%SITEMAPWHAT%
Edit | Attach | New | Raw | Delete | History | | Print | Tools
You are here: System » CompleteDocumentation

# Reference Manual (Foswiki-1.1.4, Tue, 20 Dec 2011, build 13483)

This page contains all documentation topics as one long, complete reference sheet.

# System Requirements

Server and client requirements

Low client and server base requirements are core features that keep Foswiki widely deployable, particularly across a range of browser platforms and versions. Many extensions exist which enhance and expand Foswiki's capabilities; they may have additional requirements.

## Server Requirements

The code is written in Perl 5, and uses a number of shell commands from perl. The default package requires RCS (Revision Control System), a GNU Free Software package. Foswiki is developed in a basic Linux/Apache environment. It also works with Microsoft Windows, and should have no problem on any other platform that meets the requirements.

Resource Required Server Environment *
Perl 5.8.0 or higher (5.8.4 or higher is recommended)
RCS 5.7 or higher (including GNU diff)
Optional, Foswiki includes a pure perl implementation of RCS that can be used instead (although it's slower)
GNU diff GNU diff 2.7 or higher is required when not using the all-Perl RcsLite.
Install on PATH if not included with RCS (check version with diff -v)
Must be the version used by RCS, to avoid problems with binary attachments - RCS may have hard-coded path to diff
GNU patch For upgrades only: GNU patch is required when patching the code using patches in diff format submitted by the community.
GNU fgrep, egrep Modify command line parameters in configure if you use non-GNU grep programs
Cron/scheduler • Unix: cron
• Windows: cron equivalents
Web server Apache is well supported; see Foswiki:Support.InstallingOnSpecificPlatforms for alternative options.

### Perl Modules

A complete list of the required and optional Perl modules can be found in lib/DEPENDENCIES.

