\]/$pagesources{$page}/g;
 		$template->param(historyurl => $u);
 	}
 	
 	$template->param(
 		title => $title,
-		wikiname => $wikiname,
+		wikiname => $config{wikiname},
 		parentlinks => [parentlinks($page)],
 		content => $content,
 		backlinks => [backlinks($page)],
+		discussionlink => htmllink($page, "Discussion", 1, 1),
 	);
 	
 	return $template->output;
 } #}}}
 
+# Important security check. Make sure to call this before saving any files
+# to the source directory.
+sub check_overwrite ($$) { #{{{
+	my $dest=shift;
+	my $src=shift;
+	
+	if (! exists $renderedfiles{$src} && -e $dest && ! $config{rebuild}) {
+		error("$dest exists and was rendered from ".
+			join(" ",(grep { $renderedfiles{$_} eq $dest } keys
+				%renderedfiles)).
+			", not from $src before not overwriting");
+	}
+} #}}}
+		
 sub render ($) { #{{{
 	my $file=shift;
 	
 	my $type=pagetype($file);
-	my $content=readfile("$srcdir/$file");
+	my $content=readfile("$config{srcdir}/$file");
 	if ($type ne 'unknown') {
 		my $page=pagename($file);
 		
@@ -322,20 +349,22 @@ sub render ($) { #{{{
 		$content=htmlize($type, $content);
 		$content=finalize($content, $page);
 		
-		writefile("$destdir/".htmlpage($page), $content);
+		check_overwrite("$config{destdir}/".htmlpage($page), $page);
+		writefile("$config{destdir}/".htmlpage($page), $content);
 		$oldpagemtime{$page}=time;
 		$renderedfiles{$page}=htmlpage($page);
 	}
 	else {
 		$links{$file}=[];
-		writefile("$destdir/$file", $content);
+		check_overwrite("$config{destdir}/$file", $file);
+		writefile("$config{destdir}/$file", $content);
 		$oldpagemtime{$file}=time;
 		$renderedfiles{$file}=$file;
 	}
 } #}}}
 
 sub loadindex () { #{{{
-	open (IN, "$srcdir/.ikiwiki/index") || return;
+	open (IN, "$config{srcdir}/.ikiwiki/index") || return;
 	while (<IN>) {
 		$_=possibly_foolish_untaint($_);
 		chomp;
@@ -351,10 +380,10 @@ sub loadindex () { #{{{
 } #}}}
 
 sub saveindex () { #{{{
-	if (! -d "$srcdir/.ikiwiki") {
-		mkdir("$srcdir/.ikiwiki");
+	if (! -d "$config{srcdir}/.ikiwiki") {
+		mkdir("$config{srcdir}/.ikiwiki");
 	}
-	open (OUT, ">$srcdir/.ikiwiki/index") || error("cannot write to index: $!");
+	open (OUT, ">$config{srcdir}/.ikiwiki/index") || error("cannot write to index: $!");
 	foreach my $page (keys %oldpagemtime) {
 		print OUT "$oldpagemtime{$page} $pagesources{$page} $renderedfiles{$page} ".
 	        	join(" ", @{$links{$page}})."\n"
@@ -364,8 +393,8 @@ sub saveindex () { #{{{
 } #}}}
 
 sub rcs_update () { #{{{
-	if (-d "$srcdir/.svn") {
-		if (system("svn", "update", "--quiet", $srcdir) != 0) {
+	if (-d "$config{srcdir}/.svn") {
+		if (system("svn", "update", "--quiet", $config{srcdir}) != 0) {
 			warn("svn update failed\n");
 		}
 	}
@@ -374,9 +403,10 @@ sub rcs_update () { #{{{
 sub rcs_commit ($) { #{{{
 	my $message=shift;
 
-	if (-d "$srcdir/.svn") {
+	if (-d "$config{srcdir}/.svn") {
 		if (system("svn", "commit", "--quiet", "-m",
-		           possibly_foolish_untaint($message), $srcdir) != 0) {
+		           possibly_foolish_untaint($message),
+			   $config{srcdir}) != 0) {
 			warn("svn commit failed\n");
 		}
 	}
@@ -385,14 +415,14 @@ sub rcs_commit ($) { #{{{
 sub rcs_add ($) { #{{{
 	my $file=shift;
 
