Default Български Čeština Dansk Deutsch English Español Suomi Français Italiano 日本語 한글 Nederlands Norsk Polski Português Português brasileiro Русский Svenska tlhIngan Hol Türkçe 简体中文 正體中文

# Reference Manual (v2.1.6)

This page contains all documentation topics as one long, complete reference sheet.

Low client and server base requirements are core features that keep Foswiki widely deployable, particularly across a range of browser platforms and versions. Many extensions exist which enhance and expand Foswiki's capabilities; they may have additional requirements.

### Server Requirements

Foswiki is written in Perl 5, which is supported on Microsoft Windows as well as Unix and Unix-like systems (including Linux and OSX), on which it uses a number of shell commands and RCS (Revision Control System), a GNU Free Software package. It should be able to run on any server platform that meets the following requirements.

Resource Required Server Environment
Perl 5.8.8 or higher
RCS (Revision Control System) 5.7 or higher (including GNU diff)
Optional. Foswiki includes a pure Perl implementation of RCS (RcsLite) that can be used instead, at the cost of performance
GNU diff GNU diff 2.7 or higher is required when not using the all-Perl RcsLite.
Install within the PATH if not included with RCS (check version with diff -v)
Must be the version used by RCS, to avoid problems with binary attachments - RCS may have hard-coded path to diff
Other external programs fgrep, egrep
Cron/scheduler • Unix: cron
• Windows: cron equivalents
Web server Apache is well supported; for information on other servers, see Foswiki:Support.InstallingOnSpecificPlatforms.

### Perl Modules

A complete list of the required and optional Perl modules can be found in lib/DEPENDENCIES.

The following CPAN modules are not shipped with Foswiki. Note that Foswiki extensions may add additional requirements. Modules marked as Required may still be optional if certain default core features are not used.

Module Required/Optional Description
CPAN:HTML::Entities Required Used for WYSIWYG Editing
CPAN:HTML::Parser Required Used for WYSIWYG Editing
CPAN:URI Required Used by MailerContrib for email notifications of topic changes.
CPAN:LWP Required Used by the Configure Extensions Installer, and for external URL based INCLUDEs
CPAN:version Required version >= 0.77 required for module version checks
CPAN:Digest::SHA Optional Required to use SHA1 password encoding, since Perl 5.9.3 part of core
CPAN:Digest::SHA1 Optional Required by the Foswiki PageCaching feature
CPAN:Win32::Console Optional May be required for Internationalization on Windows
CPAN:Archive::Tar Optional Required by the Extensions Installer in configure if command line tar or unzip is not available, since Perl 5.9.3 part of core.
CPAN:Archive::Zip Optional Alternative to Archive::Tar, used by the Extensions Installer if Archive::Tar and command line tar and unzip also unavailable
CPAN:Net::SMTP::SSL Optional Required by Net::SMPT to send email over SSL to providers such as gmail.
CPAN:Authen::SASL Optional Required by Net::SMTP if email server requires authentication.

