You are here: Wiki-SL>System Web>CompleteDocumentation (09 Jan 2009, ProjectContributor)EditAttach

Reference Manual (Foswiki-1.0.7, Sun, 20 Sep 2009, build 5061)

This page contains all documentation topics as one long, complete reference sheet.

On this page:

Related Topics: UserDocumentationCategory, AdminDocumentationCategory

System Requirements

Server and client requirements

Low client and server base requirements are core features that keep Foswiki widely deployable, particularly across a range of browser platforms and versions. Many extensions exist which enhance and expand Foswiki's capabilities; they may have additional requirements.

Server Requirements

The code is written in Perl 5, and uses a number of shell commands from perl. The default package requires RCS (Revision Control System), a GNU Free Software package. Foswiki is developed in a basic Linux/Apache environment. It also works with Microsoft Windows, and should have no problem on any other platform that meets the requirements.

Resource Required Server Environment *
Perl 5.6.1 or higher (5.8.4 or higher is recommended)
RCS 5.7 or higher (including GNU diff)
Optional, Foswiki includes a pure perl implementation of RCS that can be used instead (although it's slower)
GNU diff GNU diff 2.7 or higher is required when not using the all-Perl RcsLite.
Install on PATH if not included with RCS (check version with diff -v)
Must be the version used by RCS, to avoid problems with binary attachments - RCS may have hard-coded path to diff
GNU patch For upgrades only: GNU patch is required when patching the code using patches in diff format submitted by the community.
GNU fgrep, egrep Modify command line parameters in configure if you use non-GNU grep programs
Cron/scheduler • Unix: cron
• Windows: cron equivalents
Web server Apache is well supported; see Foswiki:Support.InstallingOnSpecificPlatforms for alternative options.

Perl Modules

A complete list of the required and optional Perl modules can be found in lib/DEPENDENCIES.

Most of them will probably already be available in your installation. You can check version numbers with the configure script, or if you're still trying to get to that point, check from the command line like this: 

perl -e 'use FileHandle; print $FileHandle::VERSION."\n"'

Client Requirements

The standard installation has relatively low browser requirements:

  • HTML 4 compliant
  • Cookies, if persistent sessions are required

CSS and Javascript are used in most skins. Some skins will require more recent releases of browsers. The default skin is tested on IE 6, 7, Safari 3.0, and recent Mozilla based browsers (such as Firefox).

You can easily select a balance of browser capability versus look and feel. Try the installed skins at SkinBrowser and more at Foswiki:Extensions.SkinPackage.

Important note about Plugins

  • Plugins can require just about anything - browser-specific functions, stylesheets (CSS), Java applets, cookies, specific Perl modules,... - check the individual Plugin specs.

Related Topics: AdminDocumentationCategory

Back to top

Installation Guide

This guide describes the steps for manually installing Foswiki, with specific steps for installations on Linux with the Apache web server. If you are using a different web server or operating system, in addition to reviewing this document, check any additional information specific to your platform at Foswiki:Support.SupplementalDocuments. Foswiki:Support.SupplementalDocuments also has information for other scenarios, such as shared web hosting environments.

These installation instructions are also available online at Foswiki:System.InstallationGuide, and are available within your Foswiki installation at System.InstallationGuide (the InstallationGuide topic in the System web).

For information on upgrades, please also refer to Foswiki:System.UpgradeGuide. A static HTML version of this document, UpgradeGuide.html, is included in the root of your Foswiki distribution.

System Requirements

Please see the section "Foswiki system requirements" for the server and client requirements to run Foswiki, including the Perl modules required on the server. If you need to install any Perl libraries from CPAN for use by Foswiki, see Foswiki:Support.HowToInstallCpanModules for more information.

Preparing to install

Before attempting to install Foswiki, you are encouraged to review the Foswiki:System.AdminSkillsAssumptions. This guide assumes the person installing Foswiki has a basic knowledge of server administration on the system on which Foswiki is to be installed. While it is possible to install Foswiki with FTP access alone (for example, on a hosted site), it is tricky and may require additional support from your hosting service (for example, in setting file ownership and installing missing perl CPAN libraries).

If you are upgrading from a previous Foswiki version or from a TWiki installation, please refer to Foswiki:System.UpgradeGuide. A static HTML version of this document, UpgradeGuide.html, is included in the root of your Foswiki distribution.

Verify that your server meets the Foswiki system requirements, including having the minimum required Perl version and all required Perl modules installed. If you need to install any Perl libraries from CPAN for use by Foswiki, see Foswiki:Support.HowToInstallCpanModules for more information.

If you need help, feel free to ask a question in the Foswiki:Support web or on Foswiki:Community.InternetRelayChat (irc.freenode.net, channel #foswiki).

Basic installation: getting Foswiki up and running

To install Foswiki, complete the following steps:

  1. Download and unpack the Foswiki distribution.
  2. Set the file and directory permissions for the installation.
  3. Configure the locations of the Perl executable and the Foswiki modules.
  4. Configure the web server.
  5. Configure Foswiki.
  6. Enable authentication of users (if desired).
  7. Define the administrator users.

Download and unpack the Foswiki distribution

Download the Foswiki distribution from http://foswiki.org/Download

Unpack the distribution file: Change to the directory where you want to place the Foswiki directory. Unzip or untar and gunzip the distribution; a new subdirectory called Foswiki-VERSION will be created. You can rename this subdirectory to a shorter name. For the rest of this document, this subdirectory is assumed to be at /path/to/foswiki.

  • Note: Foswiki does not support directory paths that contain spaces, so ensure that all of its directory paths do not contain any spaces (particularly on Windows).

If you do not have shell access to your web server host, see the section "Uploading the Foswiki distribution to your web server host".

Set the file and directory permissions for the installation

Set up access file and directory rights, as well as file ownership, as required by your web server configuration so that the web server user (the user used by the web server to run CGI programs) can read and write within the foswiki directory tree.

Note: for more information on the appropriate permissions to ensure security for your Foswiki data, see Foswiki:Support.SecuringYourSite.

The default file and directory access permissions as set by the distribution define a reasonable security level that will work for many types of installations, including shared hosting. Nonetheless, you should verify that the web server user has read access to all files and directories beneath the foswiki directory, and execute access for all directories. Also verify that the data and pub directories and all the subdirectories and files beneath them allow write access for the web server user.

  • Warning: Do not just run a chmod -R 770 foswiki. Providing execute access to all files is potentially dangerous. This is a common mistake made by Foswiki installers. See Foswiki:Support.SettingFileAccessRightsLinuxUnix for a sample set of Unix commands to set the file and directory permissions.

It is possible to define tighter access permissions than the default ones; how tight they should be depends on your web server environment and local needs. Typically you should limit all access from others if the web server machine has login access for users other than root and the web server administrator. For a dedicated web server that just runs Foswiki and has limited login access, the default access permissions have a good safety level.

If you have root user permissions, then for additional security, you can change the ownership of the foswiki directory tree to the web server user, using the command chown -R user:group /path/to/foswiki. The web server username varies in different installations; here are some sample commands for various Linux distributions:

  • RedHat, Fedora, CentOS, Gentoo, Mandriva : chown -R apache:apache /path/to/foswiki
  • debian/Ubuntu/Kubuntu : chown -R www-data:www-data /path/to/foswiki
  • Suse : chown -R wwwrun:www /path/to/foswiki

If Foswiki stops working after you applied a change in access permissions and you wish to restore the original permissions, run the Unix commands located at Foswiki:Support.SettingFileAccessRightsLinuxUnix.

Configure the locations of the Perl executable and the Foswiki modules

Make sure the Foswiki scripts can be executed by the web server. The default location of Perl is /usr/bin/perl. If it's somewhere else, change the path to Perl in the first line of each script (you may have to give yourself write permission first) in the bin and tools directories. You can use the tools/rewriteshebang.pl script to do this; for example:

   cd /path/to/foswiki/bin
   /path/to/perl ../tools/rewriteshebang.pl
   # At the prompt, enter the full path to the perl executable, including
   # the full filename of the executable. You will be prompted twice for
   # this information in order to confirm it.
   cd /path/to/foswiki/tools
   /path/to/perl rewriteshebang.pl

Some web servers require a special extension on perl script files (e.g. .cgi or .pl). This is not normally required with the Apache web server, though some hosted web servers are configured to require it. If the documentation for your web server indicates that a special extension is necessary, rename all the executable scripts in bin; that is, rename bin/view to bin/view.pl, and so on. When configuring Foswiki (see the section "Configure Foswiki"), set the ScriptSuffix option to the special extension.

Create the file LocalLib.cfg located at bin/LocalLib.cfg

  • In the bin directory, copy the template file LocalLib.cfg.txt to LocalLib.cfg. Make sure the ownership and access rights of the copy are the same as LocalLib.cfg.txt.
  • Edit bin/LocalLib.cfg so that $foswikiLibPath is set to the absolute file path of your lib directory. For example: /path/to/foswiki/lib.
  • If you need to install additional CPAN modules, but can't update the main Perl installation files on the server, you can set $CPANBASE to point to your personal CPAN install. Don't forget that the web server user has to be able to read those files as well.

Configure the web server

First choose the best configuration method for your web server. With Apache, there are two ways to configure it: a config file included from httpd.conf or .htaccess files.

  • Apache config file: The recommended method is using a config file. With a config file you can put the entire Foswiki configuration in ONE file (typically named foswiki.conf). Performance is much better with a config file, and one file gives the best overview and ensures that you get a safe installation . However to use a config file you need root or sudo access to stop and start Apache. The Foswiki apache config file is included from the main Apache config file http.conf. Most distributions have a directory from which any file that ends with .conf gets included when you restart Apache (Example RedHat/Fedora/Centos: /etc/httpd/conf.d ). If you use a virtual host setup in Apache you should include the foswiki.conf file from inside the desired virtual host config in your Apache configuration.
  • .htaccess files: This method should only be used when you cannot use a config file. Performance is slower as Apache must search through all applicable directories for any .htaccess files on each page access. Normally this is the only way to control Apache in a shared host environment where you have no root or sudo privileges.

If you are using a config file:

  • The easiest and best way is to use the Foswiki:Support.ApacheConfigGenerator tool to generate a safe, working config file for your Foswiki installation, based on the options you choose in the tool.
  • If you can't use the online configuration generator, a sample config file called foswiki_httpd_conf.txt can be found in the root of the foswiki installation.
  • Ensure that web access is denied to all Foswiki subdirectories other than bin and pub. The Foswiki:Support.ApacheConfigGenerator tool will generate the appropriate settings; the foswiki_httpd_conf.txt file also has examples of configuring Apache appropriately.
  • Ensure there is either a ScriptAlias directive for the bin subdirectory, or an Alias directive with SetHandler cgi-script and Options ExecCGI directives for the bin subdirectory, so that the bin scripts will be executed by Apache.
  • Note: you must restart Apache after making changes to your config files for the changes to take effect.

If you are using a .htaccess file:

  • In the root of the foswiki installation and in the bin directory, there are sample .htaccess files for various subdirectories in your installation. Each file has help text explaining how to modify it for your configuration. For more information, see Foswiki:Support.SupplementalDocuments.
    location and name of sample .htaccess file copy sample file to the following location
    foswiki/root-htaccess.txt foswiki/.htaccess
    foswiki/bin/.htaccess.txt foswiki/bin/.htaccess
    foswiki/pub-htaccess.txt foswiki/pub/.htaccess
    | foswiki/subdir-htaccess.txt | .htaccess in all other subdirectories below foswiki |
  • Ensure that web access is denied to all Foswiki subdirectories other than bin and pub. The sample .htaccess files show how to configure Apache appropriately.
  • Ensure that the foswiki/bin/.htaccess files contains the line SetHandler cgi-script so that all scripts in the bin directory will be executed by Apache.

Turn off any kind of PHP, Perl, Python, Server Side Includes, or other software execution mechanisms supported by your web server in the pub directory. For example, most Linux distributions have a default Apache installation with PHP and server side include (SSI) enabled. This would allow PHP scripts uploaded as attachments to be executed, which is a security risk, so it should be disabled in the Apache configuration with php_admin_flag engine off.

Different script execution mechanisms are disabled in different ways; see your web server configuration and documentation for more details.

Protect the configure script: You should never leave the configure script open to the public. Limit access to the bin/configure script to either localhost, an IP address or a specific user using basic Apache authentication. The Foswiki:Support.ApacheConfigGenerator lets you setup who has access to the configure script. Also see the foswiki-httpd-conf.txt or bin/.htaccess.txt file for an example of the setting required to protect the configure script.

To limit access to a particular user, set up a .htpasswd file that contains the user name and password that Apache will use to authenticate the user:

  • Change to the foswiki/data directory.
  • Issue the command htpasswd -c .htpasswd <username>, where <username> is the name of the user you will use to access the configure script. Choose the username with care: the username cannot be an existing login name for your Foswiki installation, nor can it be used later on to register in Foswiki. Enter a password when prompted.

The Foswiki:Support.ApacheConfigGenerator tool and the sample config files and .htaccess files show how to configure Apache so that the configure web page will be protected using the user and password held in the data/.htpasswd file. The Apache config file or .htaccess file will have a Require user <username> directive to restrict access to the configure script. Ensure the user specified in the directive matches the <username> you used when creating the .htpasswd file.

Note: In addition to any web server security protection that you have set up, when saving any configuration settings for the first time on the configure web page, you will be prompted to set a configuration password. This password must be entered on all subsequent configuration changes, and is also used to log in via the internal admin link (see the section "Define the administrator user(s)"). Even after a configure password has been set, access to the configure page should still be restricted by the web server, in order to avoid revealing internal information to potential attackers.

For more information, refer to Foswiki:Support.ProtectingYourConfiguration.

Configure Foswiki

Run the configure script from your browser: enter http://yourdomain/foswiki/bin/configure into your browser address bar.

  • When you access the configure web page for the first time, you can only edit the section General Path Settings. Make any required changes, and save the settings, whether or not you needed to make any changes. You will be prompted to set a password for the configure page: this password must be entered for all subsequent configuration changes, and is also used to log in via the internal admin link (see the section "Define the administrator user(s)"). Note the configuration password is separate from any web server security you have set up for the configure web page (see "Protect the configure script").
  • Continue configuring Foswiki. Resolve any errors or warnings highlighted on the configure page.
  • If your web server can be accessed by more than one domain name make sure to add the additional alternative URLs to {PermittedRedirectHostUrls}
  • Setup the Mail and Proxies section. The {WebMasterEmail} and {SMTP}{MAILHOST} settings must be defined so Foswiki can send registration emails. Many ISPs have introduced authentication when sending emails to fight spam so you may also have to set {SMTP}{Username} and {SMTP}{Password}. If you do not want to enable sending registration emails or want to enable it later you can uncheck {EnableEmail}. If your server is behind a firewall with a proxy, and you wish to install extensions via configure, you may have to set {PROXY}{HOST} and {PROXY}{PORT}.

If there is a problem with your setup that prevents you from accessing the configure page, you can configure Foswiki manually.

Enable authentication of users

By enabling authentication, you can control access to your site and track the activity of your users. This is particularly important for sites that are publicly accessible on the web. You are strongly encouraged to read System.UserAuthentication and Foswiki:Support.UserAuthenticationSupplement for further information about managing users and access controls for your Foswiki site.

The most common authentication methods used for public Foswiki installations are Template Login and Apache Login. They have the following relative advantages:

  • Template Login can be set up without any web server configuration, and users can log off without restarting the browser. As the login page is just a Wiki page, you can customize it to suit your needs.
  • Apache Login allows you to use any Apache-module based authentication scheme, such as mod_auth_ldap or mod_auth_mysql. However, as your browser is caching your login, you must restart the browser to log out.

Note that the password databases for both of these authentication mechanisms are compatible, so you can switch between them at a later date.

To make it easier to follow the instructions in this section, you can view this installation guide using your Foswiki site by entering System.InstallationGuide into the "Jump" text box. By doing this instead of using the INSTALL.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages.

Template Login authentication

With Template Login enabled, when Foswiki needs to authenticate the user, it will redirect to a login web page. A list of all users is shown in the Main.WikiUsers topic.

To setup Template Login, perform the following steps:

  1. Configure Template Login. Under the Security Settings pane of the configure page:
    1. Select Foswiki::LoginManager::TemplateLogin for {LoginManager}.
    2. Select Foswiki::Users::HtPasswdUser for {PasswordManager}.
    3. Select Foswiki::Users::TopicUserMapping for {UserMappingManager}.
    4. Save your settings.
  2. Verify that registration works. Register yourself using the System.UserRegistration topic in your Foswiki installation. Note if you are viewing this page via the INSTALL.html file, then you can access the user registration page by entering System.UserRegistration into the "Jump" text box at the top right of any Foswiki page in your installation.
    Check that the password manager recognizes the new user by verifying that a new line is added to the foswiki/data/.htpassswd file, with the username and encrypted password. If the user and password information was not added, you probably got a path wrong, or the directory permissions on foswiki/data or foswiki/data/.htpasswd may not be set to allow the web server user to modify the file.
  3. Check that authentication works. Edit a topic by clicking on the Edit link at the top or bottom of a topic. If you have been authenticated, then you will see the edit page; otherwise, you will see an error message.

As Template Login uses a wiki page for its login prompt, there is a great deal of flexibility in customizing the login page for your purposes.

Apache Login authentication

With Apache Login enabled, when Foswiki needs to authenticate the user, the standard HTTP authentication mechanism is used: the browser itself will prompt for a user name and password.

Note: Apache Login is required for Apache-based login methods such as mod_ldap.

To setup Apache Login, perform the following steps:

  1. Configure Apache Login. Under the Security Settings pane of the configure page:
    1. Select Foswiki::LoginManager::ApacheLogin for {LoginManager}.
    2. Select Foswiki::Users::HtPasswdUser for {PasswordManager}.
    3. Select Foswiki::Users::TopicUserMapping for {UserMappingManager}.
    4. Save your settings.
    5. Configure your Apache settings for HTTP authentication. Use the Foswiki:Support.ApacheConfigGenerator tool or the foswiki/bin/.htaccess file to set the following Apache directives on the bin scripts:
            <FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*">
      require valid-user
      </FilesMatch>
       You can also refer to the sample foswiki_httpd_conf.txt and bin/.htaccess.txt files to see how the appropriate Apache directives are specified.
  2. Verify that registration works. Register yourself using the System.UserRegistration topic in your Foswiki installation. Note if you are viewing this page via the INSTALL.html file, then you can access the user registration page by entering System.UserRegistration into the "Jump" text box at the top right of any Foswiki page in your installation.
    Check that the password manager recognizes the new user by verifying that a new line is added to the foswiki/data/.htpassswd file, with the username and encrypted password. If the user and password information was not added, you probably got a path wrong, or the directory permissions on foswiki/data or foswiki/data/.htpasswd may not be set to allow the web server user to modify the file.
  3. Check that authentication works. Edit a topic by clicking on the Edit link at the top or bottom of a topic. If you have been authenticated, then you will see the edit page; otherwise, you will see an error message.

Define the administrator user(s)

Administrators have read and write access to any topic, regardless of any access controls that have been applied to the topic or its web. After installing Foswiki, you should register a user that you will use to administer Foswiki. To make this user an administrator, add the WikiName for the user to the AdminGroup, defined in the Main.AdminGroup topic in your Foswiki installation.

To make it easier to follow the instructions in this section, you can view this installation guide using your Foswiki site by entering System.InstallationGuide into the "Jump" text box. By doing this instead of using the INSTALL.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages.

To add an initial administrator to the AdminGroup, perform the following steps:

  • If you are not already logged in with your WikiName, then login.
  • Go to the Main.AdminGroup topic and select the "internal admin login" link. Login using the password you set on the configure page.
  • After logging as the internal admin, edit the Main.AdminGroup topic. Follow the instructions on the page carefully and add your WikiName to the group.
  • Test that you have been added successfully: On the Main.AdminGroup page, select the "Logout link" and logout from being the internal admin. Select the "Edit" link for the Main.AdminGroup page. If you successfully added yourself as an admin user, you should see the edit page.

