hi -
I want to create something like the "Blog This!" toolbar buttons that a lot of blogging tools have. When inspiration strikes, a simple "wiki this!" button to instantly create a new page.
First step is here, where it just creates the URL for a non-existent page, and goes there, opens the edit box.
http://wiki.pikkle.com/wikiThis.php (example) http://wiki.pikkle.com/wikiThis.php.txt (source)
basically it does this $wikiUrl = WIKIURL; $pageName = $_GET['pageName']; $targetUrl = WIKIURL . "index.php?title=$pageName&action=edit"; header("location: $targetUrl");
Of course, the new page is an orphan, but can be found from the "recent changes". But thats a little bit of a hassle.
* mediaWiki api :: inject ? Is there a way of creating a link <from> a page automagically? So the newly created pages are not Orphaned? eg something like a mediawiki api, where before jumping to this edit page my script could inject a new entry into a "whats new" or "date order" catch all grab-bag page?
* fill out the form if the "action=edit" is looking for some post fields, i could pre-fill out some stuff on the form, like categories or the URL i surfed in from... is this documented anywhere?
* editing templates I would like to also put this into the template of my wiki layout, but on opening up "MonoBook.php" it doesnt seem as obvious as i thought. googling didnt turn up any obvious answers, so would appreciate any links for template customization...
Also want to make a toolbar scriptlet out of this next...
Thanks!
/dc _______________________________________________ David "DC" Collier mobile business creator |モバイル・ビジネス・クリエーター dc@pikkle.com http://www.pikkle.com +81 (0)90-7414-6107
D_C d3ntaku@gmail.com wrote:
- mediaWiki api :: inject ?
Is there a way of creating a link <from> a page automagically? So the newly created pages are not Orphaned? eg something like a mediawiki api, where before jumping to this edit page my script could inject a new entry into a "whats new" or "date order" catch all grab-bag page?
There isn't such an API, but note that there is a [[Special:Newpages]] page which does much the same thing as you're saying you'd want to do.
- fill out the form
if the "action=edit" is looking for some post fields, i could pre-fill out some stuff on the form, like categories or the URL i surfed in from... is this documented anywhere?
Pretty much everything just goes in the page content. Category membership is just a matter of adding "[[Category:Name of the category]]" somewhere in the text (so you could pre-add it to the textarea if you want). And there's nowhere special to record where you surfed from, AFAIK, so again, just stuff it in the textarea. In order to do which, you might need to use "action=preview", I'm not sure - certainly that would be expecting a postdata field for the article content.
You might also want to look into http://pywikipediabot.sf.net - a Python-based framework for making bots to do complex stuff. Probably beyond the scope of what you need, but might help you work out what can be done how.
- editing templates
I would like to also put this into the template of my wiki layout, but on opening up "MonoBook.php" it doesnt seem as obvious as i thought. googling didnt turn up any obvious answers, so would appreciate any links for template customization...
Skin hacking is not all that easy right now. One thing that's now pretty painless is adding a [static] link to the "navigation" box - as of 1.4, you can edit an array of arrays in LocalSettings.php - searching for "currentevents" in DefaultSettings.php should turn it up. Other than that, I think trial-and-error is the best approach I can suggest.
Rowan hi -
Skin hacking is not all that easy right now. One thing that's now pretty painless is adding a [static] link to the "navigation" box - as of 1.4, you can edit an array of arrays in LocalSettings.php - searching for "currentevents" in DefaultSettings.php should turn it up. Other than that, I think trial-and-error is the best approach I can suggest.
indeed my eyes are wet from peeling back layers of the onion!
is there a way to include a form -inside- the content of a page? eg something like <nowiki> <form> ... blah
to prevent the wiki engine interpreting the form data, or allow it to render as straight inline html? since you can use standrd html table markup.. or was this an exception?
tx,
/dc
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
D_C wrote: | is there a way to include a form -inside- the content of a page? eg | something like | <nowiki> | <form> ... blah | | to prevent the wiki engine interpreting the form data, or allow it to | render as straight inline html? since you can use standrd html table | markup.. or was this an exception?
Only certain limited HTML is allowed directly in the wiki text (and it's all combed over for non-explosiveness).
You can embed raw HTML such as forms in <html>...</html> sections by enabling $wgRawHtml, but DO NOT DO THIS ON A PUBLICALLY EDITABLE WIKI! Arbitrary HTML can be used to do all sorts of scurillious things such as embed JavaScript to hijack users' wiki accounts and exploit unpatched browser vulnerabilities to potentially hijack the user's client computer. This is a wiki-wide option, so anyone who can edit must be trusted.
- -- brion vibber (brion @ pobox.com)
It might be nice to be able to allow raw HTML on protected pages....
James
At 06:13 PM 1/26/05, Brion Vibber wrote:
---snip--- Only certain limited HTML is allowed directly in the wiki text (and it's all combed over for non-explosiveness).