Most of them will probably already be available in your installation. You can check version numbers with the configure script, or if you're still trying to get to that point, check from the command line like this:
perl -e 'use FileHandle; print $FileHandle::VERSION."\n"'  For more detailed dependency information, try the script dependencies_installer.pl located in the tools directory, which makes perl module installation easier. Run it with option -h to understand basics. This script requires confirmation before it actually does something. ### Specific distribution details #### Ubuntu and other Debian derived distributions Install apache and rcs apt-get install apache2 rcs Perl Module Package to install Notes HTML::Parser libhtml-parser-perl HTML::Entities included with HTML::Parser HTML::Tree libhtml-tree-perl LWP libwww-perl version libversion-perl Must be version 0.77 or newer Digest::SHA libdigest-sha-perl Digest::SHA1 libdigest-sha1-perl URI liburi-perl Net::SMTP::SSL libnet-smtp-ssl Authen::SASL libauthen-sasl note, broken on Ubuntu 11.10 x64. Install using CPAN! After expanding the Foswiki archive, change the ownership of the files: • Debian, Ubuntu, Kubunto: chown -R www-data:www-data /path/to/foswiki #### RedHat, SuSE, CentOS and other RPM based distributions Install apache2, rcs, and perl-CPAN Perl Module Package to install Notes HTML::Parser perl-HTML-Parser HTML::Entities included with HTML::Parser HTML::Tree perl-HTML-Tree LWP perl-libwww-perl version Must be version 0.77 or newer Digest::SHA perl-Digest-SHA Digest::SHA1 perl-Digest-SHA1 URI perl-URI Net::SMTP::SSL perl-Net-SMPT-SSL Authen::SASL perl-Authen-SASL After expanding the Foswiki archive, change the ownership of the files: • RedHat, Fedora, CentOS Mandriva: chown -R apache:apache /path/to/foswiki= • Suse: chown -R wwwrun:www /path/to/foswiki ### Client Requirements The standard installation has relatively low browser requirements: • XHTML 1.0 Transitional compliant • Cookies, if persistent sessions are required • Javascript, for edit/save/upload functionality Change {ValidationMethod}{Method} from strikeone to embedded in configure to allow non-javascript browsers to edit/save/upload CSS and Javascript are used in most skins. Some skins will require more recent releases of browsers. The default skin is tested on IE 6+, Safari, Chrome and Firefox. You can easily select a balance of browser capability versus look and feel. Try the installed skins at SkinBrowser and more at Foswiki:Extensions.SkinPackage. Back to top # Installation Guide This guide describes the steps for manually installing Foswiki, with specific steps for installations on Linux with the Apache web server. • If you are using one of the automated installers or operating system-specific packages at Foswiki:Download.OtherFoswikiInstallers, refer to the instructions specific to those installers/packages in the first instance; • Are you manually installing on a different web server or operating system? Would you like more information about performance tuning, security hardening or shared webhosting environments? This guide contains information relevant to most installation scenarios. For topics not covered here please consult Foswiki:Support.SupplementalDocuments This guide is divided into two parts - included here as a single complete reference. Installation Guide Part 1 documents the preparation steps used to make Foswiki initially operational. It is included in the root of your Foswiki distribution as a static HTML document - INSTALL.html Installation Guide Part 2 continues with steps for tailoring and enhancing your site. These installation instructions are also available online at Foswiki:System.InstallationGuide, and are available within your Foswiki installation at System.InstallationGuide (the InstallationGuide topic in the System web). For information on upgrades, please also refer to Foswiki:System.UpgradeGuide. A static HTML version of this document, UpgradeGuide.html, is included in the root of your Foswiki distribution. ## Initial Installation ### System Requirements Please see the section "Foswiki system requirements" for the server and client requirements to run Foswiki, including the Perl modules required on the server. If you need to install any Perl libraries from CPAN for use by Foswiki, see Foswiki:Support.HowToInstallCpanModules for more information. ### Preparing to install Before attempting to install Foswiki, you are encouraged to review the Foswiki:System.AdminSkillsAssumptions. This guide assumes the person installing Foswiki has a basic knowledge of server administration on the system on which Foswiki is to be installed. While it is possible to install Foswiki with FTP access alone (for example, on a hosted site), it is tricky and may require additional support from your hosting service (for example, in setting file ownership and installing missing perl CPAN libraries). If you are upgrading from a previous Foswiki version or from a TWiki installation, please refer to Foswiki:System.UpgradeGuide. A static HTML version of this document, UpgradeGuide.html, is included in the root of your Foswiki distribution. Verify that your server meets the Foswiki system requirements, including having the minimum required Perl version and all required Perl modules installed. If you need to install any Perl libraries from CPAN for use by Foswiki, see Foswiki:Support.HowToInstallCpanModules for more information. You should also take this opportunity to consider the automated installers, virtual machine images and (currently) Debian and CentOS packages at Foswiki:Download.OtherFoswikiInstallers. These automate much of the install process and may help some users get started more easily. Note that the installers are optimized for the target system, and typically do not follow the normal Foswiki directory structure documented below. Files are installed into system locations that are appropriate to the target OS. Review the steps below, but recognize that file locations may be different, and some installation steps such as customization of the Web Server and Foswiki,setting file ownership and permissions will have been done automatically during the package installation. If you need help, feel free to ask a question in the Foswiki:Support web or on Foswiki:Community.InternetRelayChat (irc.freenode.net, channel #foswiki). ### Basic installation: getting Foswiki up and running To install Foswiki, complete the following steps: 1. Download and unpack the Foswiki distribution. 2. Set the file and directory permissions for the installation. 3. Configure the locations of the Perl executable and the Foswiki modules. 4. Configure the web server. 5. Configure Foswiki. 6. Enable authentication of users (if desired). 7. Define the administrator users. #### Download and unpack the Foswiki distribution Download the Foswiki distribution from http://foswiki.org/Download Unpack the distribution file: Change to the directory where you want to place the Foswiki directory. Unzip or untar and gunzip the distribution; a new subdirectory called Foswiki-VERSION will be created. You can rename this subdirectory to a shorter name. For the rest of this document, this subdirectory is assumed to be at /path/to/foswiki. • Note: Foswiki does not support directory paths that contain spaces, so ensure that all of its directory paths do not contain any spaces (particularly on Windows). If you do not have shell access to your web server host, see the section "Uploading the Foswiki distribution to your web server host". #### (Not applicable on Windows) Set the file and directory permissions for the installation Set up access file and directory rights, as well as file ownership, as required by your web server configuration so that the web server user (the user used by the web server to run CGI programs) can read and write within the foswiki directory tree. Note: for more information on the appropriate permissions to ensure security for your Foswiki data, see Foswiki:Support.SecuringYourSite. The default file and directory access permissions as set