Once the AdminGroup is no longer empty, then any member of the group can add subsequent members — you do not have to use the internal admin login.

To more easily debug access control issues, you may want to have a regular Foswiki user account for daily use, and a special one that belongs to the AdminGroup that you use only for administering your Foswiki site. See Foswiki:System.AccessControl for more information on access controls and user groups.

Congratulations!

You now have a basic installation running. At this point you can just point your Web browser at http://yourdomain.com/foswiki/bin/view and start using your Foswiki site.

In order to keep your user, group, and site configuration information separate from the actual content of your site, it is recommended that you create a new web in which your site's pages will reside. See Foswiki:System.ManagingWebs for more information on Wiki webs and how to create one.

Beyond the basic installation

Once you have Foswiki installed and running, you can perform one or more of the following steps to tailor your installation to your needs. Many of the references in this section refer to topics within your Foswiki installation. For example, System.Skins refers to the Skins topic in your System web. To go directly to a topic, enter the full topic name, such as System.Skins, into the "Jump" text box at the top right of any Foswiki page.

To make it easier to follow the instructions in this section, you can view this installation guide using your Foswiki site by entering System.InstallationGuide into the "Jump" text box. By doing this instead of using the INSTALL.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages.

All of the Foswiki documentation can also be found online in the Foswiki documentation section (the "System" web) of the Foswiki web site.

Note the configure page mentioned in this section is accessed by visiting http://yourdomain/foswiki/bin/configure your web browser.

Site configuration and maintenance

Set Foswiki Preferences

Preferences for customizing many aspects of Foswiki are set by editing Main.SitePreferences. If a given preference is not set in Main.SitePreferences, then a default value is picked up from System.DefaultPreferences, if present, or, for extensions, from the extension topics.

To simplify your upgrades, do not modify System.DefaultPreferences. Instead, copy any settings you want to change from System.DefaultPreferences to Main.SitePreferences.

To see the available preferences that can be set, look through System.DefaultPreferences.

If, for some reason, you wish to pick up default preferences from a different topic, you can set the location in the Miscellaneous settings pane of the configure page, in the {SitePrefsTopicName} setting (visible when Expert mode is enabled). It is recommended that you leave this setting to its default value, DefaultPreferences.

Select the desired security level

Foswiki has a many security features that can be enabled/disabled and adjusted to suit your needs.

In many cases enabling a security feature prevents other features. It is a balance that the administrator has to choose depending on the purpose of the Foswiki installation (confidential vs public knowledge), the type of installation (intranet vs internet), and your type of business.

A new administrator is encouraged to read Foswiki:Support.SecurityFeatures which gives a walkthrough of the different security aspects and how to set the appropriate configuration settings. Note that that some security settings are only visible in configure in "expert mode" which you enter by clicking the "Yes, I've read all the documentation" button at the top of the configure screen.

Enable Email Notification

Each web has an automatic email notification service that sends you an email with links to all of the topics modified since the last alert. To enable this service:

  1. Confirm the Mail and Proxies settings on the configure page.
  2. Setup a cron job (or equivalent) to call the tools/mailnotify script, as described in the System.MailerContrib topic.

Automate removal of expired sessions and lease files

By default Foswiki cleans out expired session and lease files each time any topic is viewed, but this has a performance cost. Instead you may wish to schedule a cron job (or equivalent) to run the tools/tick_foswiki.pl script, and set a negative value on the configure page for {Sessions}{ExpireAfter}. For more details, read System.CommandAndCGIScripts#tick_foswiki_pl.

Enable WebStatistics

You can manually or automatically generate a listing of the most popular pages for each web, based on number of visits. For information on setting up this feature, see the System.SiteTools topic.

Enable Localisation

Foswiki supports displaying national (non-ASCII) characters, and using different languages for its basic interface elements. To configure localisation, modify the Localisation section of the configure page. For more information, see Foswiki:Support.InternationalizationSupplement.

Customizing your site

Customize pages for managing personal information

If you are not using Foswiki to manage your users' passwords or email addresses, or would just like to enhance the default pages, then modify the following topics accordingly with information appropriate for your site:

Customize the user topic for new users

When a new user registers on your Foswiki site, a topic with a name corresponding to the user's WikiName is created in the Main web: this topic is the user's user topic. The user topic is based on the Main.NewUserTemplate? topic; if it is not present, then System.NewUserTemplate (and its associated System.UserForm) is used as a default. If you want to customize the user topic for your users, copy System.NewUserTemplate to Main.NewUserTemplate?, and System.UserForm to Main.UserForm, and make your changes to Main.NewUserTemplate? and Main.UserForm. (See Foswiki:System.ManagingTopics#CopyTopic for instructions on copying a topic.)

You can edit these topics to suit your needs, such as the following:

  • Customize the user topic for your site.
  • Add an ALLOWTOPICCHANGE preference setting to Main.NewUserTemplate? so only the user can edit their own user topic. In particular, on a public Foswiki site, restricting edit access will avoid vandalism and spam.
  • Add and remove fields defined in the Main.UserForm.

If you added or removed fields from the user form you may also need to tailor Main.UserRegistration? to match (copy over the contents from System.UserRegistration to Main.UserRegistration when creating it).

Customize the appearance of your Foswiki site

The real power of Foswiki lies in its flexibility to be customized to meet your needs. To change the look of the default skin, PatternSkin, please refer to System.PatternSkin and System.PatternSkinCustomization.

At the Foswiki website you can find more resources. A good place to start exploring is the Foswiki:Support.AdministratorsCookBook which offers tips and tricks for customizing your Foswiki site. Many of these are best done before any content has been added to your site, so immediately after installation is a good time to consider the possibilities.

Left, Top and Bottom Bars with PatternSkin

The top bar and bottom bar are common across all webs.

To customize the top bar, copy System.WebTopBarExample to System.WebTopBar?, and make your desired changes to System.WebTopBar.

To customize the bottom bar, copy System.WebBottomBarExample to System.WebBottomBar?, and make your desired changes to System.WebBottomBar.

The side bar can be customized on a per web basis. To customize the side bar, copy the WebLeftBarExample topic in the given web to WebLeftBar, and make your desired changes to WebLeftBar. If you would like to move the side bar to the right of the page, see System.PatternSkin for more details.

Copyright, License and Classification Statements

At the bottom of each topic, there is a copyright statement that is set in the WEBCOPYRIGHT preference. Its default is the following: Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.

If your Foswiki site is used in an environment without public access you should replace this with your normal copyright notice. You should also consider adding a security classification (e.g., For Internal Use Only) so people do not have to add this manually to every new topic.

If your Foswiki site is publicly accessible, you need to decide which copyright and license you wish to apply to all contributions. For open source applications, licenses such as the GNU Free Documentation License, FreeBSD Documentation License, and one of the various Creative Commons licenses are possible licenses to consider. Remember that once people have started contributing, you cannot retroactively change the license (unless it has a provision for this).

To change the copyright statement, perform the following steps:

  • Copy the WEBCOPYRIGHT preference setting from System.DefaultPreferences to Main.SitePreferences. Change the value to your desired text. This value will be your new default across all webs.
  • You can create a unique message for a specific web by setting the WEBCOPYRIGHT preference in the WebPreferences topic for the given web. For example, you could add a confidential classification to a web that has restricted access.
  • The WEBCOPYRIGHT preference setting in System.WebPreferences covers the documentation that comes with Foswiki, and should not be changed.

WYSIWYG vs Raw Edit

In Foswiki, the WYSIWYG editor is used by default in edit mode. An Edit Raw link is available for those who prefer to edit the raw topic text.

If you prefer to use the raw text editor by default and have a separate WYSIWYG button, as in TWiki 4.1, then you can modify the templates that define the edit screen as described in Foswiki:Support.FaqHowToMakeRawEditDefault.

Installing extensions

Foswiki:Extensions is an extensive library of plugins for Foswiki that enhance functionality in a huge number of ways. A few plugins are pre-installed in the Foswiki distribution.

In the Extensions section of the configure page, you can select the Find More Extensions button to download and install additional plugins from the foswiki.org website. If you are behind a firewall or your server has no access to the Internet, you can also install plugins manually. Installation instructions for each plugin are located in its corresponding topic on http://foswiki.org/. Additional documentation on Foswiki plugins can be found at Foswiki:Support.PluginsSupplement.

Plugins are activated in the Plugins section of the configure page. In addition, some plugins are also configured in this section.

TWiki Compatibility

Foswiki is 100% backwards compatible with TWiki® markup up to and including TWiki 4.2.4. Existing TWiki webs, topics and attachments can be used with Foswiki without requiring any changes.

To support a seamless upgrade from TWiki, Foswiki ships with a plugin called TWikiCompatibilityPlugin. This plugin enables most TWiki extensions to work with Foswiki, without modifications. It also maps requests for legacy TWiki web topics to their Foswiki equivalents, as defined in Foswiki:Development.TopicNameMappingTable. The TWIKIWEB and MAINWEB TWiki variables are also mapped to the new Foswiki macros SYSTEMWEB and USERSWEB.

If you are not upgrading an existing TWiki installation and do not plan to install plugins from the TWiki web site, it is recommended that you disable the TWikiCompatibilityPlugin in the Plugins Section on the configure page.

If a plugin exists both in a TWiki version and a Foswiki version, it is strongly recommended that you use the Foswiki version, as this is coded to work optimally with Foswiki. As part of the Foswiki project, the Foswiki community is evaluating all of the extensions that are available for TWiki, and porting them over to the Foswiki name space. Many of them are being enhanced through the removal of bugs and security vulnerabilities, resulting in better, more functional extensions for Foswiki.

Troubleshooting

Re-run the configure script and make sure you have resolved all errors and are satisfied that you understand any warnings.

Failing that, consult the topics at Foswiki:Support.SupplementalDocuments and Foswiki:Support.AskedQuestions.

If you need help, ask a question in the Foswiki:Support web or on Foswiki:Community.InternetRelayChat (irc.freenode.net, channel #foswiki).

Foswiki system requirements

Foswiki is capable of running on a variety of operating systems and supporting a wide range of browsers, due to its minimal client and server requirements.

Server requirements

Foswiki is written in Perl 5, which is supported on Microsoft Windows as well as Unix and Unix-like systems (including Linux and OSX), on which it uses a number of shell commands and RCS (Revision Control System), a GNU Free Software package. It should be able to run on any server platform that meets the following requirements.

Resource Required Server Environment
Perl 5.8.4 or higher is recommended. Foswiki will run in perl 5.6.1 but only with Wysiwyg editor disabled. Wysiwyg requires Unicode support which is provided by perl 5.8.1 onwards.
RCS 5.7 or higher (including GNU diff)
Optional. Foswiki includes a pure perl implementation of RCS (RcsLite) that can be used instead, at the cost of performance
GNU diff GNU diff 2.7 or higher is required when not using the all-Perl RcsLite.
Install within the PATH if not included with RCS (check version with diff -v)
Must be the version used by RCS, to avoid problems with binary attachments - RCS may have hard-coded path to diff
Other external programs fgrep, egrep
Cron/scheduler • Unix: cron
• Windows: cron equivalents
Web server Apache is well supported; for information on other servers, see Foswiki:Support.InstallingOnSpecificPlatforms.

Required CPAN modules

Most of the CPAN libraries listed below are part of a standard Perl installation. See Foswiki:Support.HowToInstallCpanModules for detailed information on how to install any CPAN libraries not present in your installation.

The following Perl CPAN modules are used by Foswiki:

Module Preferred version
Algorithm::Diff (included with Foswiki)  
CGI Versions 2.89 and 3.37 must be avoided. Most version from 3.15 and onwards should work.
CGI::Carp >=1.26
CGI::Session >=4.30 (included with Foswiki) Versions 4.20 and before have Foswikibug:1306
Config >=0
Cwd >=3.05
Data::Dumper >=2.121
Error (included)  
File::Copy >=2.06
File::Find >=1.05
File::Spec >=3.05
FileHandle >=2.01
IO::File >=1.10
Text::Diff (included with Foswiki)  
Time::Local >=1.11

You can check version numbers from the command line (replace "ModuleName" with the name of the module): 

perl -le 'use ModuleName; print "ModuleName"->VERSION'

Optional CPAN modules

The following Perl modules may be used by Foswiki. See Foswiki:Support.HowToInstallCpanModules for detailed information on how to install CPAN libraries.

Module Preferred version Description
Archive::Tar   May be required by the Extensions Installer in configure if command line tar or unzip is not available
CGI::Cookie >=1.24 Used for session support
Digest::base    
Digest::SHA1    
Jcode   Used for I18N support with perl 5.6
Locale::Maketext::Lexicon >=0 Used for I18N support
Net::SMTP >=2.29 Used for sending mail
Unicode::Map   Used for I18N support with perl 5.6
Unicode::Map8   Used for I18N support with perl 5.6
Unicode::MapUTF8   Used for I18N support with perl 5.6
Unicode::String   Used for I18N support with perl 5.6
URI   Used for configure

Most of these modules will probably already be present in your installation. You can check version numbers with the configure script, or if you're still trying to get to that point, check from the command line (replace "ModuleName" with the name of the module): 

perl -e 'use ModuleName; print $ModuleName::VERSION."\n"'

Client requirements

Browser clients must support the following capabilities:

  • HTML 3.2
  • Cookie support enabled, if persistent sessions are required

Most skins also require CSS and Javascript support. There is a low-fat skin (Classic) that minimises these requirements. Some skins require newer browser version. The default skin (Pattern) is tested on IE 6, Safari, and Mozilla 5.0 based browsers (such as Firefox).

You can easily select a balance of browser capability versus look and feel. Try the installed skins in the skin browser and more at Foswiki:Extensions.SkinPackage.

Uploading the Foswiki distribution to your web server host

If you cannot unpack the Foswiki distribution directly in your installation directory, you can unpack the distribution on your local computer, manually create the directory structure on your host server and upload the files as follows:

  • Using the table below, create a directory structure on your host server
  • Upload the Foswiki files by FTP (transfer as text except for the image files in pub directory.)
  • Note: Don't worry if you are not able to put the lib directory at the same level as the bin directory. You can create this directory elsewhere and configure the bin/setlib.cfg file.
    Foswiki dir: What it is: Where to copy: Example:
    foswiki start-up pages root Foswiki dir /home/smith/public_html/foswiki/
    foswiki/bin CGI bin CGI-enabled dir /home/smith/public_html/foswiki/bin
    foswiki/lib library files same level as bin /home/smith/public_html/foswiki/lib
    foswiki/locale language files dir secure from public access /home/smith/public_html/foswiki/locale
    foswiki/pub public files htdoc enabled dir /home/smith/public_html/foswiki/pub
    foswiki/data topic data dir secure from public access /home/smith/public_html/foswiki/data
    foswiki/templates web templates dir secure from public access /home/smith/public_html/foswiki/templates
    foswiki/tools Foswiki utlilities dir secure from public access /home/smith/public_html/foswiki/tools
    | foswiki/working | Temporary and internal files | dir secure from public access | /home/smith/public_html/foswiki/working |

Configuring Foswiki manually (without using the configure page)

It is highly recommended that you configure Foswiki by using your browser to access the configure page. However, if you are unable to get the configure page to display (for example, if a dependency is missing), or for some reason you do not wish to use the configure page, then you can configure Foswiki manually

Perform the following steps to manually configure Foswiki:

  • Copy the file lib/Foswiki.spec to lib/LocalSite.cfg
  • Remove the # in front of the following settings, and ensure that they are set to the correct values:
       $Foswiki::cfg{DefaultUrlHost}
   $Foswiki::cfg{ScriptUrlPath}
   $Foswiki::cfg{PubUrlPath}
   $Foswiki::cfg{PubDir}
   $Foswiki::cfg{TemplateDir}
   $Foswiki::cfg{DataDir}
   $Foswiki::cfg{LocalesDir}
   $Foswiki::cfg{OS}
  • Make sure the following settings are defined:
       $Foswiki::cfg{LoginManager}
   $Foswiki::cfg{WebMasterEmail}
   $Foswiki::cfg{SMTP}{MAILHOST}
   $Foswiki::cfg{SMTP}{SENDERHOST}

Back to top

Foswiki Upgrade Guide

This guide covers upgrading from a previous version of Foswiki or TWiki (such as Cairo or TWiki4.0) to Foswiki 1.0

Overview

Foswiki is a fork from TWiki 4.2.3. Upgrades from all TWiki versions and earlier Foswiki versions are supported. Foswiki is designed to be 100% compatible with the content of TWiki sites, using the same markup language and supporting the same plugin API (through the use of a TWikiCompatibilityPlugin), thereby enabling a smooth transition from TWiki to Foswiki.

Upgrade requirements

  • Please review the Foswiki:System.AdminSkillsAssumptions before you upgrade your site.
  • To upgrade from an old TWiki Release to the latest Foswiki production release, follow the instructions below.
  • Before upgrading, you may wish to make a backup of your topics.
  • Once the upgrade has been applied, an existing earlier installation will still be able to read all the topics, but should not be used to write.
  • Some TWiki plugins are not compatible with Foswiki (usually ones that use a private API or execute helper scripts); you may need to migrate to the equivalent extension in the Foswiki:Extensions repository.

Upgrading from TWiki to Foswiki

You are strongly advised to read the Foswiki:System.ReleaseNotes01x00 (also available in an HTML file in the root of your installation), which contains a list of changes from TWiki 4.2.3 to Foswiki 1.0. A number of system topics and macros (formerly known as TWiki variables) have been renamed, to better describe their purpose and, where appropriate, to rebrand to the Foswiki name.

Upgrading to a new patch release

To upgrade to a new patch release — for example, from Foswiki 1.0.0 to 1.0.3 — an upgrade package can be used that will not overwrite any of your customizations.

For patch releases you will find a brief upgrade procedure on the download page for the release. Follow this procedure to upgrade to the patch release. It may contain important steps that are unique to each patch release (for example, some configure settings may need to be changed).

Upgrade procedure: upgrading to a new major or minor version, or upgrading from TWiki

The following is a high level view of the upgrade procedure:

  1. Prepare for all upgrade steps.
  2. Install the new Foswiki version and configure it with the same settings as the old version.
  3. Install any additional extensions (Plugins) used by your old installation. Make sure to use the latest Foswiki versions.
  4. Copy all the non-default webs from the old installation to the new one.
  5. Copy the users, groups, and site customizations from the old installation to the Main web in the new installation, including all user topics.
  6. Apply preferences from the old installation.
  7. Apply your site customizations: skin, logos, menu bars, forms for personal information, and so forth.
  8. Validate your Wiki applications and other key functionality.
  9. Switch your production site from the old installation to the new installation.

More details for each step appear in the following sections. The steps may need to be modified or otherwise tailored with specifics for your installation. In particular, you must take care to preserve any special configuration or customizations you have made, especially if you have modified any of the default software files or system topics that are contained within the installation package.

For purposes of discussion, the following conventions are used:

  • <oldwiki> refers to the directory in which the old installation is located
  • <newwiki> refers to the directory in which the new installation is located; it is assumed to be immediately below the root directory of your web server
  • <old_users_web> refers to the web in which the user topics are located in the old installation. The default value is the Main web. The web is specified in the Store settings pane of the configure page, in the {UsersWebName} setting (visible when Expert mode is enabled).
  • <old_system_web> refers to the web used for documentation and default preferences in the old installation. In Foswiki, the default value is the System web; in TWiki, the default value is the TWiki web. The web is specified in the Store settings pane of the configure page, in the {SystemWebName} setting (visible when Expert mode is enabled).
After the upgrade, in the new installation, the Main web is used for user topics and site preferences, and the System web is used to hold documentation and default preferences.

The configure page mentioned in this document is accessible via your web browser at http://yourdomain/<newwiki>/bin/configure .

Prepare for all upgrade steps

Read the Foswiki:System.ReleaseNotes01x00 and learn about the differences between your old installation and the new release to which you are upgrading. Take note of any areas that affect your site and what special steps you may need to take.

Check that all the extensions (plugins, contribs, skins) used by your old installation are available with the new release. Familiarize yourself with any new behaviour that you will have to adapt to or any configuration changes you will have to perform.

