Issues I've found using Wikka Wiki
I recently setup a Wikka Wiki and here are some of the bumps that I've hit with the Wikka Wiki system are:
- Can't copy/paste the embed code for YouTube videos? Seems to strip out the object and embed tags :( I generally don't like how it fucks with the html you post in it but I can see the danger in allowing any html. I would have thought a black list of tags would be easy to maintain as HTML is a finite vocabulary?
- Don't know how on can link to a Category while not being listed in that Category? Seems a fundamental issue to me :-/
- The {{file}} upload thing is a bit cluncky but maybe I'm not used to it. I'm more along the lines of attaching files. Also, its not clear how to make file uploads available to all registered users? Is there a permissions admin for actions I'm not seeing?
- Would be nice of you could highlight some text and when you click the HTML or code embed button it wrapped the text you highlighted instead of just putting the inserted code at the beginning, like Wordpress.
Otherwise I'm impressed with its simplicity and ease of use.
Ask the community mailing list :)
Hi,
We don't have a forum at the moment; we do nicely without. :)
Check out our mailing lists, documentation wiki and issue tracker; available from http://wikkawiki.org/
To answer your questions in short;
Object and Embed tags are a bit dangerous in terms of security. The solution is to use WikkaWiki's plugins. There are a few available at http://wikkawiki.org/CodeContributions - just paste the action code into "plugins/actions" in a file named the same as the action ( youtube.php for the youtube action). There probably will be an included action for video embedding "soon".
Linking to categories; yes, that would be nice :)
The files action is in actions/files.php - have a look in it for file sizes and other configuration. Letting all users add files could prove harmful, especially if the wiki is available outside an intranet and you allow registration. There is a new version with an "intranet option" on it's way, but it is currently in a "review" state - we need to be very sure about it due to security reasons :)
If you don't feel comfortable "hacking" the files.php into shape yourself, send me a mail and I'll see if I can suggest changes that will allow your users to upload files.
The highlight / wrapping the text; I'll look into it. Please suggest it at http://wush.net/trac/wikka/newticket?type=enhancement&component=unspecified&severity=normal and I'll let you know when it is looked at :)
Yours, Tormod.
Hi Tormod, Thanks for
Hi Tormod,
Thanks for responding to my questions! Forums are handy arn't they ;)
Whats the problem with Object and Embed tags? If we don't like it then we can just revert to a previous state, which seems the central idea behind the wiki, no? Restricting basic HTML stuff (without any admin options around this) is not really the philosophy I would have thought a Wiki would take? Whats the worse that could happen? Installing a plugin for each external video service seems a bit bulky doesn't it?
With the file uploads I didn't see this: "since 1.2: Admins can set the INTRANET_MODE option in files/files.php to allow uploads by non-admin users." (http://docs.wikkawiki.org/AttachmentInfo). I'll give it a try. I can see this as potentially more dangerous but not iff there is a white list for file extentions.
I guess its not that I mind hacking the files.php file, its just that I don't have to the time, also what then happens with upgrades? Doesn't seem like a good stratergy :-(
thanks again for your help
alex
p.s. I prefer forums because I don't like to have my mail box clogged with lots of email on subjects I'm not really that interested in. They are good for developers but not support. I just want a Wiki not a commitment to the project. Also threads are easier to read and more SEO friendly + they offer RSS for passive subscription. Mailing lists are so 80s :p
Some more tips
Hi Alex, dartar from WikkaWiki here.
> Restricting basic HTML stuff (without any admin options around this) is not really the philosophy I would have thought a Wiki would take?
If you look at the configuration file, you will see that you can define the level of restriction on HTML via the double_doublequote_html parameter.
[see http://docs.wikkawiki.org/ConfigurationOptions ]
> Also what then happens with upgrades? Doesn't seem like a good stratergy
We have introduced since 1.1.6.6 a plugin system to allow users to introduce their hacks without preventing upgrades of the core components.
[see http://docs.wikkawiki.org/InstallingPlugins ]
I am not sure I understand your question about code highlighting.
hope this helps!
Actually, I can't find a
Actually,
I can't find a reference to INTRANET_MODE anywhere and the code seems to indicate that you have to be an Admin user even in 1.2?!
That would mena the documentation is wrong ('lying' is another word) and the whole thing a bit limiting...
:(
getting there...
OK!
So, I have hacked the actions/files.php file and replaced all instances of "$this->IsAdmin()" with "$this->HasAccess("write")" and its working a treat.
Yes, this might be a security thingy but I put a .htaccess file in the "uploads" files with the following in it:
Which should turn off PHP for that folder. But haven't been able to test as I'm getting some miscellaneous error: "There was an error uploading your file. Please try again." which seems to happen because move_uploaded_file() don't like something despite all folders concerned having the correct permissions :(