by the distribution define a reasonable security level that will work for many types of installations, including shared hosting. Nonetheless, you should verify that the web server user has read access to all files and directories beneath the foswiki directory, and execute access for all directories. Also verify that the data and pub directories and all the subdirectories and files beneath them allow write access for the web server user. • Warning: Do not just run a chmod -R 770 foswiki. Providing execute access to all files is potentially dangerous. This is a common mistake made by Foswiki installers. See Foswiki:Support.SettingFileAccessRightsLinuxUnix for a sample set of Unix commands to set the file and directory permissions. It is possible to define tighter access permissions than the default ones; how tight they should be depends on your web server environment and local needs. Typically you should limit all access from others if the web server machine has login access for users other than root and the web server administrator. For a dedicated web server that just runs Foswiki and has limited login access, the default access permissions have a good safety level. If you have root user permissions, then for additional security, you can change the ownership of the foswiki directory tree to the web server user, using the command chown -R user:group /path/to/foswiki. The web server username varies in different installations; here are some sample commands for various Linux distributions: • RedHat, Fedora, CentOS, Gentoo, Mandriva : chown -R apache:apache /path/to/foswiki • debian/Ubuntu/Kubuntu : chown -R www-data:www-data /path/to/foswiki • Suse : chown -R wwwrun:www /path/to/foswiki If Foswiki stops working after you applied a change in access permissions and you wish to restore the original permissions, run the Unix commands located at Foswiki:Support.SettingFileAccessRightsLinuxUnix. #### (optional - required on Windows ) Configure the locations of the Perl executable and the Foswiki modules If you are running on a Linux system with Perl found in /usr/bin/perl then this step is not required. This step is required on Windows installations. The easiest way to fix up the bin scripts is to run the tools/rewriteshebang.pl script. If the Perl interpreter is in the default execution path, follow these steps: cd /path/to/foswiki/tools perl -I ../lib rewriteshebang.pl  or for Windows users: cd C:\path\to\foswiki\tools perl -I ..\lib rewriteshebang.pl  The script will determine the location of the Perl interpreter and will prompt to update both the bin and tools scripts in a single step. The changed files will be reported, and it is safe to rerun the script. If the perl command does not work from the command line, then you need to find the location of your system's Perl interpreter. Insert the path to Perl in the first line of the rewriteshebang script. For example: cd C:\path\to\foswiki\tools C:\path\to\perl -I ..\lib rewriteshebang.pl  #### (optional) Configuration of a script suffix for the perl scripts Some web servers require a special extension on perl script files (e.g. .cgi or .pl). This is not normally required with the Apache web server, though some hosted web servers are configured to require it. If the documentation for your web server indicates that a special extension is necessary, rename all the executable scripts in bin; that is, rename bin/view to bin/view.pl, and so on. When configuring Foswiki (see the section "Configure Foswiki"), set the ScriptSuffix option to the special extension. #### (optional) Configuration for non-standard library locations A standard Foswiki install has the directories bin/ and lib/ located under the Foswiki installation directory. If you have moved these directories, or if your system requires changes to the default Perl libraries, then this step is required. Create the file LocalLib.cfg located at bin/LocalLib.cfg • In the bin directory, copy the template file LocalLib.cfg.txt to LocalLib.cfg. Make sure the ownership and access rights of the copy are the same as LocalLib.cfg.txt. • Edit bin/LocalLib.cfg so that $foswikiLibPath is set to the absolute file path of your lib directory. For example: /path/to/foswiki/lib.
• If you need to install additional CPAN modules, but can't update the main Perl installation files on the server, you can set $CPANBASE to point to your personal CPAN install. Don't forget that the web server user has to be able to read those files as well. #### Configure the web server First choose the best configuration method for your web server. With Apache, there are two ways to configure it: a config file included from httpd.conf or .htaccess files. • Apache config file: The recommended method is using a config file. With a config file you can put the entire Foswiki configuration in ONE file (typically named foswiki.conf). Performance is much better with a config file, and one file gives the best overview and ensures that you get a safe installation . However to use a config file you need root or sudo access to stop and start Apache. The Foswiki apache config file can be included from the main Apache config file. (Typically httpd.conf or apache.conf depending on your distribution). However most distributions have a directory from which any file that ends with .conf gets included when you restart Apache (Example RedHat/Fedora/Centos: /etc/httpd/conf.d, Gentoo: /etc/apache2/vhost.d ). If you use a virtual host setup in Apache you should include the foswiki.conf file from inside the desired virtual host config in your Apache configuration. • .htaccess files: This method should only be used when you cannot use a config file. Performance is slower as Apache must search through all applicable directories for any .htaccess files on each page access. Normally this is the only way to control Apache in a shared host environment where you have no root or sudo privileges. If you are using a config file: • The easiest and best way is to use the Foswiki:Support.ApacheConfigGenerator tool to generate a safe, working config file for your Foswiki installation, based on the options you choose in the tool. • If you can't use the online configuration generator, a sample config file called foswiki_httpd_conf.txt can be found in the root of the foswiki installation. • Ensure that web access is denied to all Foswiki subdirectories other than bin and pub. • The Foswiki:Support.ApacheConfigGenerator tool will generate the appropriate settings; • the foswiki_httpd_conf.txt file also has examples of configuring Apache appropriately. • Ensure there is either a ScriptAlias directive for the bin subdirectory, or an Alias directive with SetHandler cgi-script and Options ExecCGI directives for the bin subdirectory, so that the bin scripts will be executed by Apache. • Note: you must restart Apache after making changes to your config files for the changes to take effect. If you are using a .htaccess file: • In the root of the foswiki installation, there are sample .htaccess files for various subdirectories in your installation. Each file has help text explaining how to modify it for your configuration. For more information, see Foswiki:Support.SupplementalDocuments. location and name of sample .htaccess file copy sample file to the following location foswiki/root-htaccess.txt foswiki/.htaccess foswiki/bin-htaccess.txt foswiki/bin/.htaccess foswiki/pub-htaccess.txt foswiki/pub/.htaccess foswiki/subdir-htaccess.txt foswiki/<subdir>/.htaccess Copy to all other subdirectories below foswiki, including data, lib, locale, templates, tools, working. Copy to any other directories except for bin and pub addressed above. • Ensure that web access is denied to all Foswiki subdirectories other than bin and pub. The sample .htaccess files show how to configure Apache appropriately. It is important to verify that none of these directories can be directly accessed. • Ensure that the foswiki/bin/.htaccess files contains the line SetHandler cgi-script so that all scripts in the bin directory will be executed by Apache. • Note: On Linux