(originally sent to the pmwiki-users mailing list.) I've recently gotten back to blogging on WordPress, after a gap of about 4 years where I exclusively used PmWiki for my web editing. WP has some great features, but I hate both visual editor (almost any visual editor in any application) and the HTML editor. For one, the HTML is re-processed silently Second, entering HTML is a damn'd nuisance. Third, I'm much more used to PmWiki markup at this point.
So, I built a simple WordPress plugin to callout to PmWiki as a markup service, using the below code. Basically, the plugin checks for text enclosed by a set of tags, passes that to the markup service, which them provides HTML back to WordPress. Despite the AuthUser and HandleAuth the markup service works on a lower level of authorization, and should any attempts at using an (:include AuthAccess.Only:) nothing is served up Other than the simplicity and lack of nuance below (what few params currently exist are hard-coded), is this a bad idea? Is there any major security hole that I'm opening up in PmWiki by doing this? Since only text is returned, any default or themed css is not available, nor is any JavaScript that would have been added by cookbook recipes (On a side note, the number of recipes I use that don't make use of Unobtrusive JavaScript is annoying. I see a bunch of patching in my future) Is there any way to obtain arbitrary JavaScript that extension attempt to add to the page? (other than inline JS applied to markup) ? I like being able to do markup in a consistent manner across the two platforms I use. Although the loss of plugin and extension functionality on either side is disappointing. <?php if(!defined('PmWiki'))exit; ## custom action for markup service ## 2012.05.30 ## Michael J. Paulukonis ## http://www.xradiograph.com ## ## http://www.pmwiki.org/wiki/PmWiki/CustomActions $HandleActions['wikimarkup'] = 'MarkupService'; # if url contains action=myaction call HandleMyAction timely ## since this is an external call, how to handle authentication? ## can we pass it in via the params??? $AuthUser['wikimarkup'] = crypt('wikimarkup'); $HandleAuth['wikimarkup'] = 'admin'; # authorization level $auth for HandleMyAction function MarkupService($pagename, $auth) { # parameters (signature) of handler function required by PMWiki $wikitext = stripslashes($_GET['wikitext']); $pagename = 'WordPress.Post'; // just a place-holder, evaluate MarkupServiceOptions(); $markup = MarkupToHTML($pagename, $wikitext); header('Content-type: text/html'); echo $markup; } ## eventually, we should be expose these options w/in WordPress ## a mechanism to SetOnce, instead of always passing, might be good ## OTOH, always-passing means individual sections can have different markup function MarkupServiceOptions() { global $LinkWikiWords, $SpaceWikiWords, $EnableUrlApprovalRequired; $LinkWikiWords = 0; ## disable $SpaceWikiWords = 0; ## turn off WikiWord spacing $EnableUrlApprovalRequired = 0; } -Michael Paulukonis http://www.xradiograph.com <http://goog_2112721603>Interference Patterns (a blog)<http://www.xradiograph.com%5Cinterference> http://michaelpaulukonis.com <http://www.BestAndroidResources.com> Sent from somewhere in the Cloud (hearthrug, by the fender)
_______________________________________________ pmwiki-devel mailing list pmwiki-devel@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-devel