Most of them will probably already be available in your installation. You can check version numbers with the configure script, or if you're still trying to get to that point, check from the command line like this:
perl -e 'use FileHandle; print $FileHandle::VERSION."\n"'  ## Client Requirements The standard installation has relatively low browser requirements: • XHTML 1.0 Transitional compliant • Cookies, if persistent sessions are required • Javascript, for edit/save/upload functionality Change {ValidationMethod}{Method} from strikeone to embedded in configure to allow non-javascript browsers to edit/save/upload CSS and Javascript are used in most skins. Some skins will require more recent releases of browsers. The default skin is tested on IE 6, 7, Safari 3.0, and recent Mozilla based browsers (such as Firefox). You can easily select a balance of browser capability versus look and feel. Try the installed skins at SkinBrowser and more at Foswiki:Extensions.SkinPackage. ## Important note about Plugins • Plugins can require just about anything - browser-specific functions, stylesheets (CSS), Java applets, cookies, specific Perl modules,... - check the individual Plugin specs. Related Topics: AdminDocumentationCategory Back to top # Installation Guide This guide describes the steps for manually installing Foswiki, with specific steps for installations on Linux with the Apache web server. If you are using a different web server or operating system, in addition to reviewing this document, check any additional information specific to your platform at Foswiki:Support.SupplementalDocuments. Foswiki:Support.SupplementalDocuments also has information for other scenarios, such as shared web hosting environments. This guide is divided into two parts - included here as a single complete reference. Installation Guide Part 1 documents the preparation steps used to make Foswiki initially operational. It is included in the root of your Foswiki distribution as a static HTML document - INSTALL.html Installation Guide Part 2 continues with steps for tailoring and enhancing your site. These installation instructions are also available online at Foswiki:System.InstallationGuide, and are available within your Foswiki installation at System.InstallationGuide (the InstallationGuide topic in the System web). For information on upgrades, please also refer to Foswiki:System.UpgradeGuide. A static HTML version of this document, UpgradeGuide.html, is included in the root of your Foswiki distribution. ## Initial Installation ### System Requirements Please see the section "Foswiki system requirements" for the server and client requirements to run Foswiki, including the Perl modules required on the server. If you need to install any Perl libraries from CPAN for use by Foswiki, see Foswiki:Support.HowToInstallCpanModules for more information. ### Preparing to install Before attempting to install Foswiki, you are encouraged to review the Foswiki:System.AdminSkillsAssumptions. This guide assumes the person installing Foswiki has a basic knowledge of server administration on the system on which Foswiki is to be installed. While it is possible to install Foswiki with FTP access alone (for example, on a hosted site), it is tricky and may require additional support from your hosting service (for example, in setting file ownership and installing missing perl CPAN libraries). If you are upgrading from a previous Foswiki version or from a TWiki installation, please refer to Foswiki:System.UpgradeGuide. A static HTML version of this document, UpgradeGuide.html, is included in the root of your Foswiki distribution. Verify that your server meets the Foswiki system requirements, including having the minimum required Perl version and all required Perl modules installed. If you need to install any Perl libraries from CPAN for use by Foswiki, see Foswiki:Support.HowToInstallCpanModules for more information. If you need help, feel free to ask a question in the Foswiki:Support web or on Foswiki:Community.InternetRelayChat (irc.freenode.net, channel #foswiki). ### Basic installation: getting Foswiki up and running To install Foswiki, complete the following steps: 1. Download and unpack the Foswiki distribution. 2. Set the file and directory permissions for the installation. 3. Configure the locations of the Perl executable and the Foswiki modules. 4. Configure the web server. 5. Configure Foswiki. 6. Enable authentication of users (if desired). 7. Define the administrator users. #### Download and unpack the Foswiki distribution Download the Foswiki distribution from http://foswiki.org/Download Unpack the distribution file: Change to the directory where you want to place the Foswiki directory. Unzip or untar and gunzip the distribution; a new subdirectory called Foswiki-VERSION will be created. You can rename this subdirectory to a shorter name. For the rest of this document, this subdirectory is assumed to be at /path/to/foswiki. • Note: Foswiki does not support directory paths that contain spaces, so ensure that all of its directory paths do not contain any spaces (particularly on Windows). If you do not have shell access to your web server host, see the section "Uploading the Foswiki distribution to your web server host". #### (Not applicable on Windows) Set the file and directory permissions for the installation Set up access file and directory rights, as well as file ownership, as required by your web server configuration so that the web server user (the user used by the web server to run CGI programs) can read and write within the foswiki directory tree. Note: for more information on the appropriate permissions to ensure security for your Foswiki data, see Foswiki:Support.SecuringYourSite. The default file and directory access permissions as set by the distribution define a reasonable security level that will work for many types of installations, including shared hosting. Nonetheless, you should verify that the web server user has read access to all files and directories beneath the foswiki directory, and execute access for all directories. Also verify that the data and pub directories and all the subdirectories and files beneath them allow write access for the web server user. • Warning: Do not just run a chmod -R 770 foswiki. Providing execute access to all files is potentially dangerous. This is a common mistake made by Foswiki installers. See Foswiki:Support.SettingFileAccessRightsLinuxUnix for a sample set of Unix commands to set the file and directory permissions. It is possible to define tighter access permissions than the default ones; how tight they should be depends on your web server environment and local needs. Typically you should limit all access from others if the web server machine has login access for users other than root and the web server administrator. For a dedicated web server that just runs Foswiki and has limited login access, the default access permissions have a good safety level. If you have root user permissions, then for additional security, you can change the ownership of the foswiki directory tree to the web server user, using the command chown -R user:group /path/to/foswiki. The web server username varies in different installations; here are some sample commands for various Linux distributions: • RedHat, Fedora, CentOS, Gentoo, Mandriva : chown -R apache:apache /path/to/foswiki • debian/Ubuntu/Kubuntu : chown -R www-data:www-data /path/to/foswiki • Suse : chown -R wwwrun:www /path/to/foswiki If Foswiki stops working after you applied a change in access permissions and you wish to restore the original permissions, run the Unix commands located at Foswiki:Support.SettingFileAccessRightsLinuxUnix. #### (optional - required on Windows ) Configure the locations of the Perl executable and the Foswiki modules If you are running on a Linux system with Perl found in /usr/bin/perl then this step is not required. This step is required on Windows installations. The easiest way to fix up the bin scripts is to run the tools/rewriteshebang.pl script. If the Perl interpreter is in the default execution path, follow these steps: cd /path/to/foswiki/tools perl -I ../lib rewriteshebang.pl  or for Windows users: cd C:\path\to\foswiki\tools perl -I ..\lib rewriteshebang.pl  The script will determine the location of the Perl interpreter and will prompt to update both the bin and tools scripts in a single step. The changed files will be reported, and it is safe to rerun the script. If the perl command does not work from the command line, then you need to find the location of your system's Perl interpreter. Insert the path to Perl in the first line of the rewriteshebang script. For example: cd C:\path\to\foswiki\tools C:\path\to\perl -I ..\lib rewriteshebang.pl  #### (optional) Configuration of a script suffix for the perl scripts Some web servers require a special extension on perl script files (e.g. .cgi or .pl). This is not normally required with the Apache web server, though some hosted web servers are configured to require it. If the documentation for your web server indicates that a special extension is necessary, rename all the executable scripts in bin; that is, rename bin/view to bin/view.pl, and so on. When configuring Foswiki (see the section "Configure Foswiki"), set the ScriptSuffix option to the special extension. #### (optional) Configuration for non-standard library locations A standard Foswiki install has the directories bin/ and lib/ located under the Foswiki installation directory. If you have moved these directories, or if your system requires changes to the default Perl libraries, then this step is required. Create the file LocalLib.cfg located at bin/LocalLib.cfg • In the bin directory, copy the template file LocalLib.cfg.txt to LocalLib.cfg. Make sure the ownership and access rights of the copy are the same as LocalLib.cfg.txt. • Edit bin/LocalLib.cfg so that $foswikiLibPath is set to the absolute file path of your lib directory. For example: /path/to/foswiki/lib.
• If you need to install additional CPAN modules, but can't update the main Perl installation files on the server, you can set $CPANBASE to point to your personal CPAN install. Don't forget that the web server user has to be able to read those files as well. #### Configure the web server First choose the best configuration method for your web server. With Apache, there are two ways to configure it: a config file included from httpd.conf or .htaccess files. • Apache config file: The recommended method is using a config file. With a config file you can put the entire Foswiki configuration in ONE file (typically named foswiki.conf). Performance is much better with a config file, and one file gives the best overview and ensures that you get a safe installation . However to use a config file you need root or sudo access to stop and start Apache. The Foswiki apache config file can be included from the main Apache config file. (Typically httpd.conf or apache.conf depending on your distribution). However most distributions have a directory from which any file that ends with .conf gets included when you restart Apache (Example RedHat/Fedora/Centos: /etc/httpd/conf.d, Gentoo: /etc/apache2/vhost.d ). If you use a virtual host setup in Apache you should include the foswiki.conf file from inside the desired virtual host config in your Apache configuration. • .htaccess files: This method should only be used when you cannot use a config file. Performance is slower as Apache must search through all applicable directories for any .htaccess files on each page access. Normally this is the only way to control Apache in a shared host environment where you have no root or sudo privileges. If you are using a config file: • The easiest and best way is to use the Foswiki:Support.ApacheConfigGenerator tool to generate a safe, working config file for your Foswiki installation, based on the options you choose in the tool. • If you can't use the online configuration generator, a sample config file called foswiki_httpd_conf.txt can be found in the root of the foswiki installation. • Ensure that web access is denied to all Foswiki subdirectories other than bin and pub. • The Foswiki:Support.ApacheConfigGenerator tool will generate the appropriate settings; • the foswiki_httpd_conf.txt file also has examples of configuring Apache appropriately. • Ensure there is either a ScriptAlias directive for the bin subdirectory, or an Alias directive with SetHandler cgi-script and Options ExecCGI directives for the bin subdirectory, so that the bin scripts will be executed by Apache. • Note: you must restart Apache after making changes to your config files for the changes to take effect. If you are using a .htaccess file: • In the root of the foswiki installation, there are sample .htaccess files for various subdirectories in your installation. Each file has help text explaining how to modify it for your configuration. For more information, see Foswiki:Support.SupplementalDocuments. location and name of sample .htaccess file copy sample file to the following location foswiki/root-htaccess.txt foswiki/.htaccess foswiki/bin-htaccess.txt foswiki/bin/.htaccess foswiki/pub-htaccess.txt foswiki/pub/.htaccess foswiki/subdir-htaccess.txt foswiki/<subdir>/.htaccess Copy to all other subdirectories below foswiki, including data, lib, locale, templates, tools, working. Copy to any other directories except for bin and pub addressed above. • Ensure that web access is denied to all Foswiki subdirectories other than bin and pub. The sample .htaccess files show how to configure Apache appropriately. It is important to verify that none of these directories can be directly accessed. • Ensure that the foswiki/bin/.htaccess files contains the line SetHandler cgi-script so that all scripts in the bin directory will be executed by Apache. • Note: On Linux systems, files named with the leading "." like .htaccess are hidden files and will not be listed unless using the -a option, ex. ls -la Turn off any kind of PHP, Perl, Python, Server Side Includes, or other software execution mechanisms supported by your web server in the pub directory. For example, most Linux distributions have a default Apache installation with PHP and server side include (SSI) enabled. This would allow PHP scripts uploaded as attachments to be executed, which is a security risk, so it should be disabled in the Apache configuration with php_admin_flag engine off. Different script execution mechanisms are disabled in different ways; see your web server configuration and documentation for more details. ##### Protect the configure script! You should never leave the configure script open to the public. Limit access to the bin/configure script to either localhost, an IP address or a specific user using basic Apache authentication. The Foswiki:Support.ApacheConfigGenerator lets you setup who has access to the configure script. Also see the foswiki-httpd-conf.txt or bin/.htaccess.txt file for an example of the setting required to protect the configure script. To limit access to a particular user, set up a .htpasswd file that contains the user name and password that Apache will use to authenticate the user: • Caution! Do not follow these steps on an existing Foswiki .htpasswd file. It will destroy the email addresses stored in that file! If the file already exists, you can choose an existing user for access to configure. • Change to the foswiki/data directory. • Issue the command htpasswd -c .htpasswd <username>, where <username> is the name of the user you will use to access the configure script. Choose the username with care: the username cannot be an existing login name for your Foswiki installation, nor can it be used later on to register in Foswiki. Enter a password when prompted. All of the above methods - Sample configuration files, Foswiki:Support.ApacheConfigGenerator and sample .htaccess files, all include example settings to protect the configure script with a password. The critical section looks something like: <FilesMatch "configure.*"> SetHandler cgi-script Order Deny,Allow Deny from all # List of IP addresses allowed to access configure Allow from 127.0.0.1 192.168.1.10 # specify username used on the "htpasswd" command above Require user someuserid # Set to "Any" to allow IP -or- userid, set to "All" to require both match Satisfy Any ErrorDocument 401 default </FilesMatch>  Note: In addition to any web server security protection that you have set up, when saving any configuration settings for the first time on the configure web page, you will be prompted to set a configuration password. This password must be entered on all subsequent configuration changes, and is also used to log in via the internal admin link (see the section "Define the administrator user(s)"). Even after a configure password has been set, access to the configure page should still be restricted by the web server, in order to avoid revealing internal information to potential attackers. Tip: You do not have to use the same password file for both Configure and for Foswiki user registration. If you use a separate file, you can create it using the htpasswd commmand and complete segregate configure access from Foswiki access. This is probably safer, but does not allow users to change their configure password using Foswiki services. The password file has to be manually maintained.. 1. Generate an alternate password file to protect configure. htpasswd -c -s /path/to/data/.htpasswd-admin configuserid 2. Add / modify and delete this alternate file using the htpasswd command. Don't mix them up and use htpasswd on the Foswiki .htpasswd file! 3. Edit the foswiki apache configuration and modify the block (shown above) that protects the configuration command. Add or modify the following statements in the block. Don't remove the other statements! <FilesMatch "configure.*"> AuthType Basic AuthName "admins only" AuthUserFile /path/to/data/.htpasswd-admin # Changing the Require user to Require valid-user allows any ID in the # file access to configure! Require valid-user </FilesMatch>  For more information, refer to Foswiki:Support.ProtectingYourConfiguration. #### Configure Foswiki Run the configure script from your browser: enter http://yourdomain/url/to/foswiki/bin/configure into your browser address bar. • When you access the configure web page for the first time, you can only edit the section General Path Settings. Make any required changes, and save the settings, whether or not you needed to make any changes. You will be prompted to set a password for the configure page: this password must be entered for all subsequent configuration changes, and is also used to log in via the internal admin link (see the section "Define the administrator user(s)"). Note: The configure password is remembered by configure, separate to web server access controls mentioned in "Protect the configure script". • After saving the General Path Settings, continue configuring Foswiki. Configuration items which may require further attention will be highlighted. • If the Foswiki installation can be accessed by more than one protocol://domain, ensure the additional alternative URLs are set in {PermittedRedirectHostUrls}. Example: if {DefaultUrlHost} is set to https://wiki.company.com, an example {PermittedRedirectHostUrls} might contain: https://company.com, http://111.222.123.234 • Setup the Mail and Proxies section. Email must be available so Foswiki can send registration emails. • Under the "Email General" tab, If you do not want to enable sending registration emails or want to enable it later you can uncheck {EnableEmail}. Otherwise the {WebMasterEmail} parameter must be configured. • Under the "Email Server" tab, you can choose 3 methods of sending email. This is explained in detail under the help text for this tab. • MailProgram is typically suitable on most Linux systems, and no further configuration is required. • If you chose either of the Net::SMPT methods, you must also configure {SMTP}{MAILHOST}. Many ISPs have introduced authentication when sending emails to fight spam so you may also have to set {SMTP}{Username} and {SMTP}{Password}. • Net::SMTP::SSL will encrypt the connection to the e-mail server and is required for some email services like Google's GMail. • Under the "Proxy" tab, if your server is behind a firewall with a proxy, and you wish to install extensions via configure, you may have to set {PROXY}{HOST} and {PROXY}{PORT}. Note: A standard Foswiki installation will not allow any new registrations unless there is a working SMTP configuration SMTP authentication requires additional perl modules including Authen::SASL and MIMI::Base64, If there is a problem with your setup that prevents you from accessing the configure page, you can configure Foswiki manually. #### Authentication Authentication of users means their activity can be tracked, and access to your site can be controlled. This is particularly important for sites that are publicly accessible on the web. You are strongly encouraged to read System.UserAuthentication and Foswiki:Support.UserAuthenticationSupplement for further information about managing users and access controls for your Foswiki site. The most common authentication methods used for public Foswiki installations are Template Login and Apache Login. They have the following relative advantages: • Template Login can be set up without any web server configuration, and users can log off without restarting the browser. As the login page is just a Wiki page, you can customize it to suit your needs. • Apache Login allows you to use any Apache-module based authentication scheme, such as mod_auth_ldap or mod_auth_mysql. However, as your browser is caching your login, you must restart the browser to log out. Note that the password databases for both of these authentication mechanisms are compatible, so you can switch between them at a later date. To make it easier to follow the instructions in this section, you can view this installation guide using your Foswiki site by entering System.InstallationGuide into the "Jump" text box. By doing this instead of using the INSTALL.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages. ##### Template Login authentication Template Login asks for a username and password in a web page, and processes them using whatever Password Manager you choose. Users can log in and log out. Client Sessions are used to remember users. Users can choose to have their session remembered so they will automatically be logged in the next time they start their browser. #### Enabling Template Login By default, your Foswiki installation is probably already using TemplateLogin, HtPasswdUser and TopicUserMappingContrib as the default Login, Password and user mapping options. 1. Using configure: 1. Navigate to the Login tab on the Security and Authentication panel. Select the Foswiki::LoginManager::TemplateLogin login manager. 2. Navigate to the Passwords tab. Select the appropriate PasswordManager for your system - the default is Foswiki::Users::HtPasswdUser. There is also an EXPERT configure setting {TemplateLogin}{PreventBrowserRememberingPassword} that you can set to prevent Browsers from remembering username and passwords if you are concerned about public terminal usage. 2. Verify that registration works by registering yourself with the System.UserRegistration topic. If there are problems, try these troubleshooting tips: 1. If you are reading this from the INSTALL.html file, you can enter System.UserRegistration into the 'Jump' box in the top right of any Foswiki page. 2. Note: A standard Foswiki installation will not allow any new registrations unless there is a working SMTP configuration 3. If your PasswordManager is HtPasswdUser (the default), check the .htpasswd file is being updated correctly with a new entry. If not, check {Htpasswd}{FileName} is correct (under Security and Authentication on the Password tab in configure), and that the webserver user has write permission. 3. Create a new topic (in Sandbox web for example) to confirm that authentication works. 4. Add users to the Main.AdminGroup. Edit the Main.AdminGroup topic in the Main web to include users that should have administrator status. Read defining adminstrator user(s) for more information. This is a very important step, as users in this group can access all topics, independent of Foswiki access controls. AccessControl has more information on setting up access controls. Foswiki AccessControls do not protect topic attachments unless the web server has been configured to do so using the viewfile script. Visit Foswiki:Support.ApacheConfigGenerator for examples using Apache. As Template Login uses a wiki page for its login prompt, there is a great deal of flexibility in customizing the login page for your purposes. The default new user template page is in System.NewUserTemplate. The same macros get expanded as in the template topics. You can create a custom new user topic by creating the NewUserTemplate topic in Main web, which will then override the default in System web. See System.UserForm for copy instructions. #### Custom registration page You can customize the default System.UserRegistration topic by first copying System.DefaultUserRegistration to UserRegistration in Main web. This will ensure that your changes will remain intact next time you upgrade. A couple of common fields are hidden from normal view to make the registration page as lean as possible. You can unhide those fields on the page by removing EXCLUDED_ from the INCLUDE tags) or add new ones. New fields may also be added. The name="" parameter of the <input> tags must start with: "Fwk0..." (if this is an optional entry), or "Fwk1..." (if this is a required entry). This ensures that the fields are carried over into the user home page correctly. #### Automatic Group Membership The TopicUserMappingContrib can also enroll users into groups during registration. (Other mappers might not support this feature). Options include: • Automatically enrolling users in one or more groups during registration • Allow the user to select multiple groups from a list of eligible groups • Allow the user to choose only one group from a list of eligible groups • Don't do any group enrollment during registration. The list of eligible groups can be generated in one of two ways: • Manually by configuration. This fixed list of groups will always be listed. • Automatically based upon CHANGE permission on the group topics. There are two registration scenarios that apply: Self-registration by Guest users The actual registration will be processed by the special internal user Main.RegistrationAgent. Group topics must include an ALLOWTOPICCHANGE = Main.RegistrationAgent to be eligible for enrollment. Registration by logged-in users The registration form is filled out by some other logged-in user. In this case, the Main.RegistrationAgent is not used for Group updates. The current user must have ALLOWTOPICCHANGE permission for groups for them to be eligible for enrollment. • Caution: If an administrator registers a user with automatic group membership enabled, the new user could potentially be added to All groups. Use caution with this feature! Note: During registration, if it turns out that the current user or Main.RegistrationAgent doesn't have permission to update the group topic, the group update will be silently skipped. The user will still be albe to register. See DefaultPreferences#RegistrationOptions for further details. Copy the settings into Main.SitePreferences to make them active. ##### Apache Login authentication With Apache Login enabled, when Foswiki needs to authenticate the user, the standard HTTP authentication mechanism is used: the browser itself will prompt for a user name and password. The advantage of this scheme is that if you have an existing website authentication scheme using Apache modules such as mod_auth_ldap or mod_auth_mysql you can just plug in to them directly. The disadvantage is that because the user identity is cached in the browser, you can log in, but you can't log out again unless you restart the browser. Foswiki maps the REMOTE_USER that was used to log in to the webserver to a WikiName using the table in Main.WikiUsers. This table is updated whenever a user registers, so users can choose not to register (in which case their webserver login name is used for their signature) or register (in which case that login name is mapped to their WikiName). The same private .htpasswd file used in Foswiki Template Login can be used to authenticate Apache users, using the Apache Basic Authentication support. Do not use the Apache htpasswd program with .htpasswd files generated by Foswiki! htpasswd wipes out email addresses that Foswiki plants in the info fields of this file. Apache Login is required for Apache-based login methods such as mod_ldap You can use any Apache authentication module that sets the REMOTE_USER environment variable. To setup Apache Login, perform the following steps: 1. Configure Apache Login. Under the Security and Authentication pane on the Login tab in configure: 1. Select Foswiki::LoginManager::ApacheLogin for {LoginManager}. 2. Select Foswiki::Users::HtPasswdUser for {PasswordManager}. 3. Select Foswiki::Users::TopicUserMapping for {UserMappingManager}. 4. Save your settings. 5. Configure your Apache settings for HTTP authentication. Use the Foswiki:Support.ApacheConfigGenerator tool or the foswiki/bin-htaccess.txt file to set the following Apache directives on the bin scripts:  <FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*"> require valid-user </FilesMatch> You can also refer to the sample foswiki_httpd_conf.txt and bin-htaccess.txt files to see how the appropriate Apache directives are specified. 2. Verify that registration works by registering yourself with the System.UserRegistration topic. If there are problems, try these troubleshooting tips: 1. If you are reading this from the INSTALL.html file, you can enter System.UserRegistration into the 'Jump' box in the top right of any Foswiki page. 2. Note: A standard Foswiki installation will not allow any new registrations unless there is a working SMTP configuration 3. If your PasswordManager is HtPasswdUser (the default), check the .htpasswd file is being updated correctly with a new entry. If not, check {Htpasswd}{FileName} is correct (under Security and Authentication on the Password tab in configure), and that the webserver user has write permission. 3. Create a new topic (in Sandbox web for example) to confirm that authentication works. 4. Add users to the Main.AdminGroup. Edit the Main.AdminGroup topic in the Main web to include users that should have administrator status. Read defining adminstrator user(s) for more information. This is a very important step, as users in this group can access all topics, independent of Foswiki access controls. #### Choose an appropriate search algorithm for your Operating System On the Store pane in configure you will find the setting {RCS}{SearchAlgorithm}. By default it is set to Foswiki::Store::SearchAlgorithms::Forking which is what you should keep if you install Foswiki in Linux or any other Unix type operating system. If you install Foswiki on a Windows server, using an external grep program can create problems because of limitations in the length of command lines. You may be able to run with Forking in Windows if your directory path to Foswiki is kept short (short directory names and few levels), however the recommended (safe) setting for Windows is Foswiki::Store::SearchAlgorithms::PurePerl. #### Define the administrator user(s) ##### About Administrators Administrators have read and write access to any topic, regardless of any access controls that have been applied to the topic or its web. The special user Main.AdminUser ships with Foswiki and is accessed using by logging in with user admin and the password established when initially saving the configuration. Don't log in with the wikiname AdminUser. After installing Foswiki, you can also register other users that you will use to administer Foswiki. To make a user an administrator, add the WikiName for the user to the AdminGroup, defined in the Main.AdminGroup topic in your Foswiki installation. Note that with the sudo or internal admin login, it is not necessary to add other users to the AdminGroup. However if you have more than one administrator, you may still want to do this to ensure that topic changes are attributed to a specific user instead of the default Main.AdminUser. By adding users to Main.AdminGroup: • Users with Admin rights will have routine access to topics that might normally be denied. • These users will be unable to test or demonstrate access controls. • Changes made are always attributed to a unique logged in user. • Password sharing of the bin/configure password is not required By using the internal admin login: • You don't need to grant admin rights to individual users • All users will be subject to access controls. • Changes made while using the internal admin login are attributed to Main.AdminUser • The "save" password for bin/configure will need to be shared among administrators ##### Adding users to the Main.AdminGroup To make it easier to follow the instructions in this section, you can view this installation guide using your Foswiki site by entering System.InstallationGuide into the "Jump" text box. By doing this instead of using the INSTALL.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages. To add an initial administrator to the AdminGroup, perform the following steps: • If you are not already logged in with your WikiName, then login. • Go to the Main.AdminGroup topic and select the "internal admin login" link. Login using the password you set on the configure page. • After logging as the internal admin, view the Main.AdminGroup topic. Follow the instructions on the page to add users to the AdminGroup. You do not need to edit the topic. Any member of the Main.AdminGroup can add subsequent members — you do not have to use the internal admin login. To more easily debug access control issues, you may want to have a regular Foswiki user account for daily use, and a special one that belongs to the AdminGroup that you use only for administering your Foswiki site. See System.AccessControls for more information on access controls and user groups. #### Congratulations! You now have a basic installation running. At this point you can just point your Web browser at http://yourdomain.com/url/to/foswiki/bin/view/System/InstallationGuidePart2 to proceed with further tailoring your site.. In order to keep your user, group, and site configuration information separate from the actual content of your site, it is recommended that you create a new web in which your site's pages will reside. See System.ManagingWebs for more information on Wiki webs and how to create one. ### Troubleshooting ### Foswiki system requirements Foswiki is capable of running on a variety of operating systems and supporting a wide range of browsers, due to its minimal client and server requirements. #### Server requirements Foswiki is written in Perl 5, which is supported on Microsoft Windows as well as Unix and Unix-like systems (including Linux and OSX), on which it uses a number of shell commands and RCS (Revision Control System), a GNU Free Software package. It should be able to run on any server platform that meets the following requirements. Resource Required Server Environment Perl 5.8.8 or higher is recommended and it will run with Perl >=5.8.4 and <5.8.8 but this is untested. It also runs in Perl 5.6.1 but only with Wysiwyg editor disabled. Wysiwyg requires Unicode support which is provided by perl 5.8.1 onwards. RCS 5.7 or higher (including GNU diff) Optional. Foswiki includes a pure Perl implementation of RCS (RcsLite) that can be used instead, at the cost of performance GNU diff GNU diff 2.7 or higher is required when not using the all-Perl RcsLite. Install within the PATH if not included with RCS (check version with diff -v) Must be the version used by RCS, to avoid problems with binary attachments - RCS may have hard-coded path to diff Other external programs fgrep, egrep Cron/scheduler • Unix: cron • Windows: cron equivalents Web server Apache is well supported; for information on other servers, see Foswiki:Support.InstallingOnSpecificPlatforms. #### CPAN modules Most of the CPAN libraries used by Foswiki are part of a standard Perl installation >=5.8.8 (recommended). A version >=5.8.4 and <5.8.8 will also work although untested. Please see Foswiki:Support.HowToInstallCpanModules for detailed information on how to install any CPAN libraries not yet present in your installation. A more complete module status is listed in Foswiki configure (Foswiki 1.0.x: CGI Setup, 1.1.x: Web Server Environment > Perl modules). It should be easier to deal with CPAN modules from this perspective. The following CPAN modules are shipped with Foswiki, require a comment or may optionally be needed. In case the standard Foswiki will be enhanced with Foswiki:Extensions, please look at the related extension page for dependencies which may require additional modules. Try the script dependencies_installer.pl located in the tools directory, which makes perl module installation easier. Run it with option -h to understand basics. This script requires confirmation before it actually does something. Module Preferred version Required/Optional Description Algorithm::Diff Required Included with Foswiki CGI Versions 2.89, 3.37, 3.43, and 3.47 must be avoided. Most versions from 3.15 and onwards should work. Required Included with Perl core since Perl 5.4 Error Required Included with Foswiki Apache::Htpasswd Optional May be required for ApacheHtpasswd password manager Archive::Tar Optional May be required by the Extensions Installer in configure if command line tar or unzip is not available, since Perl 5.9.3 part of core. Archive::Zip Optional Alternative to Archive::Tar, used by the Extensions Installer if Archive::Tar also unavailable CGI::Session Optional Required for Sessions support, available from the CPAN archive Digest::SHA Optional May be required for password encryption, since Perl 5.9.3 part of core Digest::SHA1 Optional Encode::compat Optional May be required for international characters HTML::Entities Optional Required for Foswiki:Extensions.WysiwygPlugin HTML::Parser Optional Required for Foswiki:Extensions.WysiwygPlugin Lingua::EN::Sentence Optional May be required for generating new language files Locale::Maketext::Lexicon >=0 Optional Used for I18N support LWP Optional Required for the Configure Extensions Installer, and for external URL based INCLUDEs URI Optional Required by the configure script Win32::Console Optional May be required for Windows You can check version numbers with the configure script, or if you're still trying to get to that point, check from the command line (replace "ModuleName" with the name of the module): perl -le 'use ModuleName; print "ModuleName"->VERSION'  #### Client requirements Browser clients must support the following capabilities: • HTML 3.2 • Cookie support enabled, if persistent sessions are required Most skins also require CSS and Javascript support. There is a low-fat skin (Plain) that minimises these requirements. Some skins require newer browser version. The default skin (Pattern) is tested on IE 6, Safari, and Mozilla 5.0 based browsers (such as Firefox). You can easily select a balance of browser capability versus look and feel. Try the installed skins in the skin browser and more at Foswiki:Extensions.SkinPackage. ### Uploading the Foswiki distribution to your web server host If you cannot unpack the Foswiki distribution directly in your installation directory, you can unpack the distribution on your local computer, manually create the directory structure on your host server and upload the files as follows: • Using the table below, create a directory structure on your host server • Upload the Foswiki files by FTP (transfer as text except for the image files in pub directory.) • Note: Don't worry if you are not able to put the lib directory at the same level as the bin directory. You can create this directory elsewhere and configure the bin/setlib.cfg file. Foswiki dir: What it is: Where to copy: Example: foswiki start-up pages root Foswiki dir /home/smith/public_html/foswiki/ foswiki/bin CGI bin CGI-enabled dir /home/smith/public_html/foswiki/bin foswiki/lib library files same level as bin /home/smith/public_html/foswiki/lib foswiki/locale language files dir secure from public access /home/smith/public_html/foswiki/locale foswiki/pub public files htdoc enabled dir /home/smith/public_html/foswiki/pub foswiki/data topic data dir secure from public access /home/smith/public_html/foswiki/data foswiki/templates web templates dir secure from public access /home/smith/public_html/foswiki/templates foswiki/tools Foswiki utlilities dir secure from public access /home/smith/public_html/foswiki/tools foswiki/working Temporary and internal files dir secure from public access /home/smith/public_html/foswiki/working ### Configuring Foswiki manually (without using the configure page) It is highly recommended that you configure Foswiki by using your browser to access the configure page. However, if you are unable to get the configure page to display (for example, if a dependency is missing), or for some reason you do not wish to use the configure page, then you can configure Foswiki manually Perform the following steps to manually configure Foswiki: • Copy the file lib/Foswiki.spec to lib/LocalSite.cfg • Remove the # in front of the following settings, and ensure that they are set to the correct values: Note: The settings must not reference other$Foswiki::cfg variables.
   $Foswiki::cfg{DefaultUrlHost}$Foswiki::cfg{ScriptUrlPath}
$Foswiki::cfg{ScriptDir}$Foswiki::cfg{PubUrlPath}
$Foswiki::cfg{PubDir}$Foswiki::cfg{DataDir}
$Foswiki::cfg{ToolsDir}$Foswiki::cfg{TemplateDir}
$Foswiki::cfg{LocalesDir}$Foswiki::cfg{WorkingDir}
$Foswiki::cfg{OS} • Make sure the following settings are defined: $Foswiki::cfg{LoginManager}
$Foswiki::cfg{WebMasterEmail}$Foswiki::cfg{SMTP}{MAILHOST}
$Foswiki::cfg{SMTP}{SENDERHOST} • Remove the line containing __END__ and everything following it. ## Beyond the basic installation Once you have Foswiki installed and running, you can perform one or more of the following steps to tailor your installation to your needs. Many of the references in this section refer to topics within your Foswiki installation. For example, System.Skins refers to the Skins topic in your System web. To go directly to a topic, enter the full topic name, such as System.Skins, into the "Jump" text box at the top right of any Foswiki page. To make it easier to follow the instructions in this section, you can view this installation guide using your Foswiki site by entering System.InstallationGuide into the "Jump" text box. By doing this instead of using the INSTALL.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages. All of the Foswiki documentation can also be found online in the Foswiki documentation section (the "System" web) of the Foswiki web site. Note the configure page mentioned in this section is accessed by visiting http://verahavlova.cz/bin/configure your web browser. ### Site configuration and maintenance #### Set Foswiki Preferences Preferences for customizing many aspects of Foswiki are set by editing Main.SitePreferences. If a given preference is not set in Main.SitePreferences, then a default value is picked up from System.DefaultPreferences, if present, or, for extensions, from the extension topics. To simplify your upgrades, do not modify System.DefaultPreferences. Instead, copy any settings you want to change from System.DefaultPreferences to Main.SitePreferences. To see the available preferences that can be set, look through System.DefaultPreferences. If, for some reason, you wish to pick up default preferences from a different topic, you can set the location in the Miscellaneous settings pane of the configure page, in the {SitePrefsTopicName} setting (visible when Expert mode is enabled). It is recommended that you leave this setting to its default value, DefaultPreferences. #### Select the desired security level Foswiki has a many security features that can be enabled/disabled and adjusted to suit your needs. In many cases enabling a security feature prevents other features. It is a balance that the administrator has to choose depending on the purpose of the Foswiki installation (confidential vs public knowledge), the type of installation (intranet vs internet), and your type of business. A new administrator is encouraged to read Foswiki:Support.SecurityFeatures which gives a walkthrough of the different security aspects and how to set the appropriate configuration settings. Note that that some security settings are only visible in configure in "expert mode" which you enter by clicking the "Yes, I've read all the documentation" button at the top of the configure screen. #### Enable Email Notification Each web has an automatic email notification service that sends you an email with links to all of the topics modified since the last alert. To enable this service: 1. Confirm the Mail and Proxies settings on the configure page. 2. Setup a cron job (or equivalent) to call the tools/mailnotify script, as described in the System.MailerContrib topic. #SMIME #### Enable Signed Email Notification Foswiki administrative emails are an attractive target for SPAM generators and phishing attacks. One good way to protect against this possibility to enable S/MIME signatures on all administrative e-mails. To do this, you need an an X.509 certificate and private key for the the {WebMasterEmail} email account. Obtain these as you would for any other S/MIME e-mail user. To enable Foswiki to sign administrative e-mails: 1. Enable e-mail as described above 2. Ensure that the system has the CPAN module Crypt::SMIME installed. 3. If necessary, convert your certificate and key files to PEM format ( openssl has all the necessary utilities) 4. Place the certificate anyplace convenient that the webserver can read. It should be protected against write. The conventional place under linux is /etc/pki/tls/certs 5. Place the key file in a secure location that only the webserver (or CGI user) can read. It must not be readable by anyone else, and must not be served by the webserver. 6. Using the configure script, change the following settings under Mail and Proxies: 1. "Email Server" tab. Follow the directions under {MailMethod} and {MailProgram} to enable an external mail program such as sendmail. Net::SMTP is not supported. • {SMTP}{MAILHOST}, {SMTP}{SENDERHOST}, {SMTP}{Username} and {SMTP}{Password} are not used an may be deleted. • If Foswiki variable SMTPMAILHOST is defined in Main.SitePreferences it should be removed. 2. "S/MIME" tab: • Enable the S/MIME checkbox • Enter the full path to the certificate file in the {SmimeCertificateFile} configuration variable • Enter the full path to the private key file in the {SmimeKeyFile} configuration variable 3. Save the configuration 7. Re-run the configure script an resolve any errors that it identifies All out-going administrative e-mails will now be signed. #### Automate removal of expired sessions and lease files By default Foswiki cleans out expired session and lease files each time any topic is viewed, but this has a performance cost. Instead you may wish to schedule a cron job (or equivalent) to run the tools/tick_foswiki.pl script, and set a negative value on the configure page for {Sessions}{ExpireAfter}. For more details, read System.CommandAndCGIScripts#tick_foswiki_pl. #### Enable WebStatistics You can manually or automatically generate a listing of the most popular pages for each web, based on number of visits. For information on setting up this feature, see the System.SiteTools topic. #### Enable Localisation Foswiki supports displaying national (non-ASCII) characters, and using different languages for its basic interface elements. To configure localisation, modify the Localisation section of the configure page. For more information, see Foswiki:Support.InternationalizationSupplement. ### Customizing your site #### Customize pages for managing personal information If you are not using Foswiki to manage your users' passwords or email addresses, or would just like to enhance the default pages, then modify the following topics accordingly with information appropriate for your site: #### Customize the user topic for new users When a new user registers on your Foswiki site, a topic with a name corresponding to the user's WikiName is created in the Main web: this topic is the user's user topic. The user topic is based on the Main.NewUserTemplate? topic; if it is not present, then System.NewUserTemplate (and its associated System.UserForm) is used as a default. If you want to customize the user topic for your users, copy System.NewUserTemplate to Main.NewUserTemplate?, and System.UserForm to Main.UserForm?, and make your changes to Main.NewUserTemplate? and Main.UserForm?. (See Foswiki:System.ManagingTopics#CopyTopic for instructions on copying a topic.) You can edit these topics to suit your needs, such as the following: • Customize the user topic for your site. • Add an ALLOWTOPICCHANGE preference setting to Main.NewUserTemplate? so only the user can edit their own user topic. In particular, on a public Foswiki site, restricting edit access will avoid vandalism and spam. • Add and remove fields defined in the Main.UserForm?. If you added or removed fields from the user form you may also need to tailor Main.UserRegistration? to match (copy over the contents from System.UserRegistration to Main.UserRegistration? when creating it). #### Customize the appearance of your Foswiki site The real power of Foswiki lies in its flexibility to be customized to meet your needs. To change the look of the default skin, PatternSkin, please refer to System.PatternSkin and System.PatternSkinCustomization. At the Foswiki website you can find more resources. A good place to start exploring is Foswiki:Support.BestPracticeTips and Foswiki:Support.FAQ which offer tips and tricks for customizing your Foswiki site. Many of these are best done before any content has been added to your site, so immediately after installation is a good time to consider the possibilities. ##### Left, Top and Bottom Bars with PatternSkin The top bar and bottom bar are common across all webs. To customize the top bar, copy System.WebTopBarExample to System.WebTopBar, and make your desired changes to System.WebTopBar. To customize the bottom bar, copy System.WebBottomBarExample to System.WebBottomBar, and make your desired changes to System.WebBottomBar. The side bar can be customized on a per web basis. To customize the side bar, copy the WebLeftBarExample topic in the given web to WebLeftBar, and make your desired changes to WebLeftBar. If you would like to move the side bar to the right of the page, see System.PatternSkin for more details. ##### Copyright, License and Classification Statements At the bottom of each topic, there is a copyright statement that is set in the WEBCOPYRIGHT preference. Its default is the following: Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. If your Foswiki site is used in an environment without public access you should replace this with your normal copyright notice. You should also consider adding a security classification (e.g., For Internal Use Only) so people do not have to add this manually to every new topic. If your Foswiki site is publicly accessible, you need to decide which copyright and license you wish to apply to all contributions. For open source applications, licenses such as the GNU Free Documentation License, FreeBSD Documentation License, and one of the various Creative Commons licenses are possible licenses to consider. Remember that once people have started contributing, you cannot retroactively change the license (unless it has a provision for this). To change the copyright statement, perform the following steps: • Copy the WEBCOPYRIGHT preference setting from System.DefaultPreferences to Main.SitePreferences. Change the value to your desired text. This value will be your new default across all webs. • You can create a unique message for a specific web by setting the WEBCOPYRIGHT preference in the WebPreferences topic for the given web. For example, you could add a confidential classification to a web that has restricted access. • The WEBCOPYRIGHT preference setting in System.WebPreferences covers the documentation that comes with Foswiki, and should not be changed. #### WYSIWYG vs Raw Edit In Foswiki, the WYSIWYG editor is used by default in edit mode. An Edit Raw link is available for those who prefer to edit the raw topic text. If you prefer to use the raw text editor by default and have a separate WYSIWYG button, as in TWiki 4.1, then you can modify the templates that define the edit screen as described in Foswiki:Support.FaqHowToMakeRawEditDefault. ### Extensions Foswiki:Extensions is an extensive library of plugins for Foswiki that enhance functionality in a huge number of ways. A few plugins are pre-installed in the Foswiki distribution. There are several types of Extensions available: • Plugins extend Foswiki functionality without altering the core code. • Skins Skins overlay regular templates to give different looks and feels to Foswiki screens. • Contribs and AddOns are any other Extension that provides added functionality beyond Plugins and Skins #### Installing extensions Extensions can be installed using any of several different methods: • the configure web interface • the generic shell installer tools/extension_installer • by manually downloading the extension zip or tar file Caution: Users of the debian .deb packages should only use the debian tools when installing extensions. The simplest way is to visit configure:Extensions. Use the Find More Extensions button to download and install additional extensions from the foswiki.org website. If you are behind a firewall or your server has no access to the Internet, you can also install plugins manually. Installation instructions for each plugin are located in its corresponding topic on http://foswiki.org/. Additional documentation on Foswiki plugins can be found at Foswiki:Support.PluginsSupplement. When installing an extension from the configure interface: • Even if available, local Extension installers and archives are not used • The extension is downloaded from the configured archive • The latest version of the Extension is always downloaded. There is no automatic means of downloading older versions. • If the extension is already installed, a backup is taken to the working/configure/backup directory • Dependencies on other Extensions are automatically resolved and installed • Dependencies are downloaded from the same archive where the Extension was found. No additional searching is performed. • The Extension is installed. • By default, unless a collsion occurrs with an existing file, the Extension's topics will not be checked in to the revision control system. • If previous topics or attachments are found, then the topic will be checked in under the Administrators user id. • If the topics or attachments are flagged as !noci, disabling checkin, they will still be checked in if existing revision control files are found, suggesting that local modifications have occurred. • CPAN dependencies and other external packages are not resolved and should be resolved manually When installing extensions from the command line: • The _installer package must be run from the root directory of the Foswiki installation. • The Extension _installer module must be downloaded from the Extension repository. The extension archive will be downloaded if required. • When the _installer is run, it will install the Extension and dependencies similar to the configure interface except: • You will be given the option to use local archives if available in the root of the Foswiki installation • You will be given the option to resolve CPAN dependencies after the Extensions and dependencies are installed. • Any other dependencies still need to be manually resolved. When using either the web or shell instalation tools: • After installation, the Extension _installer module is saved in working/configure/pkgdata • A complete log of the actions taken by the installer is saved in working/logs/configure/[NameOfExtension]-yyyymmdd-hhmmss-[Action].log Plugins must be manually enabled in the Plugins section of the configure page. In addition, some extensions also require configuration in this section. The instructions for using the extensions installer from the shell are retrieved by using the "usage" command: tools/extension_installer usage or ./SomePlugin_installer usage perl working/configure/pkgdata/X509UserPlugin_installer usage Usage as a custom installer: X509UserPlugin_installer -a -n -d -r -u -c install X509UserPlugin_installer -a -n uninstall X509UserPlugin_installer manifest X509UserPlugin_installer dependencies Usage as a generic installer: tools/extension_installer X509UserPlugin -a -n -d -r -u -c install tools/extension_installer X509UserPlugin -a -n uninstall tools/extension_installer X509UserPlugin manifest tools/extension_installer X509UserPlugin dependencies If command (install, uninstall ..) is not provided, default is to install the extension. Operates on the directory tree below where it is run from, so should be run from the top level of your Foswiki installation. Depending upon your installation, you may need to execute perl directly perl tools/extension_installer ... or perl X509UserPlugin_installer ... "install" will check dependencies and perform any required post-install steps. "uninstall" will remove all files that were installed for X509UserPlugin even if they have been locally modified. -a means don't prompt for confirmation before resolving dependencies -d means auto-download if -a (no effect if not -a) -r means reuse packages on disc if -a (no effect if not -a) -u means the archive has already been downloaded and unpacked -n means don't write any files into my current install, just tell me what you would have done -c means don't try to use CPAN to install missing libraries "manifest" will generate a list of the files in the package on standard output. The list is generated in the same format as the MANIFEST files used by BuildContrib. "dependencies" will generate a list of dependencies on standard output.  #### Removing (uninstalling) extensions Caution: When removing an extension, no dependency checking is performed. • Dependencies are not removed • Other Extensions dependent on the removed extension may become non-operational. The web and command line interfaces can be used to uninstall extensions. When an extension is remove, the following occurs: • The _installer package is used to recover the manifest. If it cannot be found locally, it will be downloaded from the configured extension repository • A backup of the previously installed files per the manifest will be taken to the configure/working/backup directory • Note: If download of the _uninstaller was required, the backup will be made per the current installer's manifest. It is preferable to always save the _installer modules. • The Extension files along with any ,v revision control files will be removed, including the _installer. • Any additional files saved locally are not removed. • A complete log of the steps taken is saved in working/logs/configure/[NameOfExtension]-yyyymmdd-hhmmss-[Action].log • Plugin modules are not automatically disabled in the configuration - they must be disabled manually. Run the uninstall from the "root" of the Foswiki installation: working/configure/pkgdata/SomeExtension_installer uninstall #### Restoring a removed, or previous version of an extension The backup can be extracted from the root directory of the Foswiki installation. The archive is taken "relative" to the root of the installation, so an unzip or tar -xzf of the backup file should be all that is required: cd /root/of/foswiki tar -zxvf * working/configure/backup/[Extension}-backup-[yyyymmdd]-[hhmmss].tgz # or unzip working/configure/backup/[Extension}-backup-[yyyymmdd]-[hhmmss].zip  ### TWiki Compatibility Foswiki is 100% backwards compatible with TWiki® markup up to and including TWiki 4.2.4. Existing TWiki webs, topics and attachments can be used with Foswiki without requiring any changes. To support a seamless upgrade from TWiki, Foswiki ships with a plugin called TWikiCompatibilityPlugin. This plugin enables most TWiki extensions to work with Foswiki, without modifications. It also maps requests for legacy TWiki web topics to their Foswiki equivalents, as defined in Foswiki:Development.TopicNameMappingTable. The TWIKIWEB and MAINWEB TWiki variables are also mapped to the new Foswiki macros SYSTEMWEB and USERSWEB. If you are not upgrading an existing TWiki installation and do not plan to install plugins from the TWiki web site, it is recommended that you disable the TWikiCompatibilityPlugin in the Plugins Section on the configure page. If a plugin exists both in a TWiki version and a Foswiki version, it is strongly recommended that you use the Foswiki version, as this is coded to work optimally with Foswiki. As part of the Foswiki project, the Foswiki community is evaluating all of the extensions that are available for TWiki, and porting them over to the Foswiki name space. Many of them are being enhanced through the removal of bugs and security vulnerabilities, resulting in better, more functional extensions for Foswiki. ### Web Acceleration (mod_perl, FastCGI, ...) Foswiki is installed by default supporting standard CGI scripts as well as CLI access. For best performance, Foswiki can be accelerated using one of the several accelerators, however, you must install the required Foswiki extension and host modules before enabling accelereation! See the listed extensions for more information.  Fast CGI FastCGIEngineContrib Supports the mod_fastcgi and mod_fcgid extensions mod_perl ModPerlEngineContrib supports the apache mod_perl extension Caution • Ensure your site is fully configured and working before enabling either of these extensions. They can be challenging to configure. • The ApacheConfigGenerator will help creating a valid configuration for these accelerators. • Enabling the apache configuration without installing the pre-req modules and extensions will break your site! • The core default extensions are well tested with web acceleration, other extensions can exhibit inconsistent behaviour when accelerated. TWiki is a registered trademark of Peter Thoeny. Back to top # Foswiki Upgrade Guide This guide covers upgrading from a previous version of Foswiki or TWiki (such as Cairo or TWiki4.0) to Foswiki 1.0 (References to Cairo are for TWiki versions older than TWiki 4.0, such as TWikiRelease04Sep2004) ## Overview Foswiki is a fork from TWiki 4.2.3. Upgrades from all TWiki versions and earlier Foswiki versions are supported. Foswiki is designed to be 100% compatible with the content of TWiki sites, using the same markup language and supporting the same plugin API (through the use of a TWikiCompatibilityPlugin), thereby enabling a smooth transition from TWiki to Foswiki. ### Upgrade requirements • Please review the Foswiki:System.AdminSkillsAssumptions before you upgrade your site. • To upgrade from an old TWiki Release to the latest Foswiki production release, follow the instructions below. • Before upgrading, you may wish to make a backup of your topics. • Once the upgrade has been applied, an existing earlier installation will still be able to read all the topics, but should not be used to write. • Some TWiki plugins are not compatible with Foswiki (usually ones that use a private API or execute helper scripts); you may need to migrate to the equivalent extension in the Foswiki:Extensions repository. ### Upgrading from TWiki to Foswiki You are strongly advised to read the Foswiki:System.ReleaseNotes01x00 (also available in an HTML file in the root of your installation), which contains a list of changes from TWiki 4.2.3 to Foswiki 1.0. A number of system topics and macros (formerly known as TWiki variables) have been renamed, to better describe their purpose and, where appropriate, to rebrand to the Foswiki name. ## Upgrading to a new patch release To upgrade to a new patch release — for example, from Foswiki 1.1.0 to 1.1.2 — an upgrade package can be used that will not overwrite any of your customizations. For patch releases you will find a brief upgrade procedure on the download page for the release. Follow this procedure to upgrade to the patch release. It may contain important steps that are unique to each patch release (for example, some configure settings may need to be changed). If you use the Foswiki PageCaching feature, be sure to refresh the cache after upgrading to a new Foswiki version. ## Upgrade procedure: upgrading to a new major or minor version, or upgrading from TWiki The following is a high level view of the upgrade procedure: 1. Prepare for all upgrade steps. 2. Install the new Foswiki version and configure it with the same settings as the old version. 3. Install any additional extensions (Plugins) used by your old installation. Make sure to use the latest Foswiki versions. 4. Copy all the non-default webs from the old installation to the new one. 5. Copy the users, groups, and site customizations from the old installation to the Main web in the new installation, including all user topics. 6. Apply preferences from the old installation. 7. Apply your site customizations: skin, logos, menu bars, forms for personal information, and so forth. 8. Validate your Wiki applications and other key functionality. 9. Switch your production site from the old installation to the new installation. Managing caches of static .js, .css files: some parts of Foswiki use URI versioning to help web browsers obtain a current version of these files when they change, but currently other parts do not. You may need to get your users to clear their browser's cache after upgrading your site to a new major or minor release (usually not necessary for patch upgrades). An alternative approach is to manage your web server configuration to strategically set appropriate expiry times for static files (see performance supplement) More details for each step appear in the following sections. The steps may need to be modified or otherwise tailored with specifics for your installation. In particular, you must take care to preserve any special configuration or customizations you have made, especially if you have modified any of the default software files or system topics that are contained within the installation package. For purposes of discussion, the following conventions are used: • <oldwiki> refers to the directory in which the old installation is located • <newwiki> refers to the directory in which the new installation is located; it is assumed to be immediately below the root directory of your web server • <old_users_web> refers to the web in which the user topics are located in the old installation. The default value is the Main web. The web is specified in the Store settings pane of the configure page, in the {UsersWebName} setting (visible when Expert mode is enabled). • <old_system_web> refers to the web used for documentation and default preferences in the old installation. In Foswiki, the default value is the System web; in TWiki, the default value is the TWiki web. The web is specified in the Store settings pane of the configure page, in the {SystemWebName} setting (visible when Expert mode is enabled). After the upgrade, in the new installation, the Main web is used for user topics and site preferences, and the System web is used to hold documentation and default preferences. The configure page mentioned in this document is accessible via your web browser at http://yourdomain/<newwiki>/bin/configure . ### Prepare for all upgrade steps Read the Foswiki:System.ReleaseNotes01x00 and learn about the differences between your old installation and the new release to which you are upgrading. Take note of any areas that affect your site and what special steps you may need to take. Check that all the extensions (plugins, contribs, skins) used by your old installation are available with the new release. Familiarize yourself with any new behaviour that you will have to adapt to or any configuration changes you will have to perform. If you are using authentication, prepare a test plan to verify that your authentication mechanism is working correctly. Make sure you are able to test logins by a sufficient sample of users to cover all categories of users of your site. For example, users of various groups may need to be tested. In particular, ensure you test that non-admin users cannot access topics restricted to admins. Identify all essential Wiki topics and Wiki applications that must be fully functional upon completion of the upgrade. Prepare a test plan to verify their functionality. If you are using access controls, ensure that the test plan will adequately test all categories and groups of users of your site. If your testing will require a test environment to be set up, ensure that it is ready, with any required support infrastructure (for example, testbed authentication servers). If you need to be able to login with different users in different categories and groups, ensure that you have the required login information ready, or you have testers from those groups available to perform the required test cases. Download the Foswiki distribution from the following location: http://foswiki.org/Download — if you are installing your extensions manually, also download them from the repository where they are stored. ### Installation Follow the installation instructions in INSTALL.html, located in the root of the new installation. Install the new release in a new directory. Do not install on top of the old release. • For public or otherwise sensitive installations, ensure that your web server configuration is set to deny access to the new Foswiki installation for anyone except you. • Configure Foswiki using the configure page. • If you are upgrading from an older Foswiki release, first copy your <oldwiki>/lib/LocalSite.cfg file to <newwiki>/lib/LocalSite.cfg in order to preserve your existing configuration settings. Alternatively, you can reconfigure the new installation from scratch (you can use your old LocalSite.cfg file as a reference). • If you are upgrading from a TWiki site, you must reconfigure your Foswiki installation from scratch. You cannot copy over your old LocalSite.cfg file (though you can use it as a reference). Run configure and set the configuration values in the new installation to match those of the old installation. • Verify all of the configuration settings on the configure page, including any new settings added in the new version. Save the configuration after you have completed your changes. • To wipe out all your settings and start configuring from a fresh installation, just delete the <newwiki>/lib/LocalSite.cfg file and run configure. • Additional resources Test your newly-installed Foswiki site and ensure that its basic functionality works: viewing and editing topics (you can try creating and editing a topic in the Sandbox web). To make it easier to follow the subsequent steps, you can view this upgrade guide using your new Foswiki site by entering System.UpgradeGuide into the "Jump" text box on the top right of any topic. By doing this instead of using the UpgradeGuide.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages. ### Install extensions Install all of the extensions that were installed in your old site. In particular, start with any extensions required for the authentication and authorization methods you use (if any). You can use the Find more extensions button in the Extensions section of the configure page to install and configure extensions from the Foswiki:Extensions repository. You can also install extensions manually; see the instructions on the extension's web page from where you obtained the extension (for Foswiki extensions, on foswiki.org). • Note: some TWiki extensions may not work with Foswiki. By default, the TWikiCompatibilityPlugin is installed to provide backwards compatible support for TWiki plugins. However if the TWiki plugin calls private APIs or invokes helper scripts, it may still not work correctly. Check for an upgraded Foswiki version of the extension in the Foswiki:Extensions repository and install it instead. Check the plugin topics from your old TWiki/Foswiki installation and transfer the plugin settings to the Main.SitePreferences topic in your new Foswiki site, prefixing each setting with the name of the plugin in uppercase followed by an underscore. For example, to copy over the DEFAULT_TYPE setting from the CommentPlugin topic in the old site to the new site, copy the value to a COMMENTPLUGIN_DEFAULT_TYPE setting in the Main.SitePreferences topic in the new site. Commonly-customized plugin settings include the following: • CommentPlugin - DEFAULT_TYPE • EditTablePlugin - CHANGEROWS, QUIETSAVE, EDITBUTTON • InterwikiPlugin - RULESTOPIC • InterWikis - If you added your own rules, make sure you copy over the rules to the new installation. • SlideShowPlugin - If you changed the embedded 'Default Slide Template', then copy your customed template to the topic in the new installation. You should prefer creating your own slide show template in a separate topic, so you will not have to take special steps over upgrades to preserve your modifications to the default slide template. • SmiliesPlugin - If you added your own smileys, make sure you copy over your customizations to the topic in the new installatin. • TablePlugin - TABLEATTRIBUTES Activate, and if required, configure the installed extensions in configure. ### Copy content from non-default webs in old installation to the new installation If you are upgrading from TWiki Cairo or earlier, it may be necessary to unlock the rcs files in data and pub directories from the old installation using the following shell commands: • find data -name '*,v' -exec rcs -u -M '{}' \; • find pub -name '*,v' -exec rcs -u -M '{}' \; Copy your local webs over to the data and pub directories of the new installation. Do not copy the default webs: <old_system_web> (by default, either System or TWiki), Main, Trash, Sandbox, _default, and _empty. • Make sure the data and pub directories, as well as the files within them, are readable and writeable by the web server user. • Note: Foswiki's WebChanges topics depend on the file timestamp. If you touch the .txt files make sure to preserve the timestamp, or change them in the same chronological order as the old file timestamps. ### Copy users, user topics, and site customizations to Main web Copy all topics and attachments from <old_users_web>: copy all files from <oldwiki>/data/<old_users_web>/ to <newwiki>/data/Main/, and copy all files from <oldwiki>/pub/<old_users_web>/ to <newwiki>/pub/Main/ . Do not overwrite any topics already present in the <newwiki>/data/Main/ directory. • In addition to all the user topics, if you have created <old_users_web>.NewUserTemplate in the old installation, this step will copy over your template for user topics to the new installation. • Ensure that the topic defining the admin group in your old installation is copied over. The admin group is defined in the Security setup pane of the configure page, in the {SuperAdminGroup} setting (visible when Expert mode is enabled). You can do either of the following: • Set the {SuperAdminGroup} setting in your new installation to the old admin group. • Move the contents of the old admin group to the new admin group. To avoid having to change all references to the old admin group, you must still keep the old admin group defined: set it so its only member is the new admin group, and the new admin group is the only user who can change or rename the old admin group topic. • The default admin group with Foswiki is AdminGroup and the default admin group with TWiki is TWikiAdminGroup. So if you are upgrading from TWiki and are using the default admin groups, then in the new installation, you must copy all members from TWikiAdminGroup to AdminGroup, and change TWikiAdminGroup so its only member is AdminGroup and so it can only be modified or renamed by AdminGroup. • If your old installation did not customize {LocalSitePreferences} on the configure page, or if you did customize {LocalSitePreferences} but kept your site preferences within the <old_users_web> web, then this step will also copy over your site preferences to the new installation. For upgrades from an older Foswiki installation: • Manually merge all users from the <old_users_web>.WikiUsers topic in the old installation to the Main.WikiUsers topic in the new installation. If the new installation does not yet have an initial Main.WikiUsers topic, then copy <oldwiki>/data/<old_users_web>/WikiUsers.txt to <newwiki>/data/Main/WikiUsers.txt. • Verify that the following default users are present in the Main.WikiUsers topic: • ProjectContributor - the Foswiki documentation is attributed to this user • RegistrationAgent - special user used during the new user registration process • UnknownUser - used where the author of a previously stored piece of data can't be determined • WikiGuest - guest user; used as a fallback if the user can't be identified • If any of the default users are missing, then add them in manually to Main.WikiUsers, using the corresponding entries in Foswiki:System.UsersTemplate as an example. • If you use data/.htpasswd for authentication, copy this file from the old installation to the new one. • If you have customized <old_system_web>.UserRegistration, then either copy over <oldwiki>/data/<old_system_web>/UserRegistration.txt and <oldwiki>/data/<old_system_web>/UserRegistration.txt,v to the <newwiki>/data/System/ directory, or modify System.UserRegistration in the new installation to contain your customizations. For upgrades from a TWiki installation: • Manually merge all users from the <old_users_web>.TWikiUsers topic in the old installation to the Main.WikiUsers topic in the new installation. If the new installation does not yet have an initial Main.WikiUsers topic, then copy <oldwiki>/data/<old_users_web>/TWikiUsers.txt to <newwiki>/data/Main/WikiUsers.txt, and manually add the required default users (see the next steps). • Verify that the following default users are present in the Main.WikiUsers topic: • ProjectContributor - the Foswiki documentation is attributed to this user • RegistrationAgent - special user used during the new user registration process • UnknownUser - used where the author of a previously stored piece of data can't be determined • WikiGuest - guest user; used as a fallback if the user can't be identified • If any of the default users are missing, then add them in manually to Main.WikiUsers, using the corresponding entries in Foswiki:System.UsersTemplate as an example. • If you use data/.htpasswd for authentication, copy this file from the old installation to the new one. • If you are upgrading from Cairo and are using the Htpasswd login manager, run the tools/upgrade_emails.pl script to move the user emails out of the user topics and into the password file. • If you have customized <old_system_web>.TWikiRegistration, then modify System.UserRegistration in the new installation to contain your customizations. Copy over any topics and attachments you want to preserve from the Sandbox web in the old installation: copy the desired files from <oldwiki>/data/Sandbox/ to <newwiki>/data/Sandbox and from <oldwiki>/pub/Sandbox/ to <newwiki>/pub/Sandbox . Some pages you may wish to preserve are the WebHome topic and the WebLeftBar topic (if you had created it in the old wiki installation). The Sandbox web often contains work-in-progress topics that users will want to keep. Make sure the data and pub directories, as well as the files within them, are readable and writeable by the web server user. Execute your test plans for authentication and authorization. Test that users that you have transferred from the old installation can login with any problems, and that access controls work appropriately: check that users are able to view and edit pages for which they have access, and are denied permission to view or edit pages for which they do not have access. Also check that pages restricted to the admin group are not accessible by non-admin users, and that administrators continue to have access. ### Apply preferences from old installation If you have not already set your desired site-wide preferences, as described in the section "Set Foswiki Preferences" in the System.InstallationGuide, then set your preferences. The location of your site preferences is specified in the Miscellaneous settings pane of the configure page, in the {LocalSitePreferences} setting (visible when Expert mode is enabled) — the default location is Main.SitePreferences. Copy any customized preferences from the site preferences topic in your old installation to the site preferences topic in the new installation. (Note you may have already copied over your customized preferences when you transfered the contents of the <old_users_web> web.) If, in your old installation, you customized the default preferences in <old_system_web>.DefaultPreferences, then transfer your customizations from this topic to the site preferences topic instead (i.e. the topic specified in your {LocalSitePreferences} setting), so that your customizations will not get overwritten on the next upgrade. If you are upgrading from TWiki, note that the default location of the default preferences in TWiki is <old_system_web>.TWikiPreferences, and the default location of the site preferences is Main.TWikiPreferences. Transfer any customized preferences from these topics to the site preferences topic in your new installation. ### Apply additional site customizations #### Modify skin with customizations for your site If you did not already customize the appearance of your new installation, as described in the section "Customize the appearance of your Foswiki site" in the System.InstallationGuide, then reapply the customizations from your old installation to the new one. Ensure you transfer over any skin templates — .tmpl files, or topics referred to using VIEW_TEMPLATE or EDIT_TEMPLATE preferences — you need. Also ensure you transfer any style sheets or Javascript files required. If you are upgrading from the Cairo version of TWiki: note that the skins from this release do not work well with Foswiki. Starting from TWiki 4.0.2, the default PatternSkin has been fairly stable and so your customizations should continue to work. #### Customize pages for managing personal information In your new installation, default copies of the following topics were installed: • System.ChangePassword • System.ResetPassword • System.ChangeEmailAddress If you customized these topics in your old installation, transfer the changes to these topics in the new installation. Use the corresponding files in the <oldwiki>/<old_system_web>/ directory as a reference. ### Validate your Wiki applications and other key functionality Execute your test plan to validate the Wiki applications and other key functionality that need to be up and running after the upgrade. ### Switch your production site from the old installation to the new installation If you had been running your old installation in parallel with the new one during a test phase, then disable your old installation, and repeat the step "Copy content from non-default webs in old installation to the new installation". Change your web server configuration so that the new installation is accessible to all of your users, and so the old installation is no longer accessible. Change your web server configuration so that the new installation is accessible using the same URL prefix as your old installation. For purposes of discussion, assume that your old installation is accessible from http://yourdomain/wiki/. You can use one of the following approaches to make the new installation accessible using the same URL prefix: • You can rename your <newwiki>/ directory to wiki/ (renaming the directory of your old installation if necessary). • If your operating system supports links to other directories and your web server is configured to follow links, then you can create a link called wiki/ that points to <newwiki>/ (renaming the directory of your old installation if necessary). • You can configure your web server so that requests to /wiki/ are served from your <newwiki>/ directory. Re-execute your test plan to verify that your newly-upgraded site is accessible to your users, and that all authentication and authorization mechanisms work as expected (including denying access to those who are not authorized). Re-execute your test plan to verify that your Wiki applications and other key functionality work as intended. ## Additional steps when upgrading from TWiki Cairo ### Favicon The favicon is now configurable as a site preference or per-web preference. See System.DefaultPreferences for a description of the FAVICON preference. To set it for your site, add the FAVICON preference to your site preferences topic, Main.SitePreferences (or the topic you configured in your {LocalSitePreferences} setting in the Miscellaneous settings pane on the configure page). To set it for a web, add the FAVICON preference to the WebPreferences topic for that web. ## Important changes since TWiki 4.0.5 ### Supported Perl version To use Foswiki, you must use Perl 5.8 or higher. Foswiki no longer supports Perl version 5.6.x (the minimum version required for TWiki 4.0.5). ### Template spec changed Until TWiki 4.0.5, any text inside template definition blocks for SkinTemplates (formerly called TWikiTemplates) — that is, between %TMPL:DEF{"block"}% and %TMPL:END% — was stripped of leading and trailing white space, including newlines. This made it difficult for skin developers to include a newline before or after a block of text. From TWiki 4.1.0 onwards, and in Foswiki 1.0, this has changed so that white space is no longer stripped. Skins like PatternSkin and NatSkin have been updated so that they work with the new behavior. If you use an older skin or have written your own you will most likely need to make some adjustments. In general, if you get mysterious blank lines in your skin, the newline after the %TMPL:DEF{"block"}% needs to be removed: the content of the block must follow on the same line as the TMPL:DEF. CommentPlugin templates also must be modified to remove extraneous newlines — in particular, any newline immediately after the TMPL:DEF. See the System.CommentPluginTemplate for examples of how comment template definitions should look like in TWiki 4.1.x. Example: a CommentPlugin template that adds a row to a table. With versions of TWiki prior to 4.1, the following syntax can be used: %TMPL:DEF{OUTPUT:tabletest}%%POS:BEFORE% |%URLPARAM{"comment"}%| -- %WIKIUSERNAME% - %DATE% | %TMPL:END%  Starting in TWiki 4.1 and continuing with Foswiki 1.0, the newline before the start of the table row must be removed: %TMPL:DEF{OUTPUT:tabletest}%%POS:BEFORE%|%URLPARAM{"comment"}%| -- %WIKIUSERNAME% - %DATE% | %TMPL:END%  ## Important changes for the upgrader - since TWiki 4.1.0 ### New location for session and other temporary files The directory for passthrough and session files have been replaced by a common directory for temporary files used by Foswiki. Previously the two configure settings {PassthroughDir} and {Sessions}{Dir} were set by default to /tmp. These config settings have been eliminated: Foswiki creates a tmp directory and other temporary directories under the directory defined by the configure setting {WorkingDir}. ## Important changes for the upgrader - since TWiki 4.1.2 ### New WYSIWYG editor Foswiki now ships with a new WYSIWYG editor based on TinyMCE that replaces the Kupu-based editor. When TinyMCEPlugin is enabled, the Edit button will initiate WYSIWYG editing mode. A Raw Edit link has been added for users to edit the topic markup directly. The WYSIWYG button has been removed. ### NEWTOPICLINKSYMBOL removed The NEWTOPICLINKSYMBOL preference that was deprecated in TWiki 4.1 is no longer supported. To control the appearance of new links, set the NEWLINKFORMAT preference in Main.SitePreferences (see System.DefaultPreferences for more information on NEWLINKFORMAT). ### UserForm and NewUserTemplate customization When a new user registers on Foswiki his user topic is created based on the NewUserTemplate and UserForm in the Main web, if they exist. If the topic does not exist in the Main web, then the default version from System is used. Thus on upgrades, any customizations you made to NewUserTemplate or UserForm in the Main web will be preserved. In previous TWiki versions, only System.NewUserTemplate and System.UserForm are used; you cannot override them by creating your own version in the Main web. ### WikiUsers no longer distributed The Main.WikiUsers topic contains all the registered users. It is not included in the Foswiki distribution, so that your list of users will not be overwritten on upgrades. When the first user is registered in Foswiki, the Main.WikiUsers topic is created on demand. ### New working directory The configuration setting {WorkingDir} in the General path settings pane on the configure page defines the location of a working directory for various subdirectories for use by Foswiki. The default value for this setting is the working subdirectory within the installation root directory for the Foswiki installation. The subdirectories within the working directory include the following: • registration_approvals — previously located in the data/ directory • tmp — avoids security issues with using the /tmp directory • work_areas — previously located in the pub/ directory. Note: Remember to restrict access to this new directory when you upgrade. If you have your own scheduled task to delete obsolete session files, note they are now located in the working/tmp/ subdirectory. ### New internal admin login Foswiki has a new internal admin login feature that lets you login as a temporary administrator, using "admin" as your user name and the password for the configure page. The internal admin username can be configured in the {AdminUserLogin} setting in the Security setup pane on the configure page. In order to add an initial user to the default {SuperAdminGroup}, Main.AdminGroup, you must login as the internal admin user using the link on the Main.AdminGroup page. ## Important changes for the upgrader - since Foswiki 1.0.4 An additional security feature has been added to Foswiki 1.0.5 so that saving data now requires the http method POST. This means that it is no longer possible to store data via an "<a href=..." link or img tag. It also means that if you have an application with an HTML form that creates new topics you must specify in the form tag method="post". This change is done to further tighten the security of Foswiki. <form name="new" action="%SCRIPTURLPATH{"save"}%/Sandbox/" method="post"> ... </form>  The template webs _default and _empty are frequent targets for spammers because these webs are normally not monitored very carefully by the community around a Foswiki installation. These webs are now write protected so on an administrator can edit topics in these webs. When an administrator creates a new web it is important to remember to remove the access restriction from the WebPreferences in the new web. ## Important changes for the upgrader - since Foswiki 1.0.5 Foswiki 1.0.6 introduces a major security enhancement, protecting against Cross-Site Request Forgery. The extra safe "double submit" algorithm, as recommended by the Open Web Application Security Project (OWASP) project has been used. This is the same algorithm used by several major banks and other security-conscious institutions, and requires that users have Javascript enabled. See Foswiki:Support.SecurityFeatures for more information on these, and other, Foswiki security features. This is recommended reading for all Foswiki administrators. If these new countermeasures against CSRF creates problems for your users and your applications, you can alter the way the protection works or disable it. These are the configure parameters you need to visit (note that some are expert settings). • {Validation}{Method} is by default "strikeone" which is the highest level of security and requires that users have Javascript enabled. You can lower this setting to "embedded" which uses a less safe validation method but does not require javascript. If you want to disable CSRF protection set it to "none". It is highly recommended to keep it at "strikeone". • {Validation}{ValidForTime} is the time the validation key is valid. It is by default 1 hour. If your users often edit pages longer you can increase this time. Your users can still save pages with an expired validation key but they will be asked to confirm the saving. • {Validation}{MaxKeysPerSession} is the maximum number of validation keys to store in a session. There is one key stored for each page rendered. If the number of keys exceeds this number, the oldest keys will be force-expired to bring the number down. If you have users that are very fast at editing pages and experience expired keys, you can increase this number. The default is 1000 and should be much higher than any normal person will experience. • {Validation}{ExpireKeyOnUse} defines if validation keys expire when they are used for storing data. This prevents an attacker from evesdropping communication between server and browser and reuse keys. Unfortunately it also means that if a user edits a page, saves it, uses the back button of the browser, corrects his previous editing, and then saves again, he is asked to confirm that he intended to save the topic. Another use case is if you create an application with multiple forms and multiple submit buttons on a topic and you submit multiple times from this topic without navigating away from it, you will be asked to confirm the submission each time. If this is not acceptable to your use of Foswiki, you can turn off {Validation}{ExpireKeyOnUse}. Back to top # User Authentication Controlling who can access your site ## Overview Authentication, or "login", is the process by which a user lets Foswiki know who they are. Authentication isn't just to do with access control. Foswiki uses authentication to keep track of who made changes, and manage a wide range of personal settings. With authentication enabled, users can personalise Foswiki and contribute as recognised individuals, instead of shadows. Foswiki authentication is very flexible, and can either stand alone or integrate with existing authentication schemes. You can set up Foswiki to require authentication for every access, or only for changes. Authentication is also essential for access control. Quick Authentication Test - Use the %USERINFO% macro to return your current identity: • You are guest, Main.WikiGuest, Foswiki user authentication is split into four sections; password management, user mapping, user registration, and login management. Password management deals with how users personal data is stored. Registration deals with how new users are added to the wiki. Login management deals with how users log in. Once a user is logged on, they can be remembered using a Client Session stored in a cookie in the browser (or by other less elegant means if the user has disabled cookies). This avoids them having to log on again and again. Foswiki user authentication is configured through the Security Settings pane in the configure interface. Please note FileAttachments are not protected by Foswiki User Authentication. ## Password Management As shipped, Foswiki supports the Apache 'htpasswd' password manager. This manager supports the use of .htpasswd files on the server. These files can be unique to Foswiki, or can be shared with other applications (such as an Apache webserver). A variety of password encodings are supported for flexibility when re-using existing files. See the descriptive comments in the Security Settings section of the configure interface for more details. Caution: Foswiki uses the .htpasswd file to also store the email addresses of registered users. If the .htpasswd file will be shared with another application, it is critical to preserve the email address stored as the last field in each line of the file. You can easily plug in alternate password management modules to support interfaces to other third-party authentication databases. The password manager is selected using the {PasswordManager} setting in configure. ## User Mapping Usually when you are using an external authentication method, you want to map from an unfriendly "login name" to a more friendly WikiName. Also, an external authentication database may well have user information you want to import to Foswiki, such as user groups. By default, Foswiki supports mapping of usernames to wikinames, and supports Foswiki groups internal to Foswiki. If you want, you can plug in an alternate user mapping module to support import of groups etc. The user mapping manager is selected using the {UserMappingManager} setting in configure. ## User Registration New user registration uses the password manager to set and change passwords and store email addresses. It is also responsible for the new user verification process. the registration process supports single user registration via the UserRegistration page, and bulk user registration via the BulkRegistration page (for admins only). The registration process is also responsible for creating user topics, and setting up the mapping information used by the User Mapping support. See Custom registration page for changing the user registration page. ## Login Management Login management controls the way users have to log in. There are three basic options; no login, login via a Foswiki login page, and login using the webserver authentication support. the login manager is selected using the {LoginManager} setting in configure. ### No Login (select none) Does exactly what it says on the tin. Forget about authentication to make your site completely public - anyone can browse and edit freely, in classic Wiki style. All visitors are given the Main.WikiGuest default identity, so you can't track individual user activity. Note: This setup is not recommended on public websites for security reasons; anyone would be able to change system settings and perform tasks usually restricted to administrators. ### Template Login (select Foswiki::LoginManager::TemplateLogin) Template Login asks for a username and password in a web page, and processes them using whatever Password Manager you choose. Users can log in and log out. Client Sessions are used to remember users. Users can choose to have their session remembered so they will automatically be logged in the next time they start their browser. #### Enabling Template Login By default, your Foswiki installation is probably already using TemplateLogin, HtPasswdUser and TopicUserMappingContrib as the default Login, Password and user mapping options. 1. Using configure: 1. Navigate to the Login tab on the Security and Authentication panel. Select the Foswiki::LoginManager::TemplateLogin login manager. 2. Navigate to the Passwords tab. Select the appropriate PasswordManager for your system - the default is Foswiki::Users::HtPasswdUser. There is also an EXPERT configure setting {TemplateLogin}{PreventBrowserRememberingPassword} that you can set to prevent Browsers from remembering username and passwords if you are concerned about public terminal usage. 2. Verify that registration works by registering yourself with the System.UserRegistration topic. If there are problems, try these troubleshooting tips: 1. Note: A standard Foswiki installation will not allow any new registrations unless there is a working SMTP configuration 2. If your PasswordManager is HtPasswdUser (the default), check the .htpasswd file is being updated correctly with a new entry. If not, check {Htpasswd}{FileName} is correct (under Security and Authentication on the Password tab in configure), and that the webserver user has write permission. 3. Create a new topic (in Sandbox web for example) to confirm that authentication works. 4. Add users to the Main.AdminGroup. Edit the Main.AdminGroup topic in the Main web to include users that should have administrator status. Read defining adminstrator user(s) for more information. This is a very important step, as users in this group can access all topics, independent of Foswiki access controls. AccessControl has more information on setting up access controls. Foswiki AccessControls do not protect topic attachments unless the web server has been configured to do so using the viewfile script. Visit Foswiki:Support.ApacheConfigGenerator for examples using Apache. As Template Login uses a wiki page for its login prompt, there is a great deal of flexibility in customizing the login page for your purposes. The default new user template page is in System.NewUserTemplate. The same macros get expanded as in the template topics. You can create a custom new user topic by creating the NewUserTemplate topic in Main web, which will then override the default in System web. See System.UserForm for copy instructions. #### Custom registration page You can customize the default System.UserRegistration topic by first copying System.DefaultUserRegistration to UserRegistration in Main web. This will ensure that your changes will remain intact next time you upgrade. A couple of common fields are hidden from normal view to make the registration page as lean as possible. You can unhide those fields on the page by removing EXCLUDED_ from the INCLUDE tags) or add new ones. New fields may also be added. The name="" parameter of the <input> tags must start with: "Fwk0..." (if this is an optional entry), or "Fwk1..." (if this is a required entry). This ensures that the fields are carried over into the user home page correctly. #### Automatic Group Membership The TopicUserMappingContrib can also enroll users into groups during registration. (Other mappers might not support this feature). Options include: • Automatically enrolling users in one or more groups during registration • Allow the user to select multiple groups from a list of eligible groups • Allow the user to choose only one group from a list of eligible groups • Don't do any group enrollment during registration. The list of eligible groups can be generated in one of two ways: • Manually by configuration. This fixed list of groups will always be listed. • Automatically based upon CHANGE permission on the group topics. There are two registration scenarios that apply: Self-registration by Guest users The actual registration will be processed by the special internal user Main.RegistrationAgent. Group topics must include an ALLOWTOPICCHANGE = Main.RegistrationAgent to be eligible for enrollment. Registration by logged-in users The registration form is filled out by some other logged-in user. In this case, the Main.RegistrationAgent is not used for Group updates. The current user must have ALLOWTOPICCHANGE permission for groups for them to be eligible for enrollment. • Caution: If an administrator registers a user with automatic group membership enabled, the new user could potentially be added to All groups. Use caution with this feature! Note: During registration, if it turns out that the current user or Main.RegistrationAgent doesn't have permission to update the group topic, the group update will be silently skipped. The user will still be albe to register. See DefaultPreferences#RegistrationOptions for further details. Copy the settings into Main.SitePreferences to make them active. ### Enabling Apache Login With Apache Login enabled, when Foswiki needs to authenticate the user, the standard HTTP authentication mechanism is used: the browser itself will prompt for a user name and password. The advantage of this scheme is that if you have an existing website authentication scheme using Apache modules such as mod_auth_ldap or mod_auth_mysql you can just plug in to them directly. The disadvantage is that because the user identity is cached in the browser, you can log in, but you can't log out again unless you restart the browser. Foswiki maps the REMOTE_USER that was used to log in to the webserver to a WikiName using the table in Main.WikiUsers. This table is updated whenever a user registers, so users can choose not to register (in which case their webserver login name is used for their signature) or register (in which case that login name is mapped to their WikiName). The same private .htpasswd file used in Foswiki Template Login can be used to authenticate Apache users, using the Apache Basic Authentication support. Do not use the Apache htpasswd program with .htpasswd files generated by Foswiki! htpasswd wipes out email addresses that Foswiki plants in the info fields of this file. Apache Login is required for Apache-based login methods such as mod_ldap You can use any Apache authentication module that sets the REMOTE_USER environment variable. To setup Apache Login, perform the following steps: 1. Configure Apache Login. Under the Security and Authentication pane on the Login tab in configure: 1. Select Foswiki::LoginManager::ApacheLogin for {LoginManager}. 2. Select Foswiki::Users::HtPasswdUser for {PasswordManager}. 3. Select Foswiki::Users::TopicUserMapping for {UserMappingManager}. 4. Save your settings. 5. Configure your Apache settings for HTTP authentication. Use the Foswiki:Support.ApacheConfigGenerator tool or the foswiki/bin-htaccess.txt file to set the following Apache directives on the bin scripts:  <FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*"> require valid-user </FilesMatch> You can also refer to the sample foswiki_httpd_conf.txt and bin-htaccess.txt files to see how the appropriate Apache directives are specified. 2. Verify that registration works by registering yourself with the System.UserRegistration topic. If there are problems, try these troubleshooting tips: 1. Note: A standard Foswiki installation will not allow any new registrations unless there is a working SMTP configuration 2. If your PasswordManager is HtPasswdUser (the default), check the .htpasswd file is being updated correctly with a new entry. If not, check {Htpasswd}{FileName} is correct (under Security and Authentication on the Password tab in configure), and that the webserver user has write permission. 3. Create a new topic (in Sandbox web for example) to confirm that authentication works. 4. Add users to the Main.AdminGroup. Edit the Main.AdminGroup topic in the Main web to include users that should have administrator status. Read defining adminstrator user(s) for more information. This is a very important step, as users in this group can access all topics, independent of Foswiki access controls. #### Logons via bin/logon Any time a user requests a page that needs authentication, they will be forced to log on. It may be convenient to have a "logon" link as well, to give the system a chance to identify the user and retrieve their personal settings. It may be convenient to force them to log on. The bin/logon script enables this. If you are using Apache Login, the bin/logon script must be setup in the Apache configuration or bin/.htaccess file to be a script which requires a valid user. Once authenticated, it will redirect the user to the view URL for the page from which the logon script was linked. ## Sessions Foswiki uses the CPAN:CGI::Session and CPAN:CGI::Cookie modules to track sessions. These modules are de facto standards for session management among Perl programmers. If you can't use Cookies for any reason, CPAN:CGI::Session also supports session tracking using the client IP address. You don't have to enable sessions to support logins in Foswiki. However it is strongly recommended. Foswiki needs some way to remember the fact that you logged in from a particular browser, and it uses sessions to do this. If you don;t enable sessions, Foswiki will try hard to remember you, but due to limitations in the browsers it may also forget you (and then suddenly remember you again later!). So for the best user experience, you should enable sessions. There are a number of macros available that you can use to interrogate your current session. You can even add your own session variables to the Foswiki cookie. Session variables are referred to as "sticky" variables. ### Getting, Setting, and Clearing Session Variables You can get, set, and clear session variables from within Foswiki web pages or by using script parameters. This allows you to use the session as a personal "persistent memory space" that is not lost until the web browser is closed. Also note that if a session variable has the same name as a Foswiki preference, the session variables value takes precedence over the Foswiki preference. This allows for per-session preferences. To make use of these features, use the tags: %SESSION_VARIABLE{ "varName" }% %SESSION_VARIABLE{ "varName" set="varValue" }% %SESSION_VARIABLE{ "varName" clear="" }%  Access controls cannot be modified in this way ### Cookies and Transparent Session IDs Foswiki normally uses cookies to store session information on a client computer. Cookies are a common way to pass session information from client to server. Foswiki cookies simply hold a unique session identifier that is used to look up a database of session information on the Foswiki server. For a number of reasons, it may not be possible to use cookies. In this case, Foswiki has a fallback mechanism; it will automatically rewrite every internal URL it sees on pages being generated to one that also passes session information. ## Username vs. Login Username This section applies only if you are using authentication with existing login names (i.e. mapping from login names to WikiNames). Foswiki internally manages two usernames: Login Username and Foswiki Username. • Login Username: When you login to the intranet, you use your existing login username. This name is normally passed to Foswiki by the REMOTE_USER environment variable, and used internally. Login Usernames are maintained by your system administrator. • Foswiki Username: Your name in WikiNotation, ex: JohnSmith, is recorded when you register using UserRegistration; doing so also generates a personal home page in the Main web. Foswiki can automatically map an Intranet (Login) Username to a Foswiki Username if the {AllowLoginName} is enabled in configure. The default is to use your WikiName as a login name. NOTE: To correctly enter a WikiName - your own or someone else's - be sure to include the Main web name in front of the Wiki username, followed by a period, and no spaces, for example Main.WikiUsername or %USERSWEB%.WikiUsername. This points WikiUsername to the Main web, where user home pages are located, no matter which web it's entered in. Without the web prefix, the name appears as a NewTopic everywhere but in the Main web. ## Changing Passwords If your {PasswordManager} supports password changing, you can change and reset passwords using forms on regular pages. • The ChangePassword form ( Foswiki/ChangePassword ) • The ResetPassword form ( Foswiki/ResetPassword ) If the {PasswordManager} does not support password changing, the ChangePassword and ResetPassword will show a simple message. This message is defined iby the setting CHANGEPASSWORDDISABLEDMESSAGE in System.DefaultPreferences. You can redefine this setting by copying it to Main.SitePreferences and change it to include a link to the password management website of your organisation. ## Changing E-mail Addresses If the active {PasswordManager} supports storage and retrieval of user e-mail addresses, you can change your e-mail using a regular page. As shipped, this is true only for the Apache 'htpasswd' password manager. • The ChangeEmailAddress form ( Foswiki/ChangeEmailAddress ) If the {PasswordManager} does not support password changing, ChangeEmailAddress will guide the user to define the email address in the user topic. ## Controlling access to individual scripts You may want to add or remove scripts from the list of scripts that require authentication. The method for doing this is different for each of Template Login and Apache Login. Any scripts listed as requiring authentication will not be usable by the Guest user. If you require that Main.WikiGuest be allowed to edit topics on your site, edit and save must be removed from the list of scripts requiring authentication. • For Template Login, update the {AuthScripts} list using configure • For Apache Login, add/remove the script from bin/.htaccess, or from the FilesMatch line in the Apache configuration. ## How to choose an authentication method One of the key features of Foswiki is that it is possible to add HTML to topics. No authentication method is 100% secure on a website where end users can add HTML, as there is always a risk that a malicious user can add code to a topic that gathers user information, such as session IDs. The Foswiki developers have been forced to make certain tradeoffs, in the pursuit of efficiency, that may be exploited by a hacker. This section discusses some of the known risks. You can be sure that any potential hackers have read this section as well! At one extreme, the most secure method is to use Foswiki via SSL (Secure Sockets Layer), with a login manager installed and Client Sessions turned off. Using Foswiki with sessions turned off is a pain, though, as with all the login managers there are occasions where Foswiki will forget who you are. The best user experience is achieved with sessions turned on. As soon as you allow the server to maintain information about a logged-in user, you open a door to potential attacks. There are a variety of ways a malicious user can pervert Foswiki to obtain another users session ID, the most common of which is known as a cross-site scripting attack. Once a hacker has an SID they can pretend to be that user. To help prevent these sorts of attacks, Foswiki supports IP matching, which ensures that the IP address of the user requesting a specific session is the same as the IP address of the user who created the session. This works well as long as IP addresses are unique to each client, and as long as the IP address of the client can't be faked. Session IDs are usually stored by Foswiki in cookies, which are stored in the client browser. Cookies work well, but not all environments or users permit cookies to be stored in browsers. So Foswiki also supports two other methods of determining the session ID. The first method uses the client IP address to determine the session ID. The second uses a rewriting method that rewrites local URLs in Foswiki pages to include the session ID in the URL. The first method works well as long as IP addresses are unique to each individual client, and client IP addresses can't be faked by a hacker. If IP addresses are unique and can't be faked, it is almost as secure as cookies + IP matching, so it ranks as the fourth most secure method. If you have to turn IP matching off, and cookies can't be relied on, then you may have to rely on the second method, URL rewriting. This method exposes the session IDs very publicly, so should be regarded as "rather dodgy". Most Foswiki sites don't use SSL, so, as is the case with most sites that don't use SSL, there is always a possibility that a password could be picked out of the aether. Browsers do not encrypt passwords sent over non-SSL links, so using Apache Login is no more secure than Template Login. Of the two shipped login managers, Apache Login is probably the most useful. It lets you do this sort of thing: wget --http-user=RogerRabbit --http-password=i'mnottelling http://www.example.com/bin/save/Sandbox/StuffAUTOINC0?text=hohoho,%20this%20is%20interesting i.e. pass in a user and password to a request from the command-line. However it doesn't let you log out. Template Login degrades to url re-writing when you use a client like dillo that does not support cookies. However, you can log out and back in as a different user. Finally, it would be really neat if someone was to work out how to use certificates to identify users..... See Foswiki:Support.SupplementalDocuments for more information. Back to top # Access Control Restricting read and write access to topics and webs, by users and groups Access Control allows you restrict access to single topics and entire webs, by individual user and by user Groups. Access control, combined with UserAuthentication, lets you easily create and manage an extremely flexible, fine-grained privilege system. ## An important consideration Open, freeform editing is the essence of WikiCulture - what makes Foswiki different and often more effective than other collaboration tools. For that reason, it is strongly recommended that the decision to restrict read or write access to a web or a topic is made with great care - the more restrictions, the less Wiki in the mix. Experience shows that unrestricted write access works very well because: • Peer influence is enough to ensure that only relevant content is posted. • Peer editing - the ability for anyone to rearrange all content on a page - keeps topics focused. • In Foswiki, content is transparently preserved under revision control: • Edits can be undone by the administrator (per default a member of Main.AdminGroup; see #ManagingGroups). • Users are encouraged to edit and refactor (condense a long topic), since there's a safety net. As a collaboration guideline, create broad-based Groups (for more and varied input), and avoid creating view-only Users (if you can read it, you should be able to contribute to it). ## Permissions settings of the webs on this Foswiki site The topic SitePermissions gives you an overview of the access control settings for all your webs. ## Authentication vs. Access Control Authentication: Identifies who a user is based on a login procedure. See UserAuthentication. Access control: Restrict access to content based on users and groups once a user is identified. ## Users and groups Access control is based on the familiar concept of users and groups. Users are defined by their WikiNames. They can then be organized in unlimited combinations by inclusion in one or more user Groups. Groups can also be included in other Groups. ### Managing Users In standard Foswiki a user can create an account in UserRegistration. The following actions are performed: • WikiName, encrypted password and email address are recorded using the password manager if authentication is enabled. • A confirmation e-mail is sent to the user. • A user home page with the WikiName of the user is created in the Main web. • The user is added to the Main.WikiUsers topic. • Optionally the user is added to one or more groups. The default visitor name is Main.WikiGuest. This is the non-authenticated user. By default the non-authenticated user is not permitted to edit topics. If you require anonymous editing, see UserAuthentication#IndividualScripts. Your local Foswiki may have an alternate user mapping manager installed which doesn't support user registration. Check with your Wiki administrator if you are in doubt. ### Managing Groups The following describes the standard Foswiki support for groups. Your local Foswiki may have an alternate group mapping manager installed. Check with your Wiki administrator if you are in doubt. Groups are defined by group topics located in the Main web. To create a new group, visit Main.WikiGroups. You will find a "Create a new group" link at the top which reveals a form to create a new group. Enter the name of the new group ending in Group into the "Group Name" form field and the initial members in the "Members" field. This creates a new group topic. By default any member of a group has access rights to both adding and removing users from the group through the nice user interface. If you need to limit this access further, change the ALLOWTOPICCHANGE setting through "More Topic Action" -> "Edit topic preference settings". The ALLOWTOPICCHANGE setting defines who is allowed to change the group topic; it is a comma delimited list of users and groups. You typically want to restrict that to the members of the group itself, so it should contain the name of the topic. This prevents users not in the group from editing the topic to give themselves or others access. For example, for the KasabianGroup topic write: • Set ALLOWTOPICCHANGE = Main.KasabianGroup • Caution This is set in the "Topic Settings" and not inline in the topic text! Foswiki has strict formatting rules. Make sure you have three spaces, an asterisk, and an extra space in front of any access control rule. See below for more information about ALLOWTOPICCHANGE. Background: A group topic is an empty topic with 3 hidden preference settings. • GROUP: Comma separated list of users and/or groups • ALLOWTOPICCHANGE: Comma separated list of users and groups that are allowed to add and remove users from the group • VIEW_TEMPLATE: Always set to the value GroupView. This alters the way the topic is presented to include a nice user interface for adding and removing users. Foswiki 1.1 introduced the smart user interface for adding and removing members of a group. Group topics from prior versions of Foswiki will still work. These have the GROUP setting visible in the topic text itself and you edit it by editing the topic. Foswiki 1.1 Main.WikiGroups will show these old group topics with an "Upgrade Group Topic button". The administrator can upgrade an old group topic to the nice new user interface with one easy click. ### The Super Admin Group A number of Foswiki functions (for example, renaming webs) are only available to administrators. Administrators are simply users who belong to the SuperAdminGroup. This is a standard user group, the name of which is defined by {SuperAdminGroup} setting in configure. The default name of this group is the AdminGroup. The system administrator may have chosen a different name for this group if your local Foswiki uses an alternate group mapping manager, but for simplicity we will use the default name AdminGroup in the rest of this topic. You can create new administrators simply by adding them to the Main.AdminGroup topic. For example, • Set GROUP = Main.ElizabethWindsor, Main.TonyBlair A member of the Super Admin Group has unrestricted access throughout the wiki, so only trusted staff should be added to this group. ## Restricting Access Access to webs and topics is controlled by setting the values of certain preferences. These names of these preferences have the general form: permission context mode Where permission is ALLOW or DENY, _context is TOPIC, WEB, or ROOT, and mode is VIEW, CHANGE, or RENAME. For example, the preference ALLOWWEBCHANGE lists who is allowed to change topics in the current web. • Restricting VIEW blocks viewing and searching of content. When you restric VIEW to a topic or web, this also restricts INCLUDE and Formatted SEARCH from showing the content of the topics. • Restricting CHANGE blocks creating new topics, changing topics or attaching files. • Restricting RENAME prevents renaming of topics within a web. There is an important distinction between CHANGE access and RENAME access. A user can CHANGE a topic, but thanks to version control their changes cannot be lost (the history of the topic before the change is recorded). However if a topic or web is renamed, that history may be lost. Typically a site will only give RENAME access to administrators and content owners. Note that ALLOWWEBxxx and DENYWEBxxx preferences can only be set in WebPreferences topics. You cannot define a site level access. Each web must be protected on their own. Subwebs inherit access settings from the parent web. See next section. Note that ALLOWTOPICxxx and DENYTOPICxxx preferences apply only to the topic itself. Be warned that some plugins may not respect access permissions. FINALPREFERENCES affects access controls, allowing you to prevent changes to access control settings while still allowing edit access to topics. ### Controlling access to a Web You can define restrictions on who is allowed to view a Foswiki web. You can restrict access to certain webs to selected users and groups, by: • authenticating all webs and restricting selected webs: Topic access in all webs is authenticated, and selected webs have restricted access. • authenticating and restricting selected webs only: Provide unrestricted viewing access to open webs, with authentication and restriction only on selected webs. • You can define these settings in the WebPreferences topic, preferable towards the end of the topic: • Set DENYWEBVIEW = < comma-delimited list of users and groups > • Set ALLOWWEBVIEW = < comma-delimited list of users and groups > • Set DENYWEBCHANGE = < comma-delimited list of users and groups > • Set ALLOWWEBCHANGE = < comma-delimited list of users and groups > • Set DENYWEBRENAME = < comma-delimited list of users and groups > • Set ALLOWWEBRENAME = < comma-delimited list of users and groups > If your site allows hierarchical webs, then access to sub-webs is determined from the access controls of the parent web, plus the access controls in the sub-web. So, if the parent web has ALLOWWEBVIEW set, this will also apply to the subweb. Also note that you will need to ensure that the parent web's FINALPREFERENCES does not include the access control settings listed above. Otherwise you will not be able override the parent web's access control settings in sub-webs. Creation and renaming of sub-webs is controlled by the WEBCHANGE setting on the parent web (or ROOTCHANGE for root webs). Renaming is additionally restricted by the setting of WEBRENAME in the web itself. ### Controlling access to a topic • You can define these settings in any topic, preferable towards the end of the topic: • Set DENYTOPICVIEW = < comma-delimited list of users and groups > • Set ALLOWTOPICVIEW = < comma-delimited list of users and groups > • Set DENYTOPICCHANGE = < comma-delimited list of users and groups > • Set ALLOWTOPICCHANGE = < comma-delimited list of users and groups > • Set DENYTOPICRENAME = < comma-delimited list of users and groups > • Set ALLOWTOPICRENAME = < comma-delimited list of users and groups > Caution! Settings are always taken from the latest (current) revision of a topic. If older revisions of a topic had more restrictive access controls, they will not be used when accessing the older revision. Remember when opening up access to specific topics within a restricted web that other topics in the web - for example, the WebLeftBar - may also be accessed when viewing the topics. The message you get when you are denied access should tell you what topic you were not permitted to access. Be careful with empty values for any of these. • Set ALLOWTOPICVIEW =  This means the same as not setting it at all. (This was documented wrong in versions 4.0.X, 4.1.0 and 4.1.1) • Set DENYTOPICVIEW =  This means do not deny anyone the right to view this topic. If DENYTOPICVIEW is set to an empty value anyone has access even if ALLOWTOPICVIEW or ALLOWWEBVIEW is defined. This allows you to have very restrictive default access rights to an entire web and still allow individual topics to have more open access. The same rules apply to ALLOWTOPICCHANGE/DENYTOPICCHANGE and APPLYTOPICRENAME/DENYTOPICRENAME. Setting ALLOWTOPICCHANGE or ALLOWTOPICRENAME to en empty value means the same as not defining it. Setting DENYTOPICCHANGE or DENYTOPICRENAME to an empty value means that anyone can edit or rename the topic. If the same setting is defined multiple times the last one overrides the previous. They are not OR'ed together. Setting to an empty value has caused confusion and great debate and it has been decided that the empty setting syntax will be replaced by something which is easier to understand in a later version of Foswiki. A method to upgrade will be provided. Please read the release notes carefully when you upgrade. See "How Foswiki evaluates ALLOW/DENY settings" below for more on how ALLOW and DENY interacts. ### Controlling access to attachments Attachments are referred to directly, and are not normally indirected via Foswiki scripts. This means that the above instructions for access control will not apply to attachments. It is possible that someone may inadvertently publicise a URL that they expected to be access-controlled. The easiest way to apply the same access control rules for attachments as apply to topics is to use the Apache mod_rewrite module, and configure your webserver to redirect accesses to attachments to the Foswiki viewfile script. For example,  ScriptAlias /foswiki/bin/ /filesystem/path/to/bin/ Alias /foswiki/pub/ /filesystem/path/to/pub/ RewriteEngine on RewriteCond %{REQUEST_URI} !^/+foswiki/+pub/+System/+.+ RewriteRule ^/+foswiki/+pub/+([^/]+)((/+([^/]+))+)/+(.+) /foswiki/bin/viewfile/$1/$2?filename=$5 [L,PT]