systems, files named with the leading "." like .htaccess are hidden files and will not be listed unless using the -a option, ex. ls -la Turn off any kind of PHP, Perl, Python, Server Side Includes, or other software execution mechanisms supported by your web server in the pub directory. For example, most Linux distributions have a default Apache installation with PHP and server side include (SSI) enabled. This would allow PHP scripts uploaded as attachments to be executed, which is a security risk, so it should be disabled in the Apache configuration with php_admin_flag engine off. Different script execution mechanisms are disabled in different ways; see your web server configuration and documentation for more details. ##### Protect the configure script! You should never leave the configure script open to the public. Limit access to the bin/configure script to either localhost, an IP address or a specific user using basic Apache authentication. The Foswiki:Support.ApacheConfigGenerator lets you setup who has access to the configure script. Also see the foswiki-httpd-conf.txt or bin/.htaccess.txt file for an example of the setting required to protect the configure script. To limit access to a particular user, set up a .htpasswd file that contains the user name and password that Apache will use to authenticate the user: • Caution! Do not follow these steps on an existing Foswiki .htpasswd file. It will destroy the email addresses stored in that file! If the file already exists, you can choose an existing user for access to configure. • Change to the foswiki/data directory. • Issue the command htpasswd -c .htpasswd <username>, where <username> is the name of the user you will use to access the configure script. Choose the username with care: the username cannot be an existing login name for your Foswiki installation, nor can it be used later on to register in Foswiki. Enter a password when prompted. All of the above methods - Sample configuration files, Foswiki:Support.ApacheConfigGenerator and sample .htaccess files, all include example settings to protect the configure script with a password. The critical section looks something like: <FilesMatch "configure.*"> SetHandler cgi-script Order Deny,Allow Deny from all # List of IP addresses allowed to access configure Allow from 127.0.0.1 192.168.1.10 # specify username used on the "htpasswd" command above Require user someuserid # Set to "Any" to allow IP -or- userid, set to "All" to require both match Satisfy Any ErrorDocument 401 default </FilesMatch>  Note: In addition to any web server security protection that you have set up, when saving any configuration settings for the first time on the configure web page, you will be prompted to set a configuration password. This password must be entered on all subsequent configuration changes, and is also used to log in via the internal admin link (see the section "Define the administrator user(s)"). Even after a configure password has been set, access to the configure page should still be restricted by the web server, in order to avoid revealing internal information to potential attackers. Tip: You do not have to use the same password file for both Configure and for Foswiki user registration. If you use a separate file, you can create it using the htpasswd commmand and complete segregate configure access from Foswiki access. This is probably safer, but does not allow users to change their configure password using Foswiki services. The password file has to be manually maintained.. 1. Generate an alternate password file to protect configure. htpasswd -c -s /path/to/data/.htpasswd-admin configuserid 2. Add / modify and delete this alternate file using the htpasswd command. Don't mix them up and use htpasswd on the Foswiki .htpasswd file! 3. Edit the foswiki apache configuration and modify the block (shown above) that protects the configuration command. Add or modify the following statements in the block. Don't remove the other statements! <FilesMatch "configure.*"> AuthType Basic AuthName "admins only" AuthUserFile /path/to/data/.htpasswd-admin # Changing the Require user to Require valid-user allows any ID in the # file access to configure! Require valid-user </FilesMatch>  For more information, refer to Foswiki:Support.ProtectingYourConfiguration. #### Configure Foswiki Run the configure script from your browser: enter http://yourdomain/url/to/foswiki/bin/configure into your browser address bar. • When you access the configure web page for the first time, you can only edit the section General Path Settings. Make any required changes, and save the settings, whether or not you needed to make any changes. You will be prompted to set a password for the configure page: this password must be entered for all subsequent configuration changes, and is also used to log in via the internal admin link (see the section "Define the administrator user(s)"). Note: The configure password is remembered by configure, separate to web server access controls mentioned in "Protect the configure script". • After saving the General Path Settings, continue configuring Foswiki. Configuration items which may require further attention will be highlighted. • If the Foswiki installation can be accessed by more than one protocol://domain, ensure the additional alternative URLs are set in {PermittedRedirectHostUrls}. Example: if {DefaultUrlHost} is set to https://wiki.company.com, an example {PermittedRedirectHostUrls} might contain: https://company.com, http://111.222.123.234 • Setup the Mail and Proxies section. Email must be available so Foswiki can send registration emails. • Under the "Email General" tab, If you do not want to enable sending registration emails or want to enable it later you can uncheck {EnableEmail}. Otherwise the {WebMasterEmail} parameter must be configured. • Under the "Email Server" tab, you can choose 3 methods of sending email. This is explained in detail under the help text for this tab. • MailProgram is typically suitable on most Linux systems, and no further configuration is required. • If you chose either of the Net::SMPT methods, you must also configure {SMTP}{MAILHOST}. Many ISPs have introduced authentication when sending emails to fight spam so you may also have to set {SMTP}{Username} and {SMTP}{Password}. • Net::SMTP::SSL will encrypt the connection to the e-mail server and is required for some email services like Google's GMail. • Under the "Proxy" tab, if your server is behind a firewall with a proxy, and you wish to install extensions via configure, you may have to set {PROXY}{HOST} and {PROXY}{PORT}. Note: A standard Foswiki installation will not allow any new registrations unless there is a working SMTP configuration SMTP authentication requires additional perl modules including Authen::SASL and MIME::Base64, If there is a problem with your setup that prevents you from accessing the configure page, you can configure Foswiki manually. #### Authentication Authentication of users means their activity can be tracked, and access to your site can be controlled. This is particularly important for sites that are publicly accessible on the web. You are strongly encouraged to read System.UserAuthentication and Foswiki:Support.UserAuthenticationSupplement for further information about managing users and access controls for your Foswiki site. The most common authentication methods used for public Foswiki installations are Template Login and Apache Login. They have the following relative advantages: • Template Login can be set up without any web server configuration, and users can log off without restarting the browser. As the login page is just a Wiki page, you can customize it to suit your needs. • Apache Login allows you to use any Apache-module based authentication scheme, such as mod_auth_ldap or mod_auth_mysql. However, as your browser is caching your login, you must restart the browser to log out. Note that the password databases for both of these authentication mechanisms are compatible, so you can switch between them at a later date. To make it easier to follow the instructions in this section, you can view this installation guide using your Foswiki site by entering System.InstallationGuide into the "Jump" text box. By doing this instead of using the INSTALL.