Posted by nileshgr on March 9, 2010 at 2:10pm
Hi,
I don't think there is any clean implementation of a wiki-like format for drupal.
And yes I know about flexifilter and customfilter, both of which didn't work for me.
I am developing a module for the same and am seeking partners for the module.
A large part of it is already over, except for implementation of Lists and NoWiki things.
So any volunteers ?
Comments
I'm no developer, so I don't
I'm no developer, so I don't understand/know what exactly you need, but it might help:
Do you know the Creole project? http://www.wikicreole.org/
They created a wiki syntax:
Maybe you could use this?
nice syntax
creole syntax is nice, i am thinking of changing the parser to comply with creole.
Current format is derived from google code wikisyntax because I needed it for a project.
what do you suggest ? keep google code wikisyntax or move to creole ?
Explore Technology
Twitter profile
Facebook profile
Google profile
markup cool but...
I've just started building a Wiki for my client and pretty surprised how little is available in Drupal for this. I have started piecing things together with Custom Filter (which seems to work well); but my client is suggesting (and rightfully so) that no one in this day and age uses markup language we all use wysiwyg editors (i wish i worked with same people she works with since my work mates still insist on VI as their plain text email editor.. lol.. but i digress)...
.. so my point being that i think 2 parts to this are required.. both a defined set of Wiki markup commands implemented as a filter; but also toolbar integration of these in standard wysiwyg editors (ideally toolbars were managed by the wysiwyg module and therefore not required to be done for each js editor out there.. but doubt we have gotten to that point yet).
one other bit to add to this is that my client's site is OG based.. and therefor some amount of OG aware knowledge is required by the filters.
For Example:
i use OG, Custom Filters, Wikitools and Pathauto modules
OG - gives me communal access to a node type ("wiki"); i consider this defining rule #1 for a wiki
Wikitools gives me the ability to pre-insert links into text and when a user selects the link, if node doesn't exist, they are presented with option to create - defining wiki rule #2
all the rest is usability..
custom filter lets me add this in a page [.[.[.Title of My Page.].].] (no . just used so not filtered)
and it creates this link in my document: /wiki/title-of-my-page?gids[]=142 where 142 is the gid of current group - wikitools doesn't mind the ?gids[]=142 and std OG ensures this wiki post belongs to my group.
and pathauto setting for wiki pages of: wiki/[title-raw]-[og-id] so that i don't have issues when each group tries to make a page called "Page 2"
not sure all the bits i have missing; but i think something that creates/manges breadcrumbs is main missing piece and, of course, toolbar icons to access things like wikilinks insertion.
Peter Lindstrom
LiquidCMS - Content Solution Experts
i ain't good at js
first lets build the format parser !
also I ain't good at javascript. so don't hope from me of an addon for wysiwyg.
wysiwyg editors can be used to post content, even I was using on my site, but when it came to code highlighting, it started creating problems.
some wysiwyg seem to have some syntaxhighlighter plugins, but it supports limited languages, also js can freeze the browser if the client machine is low on CPU or RAM.
geshifilter rocks, it supports a large no. of languages for syntax highlighting and hence i switchted to bbcode and geshifilter.
I was asked to create a wiki-like site. I prefer drupal most of all the cmses out there on the web for its efficiency, modules, and support community. but something was missing- a wiki input format. it is there for D5 but not for mainstream - D6 or D7, so I am working on it.
I'd like to get some volunteers to help me out.
Explore Technology
Twitter profile
Facebook profile
Google profile
EZ 100% ajax wiki KIT
Here is a link to a zip file that will give you a VERY easy way to make wikis:
http://mynichecomputing.org/jQNNEG/betterWIKI.zip (minutes to setup an instance).
The directions are in the zip. It is for servers running PHP and otherwise
is JavaScript (with jQuery and ajax) to be really nice. VERY EASY.
Maybe someone can turn it into an official module.
Please, for my credit, just provide a link to http://mynichecomputing.org
Wow. Took less then a minute
Wow. Took less then a minute for me to find a SQL injection vulnerability. This code has nothing to do with Drupal, and I hope no one uses it and ends up exposing their site to the security issues.
would appreciate details and a fix
Re; The specific vulnerability and a fix. I hope we can be constructive.