That way all the controls that apply to the topic also apply to attachments to the topic. Other types of webserver have similar support.

Images embedded in topics will load much slower since each image will be delivered by the viewfile script.

### Controlling who can manage top-level webs

Top level webs are a special case, because they don't have a parent web with a WebPreferences. So there has to be a special control just for the root level.
• You can define these settings in the Main.SitePreferences topic, preferably towards the end of the topic:
• Set DENYROOTCHANGE = < comma-delimited list of users and groups >
• Set ALLOWROOTCHANGE = < comma-delimited list of users and groups >
Note that you do not require ROOTCHANGE access to rename an existing top-level web. You just need WEBCHANGE in the web itself.

### How Foswiki evaluates ALLOW/DENY settings

When deciding whether to grant access, Foswiki evaluates the following rules in order (read from the top of the list; if the logic arrives at PERMITTED or DENIED that applies immediately and no more rules are applied). You need to read the rules bearing in mind that VIEW, CHANGE and RENAME access may be granted/denied separately.

Settings are only read from the most current (latest) revision of a topic. Settings from older revisions are never used, even when viewing an older revision with the rdiff script

1. If the user is an administrator
• access is PERMITTED.
2. If DENYTOPIC is set to a list of wikinames
• people in the list will be DENIED.
3. If DENYTOPIC is set to empty ( i.e. Set DENYTOPIC = )
• access is PERMITTED i.e no-one is denied access to this topic.
Attention: Use this with caution. This is deprecated and will likely change in the next release.
4. If ALLOWTOPIC is set
1. people in the list are PERMITTED
2. everyone else is DENIED
5. If DENYWEB is set to a list of wikinames
• people in the list are DENIED access
6. If ALLOWWEB is set to a list of wikinames
• people in the list will be PERMITTED
• everyone else will be DENIED
7. If you got this far, access is PERMITTED

## Access control and INCLUDE

ALLOWTOPICVIEW and ALLOWTOPICCHANGE only applies to the topic in which the settings are defined. If a topic A includes another topic B, topic A does not inherit the access rights of the included topic B.

Examples: Topic A includes topic B

• If the included topic B has ALLOWTOPICCHANGE set to block editing for a user, it does not prevent editing the including topic A.
• If the included topic B has ALLOWTOPICVIEW set to block view for a user, the user can still view topic A but he cannot see the included topic B. He will see a message No permission to view B

## Access control quick recipes

### Obfuscating webs

Another way of hiding webs is by setting the NOSEARCHALL setting in WebPreferences. It does the following:
• Prevents the all webs search option from accessing the web
• Hides the web from the %WEBLIST% macro.
   * Set NOSEARCHALL = on


This setup can be useful to hide a new web until content its ready for deployment, or reduce clutter in the WebLeftBar and default search results when restricted access is not desired.

Setting NOSEARCHALL to any value other than the empty string will hide a web. Setting NOSEARCHALL = off will have the same effect as setting it to on

Obfuscating a web without setting view access control is very insecure, as anyone who knows the URL can access the web, and explicit searches naming that web will also work. For security purposes it is better to use the ALLOW or DENY VIEW settings in the WebPreferences topic. %SEARCH% and %WEBLIST% will not show any results for webs that the current user does not have permission to view.

For a firewalled Foswiki, e.g. an intranet wiki or extranet wiki, you want to allow only invited people to access your Foswiki.
With this configuration, someone with access to the site needs to register new users. ResetPassword will also have to be done by administrators.

• lock down access to the whole bin and pub directories to all but valid users. In the Apache .htaccess file or the appropriate .conf file, replace the <FilesMatch "(attach|edit|... section with this:

<FilesMatch ".*">
require valid-user
</FilesMatch>


If needed, you can further restrict access to selected webs with ALLOWWEBVIEW and other access control settings.

• Add all scripts in the foswiki/bin directory (except for login, logon and configure) to the list of {AuthScripts} in configure. For a default Foswiki installation:

• Default (open) site:
{AuthScripts} = 'attach,compareauth,edit,manage,previewauth,rdiffauth,rename,rest,restauth,save,statistics,upload,viewauth,viewfileauth';

• Restricted (closed) site:
{AuthScripts} = 'attach,changes,compare,compareauth,edit,manage,oops,preview,previewauth,rdiff,rdiffauth,register,rename,resetpasswd,rest,restauth,save,search,statistics,upload,view,viewauth,viewfile,viewfileauth


If you install extensions that add scripts, you must also remember to add the new scripts to this list or the new scripts will not be protected.

### Authenticate all webs and restrict selected webs

Use the following setup to authenticate users for topic viewing in all webs and to restrict access to selected webs. Requires UserAuthentication to be enabled.

1. The simple way is to add this to WebPreferences in all webs.
• Set DENYWEBVIEW = WikiGuest
2. Restrict view access to selected users and groups. Set one or both of these settings in its WebPreferences topic:
• Set ALLOWWEBVIEW = < list of users and groups >
• Note: DENYWEBVIEW is evaluated before ALLOWWEBVIEW. Access is denied if the authenticated person is in the DENYWEBVIEW list, or not in the ALLOWWEBVIEW list. Access is granted if DENYWEBVIEW and ALLOWWEBVIEW are not defined.

In rare cases it may be required to authenticate the view script. This can in some cases have a dramatic performance hit because the webserver must re-authenticate for every page view.

1. Set require valid-user on your view script in .htaccess or the appropriate Apache .conf file. This looks like: FilesMatch "(attach|edit|manage|rename|save|view|upload|mail|logon|.*auth).*" (normally view is not in that list).

### Authenticate and restrict selected webs only

Use the following setup to provide unrestricted viewing access to open webs, with authentication only on selected webs. Requires UserAuthentication to be enabled.

1. Restrict view access to selected users and groups. Set one or both of these settings in its WebPreferences topic:
• Set DENYWEBVIEW = < list of users and groups >
• Set ALLOWWEBVIEW = < list of users and groups >
• Note: DENYWEBVIEW is evaluated before ALLOWWEBVIEW. Access is denied if the authenticated person is in the DENYWEBVIEW list, or not in the ALLOWWEBVIEW list. Access is granted if DENYWEBVIEW and ALLOWWEBVIEW are not defined.

### Show control settings

You can list the access controls affecting a topic using the %SHOWPREFERENCE{}% macro in the topic, thus:
%SHOWPREFERENCE{"DENYWEBVIEW,ALLOWWEBVIEW,DENYWEBCHANGE,ALLOWWEBCHANGE,DENYWEBRENAME,ALLOWWEBRENAME"}%

For this topic, this displays:
• Set DENYWEBVIEW = ""
• Set ALLOWWEBVIEW = ""
• Set DENYWEBCHANGE = ""
• ALLOWWEBCHANGE was defined in System.WebPreferences
• Set DENYWEBRENAME = ""
• ALLOWWEBRENAME was defined in System.WebPreferences

### Hide control settings

To hide access control settings from normal browser viewing, you can put them into the topic preference settings by clicking the link Edit topic preference settings under More topic actions menu. Preferences set in this manner are not visible in the topic text, but take effect nevertheless. Access control settings added as topic preference settings are stored in the topic meta data and they override settings defined in the topic text.

Alternatively, place them in HTML comment markers, but this exposes the access setting during ordinary editing.

<!--
* Set DENYTOPICCHANGE = Main.SomeGroup
-->


# Text Formatting

Working in Foswiki is as easy as typing in text. You don't need to know HTML, though you can use it if you prefer. Links to topics are created automatically when you enter WikiWords. And Foswiki shorthand gives you all the power of HTML with a simple coding system that takes no time to learn. It's all laid out below.

## Editing Shorthand

Formatting Command: You write: You get:
Paragraphs:
Blank lines will create new paragraphs.
1st paragraph

2nd paragraph


1st paragraph

2nd paragraph
Three or more dashes at the beginning of a line, followed by plus signs and the heading text. One plus creates a top level heading, two pluses a second level heading, etc. The maximum heading depth is 6.

You can create a table of contents with the %TOC% macro. If you want to exclude a heading from the TOC, put !! after the ---+.

---++ Sushi
---+++ Maguro
---+++!! Not in TOC


## Sushi

### Not in TOC

Bold Text:
Words get shown in bold by enclosing them in * asterisks.
*Bold*


Bold
Italic Text:
Words get shown in italic by enclosing them in _ underscores.
_Italic_


Italic
Bold Italic:
Words get shown in bold italic by enclosing them in __ double-underscores.
__Bold italic__


Bold italic
Fixed Font:
Words get shown in fixed font by enclosing them in = equal signs.
=Fixed font=


Fixed font

Bold Fixed Font:
Words get shown in bold fixed font by enclosing them in double equal signs.
==Bold fixed==


Bold fixed
You can follow the closing bold, italic, or other (* _ __ = ==) indicator with normal punctuation, such as commas and full stops.

Make sure there is no space between the text and the indicators.
_This works_,
_this does not _


This works,
_this does not _
Verbatim (Literal) Text:
Surround code excerpts and other formatted text with <verbatim> and </verbatim> tags.

verbatim tags disable HTML code. Use <pre> and </pre> tags instead if you want the HTML code within the tags to be interpreted.

Preferences settings (* Set NAME = value) are set within verbatim tags.
<verbatim>
class CatAnimal {
void purr() {
<code here>
}
}
</verbatim>

class CatAnimal {
void purr() {
<code here>
}
}

Verbatim (Literal) Code Highlighting:
Surround code excerpts and other formatted text e.g. with <verbatim class="bash"> and </verbatim> tags.

This type of code highlighting is based on Chili - the jQuery code highlighter plugin. Please find supported class attributes in System.JQueryChili.

verbatim tags disable HTML code. Use <pre class="bash"> and </pre> tags instead if you want the HTML code within the tags to be interpreted.

Preferences settings (* Set NAME = value) are set within verbatim tags.
<verbatim class="bash">
#!/bin/bash
while [ -n "$(ls . ~/ \ ~/pub* /var/www 2>/dev/null \ | fgrep foswiki )" ] ; do clear printf "\nFoswiki rules!\n" sleep 10 clear printf "\nFoswiki still rules!\n" sleep 10 done; exit 0 </verbatim>  #!/bin/bash while [ -n "$(ls . ~/ \
~/pub* /var/www 2>/dev/null \
| fgrep foswiki )" ] ; do
clear
printf "\nFoswiki rules!\n"
sleep 10
clear
printf "\nFoswiki still rules!\n"
sleep 10
done; exit 0


Separator (Horizontal Rule):
Three or more three dashes at the beginning of a line..
-------


Bulleted List:
Multiple of three spaces, an asterisk, and another space.

For all the list types, you can break a list item over several lines by indenting lines after the first one by at least 3 spaces.
   * level 1
* level 2
* back on 1
* A bullet
broken over
three lines
* last bullet


• level 1
• level 2
• back on 1
• A bullet broken over three lines
• last bullet
Numbered List:
Multiple of three spaces, a type character, a dot, and another space. Several types are available besides a number:
Type Generated Style Sample Sequence
1. Arabic numerals 1, 2, 3, 4...
A. Uppercase letters A, B, C, D...
a. Lowercase letters a, b, c, d...
I. Uppercase Roman Numerals I, II, III, IV...
i. Lowercase Roman Numerals i, ii, iii, iv...
   1. Sushi
1. Dim Sum
1. Fondue

A. Sushi
A. Dim Sum
A. Fondue

i. Sushi
i. Dim Sum
i. Fondue


1. Sushi
2. Dim Sum
3. Fondue

1. Sushi
2. Dim Sum
3. Fondue

1. Sushi
2. Dim Sum
3. Fondue
Definition List:
Three spaces, a dollar sign, the term, a colon, a space, followed by the definition.
   $Sushi: Japan$ Dim Sum: S.F.


Sushi
Japan
Dim Sum
S.F.
Table:
Each row of the table is a line containing of one or more cells. Each cell starts and ends with a vertical bar '|'. Any spaces at the beginning of a line are ignored.
• | *bold* | header cell with text in asterisks
• |   center-aligned   | cell with at least two, and equal number of spaces on either side
• |      right-aligned | cell with more spaces on the left
• | 2 colspan || and multi-span columns with multiple |'s right next to each other
• |^| cell with caret indicating follow-up row of multi-span rows
• You can split rows over multiple lines by putting a backslash '\' at the end of each line
• Contents of table cells wrap automatically as determined by the browser
• Use %VBAR% or &#124; to add | characters in tables.
• Use %CARET% or &#94; to add ^ characters in tables.
The System.TablePlugin provides the |^| multiple-span row functionality and additional rendering features
| *L* | *C* | *R* |
| A2 |  B2  |  C2 |
| A3 |  B3  |  C3 |
| multi span |||
| A5-7 |  5  |  5 |
|^| six | six |
|^| seven | seven |
| split\
| over\
| 3 lines |
| A9 |  B9  |  C9 |


L C R
A2 B2 C2
A3 B3 C3
multi span
A5-7 5 5
six six
seven seven
split over 3 lines
A9 B9 C9
CapitalizedWordsStuckTogether (or WikiWords) will produce a link automatically if preceded by whitespace or parenthesis.
If you want to link to a topic in a different web write Otherweb.TopicName.
To link to a topic in a subweb write Otherweb.Subweb.TopicName.
The link label excludes the name of the web, e.g. only the topic name is shown. As an exception, the name of the web is shown for the WebHome topic.
Dots '.' are used to separate webs and subwebs from topic names and therefore cannot be used in topic names.

It's generally a good idea to use the macros %SYSTEMWEB%, %SANDBOXWEB% and %USERSWEB% instead of System, %SANDBOXWEB% and Main.
WebStatistics

%SANDBOXWEB%.WebNotify

%SANDBOXWEB%.WebHome

%SANDBOXWEB%.Subweb.TopicName


WebStatistics

%SANDBOXWEB%.WebNotify

%SANDBOXWEB%.WebHome

TopicName
Words that are all capitals will produce a link automatically only if the topic aready exists!.
ACRONYM

System.ACRONYM


ACRONYM

System.ACRONYM
Anchors:
You can define a reference inside a topic (called an anchor name) and link to that. To define an anchor write #AnchorName at the beginning of a line. The anchor name must be a WikiWord of no more than 32 characters. To link to an anchor name use the [[MyTopic#MyAnchor]] syntax. You can omit the topic name if you want to link within the same topic.
[[WikiWord#NotThere]]

[[#MyAnchor][Jump]]

#MyAnchor To here


WikiWord#NotThere

Jump

To here
You can create a forced internal link by enclosing words in double square brackets.
Text within the brackets may contain optional spaces; the topic name is formed by capitalizing the initial letter and by removing the spaces; for example, [[wiki syntax]] links to topic WikiSyntax. You can also refer to a different web and use anchors.
To "escape" double square brackets that would otherwise make a link, prefix the leading left square bracket with an exclamation point.
[[wiki syntax]]

[[%SANDBOXWEB%.My unspaced topic]]

escaped:
![[wiki syntax]]


wiki syntax

Main.Wiki groups

escaped: [[wiki syntax]]
You can create a link where you specify the link text and the URL separately using nested square brackets [[reference][text]]. Internal link references (e.g. WikiSyntax) and URLs (e.g. http://foswiki.org/) are both supported. The rules described under Forced Links apply for internal link references.
Anchor names can be added as well, to create a link to a specific place in a topic.
[[WikiSyntax][wiki syntax]]

[[http://gnu.org][GNU]]


wiki syntax

GNU
Prevent a WikiWord from being linked by prepending it with an exclamation point.
!SunOS

SunOS
You can disable automatic linking of WikiWords by surrounding text with <noautolink> and </noautolink> tags.
It is possible to turn off all auto-linking with a NOAUTOLINK preferences setting.
 <noautolink>
RedHat & SuSE


RedHat & SuSE
E-mail addresses are linked automatically. To create e-mail links that have more descriptive link text, specify subject lines or message bodies, or omit the e-mail address, you can write [[mailto:user@domain][descriptive text]].
a@b.com

[[mailto:a@b.com]\
[Mail]]

[[mailto:?subject=\
Hi][Hi]]


a@b.com

Mail

Hi
Literal content:
Foswiki generates HTML code from TML shorthand. Experts surround anything that must be output literally in the HTML code, without the application of shorthand rules, with <literal>..</literal> tags. any HTML within literal tags must be well formed i.e. all tags must be properly closed before the end of the literal block. Macros are expanded within literal blocks.
<literal>
| Not | A | Table |
</literal>

| Not | A | Table |
Protected content:
Experts protect text from mangling by WYSIWYG editors using <sticky>..</sticky> tags. Sticky tags don't have any effect on normal topic display; they are only relevant when content has to be protected from a WYSIWYG editor (usually because it isn't well-formed HTML, or because it is HTML that WYSIWYG would normally filter out or modify). Protected content appears as plain text in the WYSIWYG editor.
<sticky>
<div>
This div is required
</div>
</sticky>


This div is required

## Using HTML

You can use most HTML tags in topics without a problem. This is useful where you want to add some content that is formatted in a way that is not supported using wiki syntax, for example, you can write <strike>deleted text</strike> to get deleted text.

There are a few usability and technical considerations to keep in mind:
• On collaboration pages, it's better not to use HTML, but to use wiki syntax instead - this keeps the text uncluttered and easy to edit using the plaintext editor.
• If you must use HTML, use XHTML 1.0 Transitional syntax.
• Use <literal>..</literal> tags around blocks of HTML to avoid accidental interpretation of Wiki syntax within the HTML.
Script tags may be filtered out, at the discretion of your Wiki administrator.

Recommendations when pasting HTML from other sources (using the plain-text editor):
• Copy only text between <body> and </body> tags.
• Remove all empty lines. Foswiki inserts <p /> paragraph tags on empty lines, which causes problems if done between HTML tags that do not allow paragraph tags, like for example between table tags.
• Remove leading spaces. Foswiki might interpret some text as lists.
• Do not span a tag over more than one line. Foswiki requires that the opening and closing angle brackets - <...> - of a HTML tag are on the same line, or the tag will be broken.
• In your HTML editing program, save without hard line breaks on text wrap.

When using a WYSIWYG editor, you can just copy-paste directly into the editor, and the content will be converted to wiki syntax automatically when you save.

Being able to create links without any special formatting is a core Foswiki feature, made possible with WikiWords, Acronyms, and inline URLs.

• GoodStyle is a WikiWord that links to the GoodStyle topic located in the current web.

• NotExistingYet is a topic waiting to be written. Create the topic by clicking on the ?. (Try clicking, but then, Cancel - creating the topic would wreck this example!)

• ACRONYM links to a topic name consisting of only upper-case letters. Acronyms are linked only if the target topic actually exists.

• Protocols matching the configuration parameter LinkProtocolPattern, which by default is set to (file|ftp|gopher|https|http|irc|mailto|news|nntp|telnet), are linked automatically. You might change this setting to add more protocols (such as smb).
LinkProtocolPattern is an expert setting in the Foswiki configuration and can only be changed by a systems administrator.
Thus, all lines containing:
• file://...
• ftp://...
• gopher://...
• https://...
• http://...
• irc://...
• mailto:...@...
• news://...
• nntp://...
• telnet://... are linked automatically.
• E-mail addresses like name@domain.com are linked automatically.
• [[Square bracket rules]] let you easily create non-WikiWord links.
• You can also write [[http://yahoo.com Yahoo home page]] as an easier way of doing external links with descriptive text for the link, such as Yahoo home page.

## Macros

Macros are names enclosed in percent signs that are that are expanded to some other text when the topic is displayed. For example, %TOPIC% is expanded to TextFormattingRules, the title of this topic.

Some macros can take arguments in curly braces - for example, %INCLUDE{"OtherTopic" ARG="arg"}%.

Many macro definitions are built-in, and others (preference settings) are predefined for your convenience. You can also define your own preference settings at the entire site, individual web, or individual topic level. For more information, see Macros

Macros are fully expanded before any of the text formatting rules are applied.

## Plugin Formatting Extensions

Plugins can extend the functionality of Foswiki into many other areas. There are a huge number of plugins available from the foswiki site.

Currently enabled plugins on this installation, as listed by %PLUGINDESCRIPTIONS%:
• System.SpreadSheetPlugin (1.1.6, $Rev: 13988 (2012-02-15)$): Add spreadsheet calculations like "$SUM($ABOVE())" to Foswiki tables and other topic text
• System.AutoCompletionLibPlugin (0.6, $Rev: 3117 (2009-03-15)$): Providing librarys and functionalitys to use easy javascript autocompletion for the user interface
• System.AutoViewTemplatePlugin (10 Apr 2011, $Rev: 11364 (2011-04-10)$): Automatically sets VIEW_TEMPLATE and EDIT_TEMPLATE
• System.BatchUploadPlugin (1.3, $Rev: 11345 (2011-04-08)$): Attach multiple files at once by uploading a zip archive
• System.BreadCrumbsPlugin (2.43, $Rev: 14082 (2012-02-24)$): A flexible way to display breadcrumbs navigation
• System.CommentPlugin (1.1.5, $Rev: 14572 (2012-04-06)$): Quickly post comments to a page without an edit/save cycle
• System.CompareRevisionsAddonPlugin (1.1.6, $Rev: 14572 (2012-04-06)$):
• System.EditTablePlugin (4.42, $Rev: 14572 (2012-04-06)$): Edit tables using edit fields, date pickers and drop down boxes
• System.FilterPlugin (2.08, $Rev: 13591 (2012-01-10)$): Substitute and extract information from content by using regular expressions
• System.FlexWebListPlugin (1.61, $Rev: 13583 (2012-01-10)$): Flexible way to display hierarchical weblists
• System.HistoryPlugin (1.10, $Rev: 13288 (2011-12-03)$): Shows a complete history of a topic
• System.IfDefinedPlugin (2.01, $Rev: 12392 (2011-08-26)$): Render content conditionally
• System.ImageGalleryPlugin (6.00, $Rev: 11854 (2011-06-06)$): Displays image gallery with auto-generated thumbnails from attachments
• System.ImagePlugin (2.41, $Rev: 13571 (2012-01-09)$):
• System.InterwikiPlugin (1.1.2, $Rev: 12957 (2011-10-31)$): Link ExternalSite:Page text to external sites based on aliases defined in a rules topic
• System.JQueryCompatibilityModePlugin (1.5, $Rev: 3114 (2009-03-15)$): Just the same as JqueryPlugin but using the compatibilty mode to provide use with other frameworks
• System.JQueryPlugin (4.33, $Rev: 14572 (2012-04-06)$): jQuery JavaScript library for Foswiki
• LightboxPlugin: (disabled)
• System.MailerContribPlugin (9 Jul 2010, $Rev: 13315 (2011-12-06)$): Supports e-mail notification of changes
• System.NatEditPlugin (6.03, $Rev: 14035 (2012-02-20)$): A Wikiwyg Editor
• System.NatSkinPlugin (3.96, $Rev: 6287 (2010-02-12)$): Theming engine for NatSkin
• System.PreferencesPlugin (1.1.3, $Rev: 14572 (2012-04-06)$): Allows editing of preferences using fields predefined in a form
• System.RenderListPlugin (2.2.6, $Rev: 14143 (2012-02-29)$): Render bullet lists in a variety of formats
• System.RenderPlugin (3.1, $Rev: 13580 (2012-01-10)$): Render WikiApplications asynchronously
• System.SetVariablePlugin (2.20, $Rev: 4287 (2009-06-23)$): Flexible handling of topic variables
• System.SlideShowPlugin (2.1.5, $Rev: 14572 (2012-04-06)$): Create web based presentations based on topics with headings
• System.SmiliesPlugin (05 Dec 2011, $Rev: 13315 (2011-12-06)$): Render smilies like as icons
• System.TablePlugin (1.140, $Rev: 14090 (2012-02-25)$): Control attributes of tables and sorting of table columns
• System.TinyMCEPlugin (1.2.6, $Rev: 14444 (2012-03-23)$): Integration of the Tiny MCE WYSIWYG Editor
• System.TwistyPlugin (1.6.15, $Rev: 13315 (2011-12-06)$): Twisty section Javascript library to open/close content dynamically
• System.UploadPlugin (1.11, $Rev: 4414 (2009-07-03)$): Attach multiple files to a topic in one go
• System.WysiwygPlugin (1.1.5, $Rev: 14548 (2012-04-04)$): Translator framework for WYSIWYG editors

Check on current Plugin status and settings for this site in System.Plugins.

## Common Editing Errors

Foswiki formatting rules are fairly simple to use and quick to type. However, there are some things to watch out for:

• Q: Text enclosed in angle brackets like <filename> is not displayed. How can I show it as it is?
• A: The '<' and '>' characters have a special meaning in HTML, they define HTML tags. You need to escape them, so write '&lt;' instead of '<', and '&gt;' instead of '>'.
Example: Type 'prog &lt;filename&gt;' to get 'prog <filename>'.

• Q: Why is the '&' character sometimes not displayed?
• A: The '&' character has a special meaning in HTML, it starts a so called character entity, i.e. '&copy;' is the © copyright character. You need to escape '&' to see it as it is, so write '&amp;' instead of '&'.
Example: Type 'This &amp; that' to get 'This & that'.

# Macros

Special text strings expand on the fly to display user data or system info

Macros are text strings in one of two forms:

%MACRONAME%
%MACRONAME{ parameter="value" }%


These usually expand into content when a topic is rendered for viewing. There are two types of macros:
1. Preference settings: May be defined and modified by the user
2. Registered macros: Defined by the system or by Plugins (for example, the SpreadSheetPlugin introduces a %CALC{}% macro)

## Using Macros

To use a macro type its name. For example,
• type %T% to get (a preference settings)
• type %TOPIC% to get Macros (a predefined macro)
• type %CALC{ "$UPPER(Text)" }% to get TEXT (CALC is a macro defined by SpreadSheetPlugin) Note: • To leave a macro unexpanded, precede it with an exclamation point, e.g. type !%TOPIC% to get %TOPIC% • Alternatively, insert a <nop> anywhere in the macro, Eg. %<nop>TOPIC% • Macros are expanded relative to the topic they are used in, not the topic they are defined in • Type %ALLVARIABLES% to get a full listing of all macros defined for a particular topic • If a macro is not defined, then it will be left in the text unless it is called with a default parameter, in which case the value of the default parameter will replace the macro call in the output. For example, %UNDEFINED{default="blank"}% will expand to blank. ### Order of expansion The following describes only these types of macros: #### Standard form The key to understanding nested expressions in Foswiki is to understand that macros are expanded "inside-out, left-to-right". Example: %MACRO1{ something="%MACRO2{ somethingelse="%MACRO3%, %MACRO4%" }%" }%  The macros are expanded in this order: MACRO3, MACRO4, MACRO2, MACRO1. ##### Animated Example Error: no such plugin CHILI %INCLUDE{ "%QUERY{ "'%THETOPIC%'/%THEFIELD%" }%" section="Summary" }% * Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki * Set THEFIELD = TopicClassification  %INCLUDE{ "%QUERY{ "'%SYSTEMWEB%.FAQWhatIsWikiWiki'/%THEFIELD%" }%" section="Summary" }% * Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki * Set THEFIELD = TopicClassification  %INCLUDE{ "%QUERY{ "'%SYSTEMWEB%.FAQWhatIsWikiWiki'/TopicClassification" }%" section="Summary" }% * Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki * Set THEFIELD = TopicClassification  %INCLUDE{ "%QUERY{ "'System.FAQWhatIsWikiWiki'/TopicClassification" }%" section="Summary" }% * Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki * Set THEFIELD = TopicClassification  %INCLUDE{ "FrequentlyAskedQuestion" section="Summary" }% * Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki * Set THEFIELD = TopicClassification   These topics are for frequently asked questions including answers. * Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki * Set THEFIELD = TopicClassification   These topics are for frequently asked questions including answers. * Set THETOPIC = System.FAQWhatIsWikiWiki * Set THEFIELD = TopicClassification  #### Delayed form Standard form macros can nearly always be used to build the parameter string of another macro; however, sometimes it is desirable to bypass the inside-out expansion order and delay the inner macro until after the outer macro has finished expansion. This is accomplished by using the$percent format token instead of %, and escaping any " character it uses (becomes \")

When working with a given macro, consult its documentation to determine which parameters support the $percent/$percnt format tokens. Generally only output parameters like header, format and footer support format tokens.
Example:
%MACRO1{
format="$percentMACRO2{ format=\"%MACRO3%, %MACRO4%\" }$percent"
}%

The macros are expanded in this order: MACRO3, MACRO4, MACRO1, MACRO2.
##### Animated Example
From the conditional output example:

Error: no such plugin CHILI
%SEARCH{
"info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31')"
type="query"
limit="2"
nonoise="on"
format="   * $percentICON{ \"$percentIF{
\"'$topic'/parent.name='%PARENT%'\" then=\"info\" else=\"gear\" }$percent\"
}$percent [[$topic]]"
}%
----
* Set PARENT = UserDocumentationCategory

%SEARCH{
"info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31')"
type="query"
limit="2"
nonoise="on"
format="   * $percentICON{ \"$percentIF{
\"'$topic'/parent.name='UserDocumentationCategory'\" then=\"info\" else=\"gear\" }$percent\"
}$percent [[$topic]]"
}%
----
* Set PARENT = UserDocumentationCategory

   * %ICON{
"%IF{
"'AccessKeys'/parent.name='UserDocumentationCategory'"
then="info" else="gear"
}%"
}% [[AccessKeys]]
* %ICON{
"%IF{
then="info" else="gear"
}%"
----
* Set PARENT = UserDocumentationCategory

   * %ICON{
"info"
}% [[AccessKeys]]
* %ICON{
"gear"
----
* Set PARENT = UserDocumentationCategory

   * <img src="http://verahavlova.cz/pub/System/DocumentGraphics/info.png"/> [[AccessKeys]]
----
* Set PARENT = UserDocumentationCategory


## Macro Names

Macro names must start with a letter. The following characters can be letters, numbers and the underscore '_'. Letters may be upper or lower-case, E.g. %MYVAR%, %MyVar%, %My2ndVar%, and %My_Var% are all separate, valid macro names (macros are case sensitive - %MyVAR% and %MYVAR% are not the same).

By convention all settings, predefined macros and macros registered by plugins are always UPPER-CASE.

## Preference Settings

A preference setting lets you define a simple macro that will be expanded in your output. A preference setting looks like this:

[multiple of 3 spaces] * [space] Set [space] MACRONAME [space] = [space] value

Example:

   * Set WEBBGCOLOR = #FFFFC0
Macros defined using preference settings are expanded by enclosing their name in percent signs. So when you write %WEBBGCOLOR%, it gets expanded to #FFD8AA

A preference macro is always taken from the most current topic revision, even when accessing previous revisions of a topic.

Preferences can be defined in a number of places:
1. System.DefaultPreferences (Foswiki upgrades overwrite this topic)
2. Main.SitePreferences
3. Sub-webs inherit the WebPreferences of their parent
4. WebPreferences
5. In user topics, if the user has one (yours is Main.WikiGuest)
6. In (some) plugin documentation topics
7. In the topic being accessed
Set statements which occur at higher-numbered locations override macros of the same name defined at lower numbered levels, unless the macro was listed in a FINALPREFERENCES setting (finalised) at a lower-numbered level. In this case, the macro is locked to the value at that level; Set statements at higher-numbered levels are ignored.

Preference settings can easily be disabled with a # sign. Example:
   * #Set DENYWEBCHANGE = %USERSWEB%.UnknownUser
You can hide preference settings in the output by enclosing them in HTML comments; for example,
<!--
* Set HIDDEN = This will be invisible in the output
-->


If you are setting a preference and using it in the same topic, note that Foswiki reads all the preference settings from the saved version of the topic before it displays anything. This means you can use a setting anywhere in the topic, even if you set it at the very end. But beware: it also means that if you change the setting of a macro you are using in the same topic, Preview will show the wrong thing, and you must Save the topic to see it correctly.

Also note that Foswiki always reads the setting from the most current topic revision, so viewing older revisions of a topic can show unexpected results.

And especially important, preference settings are never overridden or set in "%INCLUDE{" topics. in the below example about weather conditions, note the difference in the CONDITIONS expansion

Spaces between the = sign and the value will be ignored. You can split a value over several lines by indenting following lines with spaces - as long as you don't try to use * as the first character on the following line.