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages. ##### Template Login authentication Template Login asks for a username and password in a web page, and processes them using whatever Password Manager you choose. Users can log in and log out. Client Sessions are used to remember users. Users can choose to have their session remembered so they will automatically be logged in the next time they start their browser. #### Enabling Template Login By default, your Foswiki installation is probably already using TemplateLogin, HtPasswdUser and TopicUserMappingContrib as the default Login, Password and user mapping options. 1. Using configure: 1. Navigate to the Login tab on the Security and Authentication panel. Select the Foswiki::LoginManager::TemplateLogin login manager. 2. Navigate to the Passwords tab. Select the appropriate PasswordManager for your system - the default is Foswiki::Users::HtPasswdUser. There is also an EXPERT configure setting {TemplateLogin}{PreventBrowserRememberingPassword} that you can set to prevent Browsers from remembering username and passwords if you are concerned about public terminal usage. 2. Verify that registration works by registering yourself with the System.UserRegistration topic. If there are problems, try these troubleshooting tips: 1. If you are reading this from the INSTALL.html file, you can enter System.UserRegistration into the 'Jump' box in the top right of any Foswiki page. 2. Note: A standard Foswiki installation will not allow any new registrations unless there is a working SMTP configuration 3. If your PasswordManager is HtPasswdUser (the default), check the .htpasswd file is being updated correctly with a new entry. If not, check {Htpasswd}{FileName} is correct (under Security and Authentication on the Password tab in configure), and that the webserver user has write permission. 3. Create a new topic (in Sandbox web for example) to confirm that authentication works. 4. Add users to the Main.AdminGroup. Edit the Main.AdminGroup topic in the Main web to include users that should have administrator status. Read defining adminstrator user(s) for more information. This is a very important step, as users in this group can access all topics, independent of Foswiki access controls. AccessControl has more information on setting up access controls. Foswiki AccessControls do not protect topic attachments unless the web server has been configured to do so using the viewfile script. Visit Foswiki:Support.ApacheConfigGenerator for examples using Apache. As Template Login uses a wiki page for its login prompt, there is a great deal of flexibility in customizing the login page for your purposes. The default new user template page is in System.NewUserTemplate. The same macros get expanded as in the template topics. You can create a custom new user topic by creating the NewUserTemplate topic in Main web, which will then override the default in System web. See System.UserForm for copy instructions. #### Custom registration page You can customize the default System.UserRegistration topic by first copying System.DefaultUserRegistration to UserRegistration in Main web. This will ensure that your changes will remain intact next time you upgrade. A couple of common fields are hidden from normal view to make the registration page as lean as possible. You can unhide those fields on the page by removing EXCLUDED_ from the INCLUDE tags) or add new ones. New fields may also be added. The name="" parameter of the <input> tags must start with: "Fwk0..." (if this is an optional entry), or "Fwk1..." (if this is a required entry). This ensures that the fields are carried over into the user home page correctly. #### Automatic Group Membership The TopicUserMappingContrib can also enroll users into groups during registration. (Other mappers might not support this feature). Options include: • Automatically enrolling users in one or more groups during registration • Allow the user to select multiple groups from a list of eligible groups • Allow the user to choose only one group from a list of eligible groups • Don't do any group enrollment during registration. The list of eligible groups can be generated in one of two ways: • Manually by configuration. This fixed list of groups will always be listed. • Automatically based upon CHANGE permission on the group topics. There are two registration scenarios that apply: Self-registration by Guest users The actual registration will be processed by the special internal user Main.RegistrationAgent. Group topics must include an ALLOWTOPICCHANGE = Main.RegistrationAgent to be eligible for enrollment. Registration by logged-in users The registration form is filled out by some other logged-in user. In this case, the Main.RegistrationAgent is not used for Group updates. The current user must have ALLOWTOPICCHANGE permission for groups for them to be eligible for enrollment. • Caution: If an administrator registers a user with automatic group membership enabled, the new user could potentially be added to All groups. Use caution with this feature! Note: During registration, if it turns out that the current user or Main.RegistrationAgent doesn't have permission to update the group topic, the group update will be silently skipped. The user will still be albe to register. See DefaultPreferences#RegistrationOptions for further details. Copy the settings into Main.SitePreferences to make them active. ##### Apache Login authentication With Apache Login enabled, when Foswiki needs to authenticate the user, the standard HTTP authentication mechanism is used: the browser itself will prompt for a user name and password. The advantage of this scheme is that if you have an existing website authentication scheme using Apache modules such as mod_auth_ldap or mod_auth_mysql you can just plug in to them directly. The disadvantage is that because the user identity is cached in the browser, you can log in, but you can't log out again unless you restart the browser. Foswiki maps the REMOTE_USER that was used to log in to the webserver to a WikiName using the table in Main.WikiUsers. This table is updated whenever a user registers, so users can choose not to register (in which case their webserver login name is used for their signature) or register (in which case that login name is mapped to their WikiName). The same private .htpasswd file used in Foswiki Template Login can be used to authenticate Apache users, using the Apache Basic Authentication support. Do not use the Apache htpasswd program with .htpasswd files generated by Foswiki! htpasswd wipes out email addresses that Foswiki plants in the info fields of this file. Apache Login is required for Apache-based login methods such as mod_ldap You can use any Apache authentication module that sets the REMOTE_USER environment variable. To setup Apache Login, perform the following steps: 1. Configure Apache Login. Under the Security and Authentication pane on the Login tab in configure: 1. Select Foswiki::LoginManager::ApacheLogin for {LoginManager}. 2. Select Foswiki::Users::HtPasswdUser for {PasswordManager}. 3. Select Foswiki::Users::TopicUserMapping for {UserMappingManager}. 4. Save your settings. 5. Configure your Apache settings for HTTP authentication. Use the Foswiki:Support.ApacheConfigGenerator tool or the foswiki/bin-htaccess.txt file to set the following Apache directives on the bin scripts:  <FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*"> require valid-user </FilesMatch> You can also refer to the sample foswiki_httpd_conf.txt and bin-htaccess.txt files to see how the appropriate Apache directives are specified. 