-	if (-d "$srcdir/.svn") {
+	if (-d "$config{srcdir}/.svn") {
 		my $parent=dirname($file);
-		while (! -d "$srcdir/$parent/.svn") {
+		while (! -d "$config{srcdir}/$parent/.svn") {
 			$file=$parent;
 			$parent=dirname($file);
 		}
 		
-		if (system("svn", "add", "--quiet", "$srcdir/$file") != 0) {
+		if (system("svn", "add", "--quiet", "$config{srcdir}/$file") != 0) {
 			warn("svn add failed\n");
 		}
 	}
@@ -405,8 +435,8 @@ sub rcs_recentchanges ($) { #{{{
 	eval q{use Date::Parse};
 	eval q{use Time::Duration};
 	
-	if (-d "$srcdir/.svn") {
-		my $info=`LANG=C svn info $srcdir`;
+	if (-d "$config{srcdir}/.svn") {
+		my $info=`LANG=C svn info $config{srcdir}`;
 		my ($svn_url)=$info=~/^URL: (.*)$/m;
 
 		# FIXME: currently assumes that the wiki is somewhere
@@ -435,7 +465,19 @@ sub rcs_recentchanges ($) { #{{{
 				$state='body';
 			}
 			elsif ($state eq 'body' && /$div/) {
-				push @ret, { rev => $rev, user => $user,
+				my $committype="web";
+				if (defined $message[0] &&
+				    $message[0]->{line}=~/^web commit by (\w+):?(.*)/) {
+					$user="$1";
+					$message[0]->{line}=$2;
+				}
+				else {
+					$committype="svn";
+				}
+				
+				push @ret, { rev => $rev,
+					user => htmllink("", $user, 1),
+					committype => $committype,
 					when => $when, message => [@message],
 					pages => [@pages] } if @pages;
 				return @ret if @ret >= $num;
@@ -470,22 +512,22 @@ sub refresh () { #{{{
 	find({
 		no_chdir => 1,
 		wanted => sub {
-			if (/$wiki_file_prune_regexp/) {
+			if (/$config{wiki_file_prune_regexp}/) {
 				$File::Find::prune=1;
 			}
 			elsif (! -d $_) {
-				my ($f)=/$wiki_file_regexp/; # untaint
+				my ($f)=/$config{wiki_file_regexp}/; # untaint
 				if (! defined $f) {
 					warn("skipping bad filename $_\n");
 				}
 				else {
-					$f=~s/^\Q$srcdir\E\/?//;
+					$f=~s/^\Q$config{srcdir}\E\/?//;
 					push @files, $f;
 					$exists{pagename($f)}=1;
 				}
 			}
 		},
-	}, $srcdir);
+	}, $config{srcdir});
 
 	my %rendered;
 
@@ -505,7 +547,7 @@ sub refresh () { #{{{
 		if (! $exists{$page}) {
 			debug("removing old page $page");
 			push @del, $renderedfiles{$page};
-			prune($destdir."/".$renderedfiles{$page});
+			prune($config{destdir}."/".$renderedfiles{$page});
 			delete $renderedfiles{$page};
 			$oldpagemtime{$page}=0;
 			delete $pagesources{$page};
@@ -517,7 +559,7 @@ sub refresh () { #{{{
 		my $page=pagename($file);
 		
 		if (! exists $oldpagemtime{$page} ||
-		    mtime("$srcdir/$file") > $oldpagemtime{$page}) {
+		    mtime("$config{srcdir}/$file") > $oldpagemtime{$page}) {
 		    	debug("rendering changed file $file");
 			render($file);
 			$rendered{$file}=1;
@@ -588,27 +630,26 @@ FILE:		foreach my $file (@files) {
 
 # Generates a C wrapper program for running ikiwiki in a specific way.
 # The wrapper may be safely made suid.
-sub gen_wrapper ($$) { #{{{
-	my ($svn, $rebuild)=@_;
-
+sub gen_wrapper () { #{{{
 	eval q{use Cwd 'abs_path'};
-	$srcdir=abs_path($srcdir);
-	$destdir=abs_path($destdir);
+	$config{srcdir}=abs_path($config{srcdir});
+	$config{destdir}=abs_path($config{destdir});
 	my $this=abs_path($0);
 	if (! -x $this) {
 		error("$this doesn't seem to be executable");
 	}
 