Example:
   * Set MACRONAME = value starts here
and continues here


Whatever you include in your macro will be expanded on display, exactly as if it had been entered directly (though see Parameters, below).

Example: Create a custom logo macro
• To place a logo anywhere in a web by typing %MYLOGO%, define the preference settings in the web's WebPreferences topic, and upload a logo file, ex: mylogo.gif. You can upload by attaching the file to WebPreferences, or, to avoid clutter, to any other topic in the same web, e.g. LogoTopic. Sample preference setting in WebPreferences:
   * Set MYLOGO = %PUBURL%/%WEB%/LogoTopic/mylogo.gif

You can also set preference settings in a topic by clicking the link Edit topic preference settings under More topic actions. Preferences set in this manner are known as 'meta' preferences and are not visible in the topic text, but take effect nevertheless.

### Parameters

Note that %CONDITIONS% expands differently when this example is viewed in Macros. This is because Set statement are not active in included topics. The including topic's set statements are used.

Macros defined using preference settings can take parameters. These are symbols passed in the call to the macro to define local macros that will be expanded in the output. For example,
   * Set CONDITIONS = According to [[%BASETOPIC%]] the %WHAT% is %STATE% today (Set in ...).

You can call this macro passing in values for WHAT and STATE. For example:
• %CONDITIONS{WHAT="sea" STATE="choppy"}%
• expands to %CONDITIONS{WHAT="sea" STATE="choppy"}%.

#### Parameter defaults

• The special parameter name DEFAULT gets the value of any unnamed parameter in the macro call.
• Parameter macros can accept a default parameter so that they expand to something even when a value isn't passed for them in the call.
Example:
   * Set WEATHER = It's %DEFAULT{default="raining"}%.

• %WEATHER% expands to %WEATHER%
• %WEATHER{"sunny"}% expands to %WEATHER{"sunny"}%
The standard formatting tokens can be used in parameters. They will be expanded immediately when the macro is instantiated.

Note that parameters override all other macros, including system defined macros, in the expansion of the macro where they are used.

### Access Control Settings

These are special types of preference settings to control access to content. AccessControl explains these security settings in detail. Parameters are not available in access control settings.

### Local values for preferences

Certain topics (user, plugin, web, site and default preferences topics) have a problem; macros defined in those topics can have two meanings. For example, consider a user topic. A user may want to use a double-height edit box when they are editing their home topic - but only when editing their home topic. The rest of the time, they want to have a normal edit box. This separation is achieved using Local in place of Set in the macro definition. For example, if the user sets the following in their home topic:
   * Set EDITBOXHEIGHT = 10
* Local EDITBOXHEIGHT = 20

Then, when they are editing any other topic, they will get a 10 high edit box. However, when they are editing their home topic they will get a 20 high edit box. Local can be used wherever a preference needs to take a different value depending on where the current operation is being performed.

Use this powerful feature with great care! %ALLVARIABLES% can be used to get a listing of the values of all macros in their evaluation order, so you can see macro scope if you get confused.

## Predefined Macros

Most predefined macros return values that were either set in the configuration when Foswiki was installed, or taken from server info (such as current username, or date and time). Some, like %SEARCH%, are powerful and general tools.

Predefined macros can be overridden by preference settings (except TOPIC and WEB)

Plugins may extend the set of predefined macros (see individual Plugins topics for details)

Take the time to thoroughly read through ALL preference macros. If you actively configure your site, review macros periodically. They cover a wide range of functions, and it can be easy to miss the one perfect macro for something you have in mind. For example, see %BASETOPIC%, %INCLUDE%, and the mighty %SEARCH%.

Your installation of Foswiki Foswiki-1.1.4, Tue, 20 Dec 2011, build 13483 has the following registered macros:

### ACTIVATEDPLUGINS -- list of currently activated plugins

• Syntax: %ACTIVATEDPLUGINS%
• Expands to: System.SpreadSheetPlugin, System.AutoCompletionLibPlugin, System.AutoViewTemplatePlugin, System.BatchUploadPlugin, System.BreadCrumbsPlugin, System.CommentPlugin, System.CompareRevisionsAddonPlugin, System.EditTablePlugin, System.FilterPlugin, System.FlexWebListPlugin, System.HistoryPlugin, System.IfDefinedPlugin, System.ImageGalleryPlugin, System.ImagePlugin, System.InterwikiPlugin, System.JQueryCompatibilityModePlugin, System.JQueryPlugin, System.MailerContribPlugin, System.NatEditPlugin, System.NatSkinPlugin, System.PreferencesPlugin, System.RenderListPlugin, System.RenderPlugin, System.SetVariablePlugin, System.SlideShowPlugin, System.SmiliesPlugin, System.TablePlugin, System.TinyMCEPlugin, System.TwistyPlugin, System.UploadPlugin, System.WysiwygPlugin
• Related: PLUGINDESCRIPTIONS, FAILEDPLUGINS, PLUGINVERSION

This macro is deprecated. Please use VarADDTOZONE instead. It effecively is a shortcut for %ADDTOZONE{"head" ...}%

%ADDTOZONE{
"zone"
...
}%


Zones are specific places in the output HTML that are marked by calls to the RENDERZONE macro. Zones are used to collect various content together, such as Javascript and CSS, that must be included in the output HTML in a specific order, and in a specific place.

You may create as many zones in addition to the standard head and script zones as you like. Interesting use cases in wiki applications:
• Create a sidebar zone to add widgets,
• Create a toolbar zone to add buttons icons

ADDTOZONE adds content identified with the id parameter to zone, which will later be expanded with RENDERZONE. id identifiers are unique within the zone that they are added to. An ADDTOZONE call may ensure that its content appears after the content of some other ADDTOZONE calls by specifying their ids in the requires parameter. requires may only list ids within the specified zone, except for the special case of head and script zones when {MergeHeadAndScriptZones} is set (read more).

Parameters:
• "zone" optional, comma-separated list of the names of zones that the content should be added to. Defaults to head.
• id optional, identifier for the text being added with the ADDTOZONE call, to be used in the requires parameter of other ADDTOZONE calls.
• Multiple ADDTOZONE calls with the same id parameter will simply overwrite the earlier ADDTOZONE call.
• requires="..." optional, comma separated string of ids of text within this zone that this content should follow when the zone is rendered.
• text="..." optional, text to be added to the named zone, mutually exclusive with topic.
• topic="..." optional, full qualified web.topic name that contains the text to be added, mutually exclusive with text.
• section="..." optional, section of the topic to be added, defaults to the default section between STARTINCLUDE and STOPINCLUDE.
• Using topic and section is actually a short form of
%ADDTOZONE{
"myzone"
text="$percentINCLUDE{\"topic\" section=\"section\" warn=\"off\"}$percent"
}%

Note: Foswiki uses the requires parameter to resolve the ordering of dependencies within a zone. It does not work across zones. If you have an id in requires that cannot be resolved during sorting, then RENDERZONE will generate an HTML comment to mark the problem.

#### How to use the head and script zones

Web browsers generally process the HTML on a page from top to bottom. When a <script> tag is encountered with a URL to some Javascript file, processing of the page will stop while the file is fetched and executed before continuing. When a page makes heavy use of Javascript you can get a "blank screen" effect in the browser while each script is downloaded. To avoid this effect, <script> tags can be moved to the end of the HTML page, so that the user may view the page content while scripts are being loaded.

Foswiki makes this move possible by providing the head and script zones. These are automatic zones - they do not require a corresponding RENDERZONE.
Rendering the script zone at the end of the HTML body requires skin template customisation with %RENDERZONE{"script"}%

Notionally the head and script zones correspond to a point just before the HTML </HEAD> tag. Normally you should add CSS (and other HTML <HEAD> content, such as <META>) to the head zone, and Javascript <script> markup to the script zone. The setting {MergeHeadAndScriptZones} in Configure controls what happens when RENDERZONE is called.

Normally, dependencies between the individual ADDTOZONE statements are resolved within each zone. However, if {MergeHeadAndScriptZones} is enabled, then head content which requires an id that only exists in script (and vice-versa) will be re-ordered to satisfy any dependency.

{MergeHeadAndScriptZones} is provided to maintain compatibility with legacy extensions that use ADDTOHEAD to add <script> markup and require content that is now in the script zone. {MergeHeadAndScriptZones} will be removed from a future version of Foswiki.

##### Workign with {MergeHeadAndScriptZones} disabled (default)
In this mode, the head and script zones are treated separately.

##### Working with {MergeHeadAndScriptZones} enabled
In this mode, the head and script zones are separate when adding to them, but may be treated as merged when you call RENDERZONE if there are any dependencies specified that only exist in the opposite zone. This allows an ADDTOZONE{"head"...} to to successfully require an id that has been added to script.

Only add content to the script zone that is also legal in the <HEAD>.

#### Example: Adding to a zone with missing dependencies

You must ensure that no head content (and no inline Javascript) depends on script content, or vice-versa. Any such dependency will be ignored. However, the HTML comment decoration which normally appears after each id's content in the rendered HTML will contain a small informative text to aid debugging
Example
%ADDTOZONE{
text="
<script type='text/javascript'>
</script>"
requires="some-id-that-exists-in-script"
id="MY::TEST"
}%

Result
<script type='text/javascript'>
</script>
<!-- MY::TEST: requires= missing ids: some-id-that-exists-in-script -->
On the other hand, as explained earlier - when {MergeHeadAndScriptZones} is enabled - Foswiki is able resolve such dependencies successfully.

Note that if you do have an explicit call to %RENDERZONE{"head"}% in your templates then the content expanded at that point will be the same content as would be inserted before the </HEAD>.

#### Example: Adding Javascript to a page

• Make sure that all inline Javascript code in the topic (if it is allowed) is added to the page using %ADDTOZONE{"script"...requires="library-id"}% with the appropriate library-id to guarantee a correct load order. For example, jQuery code should be added as follows:
%JQREQUIRE{"shake"}%%ADDTOZONE{
"script"
id="MyApp::ShakePart"
text="
<script type='text/javascript'>
jQuery('#something').shake(3, 10, 180);
</script>"
requires="JQUERYPLUGIN::SHAKE"
}%
where "MyApp::ShakePart" is a unique id to identify the text added to script; and JQUERYPLUGIN::SHAKE signifies that the content added with that identifier should appear beforehand.

#### Example: Adding CSS to a page

%ADDTOZONE{"head"
id="MyCSS"
text="
<style type='text/css' media='all'>
@import url('%PUBURLPATH%/%SYSTEMWEB%/MyCSS/foo.css');
</style>"
}%


### ALLVARIABLES -- list of currently defined macros

• Syntax: %ALLVARIABLES%
• Expands to: a table showing all defined macros in the current context

Deprecated 2009-04-29 in favour of SHOWPREFERENCE

### AQUA -- start aqua colored text

• AQUA is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
Example:
%AQUA% aqua text %ENDCOLOR%
Expands to: aqua text

%<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write
%RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%
Related: ENDCOLOR, DefaultPreferences, StandardColors

### ATTACHURL -- full URL for attachments in the current topic

• Syntax: %ATTACHURL%
• Expands to: http://verahavlova.cz/pub/System/VarATTACHURL
• Example: If you attach a file you can refer to it as %ATTACHURL%/image.gif
• Related: ATTACHURLPATH, PUBURL, PUBURLPATH, SCRIPTURL, SCRIPTURLPATH, FileAttachments

### AUTHREALM -- authentication realm

• String defined as {AuthRealm} expert option in configure. This is used in certain password encodings, and in login templates as part of the login prompt.
• Syntax: %AUTHREALM%
• Expands to: Enter your WikiName. (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.
• Related: UserAuthentication, SESSIONID, SESSIONVAR, LOGIN, LOGOUT, SESSION_VARIABLE

### BASETOPIC -- base topic where an INCLUDE started

• The name of the topic where a single or nested INCLUDE started - same as %TOPIC% if there is no INCLUDE
• This is the name of the topic requested by the user.
• Syntax: %BASETOPIC%
• Related: BASEWEB, INCLUDINGTOPIC, INCLUDE, TOPIC

### BASEWEB -- base web where an INCLUDE started

• The web name where the includes started, e.g. the web of the first topic of nested includes. Same as %WEB% in case there is no include.
• This is the name of the web requested by the user.
• Syntax: %BASEWEB%
• Related: BASETOPIC, INCLUDINGWEB, INCLUDE, WEB

### BB2 -- level 2 bullet with line break

• Line break and bullet, level 2.
• Current value: BB2 =
•
• Related: BR, BULLET, BB, BB3, BB4, VBAR

### BB3 -- level 3 bullet with line break

• Line break and bullet, level 3.
• Current value: BB3 =
•
• Related: BR, BULLET, BB, BB2, BB4, VBAR

### BB4 -- level 4 bullet with line break

• Line break and bullet, level 4.
• Current value: BB4 =
•
• Related: BR, BULLET, BB, BB2, BB3, VBAR

### BLACK -- start black colored text

• BLACK is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
Example:
%BLACK% black text %ENDCOLOR%
Expands to: black text

%<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write
%RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%
Related: ENDCOLOR, DefaultPreferences, StandardColors

### BLUE -- start blue colored text

• BLUE is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
Example:
%BLUE% blue text %ENDCOLOR%
Expands to: blue text

%<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write
%RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%
Related: ENDCOLOR, DefaultPreferences, StandardColors

### BROWN -- start brown colored text

• BROWN is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
Example:
%BROWN% brown text %ENDCOLOR%
Expands to: brown text

%<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write
%RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%
Related: ENDCOLOR, DefaultPreferences, StandardColors

### BUTTON{"text" ...} -- renders a nice button

• Parameters:
Parameter: Description: Default:
"text", value="text" text to be put on this button
accesskey access key used for this button
class extra class: use foswikiRight or foswikiLeft to specify aligment; use cyan, red, green for different background colors; use simple for a non-3D button
href url of the click target #
icon icon to be put on the left; note, this can be any icon attached to the {IconSearchPath}; see also VarJQICON
id html id for this button
onclick javascript event triggered when clicking the button
onmouseout javascript event triggered when the pointer leaves the button
onmouseover javascript event triggered when the pointer hovers over the button
target topic to open when clicking on the button
title popup title displayed when hovering over the button
type type of action to be performed; available actions are
• button: (default) normal click button, target specified in target or href parameter
• clear: clears all input fields in the form that contains the button
• reset: resets all input fields in a form to their initial value
• submit: submits the form that contains the button
• save: same as submit but takes care of extra validation steps when saving a wiki topic
button
• Example:
%BUTTON{
"%MAKETEXT{"Submit"}%"
}%
%BUTTON{
"%MAKETEXT{"Cancel"}%"
icon="cross"
target="%WEB%.%TOPIC%"
}% %CLEAR%
• Expands as:
• Note: BUTTONS are floating to the left by default. Take care to add a %CLEAR% after the %BUTTON{...}% so that further content does not overlap with the button.
• Related: JQueryButton

• The %CALC{"formula"}% macro is handled by the SpreadSheetPlugin. There are around 90 formulae, such as $ABS(), $EXACT(), $EXISTS(), $GET()/$SET(), $IF(), $LOG(), $LOWER(), $PERCENTILE(), $TIME(), $VALUE(). • Syntax: %CALC{"formula"}% • Examples: • %CALC{"$SUM($ABOVE())"}% returns the sum of all cells above the current cell • %CALC{"$EXISTS(Web.SomeTopic)"}% returns 1 if the topic exists
• %CALC{"$UPPER(Collaboration)"}% returns COLLABORATION • Related: IF, SpreadSheetPlugin ### CARET -- caret symbol ### COMMENT{ attributes } -- insert an edit box into the topic to easily add comments. • A %COMMENT% without parameters shows a simple text box. • The following standard attributes are recognized Name Description Default type This is the name of the template to use for this comment. Comment templates are defined in a Foswiki template - see Customisation, below. If this attribute is not defined, the type is whatever is defined by COMMENTPLUGIN_DEFAULT_TYPE, either in this topic or in your WebPreferences. below default Default text to put into the textarea of the prompt. target Name of the topic to add the comment to the current topic location Regular expression specifying the comment location in the target topic. Read carefully the CommentPlugin documentation! mode For compatibility with older versions only, synonymous with type nonotify Set to "on" to disable change notification for target topics off noform Set to "on" to disable the automatic form that encloses your comment block - remember to insert <form> tags yourself! See CommentPluginExamples:noform? for an example. off nopost Set to "on" to disable insertion of the posted text into the topic. off remove Set to "on" to remove the comment prompt after the first time it is clicked. off button Button label text Add comment • See CommentPlugin for more information ### COVER -- current skin cover • %COVER% extends the skin search path. For instance, if SKIN is set to catskin, bearskin, and COVER is set to ruskin, the skin search path becomes ruskin, catskin, bearskin. • The COVER setting can be overridden using the URL parameter cover, such as ?cover=ruskin • Syntax: %COVER% • Expands to: %COVER% • See Skins for more information ### DATE -- signature format date • Syntax: %DATE% • Expands to: 15 Oct 2019 • Date format defined as {DefaultDateFormat} in configure When used in a template topic, this variable will be expanded when the template is used to create a new topic. See TemplateTopics#TemplateTopicsVars for details. • Related: DISPLAYTIME, GMTIME{"format"}, SERVERTIME ### DISPLAYTIME{"format"} -- formatted display time • Formatted time - either GMT or Local server time, depending on {DisplayTimeValues} setting in configure. Same format qualifiers as %GMTIME% • Syntax: %DISPLAYTIME% OR %DISPLAYTIME{"format"}% • %DISPLAYTIME% The time is shown as hh:mm (24 hour clock) • Expands to: 15 Oct 2019 - 11:56 • Example: %DISPLAYTIME{"$hou:$min"}% expands to 11:56 • Related: GMTIME, SERVERTIME ### EDITACTION -- Selects an edit template • The EDITACTION preference setting lets you define the use of an editaction template instead of the standard edit. If EDITACTION is defined as text, then hide the form. If EDITACTION is defined as form hide the normal text area and only edit the form. • Syntax:  * Set EDITACTION = text|form • Expands to: %EDITACTION% When EDITACTION is defined as text or form the Edit and Edit Raw buttons simply add ;action=text or ;action=form to the URL for the edit script. If you have defined an EDITACTION preference setting you can still edit the topic content or the form by removing the ;action=form or ;action=text from the edit URL in the browser and reload. • Related: CommandAndCGIScripts#edit ### EDITTABLE{ attributes } -- edit tables using edit fields and other input fields • The %EDITTABLE{}% macro is handled by the EditTablePlugin • Syntax: %EDITTABLE{ attributes }% • Supported attributes: Attribute Comment Default header Specify the header format of a new table like "|*Food*|*Drink*|". Useful to start a table with only a button (no header) format The format of one column when editing the table. A cell can be a text input field, or any of these edit field types: • Text input field (1 line): | text, <size>, <initial value> | • Textarea input field: | textarea, <rows>x<columns>, <initial value> | • Drop down box: | select, <size>, <option 1>, <option 2>, etc* | * only one item can be selected • Radio buttons: | radio, <size*>, <option 1>, <option 2>, etc | * size indicates the number of buttons per line in edit mode • Checkboxes: | checkbox, <size*>, <option 1>, <option 2>, etc | * size indicates the number of checkboxes per line in edit mode • Fixed label: | label, 0, <label text> | • Row number: | row, <offset> | • Date: | date, <size>, <initial value>, <DHTML date format> | (see Date Field Type) "text, 16" for all cells changerows Rows can be added and removed if "on" Rows can be added but not removed if "add" Rows cannot be added or removed if "off" CHANGEROWS plugin setting quietsave Quiet Save button is shown if "on", hidden if "off" QUIETSAVE plugin setting include Other topic defining the EDITTABLE parameters. The first %EDITTABLE% in the topic is used. This is useful if you have many topics with the same table format and you want to update the format in one place. Use topic or web.topic notation. (none) helptopic Topic name containing help text shown below the table when editing a table. The %STARTINCLUDE% and %STOPINCLUDE% macros can be used in the topic to specify what is shown. (no help text) headerislabel Table header cells are read-only (labels) if "on"; header cells can be edited if "off" or "0" "on" editbutton Set edit button text, e.g. "Edit this table"; set button image with alt text, e.g. "Edit table, %PUBURL%/%SYSTEMWEB%/DocumentGraphics/edittopic.gif"; hide edit button at the end of the table with "hide" (Note: Button is automatically hidden if an edit button is present in a cell) EDITBUTTON plugin setting buttonrow Set to top to put the edit buttons above the table. bottom javascriptinterface Use javascript to directly move and delete row without page refresh. Enable with "on", disable with "off". JAVASCRIPTINTERFACE plugin setting Example: %EDITTABLE{ format="| text, 20 | select, 1, one, two, three |" changerows="on" }% | *Name* | *Type* | | Foo | two | Produces: Name Type Foo two Related: See EditTablePlugin for more details ### ENCODE{"string"} -- encodes a string • Encode character sequences in "string", by mapping characters (or sequences of characters) to an alternative character (or sequence of characters). This macro can be used to encode strings for use in URLs, to encode to HTML entities, to protect quotes, and for as many other uses as you can imagine. • Syntax: %ENCODE{"string"}% • Parameters: Parameter Description Default "string" String to encode "" (empty string) type="encodingname" Use a predefined encoding (see below). Default is 'url'. Parameter type not be used if old or new are given. old="tokenlist" Comma-separated list of tokens to replace. Tokens are normally single characters, but can also be sequences of characters. The standard format tokens may be used in this list. Each token must be unique - you cannot list the same token twice. May not be used with type; required if new is used new="tokenlist" comma-separated list of replacement tokens. The elements in this list match 1:1 with the elements in the old list. Again, the standard format tokens may be used. An empty element in the new list will result in the corresponding token in the old list being deleted from the string. If the new list is shorter than the old list it will be extended to the same length using the empty element. Tokens do not have to be unique. When using old and new, be aware that the results of applying earlier tokens are not processed again using later tokens. (see examples below) May not be used with type; required if old is used • If ENCODE is called with no optional parameters (e.g. %ENCODE{"string"}%) then the default type="url" encoding will be used. • Predefined encodings. • Unless otherwise specified, the type parameter encodes the following "special characters" • all non-printable ASCII characters below space, except newline ("\n") and carriage return ("\r") • HTML special characters "<", ">", "&", single quote (') and double quote (") • TML special characters "%", "[", "]", "@", "_", "*", "=" and "|" • type="entity" Encode special characters into HTML entities, like a double quote into &#034;. Does not encode \n (newline). • type="html" As type="entity" except it also encodes \n (newline) • type="safe" Encode just the characters '"<>% into HTML entities. • type="quotes" Escapes double quotes with backslashes (\"), does not change any other characters • type="url" Encode special characters for use in URL parameters, like a double quote into %22 • Examples  %ENCODE{"spaced name"}%= expands to spaced%20name %ENCODE{"| Blah | | More blah |" old="|,$n" new="&#124;,<br />"}% expands to
| Blah | | More blah |
- this encoding is useful to protect special TML characters in tables.
%ENCODE{"10xx1x01x" old="1,x,0" new="A,,B"}% expands to
ABABA
%ENCODE{"1,2" old="$comma" new=";"}% expands to 1;2 • Values for HTML input fields must be entity encoded. Example: <input type="text" name="address" value="%ENCODE{ "any text" type="entity" }%" /> • ENCODE can be used to filter user input from URL parameters and similar to help protect against cross-site scripting. The safest approach is to use type="entity". This can however prevent an application from fully working. You can alternatively use type="safe" which encodes only the characters '"<>% into HTML entities. When ENCODE is passing a string inside another macro always use double quotes ("") type="quote". For maximum protection against cross-site scripting you are advised to install the Foswiki:Extensions.SafeWikiPlugin. • Double quotes in strings must be escaped when passed into other macros. Example: %SEARCH{ "%ENCODE{ "string with "quotes"" type="quotes" }%" noheader="on" }% When using old and new, be aware that the results of applying earlier tokens are not processed again using later tokens. For example:  %ENCODE{"A" old="A,B" new="B,C"}% will result in 'B' (not 'C'), %ENCODE{"asd" old="as,d" new="d,f"}% will yield 'df', and %ENCODE{"A" old="A,AA" new="AA,B"}% will give 'AA' and. %ENCODE{"asdf" old="a,asdf" new="a,2"}% will give 'asdf' • Related: URLPARAM ### ENDCOLOR -- end colored text ### ENDSECTION{"name"} -- marks the end of a named section within a topic • Syntax: %ENDSECTION{"name"}% • Syntax: %ENDSECTION{type="include"}% • Supported parameter: Parameter: Description: "name" Name of the section. type="..." Type of the section being terminated; supported types "section", "include", "expandvariables", "templateonly". • If the STARTSECTION is named, the corresponding ENDSECTION must also be named with the same name. If the STARTSECTION specifies a type, then the corresponding ENDSECTION must also specify the same type. If the section is unnamed, ENDSECTION will match with the nearest unnamed %STARTSECTION% of the same type above it. • Related: STARTSECTION ### ENDTAB -- ending marker for a tab of a tabpane ### ENDTABPANE -- ending tag for tabpane widget ### ENDTWISTY Twisty closure, complements the opening TWISTY tag. ### ENDTWISTYTOGGLE The Twisty closure ### ENV{"varname"} -- inspect the value of an environment variable • Returns the current value of the environment variable in the CGI (Common Gateway Interface) environment. This is the environment that the CommandAndCGIScripts are running in. • Note: For security reasons, only those environment variables whose names match the regular expression in {AccessibleENV} in the Security Settings/Miscellaneous section of configure can be displayed. Any other variable will just be shown as an empty string, irrespective of its real value. • Example: %ENV{MOD_PERL}% displays as: not set • If an environment variable is undefined (as against being set to the empty string) it will be returned as not set. • Related: HTTP_HOST, REMOTE_ADDR, REMOTE_PORT, REMOTE_USER ### EXAMPLETAG -- example variable • The %EXAMPLETAG{}% variable is handled by the ExamplePlugin • Syntax: %EXAMPLETAG{"text" format="..."}% • Parameter text="..." - example text. • Parameter format="..." - format of report. • Example: %EXAMPLETAG{"hello" format="|$topic: $summary |"}% • Related: ExamplePlugin ### EXPAND{"expression" scope="topictoexpandin" ...}% Expands macros in expression as if they were used in the topic topictoexpandin. The viewer must have VIEW access to topictoexpandin for this to work. All the standard formatting macros can be used in expression, such as $percent and $quot. EXPAND can be useful when you want to pick up the value of macros defined in another topic. For example, you might want to define a set of preferences in one topic, but pick up their value in another topic (this is very useful when building reusable applications). In this case you can write:  * Set MYPREFERENCE = value  in "SettingsTopic" and then, in "MyTopic", write: %EXPAND{"$percentMYPREFERENCE$percent" scope="SettingsTopic"}%  Of course we can also write: %EXPAND{"$percentMYPREFERENCE$percent" scope="%OTHERTOPIC%"}%  which lets us select which other topic to get the preference value from. Additional parameters can be passed to the macro being expanded using the standard macro syntax in the name of the macro; for example, %EXPAND{"$percentMYPREFERENCE{$quotdefault$quot param=$quotvalue$quot}" scope="SettingsTopic"}%


Notes:
• EXPAND is not very efficient, and should be used sparingly.
• To expand a web preference (for example, a web access control) then set scope="Theotherweb.%WEBPREFSTOPIC%"

### FORMAT{"list" format="" header="" footer="" separator=""} -- format a list of objects

• Syntax: %FORMAT{"list"}%
• Supported parameters:
Parameter: Description: Default:
"one, two, three" The list to be expanded into the format. Required. Currently only two types of list data are supported; topic names (type="topic") and plain strings (type="string"). ""
format="..." Format string; see Supported formatting tokens for possible values. ""
header="..." Text to come before the formatted output ""
footer="..." Text to come after the formatted output ""
separator="n" Separator between formatted elements "$n" type="" Treat input list as either topic or string "topic" • Examples:  %FORMAT{"one,two,three" type="string" format=" *$item"}%
%FORMAT{"%SKIN%"
header="the Skin setting is evaluated in this order:"
format="   1 =$topic=" footer=" 1 =default=" }% • Related: SEARCH #### Supported formatting tokens If type="topic" (the default) the format string can contain any of the topic-specific format tokens specified in FormattedSearch ($web, $topic, $parent, $text, $locked, $date, $isodate, $index, $item, $rev, $username, $wikiname, $wikiusername, $createdate, $createusername, $createwikiname, $createwikiusername, $summary, $changes, $formname, $formfield, $pattern, $count, $ntopics, $nhits, $pager). In addition, the macro supports all the standard format tokens. If type="string" then the comma separated list is treated as a list of strings. In this case, the format tokens $index and $item will return the position of the item in the list (1-based), and the item itself, respectively. Note that a comma can be embedded in the data using the standard formatting token $comma.

The FORMAT macro is currently only of use in formatting lists of topics, or of simple strings. It will be extended in future releases to add the capability to render other object types.

For more sophisticated handling of string lists, consider installing Foswiki:Extensions.FilterPlugin.

### FORMFIELD{"fieldname"} -- renders a field in the form attached to some topic

• Syntax: %FORMFIELD{"fieldname"}%
• Supported parameters:
Parameter: Description: Default:
"fieldname" The name of a Data form field required
topic="..." Topic where form data is located. May be of the form Web.TopicName Current topic
format="..." Format string. $value expands to the field value, and $name expands to the field name, $title to the field title, $form to the name of the form the field is in. The standard format tokens are also expanded. "$value" default="..." Text shown if the field is defined in the topic, but the field value is empty. For example, a text field for which all the content has been deleted. "" alttext="..." Text shown if the field is not defined in the topic (even if it is specified in the form definition). For example, this is used when a field exists in the form definition, but the referring topic hasn't been edited since it was added. "" rev="n" Specifiy a revision of the topic. If not specified, defaults to the most recent rev (or the viewed rev if viewing an old rev of the same topic) • Example:  %FORMFIELD{"ProjectName" topic="Projects.SushiProject" default="(no project name given)" alttext="ProjectName field not found in form" }% • Related: SEARCH ### GMTIME{"format"} -- formatted GM time • Syntax: %GMTIME% OR %GMTIME{"format"}% • %GMTIME% uses the default date format defined by the {DefaultDateFormat} setting in configure • expands to 15 Oct 2019 - 11:56 • Supported special format tokens: Token: Unit: Example $seconds seconds 59
$minutes minutes 59 $hours hours 23
$day day of month 31 $wday day of the Week (Sun, Mon, Tue, Wed, Thu, Fri, Sat) Thu
$dow day of the week (Sun = 0) 2 $week number of week in year (ISO 8601) 34
$month short name of month Dec $mo 2 digit month 12
$year 4 digit year 1999 $ye 2 digit year 99
$tz either "GMT" (if set to gmtime), or "Local" (if set to servertime) GMT $iso ISO format timestamp 2019-10-15T11:56:59Z
$rcs RCS format timestamp 2019/10/15 11:56:59 $http E-mail & http format timestamp Tue, 15 Oct 2019 11:56:59 GMT
$epoch Number of seconds since 00:00 on 1st January, 1970 1571140619 • Tokens can be shortened to 3 characters • Example: %GMTIME{"$day $month,$year - $hour:$min:$sec"}% expands to 15 Oct, 2019 - 11:56:59 When used in a template topic, this macro will be expanded when the template is used to create a new topic. See TemplateTopics#TemplateTopicsVars for details. • Related: GMTIME, REVINFO, SERVERTIME ### GRAY -- start gray colored text • GRAY is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %GRAY% gray text %ENDCOLOR% Expands to: gray text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### GREEN -- start green colored text • GREEN is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %GREEN% green text %ENDCOLOR% Expands to: green text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### GROUPINFO{"name"} -- retrieve details about a group • Syntax: %GROUPINFO% • Expands to: comma-separated list of all groups • Syntax: %GROUPINFO{"groupname"}% • Expands to: comma-separated list of users in that group • Parameters:  format Format of a single user or group in the list. $name expands to the group name, and (for users list only) $wikiname, $username and $wikiusername to the relevant strings. $allowschange returns 0 (false) or 1 (true) if that group can be modified by the current user. $allowschange(UserWikiName) returns 0 (false) or 1 (true) if that group can be modified by the specified user (does not work for groups yet.). The standard FormatTokens are also supported. $name for groups list, $wikiusername for users list separator separator between items in the list , header Header for the list '' footer Footer for the list '' zeroresults If set, and there are no Groups or Members that can be shown, the header and footer are suppressed, and this text is output undefined show filter the output list of Groups - can be set to all, allowschange, denychange, allowschange(UserWikiName), denychange(UserWikiName) all expand Set false if users should not be expanded from nested groups. Default behavior is to expand all nested groups into a flat list of users. 1 limit If set, limits the number of results to this infinity limited If limit is set, and the list is truncated, this text will be added at the end of the list '' Note: GROUPINFO will not list members that are hidden from the current authenticated user. If the current user does not have VIEW authority for a user's topic, then the user will not be shown as a group member. ### GROUPS -- a formatted list of groups Deprecated - do not use. Use VarGROUPINFO instead • Expands to a formatted list of user groups in your Foswiki. • Syntax: %GROUPS% • The macro is intended to be used in Main.WikiGroups, to allow a group listing for various user mapping managers. • Related: REMOTE_USER, USERINFO, USERNAME, WIKIUSERNAME, WIKIUSERSTOPIC ### H -- help icon ### HISTORY{ attributes } -- control attributes of tables and sorting of table columns • The %HISTORY{}% macro is handled by the HistoryPlugin • Syntax: %HISTORY{ attributes }% Argument Description Default value none Default layout: a simple list of topic revisions using the default format (see below) "format" or format="string" Format of one line, may include any variable which is supported by macro REVINFO "r$rev - $date -$wikiusername"
topic="topic" Topic name, can be in web.topic format current topic
web="web" Web name current web
versions="number or range" Number or range (format: from..to). Examples:
To get version 2, write: versions="2"
To get version 2 to 3, write: versions="2..3"
To get version 2 to the latest, write: versions="2.."
To get all versions up to version 5, write: versions="..5"
To get all versions up to but not including the latest, write: versions="..-1"
To get the versions from 1 to 5 in reverse order, write: versions="5..1"
all versions in the order latest to first
header="text" Text to print before the list.
May contain the tokens $next and $previous which will be evaluated if there are newer or older revisions available for the topic that are not listed according to versions (or rev1, rev2, nrev).
These tokens take the syntax $next{'some text' url='url'} (the same for $previous). 'some text' is the text which should be printed, 'url' is the url for the corresponding link.
The tokens $rev1, $rev2, $nrev in 'text' or 'url' will be replaced by appropriate values for the next or previous block of revisions. See the attached oopshistory.tmpl for an example of how to use this. "$next"

### IMAGEGALLERY{"topic" options...} -- render an image gallery

• The %IMAGEGALLERY{"topic"}% macro is handled by the ImageGalleryPlugin.
• Syntax: %IMAGEGALLERY{"topic" options...}%
• Examples:
• =%IMAGEGALLERY{"System.DocumentGraphics" columns="3" limit="12" exclude="arrow" sort="name"}%
• Related: NRIMAGES, ImageGalleryPlugin

### INCLUDE{"topic"} -- include other topic.

• Syntax: %INCLUDE{"topic" ...}% (See also the URL form of %INCLUDE%)
• Supported parameters:
Parameter: Description: Default:
"SomeTopic" The name of a topic located in the current web, i.e. %INCLUDE{"WebNotify"}%
"Web.Topic" A topic in another web, i.e. %INCLUDE{"System.SiteMap"}%
pattern="..." Include a subset of a topic or a web page. Specify a RegularExpression that contains the text you want to keep in parenthesis, e.g. pattern="(from here.*?to here)". IncludeTopicsAndWebPages has more. none
rev="2" Include a previous topic revision; N/A for URLs top revision
warn="off" Warn if topic include fails: Fail silently (if off); output default warning (if set to on); else, output specific text (use $topic for topic name) %INCLUDEWARNING% preferences setting section="name" Includes only the specified named section, as defined in the included topic by the STARTSECTION and ENDSECTION macros. Nothing is shown if the named section does not exists. section="" is equivalent to not specifying a section PARONE="val 1" PARTWO="val 2" Any other parameter will be defined as a macro within the scope of the included topic. The example parameters on the left will result in %PARONE% and %PARTWO% being defined within the included topic. • Examples: See IncludeTopicsAndWebPages • Related: BASETOPIC, BASEWEB, INCLUDE("URL"), INCLUDE("doc:") ,INCLUDINGTOPIC, INCLUDINGWEB, STARTINCLUDE, STOPINCLUDE, STARTSECTION, ENDSECTION ### INCLUDE{"url"} -- include a web page • Syntax: %INCLUDE{"http://..." ...}% (See also the topic form of %INCLUDE%) • Supported parameters: Parameter: Description: Default: "http://..." A full qualified URL, i.e. %INCLUDE{"http://foswiki.org:80/index.html"}%. Supported content types are text/html and text/plain. If the URL resolves to an attachment file on the server this will automatically translate to a server-side include. pattern="..." Include a subset of a topic or a web page. Specify a RegularExpression that contains the text you want to keep in parenthesis, e.g. pattern="(from here.*?to here)". IncludeTopicsAndWebPages has more. none raw="on" When a page is included, normally Foswiki will process it, doing the following: 1) Alter relative links to point back to originating host, 2) Remove some basic HTML tags (html, head, body, script) and finally 3) Remove newlines from HTML tags spanning multiple lines. If you prefer to include exactly what is in the source of the originating page set this to on. raw="on" is short for disableremoveheaders="on", disableremovescript="on", disableremovebody="on", disablecompresstags="on" and disablerewriteurls="on". disabled literal="on" While using the raw option will indeed include the raw content, the included content will still be processed and rendered like regular topic content. To disable parsing of the included content, set the literal option to "on". disabled disableremoveheaders="on" Bypass stripping headers from included HTML (everything until first </head> tag) disabled disableremovescript="on" Bypass stripping all <script> tags from included HTML disabled disableremovebody="on" Bypass stripping the </body> tag and everything around over and below it disabled disablecompresstags="on" Bypass replacing newlines in HTML tags with spaces. This compression step rewrites unmatched <'s into &lt; entities unless bypassed disabled disablerewriteurls="on" Bypass rewriting relative URLs into absolute ones disabled warn="off" Warn if URL include fails: Fail silently (if off); output default warning (if set to on); else, output specific text (use $topic for topic name) appended with the http error information. %INCLUDEWARNING% preferences setting

JavaScript in included webpages is filtered out as a security precaution per default (disable filter with disableremovescript parameter)

Foswiki by default is configured to deny URL format includes.
• Examples: See IncludeTopicsAndWebPages
• Related: INCLUDE("topic")

### INCLUDE{"doc:"} -- include Foswiki embedded module documentation

• Syntax: %INCLUDE{"doc:Foswiki::Func" ...}%
• Supported parameters:
Parameter: Description: Default:
"doc:..." A full qualified Foswiki module, i.e. %INCLUDE{"doc:Foswiki::Func"}%. The module must be found on the Foswiki lib path
level="1" Override the root heading level to the specified number
pattern="..." Include a subset of the module. Specify a RegularExpression that contains the text you want to keep in parenthesis, e.g. pattern="(from here.*?to here)". IncludeTopicsAndWebPages has more. none
• Examples: See System/PerlDoc?module=Foswiki::Func
• Related: INCLUDE("topic") INCLUDE("URL")

### INCLUDINGTOPIC -- name of topic that includes current topic

• The name of the topic that includes the current topic - same as %TOPIC% in case there is no include
• If a topic is used in a chain of INCLUDEs, INCLUDINGTOPIC is set to the topic directly INCLUDing this one, NOT the topic that has been requested by the user (which is set in BASETOPIC)
While this Macro may appear to work, unless you require the subtle difference between INCLUDINGTOPIC and BASETOPIC, you probably should use BASETOPIC
• Syntax: %INCLUDINGTOPIC%
• Related: BASETOPIC, INCLUDINGWEB, INCLUDE, TOPIC

### INCLUDINGWEB -- web that includes current topic

• The web name of the topic that includes the current topic - same as %WEB% if there is no INCLUDE.
• If a topic is used in a chain of INCLUDEs, INCLUDINGWEB is set to the topic directly INCLUDing this one, NOT the web that has been requested by the user (which is set in BASEWEB)
While this Macro may appear to work, unless you require the subtle difference between INCLUDINGWEB and BASEWEB, you probably should use BASEWEB
• Syntax: %INCLUDINGWEB%
• Related: BASEWEB, INCLUDINGTOPIC, INCLUDE, WEB

### JQICON{"name" ...} -- render an image

• This renders an icon image as found on an icon search path. The icon search path is configured in {JQueryPlugin}{IconSearchPath} and defaults to FamFamFamSilkIcons, FamFamFamSilkCompanion1Icons, FamFamFamFlagIcons, FamFamFamMiniIcons, FamFamFamMintIcons'. The named icon will be picked found first on this path of topics where icons are attached to. The JQICON leverages the general icon loading mechanism as implemented by the JQueryPlugin and used by BUTTON as well.
• Parameters:
Parameter: Description: Default:
"name" name of the icon to display
class additional css class for the img tag
alt   alt attribute
title title attribute
format format string used to render the icon; known variables to be used in the format string are:
• $iconPath: url path • $iconClass: css class as specified by the class parameter
• $iconAlt: alt attribute-value; if the alt parameter to JQICON is set, this expands to alt='...' • $iconTitle: title attribute-value; if the title parameter to JQICON is set, this expands to title='...'
<img src='$iconPath' class='$iconClass' $iconAlt$iconTitle/>
• Example:
     %JQICON{"tick" alt="alternative content" title="this is a tick icon"}%
%JQICON{"cross"}%
%JQICON{"disk"}%
%JQICON{"star"}%
%JQICON{"lightbulb"}%
%JQICON{"camera"}%
%JQICON{"date"}%

Produces:
• Related: VarJQICONPATH, VarICON, JQueryPlugin, FamFamFamSilkIcons

### JQICONPATH{"name"} -- render the urlpath to an image

• This is a shortcut for
%JQICON{"name" format="$iconPath"}% • Example: /pub/System/FamFamFamSilkIcons/tick.png • Related: VarJQICON, VarICONURL, JQueryPlugin ### JQPLUGINS{"plugins" ... } -- display a summary of available plugins • Parameters: Parameter: Description: Default: "plugins" this is a regular expression that the plugin identifier must match to be displayed format format string to render information for each matching plugin; known variables to be used in the format string are: • active: state of the plugin: displays (active) when this plugin is loaded on the current page • author: author of the plugin • documentation: plugin documentation topic defaults to %SYSTEMWEB%.JQuery$name
• homepage: link to the hompeage of this third party plugin
• index: the current index in the list of all plugins being displayed
• name: name of the plugin as can be used in JQREQUIRE
• summary: short description what this plugin does; most plugins provide this piece of information in the summary section of the documentation topic
• tags: list of TML macros this plugin implements
• version: version of the plugin as provided by the author of this plugin
   1 <a href="$homepage">$name</a> $active$version $author header header string prepended to the output; empty when no plugin matches footer footer string appended to the output; empty when no plugin matches separator separator put between each plugin rendered in a row $n
tagformat format string to render a link to any tag documentation a plugin implements [[%SYSTEMWEB%.Var$tag][$tag]]
• Example:
 %JQPLUGINS{
"treeview|slimbox"
header="   * JQuery Plugins:$n" format=" * [[$documentation][$name]] v$version was developed by [[$homepage][$author]]"
}%
Produces:
• JQuery Plugins:
• Related: JQueryPlugin

### JQREQUIRE{"plugin, plugin, ... "} -- enable a plugin on the current page

• This macro will load a list of plugins to be added to the current page. Use JQPLUGINS to display the list of available and active plugins. While loading a plugin, additional plugins it may depend on are loaded as well. Information about these dependencies is stored within the plugins themselves and can't be changed. Dependencies also make sure the javascript code is added to the html page in the right order. It uses ADDTOZONE to aggregate javascript and css at the right place on the html page.
• Parameters:
Parameter: Description: Default:
"plugin[, plugin, plugin]" list of plugins to be loaded
warn (on/off) allows you to switch off warnings when a plugin was not found on

### JQTHEME{"name" ...} -- switch jQuery UI theme

• Foswiki's default UI theme is configured in $Foswiki::cfg{JQueryPlugin}{JQueryTheme} and defaults to base. Use configure to change this site wide. Use JQTHEME if you decide to use a different theme on the current page. • Note: some Foswiki skins may come with their own jQuery UI matching the overall user experience of the web design. • Parameters: Parameter: Description: Default: "name" name of theme: JQueryPlugin knows the following themes base, lightness, redmod, smoothness; additional themes maybe created using the themeroller and installed to /pub/System/JQueryPlugin/$name base
• Related: JQueryUI

### LANG -- the lang attribute of generated HTML pages

• In templates the lang attribute is defined like this:
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="%LANG%" lang="%LANG%">
• The value is read from configure setting {Site}{Locale}
• Do not confuse LANG with LANGUAGE
• Syntax: %LANG%
• Expands to: cs_CZ