2. Verify that registration works by registering yourself with the System.UserRegistration topic. If there are problems, try these troubleshooting tips: 1. If you are reading this from the INSTALL.html file, you can enter System.UserRegistration into the 'Jump' box in the top right of any Foswiki page. 2. Note: A standard Foswiki installation will not allow any new registrations unless there is a working SMTP configuration 3. If your PasswordManager is HtPasswdUser (the default), check the .htpasswd file is being updated correctly with a new entry. If not, check {Htpasswd}{FileName} is correct (under Security and Authentication on the Password tab in configure), and that the webserver user has write permission. 3. Create a new topic (in Sandbox web for example) to confirm that authentication works. 4. Add users to the Main.AdminGroup. Edit the Main.AdminGroup topic in the Main web to include users that should have administrator status. Read defining adminstrator user(s) for more information. This is a very important step, as users in this group can access all topics, independent of Foswiki access controls. #### Choose an appropriate search algorithm for your Operating System On the Store pane in configure you will find the setting {RCS}{SearchAlgorithm}. By default it is set to Foswiki::Store::SearchAlgorithms::Forking which is what you should keep if you install Foswiki in Linux or any other Unix type operating system. If you install Foswiki on a Windows server, using an external grep program can create problems because of limitations in the length of command lines. You may be able to run with Forking in Windows if your directory path to Foswiki is kept short (short directory names and few levels), however the recommended (safe) setting for Windows is Foswiki::Store::SearchAlgorithms::PurePerl. #### Define the administrator user(s) ##### About Administrators Administrators have read and write access to any topic, regardless of any access controls that have been applied to the topic or its web. The special user Main.AdminUser ships with Foswiki and is accessed using by logging in with user admin and the password established when initially saving the configuration. Don't log in with the wikiname AdminUser. After installing Foswiki, you can also register other users that you will use to administer Foswiki. To make a user an administrator, add the WikiName for the user to the AdminGroup, defined in the Main.AdminGroup topic in your Foswiki installation. Note that with the sudo or internal admin login, it is not necessary to add other users to the AdminGroup. However if you have more than one administrator, you may still want to do this to ensure that topic changes are attributed to a specific user instead of the default Main.AdminUser. By adding users to Main.AdminGroup: • Users with Admin rights will have routine access to topics that might normally be denied. • These users will be unable to test or demonstrate access controls. • Changes made are always attributed to a unique logged in user. • Password sharing of the bin/configure password is not required By using the internal admin login: • You don't need to grant admin rights to individual users • All users will be subject to access controls. • Changes made while using the internal admin login are attributed to Main.AdminUser • The "save" password for bin/configure will need to be shared among administrators ##### Adding users to the Main.AdminGroup To make it easier to follow the instructions in this section, you can view this installation guide using your Foswiki site by entering System.InstallationGuide into the "Jump" text box. By doing this instead of using the INSTALL.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages. To add an initial administrator to the AdminGroup, perform the following steps: • If you are not already logged in with your WikiName, then login. • Go to the Main.AdminGroup topic and select the "internal admin login" link. Login using the password you set on the configure page. • After logging as the internal admin, view the Main.AdminGroup topic. Follow the instructions on the page to add users to the AdminGroup. You do not need to edit the topic. Any member of the Main.AdminGroup can add subsequent members — you do not have to use the internal admin login. To more easily debug access control issues, you may want to have a regular Foswiki user account for daily use, and a special one that belongs to the AdminGroup that you use only for administering your Foswiki site. See System.AccessControls for more information on access controls and user groups. #### Congratulations! You now have a basic installation running. At this point you can just point your Web browser at http://yourdomain.com/url/to/foswiki/bin/view/System/InstallationGuidePart2 to proceed with further tailoring your site.. In order to keep your user, group, and site configuration information separate from the actual content of your site, it is recommended that you create a new web in which your site's pages will reside. See System.ManagingWebs for more information on Wiki webs and how to create one. ### Troubleshooting ## Foswiki system requirements Low client and server base requirements are core features that keep Foswiki widely deployable, particularly across a range of browser platforms and versions. Many extensions exist which enhance and expand Foswiki's capabilities; they may have additional requirements. ### Server Requirements Foswiki is written in Perl 5, which is supported on Microsoft Windows as well as Unix and Unix-like systems (including Linux and OSX), on which it uses a number of shell commands and RCS (Revision Control System), a GNU Free Software package. It should be able to run on any server platform that meets the following requirements. Resource Required Server Environment Perl 5.8.8 or higher RCS (Revision Control System) 5.7 or higher (including GNU diff) Optional. Foswiki includes a pure Perl implementation of RCS (RcsLite) that can be used instead, at the cost of performance GNU diff GNU diff 2.7 or higher is required when not using the all-Perl RcsLite. Install within the PATH if not included with RCS (check version with diff -v) Must be the version used by RCS, to avoid problems with binary attachments - RCS may have hard-coded path to diff Other external programs fgrep, egrep Cron/scheduler • Unix: cron • Windows: cron equivalents Web server Apache is well supported; for information on other servers, see Foswiki:Support.InstallingOnSpecificPlatforms. ### Perl Modules A complete list of the required and optional Perl modules can be found in lib/DEPENDENCIES. The following CPAN modules are not shipped with Foswiki. Note that Foswiki extensions may add additional requirements. Modules marked as Required may still be optional if certain default core features are not used. Module Required/Optional Description CPAN:HTML::Entities Required Used for WYSIWYG Editing CPAN:HTML::Parser Required Used for WYSIWYG Editing CPAN:HTML::Tree Required Used by CompareRevisionsAddOn. CPAN:URI Required Used by MailerContrib for email notifications of topic changes. CPAN:LWP Required Used by the Configure Extensions Installer, and for external URL based INCLUDEs CPAN:version Required version >= 0.77 required for module version checks CPAN:Digest::SHA Optional Required to use SHA1 password encoding, since Perl 5.9.3 part of core CPAN:Digest::SHA1 Optional Required by the Foswiki PageCaching feature CPAN:Win32::Console Optional May be required for Internationalization on Windows CPAN:Archive::Tar Optional Required by the Extensions Installer in configure if command line tar or unzip is not available, since Perl 5.9.3 part of core. CPAN:Archive::Zip Optional Alternative to Archive::Tar, used by the Extensions Installer if Archive::Tar and command line tar and unzip also unavailable CPAN:Net::SMTP::SSL Optional Required by Net::SMPT to send email over SSL to providers such as gmail. CPAN:Authen::SASL Optional Required by Net::SMTP if email server requires authentication. Most of them will probably already be available in your installation. You can check version numbers with the configure script, or if you're still trying to get to that point, check from the command line like this: perl -e 'use FileHandle; print$FileHandle::VERSION."\n"'