If you are using authentication, prepare a test plan to verify that your authentication mechanism is working correctly. Make sure you are able to test logins by a sufficient sample of users to cover all categories of users of your site. For example, users of various groups may need to be tested. In particular, ensure you test that non-admin users cannot access topics restricted to admins.

Identify all essential Wiki topics and Wiki applications that must be fully functional upon completion of the upgrade. Prepare a test plan to verify their functionality. If you are using access controls, ensure that the test plan will adequately test all categories and groups of users of your site.

If your testing will require a test environment to be set up, ensure that it is ready, with any required support infrastructure (for example, testbed authentication servers). If you need to be able to login with different users in different categories and groups, ensure that you have the required login information ready, or you have testers from those groups available to perform the required test cases.

Download the Foswiki distribution from the following location: http://foswiki.org/Download — if you are installing your extensions manually, also download them from the repository where they are stored.

Installation

Follow the installation instructions in INSTALL.html, located in the root of the new installation. Install the new release in a new directory. Do not install on top of the old release.

  • For public or otherwise sensitive installations, ensure that your web server configuration is set to deny access to the new Foswiki installation for anyone except you.
  • Configure Foswiki using the configure page.
    • If you are upgrading from an older Foswiki release, first copy your <oldwiki>/lib/LocalSite.cfg file to <newwiki>/lib/LocalSite.cfg in order to preserve your existing configuration settings. Alternatively, you can reconfigure the new installation from scratch (you can use your old LocalSite.cfg file as a reference).
    • If you are upgrading from a TWiki site, you must reconfigure your Foswiki installation from scratch. You cannot copy over your old LocalSite.cfg file (though you can use it as a reference). Run configure and set the configuration values in the new installation to match those of the old installation.
    • Verify all of the configuration settings on the configure page, including any new settings added in the new version. Save the configuration after you have completed your changes.
    • To wipe out all your settings and start configuring from a fresh installation, just delete the <newwiki>/lib/LocalSite.cfg file and run configure.
  • Additional resources

Test your newly-installed Foswiki site and ensure that its basic functionality works: viewing and editing topics (you can try creating and editing a topic in the Sandbox web).

To make it easier to follow the subsequent steps, you can view this upgrade guide using your new Foswiki site by entering System.UpgradeGuide into the "Jump" text box on the top right of any topic. By doing this instead of using the UpgradeGuide.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages.

Install extensions

Install all of the extensions that were installed in your old site. In particular, start with any extensions required for the authentication and authorization methods you use (if any). You can use the Find more extensions button in the Extensions section of the configure page to install and configure extensions from the Foswiki:Extensions repository. You can also install extensions manually; see the instructions on the extension's web page from where you obtained the extension (for Foswiki extensions, on foswiki.org).

  • Note: some TWiki extensions may not work with Foswiki. By default, the TWikiCompatibilityPlugin is installed to provide backwards compatible support for TWiki plugins. However if the TWiki plugin calls private APIs or invokes helper scripts, it may still not work correctly. Check for an upgraded Foswiki version of the extension in the Foswiki:Extensions repository and install it instead.

Check the plugin topics from your old TWiki/Foswiki installation and transfer the plugin settings to the Main.SitePreferences topic in your new Foswiki site, prefixing each setting with the name of the plugin in uppercase followed by an underscore. For example, to copy over the DEFAULT_TYPE setting from the CommentPlugin topic in the old site to the new site, copy the value to a COMMENTPLUGIN_DEFAULT_TYPE setting in the Main.SitePreferences topic in the new site.

Commonly-customized plugin settings include the following:

  • CommentPlugin - DEFAULT_TYPE
  • EditTablePlugin - CHANGEROWS, QUIETSAVE, EDITBUTTON
  • InterwikiPlugin - RULESTOPIC
  • InterWikis - If you added your own rules, make sure you copy over the rules to the new installation.
  • SlideShowPlugin - If you changed the embedded 'Default Slide Template', then copy your customed template to the topic in the new installation. You should prefer creating your own slide show template in a separate topic, so you will not have to take special steps over upgrades to preserve your modifications to the default slide template.
  • SmiliesPlugin - If you added your own smileys, make sure you copy over your customizations to the topic in the new installatin.
  • TablePlugin - TABLEATTRIBUTES

Activate, and if required, configure the installed extensions in configure.

Copy content from non-default webs in old installation to the new installation

If you are upgrading from TWiki Cairo or earlier, it may be necessary to unlock the rcs files in data and pub directories from the old installation using the following shell commands:

  • find data -name '*,v' -exec rcs -u -M '{}' \;
  • find pub -name '*,v' -exec rcs -u -M '{}' \;

Copy your local webs over to the data and pub directories of the new installation. Do not copy the default webs: <old_system_web> (by default, either System or TWiki), Main, Trash, Sandbox, _default, and _empty.

  • Make sure the data and pub directories, as well as the files within them, are readable and writeable by the web server user.
  • Note: Foswiki's WebChanges topics depend on the file timestamp. If you touch the .txt files make sure to preserve the timestamp, or change them in the same chronological order as the old file timestamps.

Copy users, user topics, and site customizations to Main web

Copy all topics and attachments from <old_users_web>: copy all files from <oldwiki>/data/<old_users_web>/ to <newwiki>/data/Main/, and copy all files from <oldwiki>/pub/<old_users_web>/ to <newwiki>/pub/Main/ . Do not overwrite any topics already present in the <newwiki>/data/Main/ directory.

  • In addition to all the user topics, if you have created <old_users_web>.NewUserTemplate in the old installation, this step will copy over your template for user topics to the new installation.
  • Ensure that the topic defining the admin group in your old installation is copied over. The admin group is defined in the Security setup pane of the configure page, in the {SuperAdminGroup} setting (visible when Expert mode is enabled). You can do either of the following:
    • Set the {SuperAdminGroup} setting in your new installation to the old admin group.
    • Move the contents of the old admin group to the new admin group. To avoid having to change all references to the old admin group, you must still keep the old admin group defined: set it so its only member is the new admin group, and the new admin group is the only user who can change or rename the old admin group topic.
      • The default admin group with Foswiki is AdminGroup and the default admin group with TWiki is TWikiAdminGroup. So if you are upgrading from TWiki and are using the default admin groups, then in the new installation, you must copy all members from TWikiAdminGroup to AdminGroup, and change TWikiAdminGroup so its only member is AdminGroup and so it can only be modified or renamed by AdminGroup.
  • If your old installation did not customize {LocalSitePreferences} on the configure page, or if you did customize {LocalSitePreferences} but kept your site preferences within the <old_users_web> web, then this step will also copy over your site preferences to the new installation.

For upgrades from an older Foswiki installation:

  • Manually merge all users from the <old_users_web>.WikiUsers topic in the old installation to the Main.WikiUsers topic in the new installation. If the new installation does not yet have an initial Main.WikiUsers topic, then copy <oldwiki>/data/<old_users_web>/WikiUsers.txt to <newwiki>/data/Main/WikiUsers.txt.
  • Verify that the following default users are present in the Main.WikiUsers topic:
    • ProjectContributor - the Foswiki documentation is attributed to this user
    • RegistrationAgent - special user used during the new user registration process
    • UnknownUser - used where the author of a previously stored piece of data can't be determined
    • WikiGuest - guest user; used as a fallback if the user can't be identified
  • If any of the default users are missing, then add them in manually to Main.WikiUsers, using the corresponding entries in Foswiki:System.UsersTemplate as an example.
  • If you use data/.htpasswd for authentication, copy this file from the old installation to the new one.
  • If you have customized <old_system_web>.UserRegistration, then either copy over <oldwiki>/data/<old_system_web>/UserRegistration.txt and <oldwiki>/data/<old_system_web>/UserRegistration.txt,v to the <newwiki>/data/System/ directory, or modify System.UserRegistration in the new installation to contain your customizations.

For upgrades from a TWiki installation:

  • Manually merge all users from the <old_users_web>.TWikiUsers topic in the old installation to the Main.WikiUsers topic in the new installation. If the new installation does not yet have an initial Main.WikiUsers topic, then copy <oldwiki>/data/<old_users_web>/TWikiUsers.txt to <newwiki>/data/Main/WikiUsers.txt, and manually add the required default users (see the next steps).
  • Verify that the following default users are present in the Main.WikiUsers topic:
    • ProjectContributor - the Foswiki documentation is attributed to this user
    • RegistrationAgent - special user used during the new user registration process
    • UnknownUser - used where the author of a previously stored piece of data can't be determined
    • WikiGuest - guest user; used as a fallback if the user can't be identified
  • If any of the default users are missing, then add them in manually to Main.WikiUsers, using the corresponding entries in Foswiki:System.UsersTemplate as an example.
  • If you use data/.htpasswd for authentication, copy this file from the old installation to the new one.
  • If you are upgrading from Cairo and are using the Htpasswd login manager, run the tools/upgrade_emails.pl script to move the user emails out of the user topics and into the password file.
  • If you have customized <old_system_web>.TWikiRegistration, then modify System.UserRegistration in the new installation to contain your customizations.

Copy over any topics and attachments you want to preserve from the Sandbox web in the old installation: copy the desired files from <oldwiki>/data/Sandbox/ to <newwiki>/data/Sandbox and from <oldwiki>/pub/Sandbox/ to <newwiki>/pub/Sandbox . Some pages you may wish to preserve are the WebHome topic and the WebLeftBar topic (if you had created it in the old wiki installation). The Sandbox web often contains work-in-progress topics that users will want to keep.

Make sure the data and pub directories, as well as the files within them, are readable and writeable by the web server user.

Execute your test plans for authentication and authorization. Test that users that you have transferred from the old installation can login with any problems, and that access controls work appropriately: check that users are able to view and edit pages for which they have access, and are denied permission to view or edit pages for which they do not have access. Also check that pages restricted to the admin group are not accessible by non-admin users, and that administrators continue to have access.

Apply preferences from old installation

If you have not already set your desired site-wide preferences, as described in the section "Set Foswiki Preferences" in the System.InstallationGuide, then set your preferences. The location of your site preferences is specified in the Miscellaneous settings pane of the configure page, in the {LocalSitePreferences} setting (visible when Expert mode is enabled) — the default location is Main.SitePreferences. Copy any customized preferences from the site preferences topic in your old installation to the site preferences topic in the new installation. (Note you may have already copied over your customized preferences when you transfered the contents of the <old_users_web> web.)

If, in your old installation, you customized the default preferences in <old_system_web>.DefaultPreferences, then transfer your customizations from this topic to the site preferences topic instead (i.e. the topic specified in your {LocalSitePreferences} setting), so that your customizations will not get overwritten on the next upgrade.

If you are upgrading from TWiki, note that the default location of the default preferences in TWiki is <old_system_web>.TWikiPreferences, and the default location of the site preferences is Main.TWikiPreferences. Transfer any customized preferences from these topics to the site preferences topic in your new installation.

Apply additional site customizations

Modify skin with customizations for your site

If you did not already customize the appearance of your new installation, as described in the section "Customize the appearance of your Foswiki site" in the System.InstallationGuide, then reapply the customizations from your old installation to the new one. Ensure you transfer over any skin templates — .tmpl files, or topics referred to using VIEW_TEMPLATE or EDIT_TEMPLATE preferences — you need. Also ensure you transfer any style sheets or Javascript files required.

If you are upgrading from the Cairo version of TWiki: note that the skins from this release do not work well with Foswiki. Starting from TWiki 4.0.2, the default PatternSkin has been fairly stable and so your customizations should continue to work.

Customize pages for managing personal information

In your new installation, default copies of the following topics were installed:

If you customized these topics in your old installation, transfer the changes to these topics in the new installation. Use the corresponding files in the <oldwiki>/<old_system_web>/ directory as a reference.

Validate your Wiki applications and other key functionality

Execute your test plan to validate the Wiki applications and other key functionality that need to be up and running after the upgrade.

Switch your production site from the old installation to the new installation

If you had been running your old installation in parallel with the new one during a test phase, then disable your old installation, and repeat the step "Copy content from non-default webs in old installation to the new installation".

Change your web server configuration so that the new installation is accessible to all of your users, and so the old installation is no longer accessible.

Change your web server configuration so that the new installation is accessible using the same URL prefix as your old installation. For purposes of discussion, assume that your old installation is accessible from http://yourdomain/wiki/. You can use one of the following approaches to make the new installation accessible using the same URL prefix:

  • You can rename your <newwiki>/ directory to wiki/ (renaming the directory of your old installation if necessary).
  • If your operating system supports links to other directories and your web server is configured to follow links, then you can create a link called wiki/ that points to <newwiki>/ (renaming the directory of your old installation if necessary).
  • You can configure your web server so that requests to /wiki/ are served from your <newwiki>/ directory.

Re-execute your test plan to verify that your newly-upgraded site is accessible to your users, and that all authentication and authorization mechanisms work as expected (including denying access to those who are not authorized).

Re-execute your test plan to verify that your Wiki applications and other key functionality work as intended.

Additional steps when upgrading from TWiki Cairo

Favicon

The favicon is now configurable as a site preference or per-web preference. See System.DefaultPreferences for a description of the FAVICON preference. To set it for your site, add the FAVICON preference to your site preferences topic, Main.SitePreferences (or the topic you configured in your {LocalSitePreferences} setting in the Miscellaneous settings pane on the configure page). To set it for a web, add the FAVICON preference to the WebPreferences topic for that web.

Important changes since TWiki 4.0.5

Supported Perl version

To use Foswiki, you must use Perl 5.8 or higher. Foswiki no longer supports Perl version 5.6.x (the minimum version required for TWiki 4.0.5).

Template spec changed

Until TWiki 4.0.5, any text inside template definition blocks for SkinTemplates (formerly called TWikiTemplates) — that is, between %TMPL:DEF{"block"}% and %TMPL:END% — was stripped of leading and trailing white space, including newlines. This made it difficult for skin developers to include a newline before or after a block of text.

From TWiki 4.1.0 onwards, and in Foswiki 1.0, this has changed so that white space is no longer stripped. Skins like PatternSkin and NatSkin have been updated so that they work with the new behavior. If you use an older skin or have written your own you will most likely need to make some adjustments.

In general, if you get mysterious blank lines in your skin, the newline after the %TMPL:DEF{"block"}% needs to be removed: the content of the block must follow on the same line as the TMPL:DEF.

CommentPlugin templates also must be modified to remove extraneous newlines — in particular, any newline immediately after the TMPL:DEF. See the System.CommentPluginTemplate for examples of how comment template definitions should look like in TWiki 4.1.x.

Example: a CommentPlugin template that adds a row to a table. With versions of TWiki prior to 4.1, the following syntax can be used: 

%TMPL:DEF{OUTPUT:tabletest}%%POS:BEFORE%
|%URLPARAM{"comment"}%| -- %WIKIUSERNAME% - %DATE% |
%TMPL:END%

Starting in TWiki 4.1 and continuing with Foswiki 1.0, the newline before the start of the table row must be removed: 

%TMPL:DEF{OUTPUT:tabletest}%%POS:BEFORE%|%URLPARAM{"comment"}%| -- %WIKIUSERNAME% - %DATE% |
%TMPL:END%

Important changes for the upgrader - since TWiki 4.1.0

New location for session and other temporary files

The directory for passthrough and session files have been replaced by a common directory for temporary files used by Foswiki. Previously the two configure settings {PassthroughDir} and {Sessions}{Dir} were set by default to /tmp. These config settings have been eliminated: Foswiki creates a tmp directory and other temporary directories under the directory defined by the configure setting {WorkingDir}.

Important changes for the upgrader - since TWiki 4.1.2

New WYSIWYG editor

Foswiki now ships with a new WYSIWYG editor based on TinyMCE that replaces the Kupu-based editor. When TinyMCEPlugin is enabled, the Edit button will initiate WYSIWYG editing mode. A Raw Edit link has been added for users to edit the topic markup directly.

The WYSIWYG button has been removed.

NEWTOPICLINKSYMBOL removed

The NEWTOPICLINKSYMBOL preference that was deprecated in TWiki 4.1 is no longer supported. To control the appearance of new links, set the NEWLINKFORMAT preference in Main.SitePreferences (see System.DefaultPreferences for more information on NEWLINKFORMAT).

UserForm and NewUserTemplate customization

When a new user registers on Foswiki his user topic is created based on the NewUserTemplate and UserForm in the Main web, if they exist. If the topic does not exist in the Main web, then the default version from System is used. Thus on upgrades, any customizations you made to NewUserTemplate or UserForm in the Main web will be preserved.

In previous TWiki versions, only System.NewUserTemplate and System.UserForm are used; you cannot override them by creating your own version in the Main web.

WikiUsers no longer distributed

The Main.WikiUsers topic contains all the registered users. It is not included in the Foswiki distribution, so that your list of users will not be overwritten on upgrades. When the first user is registered in Foswiki, the Main.WikiUsers topic is created on demand.

New working directory

The configuration setting {WorkingDir} in the General path settings pane on the configure page defines the location of a working directory for various subdirectories for use by Foswiki. The default value for this setting is the working subdirectory within the installation root directory for the Foswiki installation.

The subdirectories within the working directory include the following:

  • registration_approvals — previously located in the data/ directory
  • tmp — avoids security issues with using the /tmp directory
  • work_areas — previously located in the pub/ directory.

Note: Remember to restrict access to this new directory when you upgrade.

If you have your own scheduled task to delete obsolete session files, note they are now located in the working/tmp/ subdirectory.

New internal admin login

Foswiki has a new internal admin login feature that lets you login as a temporary administrator, using "admin" as your user name and the password for the configure page. The internal admin username can be configured in the {AdminUserLogin} setting in the Security setup pane on the configure page.

In order to add an initial user to the default {SuperAdminGroup}, Main.AdminGroup, you must login as the internal admin user using the link on the Main.AdminGroup page.

Important changes for the upgrader - since Foswiki 1.0.4

An additional security feature has been added to Foswiki 1.0.5 so that saving data now requires the http method POST. This means that it is no longer possible to store data via an "<a href=..." link or img tag. It also means that if you have an application with an HTML form that creates new topics you must specify in the form tag method="post". This change is done to further tighten the security of Foswiki. 

<form name="new" action="%SCRIPTURLPATH{save}%/Sandbox/" method="post">
    ...
</form>

The template webs _default and _empty are frequent targets for spammers because these webs are normally not monitored very carefully by the community around a Foswiki installation. These webs are now write protected so on an administrator can edit topics in these webs. When an administrator creates a new web it is important to remember to remove the access restriction from the WebPreferences in the new web.

Important changes for the upgrader - since Foswiki 1.0.5

Foswiki 1.0.6 introduces a major security enhancement, protecting against Cross-Site Request Forgery. The extra safe "double submit" algorithm, as recommended by the Open Web Application Security Project (OWASP) project has been used. This is the same algorithm used by several major banks and other security-conscious institutions, and requires that users have Javascript enabled.

See Foswiki:Support.SecurityFeatures for more information on these, and other, Foswiki security features. This is recommended reading for all Foswiki administrators.

If these new countermeasures against CSRF creates problems for your users and your applications, you can alter the way the protection works or disable it. These are the configure parameters you need to visit (note that some are expert settings).

  • {Validation}{Method} is by default "strikeone" which is the highest level of security and requires that users have Javascript enabled. You can lower this setting to "embedded" which uses a less safe validation method but does not require javascript. If you want to disable CSRF protection set it to "none". It is highly recommended to keep it at "strikeone".
  • {Validation}{ValidForTime} is the time the validation key is valid. It is by default 1 hour. If your users often edit pages longer you can increase this time. Your users can still save pages with an expired validation key but they will be asked to confirm the saving.
  • {Validation}{MaxKeysPerSession} is the maximum number of validation keys to store in a session. There is one key stored for each page rendered. If the number of keys exceeds this number, the oldest keys will be force-expired to bring the number down. If you have users that are very fast at editing pages and experience expired keys, you can increase this number. The default is 1000 and should be much higher than any normal person will experience.
  • {Validation}{ExpireKeyOnUse} defines if validation keys expire when they are used for storing data. This prevents an attacker from evesdropping communication between server and browser and reuse keys. Unfortunately it also means that if a user edits a page, saves it, uses the back button of the browser, corrects his previous editing, and then saves again, he is asked to confirm that he intended to save the topic. Another use case is if you create an application with multiple forms and multiple submit buttons on a topic and you submit multiple times from this topic without navigating away from it, you will be asked to confirm the submission each time. If this is not acceptable to your use of Foswiki, you can turn off {Validation}{ExpireKeyOnUse}.