### LANGUAGE -- current user's language

• Returns the language code for the language used as the current user. This is the language actually used by Foswiki (e.g. in user interface).
• The language is detected from the user's browser, unless some site/web/user/session-defined setting overrides it:
• If the LANGUAGE preference is set, it's used as user's language instead of any language detected from the browser.
• Avoid defining LANGUAGE at a non per-user way, so each user can choose his/her preferred language.
• Related: LANGUAGES

### LANGUAGES -- list available languages

• List the languages available (as PO files). These are the languages in which the user interface is available.
• Syntax: %LANGUAGES{...}%
• Supported parameters:
Parameter: Description: Default:
format format for each item. See below for format tokens available in the format string. "   * $langname" separator separator between items. "\n" (newline) marker="selected" Text for $marker if the item matches selection "selected"
selection="%LANGUAGE%" Current language to be selected in list (none)
• format tokens:
Token Meaning
$langname language's name, as informed by the translators $langtag language's tag. Ex: en, pt-br, etc.
• Example: <select>%LANGUAGES{format="<option $marker value='$langtag'>$langname</option>" selection="%LANGUAGE%"}%</select> creates an option list of the available languages with the current language selected ### LIME -- start lime colored text • LIME is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %LIME% lime text %ENDCOLOR% Expands to: lime text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### LOCALSITEPREFS -- web.topicname of site preferences topic • The full name of the local site preferences topic. These local site preferences overload the system level preferences defined in System.DefaultPreferences. • Syntax: %LOCALSITEPREFS% • Expands to: Main.SitePreferences, renders as Main.SitePreferences ### LOGIN -- present a full login link ### LOGOUT -- present a full logout link You are already logged out, so %LOGOUT expands to an empty string ### M -- moved to... icon ### MAINWEB -- synonym for USERSWEB Deprecated. Please use %USERSWEB% instead. ### MAKETEXT -- creates text using Foswiki's I18N infrastructure Strings captured in the MAKETEXT macro are automatically mapped to the current user's selected language via locale/*.po translation files. • Syntax: %MAKETEXT{"string" args="..."}% • Supported parameters: Parameter Description Default "text" or string="text" The text to be displayed (the translatable string). none args="param1, param2" a comma-separated list of arguments to be interpolated in the string, replacing [_N] placeholders in it. none • Examples:  %MAKETEXT{string="Notes:"}% expands to: Notes: %MAKETEXT{ "If you have any questions, please contact [_1]." args="%WIKIWEBMASTER%" }% expands to: If you have any questions, please contact webmaster@panacom.cz. %MAKETEXT{ "Did you want to [[[_1]][reset [_2]'s password]]?" args="%SYSTEMWEB%.ResetPassword,%WIKIUSERNAME%" }% expands to: Did you want to [[System.ResetPassword][reset Main.WikiGuest's password]]? • Notes: • An ampersand (&) followed by one ascii alphabetic character (a...z, A...Z) in the translatable string will be expanded to an access key string. For example, &X will expand to <span class='foswikiAccessKey'>X</span>. If you want to write an actual ampersand, either follow it with a non-alphabetic character or write two consecutive ampersands (&&). • Translatable strings starting with underscores (_) are reserved. You cannot use translatable phrases starting with an underscore. • Make sure that the translatable string is constant. Do not include %MACROS% inside the translatable strings as they will be expanded before the %MAKETEXT{...}% itself is handled. You can, however, use macros in the args, as shown in the examples above. • The string will be output in English if no mapping can be found in the .po translation file for the current user's selected language. ### MAROON -- start maroon colored text • MAROON is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %MAROON% maroon text %ENDCOLOR% Expands to: maroon text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### META -- displays meta-data Provided mainly for use in templates, this macro generates the parts of the topic view that relate to meta-data (attachments, forms etc.). Syntax: %META{ "item" ...}% Parameters: • "form" - generates the table showing the form fields. See Form Definition. • "attachments" - generate a table of attachments • all="on" to show hidden attachments. • title="..." to show a title - only if attachments are displayed. • template="..." to use a custom template for the rendering of attachments; default attachtables is used. • "moved" - if a topic was moved or renamed, generates a message with details and a revert link • prefix="...": Prefix that goes before the moved message, but only if the message is generated, default "". • suffix="...": Prefix that goes after the moved message, but only if the message is generated, default "". • "parent" - display details of ancestor topics • dontrecurse="on": By default recurses up tree, this has some cost. Equivalent to depth=1 • depth="...": Return only the specified ancestor. • nowebhome="on": Suppress WebHome. • format="...": Format string used to display each parent topic where $web expands to the web name, and $topic expands to the topic name; default: "[[$web.$topic][$topic]]"
• separator="...": Separator between parents; default " > "
• prefix="...": Prefix that goes before parents, but only if there are parents, default "".
• suffix="...": Suffix, only appears if there are parents; default "".
• "formfield" - display the value of a single form field
• name="...": name of the field.
• newline="...": by default, each newline character will be rewritten to <br /> to allow metadata that contains newlines to be used in tables, etc. $n indicates a newline character. • bar="...": by default, each vertical bar is rewritten to an HTML entity so as to not be mistaken for a table separator. Use of "formfield" is deprecated in favour of the much more powerful QUERY macro. Related: QUERY ### METASEARCH -- special search of meta data METASEARCH is deprecated in favour of the new and much more powerful query type search. See SEARCH and QuerySearch. • Syntax: %METASEARCH{...}% • Supported parameters: Parameter: Description: Default: type="topicmoved" What sort of search is required? "topicmoved" if search for a topic that may have been moved "parent" if searching for topics that have a specific parent i.e. its children "field" if searching for topics that have a particular form field value (use the name and value parameters to specify which field to search). Required web="%WEB%" Wiki web to search: A web, a list of webs separated by whitespace, or all webs. Current web topic="%TOPIC%" The topic the search relates to, for topicmoved and parent searches All topics in a web name form field to search, for field type searches. May be a regular expression (see SEARCH). value form field value, for field type searches. May be a regular expression (see SEARCH). title="Title" Text that is prefixed to any search results empty format="..." Custom format results. Supports same format strings as SEARCH. See FormattedSearch for usage & examples Results in table default="none" Default text shown if no search hit Empty • Examples:  %METASEARCH{ type="topicmoved" web="%WEB%" topic="%TOPIC%" title="This topic used to exist and was moved to: " }% You may want to use this in WebTopicViewTemplate and WebTopicNonWikiTemplate:  %METASEARCH{ type="parent" web="%WEB%" topic="%TOPIC%" title="Children: " }% %METASEARCH{ type="field" name="Country" value="China" }% • Related: SEARCH, META ### N -- "new" icon ### NAVY -- start navy colored text • NAVY is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %NAVY% navy text %ENDCOLOR% Expands to: navy text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### NOP -- template text not to be expanded in instantiated topics • Syntax: %NOP% • In normal topic text, expands to <nop>, which prevents expansion of adjacent macros and wikiwords • When the topic containing this is used as a template for another topic, it is removed. • Syntax: %NOP{...}% deprecated • In normal topic text, expands to whatever is in the curly braces (if anything). This is deprecated. Do not use it. Use %STARTSECTION{type="templateonly"}% .. %ENDSECTION{type="templateonly"}% instead (see TemplateTopics for more details). • Related: STARTSECTION, TemplateTopics ### NOTIFYTOPIC -- name of the notify topic ### NRIMAGES{"topic"} -- returns the number of images attachted to a (list of) topics • The %NRIMAGES{"topic"}% macro is handled by the ImageGalleryPlugin. • Syntax: %NRIMAGES{"topic"}% • Examples: • There are 0 images on this page. • There are 764 images at System.DocumentGraphics. • Related: IMAGEGALLERY, ImageGalleryPlugin ### OLIVE -- start olive colored text • OLIVE is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %OLIVE% olive text %ENDCOLOR% Expands to: olive text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### ORANGE -- start orange colored text • ORANGE is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %ORANGE% orange text %ENDCOLOR% Expands to: orange text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### P -- pencil icon ### PINK -- start pink colored text • PINK is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %PINK% pink text %ENDCOLOR% Expands to: pink text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### PLUGINDESCRIPTIONS -- list of plugin descriptions • Syntax: %PLUGINDESCRIPTIONS% • Expands to: • System.SpreadSheetPlugin (1.1.6,$Rev: 13988 (2012-02-15) $): Add spreadsheet calculations like "$SUM($ABOVE())" to Foswiki tables and other topic text • System.AutoCompletionLibPlugin (0.6,$Rev: 3117 (2009-03-15) $): Providing librarys and functionalitys to use easy javascript autocompletion for the user interface • System.AutoViewTemplatePlugin (10 Apr 2011,$Rev: 11364 (2011-04-10) $): Automatically sets VIEW_TEMPLATE and EDIT_TEMPLATE • System.BatchUploadPlugin (1.3,$Rev: 11345 (2011-04-08) $): Attach multiple files at once by uploading a zip archive • System.BreadCrumbsPlugin (2.43,$Rev: 14082 (2012-02-24) $): A flexible way to display breadcrumbs navigation • System.CommentPlugin (1.1.5,$Rev: 14572 (2012-04-06) $): Quickly post comments to a page without an edit/save cycle • System.CompareRevisionsAddonPlugin (1.1.6,$Rev: 14572 (2012-04-06) $): • System.EditTablePlugin (4.42,$Rev: 14572 (2012-04-06) $): Edit tables using edit fields, date pickers and drop down boxes • System.FilterPlugin (2.08,$Rev: 13591 (2012-01-10) $): Substitute and extract information from content by using regular expressions • System.FlexWebListPlugin (1.61,$Rev: 13583 (2012-01-10) $): Flexible way to display hierarchical weblists • System.HistoryPlugin (1.10,$Rev: 13288 (2011-12-03) $): Shows a complete history of a topic • System.IfDefinedPlugin (2.01,$Rev: 12392 (2011-08-26) $): Render content conditionally • System.ImageGalleryPlugin (6.00,$Rev: 11854 (2011-06-06) $): Displays image gallery with auto-generated thumbnails from attachments • System.ImagePlugin (2.41,$Rev: 13571 (2012-01-09) $): • System.InterwikiPlugin (1.1.2,$Rev: 12957 (2011-10-31) $): Link ExternalSite:Page text to external sites based on aliases defined in a rules topic • System.JQueryCompatibilityModePlugin (1.5,$Rev: 3114 (2009-03-15) $): Just the same as JqueryPlugin but using the compatibilty mode to provide use with other frameworks • System.JQueryPlugin (4.33,$Rev: 14572 (2012-04-06) $): jQuery JavaScript library for Foswiki • LightboxPlugin: (disabled) • System.MailerContribPlugin (9 Jul 2010,$Rev: 13315 (2011-12-06) $): Supports e-mail notification of changes • System.NatEditPlugin (6.03,$Rev: 14035 (2012-02-20) $): A Wikiwyg Editor • System.NatSkinPlugin (3.96,$Rev: 6287 (2010-02-12) $): Theming engine for NatSkin • System.PreferencesPlugin (1.1.3,$Rev: 14572 (2012-04-06) $): Allows editing of preferences using fields predefined in a form • System.RenderListPlugin (2.2.6,$Rev: 14143 (2012-02-29) $): Render bullet lists in a variety of formats • System.RenderPlugin (3.1,$Rev: 13580 (2012-01-10) $): Render WikiApplications asynchronously • System.SetVariablePlugin (2.20,$Rev: 4287 (2009-06-23) $): Flexible handling of topic variables • System.SlideShowPlugin (2.1.5,$Rev: 14572 (2012-04-06) $): Create web based presentations based on topics with headings • System.SmiliesPlugin (05 Dec 2011,$Rev: 13315 (2011-12-06) $): Render smilies like as icons • System.TablePlugin (1.140,$Rev: 14090 (2012-02-25) $): Control attributes of tables and sorting of table columns • System.TinyMCEPlugin (1.2.6,$Rev: 14444 (2012-03-23) $): Integration of the Tiny MCE WYSIWYG Editor • System.TwistyPlugin (1.6.15,$Rev: 13315 (2011-12-06) $): Twisty section Javascript library to open/close content dynamically • System.UploadPlugin (1.11,$Rev: 4414 (2009-07-03) $): Attach multiple files to a topic in one go • System.WysiwygPlugin (1.1.5,$Rev: 14548 (2012-04-04) $): Translator framework for WYSIWYG editors • Related: ACTIVATEDPLUGINS, FAILEDPLUGINS, PLUGINVERSION ### PLUGINVERSION -- the version of a Foswiki Plugin, or the Foswiki Plugins API • Syntax: %PLUGINVERSION{"name"}% to get the version of a specific plugin • Example: %PLUGINVERSION{"InterwikiPlugin"}% expands to $Rev: 12957 (2011-10-31) $ • Syntax: %PLUGINVERSION% to get the version of the API • Expands to: 2.1 • Related: WIKIVERSION, ACTIVATEDPLUGINS, FAILEDPLUGINS, PLUGINDESCRIPTIONS ### POPUPWINDOW{"topic" ...} -- opens a topic or url in a new window • Parameters: Parameter: Description: Default: "topic", topic="topic", topic="web.topic" Topic to open url URL to open (if topic is not used) label Link label the topic or the url template View template to call when viewing a topic; not used for URLs "viewplain" width Width of window "600" height Height of window "480" toolbar Show toolbars? "0" scrollbars Show scrollbars? "1" status Show status? "1" location Show location bar? "0" resizable Is the window resizable? "1" left Left position "0" top Top position "0" center Center the window? "0" menubar Show menubar? "0" createnew Create a new window for each popup? "1" • Example with topic link: %POPUPWINDOW{"CompleteDocumentation" label="Open this topic in a new window"}% Generates: Open this topic in a new window • Example with url: %POPUPWINDOW{url="http://foswiki.org"}% Generates: http://foswiki.org • Enable POPUPWINDOW by writing %JQREQUIRE{"popupwindow"}% on the page ### PUBURL -- the base URL of attachments • Syntax: %PUBURL% • Expands to: http://verahavlova.cz/pub • Example: You can refer to a file attached to another topic with %PUBURL%/%WEB%/OtherTopic/image.gif • Related: ATTACHURL, ATTACHURLPATH, PUBURLPATH, SCRIPTURL, SCRIPTURLPATH, FileAttachments ### PUBURLPATH -- the base URL path of attachments ### PURPLE -- start purple colored text • PURPLE is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %PURPLE% purple text %ENDCOLOR% Expands to: purple text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### Q -- question icon ### QUERY -- get the value of meta-data • Uses the query syntax described in QuerySearch to get information about meta-data. • supports formatted access to formfields and other meta-data in topics using the same syntax as is used in IF and SEARCH statements, • gives access to all meta-data, including that added by extensions, • supports reporting values using JSON and other standards, simplifying the retrieval of meta-data for REST applications, • replaces the FORMFIELD macro for most applications. • Syntax: %QUERY{ "query" }% • See QuerySearch for more details of how to write queries • Parameters: • style="stylename" - set the output format (see below) • rev="version" - operate on the given version of the current topic. Note that this will only affect simple queries that refer to the current topic, such as form.name. More complex queries that use searches or indirection to refer to other topics always use the latest version of those topics. • Examples:  Get the name of the form in the current topic: %QUERY{"form.name"}% Get the value of the 'Firstname' form field in the current topic: %QUERY{"fields[name='Firstname'].value"}% Get the value of the 'Firstname' form field in the current topic (shorthand version): %QUERY{"Firstname"}% Get a list of all the names of attachments on the topic 'System.DocumentGraphics': %QUERY{"'System.DocumentGraphics'/attachments.name"}% Get configuration setting {NameFilter}: %QUERY{"{NameFilter}"}% Plain strings (such as field values) are returned without quotes. Simple arrays of scalars are also returned without quotes, in a comma-separated list (beware of values that contain commas!). More complex data structures (e.g. arrays of hashes) will be returned as Perl code strings generated by running through CPAN:Data::Dumper. You can make the macro generate different output formats using the style parameter: • style="perl" - generates values as Perl code strings • style="json" - generates values as JSON strings, suitable for reading by browsers. Only some configuration settings are available via QUERY: {ScriptSuffix}, {LoginManager}, {AuthScripts}, {LoginNameFilterIn}, {AdminUserLogin}, {AdminUserWikiName}, {SuperAdminGroup}, {UsersTopicName}, {AuthRealm}, {MinPasswordLength}, {Register}{AllowLoginName}, {Register}{EnableNewUserRegistration}, {Register}{NeedVerification}, {Register}{RegistrationAgentWikiName}, {AllowInlineScript}, {DenyDotDotInclude}, {UploadFilter}, {NameFilter}, {AccessibleCFG}, {AntiSpam}{EmailPadding}, {AntiSpam}{EntityEncode}, {AntiSpam}{HideUserDetails}, {AntiSpam}{RobotsAreWelcome}, {Stats}{TopViews}, {Stats}{TopContrib}, {Stats}{TopicName}, {UserInterfaceInternationalisation}, {UseLocale}, {Site}{Locale}, {Site}{CharSet}, {DisplayTimeValues}, {DefaultDateFormat}, {Site}{LocaleRegexes}, {UpperNational}, {LowerNational}, {PluralToSingular}, {EnableHierarchicalWebs}, {WebMasterEmail}, {WebMasterName}, {NotifyTopicName}, {SystemWebName}, {TrashWebName}, {SitePrefsTopicName}, {LocalSitePreferences}, {HomeTopicName}, {WebPrefsTopicName}, {UsersWebName}, {TemplatePath}, {LinkProtocolPattern}, {NumberOfRevisions}, {MaxRevisionsInADiff}, {ReplaceIfEditedAgainWithin}, {LeaseLength}, {LeaseLengthLessForceful}, {Plugins}{WebSearchPath}, {PluginsOrder}, {Cache}{Enabled}, {Validation}{Method}, {Register}{DisablePasswordConfirmation} ### QUERYPARAMS -- show paramaters to the query • Expands the parameters to the query that was used to display the page. • Syntax: %QUERYPARAMS{...}% • Supported parameters: Parameter: Description: Default: format="..." Format string for each entry $name=$value separator="..." Separator string separator="$n" (newline)
encoding="entity"
encoding="safe"
encoding="html"
encoding="quotes"
encoding="url"
Control how special characters are encoded. If this parameter is not given, "safe" encoding is performed which HTML entity encodes the characters '"<>%.
entity: Encode special characters into HTML entities, like a double quote into &#034;. Does not encode \n or \r.
safe: Encode characters '"<>% into HTML entities. (this is the default)
html: As type="entity" except it also encodes \n and \r
quotes: Escape double quotes with backslashes (\"), does not change other characters
url: Encode special characters for URL parameter use, like a double quote into %22
type="safe"
• The following escape sequences are expanded in the format string:
Sequence: Expands To:
$name Name of the parameter $value String value of the parameter. Multi-valued parameters will have a "row" for each value.
$n or $n() New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar Most macros accept parameter strings which are split over multiple lines. This is usually more readable than using $n tokens. If you are familiar with sectional includes, you might also consider nested sectional includes to hold the newline content outside of the parameter string entirely.
$nop or $nop() Is a "no operation". This token gets removed; useful for nested search
$quot Double quote (") (\" also works) $percent Percent sign (%) ($percnt also works) $dollar Dollar sign ($) $lt Less than sign (<)
$gt Greater than sign (>) $amp Ampersand (&)
$comma Comma (,) • Example:  %QUERYPARAMS{ format="<input type='hidden' name='$name' value='$value' encoding="entity" />" }% Security warning! Using QUERYPARAMS can easily be misused for cross-site scripting unless specific characters are entity encoded. By default QUERYPARAMS encodes the characters '"<>% into HTML entities (same as encoding="safe") which is relatively safe. The safest is to use encoding="entity". When passing QUERYPARAMS inside another macro always use double quotes ("") combined with using QUERYPARAMS with encoding="quote". For maximum security against cross-site scripting you are adviced to install the Foswiki:Extensions.SafeWikiPlugin. ### QUERYSTRING -- full, unprocessed string of parameters to this URL • String of all the URL parameters that were on the URL used to get to the current page. For example, if you add ?name=Samantha;age=24;eyes=blue to this URL you can see this in action. This string can be appended to a URL to pass parameter values on to another page. URLs built this way are typically restricted in length, typically to 2048 characters. If you need more space than this, you will need to use an HTML form and =%QUERYPARAMS%= • Syntax: %QUERYSTRING% • Expands to:   • Related: QUERYPARAMS, URLPARAM ### RED -- start red colored text • RED is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %RED% red text %ENDCOLOR% Expands to: red text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### REMOTE_ADDR -- environment variable ### REMOTE_PORT -- environment variable ### REMOTE_USER -- environment variable ### RENDERLIST -- render bullet lists in a variety of formats • The %RENDERLIST% macro is handled by the RenderListPlugin • Syntax: %RENDERLIST% • Example: %RENDERLIST{"org" focus="Sales.WestCoastTeam"}% * [[Eng.WebHome][Engineering]] * [[Eng.TechPubs][Tech Pubs]] * [[Sales.WestCoastTeam][Sales]] * [[Sales.EastCoastTeam][East Coast]] * [[Sales.WestCoastTeam][West Coast]] Expands as:  Sales  East Coast?  West Coast? • Related: RenderListPlugin ### RENDERZONE %RENDERZONE{"zone" ...}%  See ADDTOZONE for an explanation of zones. Parameters: • "zone" required, name of the zone. • format="..." optional, format string for each item added to the zone, default: $item <!--<literal> $id$missing</literal>-->
Tokens:
• $id - id of the ADDTOZONE call within the zone currently being rendered. • $item - text of the ADDTOZONE call within the zone currently being rendered.
• $zone - the "zone" currently being rendered. • $missing - if the ADDTOZONE call being rendered required any id which was not found, then $missing is the missingtoken parameter; empty string otherwise. • $missingids - comma separated list of ids that were required by the ADDTOZONE call currently being rendered but weren't found within this zone.
• missingtoken="..." optional, this will be the string assigned to the $missing format token for use in the format parameter. Default: $id: requires= missing ids: $missingids • chomp="on" remove leading and trailing whitespace from formatted items, can be useful for pretty-printing and compression. • header="..." optional, prepended to the output • footer="..." optional, appended to the output • separator="..." optional, put between each item of a zone Supports the standard format tokens in all parameters. Notes: • header and footer are not output if there is no content in the zone (nothing has been ADDTOZONEd ). However they are output if the output is the empty string (at least one ADDTOZONE has been processed). • Zones are cleared after being rendered; they are only ever rendered once. • head and script are automatic zones. They don't require a corresponding RENDERZONE anywhere in the templates - they are automatically inserted before the </head> tag in the output HTML page. • Normally, dependencies between individual ADDTOZONE statements are resolved within each zone. However, if {MergeHeadAndScriptZones} is enabled in configure, then head content which requires an id that only exists in script (and vice-versa) will be re-ordered to satisfy any dependency. {MergeHeadAndScriptZones} will be removed from a future version of Foswiki. See also ADDTOZONE for more information on zones. ### REVINFO -- revision information of current topic • Syntax: • Date format defined as {DefaultDateFormat} in configure ### REVINFO{"format"} -- formatted revision information of topic • Syntax: %REVINFO% OR %REVINFO{"format"}% • %REVINFO% is equivalent to %REVINFO{format="r1.$rev - $date -$wikiusername"}%
• Expands to: r1 - 26 Jun 2011 - 21:39:52 - Main.ProjectContributor
• Supported parameters:
Parameter: Description: Default:
"format" Format of revision information, see supported formatting tokens below "r1.$rev -$date - $wikiusername" web="..." Name of web Current web topic="..." Topic name Current topic rev="1.5" Specific revision number Latest revision • Supported formatting tokens: Token: Unit: Example $web Name of web Current web
$topic Topic name Current topic $rev Revision number. Prefix r1. to get the usual r1.5 format 5
$username Login username of revision jsmith $wikiname WikiName of revision JohnSmith
$wikiusername WikiName with Main web prefix Main.JohnSmith $date Revision date. Actual date format defined as {DefaultDateFormat} in configure 21 Sep 2006
$time Revision time 23:24:25 $iso Revision date in ISO date format 2006-09-22T06:24:25Z
$min, $sec, etc. Same date format qualifiers as GMTIME{"format"}
• Example, returns revision info of first revision:
%REVINFO{"$date -$wikiusername" rev="1.1"}%
• To get the latest revision, even when looking at an older revision:
%REVINFO{"$rev" rev="-1"}% • Related: GMTIME{"format"}, REVINFO ### S -- red star icon ### SCRIPTNAME -- name of current script • The name of the current script is shown, including script suffix, if any (for example viewauth.cgi) • Syntax: %SCRIPTNAME% • Expands to: view • Related: SCRIPTSUFFIX, SCRIPTURL, SCRIPTURLPATH ### SCRIPTSUFFIX -- script suffix • Some Foswiki installations require a file extension for CGI scripts, such as .pl or .cgi • Syntax: %SCRIPTSUFFIX% • Expands to: • Related: SCRIPTNAME, SCRIPTURL, SCRIPTURLPATH ### SCRIPTURL{"script"} -- URL of script • Syntax: %SCRIPTURL% OR %SCRIPTURL{"script"}% • %SCRIPTURL% returns the base URL of scripts - expands to http://verahavlova.cz/bin • Expands to: http://verahavlova.cz/bin/script • Example: To get the authenticated version of the current topic you can write %SCRIPTURL{"viewauth"}%/%WEB%/%TOPIC% which expands to http://verahavlova.cz/bin/viewauth/System/Macros In most cases you should use %SCRIPTURLPATH{"script"}% instead, as it works with URL rewriting much better The edit script should always be used in conjunction with ?t=%GMTIME{"$epoch"}% to ensure pages about to be edited are not cached in the browser
• Related: PUBURL, SCRIPTNAME, SCRIPTSUFFIX, SCRIPTURLPATH

### SCRIPTURLPATH{"script"} -- URL path of script

• As %SCRIPTURL{"script"}%, but doesn't include the protocol and host part of the URL
• Syntax: %SCRIPTURL% OR %SCRIPTURLPATH{"script"}%
• Expands to: /bin/script

### STARTINCLUDE -- start position of topic text if included

• If present in included topic, start to include text from this location up to the end, or up to the location of the %STOPINCLUDE% macro. A normal view of the topic shows everything exept the %STARTINCLUDE% macro itself.
• Syntax: %STARTINCLUDE%
If you want more than one part of the topic included, use %STARTSECTION{type="include"}% instead
• Related: INCLUDE, STARTSECTION, STOPINCLUDE

### STARTSECTION -- marks the start of a section within a topic

• Section boundaries are defined with %STARTSECTION{}% and %ENDSECTION{}%.
• Sections may be given a name to help identify them, and/or a type, which changes how they are used.
• type="section" - the default, used for a generic section, such as a named section used by INCLUDE.
• type="include" - like %STARTINCLUDE% ... %STOPINCLUDE% except that you can have as many include blocks as you want which are all merged into one when included (%STARTINCLUDE% is restricted to only one). Sections of type include may not be given a name.
• type="expandvariables" - all macros inside an "expandvariables" type section gets expanded when a new topic based on the template topic is created. See TemplateTopics for more information.
• type="templateonly" - start position of text to be removed when a template topic is used. This is used to embed text that you do not want expanded when a new topic based on the template topic is created. See TemplateTopics for more information.
• Syntax: %STARTSECTION{"name"}% ................... %ENDSECTION{"name"}%
• Syntax: %STARTSECTION{type="include"}% ........... %ENDSECTION{type="include"}%
• Syntax: %STARTSECTION{type="expandvariables"}% ... %ENDSECTION{type="expandvariables"}%
• Syntax: %STARTSECTION{type="templateonly"}% ...... %ENDSECTION{type="templateonly"}%

• Supported parameters:
Parameter: Description: Default
"name" Name of the section. Must be unique inside a topic. Generated name
type="..." Type of the section; type "section", "expandvariables", "include" or "templateonly" "section"
If a section is not given a name, it will be assigned one. Unnamed sections are assigned names starting with _SECTION0 for the first unnamed section in the topic, _SECTION1 for the second, etc..

You can define nested sections. It is not recommended to overlap sections, although it is valid in Foswiki. Use named sections to make sure that the correct START and ENDs are matched. Section markers are not displayed when a topic is viewed.
• Related: ENDSECTION, INCLUDE, NOP, STARTINCLUDE, STOPINCLUDE

### STOPINCLUDE -- end position of topic text if included

• If present in included topic, stop to include text at this location and ignore the remaining text. A normal view of the topic shows everyting exept the %STOPINCLUDE% macro itself.
• Syntax: %STOPINCLUDE%
• Related: INCLUDE, STARTINCLUDE

### SYSTEMWEB -- name of documentation web

• The web containing all documentation and default preference settings
• Syntax: %SYSTEMWEB%
• Expands to: System
• Related: USERSWEB

### TAB{"text" ...} -- tab inside a tabpane widget

• Defines a tab inside a TABPANE area; must be closed using ENDTAB.
• Parameters:
Parameter: Description: Default:
"text" label of the tab Tab
before when switching tabs, this is the javascript fragment to be executed just before the tab is displayed
after this javascript handler is to be executed after the tab has been made visible
afterload this javascript handler will be called when content loaded asynchronously (using the url parameter, below) has finished loading; depending on the network latency, this can be significantly later than execution of the after handler above
id id of this tab; this id can be used in the TABPANEs select parameter to display this tab; this id is also added to the class attribute of the html element representing the tab button
url link from where to load the content of the tab asynchronously when selecting this tab; the result of the addressed handler will replace the content area; if no url is set the content of the TAB ... ENDTAB area will be shown when the tab is selected
width width of the tab area auto
height height of the tab area auto
container element where ajax content will be loaded; this is only used together with url
• Related: VarENDTAB, VarTABPANE, VarENDTABPANE, JQueryPlugin, JQueryTabpane

### TABLE{ attributes } -- control attributes of tables and sorting of table columns

• The %TABLE{}% macro is handled by the TablePlugin
• Syntax: %TABLE{ attributes }%

#### Attributes for tables

Argument Comment Default value Example
tableborder Table border width (pixels). "1" tableborder="2"
tablebordercolor Table border color . Is only visible when cellspacing is larger than 1, or cellborder is 0, or tablerules is none, otherwise the cell borders overlap the table border. unspecified tablebordercolor="#333"
tableframe Table frame, set to "void" (no sides), "above" (the top side only), "below" (the bottom side only), "hsides" (the top and bottom sides only), "lhs" (the left-hand side only), "rhs" (the right-hand side only), "vsides" (the right and left sides only), "box" (all four sides), "border" (all four sides). unspecified tableframe="hsides"
tablerules Table rules, set to "none" (no rules), "groups" (rules will appear between row groups and column groups only), "rows" (rules will appear between rows only), "cols" (rules will appear between columns only), "all" (rules will appear between all rows and columns). See also: headerrules and datarules. unspecified tablerules="rows"
tablewidth Table width: percentage of window width, or absolute pixel value. unspecified tablewidth="100%"
headerrows Number of header rows to exclude from sort. (will be rendered in a HTML thead section) "1" headerrows="1"
footerrows Number of footer rows to exclude from sort. (will be rendered in a HTML tfoot section) "0" footerrows="1"
id Unique table identifier string, used for targeting a table with CSS. tableN (where N is the table order number on the page) id="userTable"
summary Table summary used by screen readers: A summary of what the table presents. It should provide an orientation for someone who listens to the table. unspecified summary="List of subscribed users"
caption Table caption: A title that will be displayed just above the table. unspecified caption="Users"
inlinemarkup Set to "on" to generate inline markup HTML (in addition to the CSS markup); useful if you need to copy the table, for instance to paste the table into an email). unspecified inlinemarkup="on"

#### Attributes for table sorting

Argument Comment Default value Example
sort Set the table sorting user interface (clickable column headers) "on" or "off". unspecified sort="on"
initsort Column to sort initially (use "1" for the first column). If specified, sorting is enabled; by setting sort="off" the sorting interface can be hidden. unspecified initsort="2"
initdirection Initial sorting direction for initsort, set to "up" (descending, or decreasing in value) or "down" (ascending, or increasing in value). down initdirection="up"
disableallsort Disable all sorting, both initsort and header sort. This is mainly used by plugins such as the EditTablePlugin to disable sorting in a table while editing the table. unspecified disableallsort="on"

#### Attributes for table cells

Argument Comment Default value Example
cellpadding Cell padding (pixels). unspecified cellpadding="0"
cellspacing Cell spacing (pixels). unspecified cellspacing="3"
cellborder Cell border width (pixels). unspecified cellborder="0"
valign Vertical alignment of cells and headers, set to "top", "middle", "bottom" or "baseline". unspecified valign="top"
columnwidths Column widths: Comma delimited list of column widths, percentage or absolute pixel value. unspecified columnwidths="80%,20%"

#### Attributes for data cells

Argument Comment Default value Example
datarules Set to "none" (no rules), "rows" (rules will appear between rows only), "cols" (rules will appear between columns only), "all" (rules will appear between all rows and columns). Overrides tablerules for data cells. unspecified datarules="none"
datavalign Vertical alignment of data cells; overrides valign. unspecified datavalign="top"
dataalign Data cell alignment, one value for all columns, or a comma separated list for different alignment of individual columns. Set to "left", "center", "right" or "justify". Overrides individual cell settings. unspecified dataalign="center"
databg Data cell background colour, a comma separated list. Specify "none" for no colour, that is to use the colour/background of the page the table is on. "#edf4f9,#fff" databg="#f2f2f2,#fff"
databgsorted Data cell background colour of a sorted column; see databg. the values of databg databgsorted="#d4e8e4, #e5f5ea"
datacolor Data cell text colour, a comma separated list. unspecified datacolor="#00c, #000"

Argument Comment Default value Example
headerrules Set to "none" (no rules), "rows" (rules will appear between rows only), "cols" (rules will appear between columns only), "all" (rules will appear between all rows and columns). Overrides tablerules for header cells. unspecified headerrules="none"
headerbg Header cell background colour. Specify "none" for no colour, that is to use the colour/background of the page the table is on. "#6b7f93" headerbg="#999"
headerbgsorted Header cell background colour of a sorted column. Specify "none" for no colour, that is to use the colour/background of the page the table is on. the value of headerbg headerbgsorted="#32596c"
headercolor Header cell text colour. "#fff" headercolor="#00c"
headervalign Vertical alignment of header cells; overrides valign. unspecified headervalign="top"
headeralign Header cell alignment, one value for all columns, or a comma separated list for different alignment of individual columns. Set to "left", "center", "right" or "justify". Overrides individual cell settings. unspecified headeralign="left,right"
headerrows See: Attributes for tables

#### Other attributes

Argument Comment Default value Example
include Other topic defining the TABLE parameters. The first %TABLE% in the topic is used. This is useful if you have many topics with the same table format and you want to update the format in one place. Use topic or web.topic notation. unspecified include="Main.WebHome"

• Example:
 %TABLE{ tableborder="0" cellpadding="4" cellspacing="3" cellborder="0" }%
| *A1* | *B1* |
| A2   | B2   |
• Expands as:
A1 B1
A2 B2
• Related: See TablePlugin for more details

### TABPANE{...} -- tabpane widget

• This macro starts the tabpane, containing a series of TAB...ENDTABs and ends with ENDTABPANE. A complete tabpane normally looks like this:
%TABPANE%
%TAB{"tab 1"}%
...
%ENDTAB%
%TAB{"tab 2"}%
...
%ENDTAB%
%ENDTABPANE%

Multiple tabpanes can be nested using the following scheme:
%TABPANE%
%TAB{"tab 1"}%
%TABPANE%
%TAB{"tab 1.1"}%
...
%ENDTAB%
%TAB{"tab1.2"}%
...
%ENDTAB%
%ENDTABPANE%
%ENDTAB%
%TAB{"tab 2"}%
...
%ENDTAB%
%ENDTABPANE%

• Example: see JQueryTabpane for more examples
• Parameters:
Parameter: Description: Default:
select number or id of tab to select 1
automaxexpand resizes the tabpane to the maximum height to fit into the window off
minheight when automaxexpand is enabled, this is the minimum size a tab is allowed to be resized 230
class extra class: use simple for a non-3D tabpane
animate (on/off) enables/disables animation of switching tabs off
• Related: VarTAB, VarENDTAB, VarENDTABPANE, JQueryPlugin, JQueryTabpane

### TEAL -- start teal colored text

• TEAL is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
Example:
%TEAL% teal text %ENDCOLOR%
Expands to: teal text

%<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write
%RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%
Related: ENDCOLOR, DefaultPreferences, StandardColors

• Table of Contents. Shows a TOC that is generated automatically based on headings of a topic. Headings in WikiSyntax ("---++ text") and HTML ("<h2>text</h2>") are taken into account. Any heading text after "!!" is excluded from the TOC; for example, write "---+!! text" if you do not want to list a header in the TOC
• Syntax: %TOC% OR %TOC{"SomeTopic" ...}%
• Supported parameters:
Parameter: Description: Default:
"TopicName" topic name Current topic
web="Name" Name of web Current web
depth="2" Limit depth of headings shown in TOC 6
title="Some text" Title to appear at top of TOC none
• Default settings are defined in System.DefaultPreferences, and can be overridden in Main.SitePreferences
• Examples:
%TOC{depth="2"}%
%TOC{"CompleteDocumentation" web="%SYSTEMWEB%" title="Contents:"}%
TOC will add an HTML anchor called foswikiTOC just before the table of contents. This enables adding a link from within a topic back to the table of contents to ease navigation. Example [[#foswikiTOC][Back to TOC]] creates Back to TOC.

If multiple headers have the exact same text, the anchors for the 2nd, 3rd etc will be suffixed by _AN1, _AN2 etc so the anchors become unique.

### TOPIC -- name of current topic

• %TOPIC% expands to the name of the topic. If you are looking at the text of an included topic, it is the name of the included topic.
• Syntax: %TOPIC%
• Expands to: Macros, renders as Macros
• Related: BASETOPIC, INCLUDINGTOPIC, TOPICLIST, WEB

### TOPICLIST{"format"} -- topic index of a web

• List of all topics in a web. The "format" defines the format of one topic item. It may include formatting tokens: The $topic token gets expanded to the topic name, $marker to marker parameter where topic matches selection, and $web to the name of the web, or any of the standard FormatTokens. • Syntax: %TOPICLIST{"format" ...}% • Supported parameters: Parameter: Description: Default: "format" Format of one line, may include $web (name of web), $topic (name of the topic), $marker (which expands to marker for the item matching selection only) "$topic" format="format" (Alternative to above) "$topic"
separator=", " line separator "$n" (new line) marker="selected" Text for $marker if the item matches selection "selected"
selection="TopicA, TopicB" Current value to be selected in list (none)
web="Name" Name of web Current web
• Examples:
   Create a bullet list of all topics:
%TOPICLIST{"   * $web.$topic"}%

Create a comma separated list of all topics:
%TOPICLIST{separator=", "}%

Create an option list (for drop down menus):
%TOPICLIST{" <option>$topic</option>"}% Create an option list of web topics with the current topic selected: <select>%TOPICLIST{ " <option$marker value='$topic'>$topic</option>"
separator=" "
selection="%TOPIC%"
}%</select>
• Related: SEARCH, WEBLIST

### TWIKIWEB -- synonym for SYSTEMWEB

Deprecated. Use %SYSTEMWEB% instead

### TWISTY

This renders the button as well as the toggled content section contained within this and the closing ENDTWISTY tag.

Usage: %TWISTY{ ... }% Toggable contents %ENDTWISTY%
Parameter Value Description Remark
id Unique identifier Used to link TWISTYBUTTON and TWISTYTOGGLE optional
link Link label Link label for both show and hide links optional
hidelink Link label Hide link label optional
showlink Link label Show link label optional
mode "div" or "span" Specify if the Twisty Toggle section will use a <div> or a <span> tag. Note that if the contents contains block elements such as div, mode should be div as well to create valid HTML markup. optional, defaults to <div>
showimgleft Image url Specify the url of an image that will be displayed with the show link at the left side of the link.
You may use ICONURLPATH to display one of the System.DocumentGraphics icons. Alternatively use an image attached to the topic.
optional, defaults to no image
hideimgleft Image url Specify the url of an image that will be displayed with the hide link at the left side of the link.
You may use ICONURLPATH to display one of the System.DocumentGraphics icons. Alternatively use an image attached to the topic.
optional, defaults to no image
showimgright Image url Specify the url of an image that will be displayed with the show link at the right side of the link.
You may use ICONURLPATH to display one of the System.DocumentGraphics icons. Alternatively use an image attached to the topic.
optional, defaults to no image
hideimgright Image url Specify the url of an image that will be displayed with the hide link at the right side of the link.
You may use ICONURLPATH to display one of the System.DocumentGraphics icons. Alternatively use an image attached to the topic.
optional, defaults to no image
remember "on", "off" If "on", the Twisty state is remembered the next time the page is shown. If "off", the stored setting will be cleared.