For more detailed dependency information, try the script dependencies_installer.pl located in the tools directory, which makes perl module installation easier. Run it with option -h to understand basics. This script requires confirmation before it actually does something.

### Specific distribution details

#### Ubuntu and other Debian derived distributions

Install apache and rcs apt-get install apache2 rcs

Perl Module Package to install Notes
HTML::Parser libhtml-parser-perl
HTML::Entities   included with HTML::Parser
HTML::Tree libhtml-tree-perl
LWP libwww-perl
version libversion-perl Must be version 0.77 or newer
Digest::SHA libdigest-sha-perl
Digest::SHA1 libdigest-sha1-perl
URI liburi-perl
Net::SMTP::SSL libnet-smtp-ssl
Authen::SASL libauthen-sasl note, broken on Ubuntu 11.10 x64. Install using CPAN!

After expanding the Foswiki archive, change the ownership of the files:
• Debian, Ubuntu, Kubunto: chown -R www-data:www-data /path/to/foswiki

#### RedHat, SuSE, CentOS and other RPM based distributions

Install apache2, rcs, and perl-CPAN

Perl Module Package to install Notes
HTML::Parser perl-HTML-Parser
HTML::Entities   included with HTML::Parser
HTML::Tree perl-HTML-Tree
LWP perl-libwww-perl
version   Must be version 0.77 or newer
Digest::SHA perl-Digest-SHA
Digest::SHA1 perl-Digest-SHA1
URI perl-URI
Net::SMTP::SSL perl-Net-SMPT-SSL
Authen::SASL perl-Authen-SASL

After expanding the Foswiki archive, change the ownership of the files:
• RedHat, Fedora, CentOS Mandriva: chown -R apache:apache /path/to/foswiki=
• Suse: chown -R wwwrun:www /path/to/foswiki

### Client Requirements

The standard installation has relatively low browser requirements:

• XHTML 1.0 Transitional compliant
• Cookies, if persistent sessions are required
Change {ValidationMethod}{Method} from strikeone to embedded in configure to allow non-javascript browsers to edit/save/upload

CSS and Javascript are used in most skins. Some skins will require more recent releases of browsers. The default skin is tested on IE 6+, Safari, Chrome and Firefox.

You can easily select a balance of browser capability versus look and feel. Try the installed skins at System.SkinBrowser and more at Foswiki:Extensions.SkinPackage.

If you cannot unpack the Foswiki distribution directly in your installation directory, you can unpack the distribution on your local computer, manually create the directory structure on your host server and upload the files as follows:
• Using the table below, create a directory structure on your host server
• Upload the Foswiki files by FTP (transfer as text except for the image files in pub directory.)
• Note: Don't worry if you are not able to put the lib directory at the same level as the bin directory. You can create this directory elsewhere and configure the bin/setlib.cfg file.
Foswiki dir: What it is: Where to copy: Example:
foswiki start-up pages root Foswiki dir /home/smith/public_html/foswiki/
foswiki/bin CGI bin CGI-enabled dir /home/smith/public_html/foswiki/bin
foswiki/lib library files same level as bin /home/smith/public_html/foswiki/lib
foswiki/locale language files dir secure from public access /home/smith/public_html/foswiki/locale
foswiki/pub public files htdoc enabled dir /home/smith/public_html/foswiki/pub
foswiki/data topic data dir secure from public access /home/smith/public_html/foswiki/data
foswiki/templates web templates dir secure from public access /home/smith/public_html/foswiki/templates
foswiki/tools Foswiki utlilities dir secure from public access /home/smith/public_html/foswiki/tools
foswiki/working Temporary and internal files dir secure from public access /home/smith/public_html/foswiki/working

### Configuring Foswiki manually (without using the configure page)

It is highly recommended that you configure Foswiki by using your browser to access the configure page. However, if you are unable to get the configure page to display (for example, if a dependency is missing), or for some reason you do not wish to use the configure page, then you can configure Foswiki manually

Perform the following steps to manually configure Foswiki:
• Copy the file lib/Foswiki.spec to lib/LocalSite.cfg
• Remove the # in front of the following settings, and ensure that they are set to the correct values: Note: The settings must not reference other $Foswiki::cfg variables. $Foswiki::cfg{DefaultUrlHost}
$Foswiki::cfg{ScriptUrlPath}$Foswiki::cfg{ScriptDir}
$Foswiki::cfg{PubUrlPath}$Foswiki::cfg{PubDir}
$Foswiki::cfg{DataDir}$Foswiki::cfg{ToolsDir}
$Foswiki::cfg{TemplateDir}$Foswiki::cfg{LocalesDir}
$Foswiki::cfg{WorkingDir}$Foswiki::cfg{OS}

• Make sure the following settings are defined:
   $Foswiki::cfg{LoginManager}$Foswiki::cfg{WebMasterEmail}
$Foswiki::cfg{SMTP}{MAILHOST}$Foswiki::cfg{SMTP}{SENDERHOST}

• Remove the line containing __END__ and everything following it.

## Beyond the basic installation

Once you have Foswiki installed and running, you can perform one or more of the following steps to tailor your installation to your needs. Many of the references in this section refer to topics within your Foswiki installation. For example, System.Skins refers to the Skins topic in your System web. To go directly to a topic, enter the full topic name, such as System.Skins, into the "Jump" text box at the top right of any Foswiki page.

To make it easier to follow the instructions in this section, you can view this installation guide using your Foswiki site by entering System.InstallationGuide into the "Jump" text box. By doing this instead of using the INSTALL.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages.

All of the Foswiki documentation can also be found online in the Foswiki documentation section (the "System" web) of the Foswiki web site.

Note the configure page mentioned in this section is accessed by visiting https://matisse.oca.eu/foswiki/bin/configure your web browser.

### Site configuration and maintenance

#### Set Foswiki Preferences

Preferences for customizing many aspects of Foswiki are set by editing Main.SitePreferences. If a given preference is not set in Main.SitePreferences, then a default value is picked up from System.DefaultPreferences, if present, or, for extensions, from the extension topics.

To simplify your upgrades, do not modify System.DefaultPreferences. Instead, copy any settings you want to change from System.DefaultPreferences to Main.SitePreferences.

To see the available preferences that can be set, look through System.DefaultPreferences.

If, for some reason, you wish to pick up default preferences from a different topic, you can set the location in the Miscellaneous settings pane of the configure page, in the {SitePrefsTopicName} setting (visible when Expert mode is enabled). It is recommended that you leave this setting to its default value, DefaultPreferences.

