some preparations for 1.2.0: bump version

in DoPost():
better use same constant here as in DoEditPrefs()
2017-11-05 19:11:55 +01:00 · 2017-11-05 18:20:38 +01:00 · 2017-11-05 16:40:46 +01:00 · 2017-11-05 14:35:34 +01:00 · 2017-11-05 14:31:40 +01:00 · 2017-11-05 14:24:19 +01:00
4 changed files with 404 additions and 231 deletions
--- a/1
+++ b/1
@@ -9,6 +9,7 @@ Users which contributed patches added to versions after 1.0:
 * GunnarH
 * GyPark
 * JuanMtnezPineda
+* MarkIrons
 * MikeCastle
 * RichardP
 * Robin Rowe (rower@movieeditor.com)
--- a/22
+++ b/22
@@ -1,4 +1,26 @@

+Changes for release 1.2.0 (November 05, 2017):
+* switch DTD to HTML 4.0.1 Transitional
+* cleanup generated HTML code
+* added CSS class wikibody to include all except wikiheader and wikifooter
+  suggested by UngarPeter
+* fixed bug CallingKeepFileName
+  with suggestion from JuanMtnezPineda
+* show IP address instead of faked DNS entry on RecentChanges
+* add EditHash
+
+Changes for release 1.1.0 (October 31, 2017):
+* enable warnings (perl -w)
+* fix warnings
+* enable taint mode (perl -T)
+* fixes for taint mode
+  based on work by MarkIrons
+* fixed bug UnusedVariableDeclaration
+  fix contributed by JuanMtnezPineda
+* fixed bug PwlistArray
+  fix contributed by JuanMtnezPineda
+* remove unused variables
+
 Changes for bugfix release 1.0.6 (November 05, 2016):

 * fixed bug CookieIgnored
--- a/13
+++ b/13
@@ -1,5 +1,5 @@
-# == Configuration =======================================================
-# Original version from UseModWiki 1.0.6
+# == Configuration =====================================================
+# Original version from UseModWiki 1.2.0

 $CookieName  = "Wiki";          # Name for this wiki (for multi-wiki sites)
 $SiteName    = "Wiki";          # Name of site (used for titles)
@@ -11,7 +11,7 @@ $ScriptTZ    = "";              # Local time zone ("" means do not print)
 $RcDefault   = 30;              # Default number of RecentChanges days
@RcDays      = qw(1 3 7 30 90); # Days for links on RecentChanges
 $KeepDays    = 14;              # Days to keep old revisions
-$SiteBase    = "";              # Full URL for <BASE> header
+$SiteBase    = "";              # Full URL for <base> header
 $FullUrl     = "";              # Set if the auto-detected URL is wrong
 $RedirType   = 1;               # 1 = CGI.pm, 2 = script, 3 = no redirect
 $AdminPass   = "";              # Set to non-blank to enable password(s)
@@ -38,17 +38,19 @@ $DiffColor2  = '#cfffcf';       # Background color of new/added text
 $FavIcon     = '';              # URL of bookmark/favorites icon, or ''
 $RssDays     = 7;               # Default number of days in RSS feed
 $UserHeader  = '';              # Optional HTML header additional content
-$UserBody    = '';              # Optional <BODY> tag additional content
+$UserBody    = '';              # Optional <body> tag additional content
 $StartUID    = 1001;            # Starting number for user IDs
 $UploadDir   = '';              # Full path (like /foo/www/uploads) for files
 $UploadUrl   = '';              # Full URL (like http://foo.com/uploads)
@ImageSites  = qw();            # Url prefixes of good image sites: ()=all
+$Salt        = 'pepper';        # Salt for generating an EditHash,
+                                # please choose something other here!