Back to top

User Authentication

Controlling who can access your site

Overview

Authentication, or "login", is the process by which a user lets Wiki-SL know who they are.

Authentication isn't just to do with access control. Wiki-SL uses authentication to keep track of who made changes, and manage a wide range of personal settings. With authentication enabled, users can personalise Wiki-SL and contribute as recognised individuals, instead of shadows.

Wiki-SL authentication is very flexible, and can either stand alone or integrate with existing authentication schemes. You can set up Wiki-SL to require authentication for every access, or only for changes. Authentication is also essential for access control.

Quick Authentication Test - Use the %USERINFO% macro to return your current identity:

  • You are guest, Main.WikiGuest,

Wiki-SL user authentication is split into four sections; password management, user mapping, user registration, and login management. Password management deals with how users personal data is stored. Registration deals with how new users are added to the wiki. Login management deals with how users log in.

Once a user is logged on, they can be remembered using a Client Session stored in a cookie in the browser (or by other less elegant means if the user has disabled cookies). This avoids them having to log on again and again.

Wiki-SL user authentication is configured through the Security Settings pane in the configure interface.

Please note FileAttachments are not protected by Wiki-SL User Authentication.

Password Management

As shipped, Wiki-SL supports the Apache 'htpasswd' password manager. This manager supports the use of .htpasswd files on the server. These files can be unique to Wiki-SL, or can be shared with other applications (such as an Apache webserver). A variety of password encodings are supported for flexibility when re-using existing files. See the descriptive comments in the Security Settings section of the configure interface for more details.

You can easily plug in alternate password management modules to support interfaces to other third-party authentication databases.

The password manager is selected using the {PasswordManager} setting in configure.

User Mapping

Usually when you are using an external authentication method, you want to map from an unfriendly "login name" to a more friendly WikiName. Also, an external authentication database may well have user information you want to import to Wiki-SL, such as user groups.

By default, Wiki-SL supports mapping of usernames to wikinames, and supports Wiki-SL groups internal to Wiki-SL. If you want, you can plug in an alternate user mapping module to support import of groups etc.

The user mapping manager is selected using the {UserMappingManager} setting in configure.

User Registration

New user registration uses the password manager to set and change passwords and store email addresses. It is also responsible for the new user verification process. the registration process supports single user registration via the UserRegistration page, and bulk user registration via the BulkRegistration page (for admins only).

The registration process is also responsible for creating user topics, and setting up the mapping information used by the User Mapping support.

Login Management

Login management controls the way users have to log in. There are three basic options; no login, login via a Wiki-SL login page, and login using the webserver authentication support. the login manager is selected using the {LoginManager} setting in configure.

No Login (select none)

Does exactly what it says on the tin. Forget about authentication to make your site completely public - anyone can browse and edit freely, in classic Wiki style. All visitors are given the Main.WikiGuest default identity, so you can't track individual user activity.

ALERT! Note: This setup is not recommended on public websites for security reasons; anyone would be able to change system settings and perform tasks usually restricted to administrators.

Template Login (select Foswiki::LoginManager::TemplateLogin)

Template Login asks for a username and password in a web page, and processes them using whatever Password Manager you choose. Users can log in and log out. Client Sessions are used to remember users. Users can choose to have their session remembered so they will automatically be logged in the next time they start their browser.

Enabling Template Login

  1. Use the configure interface to
    1. select the Foswiki::LoginManager::TemplateLogin login manager (on the Security Settings pane).
    2. select the appropriate password manager for your system, or provide your own.
    3. HELP there is also an EXPERT configure setting {TemplateLogin}{PreventBrowserRememberingPassword} that you can set to prevent Browsers from remembering username and passwords if you are concerned about public terminal usage.
  2. Register yourself in the UserRegistration topic.
    HELP Check that the password manager recognises the new user. If you are using .htpasswd files, check that a new line with the username and encrypted password is added to the .htpasswd file. If not, you probably got a path wrong, or the permissions may not allow the webserver user to write to that file.
  3. Create a new topic to check if authentication works.
  4. Edit the Main.AdminGroup topic in the Main web to include users with system administrator status.
    ALERT! This is a very important step, as users in this group can access all topics, independent of Wiki-SL access controls.

AccessControl has more information on setting up access controls.

ALERT! At this time AccessControls cannot control access to files in the pub area, unless they are only accessed through the viewfile script. If your pub directory is set up in the webserver to allow open access you may want to add .htaccess files in there to restrict access.

TIP You can create a custom version of the UserRegistration form by copying the topic, and then deleting or adding input tags in your copy. The name="" parameter of the input tags must start with: "Twk0..." (if this is an optional entry), or "Twk1..." (if this is a required entry). This ensures that the fields are carried over into the user home page correctly. Do not modify the version of UserRegistration shipped with Wiki-SL, as your changes will be overwritten next time you upgrade.

TIP The default new user template page is in System.NewUserTemplate. The same macros get expanded as in the template topics. You can create a custom new user home page by creating the Main.NewUserTemplate? topic, which will then override the default.

Apache Login (select Foswiki::LoginManager::ApacheLogin)

Using this method Wiki-SL does not authenticate users internally. Instead it depends on the REMOTE_USER environment variable, which is set when you enable authentication in the webserver.

The advantage of this scheme is that if you have an existing website authentication scheme using Apache modules such as mod_auth_ldap or mod_auth_mysql you can just plug in directly to them.

The disadvantage is that because the user identity is cached in the browser, you can log in, but you can't log out again unless you restart the browser.

Wiki-SL maps the REMOTE_USER that was used to log in to the webserver to a WikiName using the table in Main.WikiUsers. This table is updated whenever a user registers, so users can choose not to register (in which case their webserver login name is used for their signature) or register (in which case that login name is mapped to their WikiName).

The same private .htpasswd file used in Wiki-SL Template Login can be used to authenticate Apache users, using the Apache Basic Authentication support.

Warning: Do not use the Apache htpasswd program with .htpasswd files generated by Wiki-SL! htpasswd wipes out email addresses that Wiki-SL plants in the info fields of this file.

Enabling Apache Login using mod_auth

You can use any other Apache authentication module that sets REMOTE_USER.
  1. Use configure to select the Foswiki::LoginManager::ApacheLogin login manager.
  2. Use configure to set up Wiki-SL to create the right kind of .htpasswd entries.
  3. Create a .htaccess file in the bin directory.
    HELP There is an template for this file in bin/.htaccess.txt that you can copy and change. The comments in the file explain what need to be done.
    HELP If you got it right, the browser should now ask for login name and password when you click on the Edit. If .htaccess does not have the desired effect, you may need to "AllowOverride All" for the directory in httpd.conf (if you have root access; otherwise, e-mail web server support)
    ALERT! At this time AccessControls do not control access to files in the pub area, unless they are only accessed through the viewfile script. If your pub directory is set up to allow open access you may want to add .htaccess files in there as well to restrict access
  4. You can create a custom version of the UserRegistration form by copying the default topic, and then deleting or adding input tags in your copy. The name="" parameter of the input tags must start with: "Twk0..." (if this is an optional entry), or "Twk1..." (if this is a required entry). This ensures that the fields are carried over into the user home page correctly. Do not modify the version of UserRegistration shipped with Wiki-SL, as your changes will be overwritten next time you upgrade.
    The default new user template page is in System.NewUserTemplate. The same macros get expanded as in the template topics. You can create a custom new user home page by creating the Main.NewUserTemplate? topic, which will then override the default.
  5. Register yourself in the UserRegistration topic.
    HELP Check that a new line with the username and encrypted password is added to the .htpasswd file. If not, you may have got a path wrong, or the permissions may not allow the webserver user to write to that file.
  6. Create a new topic to check if authentication works.
  7. Edit the Main.AdminGroup topic in the Main web to include users with system administrator status.
    ALERT! This is a very important step, as users in this group can access all topics, independent of Wiki-SL access controls.
AccessControl has more information on setting up access controls.

Logons via bin/logon

Any time a user requests a page that needs authentication, they will be forced to log on. It may be convenient to have a "logon" link as well, to give the system a chance to identify the user and retrieve their personal settings. It may be convenient to force them to log on.

The bin/logon script enables this. If you are using Apache Login, the bin/logon script must be setup in the bin/.htaccess file to be a script which requires a valid user. Once authenticated, it will redirect the user to the view URL for the page from which the logon script was linked.

Sessions

Wiki-SL uses the CPAN:CGI::Session and CPAN:CGI::Cookie modules to track sessions. These modules are de facto standards for session management among Perl programmers. If you can't use Cookies for any reason, CPAN:CGI::Session also supports session tracking using the client IP address.

You don't have to enable sessions to support logins in Wiki-SL. However it is strongly recommended. Wiki-SL needs some way to remember the fact that you logged in from a particular browser, and it uses sessions to do this. If you don;t enable sessions, Wiki-SL will try hard to remember you, but due to limitations in the browsers it may also forget you (and then suddenly remember you again later!). So for the best user experience, you should enable sessions.

There are a number of macros available that you can use to interrogate your current session. You can even add your own session variables to the Wiki-SL cookie. Session variables are referred to as "sticky" variables.

Getting, Setting, and Clearing Session Variables

You can get, set, and clear session variables from within Wiki-SL web pages or by using script parameters. This allows you to use the session as a personal "persistent memory space" that is not lost until the web browser is closed. Also note that if a session variable has the same name as a Wiki-SL preference, the session variables value takes precedence over the Wiki-SL preference. This allows for per-session preferences.

To make use of these features, use the tags: 

%SESSION_VARIABLE{ "varName" }%
%SESSION_VARIABLE{ "varName" set="varValue" }%
%SESSION_VARIABLE{ "varName" clear="" }%

Note that you cannot override access controls preferences this way.

Cookies and Transparent Session IDs

Wiki-SL normally uses cookies to store session information on a client computer. Cookies are a common way to pass session information from client to server. Wiki-SL cookies simply hold a unique session identifier that is used to look up a database of session information on the Wiki-SL server.

For a number of reasons, it may not be possible to use cookies. In this case, Wiki-SL has a fallback mechanism; it will automatically rewrite every internal URL it sees on pages being generated to one that also passes session information.

Username vs. Login Username

This section applies only if you are using authentication with existing login names (i.e. mapping from login names to WikiNames).

Wiki-SL internally manages two usernames: Login Username and Foswiki Username.

  • Login Username: When you login to the intranet, you use your existing login username. This name is normally passed to Foswiki by the REMOTE_USER environment variable, and used internally. Login Usernames are maintained by your system administrator.

  • Foswiki Username: Your name in WikiNotation, ex: JohnSmith, is recorded when you register using UserRegistration; doing so also generates a personal home page in the Main web.

Foswiki can automatically map an Intranet (Login) Username to a Foswiki Username if the {AllowLoginName} is enabled in configure. The default is to use your WikiName as a login name.

NOTE: To correctly enter a WikiName - your own or someone else's - be sure to include the Main web name in front of the Wiki username, followed by a period, and no spaces, for example Main.WikiUsername or %USERSWEB%.WikiUsername. This points WikiUsername to the Main web, where user home pages are located, no matter which web it's entered in. Without the web prefix, the name appears as a NewTopic everywhere but in the Main web.

Changing Passwords

If your {PasswordManager} supports password changing, you can change and reset passwords using forms on regular pages.

  • The ChangePassword form ( Foswiki/ChangePassword )
  • The ResetPassword form ( Foswiki/ResetPassword )

Changing E-mail Addresses

If the active {PasswordManager} supports storage and retrieval of user e-mail addresses, you can change your e-mail using a regular page. As shipped, this is true only for the Apache 'htpasswd' password manager.

  • The ChangeEmailAddress form ( Foswiki/ChangeEmailAddress )

Controlling access to individual scripts

You may want to add or remove scripts from the list of scripts that require authentication. The method for doing this is different for each of Template Login and Apache Login.
  • For Template Login, update the {AuthScripts} list using configure
  • For Apache Login, add/remove the script from .htaccess

How to choose an authentication method

One of the key features of Foswiki is that it is possible to add HTML to topics. No authentication method is 100% secure on a website where end users can add HTML, as there is always a risk that a malicious user can add code to a topic that gathers user information, such as session IDs. The Foswiki developers have been forced to make certain tradeoffs, in the pursuit of efficiency, that may be exploited by a hacker.

This section discusses some of the known risks. You can be sure that any potential hackers have read this section as well!

At one extreme, the most secure method is to use Foswiki via SSL (Secure Sockets Layer), with a login manager installed and Client Sessions turned off.

Using Foswiki with sessions turned off is a pain, though, as with all the login managers there are occasions where Foswiki will forget who you are. The best user experience is achieved with sessions turned on.

As soon as you allow the server to maintain information about a logged-in user, you open a door to potential attacks. There are a variety of ways a malicious user can pervert Foswiki to obtain another users session ID, the most common of which is known as a cross-site scripting attack. Once a hacker has an SID they can pretend to be that user.

To help prevent these sorts of attacks, Foswiki supports IP matching, which ensures that the IP address of the user requesting a specific session is the same as the IP address of the user who created the session. This works well as long as IP addresses are unique to each client, and as long as the IP address of the client can't be faked.

Session IDs are usually stored by Foswiki in cookies, which are stored in the client browser. Cookies work well, but not all environments or users permit cookies to be stored in browsers. So Foswiki also supports two other methods of determining the session ID. The first method uses the client IP address to determine the session ID. The second uses a rewriting method that rewrites local URLs in Foswiki pages to include the session ID in the URL.

The first method works well as long as IP addresses are unique to each individual client, and client IP addresses can't be faked by a hacker. If IP addresses are unique and can't be faked, it is almost as secure as cookies + IP matching, so it ranks as the fourth most secure method.

If you have to turn IP matching off, and cookies can't be relied on, then you may have to rely on the second method, URL rewriting. This method exposes the session IDs very publicly, so should be regarded as "rather dodgy".

Most Foswiki sites don't use SSL, so, as is the case with most sites that don't use SSL, there is always a possibility that a password could be picked out of the aether. Browsers do not encrypt passwords sent over non-SSL links, so using Apache Login is no more secure than Template Login.

Of the two shipped login managers, Apache Login is probably the most useful. It lets you do this sort of thing: wget --http-user=RogerRabbit --http-password=i'mnottelling http://www.example.com/bin/save/Sandbox/StuffAUTOINC0?text=hohoho,%20this%20is%20interesting i.e. pass in a user and password to a request from the command-line. However it doesn't let you log out.

Template Login degrades to url re-writing when you use a client like dillo that does not support cookies. However, you can log out and back in as a different user.

Finally, it would be really neat if someone was to work out how to use certificates to identify users.....

See Foswiki:Support.SupplementalDocuments for more information.

Back to top

Access Control

Restricting read and write access to topics and webs, by users and groups

Access Control allows you restrict access to single topics and entire webs, by individual user and by user Groups. Access control, combined with UserAuthentication, lets you easily create and manage an extremely flexible, fine-grained privilege system.

An important control consideration

Open, freeform editing is the essence of WikiCulture - what makes Foswiki different and often more effective than other collaboration tools. For that reason, it is strongly recommended that decisions to restrict read or write access to a web or a topic are made with great care - the more restrictions, the less Wiki in the mix. Experience shows that unrestricted write access works very well because:

  • Peer influence is enough to ensure that only relevant content is posted.
  • Peer editing - the ability for anyone to rearrange all content on a page - keeps topics focused.
  • In Foswiki, content is transparently preserved under revision control:
    • Edits can be undone by the administrator (per default a member of Main.AdminGroup; see #ManagingGroups).
    • Users are encouraged to edit and refactor (condense a long topic), since there's a safety net.
As a collaboration guideline:
  • Create broad-based Groups (for more and varied input), and...
  • Avoid creating view-only Users (if you can read it, you should be able to contribute to it).

Permissions settings of the webs on this Foswiki site

Web Sitemap VIEW CHANGE RENAME
  Listed DENY ALLOW DENY ALLOW DENY ALLOW
Preferences Home Main on            
Preferences Home System on       Main.AdminGroup   Main.AdminGroup
Preferences Home Amadeu on            
Preferences Home Anapolivre on            
Preferences Home ArquivoLivre on            
Preferences Home Arte on            
Preferences Home BahiaSocial              
Preferences Home BeaBa on            
Preferences Home BibliotecaLivre on            
Preferences Home Blogs on            
Preferences Home BrasilDigital on            
Preferences Home BrasilELivre on            
Preferences Home BSM on            
Preferences Home Ccsa              
Preferences Home CESL on            
Preferences Home CoberturaWiki              
Preferences Home Cooperativas              
Preferences Home Curriculo on            
Preferences Home DarvinMarosin on            
Preferences Home DiaD on            
Preferences Home Dinamicoop              
Preferences Home Economia on            
Preferences Home EconomiaSolidaria on            
Preferences Home EducacaoLivre on            
Preferences Home Ekaaty on            
Preferences Home Emacsbr on            
Preferences Home ENSL on            
Preferences Home Fatos on            
Preferences Home Festival3              
Preferences Home Festival4         Main.FestivalBahiaGroup    
Preferences Home Flisol on            
Preferences Home Fmpb on            
Preferences Home Formatos on            
Preferences Home Foswikibr on            
Preferences Home FSM2005 on            
Preferences Home GNOMEBR on            
Preferences Home GTTemario2004 on            
Preferences Home GTWeb on            
Preferences Home Guialivre on            
Preferences Home HDC on            
Preferences Home Incubus on       Main.IncubusGroup   Main.EricJardim
Preferences Home InkscapeBrasil on            
Preferences Home Jogos              
Preferences Home KdeBR on       Main.KdebrGroup   Main.KdebrGroup
Preferences Home KSP on       Main.PabloLorenzzoni, Main.FelipeMobus, Main.MarceloTerres, Main.MarcioOliveira   Main.PabloLorenzzoni
Preferences Home LGM on            
Preferences Home LinuxStokDoc              
Preferences Home Livros on            
Preferences Home Mentores on            
Preferences Home MHHOB on            
Preferences Home MinuanoDigital on            
Preferences Home MoradiaECidadania on            
Preferences Home OlhosDagua on            
Preferences Home Olimpo on            
Preferences Home OLPC on            
Preferences Home OOPTQ              
Preferences Home Papers on            
Preferences Home PCLivre on            
Preferences Home PentahoBrasil on            
Preferences Home Pessoas on            
Preferences Home Portal on            
Preferences Home Prefeituras on       Main.PesquisaSoftexGroup    
Preferences Home PSLAL on            
Preferences Home PSLBA on            
Preferences Home PSLBancarios on            
Preferences Home PSLBrasil on            
Preferences Home PSLGO on            
Preferences Home PSLMA on            
Preferences Home PSLMG on            
Preferences Home PSLMIP on            
Preferences Home PSLMT on            
Preferences Home PSLMulheres on            
Preferences Home PSLPI on            
Preferences Home PubFisl10 on            
Preferences Home PubFisl7              
Preferences Home PubFisl8 on            
Preferences Home PubFisl9 on            
Preferences Home QuilomboDoSopapo on            
Preferences Home RadioSL on            
Preferences Home RedeMesh on            
Preferences Home RedePopular              
Preferences Home RobotWars on            
Preferences Home Sandbox on            
Preferences Home Saudelivre on            
Preferences Home Scribus on            
Preferences Home Sementes on            
Preferences Home Shakya on            
Preferences Home SLRJ on            
Preferences Home SoftwareLivreIrece on            
Preferences Home SoftwareLivreVS on            
Preferences Home SoLiSC on       Main.SoLiSCGroup    
Preferences Home SuporteLivre              
Preferences Home Telecentros on            
Preferences Home TeseSA on       Main.TeseSAGroup    
Preferences Home TextoLivre on            
Preferences Home TV on            
Preferences Home TWikiBar on            
Preferences Home TWikiPtbr on           Main.TWikiAdminGroup
Preferences Home UNELivre on            
Preferences Home UNIMIX              
Preferences Home VilaTorres              
Preferences Home WebNordeste              
Preferences Home WTRD2004 on            

Please Note:

  • A blank in the the above table may mean either the corresponding control is absent or commented out or that it has been set to a null value. The two conditions have dramatically different and possibly opposed semantics.
  • Main.WikiGuest is the guest account - used by unauthenticated users.
  • The web must not deny view to Main.WikiGuest; otherwise, people will not be able to register.