-	my @params=($srcdir, $templatedir, $destdir, "--wikiname=$wikiname");
-	push @params, "--verbose" if $verbose;
-	push @params, "--rebuild" if $rebuild;
-	push @params, "--nosvn" if !$svn;
-	push @params, "--cgi" if $cgi;
-	push @params, "--url=$url" if $url;
-	push @params, "--cgiurl=$cgiurl" if $cgiurl;
-	push @params, "--historyurl=$historyurl" if $historyurl;
-	push @params, "--anonok" if $anonok;
-	my $params=join(" ", @params);
+	my @params=($config{srcdir}, $config{templatedir}, $config{destdir},
+		"--wikiname=$config{wikiname}");
+	push @params, "--verbose" if $config{verbose};
+	push @params, "--rebuild" if $config{rebuild};
+	push @params, "--nosvn" if !$config{svn};
+	push @params, "--cgi" if $config{cgi};
+	push @params, "--url=$config{url}" if length $config{url};
+	push @params, "--cgiurl=$config{cgiurl}" if length $config{cgiurl};
+	push @params, "--historyurl=$config{historyurl}" if length $config{historyurl};
+	push @params, "--anonok" if $config{anonok};
+	my $params=join(" ", map { "\'$_\'" } @params);
 	my $call='';
 	foreach my $p ($this, $this, @params) {
 		$call.=qq{"$p", };
@@ -618,7 +659,7 @@ sub gen_wrapper ($$) { #{{{
 	my @envsave;
 	push @envsave, qw{REMOTE_ADDR QUERY_STRING REQUEST_METHOD REQUEST_URI
 	               CONTENT_TYPE CONTENT_LENGTH GATEWAY_INTERFACE
-		       HTTP_COOKIE} if $cgi;
+		       HTTP_COOKIE} if $config{cgi};
 	my $envsave="";
 	foreach my $var (@envsave) {
 		$envsave.=<<"EOF"
@@ -672,11 +713,12 @@ sub misctemplate ($$) { #{{{
 	my $pagebody=shift;
 	
 	my $template=HTML::Template->new(
-		filename => "$templatedir/misc.tmpl");
+		filename => "$config{templatedir}/misc.tmpl"
+	);
 	$template->param(
 		title => $title,
 		indexlink => indexlink(),
-		wikiname => $wikiname,
+		wikiname => $config{wikiname},
 		pagebody => $pagebody,
 	);
 	return $template->output;
@@ -686,28 +728,57 @@ sub cgi_recentchanges ($) { #{{{
 	my $q=shift;
 	
 	my $template=HTML::Template->new(
-		filename => "$templatedir/recentchanges.tmpl");
+		filename => "$config{templatedir}/recentchanges.tmpl"
+	);
 	$template->param(
 		title => "RecentChanges",
 		indexlink => indexlink(),
-		wikiname => $wikiname,
+		wikiname => $config{wikiname},
 		changelog => [rcs_recentchanges(100)],
 	);
 	print $q->header, $template->output;
 } #}}}
 
+sub userinfo_get ($$) { #{{{
+	my $user=shift;
+	my $field=shift;
+
+	eval q{use Storable};
+	my $userdata=eval{ Storable::lock_retrieve("$config{srcdir}/.ikiwiki/userdb") };
+	if (! defined $userdata || ! ref $userdata || 
+	    ! exists $userdata->{$user} || ! ref $userdata->{$user}) {
+		return "";
+	}
+	return $userdata->{$user}->{$field};
+} #}}}
+
+sub userinfo_set ($$) { #{{{
+	my $user=shift;
+	my $info=shift;
+	
+	eval q{use Storable};
+	my $userdata=eval{ Storable::lock_retrieve("$config{srcdir}/.ikiwiki/userdb") };
+	if (! defined $userdata || ! ref $userdata) {
+		$userdata={};
+	}
+	$userdata->{$user}=$info;
+	my $oldmask=umask(077);
+	my $ret=Storable::lock_store($userdata, "$config{srcdir}/.ikiwiki/userdb");
+	umask($oldmask);
+	return $ret;
+} #}}}
+
 sub cgi_signin ($$) { #{{{
 	my $q=shift;
 	my $session=shift;
 
 	eval q{use CGI::FormBuilder};
 	my $form = CGI::FormBuilder->new(
-		title => "$wikiname signin",
-		fields => [qw(do page name password confirm_password email)],
+		title => "$config{wikiname} signin",
+		fields => [qw(do page from name password confirm_password email)],
 		header => 1,
 		method => 'POST',
 		validate => {
-			name => '/^\w+$/',
 			confirm_password => {
 				perl => q{eq $form->field("password")},
 			},
@@ -718,18 +789,17 @@ sub cgi_signin ($$) { #{{{
 		params => $q,
 		action => $q->request_uri,
 		header => 0,
-		template => (-e "$templatedir/signin.tmpl" ? "$templatedir/signin.tmpl" : "")
+		template => (-e "$config{templatedir}/signin.tmpl" ?
+		              "$config{templatedir}/signin.tmpl" : "")
 	);
 	