I am a JavaScript expert, not a php or mySQL expert.
P.S. Is it really necessary to be so damned mean
I am trying to be helpful and constructive. I am also happy to learn.
I don't keep what I know secret and just throw out insults and claims, and hope others would behave likewise. You do like nice ajax and javascript, yes? And jquery is beloved by drupal people (and I used
a lot of that)
I'm not trying to keep
I'm not trying to keep secrets; however, the license of your code isn't given, which means it couldn't be integrated into Drupal. I generally don't provide code unless I know what the license is.
Some of issues I saw with the code in my 3-minute review:
1 editor at a time, true; but when in-use indicated & can view
Rather than just saying "SQL Injection" (and stuff I might well not understand),
why not just tell me the details of the fix?
No offense, but if the problem is so easy to find, why isn't the exact solution
easy for you to tell?
1 editor at a time, true; but when in-use is indicated -- waiting your turn is not
so bad and there is a facility to view and read the wiki even when it is in-use.
All my software is open source MIT.
save.php: $sql = "UPDATE wiki
save.php:
$sql = "UPDATE wiki SET contents = '" . pf_fix_slashes($_POST['value']) . "' WHERE id = " . $_POST['id'] . ";";
.I suppose you are proposing mysql_real_escape_string
I guess the pf_fix_slashes that applies slashes is not sufficient in your view. Huh?
I am guessing (though I do not know why cannot just say so, and stop being
obtuse) that mysql_real_escape_string would be a lot better.
Simply now, then show the exact specific code changes you propose and I
will make them. OK? Or would you require cash for this?
Show all so I can fix things and we can all move on.
Disclaimer: I haven't
Disclaimer: I haven't bothered examining the original code, and don't intend to; this is simply based on deviantintegral's snippet, and is offered in the spirit of helping us all become better coders.
Please see Drupal's SQL coding conventions EDIT: and Database abstraction layer.
<?php
$sql = "UPDATE wiki SET contents = '" . pf_fix_slashes($_POST['value']) . "' WHERE id = " . $_POST['id'] . ";";.
?>
MUST be something like
<?php
$sql = "UPDATE {wiki} SET contents = '%s' WHERE id = %d";
$args = array($_POST['value'], $_POST['id']);
db_query($sql, $args);
?>
or better yet
<?php
$changes = array(
'contents' => $_POST['value'],
'id' => $_POST['id'],
);
drupal_write_record('wiki', $changes, array('id'));
?>
And why are you using $_POST? Bad, bad, and really insecure. You should be using FAPI.
Aaron Winborn
Drupal Multimedia (my book, available now!)
AaronWinborn.com
Advomatic
Re: Your silly harping & pf_fix_slashes may be adequate
Just FYI. I believe there are professionals who see a function that does what
pf_fix_slashes does as adequate.
The id field is an integer field the other is protected with pf_fix_slashes.
(Perhaps, though that is not as good as mysql_real_escape_string .)
My apologies, though, I know nothing about drupal special functions like:
drupal_write_record , but much of the php/mySQL world does without them.
In any case, the very short php code involved in using this wiiki kit is so
very short that it is very, very easily fixed (if indeed it needs fixing).
If you really want a nice ajax wiki (which can optionally also accept
some html -- see directions), then make the php and sql commands
to your liking and you got something nice. This harping about the php
which is less than 5% of the code for the program (because it is a
JavaScript app) is really very silly. You (and NOT I) also know how to
make it an official module.
Heck, really, I am just trying to help so give me a break.
Not "silly harping".
Please, I'm also trying to help. No need to get hostile. Considering you're posting in a Drupal forum, I would hope you would expect folks to show the "Drupal" way to use your code. If for no other reason than I wouldn't want other folks copying code that could put their Drupal site in jeopardy if used incorrectly.
Aaron Winborn
Drupal Multimedia (my book, available now!)
AaronWinborn.com
Advomatic
I suggest if one makes a module, people do as you say
I suggest if someone makes a module, people do as you say. Still, these are very tiny problems to fix. I hope drupal people will not require I learn drupal just to try to help and make some contributions.