HELP Above table comes from SitePermissions

Authentication vs. Access Control

Authentication: Identifies who a user is based on a login procedure. See UserAuthentication.

Access control: Restrict access to content based on users and groups once a user is identified.

Users and groups

Access control is based on the familiar concept of users and groups. Users are defined by their WikiNames. They can then be organized in unlimited combinations by inclusion in one or more user Groups. For convenience, Groups can also be included in other Groups.

Managing Users

A user can create an account in UserRegistration. The following actions are performed:

  • WikiName and encrypted password are recorded using the password manager if authentication is enabled.
  • A confirmation e-mail is sent to the user.
  • A user home page with the WikiName of the user is created in the Main web.
  • The user is added to the Main.WikiUsers topic.

The default visitor name is Main.WikiGuest. This is the non-authenticated user.

Managing Groups

The following describes the standard Foswiki support for groups. Your local Foswiki may have an alternate group mapping manager installed. Check with your Wiki administrator if you are in doubt.

Groups are defined by group topics located in the Main web. To create a new group, visit Main.WikiGroups and enter the name of the new group ending in Group into the "new group" form field. This will create a new group topic with two important settings:

  • Set GROUP = < list of users and/or groups >
  • Set ALLOWTOPICCHANGE = < list of users and/or groups >

The GROUP setting is a comma-separated list of users and/or other groups. Example:

  • Set GROUP = Main.SomeUser, Main.OtherUser, Main.SomeGroup

The ALLOWTOPICCHANGE setting defines who is allowed to change the group topic; it is a comma delimited list of users and groups. You typically want to restrict that to the members of the group itself, so it should contain the name of the topic. This prevents users not in the group from editing the topic to give themselves or others access. For example, for the KasabianGroup topic write:

  • Set ALLOWTOPICCHANGE = Main.KasabianGroup

ALERT! Foswiki has strict formatting rules. Make sure you have three spaces, an asterisk, and an extra space in front of any access control rule.

The Super Admin Group

A number of Foswiki functions (for example, renaming webs) are only available to administrators. Administrators are simply users who belong to the SuperAdminGroup. This is a standard user group, the name of which is defined by {SuperAdminGroup} setting in configure. The default name of this group is the AdminGroup. The system administrator may have chosen a different name for this group if your local Foswiki uses an alternate group mapping manager but for simplicity we will use the default name AdminGroup in the rest of this topic.

You can create new administrators simply by adding them to the Main.AdminGroup topic. For example,

  • Set GROUP = Main.ElizabethWindsor, Main.TonyBlair
A member of the Super Admin Group has unrestricted access throughout the Foswiki, so only trusted staff should be added to this group.

Restricting Access

You can define who is allowed to read or write to a web or a topic. Note that some plugins may not respect access permissions.

  • Restricting VIEW blocks viewing and searching of content. When you restric VIEW to a topic or web, this also restricts INCLUDE and Formatted SEARCH from showing the content of the topics.
  • Restricting CHANGE blocks creating new topics, changing topics or attaching files.
  • Restricting RENAME prevents renaming of topics within a web.

ALERT! There is an important distinction between CHANGE access and RENAME access. A user can CHANGE a topic, but thanks to version control their changes cannot be lost (the history of the topic before the change is recorded). However if a topic or web is renamed, that history may be lost. Typically a site will only give RENAME access to administrators and content owners.

Controlling access to a Web

You can define restrictions on who is allowed to view a Wiki-SL web. You can restrict access to certain webs to selected users and groups, by:

  • authenticating all webs and restricting selected webs: Topic access in all webs is authenticated, and selected webs have restricted access.
  • authenticating and restricting selected webs only: Provide unrestricted viewing access to open webs, with authentication and restriction only on selected webs.

  • You can define these settings in the WebPreferences topic, preferable towards the end of the topic:
    • Set DENYWEBVIEW = < comma-delimited list of users and groups >
    • Set ALLOWWEBVIEW = < comma-delimited list of users and groups >
    • Set DENYWEBCHANGE = < comma-delimited list of users and groups >
    • Set ALLOWWEBCHANGE = < comma-delimited list of users and groups >
    • Set DENYWEBRENAME = < comma-delimited list of users and groups >
    • Set ALLOWWEBRENAME = < comma-delimited list of users and groups >

If your site allows hierarchical webs, then access to sub-webs is determined from the access controls of the parent web, plus the access controls in the sub-web. So, if the parent web has ALLOWWEBVIEW set, this will also apply to the subweb. Also note that you will need to ensure that the parent web's FINALPREFERENCES does not include the access control settings listed above. Otherwise you will not be able override the parent web's access control settings in sub-webs.

Creation and renaming of sub-webs is controlled by the WEBCHANGE setting on the parent web (or ROOTCHANGE for root webs). Renaming is additionally restricted by the setting of WEBRENAME in the web itself.

Controlling access to a topic

  • You can define these settings in any topic, preferable towards the end of the topic:
    • Set DENYTOPICVIEW = < comma-delimited list of users and groups >
    • Set ALLOWTOPICVIEW = < comma-delimited list of users and groups >
    • Set DENYTOPICCHANGE = < comma-delimited list of users and groups >
    • Set ALLOWTOPICCHANGE = < comma-delimited list of users and groups >
    • Set DENYTOPICRENAME = < comma-delimited list of users and groups >
    • Set ALLOWTOPICRENAME = < comma-delimited list of users and groups >

Remember when opening up access to specific topics within a restricted web that other topics in the web - for example, the WebLeftBar - may also be accessed when viewing the topics. The message you get when you are denied access should tell you what topic you were not permitted to access.

Be careful with empty values for any of these.

  • Set ALLOWTOPICVIEW =
    This means the same as not setting it at all. (This was documented wrong in versions 4.0.X, 4.1.0 and 4.1.1)

  • Set DENYTOPICVIEW =
    This means do not deny anyone the right to view this topic. If DENYTOPICVIEW is set to an empty value anyone has access even if ALLOWTOPICVIEW or ALLOWWEBVIEW is defined. This allows you to have very restrictive default access rights to an entire web and still allow individual topics to have more open access.

The same rules apply to ALLOWTOPICCHANGE/DENYTOPICCHANGE and APPLYTOPICRENAME/DENYTOPICRENAME. Setting ALLOWTOPICCHANGE or ALLOWTOPICRENAME to en empty value means the same as not defining it. Setting DENYTOPICCHANGE or DENYTOPICRENAME to an empty value means that anyone can edit or rename the topic.

ALERT! If the same setting is defined multiple times the last one overrides the previous. They are not OR'ed together.

ALERT! The setting to an empty has caused confusion and great debate and it has been decided that the empty setting syntax will be replaced by something which is easier to understand in a later version of Foswiki. A method to upgrade will be provided. Please read the release notes carefully when you upgrade.

See "How Foswiki evaluates ALLOW/DENY settings" below for more on how ALLOW and DENY interacts.

Controlling access to attachments

Attachments are referred to directly, and are not normally indirected via Foswiki scripts. This means that the above instructions for access control will not apply to attachments. It is possible that someone may inadvertently publicise a URL that they expected to be access-controlled.

The easiest way to apply the same access control rules for attachments as apply to topics is to use the Apache mod_rewrite module, and configure your webserver to redirect accesses to attachments to the Foswiki viewfile script. For example, 

    ScriptAlias /foswiki/bin/ /filesystem/path/to/bin/
    Alias /foswiki/pub/       /filesystem/path/to/pub/

    RewriteEngine on
    RewriteCond %{REQUEST_URI} !^/+foswiki/+pub/+System/+.+
    RewriteRule ^/+foswiki/+pub/+([^/]+)((/+([^/]+))+)/+(.+) /foswiki/bin/viewfile/$1/$2?filename=$5 [L,PT]

That way all the controls that apply to the topic also apply to attachments to the topic. Other types of webserver have similar support.

HELP Images embedded in topics will load much slower since each image will be delivered by the viewfile script.

Controlling who can manage top-level webs

Top level webs are a special case, because they don't have a parent web with a WebPreferences. So there has to be a special control just for the root level.

  • You can define these settings in the Main.DefaultPreferences topic, preferable towards the end of the topic:
    • Set DENYROOTCHANGE = < comma-delimited list of users and groups >
    • Set ALLOWROOTCHANGE = < comma-delimited list of users and groups >
Note that you do not require ROOTCHANGE access to rename an existing top-level web. You just need WEBCHANGE in the web itself.

How Foswiki evaluates ALLOW/DENY settings

When deciding whether to grant access, Foswiki evaluates the following rules in order (read from the top of the list; if the logic arrives at PERMITTED or DENIED that applies immediately and no more rules are applied). You need to read the rules bearing in mind that VIEW, CHANGE and RENAME access may be granted/denied separately.

  1. If the user is an administrator
    • access is PERMITTED.
  2. If DENYTOPIC is set to a list of wikinames
    • people in the list will be DENIED.
  3. If DENYTOPIC is set to empty ( i.e. Set DENYTOPIC = )
    • access is PERMITTED i.e no-one is denied access to this topic.
      ALERT! Attention: Use this with caution. This is deprecated and will likely change in the next release.
  4. If ALLOWTOPIC is set
    1. people in the list are PERMITTED
    2. everyone else is DENIED
  5. If DENYWEB is set to a list of wikinames
    • people in the list are DENIED access
  6. If ALLOWWEB is set to a list of wikinames
    • people in the list will be PERMITTED
    • everyone else will be DENIED
  7. If you got this far, access is PERMITTED

Access control and INCLUDE

ALLOWTOPICVIEW and ALLOWTOPICCHANGE only applies to the topic in which the settings are defined. If a topic A includes another topic B, topic A does not inherit the access rights of the included topic B.

Examples: Topic A includes topic B

  • If the included topic B has ALLOWTOPICCHANGE set to block editing for a user, it does not prevent editing the including topic A.
  • If the included topic B has ALLOWTOPICVIEW set to block view for a user, the user can still view topic A but he cannot see the included topic B. He will see a message No permission to view B

Access control quick recipes

Obfuscating webs

Another way of hiding webs is to keep them hidden by not publishing the URL and by preventing the all webs search option from accessing obfuscated webs. Do so by enabling the NOSEARCHALL setting in WebPreferences:

  • Set NOSEARCHALL = on

This setup can be useful to hide a new web until content its ready for deployment, or to hide view access restricted webs.

ALERT! Obfuscating a web without view access control is very insecure, as anyone who knows the URL can access the web.

Restrict Access to a whole Foswiki site

For a firewalled Foswiki, e.g. an intranet wiki or extranet wiki, you want to allow only invited people to access your Foswiki. In this case, enable user authentication with ApacheLogin and lock down access to the whole bin and pub directories to all but valid users. In the Apache .htaccess file or the appropriate .conf file, replace the <FilesMatch "(attach|edit|... section with this: 

<FilesMatch ".*">
       require valid-user
</FilesMatch>

If needed, you can further restrict access to selected webs with ALLOWWEBVIEW and other access control settings.

HELP With this configuration, someone with access to the site needs to register new users.

Authenticate all webs and restrict selected webs

Use the following setup to authenticate users for topic viewing in all webs and to restrict access to selected webs. Requires UserAuthentication to be enabled.

  1. The simple way is to add this to WebPreferences in all webs.
    • Set DENYWEBVIEW = WikiGuest
  2. Restrict view access to selected users and groups. Set one or both of these settings in its WebPreferences topic:
    • Set ALLOWWEBVIEW = < list of users and groups >
    • Note: DENYWEBVIEW is evaluated before ALLOWWEBVIEW. Access is denied if the authenticated person is in the DENYWEBVIEW list, or not in the ALLOWWEBVIEW list. Access is granted if DENYWEBVIEW and ALLOWWEBVIEW are not defined.

In rare cases it may be required to authenticate the view script. This can in some cases have a dramatic performance hit because the webserver must re-authenticate for every page view.

  1. Set require valid-user on your view script in .htaccess or the appropriate Apache .conf file. This looks like: FilesMatch "(attach|edit|manage|rename|save|view|upload|mail|logon|.*auth).*" (normally view is not in that list).

Authenticate and restrict selected webs only

Use the following setup to provide unrestricted viewing access to open webs, with authentication only on selected webs. Requires UserAuthentication to be enabled.

  1. Restrict view access to selected users and groups. Set one or both of these settings in its WebPreferences topic:
    • Set DENYWEBVIEW = < list of users and groups >
    • Set ALLOWWEBVIEW = < list of users and groups >
    • Note: DENYWEBVIEW is evaluated before ALLOWWEBVIEW. Access is denied if the authenticated person is in the DENYWEBVIEW list, or not in the ALLOWWEBVIEW list. Access is granted if DENYWEBVIEW and ALLOWWEBVIEW are not defined.

Hide control settings

TIP To hide access control settings from normal browser viewing, you can put them into the topic preference settings by clicking the link Edit topic preference settings under More topic actions menu. Preferences set in this manner are not visible in the topic text, but take effect nevertheless. Access control settings added as topic preference settings are stored in the topic meta data and they override settings defined in the topic text.

Alternatively, place them in HTML comment markers, but this exposes the access setting during ordinary editing.

<!--
   * Set DENYTOPICCHANGE = Main.SomeGroup
-->

Back to top

Text Formatting

Working in Foswiki is as easy as typing in text. You don't need to know HTML, though you can use it if you prefer. Links to topics are created automatically when you enter WikiWords. And Foswiki shorthand gives you all the power of HTML with a simple coding system that takes no time to learn. It's all laid out below.

Editing Shorthand

Formatting Command: You write: You get:
Paragraphs:
Blank lines will create new paragraphs. 
1st paragraph

2nd paragraph

1st paragraph

2nd paragraph

Headings:
Three or more dashes at the beginning of a line, followed by plus signs and the heading text. One plus creates a top level heading, two pluses a second level heading, etc. The maximum heading depth is 6.

You can create a table of contents with the %TOC% macro. If you want to exclude a heading from the TOC, put !! after the ---+.

ALERT! Empty headings are allowed, but won't appear in the table of contents. 

---++ Sushi
---+++ Maguro
---+++!! Not in TOC

Sushi

Maguro

Not in TOC
Bold Text:
Words get shown in bold by enclosing them in * asterisks. 
*Bold*

Bold

Italic Text:
Words get shown in italic by enclosing them in _ underscores. 
_Italic_

Italic

Bold Italic:
Words get shown in bold italic by enclosing them in __ double-underscores. 
__Bold italic__

Bold italic

Fixed Font:
Words get shown in fixed font by enclosing them in = equal signs. 
=Fixed font=

Fixed font

Bold Fixed Font:
Words get shown in bold fixed font by enclosing them in double equal signs. 
==Bold fixed==

Bold fixed

TIP You can follow the closing bold, italic, or other (* _ __ = ==) indicator with normal punctuation, such as commas and full stops.

ALERT! Make sure there is no space between the text and the indicators. 

_This works_,
_this does not _

This works,
_this does not _

Verbatim Text:
Surround code excerpts and other formatted text with <verbatim> and </verbatim> tags.

TIP verbatim tags disable HTML code. Use <pre> and </pre> tags instead if you want the HTML code within the tags to be interpreted.

ALERT! Preferences settings (* Set NAME = value) are set within verbatim tags. 
<verbatim>
class CatAnimal {
  void purr() {
    <code here>
  }
}
</verbatim>

class CatAnimal {
  void purr() {
    <code here>
  }
}
Separator (Horizontal Rule):
Three or more three dashes at the beginning of a line.. 
-------

Bulleted List:
Multiple of three spaces, an asterisk, and another space.

HELP For all the list types, you can break a list item over several lines by indenting lines after the first one by at least 3 spaces. 
   * level 1
      * level 2
   * back on 1
   * A bullet
     broken over
     three lines
   * last bullet

  • level 1
    • level 2
  • back on 1
  • A bullet broken over three lines
  • last bullet
Numbered List:
Multiple of three spaces, a type character, a dot, and another space. Several types are available besides a number:
Type Generated Style Sample Sequence
1. Arabic numerals 1, 2, 3, 4...
A. Uppercase letters A, B, C, D...
a. Lowercase letters a, b, c, d...
I. Uppercase Roman Numerals I, II, III, IV...
i. Lowercase Roman Numerals i, ii, iii, iv... 
   1. Sushi
   1. Dim Sum
   1. Fondue

   A. Sushi
   A. Dim Sum
   A. Fondue

   i. Sushi
   i. Dim Sum
   i. Fondue

  1. Sushi
  2. Dim Sum
  3. Fondue

  1. Sushi
  2. Dim Sum
  3. Fondue

  1. Sushi
  2. Dim Sum
  3. Fondue
Definition List:
Three spaces, a dollar sign, the term, a colon, a space, followed by the definition. 
   $ Sushi: Japan
   $ Dim Sum: S.F.

Sushi
Japan
Dim Sum
S.F.
Table:
Each row of the table is a line containing of one or more cells. Each cell starts and ends with a vertical bar '|'. Any spaces at the beginning of a line are ignored.
  • | *bold* | header cell with text in asterisks
  • |   center-aligned   | cell with at least two, and equal number of spaces on either side
  • |      right-aligned | cell with more spaces on the left
  • | 2 colspan || and multi-span columns with multiple |'s right next to each other
  • |^| cell with caret indicating follow-up row of multi-span rows
  • You can split rows over multiple lines by putting a backslash '\' at the end of each line
  • Contents of table cells wrap automatically as determined by the browser
  • Use %VBAR% or &#124; to add | characters in tables.
  • Use %CARET% or &#94; to add ^ characters in tables.
TIP The System.TablePlugin provides the |^| multiple-span row functionality and additional rendering features 
| *L* | *C* | *R* |
| A2 |  B2  |  C2 |
| A3 |  B3  |  C3 |
| multi span |||
| A5-7 |  5  |  5 |
|^| six | six |
|^| seven | seven |
| split\
  | over\
  | 3 lines |
| A9 |  B9  |  C9 |

L C R
A2 B2 C2
A3 B3 C3
multi span
A5-7 5 5
six six
seven seven
split over 3 lines
A9 B9 C9
WikiWord Links:
CapitalizedWordsStuckTogether (or WikiWords) will produce a link automatically if preceded by whitespace or parenthesis.
TIP If you want to link to a topic in a different web write Otherweb.TopicName.
To link to a topic in a subweb write Otherweb.Subweb.TopicName.
HELP The link label excludes the name of the web, e.g. only the topic name is shown. As an exception, the name of the web is shown for the WebHome topic.
ALERT! Dots '.' are used to separate webs and subwebs from topic names and therefore cannot be used in topic names.

It's generally a good idea to use the macros %SYSTEMWEB% and %USERSWEB% instead of System and Main. 