 # Major options:
 $UseSubpage  = 1;           # 1 = use subpages,       0 = do not use subpages
 $UseCache    = 0;           # 1 = cache HTML pages,   0 = generate every page
 $EditAllowed = 1;           # 1 = editing allowed,    0 = read-only
-$RawHtml     = 0;           # 1 = allow <HTML> tag,   0 = no raw HTML in pages
+$RawHtml     = 0;           # 1 = allow <html> tag,   0 = no raw HTML in pages
 $HtmlTags    = 0;           # 1 = "unsafe" HTML tags, 0 = only minimal tags
 $UseDiff     = 1;           # 1 = use diff features,  0 = do not use diff
 $FreeLinks   = 1;           # 1 = use [[word]] links, 0 = LinkPattern only
@@ -63,6 +65,7 @@ $ReplaceFile = 'ReplaceFile';   # 0 = disable, 'PageName' = indicator tag
 $TableSyntax = 1;           # 1 = wiki syntax tables, 0 = no table syntax
 $NewFS       = 0;           # 1 = new multibyte $FS,  0 = old $FS
 $UseUpload   = 0;           # 1 = allow uploads,      0 = no uploads
+$UseEditHash = 0;           # 1 = use EditHash,       0 = no EditHash

 # Minor options:
 $LogoLeft     = 0;      # 1 = logo on left,       0 = logo on right
--- a/wiki.pl
+++ b/wiki.pl
Author	SHA1	Message	Date
Markus Lude	2ad2e04c33	some preparations for 1.2.0: bump version	2017-11-05 19:11:55 +01:00
Markus Lude	380be5160c	in DoPost(): better use same constant here as in DoEditPrefs()	2017-11-05 18:20:38 +01:00
Markus Lude	ee1e6b9b65	use variable without ""	2017-11-05 16:40:46 +01:00
Markus Lude	b1a6c615cf	in InitCookie(): use return value of LoadUserData()	2017-11-05 14:35:34 +01:00
Markus Lude	182fbdd079	in DoLogin(): use return value of LoadUserData()	2017-11-05 14:31:40 +01:00
Markus Lude	d00245b234	in LoadUserData(): add check if uid is too small return 1 if loading was successful, 0 otherwize	2017-11-05 14:24:19 +01:00
Markus Lude	ba3686996f	in InitCookie(): add parameter uid use parameter uid for check and call of LoadUserData()	2017-11-05 12:39:23 +01:00
Markus Lude	eda0a5ee5a	in LoadUserData(): add parameter uid use parameter uid instead of global variable UserID	2017-11-05 12:29:13 +01:00
Markus Lude	026a769e0a	in GetHtmlHeader(): replace "/" with ", " in keywords for subpages	2017-11-05 12:16:47 +01:00
Markus Lude	070ff2c704	use three-argument form of open	2017-11-02 23:56:08 +01:00
Markus Lude	8e3f7824eb	no space between function name and left bracket	2017-11-02 23:51:13 +01:00
Markus Lude	d71a118d19	add EditHash	2017-11-02 23:46:12 +01:00
Markus Lude	f14d05103c	in GetRemoteHost(): show IP address instead of faked DNS entry on RecentChanges RecentChanges showed host names which dont make sense like localhost or all IP addresses in a netblock resolve to the same host name. The real IP address is lost then (apart from web server logs) check if REMOTE_ADDR address resolves to a host name resolve that host name to an IP address if both ip addresses are the same, then host name is ok to use	2017-11-02 23:40:06 +01:00
Markus Lude	3aa96dd404	fix WikiBugs/CallingKeepFileName reported by JuanmaMP	2017-11-02 23:36:57 +01:00
Markus Lude	44e500ae44	in KeepFileName(): add parameter name use $name instead of $OpenPageName add parameter (= $OpenPageName) to all calls of KeepFileName()	2017-11-02 23:33:34 +01:00
Markus Lude	70488b0c98	added CSS class wikibody to include all except wikiheader and wikifooter suggested by UngarPeter on ProposalFor1.1	2017-11-02 23:30:33 +01:00
Markus Lude	2950d9a81c	re-order entries first action, then method	2017-11-02 23:24:49 +01:00
Markus Lude	de4e395c6c	move favicon related markup	2017-11-02 23:20:14 +01:00
Markus Lude	2883da1bf9	fix markup: close <dd> tags	2017-11-02 23:18:59 +01:00
Markus Lude	c99cad8cc9	fix markup: close <dt> tags	2017-11-02 23:10:41 +01:00
Markus Lude	08687dd8d8	cleanup generated HTML code use "" around class values add value to noshade	2017-11-02 23:08:32 +01:00
Markus Lude	418b667f28	add \n after closing div tag	2017-11-02 22:29:25 +01:00
Markus Lude	f94bebe31e	removed self closing from tag (<.../>), xml style but we use html	2017-11-02 22:26:16 +01:00