Note: when used, think carefully about a unique name (id) for the Twisty, otherwise the cookie that is set might affect other Twisties with the same name. Also note that only interaction is stored, not the state of the Twisty when left unclicked.
optional, no default
start "hide" or "show" Initial state of the Twisty; this will override any setting stored in a cookie (see remember). optional, default no initial state
firststart "hide" or "show" Initial state of the Twisty the first time the visitor gets to see the Twisty; this will NOT override cookie settings (see remember). optional, default no initial state
noscript "hide" Make content hidden in case use does not have JavaScript on optional, default content is shown in case JavaScript if off
class CSS class name Class for Twisty div or span optional, default none
linkclass CSS class name Class for link optional, default none
prefix Text Text to display before the show/hide links optional, default none
suffix Text Text to display after the show/hide links optional, default none
img Image url Deprecated, use showimgleft, hideimgleft, showimgright or hideimgright. optional, defaults to no image
imgleft Image url Deprecated, use showimgleft, hideimgleft, showimgright or hideimgright. optional, defaults to no image
imgright Image url Deprecated, use showimgleft, hideimgleft, showimgright or hideimgright. optional, defaults to no image
hideimg Image url Deprecated, use showimgleft, hideimgleft, showimgright or hideimgright. optional, defaults to no image
showimg Image url Deprecated, use showimgleft, hideimgleft, showimgright or hideimgright. optional, defaults to no image

### TWISTYBUTTON

Shorthand version for TWISTYSHOW & TWISTYHIDE This is useful if both the show and the hide button take the same arguments.
• Supported parameters: all parameters supported by TWISTY, except for noscript and class (only used for 'toggle' content)
• Parameter differences:
• mode: button mode defaults to div
• Syntax: %TWISTYBUTTON{id="myid" ... }%
• Supported parameters:
Parameter Value Description Remark
mode "div" or "span" Specify if the Twisty button will use a <div> or a <span> tag. Note that if the contents contains block elements such as div, mode should be div as well to create valid HTML markup. optional, defaults to <div>
• Example:
%TWISTYBUTTON{
id="myid"
}%%TWISTYTOGGLE{
id="myid"
}%content%ENDTWISTYTOGGLE%
• Expands as:
content
• Related: VarENDTWISTY, VarENDTWISTYTOGGLE, VarTWISTY, VarTWISTYBUTTON, VarTWISTYHIDE, VarTWISTYSHOW, VarTWISTYTOGGLE

### TWISTYHIDE

• Syntax: %TWISTYHIDE{id="myid" ... }%
• Supported parameters:
Parameter Value Description Remark
id Unique identifier Used to link TWISTYSHOW, TWISTYHIDE and TWISTYTOGGLE required
link Link label Hide link label optional
mode "div" or "span" Specify if the Twisty Hide link will use a <div> or a <span> tag. Note that if the contents contains block elements such as div, mode should be div as well to create valid HTML markup. optional, defaults to <div>
img Image url Specify the url of an image that will be displayed at the right side of the link.
You may use ICONURLPATH to display one of the System.DocumentGraphics icons. Alternatively use an image attached to the topic.
optional, defaults to no image
remember "on", "off" If "on", the Twisty state is remembered the next time the page is shown. If "off", the stored setting will be cleared.
Note: when used, think carefully about a unique name (id) for the Twisty, otherwise the cookie that is set might affect other Twisties with the same name. Also note that only interaction is stored, not the state of the Twisty when left unclicked.
optional, no default
start "hide" or "show" Initial state of the Twisty; this will override any setting stored in a cookie (see remember). optional, default no initial state
firststart "hide" or "show" Initial state of the Twisty the first time the visitor gets to see the Twisty; this will NOT override cookie settings (see remember). optional, default no initial state
• Example:
%TWISTYHIDE{id="demo" link=" Click to Fold " imgleft="%ICONURLPATH{toggleclose}%"}%
• Related: VarENDTWISTY, VarENDTWISTYTOGGLE, VarTWISTY, VarTWISTYBUTTON, VarTWISTYHIDE, VarTWISTYSHOW, VarTWISTYTOGGLE

### TWISTYSHOW

• Syntax: %TWISTYSHOW{id="myid" ... }%
• Supported parameters:
Parameter Value Description Remark
id Unique identifier Used to link TWISTYSHOW, TWISTYHIDE and TWISTYTOGGLE required
link Link label Show link label optional
mode "div" or "span" Specify if the Twisty Show link will use a <div> or a <span> tag. Note that if the contents contains block elements such as div, mode should be div as well to create valid HTML markup. optional, defaults to <div>
img Image url Specify the url of an image that will be displayed at the right side of the link.
You may use ICONURLPATH to display one of the System.DocumentGraphics icons. Alternatively use an image attached to the topic.
optional, defaults to no image
imgleft Image url Specify the url of an image that will be displayed at the left side of the link.
You may use ICONURLPATH to display one of the System.DocumentGraphics icons. Alternatively use an image attached to the topic.
optional, defaults to no image
imgright Image url Specify the url of an image that will be displayed at the right side of the link.
You may use ICONURLPATH to display one of the System.DocumentGraphics icons. Alternatively use an image attached to the topic.
optional, defaults to no image
remember "on", "off" If "on", the Twisty state is remembered the next time the page is shown. If "off", the stored setting will be cleared.
Note: when used, think carefully about a unique name (id) for the Twisty, otherwise the cookie that is set might affect other Twisties with the same name. Also note that only interaction is stored, not the state of the Twisty when left unclicked.
optional, no default
start "hide" or "show" Initial state of the Twisty; this will override any setting stored in a cookie (see remember). optional, default no initial state
firststart "hide" or "show" Initial state of the Twisty the first time the visitor gets to see the Twisty; this will NOT override cookie settings (see remember). optional, default no initial state
• Example:
%TWISTYSHOW{id="demo" link=" Click to Unfold " imgleft="%ICONURLPATH{toggleopen}%"}%
• Related: VarENDTWISTY, VarENDTWISTYTOGGLE, VarTWISTY, VarTWISTYBUTTON, VarTWISTYHIDE, VarTWISTYSHOW, VarTWISTYTOGGLE

### TWISTYTOGGLE

Twisty Toggle contents section
• Syntax: %TWISTYTOGGLE{id="myid"}%
• Supported parameters:
Parameter Value Description Remark
id Unique identifier Used to link TWISTYSHOW, TWISTYHIDE and TWISTYTOGGLE. required
mode "div" or "span" Specify if the Twisty Toggle section will use a <div> or a <span> tag. Note that if the contents contains block elements such as div, mode should be div as well to create valid HTML markup. optional, defaults to <div>
class CSS class name Class for content div or span optional, default none
linkclass CSS class name Class for link optional, default none
remember "on", "off" If "on", the Twisty state is remembered the next time the page is shown. If "off", the stored setting will be cleared.
Note: when used, think carefully about a unique name (id) for the Twisty, otherwise the cookie that is set might affect other Twisties with the same name. Also note that only interaction is stored, not the state of the Twisty when left unclicked.
optional, no default
start "hide" or "show" Initial state of the Twisty; this will override any setting stored in a cookie (see remember). optional, default no initial state
firststart "hide" or "show" Initial state of the Twisty the first time the visitor gets to see the Twisty; this will NOT override cookie settings (see remember). optional, default no initial state
noscript "hide" Make content hidden in case use does not have JavaScript on optional, default content is shown with no JavaScript
• Example:
%TWISTYTOGGLE{id="demo" mode="div" remember="on"}%My content%ENDTWISTYTOGGLE%
• Related: VarENDTWISTY, VarENDTWISTYTOGGLE, VarTWISTY, VarTWISTYBUTTON, VarTWISTYHIDE, VarTWISTYSHOW, VarTWISTYTOGGLE

### URLPARAM{"name"} -- get value of a URL parameter

• Returns the value of a URL parameter.
• Syntax: %URLPARAM{"name"}%
• Supported parameters:
Parameter: Description: Default:
"name" The name of a URL parameter required
default="..." Default value in case parameter is empty or missing empty string
newline="<br />" Convert newlines in textarea to other delimiters no conversion
encode="off"
encode="entity"
encode="safe"
encode="url"
encode="quote"
Control how special characters are encoded
off: No encoding. Avoid using this when possible. See the security warning below.
entity: Encode special characters into HTML entities. See ENCODE for more details.
safe: Encode characters '"<>% into HTML entities.
url: Encode special characters for URL parameter use, like a double quote into %22
quote: Escape double quotes with backslashes (\"), does not change other characters; required when feeding URL parameters into other macros.
"safe"
multiple="on"
multiple="[[$item]]" If set, gets all selected elements of a <select multiple="multiple"> tag. A format can be specified, with $item indicating the element, e.g. multiple="Option: $item" (also supports the standard format tokens) first element separator=", " Separator between multiple selections. Only relevant if multiple is specified "\n" (new line) • Example: %URLPARAM{"skin"}% returns print for a .../view/System/Macros?skin=print URL • Notes: • URL parameters passed into HTML form fields must be entity ENCODEd. • Double quotes in URL parameters must be escaped when passed into other macros. Example: %SEARCH{ "%URLPARAM{ "search" encode="quote" }%" noheader="on" }% • When used in a template topic, this macro will be expanded when the template is used to create a new topic. See TemplateTopics#TemplateTopicsVars for details. • Watch out for internal parameters, such as rev, skin, template, topic, web; they have a special meaning in Foswiki. Common parameters and view script specific parameters are documented at CommandAndCGIScripts. • If you have %URLPARAM{ in the value of a URL parameter, it will be modified to %<nop>URLPARAM{. This is to prevent an infinite loop during expansion. • Security warning! Using URLPARAM can easily be misused for cross-site scripting unless specific characters are entity encoded. By default URLPARAM encodes the characters '"<>% into HTML entities (same as encode="safe") which is relatively safe. The safest is to use encode="entity". When passing URLPARAM inside another macro always use double quotes ("") combined with using URLPARAM with encode="quote". For maximum security against cross-site scripting you are adviced to install the Foswiki:Extensions.SafeWikiPlugin. • Related: ENCODE, SEARCH, FormattedSearch, QUERYSTRING ### USERINFO{"name"} -- retrieve details about a user • Syntax: %USERINFO% • Expands to: guest, Main.WikiGuest,  (comma-separated list of the username, wikiusername, and emails) • With formatted output, using tokens $emails, $username, $wikiname, $wikiusername, $groups and $admin ($admin returns 'true' or 'false'):
• Example:
%USERINFO{ format="$username is really$wikiname" }%
• Expands to: guest is really WikiGuest
• Retrieve information about another user:
• Example:
%USERINFO{ "WikiGuest" format="$username is really$wikiname" }%
• Expands to: guest is really WikiGuest
You need to be a member of Main.AdminGroup for the USERINFO macro to provide details about other users
The parameter should be the wikiname of a user. You can also pass a login name. You can only get information about another user if the {AntiSpam}{HideUserDetails} configuration option is not enabled, or if you are an admin. (User details are hidden in this site)

• Foswiki makes names available in three formats: USERNAME like jsmith, WIKINAME like JohnSmith and WIKIUSERNAME like Main.JohnSmith. Un-authenticated users are all Main.WikiGuest.
• Syntax: %USERNAME%
• Expands to: guest
When used in a template topic, this macro will be expanded when the template is used to create a new topic. See TemplateTopics#TemplateTopicsVars for details
• Related: REMOTE_USER, USERINFO, WIKINAME, WIKIUSERNAME, UserAuthentication

### USERSWEB -- name of users web

• The web containing individual user topics, Main.WikiGroups, and customised site-wide preferences.
• Syntax: %USERSWEB%
• Expands to: Main
• Related: SYSTEMWEB

### VAR{"NAME" web="Web"} -- get a preference value from another web

• Syntax: %VAR{"NAME" web="Web"}%
• Example: To get %WEBBGCOLOR% of the Main web write %VAR{"WEBBGCOLOR" web="Main"}%, which expands to #FFEFA6
• Related: WEBPREFSTOPIC

### VBAR -- vertical bar

• The vertical bar macro can be used in TML tables.
• Current value: VBAR = |
• Related: BR, BULLET, BB, BB2, BB3, BB4, CARET

### WEB -- name of current web

• %WEB% expands to the name of the web where the topic is located. If you are looking at the text of an included topic, it is the web where the included topic is located.
• Syntax: %WEB%
• Expands to: System
• Related: BASEWEB, INCLUDINGWEB, TOPIC

### WEBLIST{"format"} -- index of all webs

• List of all webs. Obfuscated webs are excluded, e.g. webs with a NOSEARCHALL = on preference setting. The "format" defines the format of one web item. The $name gets expanded to the name of the web, $qname gets expanded to double quoted name, $marker to marker where web matches selection. Subwebs are listed recursively. • Syntax: %WEBLIST{"format" ...}% • Supported parameters: Parameter: Description: Default: "format" Format of one line, may include $name (the name of the web), $qname (the name of the web in double quotes), $indentedname (the name of the web with parent web names replaced by indents, for use in indented lists), and $marker (which expands to marker for the item matching selection only) $name
format="format" (Alternative to above) $name separator=", " Line separator $n (new line)
web="" if you specify $web in format, it will be replaced with this value. none webs="public" Comma separated list of webs to consider. This list can include two pseudo-webs, public which expands to all non-hidden and webtemplate which expands to the names of all template webs. NOTE: Administrators will see all webs, not just the public ones public subwebs="Sandbox" Specifies a single web. If specified, then public and webtemplate (described above) will expand relative to show subwebs *below this web only. "" selection="%WEB%" Entry to be selected in list. If one of the webs matches this selection, then $marker in the format will be expanded selection=%WEB%
marker="selected" Text for $marker if the item matches selection selected="selected" • Example, creates a bullet list of all webs: %WEBLIST{" * [[$name.%HOMETOPIC%]]"}%
• Example, creates a dropdown of all public webs + Trash web, with the current web highlighted:
<form><select name="web">%WEBLIST{
"<option $marker value='$qname'>$name</option>" webs="Trash, public" selection="%WEB%" separator=" " }% </select></form> WEBLIST will not show a web called 'TWiki' even if it exists in the file system unless the TWikiCompatibilityPlugin is installed and activated in configure. This is done to ensure that the TWiki compatibility components such as the TWiki web are only visible and active when needed • Related: TOPICLIST, SEARCH ### WEBPREFSTOPIC -- name of web preferences topic ### WHITE -- start white colored text • WHITE is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %WHITE% white text %ENDCOLOR% Expands to: white text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### WIKIHOMEURL -- site home URL • Syntax %WIKIHOMEURL% • Expands to /bin/view • Normally by default set to %SCRIPTURLPATH{"view"}% For the top bar logo URL use %WIKILOGOURL% defined in WebPreferences instead. • Related: WIKITOOLNAME ### WIKINAME -- your Wiki username • The WikiName is the same as %USERNAME% if not defined in the Main.WikiUsers topic • Syntax: %WIKINAME% • Expands to: WikiGuest When used in a template topic, this macro will be expanded when the template is used to create new topic. See TemplateTopics#TemplateTopicsVars for details • Related: REMOTE_USER, USERINFO, USERNAME, WIKIUSERNAME, WIKIUSERSTOPIC ### WIKIPREFSTOPIC -- name of site-wide preferences topic ### WIKITOOLNAME -- name of your site ### WIKIUSERNAME -- your Wiki username with web prefix • Your %WIKINAME% with Main web prefix, useful to point to your Foswiki home page • Syntax: %WIKIUSERNAME% • Expands to: Main.WikiGuest, renders as Main.WikiGuest When used in a template topic, this macro will be expanded when the template is used to create a new topic. See TemplateTopics#TemplateTopicsVars for details • Related: REMOTE_USER, USERINFO, USERNAME, WIKINAME ### WIKIUSERSTOPIC -- name of topic listing all registered users • Syntax: %WIKIUSERSTOPIC% • Expands to: WikiUsers, with Main prefix renders as Main.WikiUsers • Related: WIKIUSERNAME ### WIKIVERSION -- the version of the installed Foswiki engine • Syntax: %WIKIVERSION% • Expands to: Foswiki-1.1.4, Tue, 20 Dec 2011, build 13483 • Related: PLUGINVERSION, WIKITOOLNAME ### WIKIWEBMASTER -- feedback email address for site • Syntax: %WIKIWEBMASTER% • Expands to: webmaster@panacom.cz • Related: WIKIWEBMASTERNAME ### WIKIWEBMASTERNAME -- Name of the administrator for the site • Syntax: %WIKIWEBMASTERNAME% • Expands to: Wiki Administrator • Related: WIKIWEBMASTER ### X -- warning icon ### Y -- "yes" icon ### YELLOW -- start yellow colored text • YELLOW is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors. Example: %YELLOW% yellow text %ENDCOLOR% Expands to: yellow text %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR% Related: ENDCOLOR, DefaultPreferences, StandardColors ### Shortcuts The following macros are preference settings and are frequently used in topic content. • %BR% - line break • %BULLET% - bullet sign • %BB% - line break and bullet combined • %BB2% - indented line break and bullet • %RED% text %ENDCOLOR% - colored text (also %YELLOW%, %ORANGE%, %PINK%, %PURPLE%, %TEAL%, %NAVY%, %BLUE%, %AQUA%, %LIME%, %GREEN%, %OLIVE%, %MAROON%, %BROWN%, %BLACK%, %GRAY%, %SILVER%, %WHITE%) • %H% - Help icon • %I% - Idea icon • %M% - Moved to icon • %N% - New icon • %P% - Refactor icon • %Q% - Question icon • %S% - Red star icon • %T% - Tip icon • %U% - Updated icon • %X% - Alert icon • %Y% - Done icon See ShortcutMacros for a full list of predefined shortcuts. Back to top # Formatted Search Customize the display of search results. The default output format of a %SEARCH{...}% is a table consisting of topic names and topic summaries. Use the format="..." parameter to customize the search result. The format parameter typically defines a bullet or a table row containing macros, such as %SEARCH{ "food" format="|$topic | $summary |" }%. See %SEARCH{...}% for other search parameters, such as separator="". ## Syntax Three parameters can be used to specify a customized search result: ### 1. header="..." parameter Use the header parameter to specify the header of a search result. It should correspond to the format of the format parameter. This parameter is optional. Example: header="| *Topic:* | *Summary:* |" Format tokens that can be used in the header string: Name: Expands To: $web Name of the web
$ntopics Number of topics found in current web. Will be 0 (zero). $nhits Number of hits if multiple="on". Will be 0 (zero).
$pager pager control - can be optionally customised using the pagerformat below $n or $n() New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar
Most macros accept parameter strings which are split over multiple lines. This is usually more readable than using $n tokens. If you are familiar with sectional includes, you might also consider nested sectional includes to hold the newline content outside of the parameter string entirely. $nop or $nop() Is a "no operation". This token gets removed; useful for nested search $quot Double quote (") (\" also works)
$percent Percent sign (%) ($percnt also works)
$dollar Dollar sign ($)
$lt Less than sign (<) $gt Greater than sign (>)
$amp Ampersand (&) $comma Comma (,)

Note that if the separator parameter for SEARCH is not defined a newline is added after the header.

### 2. footer="..." parameter

Use the footer parameter to specify the footer of a search result. It should correspond to the format of the format parameter. This parameter is optional. Example:
footer="| *Total:* | *$nhits* |" Format tokens that can be used in the footer string: Name: Expands To: $web Name of the web
$ntopics Number of topics found in current web $nhits Number of hits if multiple="on". Cumulative across all topics in current web. Identical to $ntopics unless multiple="on" $pager pager control - can be optionally customised using the pagerformat below
$n or $n() New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar Most macros accept parameter strings which are split over multiple lines. This is usually more readable than using $n tokens. If you are familiar with sectional includes, you might also consider nested sectional includes to hold the newline content outside of the parameter string entirely.
$nop or $nop() Is a "no operation". This token gets removed; useful for nested search
$quot Double quote (") (\" also works) $percent Percent sign (%) ($percnt also works) $dollar Dollar sign ($) $lt Less than sign (<)
$gt Greater than sign (>) $amp Ampersand (&)
$comma Comma (,) Note that if the separator parameter for SEARCH is not defined a newline is added after the last search result. ### 3. pagerformat="..." parameter Use the pagerformat parameter to customise the appearance of the paging control. It should correspond to the format of the format parameter. This parameter is optional. Example: pagerformat="Page$currentpage of $numberofpages [[$nexturl][next page]]"

Format tokens that can be used in the pagerformat string:

Name: Expands To:
$previouspage The page number before the currently displayed one $currentpage The currently displayed page number
$nextpage The page number after the currently displayed one $numberofpages Total number of pages there are results for
$pagesize The number of results per page $previousurl full URL to the previous page - IF using the built in pager system
$nexturl full URL to the previous page - IF using the built in pager system $previousbutton skin template (SEARCH:pager_previous) html for the full URL to the previous page - IF using the built in pager system
$nextbutton skin template (SEARCH:pager_next) html for the full URL to the previous page - IF using the built in pager system $n or $n() New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar
Most macros accept parameter strings which are split over multiple lines. This is usually more readable than using $n tokens. If you are familiar with sectional includes, you might also consider nested sectional includes to hold the newline content outside of the parameter string entirely. $nop or $nop() Is a "no operation". This token gets removed; useful for nested search $quot Double quote (") (\" also works)
$percent Percent sign (%) ($percnt also works)
$dollar Dollar sign ($)
$lt Less than sign (<) $gt Greater than sign (>)
$amp Ampersand (&) $comma Comma (,)

### 4. format="..." parameter

Use the format parameter to specify the format of one search hit. Example:
format="| $topic |$summary |"

Format tokens that can be used in the format string:

Name: Expands To:
$web Name of the web $topic Topic name
$topic(20) Topic name, "- " hyphenated every 20 characters $topic(30, -<br />) Topic name, hyphenated every 30 characters with separator "-<br />"
$topic(40, ...) Topic name, shortened to 40 characters with trailing ellipsis. $parent Name of parent topic; empty if not set
$parent(20) Name of parent topic, same hyphenation/shortening as $topic()
$text Formatted topic text. In case of a multiple="on" search, it is the line found for each search hit. $locked LOCKED flag (if any)
$date Time stamp of last topic update, e.g. 15 Oct 2019 - 11:57 $isodate Time stamp of last topic update, e.g. 2019-10-15T11:57Z
$index number of total results - can be used as a running counter in the format, or in the footer. This$index is not affected by web based partitioning of results.
$item the full name of a result item - in a SEARCH context, equivalent to $web.$topic $rev Number of last topic revision, e.g. 4
$username Login name of last topic update, e.g. jsmith $wikiname Wiki user name of last topic update, e.g. JohnSmith
$wikiusername Wiki user name of last topic update, like Main.JohnSmith $createdate Time stamp of topic revision 1
$createusername Login name of topic revision 1, e.g. jsmith $createwikiname Wiki user name of topic revision 1, e.g. JohnSmith
$createwikiusername Wiki user name of topic revision 1, e.g. Main.JohnSmith $summary Topic summary, just the plain text, all formatting and line breaks removed; up to 162 characters
$summary(50) Topic summary, up to 50 characters shown $summary(showvarnames) Topic summary, with %SOMEMACRO{...}% macros shown as SOMEMACRO{...}
$summary(noheader) Topic summary, with leading ---+ headers removed Note: The tokens can be combined, for example $summary(100, showvarnames, noheader)
$summary(searchcontext) Creates a topic summary with the search terms highlighted $summary(searchcontext, 50) Creates a topic summary with the search terms highlighted, up to 50 characters
$changes Summary of changes between latest rev and previous rev $changes(n) Summary of changes between latest rev and rev n
$formname The name of the form attached to the topic; empty if none $formfield(name) The field value of a form field; for example, if FAQWhatIsWikiWiki was a search hit, $formfield(TopicClassification) would get expanded to ==. This applies only to topics that have a DataForm. For multi-line textfields new lines are replace by an HTML <br /> $formfield(name, 10) Form field value, "- " hyphenated every 10 characters
$formfield(name, 20, -<br />) Form field value, hyphenated every 20 characters with separator "-<br />" $formfield(name,30,...) Form field value, shortened to 30 characters with trailing ellipsis.
$pattern(reg-exp) A regular expression pattern to extract some text from a topic (does not search meta data; use $formfield instead). In case of a multiple="on" search, the pattern is applied to the line found in each search hit.
• Specify a RegularExpression that covers the whole text (topic or line), which typically starts with .*, and must end in .*
• Put text you want to keep in parenthesis, like $pattern(.*?(from here.*?to here).*) • Example: $pattern(.*?\*.*?Email\:\s*([^\n\r]+).*) extracts the e-mail address from a bullet of format * Email: ...
• This example has non-greedy .*? patterns to scan for the first occurance of the Email bullet; use greedy .* patterns to scan for the last occurance
• Limitation: Do not use .*) inside the pattern, e.g. $pattern(.*foo(.*)bar.*) does not work, but $pattern(.*foo(.*?)bar.*) does
• Note: Make sure that the integrity of a web page is not compromised; for example, if you include an HTML table make sure to include everything including the table end tag
$count(reg-exp) Count of number of times a regular expression pattern appears in the text of a topic (does not search meta data). Follows guidelines for use and limitations outlined above under $pattern(reg-exp). Example: $count(.*?(---[+][+][+][+]) .*) counts the number of <H4> headers in a page. $ntopics Number of topics found in current web. This is the current topic count, not the total number of topics
$nhits Number of hits if multiple="on". Cumulative across all topics in current web. Identical to $ntopics unless multiple="on"
$pager pager control - can be optionally customised using the pagerformat below $n or $n() New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar
Most macros accept parameter strings which are split over multiple lines. This is usually more readable than using $n tokens. If you are familiar with sectional includes, you might also consider nested sectional includes to hold the newline content outside of the parameter string entirely. $nop or $nop() Is a "no operation". This token gets removed; useful for nested search $quot Double quote (") (\" also works)
$percent Percent sign (%) ($percnt also works)
$dollar Dollar sign ($)
$lt Less than sign (<) $gt Greater than sign (>)
$amp Ampersand (&) $comma Comma (,)

## Examples

Here are some samples of formatted searches. The SearchPatternCookbook has other examples, such as creating a picklist of usernames, searching for topic children and more.

### Search showing topic name and summary

Write this:

%SEARCH{
"VarREMOTE"
scope="topic"
nonoise="on"
format="| [[$topic]] |$summary   |"
footer="| *Topics found* | *$ntopics* |" }% To get this: Topic Summary Topics found 3 VarREMOTEADDR #VarREMOTEADDR REMOTE_ADDR environment variable * Syntax: %REMOTE_ADDR% * Expands to: == * Related: ENV, HTTP_HOST, REMOTE_PORT, REMOTE_USER VarREMOTEPORT #VarREMOTEPORT REMOTE_PORT environment variable * Syntax: %REMOTE_PORT% * Expands to: * Related: ENV, HTTP_HOST, REMOTE_ADDR, REMOTE_USER VarREMOTEUSER #VarREMOTEUSER REMOTE_USER environment variable * Syntax: %REMOTE_USER% * Expands to: * Related: ENV, HTTP_HOST, REMOTE_ADDR, REMOTE_PORT, USERNAME, WIKINAME ... ### Table showing form field values of topics with a form In a web where there is a form that contains a TopicClassification field, an OperatingSystem field and an OsVersion field we could write: | *Topic:* | *!OperatingSystem:* | *!OsVersion:* | %SEARCH{ "TopicClassification~'FrequentlyAskedQuestion'" type="query" nonoise="on" format="| [[$topic]] | $formfield(OperatingSystem) |$formfield(OsVersion) |"
}%

To get this (simulated):

Topic: OperatingSystem: OsVersion:
IncorrectDllVersionW32PTH10DLL OsWin 95/98
WinDoze95Crash OsWin 95

### Extract some text from a topic using regular expression

The following example makes use of the $pattern() token to extract the first level-1 heading for each topic: %SEARCH{ "^---[+][^+][^\r\n]+[\r\n]" type="regex" nonoise="on" header="Headings:" limit="5" format=" * [[$topic][$pattern([\r\n\-+!]+([^\r\n]*?)[\r\n].*)]]" footer="Found$ntopics topics with level-1 headings"
}%

### Nested Search

SEARCH is one of many macros that produce output which may be controlled with format, header and footer parameters, among others. To make use of additional macros in the output, familiarity with inside-out, left-to-right order of expansion rules is required. There are two forms:
1. Standard: Use %INNERMACRO% to build the parameter string before %OUTERMACRO% is expanded
 %OUTERMACRO{
format="%INNERMACRO%"
}%
2. Delayed: Use the parameter string to incorporate %INNERMACRO% into the output of %OUTERMACRO%
 %OUTERMACRO{
format="$percentINNERMACRO$percent"
}%
When working with a given macro, consult its documentation to determine which parameters support the $percent/$percnt format tokens. Generally only output parameters like header, format and footer support format tokens.

#### Standard form

The key to understanding nested expressions in Foswiki is to understand that macros are expanded "inside-out, left-to-right". Example:

%MACRO1{
something="%MACRO2{
somethingelse="%MACRO3%, %MACRO4%"
}%"
}%

The macros are expanded in this order: MACRO3, MACRO4, MACRO2, MACRO1.

##### Animated Example
Error: no such plugin CHILI
%INCLUDE{
"%QUERY{
"'%THETOPIC%'/%THEFIELD%"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
"%QUERY{
"'%SYSTEMWEB%.FAQWhatIsWikiWiki'/%THEFIELD%"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
"%QUERY{
"'%SYSTEMWEB%.FAQWhatIsWikiWiki'/TopicClassification"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
"%QUERY{
"'System.FAQWhatIsWikiWiki'/TopicClassification"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification


These topics are for frequently

* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification


These topics are for frequently

* Set THETOPIC = System.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification


#### Delayed form

Standard form macros can nearly always be used to build the parameter string of another macro; however, sometimes it is desirable to bypass the inside-out expansion order and delay the inner macro until after the outer macro has finished expansion. This is accomplished by using the $percent format token instead of %, and escaping any " character it uses (becomes \") When working with a given macro, consult its documentation to determine which parameters support the $percent/$percnt format tokens. Generally only output parameters like header, format and footer support format tokens. Example: %MACRO1{ format="$percentMACRO2{
format=\"%MACRO3%, %MACRO4%\"
}$percent" }%  The macros are expanded in this order: MACRO3, MACRO4, MACRO1, MACRO2. ##### Animated Example From the conditional output example: Error: no such plugin CHILI %SEARCH{ "info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31')" type="query" limit="2" nonoise="on" format=" *$percentICON{
\"$percentIF{ \"'$topic'/parent.name='%PARENT%'\"
then=\"info\" else=\"gear\"
}$percent\" }$percent [[$topic]]" }% ---- * Set PARENT = UserDocumentationCategory  %SEARCH{ "info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31')" type="query" limit="2" nonoise="on" format=" *$percentICON{
\"$percentIF{ \"'$topic'/parent.name='UserDocumentationCategory'\"
then=\"info\" else=\"gear\"
}$percent\" }$percent [[$topic]]" }% ---- * Set PARENT = UserDocumentationCategory   * %ICON{ "%IF{ "'AccessKeys'/parent.name='UserDocumentationCategory'" then="info" else="gear" }%" }% [[AccessKeys]] * %ICON{ "%IF{ "'AdminSkillsAssumptions'/parent.name='UserDocumentationCategory'" then="info" else="gear" }%" }% [[AdminSkillsAssumptions]] ---- * Set PARENT = UserDocumentationCategory   * %ICON{ "info" }% [[AccessKeys]] * %ICON{ "gear" }% [[AdminSkillsAssumptions]] ---- * Set PARENT = UserDocumentationCategory   * <img src="http://verahavlova.cz/pub/System/DocumentGraphics/info.png"/> [[AccessKeys]] * <img src="http://verahavlova.cz/pub/System/DocumentGraphics/gear.png"/> [[AdminSkillsAssumptions]] ---- * Set PARENT = UserDocumentationCategory  #### Worked example Problem: search for some topics in an initial (outer) search, and for each of them apply a second (inner) search. The idea is to use the outer search to build a series of inner seraches. Consider the following example. Let's search for all topics that contain the word "culture" (outer search), and find out where each topic found is linked from (inner search). Initial (outer) search: %SEARCH{ "culture" nonoise="on" format=" *$topic is referenced by: (list all references)"
}%

Second (inner) search:

For each hit, we want this search:
%SEARCH{
"(topic found in outer search)"
nonoise="on"
format="$topic" separator=", " }% Now let's nest the two. ##### Method 1 (nesting with escapes) The inner search cannot be placed directly into the format string of the outer, because of the "inside-out, left-to-right" macro expansion behaviour discussed earlier. It must be delayed so that the outer search is evaluated first. To do this, we need to escape the inner search, i.e. let the outer search build a series of searches comprised of the inner search. • Use $percent to escape (delay) the inner search's SEARCH macro
• Use \" to escape the double quotes
• Use $dollar to escape the $ of $topic Write this: %SEARCH{ "culture" nonoise="on" limit="5" format="\ *$topic is referenced by:
* $percentSEARCH{ \"$topic\"
nonoise=\"on\"
format=\"$dollartopic\" separator=\", \" }$percent"
}%


To get this:
• AccessControl is referenced by:
• AdminDocumentationCategory, CommandAndCGIScripts, CompleteDocumentation, DataForms, DefaultPreferences, DevelopingPlugins, FAQHiddenUsersAndGroups, FAQRebuildingWikiUsersTopic, FileAttachment, InstallationGuidePart1, ManagingTopics, ManagingUsers, PreferenceSettings, ReferenceManual, ReleaseHistory, ReleaseNotes01x00, ReleaseNotes01x01, SitePermissions, SiteTools, SkinTemplates, TipTopic017, TopicsAndWebs, TwentyMinuteTutorial, UserAuthentication, VarSEARCH, WebPreferencesHelp, WikiWord
• ReleaseNotes01x00, ReleaseNotes01x01, UserDocumentationCategory, WebHome, WebLeftBarExample, WelcomeGuest
• FAQWhatIsWikiWiki is referenced by:
• FAQWhatIsWikiWiki, FormattedSearch, Macros, UserDocumentationCategory
• FormattedSearch is referenced by:
• AccessControl, BookView, CompleteDocumentation, DataForms, DeveloperDocumentationCategory, EditTablePlugin, FormatTokens, IfStatements, Macros, MetaData, NatEditWordHelpText, QuerySearch, ReferenceManual, ReleaseHistory, ReleaseNotes01x00, ReleaseNotes01x01, RenderListPlugin, SearchHelp, SearchPatternCookbook, SiteTools, SpreadSheetPlugin, TopicsAndWebs, TwistyPlugin, UserDocumentationCategory, VarFORMAT, VarMETASEARCH, VarSEARCH, VarURLPARAM, WebLeftBarExample, WebPreferences
• UserDocumentationCategory is referenced by:
• ACRONYM, AccessControl, AccessKeys, AdminDocumentationCategory, AdminToolsCategory, BookView, BumpyWord, CompleteDocumentation, DataForms, DeveloperDocumentationCategory, DocumentGraphics, DontNotify, FAQAnApplicationWithWikiForm, FAQDeleteOrRenameATopic, FAQDeleteOrRenameAnAttachment, FAQEditDoesNotIncreaseTheRevision, FAQGnuGeneralPublicLicense, FAQSimultaneousEdits, FileAttachment, FileAttribute, ForceNewRevision, FormattedSearch, GlossaryOfTerms, GoBox, GoodStyle, HiddenAttachment, IncludeTopicsAndWebPages, InterWikis, LoginName, Macros, MainFeatures, ManagingTopics, ProjectLogos, QuietSave, ReferenceManual, RegularExpression, SearchPatternCookbook, SitePermissions, SkinBrowser, StandardColors, TextEditor, TimeSpecifications, TopicsAndWebs, TwentyMinuteTutorial, UserToolsCategory, UsingHTML, WabiSabi, WebLeftBarExample, WikiNotation, WikiWikiClones, WikiWord, YouAreHere

When nesting with escapes, each new nesting level must "escape the escapes", e.g. write $dollarpercentSEARCH{ for level three, $dollardollarpercentSEARCH{ for level four, etc.

##### Method 2 (nesting with sectional includes)
Nested expressions with delayed macros can be difficult to write: care must be taken to escape all the quotes of the inner delayed macro, and it may become confusing whether to use $topic, $dollartopic or $dollardollartopic. If you find yourself using escaped tokens like $dollartopic, another approach is to use the STARTSECTION/ENDSECTION feature of INCLUDE. Instead of nesting the inner search expression directly inside the format string of the outer, the inner search is written as a separate stand-alone section of a topic which is INCLUDEd into the format string of the outer.

Write this:
%SEARCH{
"culture"
nonoise="on"
limit="5"
format="\
* $topic is referenced by: *$percentINCLUDE{\"%TOPIC%\" section=\"mysearch\" thetopic=\"$topic\"}$percent"
}%

<!-- HTML comment to hide this section from the user and web browser's DOM.
verbatim prevents the section being evaluated. Alternatively, sections
like this can be placed into dedicated utility topics which may hold
many such re-usable pieces of your wiki application
<verbatim>
%SEARCH{
"%thetopic%"
nonoise="on"
format="$topic" separator=", " }% </verbatim> -->  Output will be the same as for the first method Nested search can be slow, especially if you nest more than 3 levels deep. Nesting is limited to 16 levels. ### Most recently changed pages Write this: %SEARCH{ "1" type="query" nonoise="on" order="modified" reverse="on" limit="7" format="| [[$topic]] | $wikiusername |$date |"
}%

To get this:
 TopicUserMappingContrib Main.UnknownUser 11 Apr 2012 - 13:52 JQueryPopUpWindow Main.UnknownUser 11 Apr 2012 - 13:40 FamFamFamMintIcons Main.UnknownUser 11 Apr 2012 - 13:29 FamFamFamMiniIcons Main.UnknownUser 11 Apr 2012 - 13:29 FamFamFamFoswikiExtras Main.UnknownUser 11 Apr 2012 - 13:29 WysiwygPluginTopicLister Main.UnknownUser 11 Apr 2012 - 04:44 WysiwygPluginSettings Main.UnknownUser 11 Apr 2012 - 04:44

### Search with conditional output

Sometimes it may be desirable for each hit to be displayed differently depending on some criteria. For example, maybe you want to list 20 topics modified in 2009, but decorate the hits which are children of UserDocumentationCategory with an icon.
1. Specify a search which returns the hits you need
2. For each search hit, test the condition that will influence the output using a nested IF statement

Write this:
%SEARCH{
"info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31')"
type="query"
limit="20"
format="   * $percentICON{ \"$percentIF{
\"'$topic'/parent.name='UserDocumentationCategory'\" then=\"info\" else=\"gear\" }$percent\"
}$percent [[$topic]]"
}%
Details:
• The SEARCH has a delayed ICON. The $percent ensures that ICON is evaluated once for each search hit • The ICON contains an IF, which again is delayed with the $percent token and will also be evaluated for each SEARCH hit. Additionally, the inside-out, left-to-right rule discussed earlier means that this IF expression will be evaluated before ICON.
• If $topic is a child of UserDocumentationCategory, the info icon is used; otherwise, gear. To get this: Search: info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31') Found 20 topic(s). ### Embedding search forms to return a formatted result Use an HTML form and an embedded formatted search on the same topic. You can link them together with an URLPARAM macro. Example: Write this: <form action="%SCRIPTURLPATH{"view"}%/%WEB%/%TOPIC%"> Find Topics: <input type="text" name="q" size="32"\ value="%URLPARAM{"q" encode="entity"}%" />&nbsp;<input\ type="submit" class="foswikiSubmit" value="Search" /> </form> Result: %SEARCH{ "%URLPARAM{"q" encode="quote"}%" type="keyword" nosearch="on" format=" *$web.$topic: %BR%$summary"
}%


To get this:
Find Topics:

Result:
Found topic(s).

Related Topics: UserDocumentationCategory, SearchHelp, Macros#VarSEARCH, SearchPatternCookbook, RegularExpression

# File Attachments

Each topic can have one or more files of any type attached to it by using the Attach screen to upload (or download) files from your local PC. Attachments are stored under revision control: uploads are automatically backed up; all previous versions of a modified file can be retrieved.

## What are attachments good for?

File Attachments can be used to archive data, or to create powerful customized groupware solutions, like file sharing and document management systems, and quick Web page authoring.

### Document management system

You can use Attachments to store and retrieve documents (in any format, with associated graphics, and other media files); attach documents to topics; collaborate on documents with full revision control; distribute documents on a need-to-know basis using web and topic-level access control; create a central reference library that's easy to share with an user group spread around the world.

### File sharing

For file sharing, FileAttachments on a series of topics can be used to quickly create a well-documented, categorized digital download center for all types of files: documents, graphics and other media, drivers and patches, applications; anything you can safely upload!

### Web authoring

Through your web browser, you can easily upload graphics (or sound files, or anything else you want to link to on a page) and place them on a single page, or use them across a web, or site-wide.

You can also add graphics - any files - directly, typically by FTP upload. This requires FTP access, and may be more convenient if you have a large number of files to load. FTP-ed files cannot be managed using browser-based attachment controls. You can use your browser to create shortcuts using Macros, like this %H% = .

### Attachment Names

Attachment names are stored directly in the server native file system, so filenames are sanitized to prevent use of names that would be unacceptable to the variety of platforms where Foswiki is supported. Note that the rules are different depending on whether or not your installation is configured to support international characters (UseLocale)

#### Default rules without international character set support.

• Filenames must only be compose of:
• "Mixed Alpha-Numeric" characters. (A-Z, a-z and 0-9)
• May also contain:
• . (period / decimal point / "dot")
• _ (Underscore)
• - (Hyphen or dash)
• embedded spaces (Will be converted to underscore (_) during upload
• Any other characters are removed from the filename.
• Any leading dots or slashes (., \ or /) will be stripped
• Embedded spaces will be converted to underscore _
• Certain filenames that might be interpreted as executable code will have .txt appended. (This is set locally by your system administrator)

#### Attachment name rules with international character set support enabled.

• Embedded spaces are converted to _ (Underscore).
• The default rules will strip the following characters from the filename:
• Any "whitespace" characters
• * (Asterisk)
• ? (Question mark)
• ~ (Tilde)
• ^ (Caret / Circumflex)
• \ (Backslash)
• $ (Dollar-sign) • @ (At-sign) • % (Percent-sign) • '" Quotes (Open-quote, Close-quote/Apostrophe, and Double-quote) • & (Ampersand) • ; (Semicolon) • | (Vertical line) • <> (Less and Greater signs) • [] (Open and close square brackets) • And any ASCII control characters (Hex x00-x1f) • Any leading dots or slashes (., \ or /) will be stripped • Certain filenames that might be interpreted as executable code will have .txt appended. (This is set locally by your system administrator) ## Uploading files • Click on the [Attach] link at the bottom of the page. The Attach screen lets you browse for a file, add a comment, and upload it. The uploaded file will show up in the file attachment table. The topic must already exist. If it does not, it is a two step process: First create the topic, then add the file attachment. • Any type of file can be uploaded. Some files that might pose a security risk are renamed, for example: *.php files are renamed to *.php.txt so that no one can place code that would be read in a .php file. • Foswiki can limit the file size. This is defined by the %ATTACHFILESIZELIMIT% preference settings, currently set at 10000 kB. It is not recommended to upload files greater than a few hundred K through a browser. Large files can be extremely slow-loading, and often time out. Use an FTP site for large file uploads. • Automatic attachments: • When enabled, all files with valid names in a topic's attachment directory are shown as attachments to the topic - even if they were directly copied to the directory and never attached by using an [Attach] link. This is a convenient way to quickly "attach" files to a topic without uploading them one by one; although at the cost of losing audit trail and version control. • Before an attachment is shown, the filename is filtered per the above Attachment name rules. If the filtered name is not identical to the actual file name, the file will not be included in the list of attachments • To enable this feature, set the {AutoAttachPubFiles} configuration option. The automatic attachment feature can only be used by an administrator who has access to the server's file system. • Linking to the attached file in the topic: • Checking the "Create a link to the attached file" appends a link at the end of the topic. The format can be modified with the %ATTACHEDFILELINKFORMAT% preference setting. Images (files ending in gif, jpg, jpeg or png) are handled by %ATTACHEDIMAGEFORMAT%. • The two named preference settings may use the following variables: • $filename: the name of the file
• $fileurl: URL encoded version of the filename • $comment: the file comment from the upload dialog
• $size: the filesize (%ATTACHEDIMAGEFORMAT% only) • $name: (deprecated, should no longer be used)

There is no access control on individual attachments. If you need control over single files, create a separate topic per file and set topic-level access restrictions for each.

## Moving attachment files

An attachment can be moved between topics.
• Click [Manage] on the Attachment to be moved.
• On the control screen, select the new web and/or topic.
• Click [Move]. The attachment and its version history are moved. The original location is stored as topic meta data.

## Deleting attachments

Move unwanted Attachments to web Trash, topic TrashAttachment.

• Once a file is attached it can be referenced in the topic. Example:
1. [Attach] a file, for example: Sample.txt
2.  the topic you attached the file to and enter: %ATTACHURL%/Sample.txt
3. [Preview]: the %ATTACHURL%/Sample.txt text appears as: http://verahavlova.cz/pub/System/FileAttachment/Sample.txt, a link to the text file.

• To reference an attachment located in another topic, enter:
• %PUBURL%/%WEB%/OtherTopic/Sample.txt (if it's within the same web)
• %PUBURL%/Otherweb/OtherTopic/Sample.txt (if it's in a different web)

• Attached HTML files and text files can be inlined in a topic. Example:
1. [Attach] file: Sample.txt
2.  topic and write text: %INCLUDE{"%ATTACHURL%/Sample.txt"}%

• GIF, JPG and PNG images can be attached and shown embedded in a topic. Example:
1. [Attach] an image file, for example: Smile.gif
2.  topic and write text: %ATTACHURL%/Smile.gif
3. [Preview]: text appears as , an image.

## Securing Attachments

In most installations, attachments are not secured. Anyone can read them if they know the name of the web, topic and attachment.

To secure attachments, you have to control access to the attachments through the viewfile script, which requires a change in your web server configuration. To see how to configure Apache to do this, see http://foswiki.org/Support/ApacheConfigGenerator#Attachments

## Examples

Following you will find some examples of screens and tables related to this topic and referenced throughout the previous text. The appearance of these tables might vary, depending on what skin is used on your Foswiki installation.

### File attachment table

Files attached to a topic are displayed in a directory table, showing the different file names and attributes. An h means the attachment is hidden and not listed when viewing a topic in normal mode.

The file attachment table is normally displayed at the bottom of the page, or optionally, hidden and accessed when you click [Attach].

Topic attachments
I Attachment Action Size Date Who Comment
txt Sample.txt manage 0.1 K 22 Jul 2000 - 19:37 ProjectContributor Just a sample
gif Smile.gif manage 0.1 K 22 Jul 2000 - 19:38 ProjectContributor Smiley face

### File attachment controls

Clicking on a [Manage] link takes you to a new page that looks a bit like this (depending on what skin is selected).

Here, you have different options:
• To update an existing file, choose the updated file on your local drive and click [Update file]. The filename of the original attachment will preserved; the filename of the local file you chose will not be used.
• To change the comment on an attachment, enter a new comment and then click [Change comment and properties only]. Note that the comment listed against the specific version will not change, however the comment displayed when viewing the topic does change.
• To hide/unhide an attachment, enable the Do not show attachment in table checkbox, then click [Change comment and properties only].

### Attach new file

Select a new local file to update attachment Sample.txt

### Comment

Describe the file so other people know what it is.

### Properties

Images will be displayed, for other attachments a link will be created.

Attachments will not be shown in topic view page.

or Cancel

# Data Forms

Data forms allow you to add structured data to topics. The data stored in the form fields can be used to search and filter topics. The combination of structured data and search queries are the base for building database applications.

## Overview

By adding form-based input to freeform content, you can structure topics with unlimited, easily searchable categories. A form is enabled for a web and can be added to a topic. The form data is shown in tabular format when the topic is viewed, and can be changed in edit mode using edit fields, radio buttons, check boxes and list boxes. Many different form types can be defined in a web, though a topic can only have one form attached to it at a time.

Typical steps to build an application based on Foswiki forms:
1. Define a form definition
2. Enable the form for a web
3. Build an HTML form to create new topics based on that template topic
4. Build a FormattedSearch to list topics that share the same form

For a step by step tutorial, see FAQAnApplicationWithWikiForm.

## Defining a form

A form definition specifies the fields in a form. A form definition is simply a page containing a Foswiki table, where each row of the table specifies one form field.
1. Create a new topic with your form name: YourForm, ExpenseReportForm, InfoCategoryForm, RecordReviewForm, whatever you need.
2. Create a TML table, with each column representing one element of an entry field: Name, Type, Size, Values, Tooltip message, and Attributes (see sample below).
3. For each field, fill in a new line; for the type of field, select from the list.
4. Save the topic (you can later choose to enable/disable individual forms).