WebStatistics

Sandbox.WebNotify

Sandbox.WebHome

Sandbox.Subweb.TopicName

WebStatistics

Sandbox.WebNotify

Sandbox.WebHome

TopicName

Anchors:
You can define a reference inside a topic (called an anchor name) and link to that. To define an anchor write #AnchorName at the beginning of a line. The anchor name must be a WikiWord of no more than 32 characters. To link to an anchor name use the [[MyTopic#MyAnchor]] syntax. You can omit the topic name if you want to link within the same topic. 
[[WikiWord#NotThere]]

[[#MyAnchor][Jump]]

#MyAnchor To here

WikiWord#NotThere

Jump

To here

Forced Links:
You can create a forced internal link by enclosing words in double square brackets.
Text within the brackets may contain optional spaces; the topic name is formed by capitalizing the initial letter and by removing the spaces; for example, [[wiki syntax]] links to topic WikiSyntax. You can also refer to a different web and use anchors.
TIP To "escape" double square brackets that would otherwise make a link, prefix the leading left square bracket with an exclamation point. 
[[wiki syntax]]

[[Sandbox.My unspaced topic]]

escaped:
![[wiki syntax]]

wiki syntax

Main.Wiki groups

escaped: [[wiki syntax]]

Specific Links:
You can create a link where you specify the link text and the URL separately using nested square brackets [[reference][text]]. Internal link references (e.g. WikiSyntax) and URLs (e.g. http://foswiki.org/) are both supported. The rules described under Forced Links apply for internal link references.
TIP Anchor names can be added as well, to create a link to a specific place in a topic. 
[[WikiSyntax][wiki syntax]]

[[http://gnu.org][GNU]]

wiki syntax

GNU

Prevent a Link:
Prevent a WikiWord from being linked by prepending it with an exclamation point. 
!SunOS
SunOS
Disable Links:
You can disable automatic linking of WikiWords by surrounding text with <noautolink> and </noautolink> tags.
HELP It is possible to turn off all auto-linking with a NOAUTOLINK preferences setting. 
 <noautolink>
 RedHat & SuSE
 </noautolink>

RedHat & SuSE

Mailto Links:
E-mail addresses are linked automatically. To create e-mail links that have more descriptive link text, specify subject lines or message bodies, or omit the e-mail address, you can write [[mailto:user@domain][descriptive text]]. 
a@b.com

[[mailto:a@b.com]\
[Mail]]

[[mailto:?subject=\
Hi][Hi]]

a@b.com

Mail

Hi

Literal content:
Foswiki generates HTML code from TML shorthand. Experts surround anything that must be output literally in the HTML code, without the application of shorthand rules, with <literal>..</literal> tags. ALERT! any HTML within literal tags must be well formed i.e. all tags must be properly closed before the end of the literal block. IDEA! Macros are expanded within literal blocks. 
<literal>
| Not | A | Table |
</literal>
| Not | A | Table |
Protected content:
Experts protect text from mangling by WYSIWYG editors using <sticky>..</sticky> tags. Sticky tags don't have any effect on normal topic display; they are only relevant when content has to be protected from a WYSIWYG editor (usually because it isn't well-formed HTML, or because it is HTML that WYSIWYG would normally filter out or modify). Protected content appears as plain text in the WYSIWYG editor. 		<sticky> 
<div>
This div is required
</div>
</sticky>
This div is required

Using HTML

You can use most HTML tags in topics without a problem. This is useful where you want to add some content that is formatted in a way that is not supported using shorthand, for example, you can write <strike>deleted text</strike> to get deleted text.

There are a few usability and technical considerations to keep in mind:

  • On collaboration pages, it's better not to use HTML, but to use shorthand instead - this keeps the text uncluttered and easy to edit using the plaintext editor.
  • If you must use HTML, use XHTML 1.0 Transitional syntax.
  • Use <literal>..</literal> tags around blocks of HTML to avoid accidental interpretation of shorthand within the HTML.
  • ALERT! Script tags may be filtered out, at the discretion of your Wiki administrator.

Recommendations when pasting HTML from other sources (using the plain-text editor):

  • Copy only text between <body> and </body> tags.
  • Remove all empty lines. Foswiki inserts <p /> paragraph tags on empty lines, which causes problems if done between HTML tags that do not allow paragraph tags, like for example between table tags.
  • Remove leading spaces. Foswiki might interpret some text as lists.
  • Do not span a tag over more than one line. Foswiki requires that the opening and closing angle brackets - <...> - of a HTML tag are on the same line, or the tag will be broken.
  • In your HTML editing program, save without hard line breaks on text wrap.

When using a WYSIWYG editor, you can just copy-paste directly into the editor, and the content will be converted to shorthand automatically when you save.

Hyperlinks

Being able to create links without any special formatting is a core Foswiki feature, made possible with WikiWords and inline URLs.

Internal Links

  • GoodStyle is a WikiWord that links to the GoodStyle topic located in the current web.

  • NotExistingYet is a topic waiting to be written. Create the topic by clicking on the ?. (Try clicking, but then, Cancel - creating the topic would wreck this example!)

External Links

  • Protocols matching the configuration parameter LinkProtocolPattern, which by default is set to (file|ftp|gopher|https|http|irc|mailto|news|nntp|telnet), are linked automatically. You might change this setting to add more protocols (such as smb). Thus, all lines containing:
    • file://...
    • ftp://...
    • gopher://...
    • https://...
    • http://...
    • irc://...
    • mailto:...@...
    • news://...
    • nntp://...
    • telnet://... are linked automatically.

  • E-mail addresses like name@domain.com are linked automatically.

  • [[Square bracket rules]] let you easily create non-WikiWord links.
    • You can also write [[http://yahoo.com Yahoo home page]] as an easier way of doing external links with descriptive text for the link, such as Yahoo home page.

Macros

Macros are names enclosed in percent signs that are that are expanded to some other text when the topic is displayed. For example, %TOPIC% is expanded to MacrosQuickStart, the title of this topic.

Some macros can take arguments in curly braces - for example, %INCLUDE{"OtherTopic" ARG="arg"}%.

Many macro definitions are built-in, and others (preference settings) are predefined for your convenience. You can also define your own preference settings at the entire site, individual web, or individual topic level. For more information, see Macros

Macros are fully expanded before any of the text formatting rules are applied.

Documentation Graphics: There are many graphics available to use in your topics. Use %ICON{"help"}%, %ICON{"tip"}%, and %ICON{"warning"}% to get: HELP, TIP, and ALERT!, respectively. DocumentGraphics lists them all.

tip To "escape" a macro, prefix it with an exclamation mark. Write: !%SOMEMACRO% to get: %SOMEMACRO%.

Plugin Formatting Extensions

Plugins can extend the functionality of Foswiki into many other areas. There are a huge number of plugins available from the foswiki site?.

Currently enabled plugins on this installation, as listed by %PLUGINDESCRIPTIONS%:

  • System.TWikiCompatibilityPlugin (Foswiki-1.0, $Rev: 1776 (2009-01-06) $): add TWiki personality to Foswiki
  • System.SpreadSheetPlugin (20 Sep 2009, $Rev: 5049 (2009-09-20) $): Add spreadsheet calculations like "$SUM($ABOVE())" to Foswiki tables and other topic text
  • System.AttachmentListPlugin (1.3.3, $Rev: 4282 (2009-06-22) $):
  • System.CommentPlugin (12 Sep 2009, $Rev: 4843 (2009-09-11) $): Quickly post comments to a page without an edit/preview/save cycle
  • System.EditTablePlugin (4.33, $Rev: 4950 (2009-09-16) $): Edit tables using edit fields, date pickers and drop down boxes
  • System.ImageGalleryPlugin (5.01, $Rev: 4425 (2009-07-03) $): Displays image gallery with auto-generated thumbnails from attachments
  • System.InterwikiPlugin (20 Sep 2009, $Rev: 5022 (2009-09-20) $): Link ExternalSite:Page text to external sites based on aliases defined in a rules topic
  • System.LinkOptionsPlugin (1.0.0, 4643): Extends the "Forced Specific Links" syntax [[URL or TopicName][Link Text][Options]]
  • System.PreferencesPlugin (20 Sep 2009, $Rev: 5037 (2009-09-20) $): Allows editing of preferences using fields predefined in a form
  • System.SlideShowPlugin (02 Aug 2008, $Rev: 2742 (2009-02-26) $): Create web based presentations based on topics with headings.
  • System.SmiliesPlugin (20 Sep 2009, $Rev: 5046 (2009-09-20) $): Render smilies like smile as icons
  • System.TablePlugin (1.042, $Rev: 4847 (2009-09-12) $): Control attributes of tables and sorting of table columns
  • System.TagMePlugin (11 Jun 2009, $Rev: 4104 (2009-06-11) $): Tag wiki content collectively to find content by keywords
  • System.TopicDataHelperPlugin (1.1.1, $Rev: 4253 (2009-06-20) $):
  • System.TopicTranslationsPlugin (Dakar, $Rev: 4525 (2009-07-21) $): Manages a topic's translations into several languages.
  • System.TwistyPlugin (1.5.3, $Rev: 4751 (2009-09-02) $): Twisty section Javascript library to open/close content dynamically

Check on current Plugin status and settings for this site in System.Plugins.

Common Editing Errors

Foswiki formatting rules are fairly simple to use and quick to type. However, there are some things to watch out for:

  • Q: Text enclosed in angle brackets like <filename> is not displayed. How can I show it as it is?
    • A: The '<' and '>' characters have a special meaning in HTML, they define HTML tags. You need to escape them, so write '&lt;' instead of '<', and '&gt;' instead of '>'.
      Example: Type 'prog &lt;filename&gt;' to get 'prog <filename>'.

  • Q: Why is the '&' character sometimes not displayed?
    • A: The '&' character has a special meaning in HTML, it starts a so called character entity, i.e. '&copy;' is the © copyright character. You need to escape '&' to see it as it is, so write '&amp;' instead of '&'.
      Example: Type 'This &amp; that' to get 'This & that'.

Back to top

Macros

Special text strings expand on the fly to display user data or system info

Macros are text strings - %MACRONAME% or %MACRONAME{ parameter="value" }% - that expand into content whenever a topic is rendered for viewing. There are two types of macros:

  1. Preference settings: Can be defined and changed by the user
  2. Predefined macros: Defined by the system or by Plugins (for example, the SpreadSheetPlugin introduces a %CALC{}% macro)

Using Macros

To use a macro type its name. For example,

  • type %T% to get TIP (a preference settings)
  • type %TOPIC% to get Macros (a predefined macro?)
  • type %CALC{ "$UPPER(Text)" }% to get TEXT (a macro? defined by a Plugin)

Note:

  • To leave a macro unexpanded, precede it with an exclamation point, e.g. type !%TOPIC% to get %TOPIC%
  • Macros are expanded relative to the topic they are used in, not the topic they are defined in
  • Type %ALLVARIABLES% to get a full listing of all macros defined for a particular topic

Macro Names

Macro names must start with a letter. The following characters can be letters, numbers and the underscore '_'. You can use both upper-case and lower-case letters and you can mix the characters. E.g. %MYVAR%, %MyVar%, %My2ndVar%, and %My_Var% are all valid macro names. Macros are case sensitive. %MyVAR% and %MYVAR% are not the same macro.

By convention all settings, predefined macros and macros used by plugins are always UPPER-CASE.

Preferences

Preferences settings are simple macros that do not accept parameters, and are defined in topics. A lot of the macros you will encounter are of this type.

Preferences can be defined by the user in various places.

Setting Preferences

You can set macros in all the following places:
  1. default level in System.DefaultPreferences (not recommended)
  2. plugin topics (see Plugins)
  3. local site level in Main.SitePreferences
  4. user level in individual user topics in Main web
  5. web level in WebPreferences of a parent web
  6. web level in WebPreferences of the web
  7. topic level in topics in webs
  8. session macros (if sessions are enabled)

Settings at higher-numbered levels override settings of the same macro at lower numbered levels, unless the macro was included in the setting of FINALPREFERENCES at a lower-numbered level, in which case it is locked at the value it has at that level.

If you are setting a preference and using it in the same topic, note that Foswiki reads all the preference settings from the saved version of the topic before it displays anything. This means you can use a macro anywhere in the topic, even if you set it somewhere inconspicuous near the end. But beware: it also means that if you change the setting of a macro you are using in the same topic, Preview will show the wrong thing, and you must Save the topic to see it correctly.

The syntax for setting macros is the same anywhere:
[multiple of 3 spaces] * [space] Set [space] MACRONAME [space] = [space] value

Examples:
  • Set MACRONAME = value
    • Set MACRONAME = value
Spaces between the = sign and the value will be ignored. You can split a value over several lines by indenting following lines with spaces - as long as you don't try to use * as the first character on the following line.
Example: 
   * Set MACRONAME = value starts here
     and continues here

Whatever you include in your Macro will be expanded on display, exactly as if it had been entered directly.

Example: Create a custom logo macro
  • To place a logo anywhere in a web by typing %MYLOGO%, define the preference settings on the web's WebPreferences topic, and upload a logo file, ex: mylogo.gif. You can upload by attaching the file to WebPreferences, or, to avoid clutter, to any other topic in the same web, e.g. LogoTopic. Sample preference setting in WebPreferences:
    • Set MYLOGO = %PUBURL%/%WEB%/LogoTopic/mylogo.gif

You can also set preference settings in a topic by clicking the link Edit topic preference settings under More topic actions. Preferences set in this manner are not visible in the topic text, but take effect nevertheless.

Access Control Settings

These are special types of preference settings to control access to content. AccessControl explains these security settings in detail.

Local values for preferences

Certain topics (a users home topic, web site and default preferences topics) have a problem; macros defined in those topics can have two meanings. For example, consider a user topic. A user may want to use a double-height edit box when they are editing their home topic - but only when editing their home topic. The rest of the time, they want to have a normal edit box. This separation is achieved using Local in place of Set in the macro definition. For example, if the user sets the following in their home topic: 
   * Set EDITBOXHEIGHT = 10
   * Local EDITBOXHEIGHT = 20
Then when they are editing any other topic, they will get a 10 high edit box. However when they are editing their home topic, they will get a 20 high edit box. Local can be used wherever a preference needs to take a different value depending on where the current operation is being performed.

Use this powerful feature with great care! %ALLVARIABLES% can be used to get a listing of the values of all macros in their evaluation order, so you can see macro scope if you get confused.

Predefined Macros

Most predefined macros return values that were either set in the configuration when Foswiki was installed, or taken from server info (such as current username, or date and time). Some, like %SEARCH%, are powerful and general tools.

  • ALERT! Predefined macros can be overridden by preference settings (except TOPIC and WEB)
  • ALERT! Plugins may extend the set of predefined macros (see individual Plugins topics for details)
  • TIP Take the time to thoroughly read through ALL preference macros. If you actively configure your site, review macros periodically. They cover a wide range of functions, and it can be easy to miss the one perfect macro for something you have in mind. For example, see %BASETOPIC%, %INCLUDE%, and the mighty %SEARCH%.

This version of Foswiki - Foswiki-1.0.7, Sun, 20 Sep 2009, build 5061 - predefines the following macros:

ACTIVATEDPLUGINS -- list of currently activated plugins

  • Syntax: %ACTIVATEDPLUGINS%
  • Expands to: System.TWikiCompatibilityPlugin, System.SpreadSheetPlugin, System.AttachmentListPlugin, System.CommentPlugin, System.EditTablePlugin, System.ImageGalleryPlugin, System.InterwikiPlugin, System.LinkOptionsPlugin, System.PreferencesPlugin, System.SlideShowPlugin, System.SmiliesPlugin, System.TablePlugin, System.TagMePlugin, System.TopicDataHelperPlugin, System.TopicTranslationsPlugin, System.TwistyPlugin
  • Related: PLUGINDESCRIPTIONS, FAILEDPLUGINS, PLUGINVERSION

ADDTOHEAD

You can write %ADDTOHEAD{...}% in a topic or template. This variable accepts the following parameters:
  • _DEFAULT optional, id of the head block. Used to generate a comment in the output HTML.
  • text optional, text to use for the head block. Mutually exclusive with topic.
  • topic optional, full Foswiki path name of a topic that contains the full text to use for the head block. Mutually exclusive with text. Example: topic="System.MyTopic".
  • requires optional, comma-separated list of id's of other head blocks this one depends on.
%ADDTOHEAD% expands in-place to the empty string, unless there is an error in which case the variable expands to an error string.

Use %RENDERHEAD% to generate the sorted head tags.

ALLVARIABLES -- list of currently defined macros

  • Syntax: %ALLVARIABLES%
  • Expands to: a table showing all defined macros in the current context

AQUA -- start aqua colored text

  • AQUA is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %AQUA% aqua text %ENDCOLOR%
  • Expands to: aqua text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

ATTACHURL -- full URL for attachments in the current topic

ATTACHURLPATH -- path of the attachment URL of the current topic

AUTHREALM -- authentication realm

  • String defined as {AuthRealm} in configure. This is used in certain password encodings, and in login templates as part of the login prompt.
  • Syntax: %AUTHREALM%
  • Expands to: Enter your System.LoginName. (Typically First name and last name, no space, no dots, capitalized, e.g. JohnSmith, unless you chose otherwise). Visit System.UserRegistration if you do not have one.
  • Related: UserAuthentication, SESSIONID, SESSIONVAR, LOGIN, LOGOUT, SESSION_VARIABLE

BASETOPIC -- base topic where an INCLUDE started

  • The name of the topic where a single or nested INCLUDE started - same as %TOPIC% if there is no INCLUDE
  • This is the name of the topic requested by the user.
  • Syntax: %BASETOPIC%
  • Related: BASEWEB, INCLUDINGTOPIC, INCLUDE, TOPIC

BASEWEB -- base web where an INCLUDE started

  • The web name where the includes started, e.g. the web of the first topic of nested includes. Same as %WEB% in case there is no include.
  • This is the name of the web requested by the user.
  • Syntax: %BASEWEB%
  • Related: BASETOPIC, INCLUDINGWEB, INCLUDE, WEB

BB -- bullet with line break

BB2 -- level 2 bullet with line break

  • Line break and bullet, level 2.
  • Current value: BB2 =
      •
  • Related: BR, BULLET, BB, BB3, BB4, VBAR

BB3 -- level 3 bullet with line break

  • Line break and bullet, level 3.
  • Current value: BB3 =
        •
  • Related: BR, BULLET, BB, BB2, BB4, VBAR

BB4 -- level 4 bullet with line break

  • Line break and bullet, level 4.
  • Current value: BB4 =
          •
  • Related: BR, BULLET, BB, BB2, BB3, VBAR

BLACK -- start black colored text

  • BLACK is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %BLACK% black text %ENDCOLOR%
  • Expands to: black text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

BLUE -- start blue colored text

  • BLUE is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %BLUE% blue text %ENDCOLOR%
  • Expands to: blue text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

BR -- line break

BROWN -- start brown colored text

  • BROWN is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %BROWN% brown text %ENDCOLOR%
  • Expands to: brown text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

BULLET -- bullet character

CALC{"formula"} -- add spreadsheet calculations to tables and outside tables

  • The %CALC{"formula"}% macro is handled by the SpreadSheetPlugin. There are around 90 formulae, such as $ABS(), $EXACT(), $EXISTS(), $GET()/$SET(), $IF(), $LOG(), $LOWER(), $PERCENTILE(), $TIME(), $VALUE().
  • Syntax: %CALC{"formula"}%
  • Examples:
    • %CALC{"$SUM($ABOVE())"}% returns the sum of all cells above the current cell
    • %CALC{"$EXISTS(Web.SomeTopic)"}% returns 1 if the topic exists
    • %CALC{"$UPPER(Collaboration)"}% returns COLLABORATION
  • Related: IF, SpreadSheetPlugin

CARET -- caret symbol

COMMENT{ attributes } -- insert an edit box into the topic to easily add comments.