Markus Lude	3a46d68d6f	combine splitted /pre tags	2017-11-02 22:23:01 +01:00
Markus Lude	f6c8f13015	use lowercase html tags and attributs	2017-11-02 22:22:23 +01:00
Markus Lude	2214a8175a	switch DTD to HTML 4.0.1 Transitional	2017-11-02 22:00:16 +01:00
Markus Lude	b11337d2d6	some preparations for 1.1.0: bump version	2017-10-31 20:58:50 +01:00
Markus Lude	501a7e36f4	remove unused variables	2017-10-31 16:57:38 +01:00
Markus Lude	9474e6789a	fix warning: wiki.pl: Use of uninitialized value within %UseModWiki::SaveNumUrl in numeric gt (>) at /var/www/cgi-bin/wiki.pl line 1926. warning on normal page view, page contains BracketUrl ([http://...])	2017-10-29 19:44:14 +01:00
Markus Lude	870e1f7eed	fix WikiBugs/PwlistArray reported and fix contributed by JuanmaMP	2017-10-29 17:31:53 +01:00
Markus Lude	d3b07e925d	fix WikiBugs/UnusedVariableDeclaration reported and fix contributed by JuanmaMP	2017-10-29 16:49:23 +01:00
Markus Lude	110664adb9	fix for taint mode: wiki.pl: Insecure dependency in unlink while running with -T switch at /var/www/cgi-bin/wiki.pl line 4774. taint error on page delete in DoDeletePage(): use new variable $unsafe_id for tainted id untaint id (page name)	2017-10-29 02:16:49 +02:00
Markus Lude	e80c4cd8d5	fix for taint mode: wiki.pl: Insecure dependency in open while running with -T switch at /var/www/cgi-bin/wiki.pl line 2946. taint error on page lock/unlock in DoPageLock(): use new variable $unsafe_id for tainted id untaint id (page name)	2017-10-29 02:09:48 +02:00
Markus Lude	f4822aa6e8	in DoLogin(): use new variable $unsafe_uid for tainted user id untaint uid	2017-10-29 01:56:57 +02:00
Markus Lude	bf012db309	new function SanitizeUserID(): untaints parameter $unsafe_uid returns uid or 111 in error case (UserID 111 means invalid UserID) in InitCookie(): use new variable $unsafe_uid for tainted user id	2017-10-29 01:55:47 +02:00
Markus Lude	a3f1349664	fix for taint mode: wiki.pl: Insecure dependency in open while running with -T switch at /var/www/cgi-bin/wiki.pl line 2935. taint error on Preferences page	2017-10-29 01:34:46 +02:00
Markus Lude	cca8fc0aa6	add CREDITS	2017-10-29 01:28:14 +02:00
Markus Lude	59aae67859	simplify SanitizePageName()	2017-10-29 01:23:14 +02:00
Markus Lude	18e2417539	new function SanitizePageName(): untaints parameter $unsafe_id returns id or "" in error case in DoPost(): use new variable $unsafe_id for tainted id	2017-10-29 01:21:02 +02:00
Markus Lude	d4ba6323a3	fix for taint mode: wiki.pl: Insecure dependency in open while running with -T switch at /var/www/cgi-bin/wiki.pl line 2927. taint error on save on page edit	2017-10-29 01:08:39 +02:00
Markus Lude	15412f6695	enable taint mode (perl -T)	2017-10-29 01:02:35 +02:00
Markus Lude	b175a5b4e5	fix warning: wiki.pl: Use of uninitialized value $UseModWiki::ConfigError in string ne at /var/www/cgi-bin/wiki.pl line 1471. warning if no config file present	2017-10-29 00:37:44 +02:00
Markus Lude	0cf89ae446	in WikiToHTML(): initialize global variable $TableOfContents if not initialized yet	2017-10-29 00:33:34 +02:00
Markus Lude	0568007328	in GetHistoryLine(): initialize variable $html	2017-10-29 00:31:14 +02:00
Markus Lude	d40a1b150f	fix warnings: wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1392. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1116. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1116. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1123. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1123. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1116. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1116. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1116. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in string at ./wiki.pl line 1501. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1123. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1123. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1116. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1123. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1116. wiki.pl: Use of uninitialized value $UseModWiki::ScriptName in concatenation (.) or string at ./wiki.pl line 1116.	2017-10-29 00:27:53 +02:00