I updated new.php & save.php to use mysql_real_escape_string
The $_POST which needs to be "escaped" in new.php &
the $_POST which needs to be "escaped" in save.php
are now escaped via the function, mypf_fix_slashes, below.
Not a drupal function, but
using mysql_real_escape_string is a professional standard.
(NOW though, the app is for mySQL databases; before, it was more
open -- so in a way a disadvantage has been accrued. I am not
going to make the app specific to drupal, though of course you may.)
function mypf_fix_slashes($string) {
if (get_magic_quotes_gpc() == 1) {
$string = (stripslashes($string));
}
$string = mysql_real_escape_string($string);
}
I.E. I updated: http://mynichecomputing.org/jQNNEG/betterWIKI.zip
You are all likely more happy (though the slashing done by
pf_fix_slashes may have largely sufficed).
ARE you happy or do you think I must escape the integer (id) added by code
too?? Let me know.
I congratuate you for your goodwill
I congratuate you for your goodwill. Unfortunately, I won't be able to give you any feedback, since I am not a coder. But I hope other will and thank you for your work!
Hope I got by for an hr or so; had the zip screwed up & SAMPLE
Here is how things really work (contrary to code above).
This is most of new.php in the zip,
function mypf_fix_slashes($string) {
if (get_magic_quotes_gpc() == 1) {
$string = (stripslashes($string));
}
}
if(isset($_SESSION['logged']) && $_SESSION['logged'] == "yes") {
$host = "localhost";
$user = "youruser";
$password = "yourPW";
$database = "yourDbName";
//make connection
$server = mysql_connect($host, $user, $password);
$connection = mysql_select_db($database, $server);
//get POST data
//add new comment to database
$thecomment = mypf_fix_slashes($_POST["value"]);
$thecomment2 = mysql_real_escape_string($thecomment, $server);
$theid = (int)$_POST["id"];
mysql_query("INSERT INTO wiki (id, contents) VALUES( $theid ,' $thecomment2 ');", $server);
mysql_close($server);
It is similar in save.php
To see a sample wiki, where html is enable, see:
http://mynichecomputing.org/sampWIKI/
Please be nice and just observe (or change things and unchange them)
http://mynichecomputing.org/jQNNEG/betterWIKI.zip is now good.
Edit in place!
Wow! You implemented EditInPlace for Drupal, great :)
I think there is room for option in a module, for a optional save cancel button, as well as keyboard shortcut for validation (shift+enter ou ctrl+enter, maybe).
Probably not interested in Drupal at all...
Even though he has been a user for over a year it seems like he contributes only his own code that isn't necessarily related to Drupal at all and I don't think he's interested in Drupal at all.
Not to assume too much, but I'm guessing either some project depends on his MIT licensed code and there's some google hits. Or he's just searching for related topics on google and posting his own implementation.
You are half correct, but half wrong.
Your first paragraph is correct. I have not been paid to learn drupal and so rather
little about it. I do not need prefabs (except I like jQuery, though I don't need it).
I like some drupal people and like to help, though. I know drupal uses php and
jQuery and know the kind of thing that could be made-to-fit into drupal.
Your second paragraph is incorrect. My code (you know about) and money have nothing to
do with one another.
Again, I am trying to help. You have wants and desires. I try to present a start.
It is amazing how many tech people are just plain mean (to a silly extent). Maybe
that has to do with $
P.S. I updated some of the other code (apps) I contributed
I updated some of the other code (apps) I contributed as cited in the link provided by mradcliffe, see his link "his own code".
Cool
Cool.
I think it's great to see people contribute code no matter what, but it's necessary to point out issues so nobody comes along and gets their database messed with based on SQL Injection. This thread though is a bit Drupal-specific though referring to Input Formats (basically text filtering).
This is a bit out of scope of this topic, but when looking at a "wiki" in Drupal you have to break it down:
It's kind of hard to use your code in Drupal environment because it doesn't mesh well. The license issues (unfortunately, ugh, i hate the GPL) also prevent us from taking a bit of your javascript code to implement into some part of Drupal. Although it could be dual-licensed with your permission.
I am willing to license it any way you want
I thought MIT was good. But you can have it open source however. That shall not prevent you from using it.