  • A %COMMENT% without parameters shows a simple text box.
  • The following standard attributes are recognized
    Name Description Default
    type This is the name of the template to use for this comment. Comment templates are defined in a Foswiki template - see Customisation, below. If this attribute is not defined, the type is whatever is defined by COMMENTPLUGIN_DEFAULT_TYPE, either in this topic or in your WebPreferences. below
    default Default text to put into the textarea of the prompt.  
    target Name of the topic to add the comment to the current topic
    location Regular expression specifying the comment location in the target topic. Read carefully the CommentPlugin documentation!  
    mode For compatibility with older versions only, synonymous with type  
    nonotify Set to "on" to disable change notification for target topics off
    noform Set to "on" to disable the automatic form that encloses your comment block - remember to insert <form> tags yourself! See CommentPluginExamples#noform for an example. off
    nopost Set to "on" to disable insertion of the posted text into the topic. off
    remove Set to "on" to remove the comment prompt after the first time it is clicked. off
    button Button label text Add comment

  • See CommentPlugin for more information

DATE -- signature format date

  • Syntax: %DATE%
  • Expands to: 21 Nov 2009
  • Date format defined as {DefaultDateFormat} in configure
  • ALERT! When used in a template topic, this variable will be expanded when the template is used to create a new topic. See TemplateTopics#TemplateTopicsVars for details.
  • Related: DISPLAYTIME, GMTIME{"format"}, SERVERTIME

DISPLAYTIME{"format"} -- formatted display time

  • Formatted time - either GMT or Local server time, depending on {DisplayTimeValues} setting in configure. Same format qualifiers as %GMTIME%
  • Syntax: %DISPLAYTIME% OR %DISPLAYTIME{"format"}%
  • %DISPLAYTIME% The time is shown as hh:mm (24 hour clock)
    • Expands to: 21 Nov 2009 - 10:54
  • Example: %DISPLAYTIME{"$hou:$min"}% expands to 10:54
  • Related: GMTIME, SERVERTIME

EDITACTION -- Selects an edit template

  • The EDITACTION preference setting lets you define the use of an editaction template instead of the standard edit. If EDITACTION is defined as text, then hide the form. If EDITACTION is defined as form hide the normal text area and only edit the form.
  • Syntax: Set EDITACTION = text|form
  • Expands to: %EDITACTION%
  • Related: CommandAndCGIScripts#edit
  • ALERT! When EDITACTION is defined as text or form the Edit and Edit Raw buttons simply add ;action=text or ;action=form to the URL for the edit script. If you have defined an EDITACTION preference setting you can still edit the topic content or the form by removing the ;action=form or ;action=text from the edit URL in the browser and reload.

EDITTABLE{ attributes } -- edit tables using edit fields and other input fields

  • The %EDITTABLE{}% macro is handled by the EditTablePlugin
  • Syntax: %EDITTABLE{ attributes }%

  • Supported attributes:
    Attribute Comment Default
    header Specify the header format of a new table like "|*Food*|*Drink*|". Useful to start a table with only a button (no header)
    format The format of one column when editing the table. A cell can be a text input field, or any of these edit field types:

    • Text input field (1 line):
      | text, <size>, <initial value> |

    • Textarea input field:
      | textarea, <rows>x<columns>, <initial value> |

    • Drop down box:
      | select, <size>, <option 1>, <option 2>, etc* |
      * only one item can be selected

    • Radio buttons:
      | radio, <size*>, <option 1>, <option 2>, etc |
      * size indicates the number of buttons per line in edit mode

    • Checkboxes:
      | checkbox, <size*>, <option 1>, <option 2>, etc |
      * size indicates the number of checkboxes per line in edit mode

    • Fixed label:
      | label, 0, <label text> |

    • Row number:
      | row, <offset> |

    • Date:
      | date, <size>, <initial value>, <DHTML date format> | (see Date Field Type)     		"text, 16"
    for all cells
    changerows Rows can be added and removed if "on"
    Rows can be added but not removed if "add"
    Rows cannot be added or removed if "off"     		CHANGEROWS
    plugin setting
    quietsave Quiet Save button is shown if "on", hidden if "off" QUIETSAVE
    plugin setting
    include Other topic defining the EDITTABLE parameters. The first %EDITTABLE% in the topic is used. This is useful if you have many topics with the same table format and you want to update the format in one place. (none)
    helptopic Topic name containing help text shown below the table when editing a table. The %STARTINCLUDE% and %STOPINCLUDE% macros can be used in the topic to specify what is shown. (no help text)
    headerislabel Table header cells are read-only (labels) if "on"; header cells can be edited if "off" or "0" "on"
    editbutton Set edit button text, e.g. "Edit this table"; set button image with alt text, e.g. "Edit table, %PUBURL%/%SYSTEMWEB%/DocumentGraphics/edittopic.gif"; hide edit button at the end of the table with "hide" (Note: Button is automatically hidden if an edit button is present in a cell) EDITBUTTON
    plugin setting
    buttonrow Set to top to put the edit buttons above the table. bottom
    javascriptinterface Use javascript to directly move and delete row without page refresh. Enable with "on", disable with "off". JAVASCRIPTINTERFACE
    plugin setting

  • Example:
    %EDITTABLE{ format="| text, 20 | select, 1, one, two, three |" changerows="on" }%
    | *Name* | *Type* |
    | Foo | two |
  • Related: See EditTablePlugin for more details

ENCODE{"string"} -- encodes a string to HTML entities

  • Encode "special" characters to HTML numeric entities. Encoded characters are:
    • all non-printable ASCII characters below space, except newline ("\n") and linefeed ("\r")
    • HTML special characters "<", ">", "&", single quote (') and double quote (")
    • TML special characters "%", "[", "]", "@", "_", "*", "=" and "|"
  • Syntax: %ENCODE{"string"}%
  • Supported parameters:
    Parameter: Description: Default:
    "string" String to encode required (can be empty)
    type="entity"
    type="safe"
    type="html"
    type="quotes"
    type="url"     		Control how special characters are encoded
    entity: Encode special characters into HTML entities, like a double quote into &#034;. Does not encode \n or \r.
    safe: Encode characters '"<>% into HTML entities.
    html: As type="entity" except it also encodes \n and \r
    quotes: Escape double quotes with backslashes (\"), does not change other characters
    url: Encode special characters for URL parameter use, like a double quote into %22 (this is the default)     		type="url"
  • Example: %ENCODE{"spaced name"}% expands to spaced%20name
  • ALERT! Values of HTML input fields must be entity encoded.
    Example: <input type="text" name="address" value="%ENCODE{ "any text" type="entity" }%" />
  • ALERT! Double quotes in strings must be escaped when passed into other macros.
    Example: %SEARCH{ "%ENCODE{ "string with "quotes"" type="quotes" }%" noheader="on" }%
  • ALERT! ENCODE can be used to filter user input from URL parameters and similer to protect against cross-site scripting. The safest approach is to use type="entity". This can however prevent an application from fully working. You can then use type="safe" which encodes only the characters '"<>% into HTML entities (same as encode="safe"). When ENCODE is passing a string inside another macro always use double quotes ("") type="quote". For maximum security against cross-site scripting you are adviced to install the Foswiki:Extensions.SafeWikiPlugin.

ENDCOLOR -- end colored text

ENDSECTION{"name"} -- marks the end of a named section within a topic

  • Syntax: %ENDSECTION{"name"}%
  • Syntax: %ENDSECTION{type="include"}%
  • Supported parameter:
    Parameter: Description:
    "name" Name of the section.
    type="..." Type of the section being terminated; supported types "section", "include", "expandvariables", "templateonly".
  • If the STARTSECTION is named, the corresponding ENDSECTION must also be named with the same name. If the STARTSECTION specifies a type, then the corresponding ENDSECTION must also specify the same type. If the section is unnamed, ENDSECTION will match with the nearest unnamed %STARTSECTION% of the same type above it.
  • Related: STARTSECTION

ENV{"varname"} -- inspect the value of an environment variable

  • Returns the current value of the environment variable in the CGI (Common Gateway Interface) environment. This is the environment that the CommandAndCGIScripts are running in.
  • Note: For security reasons, only those environment variables whose names match the regular expression in {AccessibleENV} in the Security Settings/Miscellaneous section of configure can be displayed. Any other variable will just be shown as an empty string, irrespective of its real value.
  • Example: %ENV{MOD_PERL}% displays as: not set
  • If an environment variable is undefined (as against being set to the empty string) it will be returned as not set.
  • Related: HTTP_HOST, REMOTE_ADDR, REMOTE_PORT, REMOTE_USER

FAILEDPLUGINS -- debugging for plugins that failed to load, and handler list

FORMFIELD{"fieldname"} -- renders a field in the form attached to some topic

  • Syntax: %FORMFIELD{"fieldname"}%
  • Supported parameters:
    Parameter: Description: Default:
    "fieldname" The name of a Data form field required
    topic="..." Topic where form data is located. May be of the form Web.TopicName Current topic
    format="..." Format string. $value expands to the field value, and $name expands to the field name, $title to the field title, $form to the name of the form the field is in. The standard format tokens are also expanded. "$value"
    default="..." Text shown if the field is defined in the topic, but the field value is empty. For example, a text field for which all the content has been deleted. ""
    alttext="..." Text shown if the field is not defined in the topic (even if it is specified in the form definition). For example, this is used when a field exists in the form definition, but the referring topic hasn't been edited since it was added. ""
  • Example: %FORMFIELD{"ProjectName" topic="Projects.SushiProject" default="(no project name given)" alttext="ProjectName field not found in form"}%
  • Related: SEARCH

GMTIME{"format"} -- formatted GM time

  • Syntax: %GMTIME% OR %GMTIME{"format"}%
  • %GMTIME% uses the default date format defined by the {DefaultDateFormat} setting in configure
    • expands to 21 Nov 2009 - 10:54
  • Supported special format tokens:
    Token: Unit: Example
    $seconds seconds 59
    $minutes minutes 59
    $hours hours 23
    $day day of month 31
    $wday day of the Week (Sun, Mon, Tue, Wed, Thu, Fri, Sat) Thu
    $dow day of the week (Sun = 0) 2
    $week number of week in year (ISO 8601) 34
    $month short name of month Dec
    $mo 2 digit month 12
    $year 4 digit year 1999
    $ye 2 digit year 99
    $tz either "GMT" (if set to gmtime), or "Local" (if set to servertime) GMT
    $iso ISO format timestamp 2009-11-21T10:54:29Z
    $rcs RCS format timestamp 2009/11/21 10:54:29
    $http E-mail & http format timestamp Sat, 21 Nov 2009 10:54:29 GMT
    $epoch Number of seconds since 00:00 on 1st January, 1970 1258800869
  • Tokens can be shortened to 3 characters
  • Example: %GMTIME{"$day $month, $year - $hour:$min:$sec"}% expands to 21 Nov, 2009 - 10:54:29
  • ALERT! When used in a template topic, this macro will be expanded when the template is used to create a new topic. See TemplateTopics#TemplateTopicsVars for details.
  • Related: GMTIME, REVINFO, SERVERTIME

GRAY -- start gray colored text

  • GRAY is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %GRAY% gray text %ENDCOLOR%
  • Expands to: gray text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

GREEN -- start green colored text

  • GREEN is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %GREEN% green text %ENDCOLOR%
  • Expands to: green text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

GROUPS -- a formatted list of groups

H -- help icon

HOMETOPIC -- home topic in each web

HTTP -- get HTTP headers

  • Called with the name of an HTTP header field, returns its value. Capitalization and the use of hyphens versus underscores are not significant.
  • Syntax: %HTTP%
  • Syntax: %HTTP{"Header-name"}%
  • Examples:
    %HTTP%  
    %HTTP{"Accept-language"}% en-us,en;q=0.5
    %HTTP{"User-Agent"}% CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
  • ALERT! You can see the HTTP headers your browser sends to the server on a number of sites e.g. http://www.ericgiguere.com/tools/http-header-viewer.html
  • Related: HTTPS, REMOTE_ADDR, REMOTE_PORT, REMOTE_USER

HTTP_HOST -- environment variable

HTTPS -- get HTTPS headers

  • The same as %HTTP% but operates on the HTTPS environment variables present when the SSL protocol is in effect. Can be used to determine whether SSL is turned on.
  • Syntax: %HTTPS%
  • Syntax: %HTTPS{"Header-name"}%
  • Related: HTTP, REMOTE_ADDR, REMOTE_PORT, REMOTE_USER

I -- idea icon

ICON{"name"} -- small documentation graphic or icon of common attachment types

  • Generates the HTML img tag of a small graphic image attached to DocumentGraphics. Images typically have a 16x16 pixel size. You can select a specific image by name, or you can give a full filename, in which case the type of the file will be used to select one of a collection of common file type icons.
  • Syntax: %ICON{"name"}%
  • Examples:
    • %ICON{"flag-gray"}% returns flag-gray
    • %ICON{"pdf"}% returns pdf
    • %ICON{"smile.pdf"}% returns pdf
    • %ICON{"/dont/you/dare/smile.pdf"}% returns pdf
    • %ICON{"http://trunk.foswiki.org/pub/System/DocumentGraphics/xsl.gif"}% returns gif
  • Graphic samples: arrowbright arrowbright, bubble bubble, choice-yes choice-yes, hand hand
  • File type samples: bmp bmp, doc doc, gif gif, hlp hlp, html html, mp3 mp3, pdf pdf, ppt ppt, txt txt, xls xls, xml xml, zip zip
  • Related: ICONURL, ICONURLPATH, DefaultPreferences, FileAttachments, DocumentGraphics

ICONURL{"name"} -- URL of small documentation graphic or icon

  • Generates the full URL of a DocumentGraphics image, which Foswiki renders as an image. The related %ICON{"name"}% generates the full HTML img tag. Specify image name or full filename (see ICON for details on filenames.)
  • Syntax: %ICONURL{"name"}%
  • Examples:
    • %ICONURL{"arrowbright"}% returns http://wiki.softwarelivre.org/pub/System/DocumentGraphics/arrowbright.gif
    • %ICONURL{"novel.pdf"}% returns http://wiki.softwarelivre.org/pub/System/DocumentGraphics/pdf.gif
    • %ICONURL{"/queen/boheme.mp3"}% returns http://wiki.softwarelivre.org/pub/System/DocumentGraphics/mp3.gif
  • Related: ICONURLPATH, ICON, DefaultPreferences, FileAttachments, DocumentGraphics

ICONURLPATH{"name"} -- URL path of small documentation graphic or icon

  • Generates the URL path of a DocumentGraphics image, typically used in an HTML img tag. Specify image name or full filename (see ICON for details on filenames.)
  • Syntax: %ICONURLPATH{"name"}%
  • Examples:
    • %ICONURLPATH{"locktopic"}% returns /pub/System/DocumentGraphics/locktopic.gif
    • %ICONURLPATH{"eggysmell.xml"}% returns /pub/System/DocumentGraphics/xml.gif
    • %ICONURLPATH{"/doc/xhtml.xsl"}% returns /pub/System/DocumentGraphics/xsl.gif
  • Related: ICONURL, ICON, DefaultPreferences, FileAttachments, DocumentGraphics

IF{"condition" ...} -- simple conditionals

  • Evaluate a condition and show one text or another based on the result. See details in IfStatements
  • Syntax: %IF{"CONDITION" then="THEN" else="ELSE"}% shows "THEN" if "CONDITION" evaluates to TRUE, otherwise "ELSE" will be shown
  • Example: %IF{"defined FUNFACTOR" then="FUNFACTOR is defined" else="FUNFACTOR is not defined"}% renders as FUNFACTOR is not defined
  • Related: $IF() of SpreadSheetPlugin

IMAGEGALLERY{"topic" options...} -- render an image gallery

  • The %IMAGEGALLERY{"topic"}% macro is handled by the ImageGalleryPlugin.
  • Syntax: %IMAGEGALLERY{"topic" options...}%
  • Examples:
    • =%IMAGEGALLERY{"System.DocumentGraphics" columns="3" limit="12" exclude="arrow" sort="name"}%
  • Related: NRIMAGES, ImageGalleryPlugin

INCLUDE{"page"} -- include other topic or web page

  • Syntax: %INCLUDE{"page" ...}%
  • Supported parameters:        
    Parameter: Description: Default:
    "SomeTopic" The name of a topic located in the current web, i.e. %INCLUDE{"WebNotify"}%  
    "Web.Topic" A topic in another web, i.e. %INCLUDE{"System.SiteMap"}%  
    "http://..." A full qualified URL, i.e. %INCLUDE{"http://foswiki.org:80/index.html"}%. Supported content types are text/html and text/plain.
    IDEA! if the URL resolves to an attachment file on the server this will automatically translate to a server-side include.     		 
    "doc:Foswiki::..." level="3" Generates the embedded documentation in the given perl module. The optional =level parameter lets you define the base level for headings in the included text.
    pattern="..." Include a subset of a topic or a web page. Specify a RegularExpression that scans from start ('^') to end and contains the text you want to keep in parenthesis, e.g., pattern="^.*?(from here.*?to here).*". IncludeTopicsAndWebPages has more. none
    rev="2" Include a previous topic revision; N/A for URLs top revision
    raw="on" When a page is included, normally Wiki-SL will process it, doing the following: 1) Alter relative links to point back to originating host, 2) Remove some basic HTML tags (html, head, body, script) and finally 3) Remove newlines from HTML tags spanning multiple lines. If you prefer to include exactly what is in the source of the originating page set this to on.
    raw="on" is short for disableremoveheaders="on", disableremovescript="on", disableremovebody="on", disablecompresstags="on" and disablerewriteurls="on".     		disabled
    literal="on" While using the raw option will indeed include the raw content, the included content will still be processed and rendered like regular topic content. To disable parsing of the included content, set the literal option to "on". disabled
    disableremoveheaders="on" Bypass stripping headers from included HTML (everything until first </head> tag) disabled
    disableremovescript="on" Bypass stripping all <script> tags from included HTML disabled
    disableremovebody="on" Bypass stripping the </body> tag and everything around over and below it disabled
    disablecompresstags="on" Bypass replacing newlines in HTML tags with spaces. This compression step rewrites unmatched <'s into &lt; entities unless bypassed disabled
    disablerewriteurls="on" Bypass rewriting relative URLs into absolute ones disabled
    warn="off" Warn if topic include fails: Fail silently (if off); output default warning (if set to on); else, output specific text (use $topic for topic name) %INCLUDEWARNING% preferences setting
    section="name" Includes only the specified named section, as defined in the included topic by the STARTSECTION and ENDSECTION macros. Nothing is shown if the named section does not exists. section="" is equivalent to not specifying a section  
    PARONE="val 1"
      PARTWO="val 2"         		Any other parameter will be defined as a macro within the scope of the included topic. The example parameters on the left will result in %PARONE% and %PARTWO% being defined within the included topic.  
  • HELP JavaScript in included webpages is filtered out as a security precaution per default (disable filter with disableremovescript parameter)
  • Examples: See IncludeTopicsAndWebPages
  • Related: BASETOPIC, BASEWEB, INCLUDINGTOPIC, INCLUDINGWEB, STARTINCLUDE, STOPINCLUDE, STARTSECTION, ENDSECTION

INCLUDINGTOPIC -- name of topic that includes current topic

  • The name of the topic that includes the current topic - same as %TOPIC% in case there is no include
  • If a topic is used in a chain of INCLUDEs, INCLUDINGTOPIC is set to the topic directly INCLUDing this one, NOT the topic that has been requested by the user (which is set in BASETOPIC)
  • WARNING: While this Macro may appear to work, unless you require the subtle difference between INCLUDINGTOPIC and BASETOPIC, you probably should use BASETOPIC.
  • Syntax: %INCLUDINGTOPIC%
  • Related: BASETOPIC, INCLUDINGWEB, INCLUDE, TOPIC

INCLUDINGWEB -- web that includes current topic

  • The web name of the topic that includes the current topic - same as %WEB% if there is no INCLUDE.
  • If a topic is used in a chain of INCLUDEs, INCLUDINGWEB is set to the topic directly INCLUDing this one, NOT the web that has been requested by the user (which is set in BASEWEB)
  • WARNING: While this Macro may appear to work, unless you require the subtle difference between INCLUDINGWEB and BASEWEB, you probably should use BASEWEB.
  • Syntax: %INCLUDINGWEB%
  • Related: BASEWEB, INCLUDINGTOPIC, INCLUDE, WEB

LANGUAGE -- current user's language

  • Returns the language code for the language used as the current user. This is the language actually used by Foswiki (e.g. in user interface).
  • The language is detected from the user's browser, unless some site/web/user/session-defined setting overrides it:
    • If the LANGUAGE preference is set, it's used as user's language instead of any language detected from the browser.
    • Avoid defining LANGUAGE at a non per-user way, so each user can choose his/her preferred language.
  • Related: LANGUAGES

LANGUAGES -- list available languages

  • List the languages available (as PO files). These are the languages in which the user interface is available.
  • Syntax: %LANGUAGES{...}%
  • Supported parameters:
    Parameter: Description: Default:
    format format for each item. See below for format tokens available in the format string. "   * $langname"
    separator separator between items. "\n" (newline)
    marker="selected" Text for $marker if the item matches selection "selected"
    selection="%LANGUAGE%" Current language to be selected in list (none)
  • format tokens:
    Token Meaning
    $langname language's name, as informed by the translators
    $langtag language's tag. Ex: en, pt-br, etc.
  • Example: <select>%LANGUAGES{format="<option $marker value='$langtag'>$langname</option>" selection="%LANGUAGE%"}%</select> creates an option list of the available languages with the current language selected

LIME -- start lime colored text

  • LIME is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %LIME% lime text %ENDCOLOR%
  • Expands to: lime text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

LOCALSITEPREFS -- web.topicname of site preferences topic

  • The full name of the local site preferences topic. These local site preferences overload the system level preferences defined in System.DefaultPreferences.
  • Syntax: %LOCALSITEPREFS%
  • Expands to: Main.SitePreferences, renders as Main.SitePreferences

LOGIN -- present a full login link

LOGOUT -- present a full logout link

M -- moved to... icon

MAINWEB -- synonym for USERSWEB

  • ALERT! Deprecated. Please use %USERSWEB% instead.

