#20 Editing configuration file resets enable_perl_formatter

[Anonymous]

I've set enable_perl_formatter=1 in the configuration file, but every time I go into podwiki.pl?state=editconfig it resets this variable, which is rather inconvenient.

Actually this thingy can be rather useful without affecting security. See the following example. I've created page named InitScript which included into AutoLoader entry pages:

=begin options

read = root
write = root

=end

=begin perl

use PodWiki::Auth;
use PodWiki::Runner;
my $user=(fetch_session())[0];
my $cgi=CGI::new;
my $state=$cgi->param("state");
if($state eq "register") {
print <<EOF;
<html>
<body>
<p>To register please contact server administrator: <a href="mailto:admin\@example.com">admin\@example.com</a>.</p>
<p><a href="$PodWiki::Runner::me">Back to Wiki</a></p>
</body>
</html>
EOF
exit;
}
if((!$user and $state ne "login" and $state ne "check_login") or $state eq "logout") {
my $redir="$PodWiki::Runner::me?state=login";
print <<EOF;
<meta http-equiv="refresh" content="0;url=$redir">
EOF
exit;
}
undef $PodWiki::Runner::config->{enable_perl_formatter};

=end

This disables viewing any pages without login and also disables free registration. Last line resets enable_perl_formatter, so nobody else can use it after this script.