How largely JavaScript app (with jQuery) does not mesh seems strange and I do not understand.
inline editing
In terms of javascript, Drupal has its own class, which is really useful for not duplicating code. I think it would take a lot of work modifying (making derivative work?) the code to adapt it, and someone might just start over and make it Drupal-specific. With the inline editing bit, this is more complicated because it all depends on input format. The way that content is viewed is not necessarily how it's entered. There was a big push for inline editing, but it fizzled out due to several issues (i don't remember the exact link to the discussion).
There's a couple of contrib attempts to this such as in editable_fields (more cck based) module.
P.S. I like MIT too.
jQuery is integrated into drupal javascript
Since jQuery is integrated into the JavaScript stuff "in drupal" (whatever that means), and since this is the only library I use, I cannot imagine a problem. Just a different address to the jQuery file (or something which is, in effect, accomplishes this) is all one would need to do. Rest of JS is, of course, in any browser (drupal certainly allowing all that -- and darned easily, I would imagine).
[Lots of rules, you guys seem to have, though, nonetheless.]
jQuery is dual licensed under
jQuery is dual licensed under MIT and GPLv2 - see http://drupal.org/node/88980.
Reason for rules
Drupal is an industrial-grade project, powering sites such as whitehouse.gov. To enforce the level of security and scalability that comes with it, it requires a lot of constraints. Sure, just plugging in any kind of code would be easier, but then, that would mean dozens of pieces of code doing the same thing, thousands of wheel reinvention, lack of consistency, poor scalability, software mess, bloatware and so on.
If I knew of a way to make it simpler for a developper, I would say it. I believe that Simple Test and automatic QA testing are on this way, although I never used them (I am not a developper myself). Oh, does any one know of a place where to welcome new developpers?
Yes. Much more.
I once tried to find all of the feature of a MediaWiki-like (what people usually think about when they say wiki). And I realised this work have not been written down anywhere on drupal.org.
So here is my list:
Edit in place is a nice addition to the list :)
And I would not be surprised that there is even more…
I see no EDIT link for my post "damned mean" post above
I see no EDIT link for my "... damned mean" post above (the one I am addressing). Perhaps I found a drupal
bug.
By design
You are not able to edit a thread that has replies.
Aaron Winborn
Drupal Multimedia (my book, available now!)
AaronWinborn.com
Advomatic
That would be solved by
That would be solved by having comment revisions (yay wiki :D). Or by chastising entire post editors and promoting the use of "edit:" (yay social engineering :D).
This seems to be a duplicate
This seems to be a duplicate post.
Instead of using the generic term "wiki" can you qualify what type of wiki it is? Mediawiki is not, contrary to popular opinion, the only wiki format out there (this goes for everyone in the wiki group).
Anyway, I've stopped its
Anyway, I've stopped its development because PEARWiki with WikiCreole does the job. I don't believe in reinventing the wheel, and that's the very reason I use Drupal instead of developing my own CMS.
Explore Technology
Twitter profile
Facebook profile
Google profile
I'm moving to Drupal (if I can)
Hy, I am new to Drupal. I started a wiki site for church worship resources on wikispaces.com and my friend suggested I build my own site with Drupal. Can someone point me in the right direction for BABY STEPS to setting up a Drupal Wiki site.
Here is my current wiki site. www.worshiporange.com
Please help!
help
Gabe,
Gladly. I am not an expert, but enough background/experience to act as a reference point. Write me directly at erikrdouglas at gmail dotcom if you run into problems sorting the modules out. There is not an ideal single module that does wiki per se, but you can get all the features readily enough. In fact, once you are familiar with the basic Drupal system, then ask yourself explicitly which additional features you want. Anyhow, write me for more help if it is needed.
Cheers!
Erik (Pilot)
Compared to what?
You should describe and link to what you consider the current definition of Drupal content, so we know what you are comparing against.
SimplewWiki - provides a text filter
https://www.drupal.org/project/simplewiki
Worked like a charm - took 2 mins to install and configure
Installing SimpleWiki
If you want, you can then create a wiki content type - or when you create a page, you can submit any content type as a wiki.
Handbook on Platform Cooperativism, a movement building platforms and tools owned by the people. http://bit.ly/hackitownit