 	$form->field(name => "name", required => 0);
 	$form->field(name => "do", type => "hidden");
 	$form->field(name => "page", type => "hidden");
+	$form->field(name => "from", type => "hidden");
 	$form->field(name => "password", type => "password", required => 0);
 	$form->field(name => "confirm_password", type => "password", required => 0);
 	$form->field(name => "email", required => 0);
-	if ($session->param("name")) {
-		$form->field(name => "name", value => $session->param("name"));
-	}
 	if ($q->param("do") ne "signin") {
 		$form->text("You need to log in before you can edit pages.");
 	}
@@ -745,26 +815,52 @@ sub cgi_signin ($$) { #{{{
 			$form->field(name => $opt, required => 1);
 		}
 	
-		# Validate password differently depending on how form was
-		# submitted.
+		# Validate password differently depending on how
+		# form was submitted.
 		if ($form->submitted eq 'Login') {
 			$form->field(
 				name => "password",
 				validate => sub {
-					# TODO get real user password
-					shift eq "foo";
+					length $form->field("name") &&
+					shift eq userinfo_get($form->field("name"), 'password');
 				},
 			);
+			$form->field(name => "name", validate => '/^\w+$/');
 		}
 		else {
 			$form->field(name => "password", validate => 'VALUE');
 		}
+		# And make sure the entered name exists when logging
+		# in or sending email, and does not when registering.
+		if ($form->submitted eq 'Register') {
+			$form->field(
+				name => "name",
+				validate => sub {
+					my $name=shift;
+					length $name &&
+					! userinfo_get($name, "regdate");
+				},
+			);
+		}
+		else {
+			$form->field(
+				name => "name",
+				validate => sub {
+					my $name=shift;
+					length $name &&
+					userinfo_get($name, "regdate");
+				},
+			);
+		}
 	}
 	else {
-		# Comments only shown first time.
+		# First time settings.
 		$form->field(name => "name", comment => "use FirstnameLastName");
 		$form->field(name => "confirm_password", comment => "(only needed");
 		$form->field(name => "email",            comment => "for registration)");
+		if ($session->param("name")) {
+			$form->field(name => "name", value => $session->param("name"));
+		}
 	}
 
 	if ($form->submitted && $form->validate) {
@@ -773,24 +869,55 @@ sub cgi_signin ($$) { #{{{
 			if (defined $form->field("do") && 
 			    $form->field("do") ne 'signin') {
 				print $q->redirect(
-					"$cgiurl?do=".$form->field("do").
-					"&page=".$form->field("page"));
+					"$config{cgiurl}?do=".$form->field("do").
+					"&page=".$form->field("page").
+					"&from=".$form->field("from"));;
 			}
 			else {
-				print $q->redirect($url);
+				print $q->redirect($config{url});
 			}
 		}
 		elsif ($form->submitted eq 'Register') {
-			# TODO: save registration info
-			$form->field(name => "confirm_password", type => "hidden");
-			$form->field(name => "email", type => "hidden");
-			$form->text("Registration successful. Now you can Login.");
-			print $session->header();
-			print misctemplate($form->title, $form->render(submit => ["Login"]));
+			my $user_name=$form->field('name');
+			if (userinfo_set($user_name, {
+				           'email' => $form->field('email'),
+				           'password' => $form->field('password'),
+				           'regdate' => time
+				         })) {
+				$form->field(name => "confirm_password", type => "hidden");
+				$form->field(name => "email", type => "hidden");
+				$form->text("Registration successful. Now you can Login.");
+				print $session->header();
+				print misctemplate($form->title, $form->render(submit => ["Login"]));
+			}
+			else {
+				error("Error saving registration.");
+			}
 		}
 		elsif ($form->submitted eq 'Mail Password') {
-			# TODO mail password
+			my $user_name=$form->field("name");
+			my $template=HTML::Template->new(
+				filename => "$config{templatedir}/passwordmail.tmpl"
+			);
+			$template->param(
+				user_name => $user_name,
+				user_password => userinfo_get($user_name, "password"),
+				wikiurl => $config{url},
+				wikiname => $config{wikiname},
+				REMOTE_ADDR => $ENV{REMOTE_ADDR},
+			);
+			
+			eval q{use Mail::Sendmail};
+			my ($fromhost) = $config{cgiurl} =~ m!/([^/]+)!;
+			sendmail(
+				To => userinfo_get($user_name, "email"),
+				From => "$config{wikiname} admin <".(getpwuid($>))[0]."@".$fromhost.">",
+				Subject => "$config{wikiname} information",
+				Message => $template->output,
+			) or error("Failed to send mail");
+			
 			$form->text("Your password has been emailed to you.");
+			$form->field(name => "name", required => 0);
 			print $session->header();
 			print misctemplate($form->title, $form->render(submit => ["Login", "Register", "Mail Password"]));
 		}
@@ -810,18 +937,20 @@ sub cgi_editpage ($$) { #{{{
 		fields => [qw(do from page content comments)],
 		header => 1,
 		method => 'POST',
-		validate => {},
-		required => [qw{}],
+		validate => {
+			content => '/.+/',
+		},
+		required => [qw{content}],
 		javascript => 0,
 		params => $q,
 		action => $q->request_uri,
 		table => 0,
-		template => "$templatedir/editpage.tmpl"
+		template => "$config{templatedir}/editpage.tmpl"
 	);
 	