Example:
| *Name* | *Type* | *Size* | *Values* | *Tooltip message* | *Attributes* |
| TopicClassification | select | 1 | NoDisclosure, PublicSupported, PublicFAQ | blah blah... | |
| OperatingSystem | checkbox | 3 | OsHPUX, OsLinux, OsSolaris, OsWin | blah blah... | |
| OsVersion | text | 16 | | blah blah... | |

Preview:
Name Type Size Values Tooltip message Attributes
TopicClassification select 1 NoDisclosure, PublicSupported, PublicFAQ blah blah...
OperatingSystem checkbox 3 OsHPUX, OsLinux, OsSolaris, OsWin blah blah...
OsVersion text 16   blah blah...

Do not use the field name undefined (or any variant of that name, such as UnDefined), as that name is reserved for use in search queries.

See structure of a form for full details of what types are available and what all the columns mean.

You can also retrieve possible values for select, checkbox or radio types from other topics:

Example:

• In the WebForm topic, define the form:
Name Type Size Values Tooltip message Attributes
TopicClassification select 1   blah blah...
OperatingSystem checkbox 3   blah blah...
OsVersion text 16   blah blah...
Leave the Values field blank.

• Then in the TopicClassification topic, define the possible values:
| *Name*            |
| NoDisclosure      |
| Public Supported  |
| Public FAQ        |


Preview:
Name
NoDisclosure
Public Supported
Public FAQ

Field values can also be set using the result of expanding other macros. For example,

%SEARCH{
"Office$" scope="topic" web="%USERSWEB%" nonoise="on" type="regex" format="$web.$topic" separator=", " }%  When used in the value field of the form definition, this will find all topic names in the Main web which end in "Office" and use them as the legal field values. ## Enabling forms by Web Forms have to be enabled for each individual web. The WEBFORMS setting in WebPreferences is optional and defines a list of possible form definitions. Example:  * Set WEBFORMS = BugForm, FeatureForm, Books.BookLoanForm • With WEBFORMS enabled, an extra button is added to the edit view. If the topic doesn't have a Form, an Add Form button appears at the end of the topic. If a Form is present, a Change button appears in the top row of the Form. The buttons open a screen that enables selection of a form specified in WEBFORMS, or the No form option. • You have to list the available form topics explicitly. You cannot use a SEARCH to define WEBFORMS. ## Adding a form to a topic • Edit the topic and follow the "Add form" button to add a Form. This is typically done to a template topic, either to the WebTopicEditTemplate topic in a web, or a new topic that serves as an application specific template topic. Initial Form values can be set there. • Additionally a new topic can be given a Form using the formtemplate parameter in the (edit or save) URL. Initial values can then be provided in the URLs or as form values: • other than checkboxes: name, ex: ?BugPriority=1 • checkbox: namevalue=1, ex: ?ColorRed=1. Boxes with a tick must be specified. • Example: This will add a textfield for the new topic name and a "Create"-Button to your topic. When the button is pressed, the topic editor will open with the form "MyForm" already attached to the new topic.  <form name="newtopic" action="%SCRIPTURLPATH{"edit"}%/%WEB%/"> <input type="hidden" name="formtemplate" value="MyForm" /> New topic name <input type="text" name="topic" size="40" /> <input type="submit" class="foswikiSubmit" value="Create" /> </form>  Note: You can create a topic in one step, without going through the edit screen. To do that, specify the save script instead of the edit script in the form action. When you specify the save script you must to use the "post" method. Example:  <form name="newtopic" action="%SCRIPTURLPATH{"save"}%/%WEB%/" method="post"> ..... </form>  The edit and save scripts understand many more parameters, see CommandAndCGIScripts#edit and CommandAndCGIScripts#save for details. Tip: For Wiki Applications you can automatically generate unique topicnames. Note: Initial values will not be set in the form of a new topic if you only use the formtemplate parameter. ## Changing a form • You can change a form definition, and Foswiki will try to make sure you don't lose any data from the topics that use that form. • If you change the form definition, the changes will not take affect in a topic that uses that form until you edit and save it. • If you add a new field to the form, then it will appear next time you edit a topic that uses the form. • If you delete a field from the form, or change a field name, then the data will not be visible when you edit the topic (the changed form definition will be used). If you save the topic, the old data will be lost (though thanks to revision control, you can always see it in older versions of the topic) • If two people edit the same topic containing a form at exactly the same time, and both change fields in the form, Foswiki will try to merge the changes so that no data is lost. ## Structure of a form definition A form definition specifies the fields in a form. A form definition is simply a TML table contained in a topic, where each row of the table specifies one form field. Each column of the table is one element of an entry field: Name, Type, Size, Values, Tooltip message, and Attributes. The Name, Type and Size columns are required. Other columns are optional. The form must have a header row (e.g. | *Name* | *Type* | *Size* |). Name is the name of the form field. The Type, Size and Value fields describe the legal values for this field, and how to display them. • Type checkbox specifies one or more checkboxes. The Size field specifies how many checkboxes will be displayed on each line. The Value field should be a comma-separated list of item labels. • Type checkbox+buttons will add Set and Clear buttons to the basic checkbox type. • Type radio is like checkbox except that radio buttons are mutually exclusive; only one can be selected. • Type label specifies read-only label text. The Value field should contain the text of the label. • Type select specifies a select box. The Value field should contain a comma-separated list of options for the box. The Size field can specify a fixed size for the box (e.g. 1, or a range e.g. 3..10. If you specify a range, then the box will never be smaller than 3 items, never larger than 10, and will be 5 high if there are only 5 options. • There are two modifiers that can be applied to the select type: • select+multi turns multiselect on for the select, to allow Shift+Click and Ctrl+Click to select (or deselect) multiple items. • select+values allows the definition of values that are different to the displayed text. For example: | Field 9 | select+values | 5 | One, Two=2, Three=III, Four | Various values formats | shows but the values or options Two and Three are 2 and III respectively. You can combine these modifiers e.g. select+multi+values • Type text specifies a one-line text field. Size specifies the text box width in number of characters. Value is the initial (default) content when a new topic is created with this form definition. • Type textarea specifies a multi-line text box. The Size field should specify columns x rows, e.g. 80x6; default size is 40x5. As for text, the Value field specifies the initial text • Type date specifies a single-line text box and a button next to it; clicking on the button will bring up a calendar from which the user can select a date. The date can also be typed into the text box. Size specifies the text box width in characters. As for text, the Value field specifies the initial text Tooltip message is a message that will be displayed when the cursor is hovered over the field in edit view. Attributes specifies special attributes for the field. Multiple attributes can be entered, separated by spaces. • An attribute H indicates that this field should not be shown in view mode. However, the field is available for editing and storing information. • An attribute M indicates that this field is mandatory. The topic cannot be saved unless a value is provided for this field. If the field is found empty during topic save, an error is raised and the user is redirected to an oops page. Mandatory fields are indicated by an asterisks next to the field name. For example, a simple form just supporting entry of a name and a date would look as follows: | *Name* | *Type* | *Size* | | Name | text | 80 | | Date | date | 30 |  Field Name Notes: • Field names have to be unique. • A very few field names are reserved. If you try to use one of these names, Foswiki will automatically append an underscore to the name when the form is used. • You can space out the title of the field, and it will still find the topic e.g. Aeroplane Manufacturers is equivalent to AeroplaneManufacturers. • If a label field has no name, it will not be shown when the form is viewed, only when it is edited. • Field names can in theory include any text, but you should stick to alphanumeric characters. If you want to use a non-wikiname for a select, checkbox or radio field, and want to get the values from another topic, you can use [[...]] links. This notation can also be used when referencing another topic to obtain field values, but a name other than the topic name is required as the name of the field. • If you want the Field name to include embedded spaces, use the format [<nop>[FieldName][Descriptive human-friendly Field Name]]. • Leading and trailing spaces are not significant. Field Value Notes: • The field value will be used to initialize a field when a form is created, unless specific values are given by the topic template or query parameters. The first item in the list for a select or radio type is the default item. For label, text, and textarea fields the value may also contain commas. checkbox fields cannot be initialized through the form definition. • Leading and trailing spaces are not significant. • Field values can also be generated through a System.FormattedSearch, which must yield a suitable table as the result. • Macros in the initial values of a form definition get expanded when the form definition is loaded. • If you want to use a | character in the initial values field, you have to precede it with a backslash, thus: \|. • You can use <nop> to prevent macros from being expanded. • The FormatTokens can be used to prevent expansion of other characters. General Notes: • The topic definition is not read when a topic is viewed. • Form definition topics can be protected in the usual manner, using AccessControl, to limit who can change the form definition and/or individual value lists. Note that view access is required to be able to edit topics that use the form definition, though view access to the form definition is not required to view a topic where the form has been used. ### Values in other topics As described above, you can also retrieve possible values for select, checkbox or radio types from other topics. For example, if you have a rows defined like this: | *Name* | *Type* | *Size* | | AeroplaneManufacturers | select | |  the Foswiki will look for the topic AeroplaneManufacturers to get the possible values for the select. The AeroplaneManufacturers topic must contain a table, where each row of the table describes a possible value. The table only requires one column, Name. Other columns may be present, but are ignored. For example: | *Name* | | Routan | | Focke-Wulf | | De Havilland |  Notes: • The Values column must be empty in the referring form definition. ## Extending the range of form data types You can extend the range of data types accepted by forms by using Plugins. All such extended data types are single-valued (can only have one value) with the following exceptions: • any type name starting with checkbox • any type name with +multi anywhere in the name Types with names like this can both take multiple values. ## Hints and tips ### Build an HTML form to create new form-based topics • New topics with a form are created by simple HTML forms asking for a topic name. For example, you can have a SubmitExpenseReport topic where you can create new expense reports, a SubmitVacationRequest topic, and so on. These can specify the required template topic with its associated form. Template topics has more. A form definition specifies the fields in a form. A form definition is simply a page containing a Foswiki table, where each row of the table specifies one form field. ### Searching in form data The best way to search in form data is using the structured query language in the SEARCH macro. See QuerySearch for more information. ### Gotcha! • Some browsers may strip linefeeds from text fields when a topic is saved. If you need linefeeds in a field, make sure it is a textarea. Back to top # Template topics Template topics are topics that define the default text for new topics. ## Overview There are four types of template topics: Topic Name: What it is: WebCreateNewTopicTemplate Page shown when you click on a Create New Topic link. It provides a form requesting the necessary information to create a new, nonexistent topic. TopicDoesNotExistViewTemplate Alert page shown when you try to view a nonexistent topic and usually used as a prompt to help you create this new topic. For this reason, the form of the WebCreateNewTopicTemplate is included and therefore shown, too. WebTopicEditTemplate Default text used in a new topic. <MyCustomNamed>Template Whenever you create a topic ending in the word "Template", it is automatically added to the list of available template topics in the "Use Template" drop down field on the WebCreateNewTopic page. When you create a new topic using the edit script, the system locates a template topic according to the following search order: 1. A topic name specified by the templatetopic CGI parameter • if no web is specified, the current web is searched first and then the System web 2. WebTopicEditTemplate in the current web 3. WebTopicEditTemplate in the System web ## Macro expansion When the following macros are used in a template topic, they automatically get expanded when new topic is created based on it: Macro: Description: %DATE% Signature format date. See VarDATE %GMTIME% Date/time. See VarGMTIME %GMTIME{...}% Formatted date/time. See VarGMTIME %NOP% A no-operation macro that gets removed. Useful to prevent a SEARCH from hitting an edit template topic; also useful to escape a variable, such as %URLPA%NOP%RAM{...}% escaping URLPARAM %STARTSECTION{type="templateonly"}%...%ENDSECTION{type="templateonly"}% Text that gets removed when a new topic based on the template topic is created. See notes below. %STARTSECTION{type="expandvariables"}%...%ENDSECTION{type="expandvariables"}% All Foswiki macros in this section type are expanded when a new topic based on the template topic is created. Otherwise only the macros listed here are expanded. %SERVERTIME% Date/time. See VarSERVERTIME %SERVERTIME{...}% Formatted date/time. See VarSERVERTIME %USERNAME% Login name of user who is instantiating the new topic, e.g. guest %URLPARAM{"name"}% Value of a named URL parameter %WIKINAME% WikiName of user who is creating the new topic, e.g. WikiGuest %WIKIUSERNAME% User name of user who is creating the new topic, e.g. Main.WikiGuest ### Macro notes: %STARTSECTION{type="templateonly"}%...%ENDSECTION{type="templateonly"}% markers are used to embed text that you do not want expanded when a new topic based on the template topic is created. For example, you might want to write in the template topic: %STARTSECTION{type="templateonly"}% This template topic can only be changed by: * Set ALLOWTOPICCHANGE = Main.AdminGroup %ENDSECTION{type="templateonly"}%  This will restrict who can edit the template topic, but will get removed when a new topic based on that template topic is created. %NOP% can be used to prevent expansion of macros that would otherwise be expanded during topic creation e.g. escape %SERVERTIME% with %SER%NOP%VERTIME%. All other macros are unchanged, e.g. are carried over "as is" into the new topic, unless they are contained within a %STARTSECTION{type="expandvariables"}% section. ## Specifying a form When you create a new topic based on a template topic, you often want the new topic to have a form attached to it. You can attach a form to the template topic, in which case it will automatically be copied into the new topic. Sometimes this isn't quite what you want, as it copies all the existing data from the template topic into the new topic. To avoid this and use the default values specified in the form definition instead, you can use the formtemplate parameter to the edit script to specify the name of a form to attach. See CommandAndCGIScripts for information about this, and all the other parameters to edit. ## Automatically generated topic names For some applications it is useful to be able to automatically generate unique topicnames, such as BugID0001, BugID0002, etc. You can add AUTOINC<n> to the topic name in the edit and save scripts, and it will be replaced with an auto-incremented number on topic save. <n> is a number starting from 0, and may include leading zeros. Leading zeros are used to zero-pad numbers so that auto-incremented topic names can sort properly. Deleted topics are not re-used to ensure uniqueness of topic names. That is, the auto-incremented number is always higher than the existing ones, even if there are gaps in the number sequence. Examples: • BugAUTOINC0 - creates topic names Bug0, Bug1, Bug2, ... (does not sort properly) • ItemAUTOINC0000 - creates topic names Item0000, Item0001, Item0002, ... (sorts properly up to 9999) • DocIDAUTOINC10001 - start with DocID10001, DocID10002, ... (sorts properly up to 99999; auto-links) Example link to create a new topic: [[%SCRIPTURLPATH{edit}%/%WEB%/BugIDAUTOINC00001?templatetopic=BugTemplate;topicparent=%TOPIC%;t=%SERVERTIME{"$day$hour$min$sec"}%][Create new item]]  ## Template topics in action Here is an example for creating new topics (in the Sandbox web) based on a specific template topic and form: New example topic: The above form asks for a topic name. A hidden input tag named templatetopic specifies ExampleTopicTemplate as the template topic to use. Here is the HTML source of the form: <form name="new" action="%SCRIPTURLPATH{edit}%/Sandbox/" method="post"> New example topic: <input type="text" name="topic" class="foswikiInputField" value="ExampleTopicAUTOINC0001" size="30" />&nbsp;<input type="submit" class="foswikiSubmit" value="Create" /> <input type="hidden" name="templatetopic" value="ExampleTopicTemplate" /> <input type="hidden" name="topicparent" value="%TOPIC%" /> <input type="hidden" name="onlywikiname" value="on" /> <input type="hidden" name="onlynewtopic" value="on" /> </form>  Note: You can create a topic in one step, without going through the edit screen. To do that, specify the save script instead of the edit script in the form action. When you specify the save script you must use the "post" method. Example: <form name="new" action="%SCRIPTURLPATH{save}%/Sandbox/" method="post"> ... </form>  See CommandAndCGIScripts#edit for details of the parameters that the edit script understands. You can use the %WIKIUSERNAME% and %DATE% macros in your template topics to include the signature of the person creating a new topic. The macros are expanded into fixed text when a new topic is created. The standard signature is: -- %WIKIUSERNAME% - %DATE% ## Using absolute vs relative URLs in templates When you use Macros such as %PUBURL% and %PUBURLPATH% in template topics you should be aware that using %PUBURL% instead of %PUBURLPATH% puts absolute URLs in the produced HTML. This means that when a user saves a page in HTML and emails the file to someone outside a company firewall, the receiver has a severe problem viewing it. It is therefore recommended always to use the %PUBURLPATH% to refer to images, CSS, Javascript files etc so links become relative. This way browsers just give up right away and show a usable html file. Back to top # Skin Templates The framework used to render output ## Overview Skin Templates are plain text with embedded template directives, macros and tokens that are expanded by Foswiki to build an output, usually HTML. Skin templates are used when composing the output from all actions, such as view, edit, and preview. By sharing common template definitions between all these actions, it makes it easy to change the look and feel of all pages by editing just a few templates. Skin templates are either stored as text files with the extension .tmpl in the templates/ directory, or in Foswiki topics. Template directives are expanded when the template is loaded, and are used to define the general structure of the output. Macros and Template Tokens are expanded when the page is rendered, and fill in page-specific information. Note that Macros and Tokens are written using the same syntax. See Macros for more information on macros. Tokens look exactly like Macros, but they are specific for the script expanding the template, and cannot be used elsewhere in Foswiki. See SkinTemplateTokens for more information on tokens. ## How Template Directives Work Template directives look a lot like standard macros. • %TMPL:INCLUDE{"file"}% includes a template file. The file is found as described below. • %TMPL:DEF{"block"}% defines a block. All text between this and the next %TMPL:END% directive is removed and saved for later use with %TMPL:P%. • %TMPL:END% ends a block definition. • %TMPL:PREV%: returns the previous definition of the block being defined. • %TMPL:P{"var"}% includes a previously defined block. • %{...}% is a comment. Whitespace either side of the comment (newlines, spaces, tabs etc) is treated as part of the comment, and removed when the comment is removed. You can use a block before or after declaring it. If you define the same block twice, only the second definition is used. Most template directives work only for templates: they do not get processed in normal topic text. The one exception is %TMPL:P. ### Parameters to blocks %TMPL:DEF% and %TMPL:P% support simple parameters. For example, given the definition %TMPL:DEF{"x"}% x%P%z%TMPL:END% then %TMPL:P{"x" P="y"}% will expand to xyz. Parameters are only available in the immediate definition being included; they are not passed on to any other TMPL:P inside the TMPL:DEF being expanded unless they are passed on explicitly in a new parameter. Any alphanumeric characters can be used in parameter names. TMPL:P parameters override any other possible definition of the name, so you should not use parameter names that might clash with macros. ### Conditional expansion Three parameter names, context, then and else are reserved. They are used to support a limited form of "if" condition that you can use to select which of two TMPL:DEF to expand, based on a context identifier: %TMPL:DEF{"link_inactive"}%<input type="button" disabled value="Link>%TMPL:END% %TMPL:DEF{"link_active"}%<input type="button" onclick="link()" value="Link" />%TMPL:END% %TMPL:P{context="inactive" then="link_inactive" else="link_active"}% for %CONTEXT%  When the inactive context is set, then this will expand the link_inactive TMPL:DEF; otherwise it will expand link_active. This style of conditional expansion is used in preference to the %IF{} macro where possible because it is much more efficient. See IfStatements for details of supported context identifiers. ### %TMPL:INCLUDE recursion You can use recursion with %TMPL:INCLUDE for piecewise customisation, or mixing in new features. If there is a recursion in the %TMPL:INCLUDE chain (eg. view.tmpl contains %TMPL:INCLUDE{"view"}%), the templating system will detect that you are trying to include the same template again, and will instead include the next version of the template of that name that it finds in the template path. For example, say you only want to override the breadcrumbs for the view script. You could create a tempate called view.crumbless.tmpl: %TMPL:INCLUDE{"view"}% %TMPL:DEF{"breadcrumb"}% We don't want any crumbs %TMPL:END%  and then * Set SKIN=crumbless,pattern ### Comments Comments %{...}% are removed from the templates as soon as the file is read, before any other template macros are evaluated. Whitespace either side of the comment (newlines, spaces, tabs etc) is also removed. ## Finding Skin Templates Most skin templates are stored in .tmpl files in the templates directory. For example, templates/view.tmpl is the default skin template file for the bin/view script. You can also save skin templates in user topics. The {TemplatePath} configuration setting (in the Miscellaneous section of the configure page) defines which directories, files and Foswiki topics will be recognised as containing templates. Skin templates that are loaded using %TMPL:INCLUDE with an explicit .tmpl extension are looked for only in the templates/ directory. For instance %TMPL:INCLUDE{"example.tmpl"}% will only return templates/example.tmpl, regardless of {TemplatePath} and SKIN settings. All other templates are searched for using the {TemplatePath}. This is a list of generic name patterns, each of which contains the placeholders $name (the template name), $web (the web), and $skin (the skin), each standing in for part of the name. Each entry in this list is expanded in turn until the template is found.

The rules defined by the out-of-the-box setting of {TemplatePath} are:
1. templates/$web/$name.$skin.tmpl 2. templates/$name.$skin.tmpl 3. $web.$skinSkin$nameTemplate
4. System.$skinSkin$nameTemplate
5. templates/$web/$name.tmpl
6. templates/$name.tmpl 7. $web.$nameTemplate 8. System.$nameTemplate
For example, let's say we are viewing a topic in web Sandbox and are searching for the template called function. The skin path is set to custom,pattern. The following locations will be considered in turn, until a template is found:
1. templates/Sandbox/function.custom.tmpl (rule 1)
2. templates/Sandbox/function.pattern.tmpl (rule 1)
3. templates/function.custom.tmpl (rule 2)
4. templates/function.pattern.tmpl (rule 2)
5. Sandbox.CustomSkinFunctionTemplate (rule 3)
6. Sandbox.PatternSkinFunctionTemplate (rule 3)
7. System.CustomSkinFunctionTemplate (rule 4)
8. System.PatternSkinFunctionTemplate (rule 4)
9. templates/Sandbox/function.tmpl (rule 5)
10. templates/function.tmpl (rule 6)
11. Sandbox.FunctionTemplate (rule 7)
12. System.FunctionTemplate (rule 8)
This usage is supported for compatibility only and is deprecated. Store web-specific templates in topics instead.

When a skin name or template name is used to build a topic name, the first character is automatically capitalised.

The skin path is set as described in Skins.

Template file names are usually derived from the name of the currently executing script; however it is also possible to override these settings in the view and edit scripts, for example when a topic-specific template is required. Two preference settings can be used to override the skin templates used:
• VIEW_TEMPLATE sets the template to be used for viewing a topic.
• EDIT_TEMPLATE sets the template for editing a topic.
If these preferences are set
then the indicated templates will be chosen for view and edit respectively. The template search order remains as specified above.

### Security and usability

Setting the {TemplatePath} is a compromise between the often opposing goals of security and usability. From a security perspective, allowing templates to be loaded from topics might open a door to people who want to inject their own evil HTML in those topics. From a usability perspective, it's very desireable to be able to override templates from topics, as it vastly increases the range of wiki applications.

The default {TemplatePath} comes down on the side of usability, by allowing templates from topics to be found before templates from the (more secure) templates directory. If you are particularly security concious, you may want to reverse this order, so that templates in templates/ are always found before those in topics. You can do this by simply moving rules 3 and 7 to the end of the list.

Note that topics containing templates are checked for VIEW access using the normal Foswiki access controls. Any access control failure is silently ignored, and the template path expansion continues.

## Developing new templates

### Debugging

When writing new templates, it can sometimes it can be hard to work out where different parts of the generated output come from. To help you debug your new templates, the Foswiki::Templates module has a "trace" mode. In this mode, the output is annotated with HTML comments that are wrapped around the output generated by each template, as it is expanded. For example, when trace mode is off,
%TMPL:DEF{"x:y"}% de %TMPL:END%
blah %TMPL:P{"x:y"}% blah

will expand to:
blah  de  blah

With tracing enabled, it will expand to:
blah <!--x:y--> de <!--/x:y--> blah

To enable the trace mode, edit lib/Foswiki/Templates.pm in your installation and change use constant TRACE => 0 to use constant TRACE => 1.

Note that the trace annotations may make your output look strange. However you can usually "view source" in the browser to see what was generated (or you may be able to run the script from the command-line e.g. cd bin; perl -T -I . view topic=MyWeb.MyTopic skin=mynewskin).

Don't forget to switch the trace mode off again when you are finished!

### Overview of the default templates

Finally, here's a very high-level overview of the default templates. These templates are rarely used on their own, but are used as the base on which skins, such as PatternSkin, are built.

foswiki.tmpl is the default master template. The main purpose of this template is to instantiate the following blocks:
• htmldoctype - start of all HTML pages
• bodystart - start of the body tag
• main - page content
• bodyend - end of the page
Default definitions are provided for each of these blocks. foswiki.tmpl is never used on its own, but is frequently included by other templates.

Next, there are a number of action-specific templates, such as view.tmpl, edit.tmpl, login.tmpl. These are the templates loaded by the actions of the same name. Their purpose is to include foswiki.tmpl, and provide new, page-specific, definitions of the blocks described above.

Several of the action-specific templates have skinned versions, such as view.print.tmpl and view.text.tmpl. These skinned versions are used to view the page in a specific way - for printing, or as plain text, for example.

messages.tmpl is an important template; it provides the basic definitions of all error and warning messages that Foswiki issues. These are defined using the %MAKETEXT macro to simplify translation into different languages.

attachtables.tmpl is another template worthy of separate mention. This template defines the different parts of the page that are involved in displaying tables of attachments. The blocks defined in this template are instantiated directly from code, rather than via %TMPL:P.

The remainder of the templates are used for varying purposes; their names, or introductory comments, should clarify.

A skin can provide a new version of any or all of these templates, depending on the depth of customisation. See the template files named *.pattern.* to see what PatternSkin defines.

Related Topics: Skins Macros JavascriptFiles

# Foswiki Skins

Skins overlay regular templates to give different looks and feels to Foswiki screens.

## Overview

Foswiki uses skin templates as the basis of all the screens it uses to interact with users. Each screen has an associated template file that contains the basic layout of the screen. This is then filled in by the code to generate what you see in the browser.

Foswiki ships with a default set of template files that give a very basic, CSS-themable, look-and-feel. Foswiki also includes support for skins that can be selected to give different, more sophisticated, look and feel. A default Foswiki installation will usually start up with the PatternSkin already selected. Skins may also be defined by third parties and loaded into a Foswiki installation to give more options. To see how Foswiki looks when no skin is selected, view this topic with a non-existant skin.

Topic text is not affected by the choice of skin, though a skin can be defined to use a CSS (Cascading Style Sheet), which can sometimes give a radically different appearance to the text.

## Changing the default skin

Foswiki by default ships with the PatternSkin activated. You can set the skin for the whole site (via Main.SitePreferences), a single web (via its WebPreferences topic) or topic, for each user individually, or even per request - see Activating Skins below for more details.

## Defining Skins

You may want to define your own skin, for example to comply with corporate web guidelines, or because you have a aesthetic vision that you want to share. There are a couple of places you can start doing this.

Skin templates are located by looking at a list of possible locations, including topics and files in the templates directory. The lookup process is configurable, and is described in SkinTemplates#FindingTemplates. You can choose to define your skin entirely in topics, entirely in files in templates, or in a mixture of both.

The easiest way to start creating a new skin is to layer it over an existing skin, only overriding those parts of the existing skin that you want to customise. Foswiki can be configured to fall back to another skin if a template is not defined in your skin. A custom skin can be as small as one file!

Most skins, even those that look radically different to the default, use this layering approach, by basing themselves on the default skin templates (those template files with no skin name e.g view.tmpl, edit.tmpl etc). These templates provide a minimal interface that is easy to understand and build on. Another advantage of this approach is that if new features are exposed in the default templates, your skin has a chance to pick them up "for free".

If you use PatternSkin as your starting point, and you want to modify the layout, colors or even the templates to suit your own needs, have a look first at the topics PatternSkinCustomization and PatternSkinCssCookbook. These topics also provide practical instructions how to create custom skin template files.

Note: Don't call your skin text or rss as these two skin names have reserved meanings, see below at hard-coded meanings.

The following template names are used for Foswiki screens, and are referenced in the Foswiki core code. If a skin doesn't define its own version of a template file, then Foswiki will fall back to the next skin in the skin path, or finally, to the default version of the template file.

(Certain template files are expected to provide certain TMPL:DEFs - these are listed in sub-bullets)
• addform - used to select a new form for a topic
• attachagain - used when refreshing an existing attachment
• attachnew - used when attaching a new file to a topic
• attachtables - defines the format of attachments at the bottom of the standard topic view
• ATTACH:files:footer, ATTACH:files:header, ATTACH:files:row, ATTACH:versions:footer, ATTACH:versions:header, ATTACH:versions:row
• changeform - used to change the form in a topic
• changes - used by the changes script
• edit - used for the edit screen
• form
• formtables - used to defined the format of forms
• FORM:display:footer, FORM:display:header, FORM:display:row
• login - used for loggin in when using the TemplateLoginManager
• LOG_IN, LOG_IN_BANNER, LOG_OUT, LOGGED_IN_BANNER, NEW_USER_NOTE, UNRECOGNISED_USER
• moveattachment - used when moving an attachment
• oopsaccessdenied - used to format Access Denied messages
• no_such_topic, no_such_web, only_group, topic_access
• oopsattention - used to format Attention messages
• already_exists, bad_email, bad_ver_code, bad_wikiname, base_web_missing, confirm, created_web, delete_err, invalid_web_color, invalid_web_name, in_a_group, mandatory_field, merge_notice, missing_action, missing_fields, move_err, missing_action, no_form_def, no_users_to_reset, not_a_user, oversized_upload, password_changed, password_mismatch, problem_adding, remove_user_done, rename_err, rename_not_wikiword, rename_topic_exists, rename_web_err, rename_web_exists, rename_web_prerequisites, reset_bad, reset_ok, save_error, send_mail_error, thanks, topic_exists, unrecognized_action, upload_name_changed, web_creation_error, web_exists, web_missing, wrong_password, zero_size_upload
• oopsgeneric - a basic dialog for user information; provides "ok" button only
• oopslanguagechanged - used to confirm a new language when internationalisation is enabled
• oopsleaseconflict - used to format lease Conflict messages
• lease_active, lease_old
• preview - used for previewing edited topics before saving
• rdiff - used for viewing topic differences
• registernotify - used by the user registration system
• registernotifyadmin - used by the user registration system
• rename - used when renaming a topic
• renameconfirm - used when renaming a topic
• renamedelete - used when renaming a topic
• renameweb - used when renaming a web
• renamewebconfirm - used when renaming a web
• renamewebdelete - used when renaming a web
• searchbookview - used to format search results in book view
• searchformat - used to format search results
• search - used to format inline search results if no formatting is specified
• settings
• view - used by the view CGI script
• viewprint - used to create the printable view

foswiki.tmpl is a master template conventionally used by other templates, but not used directly by code.

Note: Make sure templates do not end with a newline. Any newline will expand to an empty <p /> in the generated html. It will produce invalid html, and may break the page layout.

### Partial customisation, or adding in new features to an existing skin

You can use recursion in the TMPL:INCLUDE chain. For example, if view.tmpl contains %TMPL:INCLUDE{"foswiki"}%, the templating system will include the next SKIN in the skin path. To create a customisation of the Pattern skin, where you only want to remove the edit & WYSIWYG buttons from the view screen, you create only a view.yourlocal.tmpl:
%TMPL:INCLUDE{"view"}%

and then set SKIN=yourlocal,pattern in Main.SitePreferences, a particular web's WebPreferences, or in an individual topic, depending on the desired scope of the skin.

## Settings in Skins

You can use template directives, ordinary macros, and other predefined settings in your skins. Some commonly used macros in skins:

Macro: Expanded to:
%WEBLOGONAME% Filename of web logo
%WEBLOGOIMG% Image URL of web logo
%WEBLOGOURL% Link of web logo
%WEBLOGOALT% Alt text of web logo
%WIKILOGOURL% Link of page logo
%WIKILOGOIMG% Image URL of page logo
%WIKILOGOALT% Alt text of page logo
%WEBBGCOLOR% Web-specific background color, defined in the WebPreferences
%WIKITOOLNAME% The name of your Foswiki site
%SCRIPTURL% The script URL of Foswiki
%SCRIPTURLPATH% The script URL path
%SCRIPTSUFFIX% The script suffix, ex: .pl, .cgi
%WEB% The name of the current web.
%TOPIC% The name of the current topic.
%WEBTOPICLIST% Common links of current web, defined in the WebPreferences. It includes a Go box
%TEXT% The topic text, e.g. the content that can be edited
%QUERY{"form.name"}% DataForm, if any
%QUERY{"attachments.name"}% FileAttachment list
%QUERY{"parent.name"}% The topic parent
%EDITTOPIC% Edit link
%REVTITLE% The revision title, if any, ex: (r1.6)
%REVINFO% Revision info, ex: r1.6 - 24 Dec 2002 - 08:12 GMT - Main.WikiGuest
%WEBCOPYRIGHT% Copyright notice, defined in the WebPreferences
%BROADCASTMESSAGE% Broadcast message at the beginning of your view template, can be used to alert users of scheduled downtimes; can be set in Main.SitePreferences

CSS files are gererally attachments to the skin topic that are included in the skin templates - in the case of PatternSkin in the template css.pattern.tmpl.

• General documentation of CSS classes: AppendixCascadingStyleSheets
• To see how CSS is used in the default Foswiki skin, see: PatternSkin
• If you write a complete new skin, this is the syntax to use in a template file:
%ADDTOZONE{
id="MySkin/mystyle"
text="
<style type='text/css' media='all'>
@import url('%PUBURLPATH%/%SYSTEMWEB%/MySkin/mystyle.css');
</style>"
}%


## Skin parts

### The "Go" Box and Navigation Box

The default skins include a "Go" box, also called "Jump" box, to jump to a topic.

The box also understands URLs, e.g. you can type http://www.google.com/ to jump to an external web site. The feature is handy if you build a skin that has a select box of frequently used links, like Intranet home, employee database, sales database and such. A little JavaScript gets into action on the onchange method of the select tag to fill the selected URL into the "Go" box field, then submits the form.

Here is an example form that has a select box and the "Go" box for illustration purposes. You need to have JavaScript enabled for this to work:

 Bare bones header, for demo only Navigate: chooseIntranet homeEmployee indexMain webSystem webGoogleYahoo! Jump:

Note: Redirect to a URL only works if it is enabled in configure (Miscellaneous, {AllowRedirectUrl}).

PatternSkin has a notification message display using the variable FLASHNOTE. For example:

• Set FLASHNOTE = Skins documentation

See the alert at the top of this topic.

While this feature is not yet used by the system, it might be a good idea to already prepare your skin.

### Attachment Tables

Controlling the look and feel of attachment tables is a little bit more complex than for the rest of a skin. By default, the attachment table is a standard Foswiki table, and the look is controlled in the same way as other tables. In a very few cases you may want to change the content of the table as well.

The format of standard attachment tables is defined through the use of special template directives which by default, are defined in the attachtables.tmpl template using the %TMPL:DEF directive syntax described in SkinTemplates. These macros are:
Macro Description
ATTACH:files:header Standard title bar
ATTACH:files:row Standard row
ATTACH:files:footer Footer for all screens
ATTACH:files:header:A Title bar for upload screens, with attributes column
ATTACH:files:row:A Row for upload screen
ATTACH:files:footer:A Footer for all screens

The format of tables of file versions in the Upload screen can also be changed, using the macros:
Macro Description
ATTACH:versions:header Header for versions table on upload screen
ATTACH:versions:row Row format for versions table on upload screen
ATTACH:versions:footer Footer for versions table on upload screen

The ATTACH:row macros are expanded for each file in the attachment table, using the following special tags:
Tag Description
%A_URL% viewfile URL that will recover the file
%A_REV% Revision of this file
%A_ICON% A file icon suitable for representing the attachment content
%A_FILE% The name of the file. To get the 'pub' url of the file, use %PUBURL%/%WEB%/%TOPIC%/%A_FILE%
%A_SIZE% The size of the file
%A_DATE% The date the file was uploaded
%A_USER% The user who uploaded it
%A_COMMENT% The comment they put in when uploading it
%A_ATTRS% The attributes of the file as seen on the upload screen e.g "h" for a hidden file

## Packaging and Publishing Skins

See Foswiki:Development/ExtensionDeveloperGuide

For your own skin you are encouraged to show a small 88x31 pixel logo at the bottom of your skin:

<a href="http://foswiki.org/">
</a>

Generating:

The standard Foswiki skins show the logo in the %WEBCOPYRIGHT%.

## Browsing Installed Skins

You can try out all installed skins in the SkinBrowser.

## Activating Skins

Foswiki uses a skin search path, which lets you combine skins additively. The skin path is defined using a combination of preference settings and URL parameters.

Foswiki works by asking for a template for a particular function - for example, 'view'. The detail of how templates are searched for is described in SkinTemplates, but in summary, the templates directory is searched for a file called view.skin.tmpl, where skin is the name of the skin e.g. pattern. If no template is found, then the fallback is to use view.tmpl. Each skin on the path is searched for in turn. For example, if you have set the skin path to local,pattern then view.local.tmpl will be searched for first, then view.pattern.tmpl and finally view.tmpl.

The basic skin is defined by the SKIN preference:
   * Set SKIN = catskin, bearskin

You can override this using the URL parameter skin, such as ?skin=catskin,bearskin:

Setting the ?skin parameter in the URL replaces the existing skin path setting for the current request only.

You can also extend the existing skin path using covers:
   * Set COVER = ruskin

This pushes a different skin to the front of the skin search path, so the final skin path will be ruskin, catskin, bearskin.

There is also a cover URL parameter that can be used to push yet more skin names in front of the COVER preference.

So the final value of the skin path is given by:
1. value of the cover url parameter
2. value of the COVER preference
3. value of the skin url parameter, if it is non-null
4. value of the SKIN preference, if the skin url parameter is not given

For example, if we have
   * Set SKIN = muscle,bone
* Set COVER = epidermis
and a URL with the parameter ?cover=hair,dermis then the final skin path will be hair, dermis, epidermis, muscle, bone.

Or we might specify a skin url parameter, ?skin=flesh. With the same preferences this will set the skin path epidermis, flesh.

Note that you cannot use the cover url parameter to remove a skin applied by the COVER preference. Once a COVER preference is defined, it is always applied.

## Hard-Coded Skins

The text skin is reserved for Foswiki internal use.

Skin names starting with rss also have a special meaning; if one or more of the skins in the skin path starts with 'rss' then 8-bit characters will be encoded as XML entities in the output, and the content-type header will be forced to text/xml.

Related Topics: SkinTemplates, SkinBrowser, AdminDocumentationCategory, DeveloperDocumentationCategory

# Meta data

Additional data, Foswiki-generated or from forms, may be embedded in the topic text using META: macros

## Overview

The default store engines store topics in plain-text files on disk, in a simple and obvious directory structure. The big advantage of this approach is that it makes it very easy to manipulate topics from outside Foswiki, and it is also very robust; there are no complex binary indexes to maintain, and moving a topic from one installation to another is as simple as copying a couple of text files.

To keep everything together in one place, meta-data (Foswiki-generated or from forms) is embedded directly in topics, using special macros. These macros are easy to spot, as they all start with the reserved META: prefix.

META: data includes information such as file attachments, topic movement history, and form field values. For efficiency reasons, the topic history is not stored in this meta-data, but is expected to be implemented elsewhere by the store engine.

## Meta data syntax

• Format is the same as for any other macros except that each meta-data macro must be on a line on its own.
• %META:<type>{key1="value1" key2="value2" ...}%
• The characters %"\r\n{} are encoded in argument values, using the standard URL encoding.
• Meta-data is divided into core meta-data, described below, and extension meta-data, which shares the same syntax but is used by extensions.
• Dates are stored as "epoch times" i.e. the integer number of seconds since 1st January 1970.

Example of core meta-data
%META:TOPICINFO{version="6" date="976762663" author="LastEditor" format="1.0"}%
text of the topic
%META:TOPICMOVED{from="Real.SecretAgents" to="Hollywood.SecretAgents"
by="CoverUp" date="976762680"}%
%META:TOPICPARENT{name="MilitaryIntelligence5"}%
%META:FILEATTACHMENT{name="CV.txt" version="3" ... }%
%META:FILEATTACHMENT{name="Photo.gif" version="1" ... }%
%META:FORM{name="SecretAgentForm"}%
%META:FIELD{name="ChosenWeapon" value="Beretta"}%
%META:FIELD{name="Paramour" value="PussyGalore"}%
%META:PREFERENCE{name="ALLOWTOPICCHANGE" value="JamesBond"}%
%META:PREFERENCE{name="DENYTOPICVIEW" value="ErnstBlofeld"}%


## Core meta-data

The following meta-data macros are supported by the Foswiki core. Other macros may be used by extensions; see the extension documentation for more details. The core will read and write these extension macros, but will otherwise ignore them.

Some fields are required by macros, while others are optional. Required fields are marked with a %REG% symbol. The %REG% character is not part of the attribute name.

### META:TOPICINFO

This macro caches some of the information that would normally be derived from the underlying store engine. It does this for efficiency reasons.

Key Comment
author%REG% Canonical user identifier of last user to change the topic. The exact format of this depends on the user mapping manager.
version Topic version; a plain integer.
date epoch time
format Format of this topic, will be used for automatic format conversion
reprev Set when a revision is overwritten by the same author within the {ReplaceIfEditedAgainWithin} window (set in configure ). If reprev is the same as version, it prevents Foswiki from attempting to do a 3-way merge when merging overlapping edits by two different users.

Note that the version and date fields are advisory only and cannot be trusted. This is because processes outside of Foswiki's control may write topic files without maintaining these fields.

### META:TOPICMOVED

This only exists if the topic has been moved. If a topic is moved more than once, only the most recent META:TOPICMOVED meta datum exists in the topic. Older ones can to be found in the topic history.

%META:TOPICMOVED{from="Real.SecretAgents" to="Hollywood.SecretAgents" by="CoverUp" date="976762680"}%

Key Comment
from%REG% Full name, i.e., web.topic
to%REG% Full name, i.e., web.topic
by%REG% Canonical user identifier of who moved the topic. The exact format of this depends on the user mapping manager.
date%REG% epoch time

Notes:
• the moved version numbers can be deduced from the topic history.

### META:TOPICPARENT

The topic from which this topic was created, typically when clicking on a ? question mark link, or by filling out a form. The topic parent may also be manipulated in the user interface.
Key Comment
name%REG% Normally just TopicName, but it can be a full Web.TopicName format if the parent is in a different Web.

### META:FILEATTACHMENT

Reference to a file attached to this topic.

Key Comment
name%REG% Name of file, no path. Must be unique within topic
version An integer
path Full path file was loaded from
size In bytes
date epoch time when the file was attached
user Canonical user identifier of user who uploaded the attachment. The exact format of this depends on the user mapping manager.
comment As supplied when file uploaded
attr h if hidden, optional

Extra fields that are added if an attachment is moved:

Key Comment
movedfrom full topic name - web.topic.filename
movedby Canonical user identifier of user who moved the attachment. The exact format of this depends on the user mapping manager.
movedto full topic name - web.topic.filename
movedwhen epoch time

### META:FORM

Key Comment
name%REG% The name of the topic containing the form definition. Can optionally include the web name (i.e., web.topic), but doesn't normally

### META:FIELD

Should only be present if there is a META:FORM entry.

Key Name
name%REG% Ties to entry in the form definition. This is the title with all characters except alphanumerics and . removed
value%REG% Value user has supplied via form
title Full text from the form definition

### META:PREFERENCE

Out-of-band preference.

Key Name
name%REG% Preference name
value%REG% Preference value
type Set or Local (Set is the default)

### Recommended sequence

There is no absolute need for meta-data macros to be listed in a specific order within a topic, but it makes sense to do so, because form fields are displayed in the order they are defined when the topic is viewed.

The recommended sequence is:

• META:TOPICINFO
• META:TOPICPARENT (optional)
• text of topic
• META:TOPICMOVED (optional)
• META:FILEATTACHMENT (0 or more entries)
• META:FORM (optional)
• META:FIELD (0 or more entries; FORM required)
• META:PREFERENCE (0 or more entries)

## Viewing meta-data embedded in page source

You can append the raw=debug parameter to the URL to view the topic text with embedded meta-data, e.g: debug view for this topic. raw=all lets you view the topic source as plain text, e.g: plain text view for this topic.

## Including meta data in viewed topics

### %META

Meta-data belonging to the viewed topic can be included in the view using the %META macro. See VarMETA for details.

### %FORMFIELD

The %FORMFIELD macro lets you inspect the values of form field meta-data in other topics. See VarFORMFIELD for details.

### %SEARCH

%SEARCH can also be used to extract meta data. See VarSEARCH and the examples in FormattedSearch and SearchPatternCookbook.

## Extending meta-data in Extensions

Extensions can extend meta-data with information of their own. See Foswiki::Func for more information.

Related Topics: DeveloperDocumentationCategory

Add functionality with extensions not based on the Foswiki scripts.