You can embed raw HTML such as forms in <html>...</html> sections by enabling $wgRawHtml, but DO NOT DO THIS ON A PUBLICALLY EDITABLE WIKI! Arbitrary HTML can be used to do all sorts of scurillious things such as embed JavaScript to hijack users' wiki accounts and exploit unpatched browser vulnerabilities to potentially hijack the user's client computer. This is a wiki-wide option, so anyone who can edit must be trusted.
- -- brion vibber (brion @ pobox.com)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
=James Birkholz= wrote: | It might be nice to be able to allow raw HTML on protected pages....
This idea has been kicked around before. Here are just a couple of the potential pitfalls which have prevented it so far:
* Page protection is used for other purposes, and does not necessarily mean that the current content is trusted or approved. If an admin protects a page to stop fighting or vandalism and doesn't notice the <html> trap left on it by a malicious user, *BOOM*
(A related example is the protected log pages in 1.3.x, where text submitted by non-admin users will be rendered as wiki text in a protected page context.)
* Protected pages may use non-protected templates. If the non-protected template gets an <html> bit added to it, *BOOM*
- -- brion vibber (brion @ pobox.com)
=James Birkholz= wrote: | It might be nice to be able to allow raw HTML on protected pages....
This idea has been kicked around before. Here are just a couple of the potential pitfalls which have prevented it so far:
how about if pages could use an <include> type function, that only includes from the file system the server is on?
Then a developer could create for example a searchbox form, or a JS clock, as a template item. They have the rights to upload that document to the webserver. Other people who want to can use it... include it in their pages.
This would allow much richer arbitrary components to be built by the lead developers and reused by others... I could see a rich library of "wikiboxes" being created and shared (a little like the Lazslo Blogboxes project).
Of course, then it would be nice to pass parameters etc, and the solution gets more complex... Is there already a plug-in api for mediawiki? i did some googlilng but couldnt find anything useful. But I am not really describing PHP plugins, just simple inline blobs to put into the HTML / include in the edit area - so anyone can quickly use.
/dc
_______________________________________________ David "DC" Collier mobile business creator |モバイル・ビジネス・クリエーター dc@pikkle.com http://www.pikkle.com +81 (0)90-7414-6107
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
D_C wrote: | how about if pages could use an <include> type function, that only | includes from the file system the server is on?
http://meta.wikimedia.org/wiki/Write_your_own_MediaWiki_extension
Be aware that directory-traversal attacks on file poorly secured file inclusion systems are _very_ common, and can be used to pull database passwords, user lists, and other sensitive information from a filesystem. Be careful to validate the filenames properly.
- -- brion vibber (brion @ pobox.com)
It would be nice if there were an alternate to protecting a page ("lock" a page?) used for pages that will never be public-edited, that could be set to allow raw HTML. And then add some way to deal with the templates issue...
At 07:25 PM 1/26/05, Brion Vibber wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
=James Birkholz= wrote: | It might be nice to be able to allow raw HTML on protected pages....
This idea has been kicked around before. Here are just a couple of the potential pitfalls which have prevented it so far:
- Page protection is used for other purposes, and does not necessarily
mean that the current content is trusted or approved. If an admin protects a page to stop fighting or vandalism and doesn't notice the trap left on it by a malicious user, *BOOM* (A related example is the protected log pages in 1.3.x, where text submitted by non-admin users will be rendered as wiki text in a protected page context.) * Protected pages may use non-protected templates. If the non-protected template gets an bit added to it, *BOOM* - -- brion vibber (brion @ pobox.com) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB+F9DwRnhpk1wk44RAiJVAKCRSjbfumxtJogqGJVfaaaaPocHmQCg1Mbn e2gVkPTpQpNdkk4nU8puCwc= =43T1 -----END PGP SIGNATURE----- _______________________________________________ MediaWiki-l mailing list MediaWiki-l@Wikimedia.org http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
James Birkholz admin, Posen-L mailing list and website http://www.Posen-L.com
On Fri, 28 Jan 2005 19:55:00 -0600, =James Birkholz= j.birchwood@verizon.net wrote:
It would be nice if there were an alternate to protecting a page ("lock" a page?) used for pages that will never be public-edited, that could be set to allow raw HTML. And then add some way to deal with the templates issue...
It's actually very easy to take predefined HTML and paste into an arbitrary page (assuming you have developer access). You write a plugin in PHP to paste that HTML. (Just make sure that scripts are in seperate files and not inline. There have been problems with that.) See http://meta.wikimedia.org/wiki/Write_your_own_MediaWiki_extension
Just make sure that if you take any input that it is appropriately filtered.
-- Jamie ------------------------------------------------------------------- http://endeavour.zapto.org/astro73/ Thank you to JosephM for inviting me to Gmail!
mediawiki-l@lists.wikimedia.org