-	my ($page)=$form->param('page')=~/$wiki_file_regexp/;
+	my ($page)=$form->param('page')=~/$config{wiki_file_regexp}/;
 	if (! defined $page || ! length $page || $page ne $q->param('page') ||
-	    $page=~/$wiki_file_prune_regexp/ || $page=~/^\//) {
+	    $page=~/$config{wiki_file_prune_regexp}/ || $page=~/^\//) {
 		error("bad page name");
 	}
 	$page=lc($page);
@@ -833,20 +962,24 @@ sub cgi_editpage ($$) { #{{{
 	$form->field(name => "content", type => "textarea", rows => 20,
 		cols => 80);
 	
+	if ($form->submitted eq "Cancel") {
+		print $q->redirect("$config{url}/".htmlpage($page));
+		return;
+	}
 	if (! $form->submitted || ! $form->validate) {
 		if ($form->field("do") eq "create") {
 			if (exists $pagesources{lc($page)}) {
 				# hmm, someone else made the page in the
 				# meantime?
-				print $q->redirect("$url/".htmlpage($page));
+				print $q->redirect("$config{url}/".htmlpage($page));
 				return;
 			}
 			
 			my @page_locs;
-			my ($from)=$form->param('from')=~/$wiki_file_regexp/;
+			my ($from)=$form->param('from')=~/$config{wiki_file_regexp}/;
 			if (! defined $from || ! length $from ||
 			    $from ne $form->param('from') ||
-			    $from=~/$wiki_file_prune_regexp/ || $from=~/^\//) {
+			    $from=~/$config{wiki_file_prune_regexp}/ || $from=~/^\//) {
 				@page_locs=$page;
 			}
 			else {
@@ -868,7 +1001,7 @@ sub cgi_editpage ($$) { #{{{
 		elsif ($form->field("do") eq "edit") {
 			my $content="";
 			if (exists $pagesources{lc($page)}) {
-				$content=readfile("$srcdir/$pagesources{lc($page)}");
+				$content=readfile("$config{srcdir}/$pagesources{lc($page)}");
 				$content=~s/\n/\r\n/g;
 			}
 			$form->tmpl_param("page_select", 0);
@@ -878,13 +1011,13 @@ sub cgi_editpage ($$) { #{{{
 			$form->title("editing $page");
 		}
 		
-		$form->tmpl_param("can_commit", $svn);
+		$form->tmpl_param("can_commit", $config{svn});
 		$form->tmpl_param("indexlink", indexlink());
-		print $form->render(submit => ["Save Page"]);
+		print $form->render(submit => ["Save Page", "Cancel"]);
 	}
 	else {
 		# save page
-		my $file=$page.$default_pagetype;
+		my $file=$page.$config{default_pageext};
 		my $newfile=1;
 		if (exists $pagesources{lc($page)}) {
 			$file=$pagesources{lc($page)};
@@ -894,7 +1027,7 @@ sub cgi_editpage ($$) { #{{{
 		my $content=$form->field('content');
 		$content=~s/\r\n/\n/g;
 		$content=~s/\r/\n/g;
-		writefile("$srcdir/$file", $content);
+		writefile("$config{srcdir}/$file", $content);
 		
 		my $message="web commit ";
 		if ($session->param("name")) {
@@ -903,11 +1036,12 @@ sub cgi_editpage ($$) { #{{{
 		else {
 			$message.="from $ENV{REMOTE_ADDR}";
 		}
-		if (length $form->field('comments')) {
+		if (defined $form->field('comments') &&
+		    length $form->field('comments')) {
 			$message.=": ".$form->field('comments');
 		}
 		