MAKETEXT -- creates text using Foswiki's I18N infrastructure

  • Syntax: %MAKETEXT{"string" args="..."}%
  • Supported parameters:
    Parameter Description Default
    "text" or string="text" The text to be displayed. none
    args="param1, param2" a comma-separated list of arguments to be interpolated in the string, replacing the [_N] placeholders in it. none
  • Examples:
    • %MAKETEXT{string="Notes:"}%
      expands to
      Notes:
    • %MAKETEXT{"If you have any questions, please contact [_1]." args="%WIKIWEBMASTER%"}%
      expands to
      If you have any questions, please contact wikiwebmaster@softwarelivre.org.
    • %MAKETEXT{"Did you want to [[[_1]][reset [_2]'s password]]?" args="%SYSTEMWEB%.ResetPassword,%WIKIUSERNAME%"}%
      expands to
      Did you want to reset Main.WikiGuest's password?
  • Notes:
    • Foswiki will translate the string to the current user's language only if it has such string in its translation table for that language.
    • Amperstands (&) followed by one letter (one of a...z, A...Z) (say, X) in the translatable string will be translated to <span class='foswikiAccessKey'>X</span>. This is used to implement access keys. If you want to write an actual amperstand that stays just before a letter, write two consecutive amperstands (&&): they will be transformed in just one.
    • translatable string starting with underscores (_) are reserved. You cannot use translatable phrases starting with an underscore.
    • Make sure that the translatable string is constant. Specially, do not include %MACROS% inside the translatable strings (since they will get expanded before the %MAKETEXT{...}% itself is handled).

MAROON -- start maroon colored text

  • MAROON is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %MAROON% maroon text %ENDCOLOR%
  • Expands to: maroon text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

META -- displays meta-data

  • Provided mainly for use in templates, this macro generates the parts of the topic view that relate to meta-data (attachments, forms etc.) The formfield item is the most likely to be useful to casual users.
  • Syntax: %META{ "item" ...}%
  • Parameters:
    Item Options Description
    "formfield" name="...": name of the field. The field value can be shortened as described in System.FormattedSearch for $formfield
    newline="...": by default, each newline character will be rewritten to <br /> to allow metadata that contains newlines to be used in tables, etc. $n indicates a newline character.
    bar="...": by default, each vertical bar is rewritten to an HTML entity so as to not be mistaken for a table separator.     		Show a single form field
    "form" none Generates the table showing the form fields. See Form Definition
    "attachments" all="on" to show hidden attachments.
    title="..." to show a title - only if attachments are displayed.
    template="..." to use a custom template for the rendering of attachments; default attachtables is used.     		Generates the list of attachments
    "moved" none Details of any topic moves
    "parent" dontrecurse="on": By default recurses up tree, this has some cost. Equivalent to depth=1
    depth="...": Return only the specified ancestor.
    nowebhome="on": Suppress WebHome.
    prefix="...": Prefix that goes before parents, but only if there are parents, default "".
    format="...": Format string used to display each parent topic where $web expands to the web name, and $topic expands to the topic name; default: "[[$web.$topic][$topic]]"
    suffix="...": Suffix, only appears if there are parents; default "".
    separator="...": Separator between parents; default " > ".     		Generates the parent link
  • Related: METASEARCH

METASEARCH -- special search of meta data

  • Syntax: %METASEARCH{...}%
  • Supported parameters:
    Parameter: Description: Default:
    type="topicmoved" What sort of search is required?
    "topicmoved" if search for a topic that may have been moved
    "parent" if searching for topics that have a specific parent i.e. its children
    "field" if searching for topics that have a particular form field value (use the name and value parameters to specify which field to search)     		Required
    web="%WEB%" Wiki web to search: A web, a list of webs separated by whitespace, or all webs. Current web
    topic="%TOPIC%" The topic the search relates to, for topicmoved and parent searches All topics in a web
    name form field to search, for field type searches. May be a regular expression (see SEARCH).  
    value form field value, for field type searches. May be a regular expression (see SEARCH).  
    title="Title" Text that is prefixed to any search results empty
    format="..." Custom format results. Supports same format strings as SEARCH. See FormattedSearch for usage & examples Results in table
    default="none" Default text shown if no search hit Empty
  • Example: %METASEARCH{type="topicmoved" web="%WEB%" topic="%TOPIC%" title="This topic used to exist and was moved to: "}%
  • Example: You may want to use this in WebTopicViewTemplate and WebTopicNonWikiTemplate:
    %METASEARCH{type="parent" web="%WEB%" topic="%TOPIC%" title="Children: "}%
  • Example: %METASEARCH{type="field" name="Country" value="China"}%
  • Related: SEARCH, META
  • ALERT! METASEARCH is deprecated in favour of the new and much more powerful query type search. See SEARCH and QuerySearch.

N -- "new" icon

NAVY -- start navy blue colored text

  • NAVY is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %NAVY% navy text %ENDCOLOR%
  • Expands to: navy text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

NOP -- template text not to be expanded in instantiated topics

  • Syntax: %NOP%
    • In normal topic text, expands to <nop>, which prevents expansion of adjacent macros and wikiwords
    • When the topic containing this is used as a template for another topic, it is removed.
  • Syntax: %NOP{...}% deprecated
    • In normal topic text, expands to whatever is in the curly braces (if anything).
    • ALERT! This is deprecated. Do not use it. Use %STARTSECTION{type="templateonly"}% .. %ENDSECTION{type="templateonly"}% instead (see TemplateTopics for more details).
  • Related: STARTSECTION, TemplateTopics

NOTIFYTOPIC -- name of the notify topic

NRIMAGES{"topic"} -- returns the number of images attachted to a (list of) topics

  • The %NRIMAGES{"topic"}% macro is handled by the ImageGalleryPlugin.
  • Syntax: %NRIMAGES{"topic"}%
  • Examples:
    • There are 0 images on this page.
    • There are 273 images at System.DocumentGraphics.
  • Related: IMAGEGALLERY, ImageGalleryPlugin

OLIVE -- start olive green colored text

  • OLIVE is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %OLIVE% olive text %ENDCOLOR%
  • Expands to: olive text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

ORANGE -- start orange colored text

  • ORANGE is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %ORANGE% orange text %ENDCOLOR%
  • Expands to: orange text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

P -- pencil icon

PINK -- start pink colored text

  • PINK is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %PINK% pink text %ENDCOLOR%
  • Expands to: pink text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

PLUGINDESCRIPTIONS -- list of plugin descriptions

  • Syntax: %PLUGINDESCRIPTIONS%
  • Expands to:
    • System.TWikiCompatibilityPlugin (Foswiki-1.0, $Rev: 1776 (2009-01-06) $): add TWiki personality to Foswiki
    • System.SpreadSheetPlugin (20 Sep 2009, $Rev: 5049 (2009-09-20) $): Add spreadsheet calculations like "$SUM($ABOVE())" to Foswiki tables and other topic text
    • System.AttachmentListPlugin (1.3.3, $Rev: 4282 (2009-06-22) $):
    • System.CommentPlugin (12 Sep 2009, $Rev: 4843 (2009-09-11) $): Quickly post comments to a page without an edit/preview/save cycle
    • System.EditTablePlugin (4.33, $Rev: 4950 (2009-09-16) $): Edit tables using edit fields, date pickers and drop down boxes
    • System.ImageGalleryPlugin (5.01, $Rev: 4425 (2009-07-03) $): Displays image gallery with auto-generated thumbnails from attachments
    • System.InterwikiPlugin (20 Sep 2009, $Rev: 5022 (2009-09-20) $): Link ExternalSite:Page text to external sites based on aliases defined in a rules topic
    • System.LinkOptionsPlugin (1.0.0, 4643): Extends the "Forced Specific Links" syntax [[URL or TopicName][Link Text][Options]]
    • System.PreferencesPlugin (20 Sep 2009, $Rev: 5037 (2009-09-20) $): Allows editing of preferences using fields predefined in a form
    • System.SlideShowPlugin (02 Aug 2008, $Rev: 2742 (2009-02-26) $): Create web based presentations based on topics with headings.
    • System.SmiliesPlugin (20 Sep 2009, $Rev: 5046 (2009-09-20) $): Render smilies like smile as icons
    • System.TablePlugin (1.042, $Rev: 4847 (2009-09-12) $): Control attributes of tables and sorting of table columns
    • System.TagMePlugin (11 Jun 2009, $Rev: 4104 (2009-06-11) $): Tag wiki content collectively to find content by keywords
    • System.TopicDataHelperPlugin (1.1.1, $Rev: 4253 (2009-06-20) $):
    • System.TopicTranslationsPlugin (Dakar, $Rev: 4525 (2009-07-21) $): Manages a topic's translations into several languages.
    • System.TwistyPlugin (1.5.3, $Rev: 4751 (2009-09-02) $): Twisty section Javascript library to open/close content dynamically
  • Related: ACTIVATEDPLUGINS, FAILEDPLUGINS, PLUGINVERSION

PLUGINVERSION -- the version of a Foswiki Plugin, or the Foswiki Plugins API

  • Syntax: %PLUGINVERSION{"name"}% to get the version of a specific plugin
  • Example: %PLUGINVERSION{"InterwikiPlugin"}% expands to $Rev: 5022 (2009-09-20) $
  • Syntax: %PLUGINVERSION% to get the version of the API
  • Expands to: 2.0
  • Related: WIKIVERSION, ACTIVATEDPLUGINS, FAILEDPLUGINS, PLUGINDESCRIPTIONS

PUBURL -- the base URL of attachments

PUBURLPATH -- the base URL path of attachments

PURPLE -- start purple colored text

  • PURPLE is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %PURPLE% purple text %ENDCOLOR%
  • Expands to: purple text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
  • Related: ENDCOLOR, DefaultPreferences, StandardColors

Q -- question icon

QUERYPARAMS -- show paramaters to the query

  • Expands the parameters to the query that was used to display the page.
  • Syntax: %QUERYPARAMS{...}%
  • Supported parameters:
    Parameter: Description: Default:
    format="..." Format string for each entry $name=$value
    separator="..." Separator string separator="$n" (newline)
    encoding="entity"
    encoding="safe"
    encoding="html"
    encoding="quotes"
    encoding="url"     		Control how special characters are encoded. If this parameter is not given, "safe" encoding is performed which HTML entity encodes the characters '"<>%.
    entity: Encode special characters into HTML entities, like a double quote into &#034;. Does not encode \n or \r.
    safe: Encode characters '"<>% into HTML entities. (this is the default)
    html: As type="entity" except it also encodes \n and \r
    quotes: Escape double quotes with backslashes (\"), does not change other characters
    url: Encode special characters for URL parameter use, like a double quote into %22     		type="safe"
  • The following escape sequences are expanded in the format string:
    Sequence: Expands To:
    $name Name of the parameter
    $value String value of the parameter. Multi-valued parameters will have a "row" for each value.
    $n or $n() New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar
    $nop or $nop() Is a "no operation". This token gets removed; useful for nested search
    $quot Double quote (") (\" also works)
    $percnt Percent sign (%)
    $dollar Dollar sign ($)
    $lt Less than sign (<)
    $gt Greater than sign (>)
    $amp Ampersand (&)
  • Example:
    • %QUERYPARAMS{format="<input type='hidden' name='$name' value='$value' encoding="entity" />"}%
  • ALERT! Security warning!
    Using QUERYPARAMS can easily be misused for cross-site scripting unless specific characters are entity encoded. By default QUERYPARAMS encodes the characters '"<>% into HTML entities (same as encoding="safe") which is relatively safe. The safest is to use encoding="entity". When passing QUERYPARAMS inside another macro always use double quotes ("") combined with using QUERYPARAMS with encoding="quote". For maximum security against cross-site scripting you are adviced to install the Foswiki:Extensions.SafeWikiPlugin.
  • See also QUERYSTRING, URLPARAM

QUERYSTRING -- full, unprocessed string of parameters to this URL

  • String of all the URL parameters that were on the URL used to get to the current page. For example, if you add ?name=Samantha;age=24;eyes=blue to this URL you can see this in action. This string can be appended to a URL to pass parameter values on to another page.
  • ALERT! URLs built this way are typically restricted in length, typically to 2048 characters. If you need more space than this, you will need to use an HTML form and %QUERYPARAMS%.
  • Syntax: %QUERYSTRING%
  • Expands to:
  • Related: QUERYPARAMS, URLPARAM

RED -- start red colored text

  • RED is one of the shortcut macros predefined in DefaultPreferences. See the section shortcut macros in that topic for a complete list of colors.
  • Syntax: %RED% red text %ENDCOLOR%
  • Expands to: red text
  • HELP %<color>% text must end with %ENDCOLOR%. If you want to switch from one color to another one you first need to end the active color with %ENDCOLOR%, e.g. write %RED% some text %ENDCOLOR% %GREEN% more text %ENDCOLOR%.
! * Related: ENDCOLOR, DefaultPreferences, StandardColors

REMOTE_ADDR -- environment variable

REMOTE_PORT -- environment variable

REMOTE_USER -- environment variable

RENDERLIST -- render bullet lists in a variety of formats

  • The %RENDERLIST% macro is handled by the RenderListPlugin
  • Syntax: %RENDERLIST%
  • Syntax: %RENDERLIST{ "org" focus="Sales.WestCoastTeam" }%
  • Example:
    %RENDERLIST{ "org" }%
       * [[Eng.WebHome][Engineering]]
          * [[Eng.TechPubs][Tech Pubs]]
       * [[Sales.WestCoastTeam][Sales]]
          * [[Sales.EastCoastTeam][East Coast]]
          * [[Sales.WestCoastTeam][West Coast]]
  • Related: RenderListPlugin

REVINFO -- revision information of current topic

  • Syntax:
  • Date format defined as {DefaultDateFormat} in configure

REVINFO{"format"} -- formatted revision information of topic

  • Syntax: %REVINFO% OR %REVINFO{"format"}%
  • %REVINFO% is equivalent to %REVINFO{format="r1.$rev - $date - $wikiusername"}%
    • Expands to: r1 - 09 Jan 2009 - 12:00:00 - Main.ProjectContributor
  • Supported parameters:
    Parameter: Description: Default:
    "format" Format of revision information, see supported formatting tokens below "r1.$rev - $date - $wikiusername"
    web="..." Name of web Current web
    topic="..." Topic name Current topic
    rev="1.5" Specific revision number Latest revision
  • Supported formatting tokens:
    Token: Unit: Example
    $web Name of web Current web
    $topic Topic name Current topic
    $rev Revision number. Prefix r1. to get the usual r1.5 format 5
    $username Login username of revision jsmith
    $wikiname WikiName of revision JohnSmith
    $wikiusername WikiName with Main web prefix Main.JohnSmith
    $date Revision date. Actual date format defined as {DefaultDateFormat} in configure 21 Sep 2006
    $time Revision time 23:24:25
    $iso Revision date in ISO date format 2006-09-22T06:24:25Z
    $min, $sec, etc. Same date format qualifiers as GMTIME{"format"}  
  • Example: %REVINFO{"$date - $wikiusername" rev="1.1"}% returns revision info of first revision
  • Related: GMTIME{"format"}, REVINFO

S -- red star icon

SCRIPTNAME -- name of current script

  • The name of the current script is shown, including script suffix, if any (for example viewauth.cgi)
  • Syntax: %SCRIPTNAME%
  • Expands to: view
  • Related: SCRIPTSUFFIX, SCRIPTURL, SCRIPTURLPATH

SCRIPTSUFFIX -- script suffix

  • Some Wiki-SL installations require a file extension for CGI scripts, such as .pl or .cgi
  • Syntax: %SCRIPTSUFFIX%
  • Expands to:
  • Related: SCRIPTNAME, SCRIPTURL, SCRIPTURLPATH

SCRIPTURL{"script"} -- URL of script

  • Syntax: %SCRIPTURL% OR %SCRIPTURL{"script"}%
  • %SCRIPTURL% returns the base URL of scripts - expands to http://wiki.softwarelivre.org/bin
  • Expands to: http://wiki.softwarelivre.org/bin/script
  • Example: To get the authenticated version of the current topic you can write %SCRIPTURL{"viewauth"}%/%WEB%/%TOPIC% which expands to http://wiki.softwarelivre.org/bin/viewauth/System/Macros
  • ALERT! In most cases you should use %SCRIPTURLPATH{"script"}% instead, as it works with URL rewriting much better
  • ALERT! The edit script should always be used in conjunction with ?t=%GMTIME{"$epoch"}% to ensure pages about to be edited are not cached in the browser
  • Related: PUBURL, SCRIPTNAME, SCRIPTSUFFIX, SCRIPTURLPATH

SCRIPTURLPATH{"script"} -- URL path of script

  • As %SCRIPTURL{"script"}%, but doesn't include the protocol and host part of the URL
  • Syntax: %SCRIPTURL% OR %SCRIPTURLPATH{"script"}%
  • Expands to: /bin/script
  • ALERT! The edit script should always be used in conjunction with ?t=%GMTIME{"$epoch"}% to ensure pages about to be edited are not cached in the browser
  • Related: PUBURLPATH, SCRIPTNAME, SCRIPTSUFFIX, SCRIPTURL

SEARCH{"text"} -- search content

  • Inline search, shows a search result embedded in a topic
  • Syntax: %SEARCH{"text" ...}%
  • Supported parameters:
    Parameter: Description: Default:
    "text" Search term. Is a keyword search, literal search, regular expression search, or query, depending on the type parameter. SearchHelp has more required
    search="text" (Alternative to above) N/A
    web="Name"
    web="Main, Know"
    web="all"     		Comma-separated list of webs to search. You can specifically exclude webs from an all search using a minus sign - for example, web="all,-Secretweb". The special word all means all webs that do not have the NOSEARCHALL preference set to on in their WebPreferences. Note that AccessControls are respected when searching webs; it is much better to use them than NOSEARCHALL. Current web
    topic="WebPreferences"
    topic="*Bug"     		Limit search to topics: A topic, a topic with asterisk wildcards, or a list of topics separated by comma. Note this is a list of topic names and must not include web names. All topics in a web
    excludetopic="Web*"
    excludetopic="WebHome, WebChanges"     		Exclude topics from search: A topic, a topic with asterisk wildcards, or a list of topics separated by comma. Note this is a list of topic names and must not include web names. None
    scope="topic"
    scope="text"
    scope="all"     		Search topic name (title); the text (body) of topic; or all (title and body) "text"
    type="keyword"
    type="word"
    type="literal"
    type="regex"
    type="query"     		Control how the search is performed when scope="text" or scope="all"
    keyword: use Google-like controls as in soap "web service" -shampoo; searches word parts: using the example, topics with "soapsuds" will be found as well, but topics with "shampoos" will be excluded
    word: identical to keyword but searches whole words