Markus Lude	7f1c918633	fix warning: wiki.pl: Use of uninitialized value $ENV{"SCRIPT_NAME"} in string at ./wiki.pl line 414.	2017-10-29 00:26:09 +02:00
Markus Lude	da5eaed40e	fix warnings: wiki.pl: Use of uninitialized value $description in concatenation (.) or string at /var/www/cgi-bin/wiki.pl line 967. wiki.pl: Use of uninitialized value $authorLink in concatenation (.) or string at /var/www/cgi-bin/wiki.pl line 967. warnings on RSS page	2017-10-29 00:14:22 +02:00
Markus Lude	5c48d9a789	fix warnings: wiki.pl: Use of uninitialized value $UseModWiki::UserData{"password"} in join or string at /var/www/cgi-bin/wiki.pl line 3781. wiki.pl: Use of uninitialized value $UseModWiki::UserData{"stylesheet"} in join or string at /var/www/cgi-bin/wiki.pl line 3781. wiki.pl: Use of uninitialized value $UseModWiki::UserData{"adminpw"} in join or string at /var/www/cgi-bin/wiki.pl line 3781. wiki.pl: Use of uninitialized value $UseModWiki::UserData{"username"} in join or string at /var/www/cgi-bin/wiki.pl line 3781. warnings on Preferences page	2017-10-29 00:08:08 +02:00
Markus Lude	16660d99f9	fix warning: wiki.pl: Use of uninitialized value $rhost in string eq at /var/www/cgi-bin/wiki.pl line 3120. warning on page edit	2017-10-29 00:01:12 +02:00
Markus Lude	8d39add40a	fix warning: wiki.pl: Use of uninitialized value in string eq at /var/www/cgi-bin/wiki.pl line 3332. warning on page edit	2017-10-28 23:59:21 +02:00
Markus Lude	31e4f86676	fix warning: wiki.pl: Use of uninitialized value in string ne at /var/www/cgi-bin/wiki.pl line 2648. warning on page history	2017-10-28 21:18:54 +02:00
Markus Lude	a0419ff448	fix warnings: wiki.pl: Use of uninitialized value $c1 in concatenation (.) or string at /var/www/cgi-bin/wiki.pl line 1076. wiki.pl: Use of uninitialized value $c2 in concatenation (.) or string at /var/www/cgi-bin/wiki.pl line 1078. warnings on page history	2017-10-28 21:16:27 +02:00
Markus Lude	da6052adeb	fix warning: wiki.pl: Use of uninitialized value $UseModWiki::QuotedFullUrl in concatenation (.) or string at /var/www/cgi-bin/wiki.pl line 778. warning on RecentChanges page	2017-10-28 21:13:20 +02:00
Markus Lude	cc41abd92c	fix warning: wiki.pl: Use of uninitialized value $text in concatenation (.) or string at /var/www/cgi-bin/wiki.pl line 1967. warning on normal page view, page contains <toc>	2017-10-28 19:29:07 +02:00
Markus Lude	8f23adcc7a	fix warning: wiki.pl: Use of uninitialized value $extra in concatenation (.) or string at /var/www/cgi-bin/wiki.pl line 1977. warning on normal page view, page contains URL	2017-10-28 19:26:13 +02:00
Markus Lude	aff1b8387d	fix warning: wiki.pl: Use of uninitialized value $UseModWiki::UserData{"tzoffset"} in numeric ne (!=) at /var/www/cgi-bin/wiki.pl line 463. warning on normal page view	2017-10-28 19:09:18 +02:00
Markus Lude	6a64c22e12	fix warnings: wiki.pl: Use of uninitialized value $UseModWiki::UserID in substitution (s///) at /var/www/cgi-bin/wiki.pl line 450. wiki.pl: Use of uninitialized value $UseModWiki::UserID in numeric lt (<) at /var/www/cgi-bin/wiki.pl line 451. warnings on normal page view	2017-10-28 19:06:16 +02:00
Markus Lude	19ad47ff11	fix warning: wiki.pl: Use of uninitialized value $_ in string ne at /var/www/cgi-bin/wiki.pl line 5189. warning on normal page view	2017-10-28 19:03:41 +02:00
Markus Lude	9f68448d5f	fix warnings: wiki.pl: length() used on @kplist (did you mean "scalar(@kplist)"?) at /var/www/cgi-bin/wiki.pl line 2571. wiki.pl: length() used on @kplist (did you mean "scalar(@kplist)"?) at /var/www/cgi-bin/wiki.pl line 2573. wiki.pl: length() used on @kplist (did you mean "scalar(@kplist)"?) at /var/www/cgi-bin/wiki.pl line 4813. wiki.pl: length() used on @kplist (did you mean "scalar(@kplist)"?) at /var/www/cgi-bin/wiki.pl line 4815. warnings on normal page view	2017-10-28 18:57:29 +02:00
Markus Lude	59fc58fbab	enable warnings (perl -w)	2017-10-28 18:54:40 +02:00