## Overview

An add-on runs separately from the Foswiki scripts, e.g. for data import, export to static HTML, etc. Add-Ons normally do not call any Foswiki code directly, though may invoke Foswiki scripts. There are different types of add-ons, they may be stand alone scripts, browser plugins, office tool extensions, or even a set of topics that form a wiki application.

See other types of extensions: Contribs, Plugins, Skins

## Add-Ons Installed on this site

Found 1 topic(s).

# Foswiki Contribs

Extensions to Foswiki that are not plugins

## Overview

The term "Contrib" is used to refer to any package that is not just a simple plugin.

Foswiki contribs may
• extend the functionality of Foswiki, in a lower-level way than plugins,
• or provide alternative implementations for sections of the Foswiki core e.g. user management, or when an extension just can't be implemented as a plugin because it requires very close access to Foswiki internals,
• or they might provide other files that Foswiki uses, for example language files,
• or they might be packages of topics that implement a "Wiki Application", using the wiki macro language, TML.

See other types of extensions: ContributedAddOns, Plugins, Skins

## Foswiki Contribs Installed on this site

Found 5 topic(s).

## Installing Contribs

• Use configure to browse to the list of extensions available from Foswiki.org
• Or, download an extension package from some other source, and unzip it
• Follow the installation instructions in the contrib topic.

# Foswiki Plugins

Extensions that use a simple API to talk to Foswiki

## Overview

You can add plugins to extend Foswiki functionality without altering the core code. A plug-in approach lets you:

• add virtually unlimited features while keeping the main Foswiki code compact and efficient;
• heavily customize an installation and still do clean updates to new versions of Foswiki;
• rapidly develop new Foswiki functions in Perl using the plugin API.

Everything to do with Foswiki plugins - demos, new releases, downloads, development, general discussion - is available at Foswiki.org, in the Foswiki:Extensions web.

Foswiki plugins are developed and contributed by interested members of the community. Plugins are provided on an 'as is' basis; they are not a part of Foswiki, but are independently developed and maintained.

Most TWiki® plugins can also be used with Foswiki if the TWikiCompatibilityPlugin is installed.

See other types of extensions: Contribs, Skins

See InstalledPlugins for a list of plugins installed on this site.

## Installing Plugins

Each plugin comes with its own documentation page, which includes step-by-step installation instructions, a detailed description of any special requirements, and version details. Many also have a worked example for testing.

The easiest way to install plugins is to use the configure interface. However you can also install plugins from the command-line. Every plugin comes with installation instructions.

Each plugin has a standard release topic, located in the Foswiki:Extensions web at Foswiki.org. There's usually a number of other related topics, such as a developers page, and an appraisal page. After installation, a copy of this page will be installed to your System web.

If you install a plugin and it doesn't seem to work, then you can get information on all the installed plugins that may help to resolve the issue.

Failing that, you may want to check your webserver error log and the various Foswiki log files, and any notes in the support topic for the plugin (linked from the plugin front page).

### Some Notes on Plugin Performance

The performance of the system depends to some extent on the number of plugins installed and on the plugin implementation. Some plugins impose no measurable performance decrease, some do. For example, a Plugin might use many Perl libraries that need to be initialized with each page view (unless you run mod_perl). You can only really tell the performance impact by installing the plugin and by measuring the performance with and without the new plugin, on real data.

If you need to install an "expensive" plugin, but you only need its functionality only in a subset of your data, you can disable it elsewhere by defining the %DISABLEDPLUGINS% setting.

Define DISABLEDPLUGINS to be a comma-separated list of names of plugins to disable. Define it in Main.SitePreferences to disable those plugins everywhere, in the WebPreferences topic to disable them in an individual web, or in a topic to disable them in that topic. For example,
   * Set DISABLEDPLUGINS = SpreadSheetPlugin, EditTablePlugin


## Managing Installed Plugins

Some plugins require additional settings or offer extra options that you have to select. Also, you may want to make a plugin available only in certain webs, or temporarily disable it. And may want to list all available plugins in certain topics. You can handle all of these management tasks with simple procedures:

### Listing Active Plugins

Plugin status macros let you list all active plugins wherever needed.

This site is running Foswiki version Foswiki-1.1.4, Tue, 20 Dec 2011, build 13483, plugin API version 2.1

• %ACTIVATEDPLUGINS% - shows the activated plugins
• %PLUGINVERSION% - shows the plugins API version
• %FAILEDPLUGINS% - shows what plugins failed, and why

### Enabling Plugins

Plugins can be enabled and disabled with the configure script. An installed plugin needs to be enabled before it can be used. Plugins can also be selectively disabled again using the DISABLED_PLUGINS preference, as described above.

### Plugin Evaluation Order

By default, plugins are executed in alphabetical order of plugin name. It is possible to change the order, for example to evaluate database macros before the spreadsheet CALCs, using the {PluginsOrder} in the Extensions section of configure.

### Plugin-Specific Settings

Some plugins are configured with plugin preference settings, some with configure settings, and some with both. The plugin topic will contain details.

configure settings are accessible though the configure interface.

Note that some older plugins use preference settings defined in the plugin topic. For example, the (fictional) BathPlugin topic might contain:
• Set ELECTRIC = on
This setting defines the default value for the preference BATHPLUGIN_ELECTRIC. You should never edit the BathPlugin topic to change this setting; instead, override the setting by defining BATHPLUGIN_ELECTRIC as described in preference settings.

Developing plugins provides a simple introduction to hooking into Foswiki code from your own Perl modules. Foswiki:Development.GettingStarted is the starting point for more comprehensive documentation.

# Developing Plugins

The usual way Foswiki is extended is by writing a Plugin. Plugins extend Foswiki by providing functions that 'listen' to events in the Foswiki core, and handling these events. These functions are called "Plugin Handlers" and they are described in depth in EmptyPlugin ( lib/Foswiki/Plugins/EmptyPlugin.pm ).

## The 3048m view of how Foswiki works

Foswiki is a web application that runs inside a web server. When the web server receives a request that it recognises as being for Foswiki, it calls one of the perl scripts in the Foswiki bin directory. Each of the scripts has a specific function, as described in command and CGI scripts.

The scripts are responsible for interpreting the parameters passed in the request, and generating a response that is sent back to the browser, usually in the form of an HTML page.

Foswiki contains three engines that are used by the scripts; the template engine, the macro engine, and the TML engine.

1. The template engine reads predefined templates from files on the server. These templates contain directives that are expanded by the engine to create the output HTML skeleton. One of these directives expands to the topic text.
2. The macro engine then expands the macros in the skeleton. This is also where macros registered by plugins are expanded.
• Macros, including those registered by plugins, are processed in a strict left-right-inside-out processing order. See macros for more details.
• Macros include things like searches, so this is usually the slowest part of generating a page.
3. The TML (Topic Markup Language) engine now processes the expanded text, looking for TML constructs such as bulleted lists and tables. It generates HTML for these constructs.

Once all the engines have run, the output is sent to the browser.

There are several ways plugins can interact with this process.
1. They can register macros that are expanded by the macro engine. This is the simplest kind of plugin.
2. The can interact with various points in the rendering pipeline by implementing handlers (callbacks).
3. They can register REST handlers that are invoked via the rest script to support some form of transaction outside those supported by the standard scripts.

## APIs available to Extensions

To be robust, extensions must avoid using any unpublished functionality from the Foswiki core. The following perl packages give access to features for extension authors. These APIs are not just for Plugins, they can be used in any type of extension. Click on the name of the package to see the full documentation.
• Foswiki::Func - this is the package you will use most. This package exposes a lot of core functionality in a way that is friendly to extension writers. If you find that there are two ways of doing something - a Foswiki::Func way, and another call to one of the packages below, then the Foswiki::Func way is almost always the right way.
• Foswiki::Meta - topic and web meta-data. Certain Foswiki::Func methods, and some plugin handlers, are passed (or return) objects of this type. Almost all of the methods of Foswiki::Meta have analagous methods in Foswiki::Func - in general you should call the Foswiki::Func methods in preference to calling Foswiki::Meta methods directly.
• Foswiki::OopsException - special exception for invoking the 'oops' script
• Foswiki::AccessControlException - access control exception
• Foswiki::Attrs - parser and storage object for macro parameters
• Foswiki::Time - time parsing and formatting
• Foswiki::Sandbox - safe server-side program execution, used for calling external programs.
• Iterators - these are classes that implement the Foswiki::Iterator specification
• Foswiki::ListIterator - utility class for iterator objects that iterate over list contents
• Foswiki::LineIterator - utility class for iterator objects that iterate over lines in a block of text
• Foswiki::AggregateIterator - utility class for iterator objects that aggregate other iterators into a single iteration
In addition the following global variables may be referred to:
• $Foswiki::Plugins::VERSION - plugin handler API version number • $Foswiki::Plugins::SESSION - reference to Foswiki singleton object
• $Foswiki::cfg - reference to configuration hash • $Foswiki::regex - see Standard Regular Expressions, below
Foswiki:Development.GettingStarted is the starting point for more comprehensive documentation on developing for Foswiki.

Note: the APIs are available to all extensions, but rely on a Foswiki singleton object having been created before the APIs can be used. This will only be a problem if you are writing an extension that doesn't use the standard initialisation sequence.

### Standard Regular Expressions

A number of standard regular expressions are available for use in extensions, in the $Foswiki::regex hash. these regular expressions are precompiled in an I18N-compatible manner. The following are guaranteed to be present. Others may exist, but their use is unsupported and they may be removed in future Foswiki versions. In the table below, the expression marked type 'String' are intended for use within character classes (i.e. for use within square brackets inside a regular expression), for example:  my$isCapitalizedWord =
( $s =~ /[$Foswiki::regex{upperAlpha}][$Foswiki::regex{mixedAlpha}]+/ );  Those expressions marked type 'RE' are precompiled regular expressions that can be used outside square brackets. For example:  my$isWebName = ( $s =~ m/$Foswiki::regex{webNameRegex}/ );


Name Matches Type
upperAlpha Upper case characters String
upperAlphaNum Upper case characters and digits String
lowerAlpha Lower case characters String
lowerAlphaNum Lower case characters and digits String
numeric Digits String
mixedAlpha Alphabetic characters String
mixedAlphaNum Alphanumeric characters String
wikiWordRegex WikiWords RE
webNameRegex User web names RE
topicNameRegex Topic names RE
anchorRegex #AnchorNames RE
abbrevRegex Abbreviations/Acronyms e.g. GOV, IRS RE
tagNameRegex Standard macro names e.g. %THIS_BIT% (THIS_BIT only) RE

## Creating New Plugins

With a reasonable knowledge of the Perl scripting language, you can create new plugins or modify and extend existing ones.

### Anatomy of a Plugin

A (very) basic Foswiki plugin consists of two files:

• a Perl module, e.g. lib/Foswiki/Plugins/MyFirstPlugin.pm
• a documentation topic, e.g. MyFirstPlugin.txt

The Perl module can invoke other, non-Foswiki, elements, like other Perl modules (including other plugins), graphics, external applications, or just about anything else that Perl can call.

The plugin API handles the details of connecting your Perl module with the Foswiki core.

The Foswiki:Extensions.BuildContrib module provides a lot of support for plugins development, including a plugin creator, automatic publishing support, and automatic installation script writer. If you plan on writing more than one plugin, you probably need it.

### Creating the Perl Module

Copy file lib/Foswiki/Plugins/EmptyPlugin.pm to <name>Plugin.pm. The EmptyPlugin does nothing, but it contains all the information you need to create you own custom plugin.

### Writing the Documentation Topic

The plugin documentation topic contains usage instructions and version details. (The doc topic is also included in the distribution package.) To create a documentation topic:

1. Copy the plugin topic template from EmptyPlugin
• Important: In case you plan to publish your plugin on Foswiki.org, use Interwiki names for author names and links to Foswiki.org topics, such as Foswiki:Main/WikiGuest. This is important because links should work properly in a plugin topic installed on any Foswiki, not just on Foswiki.org.
3. Save your topic, for use in packaging and publishing your plugin.

OUTLINE: Doc Topic Contents
Check the plugins web on Foswiki.org for the latest plugin doc topic template. Here's a quick overview of what's covered:

Syntax Rules: <Describe any special text formatting that will be rendered.>"

Example: <Include an example of the plugin in action. Possibly include a static HTML version of the example to compare if the installation was a success!>"

Plugin Settings: <Description and settings for custom plugin settings, and those required by Foswiki.>"

• Plugins Preferences <If user settings are needed, link to preference settings and explain the role of the plugin name prefix

Plugin Installation Instructions: <Step-by-step set-up guide, user help, whatever it takes to install and run, goes here.>"

Plugin Info: <Version, credits, history, requirements - entered in a form, displayed as a table. Both are automatically generated when you create or edit a page in the Foswiki:Extensions web.>

### Packaging for Distribution

The Foswiki:Extensions.BuildContrib is a powerful build environment that is used by the Foswiki project to build Foswiki itself, as well as many of the plugins. You don't have to use it, but it is highly recommended!

If you don't want to (or can't) use the BuildContrib, then a minimum plugin release consists of a Perl module with a WikiName that ends in Plugin, ex: MyFirstPlugin.pm, and a documentation page with the same name(MyFirstPlugin.txt).

1. Distribute the plugin files in a directory structure that mirrors Foswiki. If your plugin uses additional files, include them all:
• lib/Foswiki/Plugins/MyFirstPlugin.pm
• data/Foswiki/MyFirstPlugin.txt
• pub/Foswiki/MyFirstPlugin/uparrow.gif [a required graphic]
2. Create a zip archive with the plugin name (MyFirstPlugin.zip) and add the entire directory structure from Step 1. The archive should look like this:
• lib/Foswiki/Plugins/MyFirstPlugin.pm
• data/Foswiki/MyFirstPlugin.txt
• pub/Foswiki/MyFirstPlugin/uparrow.gif

### Publishing for Public Use

You can release your tested, packaged plugin to the Foswiki community through the Foswiki:Extensions web. All plugins submitted to Foswiki.org are available for public download and further development.

Publish your plugin by following these steps:
1. Post the plugin documentation topic to the Foswiki:Extensions web
2. Attach the distribution zip file(s) to the topic, eg: MyFirstPlugin.zip
3. Add a user support hub by visiting Foswiki:Support.CreateNewSupportHub
4. Optionally, check in the sources to the Foswiki subversion repository (see Foswiki:Development.HowToStartExtensionDevelopmentInSubversion)

Once you have done the above steps once, you can use the BuildContrib to upload updates to your plugin.

Thank you very much for sharing your plugin with the Foswiki community

## Hints on Writing Fast Plugins

• Delay initialization as late as possible. For example, if your plugin is a simple syntax processor, you might delay loading extra Perl modules until you actually see the syntax in the text.
• For example, use an eval block like this:
eval { require IPC::Run }
return "<font color=\"red\">SamplePlugin: Can't load required modules ($@)</font>" if$@;
• Keep the main plugin package as small as possible; create other packages that are loaded if and only if they are used. For example, create sub-packages of BathPlugin in lib/Foswiki/Plugins/BathPlugin/.
• Avoid using preferences in the plugin topic; set $NO_PREFS_IN_TOPIC if you possibly can, as that will stop Foswiki from reading the plugin topic for every page. Use Config.spec instead. • Use registered tag handlers ## Security • Badly written plugins can open security holes in Foswiki. This is especially true if care isn't taken to prevent execution of arbitrary commands on the server. • Don't allow sensitive configuration data to be edited by users. Use the %Foswiki::cfg hash for configuration options. Don't ask installers to edit topics in the System web. • Make sure that all user input is checked and validated. Be especially careful to filter characters that might be used in perl string interpolation. • Avoid eval, and if you must use it make sure you sanitise parameters • Always use the Foswiki::sandbox to execute commands. Never use backtick or qx//. • Use Foswiki::Func::checkAccessPermission to check the access rights of the current user. • Always audit the plugins you install, and make sure you are happy with the level of security provided. While every effort is made to monitor plugin authors activities, at the end of the day they are uncontrolled user contributions. ## Recommended Storage of Plugin Specific Data Plugins sometimes need to store data. This can be plugin internal data such as cache data, or data generated for browser consumption such as images. Plugins should store data using Foswiki::Func functions that support saving and loading of topics and attachments. ### Plugin Internal Data You can create a plugin "work area" using the Foswiki::Func::getWorkArea() function, which gives you a persistent directory where you can store data files. By default they will not be web accessible. The directory is guaranteed to exist, and to be writable by the webserver user. For convenience, Foswiki::Func::storeFile() and Foswiki::Func::readFile() are provided to persistently store and retrieve simple data in this area. ### Web Accessible Data The internal data area is not normally made web-accessible for security reasons. If yoou want to store web accessible data, for example generated images, then you should use Foswiki's attachment mechanisms. Topic-specific data such as generated images can be stored in the topic's attachment area, which is web accessible. Use the Foswiki::Func::saveAttachment() function to store the data. Recommendation for file name: • Prefix the filename with an underscore (the leading underscore avoids a name clash with files attached to the same topic) • Identify where the attachment originated from, typically by including the plugin name in the file name • Use only alphanumeric characters, underscores, dashes and periods to avoid platform dependency issues and URL issues • Example: _GaugePlugin_img123.gif Such auto-generated attachments han be hidden from users by setting the 'h' attribute in the attachment attributes. Web specific data should be stored in the attachment area of a topic in the web that you specify for the purpose, e.g. Web.BathPlugPictures. Use the Foswiki::Func::saveAttachment() function to store the data in this topic. ## Integrating with configure Some extensions have setup requirements that are best integrated into configure rather than trying to use preference settings. These extensions use Config.spec files to publish their configuration requirements. Config.spec files are read during configuration. Once a Config.spec has defined a configuration item, it is available for edit through the standard configure interface. Config.spec files are stored in the 'plugin directory' e.g. lib/Foswiki/Plugins/BathPlugin/Config.spec. ### Structure of a Config.spec file The Config.spec file for a plugin starts with a line that declares what section the configuration should appear in. The standard for all extensions is: # ---+ Extensions  Next we have a sub-heading for the configuration specific to this extension, and the actual configuration options: # ----++ BathPlugin # This plugin senses the level of water in your bath, and ensures the plug # is not removed while the water is still warm.  This is followed by one or more configuration items. Each configuration item has a type, a description and a default. For example: # **SELECT Plastic,Rubber,Metal** # Select the plug type$Foswiki::cfg{BathPlugin}{PlugType} = 'Plastic';

# **NUMBER**
# Enter the chain length in cm
$Foswiki::cfg{BathPlugin}{ChainLength} = '30'; # **BOOLEAN EXPERT** # Turn this option off to disable the water temperature alarm$Foswiki::cfg{BathPlugin}{TempSensorEnabled} = '1';

The type (e.g. **SELECT** ) tells configure to how to prompt for the value. It also tells configure how to do some basic checking on the value you actually enter. All the comments between the type and the configuration item are taken as part of the description. The configuration item itself defines the default value for the configuration item. The above spec defines the configuration items $Foswiki::cfg{BathPlugin}{PlugType}, $Foswiki::cfg{BathPlugin}{ChainLength}, and $Foswiki::cfg{BathPlugin}{TempSensorEnabled} for use in your plugin. For example, if($Foswiki::cfg{BathPlugin}{TempSensorEnabled} && $curTemperature > 50 ) { die "The bathwater is too hot for comfort"; }  You can use other $Foswiki::cfg values in other settings, but you must be sure they are only evaluated under program control, and not when this file is parsed by perl. For example:
$Foswiki::cfg{BathPlugin}{MyBath} = "$Foswiki::cfg{PubDir}/enamel.gif"; # BAD
# Perl will interpolate variables in double-quotes, so $Foswiki::cfg{PubDir} # will be evaluated at configuration time, which will make reconfiguration # difficult.$Foswiki::cfg{BathPlugin}{MyBath} = '$Foswiki::cfg{PubDir}/enamel.gif'; # GOOD # The single quotes make sure$Foswiki::cfg{PubDir} will only be evaluated
# at run-time.


The Config.spec file is read by configure, and configure then writes LocalSite.cfg with the values chosen by the local site admin.

A range of types are available for use in Config.spec files:

 BOOLEAN A true/false value, represented as a checkbox COMMAND length A shell command LANGUAGE A language (selected from {LocalesDir} NUMBER A number OCTAL An octal number PASSWORD length A password (input is hidden) PATH length A file path PERL A simplified perl data structure, consisting of arrays, hashes and scalar values REGEX length A perl regular expression SELECT choices Pick one of a range of choices SELECTCLASS package-specifier Select a perl package (class) e.g. SELECTCLASS Foswiki::Plugins::BathPlugin::*Plug lets the user select between all packages with names ending in Plug, Foswiki::Plugins::BathPlugin::RubberPlug, Foswiki::Plugins::BathPlugin::BrassPlug etc. STRING length A string URL length A url URLPATH length A relative URL path

All types can be followed by a comma-separated list of attributes.
 EXPERT means this an expert option M means the setting is mandatory (may not be empty) H means the option is not visible in configure 5x80 means "use a 5 row, 80 column textarea". Can be used with any text entry field type, such as STRING, COMMAND, PERL etc.

See lib/Foswiki.spec for many more examples.

Config.spec files are also used for other (non-plugin) extensions. in this case they are stored under the Contrib directory instead of the Plugins directory.

### Linking to configure

You can link to your configure settings by using the following:

[[%SCRIPTURL{"configure"}%/#BathPlugin$Extensions][configure]]  Replace BathPlugin with the name of your extension. ## Maintaining Plugins ### Discussions and Feedback on Plugins Usually published plugins have a support hub in the Support web on Foswiki.org.Support hubs have links to where to discuss feature enhancements and give feedback to the developer and user communities. ### Maintaining Compatibility with Earlier Foswiki Versions The plugin interface (Foswiki::Func functions and plugin handlers) evolve over time. Foswiki introduces new API functions to address the needs of plugin authors. Plugins using unofficial Foswiki internal functions may no longer work on a Foswiki upgrade. Organizations typically do not upgrade to the latest Foswiki for many months. However, many administrators still would like to install the latest versions of a plugin on their older Foswiki installation. This need is fulfilled if plugins are maintained in a compatible manner. Tip: Plugins can be written to be compatible with older and newer Foswiki releases. This can be done also for plugins using unofficial Foswiki internal functions of an earlier release that no longer work on the latest Foswiki codebase. Here is an example; the Foswiki:Support.PluginsSupplement has more details.  if($Foswiki::Plugins::VERSION >= 1.1 ) {
@webs = Foswiki::Func::getListOfWebs( 'user,public' );
} else {
@webs = Foswiki::Func::getPublicWebList( );
}


### Handling deprecated functions

From time-to-time, the Foswiki developers will add new functions to the interface (either to Foswiki::Func, or new handlers). Sometimes these improvements mean that old functions have to be deprecated to keep the code manageable. When this happens, the deprecated functions will be supported in the interface for at least one more Foswiki release, and probably longer, though this cannot be guaranteed.

When a plugin defines deprecated handlers, a warning will be shown in the list generated by %FAILEDPLUGINS%. Admins who see these warnings should check Foswiki.org and if necessary, contact the plugin author, for an updated version of the plugin.

Updated plugins may still need to define deprecated handlers for compatibility with old Foswiki versions. In this case, the plugin package that defines old handlers can suppress the warnings in %FAILEDPLUGINS%.

This is done by defining a map from the handler name to the Foswiki::Plugins version in which the handler was first deprecated. For example, if we need to define the endRenderingHandler for compatibility with Foswiki::Plugins versions before 1.1, we would add this to the plugin:

package Foswiki::Plugins::SinkPlugin;
use vars qw( %FoswikiCompatibility );
$FoswikiCompatibility{endRenderingHandler} = 1.1;  If the currently-running Foswiki version is 1.1 or later, then the handler will not be called and the warning will not be issued. Foswiki with versions of Foswiki::Plugins before 1.1 will still call the handler as required. ### TWiki® Plugins Most plugins written for TWiki can also be run in Foswiki, by installing the TWikiCompatibilityPlugin. See Foswiki:Extensions.TWikiCompatibilityPlugin for more information. Back to top # CGI and Command Line Scripts Programs on the server performing actions such as rendering, saving and renaming topics. These scripts are located in the bin and tools directories. This topic describes the interfaces to some of those scripts. All scripts in the bin directory can be called from the CGI (Common Gateway Interface) environment or from the command line. The scripts in the tools directory can only be called from the command line. ## CGI Scripts Details on CGI scripts located in the bin directory. Note that a blank in the 'Default' column means that the parameter is not required, and has no default. required means the parameter is required, and has no default. text in italics describes default behaviour if no value is given. ### General Information #### CGI environment In the CGI environment parameters are passed to the scripts via the URL and URL parameters. Environment variables are also used to determine the user performing the action. If the environment is not set up, the default user is used (usually guest). #### Command-line You must be have the bin directory on the perl path to run the scripts from the command line. To avoid issues with file permissions, run the scripts as the web server user such as nobody or www. Parameters are passed on the command line using '-name' - for example, $ cd /usr/local/foswiki/bin
$save -topic MyWeb.MyTopic -user admin -action save -text "New text of the topic"  All parameters require a value, even if that is the empty string. Note that parameters passed on the command-line should not be URL-encoded. When calling a tools script from the command line, you normally need to be cd'd to the =bin directory e.g. $ cd bin
$../tools/mailnotify -q -nonews -nochanges -Main -System  #### Common parameters All the scripts accept a number of common parameters. The first two components of the URL after the script name are taken as the web and the topic, respectively. Standard URL parameters are: Parameter Description Default cover Specifies temporary skin path to prepend to the skin path for this script only (see Skins) debugenableplugins During debugging it can be useful to selectively disable all but a subset of plugins. This parameter allows the caller to specify a comma-separated list of plugins that should be enabled. foswikioriginalquery The original query that was being made before a redirect for user confirmation was required. foswiki_redirect_cache Foswiki sometimes caches long lists of parameters that must survive over a sequence of browser redirects. This parameter identifies one of these caches. The parameter value is a "magic number" that uniquely idenitifies a file in the working/tmp directory. These files have a very short lifetime, and are destroyed when the cache is read. logout requests the LoginManager to log the current user out (this happens at the begining of the request so will terminate any other operation requested) refresh If the Foswiki page cache is in use, setting this parameter will invalidate the cache. Valid values are on and all. See PageCaching for more information on the page cache. response Used as part of the request validation process. skin Overrides the default skin path (see Skins) value of the SKIN preference t While the t parameter is not actively used by any scripts, it is used when building links to scripts such as edit, to ensure that each edit link is unique. This stops the browser from trying to use a cached reply from a previous call to the script. generally set to current time, in seconds topic Overrides the web.topic path given in the URL (specify Web.TopicName) user Command-line only; set the name of the user performing the action. Note: this usage is inherently insecure, as it bypasses webserver login constraints. For this reason only authorised users should be allowed to execute scripts from the command line. validation_key part of cross-site scripting protection. Any request sent from browsers that might change data stored on the server must carry a key that indentifies the source of the request. <any name> Any other parameter name passed to the script is passed through for possible use by the script. This is typically only applicable to the edit, save and view scripts. ### attach Despite the name, this script doesn't actually attach a file to a topic - for that, use upload. This script is part of the transactions sequence executed when a file is uploaded from the browser. it just generates the "new attachment" page for a topic. Parameter Description Default filename Name of existing attachment (if provided, this is a "manage attachment" action) this is a "new attachment" action ### changes Shows all the changes in the given web. The changes script can receive one parameter: Parameter Description Default minor If 0, show only major changes. If 1, show all the changes (both minor and major) show major changes The main difference between invoking this script and using WebChanges is that WebChanges is based on a %SEARCH%, while this script reads the changes file in each web, making it much faster. NOTE: The result from changes script and the topic WebChanges can be different, if the changes file is deleted from a web. In particular, in new installations the changes script will return no results while the WebChanges topic will. ### configure configure is the browser script used for inspection of, and changes to, the site configuration. None of the parameters to this script are useable for any purpose except configure. See configure. ### edit The edit script understands the following parameters, typically supplied by HTML input fields. A major role of the edit script is new topic creation. Parameters that are mainly relevant to new topic creation are marked with Parameter name Description Default action If action=text, then hide the form. If action=form, then hide the normal text area and only edit the form. edit both breaklock If set, any lease conflicts will be ignored, and the edit will proceed even if someone is already editing the topic. contenttype Optional parameter that defines the application type to write into the CGI header. May be used to invoke alternative client applications text/html formtemplate Name of the form to instantiate in the topic. Set to none to remove any existing form. notemplateexpansion Do not expand any macros in the template topic. (see New topic creation below) expand onlynewtopic If on, error if the topic already exists edit existing topic onlywikiname If on, error if the name of a topic being created is not a WikiWord allow non-wikiword names redirectto If the user continues from edit to save, and if the save (or cancel) process is successful, save will redirect to this topic or URL. The parameter value can be a TopicName, a Web.TopicName, or a URL. Note: Redirect to a URL only works if it is enabled in configure (Miscellaneous {AllowRedirectUrl}). rev Lets you specify a specific revision to use as the basis of the edit. latest template Allows you to specify a different skin template. Overrides any setting of EDIT_TEMPLATE. templatetopic The name of the template topic, copied to get the initial content for a new topic. (see New topic creation below) text Set the text to be edited. If this parameter is not given, the text is taken from the existing topic (if it exists) topicparent Sets the parent topic. <any name> This can be used in two ways; first, if the topic has a form with a field called <any name>, it will set the value of that field. Second, it can be expanded in the topic text during topic creation - see New topic creation below Skin notes: The EDIT_TEMPLATE preference (or the template parameter) can be used to override the default 'edit' template on a per-web or per-topic basis. The action parameter works by loading the editform.tmpl or edittext.tmpl templates in place of the standard edit.tmpl. If an EDIT_TEMPLATE has been defined, then it replaces edit, e.g. if EDIT_TEMPLATE=specialed and action=form then the template used will be specialedform In most skins that are based on the default templates (such as Pattern skin) you can easily change the Edit and Edit WikiText buttons to append the action parameter, by setting the preference EDITACTION to the value text or form. (You can always get back to editing the whole topic by removing the action parameter from the URL browser Location window, and reloading the edit window). New topic creation : The string AUTOINC followed by one or more digits anywhere in the topic name will be converted to a number such that the resulting topic name is unique in the target web. However this doesn't happen until the topic is saved. When a new topic is created using edit, the topic isn't actually created until the edit is saved. The content of the new topic is initialised according to the parameters you pass. • templatetopic - defines the full name (web.topic) of a topic to use as a template for the new topic. The template topic is copied and, unless notemplateexpansion is set, the following macros are expanded in the topic text: URLPARAM, DATE, SERVERTIME, GMTIME, USERNAME, WIKINAME, WIKIUSERNAME, USERINFO. • text - use this as the text of the topic. Macros are not expanded in this text. Overrides any text set in the templatetopic. • formtemplate - Overrides any form set in the templatetopic. • notemplateexpansion - given by templatetopic. Use this when you want a verbatim copy of a topic. • onlynewtopic and onlywikiname are used to control validation of the new topic name. • <any name> - besides the form field value setting described above, when creating a new topic, %URLPARAM{" <any name> "}% in the templatetopic will be expanded to the parameter value. ### login Used for logging in with TemplateLoginManager, and for interactive validation of operations that require user confirmation. Parameter Description Default foswikiloginaction If 'validate', the login script is being used for interactive validation of an operation. Otherwise it is being used for login. foswiki_origin URL that was being accessed when an access violation occurred. the login process will redirect to this URL if it is successful remember If set, this will cause the user's login to be retained even after their browser is shut down. sudo promote login to internal wiki admin (admins only) password password of user logging in username username of user logging in (if set, login will attempt to authenticate) usernamestep used to initialise the username input field in the login form (will not attempt to authenticate) ### logon Used for logging in when Web Server authentication is being used (e.g. ApacheLoginManager). The script does nothing; it is purely a placeholder for triggering the login process. The webserver must be set up to require a valid user to access this script, thus triggering the webserver login process. ### manage Performs a range of management functions. Note: The manage script can only be called via the HTTP POST method. Make sure you specify method="post" if you call the manage script via a form action. It is not possible to call manage from an <a href ...> link. Parameter Description Default action One of create, createweb, changePassword, resetPassword, bulkRegister, deleteUserAccount, editSettings, saveSettings, restoreRevision required #### action=create Alternative entry point for creation, via edit, of a new topic, used by screens that support several actions using manage. Parameter Description Default topic Name of topic to create (can be web.topic) required Other parameters are the same as for edit. #### action=createweb Create a new web Parameter Description Default baseweb Name of the web to copy to create the new web required newtopic Value of %TOPIC% within the web creation message. Optionally used in some skins to signify a non-default home topic. newweb Name of the new web required nosearchall Value for NOSEARCHALL '' webbgcolor value for WEBBGCOLOR '' websummary Value for WEBSUMMARY '' #### action=editSettings No parameters #### action=saveSettings Parameter Description Default originalrev Revision that the edit started on latest redirectto If the savesettings process is successful, save will redirect to this topic or URL. The parameter value can be a TopicName, a Web.TopicName, or a URL. Note: Redirect to a URL only works if it is enabled in configure (Miscellaneous {AllowRedirectUrl}). redirect to the web.topic from the URL path text Text of the topic required All other parameters may be interpreted as form fields, depending on the current form definition in the topic. #### action=bulkRegister See BulkRegistration. Parameter Description Default logtopic Topic to save the log in same as topic name, with 'Result' appended overwritehometopics Whether to overwrite existing home topics or not do not overwrite #### action=changePassword Change password, email address, or both, of a user. Parameter Description Default email new email address oldpassword current password required, unless current user is an admin password new password passwordA new password confirmation required if password is given username login name of user to change password/email for required password, =passwordA and email are optional. If neither or password and passwordA is set, then the user password is left unchanged. If email is unset, their email is left unchanged. #### action=resetPassword Reset the password for a single or multiple users Parameter Description Default introduction message to be sent alongside the reset, most often used to announce to the user that they have been given an account. loginname list of usernames to reset required This is used by BulkResetPassword and ResetPassword. Only administrators can provide a list of LoginNames, non-admins can only provide a single LoginName. BulkRegistration provides the means to create multiple accounts but it does not announce those accounts to the users who own them. BulkResetPassword is used to assign the passwords, the Introduction is used to explain why they are receiving the mail. #### action=deleteUserAccount Unregisters (removes) the currently logged-in user. Parameter Description Default password Users' password required #### action=restoreRevision Alternative entry point for edit, used by screens that support several actions using manage. Parameters are as for =edit. #### action=addUserToGroup add a user / list of users to a group Parameter Description Default create create the group if it doesn't exist 0 groupname groupname to change required username list of usernames/wikinames to add to group required #### action=removeUserFromGroup remove a user / list of users to a group Parameter Description Default groupname groupname to change required username list of usernames/wikinames to add to group required ### oops This script is mainly used for rendering pages containing error messages, though it is also used for some functional actions such as manage pages (move topic etc). oops templates are used with the oops script to generate system messages. This is done to make internationalisation or other local customisations simple. The oops script supports the following parameters: Parameter Description Default def Can be set to the name of a single definition within template. This definition will be instantiated in the template wherever %INSTANTIATE% is seen. This lets you use a single template file for many messages. For an example, see oopsmanagebad.tmpl. paramN Where N is an integer from 1 upwards. These values will be substituted into template for %PARAM1% etc. template Name of the template file to display oops ### preview This script is deprecated. Its functions are covered by the save script. ### rdiff Renders the differences between version of a topic Parameter Description Default context number of lines of context render the rendering style {sequential, sidebyside, raw, debug} DIFFRENDERSTYLE, sequential rev1 the higher revision latest rev2 the lower revision latest type history gives a history, diff rev1 against rev2, last latest to previous diff The context parameter is only respected if the back-end store supports context diffs. ### register Parameter Description Default action register or verify or approve required Note: The register script can only be called via the HTTP POST method except when the action is verify. Make sure you specify method="post" if you call the register script via a form action. It is not possible to call register from an <a href ...> link. The verify action is an exception as it is used to verify registration by clicking a href link from an email. Parameter Description Default addtogroups Accepts a comma-separated list of group names to add the user to. code (verify= only) Activation code, verifies a pending registration create If on, and a group being added to does not exist, create it. email New user's email address required firstname New user's first name required lastname New user's surname required loginname New user's login name required password New user's password wikiname Wikiname of user being registered required <any name> Any other parameter passed during registration will normally be passed on into the new user's home topic, or ignored. ### rename Used for renaming webs, topics and attachments. Parameter Description Default action renameweb or renameother renameother confirm if non-0, requires a second level of confirmation referring_topics (internal use only) list of topics that refer to the web or topic being renamed redirectto If the rename process is successful, rename will redirect to this topic or URL. The parameter value can be a TopicName, a Web.TopicName, or a URL. Note: Redirect to a URL only works if it is enabled in configure (Miscellaneous {AllowRedirectUrl}). the renamed topic #### action="renameweb" Rename a web. Parameter Description Default newparentweb new parent web name existing parent newsubweb new web name #### action=renameother Rename a topic or an attachment. Parameter Description Default attachment Attachment to move currentwebonly if non-0, searches current web only for links to this topic search all webs newattachment New name for attachment same as attachment, if given newtopic new topic name required newweb new web name required nonwikiword if on, a non-wikiword is acceptable for the new topic name off template template for error when an attachment doesn't exist, deleteattachment for when deleting an attachment Note: The rename script can only be called via the HTTP POST method. Make sure you specify method="post" if you call the rename script via a form action. It is not possible to call rename from an <a href ...> link. ### resetpasswd This script is deprecated. Its functions are covered by the manage script. ### rest This REST (Representational State Transfer) script can be invoked via http in the same way as the other scripts (see Invocation Examples, below) to execute a function that is associated to a "subject" and a "verb" (see below). These functions are usually registered by plugins using the Foswiki::Func::registerRESTHandler method. The rest script will print the result directly to the browser unless the endPoint parameter is specified, in which case it will output a redirect to the given topic. The rest script supports the following parameters: Parameter Description Default endPoint Where to redirect the response once the request is served, in the form "Web.Topic". If not given, the REST script must generate a valid response. password See username username If TemplateLogin, or a similar login manager not embedded in the web server, is used, then you need to pass a username and password to the server. The username and password parameters are used for this purpose. REST scripts that require a topic context must use the standard topic parameter to pass the topic name, as the URL path is used to identify the REST funtcion. If not defined, then the topic context in REST handlers will be Main.WebHome. The function is free to use any other query parameters for its own purposes. The rest script should always require authentication in any site that has logins. Otherwise there is a risk of opening up major security holes. So make sure you add it to the list of authenticated scripts if you are using ApacheLogin. #### Invocation Examples The rest script assumes that it will be called with URL in the form: http://my.host/bin/rest/<subject>/<verb> where <subject> must be the WikiWord name of one of the installed Plugins, and the <verb> is the alias for the function registered using the Foswiki::Func::registerRESTHandler method. The <subject> and <verb> are then used to lookup and call the registered function. <subject> and <verb> are checked for illegal characters exactly in the same way as the web and topic names. As an example, the EmptyPlugin has registered a function to be used with the rest script under the subject EmptyPlugin and the verb example. The URL to call this function from a browser would be: • http://verahavlova.cz/bin/rest/EmptyPlugin/example?debugenableplugins=EmptyPlugin alternatively, to run it from the commandline: • cd foswiki/bin ; ./rest /EmptyPlugin/example debugenableplugins=EmptyPlugin Note that for Plugins to register REST handlers, they must be enabled in configure. #### Retrieving passed values Additional parameters can be recovered via the query object in the $session, for example with the url:
http://my.host/bin/rest/MyPlugin/update?web=foo


The url parameters can be processed using:
my $query =$session->{request};
my $web =$query->{param}->{web}[0];


### save

The save script performs a range of save-related functions.

Parameter Description Default
action_addform Redirect to the "change form" page.
action_cancel exit without save, return to view
action_checkpoint save and redirect to the edit script, dontnotify is on
action_delRev Administrators only delete the most recent revision of the topic - all other parameters are ignored. You have to be an administrator to use this, and not all store implementations will support it.
action_preview preview edited text
action_quietsave save, and return to view, dontnotify is on
action_replaceform Redirect from the "change form" page.
action_repRev Administrators only replace the text of the most recent revision of the topic with the text in the text parameter. text must included embedded meta-data tags. All other parameters are ignored. You have to be an administrator to use this, and not all store implementations will support it.
action_save default behaviour; save, return to view
dontnotify if non-0, suppress change notification
edit The bin script to use to re-edit the topic when action is checkpoint edit
editaction When action is checkpoint, add form or replace form..., this is used as the action parameter to the edit script that is redirected to after the save is complete.
editparams The parameter string to use to edit the topic when action is checkpoint
forcenewrevision if set, forces a revision even if Foswiki thinks one isn't needed
formtemplate if defined, use the named template for the form (will remove the form if set to 'none')
newtopic If templatetopic is given, and this parameter is set to 1 and the topic does not exist, will clear the initial topic text.
onlynewtopic If set, error if topic already exists
onlywikiname If set, error if topic name is not a WikiWord
originalrev Revision on which the edit started.
redirectto The save process will redirect to this topic or URL if it is successful. (Typically this would be the URL that was being viewed when edit was invoked). The parameter value can be a TopicName, a Web.TopicName, or a URL.
Note: Redirect to a URL only works if it is enabled in configure (Miscellaneous {AllowRedirectUrl}).
topic specified in URL path
template The template to use to re-edit the topic when action is checkpoint
templatetopic Name of a topic to use as a template for the text and form (new topic only)
text New text of the topic
topicparent If 'none' remove any current topic parent. If the name of a topic, set the topic parent to this.
<any name> If the topic has a form with a field called <any name>, it will set the value of that field.

Any errors will cause a redirect to another page, either an oops page to report the error, or a login if the save is not authorized.

The string AUTOINC followed by one or more digits anywhere in the topic name will be converted to a number such that the resulting topic name is unique in the target web.

When the action is save, checkpoint, quietsave, or preview:
1. The new text is taken from the text parameter, if it is defined,
• otherwise it is taken from the templatetopic, if it is defined, (new topic only)
• otherwise it is taken from the previous version of the topic, if any,
2. The name of the new form is taken from the formtemplate, if defined
• otherwise it is taken from the templatetopic, if defined, (new topic only)
• otherwise it is taken from the previous version of the topic, if any,
• otherwise no form is attached.
3. The value for each field in the form is taken from the query, if it is defined
• otherwise it is taken from the templatetopic, if defined, (new topic only)
• otherwise it is taken from the previous version of the topic, if any,
• otherwise it defaults to the empty string.

Merging is only enabled if the topic text comes from text and originalrev is > 0 and is not the same as the revision number of the most recent revision. If merging is enabled both the topic and the meta-data are merged.

Form field values are passed in parameters named 'field' - for example, if I have a field Status the parameter name is Status.

Note: The save script can only be called via HTTP POST method. Make sure you specify method="post" if you call the save script via a form action. Example:
<form name="new" action="%SCRIPTURLPATH{save}%/Sandbox/" method="post">
...
</form>

It is not possible to call save from an <a href ...> link.

### search

This cgi script has been deprecated. When called, it will redirect to the WebSearch topic, and the parameters will be passed on.

### statistics

Refresh the WebStatistics topics in range of webs.
Parameter Description Default
logdate YYYYMM to generate statistics for current month
webs comma-separated list of webs to run stats on all accessible webs

for example:
1. from browser http://verahavlova.cz/bin/statistics updates all user webs
2. from browser http://verahavlova.cz/bin/statistics?webs=Userweb,%SANDBOXWEB% updates Userweb,%SANDBOXWEB%
3. from browser http://verahavlova.cz/bin/statistics/System/ updates System
4. from command line bin/statistics updates all user webs
5. from command line bin/statistics -webs=Userweb,Sandbox updates Userweb,Sandbox
6. from command line bin/statistics System.WebHome updates System

see SiteTools#WebStatistics for more details on WebStatistics and how to update statistics using cron.

### upload

Uploads an attachment to a topic. The HTTP request is expected to be in multipart/form-data format.
Parameter Description Default
changeproperties if non=0, this is a property change operation only - no file will be uploaded.
createlink if non-0, will create a link to file at end of topic
filecomment Comment to associate with file in attachment table
filepath local (client) path name of the file being uploaded. This is used to look up the data for the file in the HTTP query.
hidefile if non-0, will not show file in attachment table
noredirect Normally the script will redirect to 'view' when the upload is complete, but also designed to be useable for REST-style calling using the 'noredirect' parameter. If this parameter is set it will return an appropriate HTTP status code and print a message to STDOUT, starting with 'OK' on success and 'ERROR' on failure.
redirectto URL to redirect to after upload. The parameter value can be a TopicName, a Web.TopicName, or a URL. Redirect to a URL only works if it is enabled in configure, and is ignored if noredirect is specified.
(Miscellaneous {AllowRedirectUrl}).
topic specified in URL path

Tips
• You can use a tool like curl to upload files from the command line using this script.
• You can call upload easily from XmlHttpRequest in Javascript.

Note: The upload script can only be called via HTTP POST method. Make sure you specify method="po`