-		if ($svn) {
+		if ($config{svn}) {
 			if ($newfile) {
 				rcs_add($file);
 			}
@@ -919,7 +1053,9 @@ sub cgi_editpage ($$) { #{{{
 			refresh();
 		}
 		
-		print $q->redirect("$url/".htmlpage($page));
+		# The trailing question mark tries to avoid broken
+		# caches and get the most recent version of the page.
+		print $q->redirect("$config{url}/".htmlpage($page)."?updated");
 	}
 } #}}}
 
@@ -941,12 +1077,22 @@ sub cgi () { #{{{
 	}
 	
 	CGI::Session->name("ikiwiki_session");
-	my $session = CGI::Session->new(undef, $q,
-		{ Directory=> "$srcdir/.ikiwiki/sessions" });
+
+	my $oldmask=umask(077);
+	my $session = CGI::Session->new("driver:db_file", $q,
+		{ FileName => "$config{srcdir}/.ikiwiki/sessions.db" });
+	umask($oldmask);
 	
 	# Everything below this point needs the user to be signed in.
-	if ((! $anonok && ! defined $session->param("name")) || $do eq 'signin') {
+	if ((! $config{anonok} && ! defined $session->param("name") ||
+		! userinfo_get($session->param("name"), "regdate")) || $do eq 'signin') {
 		cgi_signin($q, $session);
+	
+		# Force session flush with safe umask.
+		my $oldmask=umask(077);
+		$session->flush;
+		umask($oldmask);
+		
 		return;
 	}
 	
@@ -959,41 +1105,42 @@ sub cgi () { #{{{
 } #}}}
 
 # main {{{
-my $rebuild=0;
-my $wrapper=0;
 if (grep /^-/, @ARGV) {
 	eval {use Getopt::Long};
 	GetOptions(
-		"wikiname=s" => \$wikiname,
-		"verbose|v" => \$verbose,
-		"rebuild" => \$rebuild,
-		"wrapper" => \$wrapper,
-		"svn!" => \$svn,
-		"anonok!" => \$anonok,
-		"cgi" => \$cgi,
-		"url=s" => \$url,
-		"cgiurl=s" => \$cgiurl,
-		"historyurl=s" => \$historyurl,
+		"wikiname=s" => \$config{wikiname},
+		"verbose|v!" => \$config{verbose},
+		"rebuild!" => \$config{rebuild},
+		"wrapper!" => \$config{wrapper},
+		"svn!" => \$config{svn},
+		"anonok!" => \$config{anonok},
+		"cgi!" => \$config{cgi},
+		"url=s" => \$config{url},
+		"cgiurl=s" => \$config{cgiurl},
+		"historyurl=s" => \$config{historyurl},
+		"exclude=s@" => sub {
+			$config{wiki_file_prune_regexp}=qr/$config{wiki_file_prune_regexp}|$_[1]/;
+		},
 	) || usage();
 }
 usage() unless @ARGV == 3;
-($srcdir) = possibly_foolish_untaint(shift);
-($templatedir) = possibly_foolish_untaint(shift);
-($destdir) = possibly_foolish_untaint(shift);
+$config{srcdir} = possibly_foolish_untaint(shift);
+$config{templatedir} = possibly_foolish_untaint(shift);
+$config{destdir} = possibly_foolish_untaint(shift);
 
-if ($cgi && ! length $url) {
+if ($config{cgi} && ! length $config{url}) {
 	error("Must specify url to wiki with --url when using --cgi");
 }
 
-gen_wrapper($svn, $rebuild) if $wrapper;
+gen_wrapper() if $config{wrapper};
 memoize('pagename');
 memoize('bestlink');
-loadindex() unless $rebuild;
-if ($cgi) {
+loadindex() unless $config{rebuild};
+if ($config{cgi}) {
 	cgi();
 }
 else {
-	rcs_update() if $svn;
+	rcs_update() if $config{svn};
 	refresh();
 	saveindex();
 }