#### Select the desired security level

Foswiki has a many security features that can be enabled/disabled and adjusted to suit your needs.

In many cases enabling a security feature prevents other features. It is a balance that the administrator has to choose depending on the purpose of the Foswiki installation (confidential vs public knowledge), the type of installation (intranet vs internet), and your type of business.

A new administrator is encouraged to read Foswiki:Support.SecurityFeatures which gives a walkthrough of the different security aspects and how to set the appropriate configuration settings. Note that that some security settings are only visible in configure in "expert mode" which you enter by clicking the "Yes, I've read all the documentation" button at the top of the configure screen.

Each web has an automatic email notification service that sends you an email with links to all of the topics modified since the last alert. To enable this service:
1. Confirm the Mail and Proxies settings on the configure page.
2. Setup a cron job (or equivalent) to call the tools/mailnotify script, as described in the System.MailerContrib topic.

Foswiki administrative emails are an attractive target for SPAM generators and phishing attacks. One good way to protect against this possibility to enable S/MIME signatures on all administrative e-mails. To do this, you need an an X.509 certificate and private key for the the {WebMasterEmail} email account. Obtain these as you would for any other S/MIME e-mail user.

To enable Foswiki to sign administrative e-mails:
1. Enable e-mail as described above
2. Ensure that the system has the CPAN module Crypt::SMIME installed.
3. If necessary, convert your certificate and key files to PEM format ( openssl has all the necessary utilities)
4. Place the certificate anyplace convenient that the webserver can read. It should be protected against write. The conventional place under linux is /etc/pki/tls/certs
5. Place the key file in a secure location that only the webserver (or CGI user) can read. It must not be readable by anyone else, and must not be served by the webserver.
6. Using the configure script, change the following settings under Mail and Proxies:
1. "Email Server" tab. Follow the directions under {MailMethod} and {MailProgram} to enable an external mail program such as sendmail. Net::SMTP is not supported.
• {SMTP}{MAILHOST}, {SMTP}{SENDERHOST}, {SMTP}{Username} and {SMTP}{Password} are not used an may be deleted.
• If Foswiki variable SMTPMAILHOST is defined in Main.SitePreferences it should be removed.
2. "S/MIME" tab:
• Enable the S/MIME checkbox
• Enter the full path to the certificate file in the {SmimeCertificateFile} configuration variable
• Enter the full path to the private key file in the {SmimeKeyFile} configuration variable
3. Save the configuration
7. Re-run the configure script an resolve any errors that it identifies

All out-going administrative e-mails will now be signed.

#### Automate removal of expired sessions and lease files

By default Foswiki cleans out expired session and lease files each time any topic is viewed, but this has a performance cost. Instead you may wish to schedule a cron job (or equivalent) to run the tools/tick_foswiki.pl script, and set a negative value on the configure page for {Sessions}{ExpireAfter}. For more details, read System.CommandAndCGIScripts#tick_foswiki_pl.

#### Enable WebStatistics

You can manually or automatically generate a listing of the most popular pages for each web, based on number of visits. For information on setting up this feature, see the System.SiteTools#WebStatistics topic.

#### Enable Localisation

Foswiki supports displaying national (non-ASCII) characters, and using different languages for its basic interface elements. To configure localisation, modify the Localisation section of the configure page. For more information, see Foswiki:Support.InternationalizationSupplement.

#### Customize pages for managing personal information

If you are not using Foswiki to manage your users' passwords or email addresses, or would just like to enhance the default pages, then modify the following topics accordingly with information appropriate for your site:

#### Customize the user topic for new users

When a new user registers on your Foswiki site, a topic with a name corresponding to the user's WikiName is created in the Main web: this topic is the user's user topic. The user topic is based on the Main.NewUserTemplate topic; if it is not present, then System.NewUserTemplate (and its associated System.UserForm) is used as a default. If you want to customize the user topic for your users, copy System.NewUserTemplate to Main.NewUserTemplate, and System.UserForm to Main.UserForm, and make your changes to Main.NewUserTemplate and Main.UserForm. (See System.ManagingTopics#CopyTopic for instructions on copying a topic.)

You can edit these topics to suit your needs, such as the following:
• Customize the user topic for your site.
• Add an ALLOWTOPICCHANGE preference setting to Main.NewUserTemplate so only the user can edit their own user topic. In particular, on a public Foswiki site, restricting edit access will avoid vandalism and spam.
• Add and remove fields defined in the Main.UserForm.

If you added or removed fields from the user form you may also need to tailor Main.UserRegistration to match (copy over the contents from System.UserRegistration to Main.UserRegistration when creating it).

#### Customize the appearance of your Foswiki site

The real power of Foswiki lies in its flexibility to be customized to meet your needs. To change the look of the default skin, PatternSkin, please refer to System.PatternSkin and System.PatternSkinCustomization.

At the Foswiki website you can find more resources. A good place to start exploring is Foswiki:Support.BestPracticeTips and Foswiki:Support.FAQ which offer tips and tricks for customizing your Foswiki site. Many of these are best done before any content has been added to your site, so immediately after installation is a good time to consider the possibilities.

##### Left, Top and Bottom Bars with PatternSkin

The top bar and bottom bar are common across all webs.

To customize the top bar, copy System.WebTopBarExample to System.WebTopBar, and make your desired changes to System.WebTopBar.

To customize the bottom bar, copy System.WebBottomBarExample to System.WebBottomBar, and make your desired changes to System.WebBottomBar.

The side bar can be customized on a per web basis. To customize the side bar, copy the WebLeftBarExample topic in the given web to WebLeftBar, and make your desired changes to WebLeftBar. If you would like to move the side bar to the right of the page, see System.PatternSkin for more details.

At the bottom of each topic, there is a copyright statement that is set in the WEBCOPYRIGHT preference. Its default is the following: Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.

If your Foswiki site is used in an environment without public access you should replace this with your normal copyright notice. You should also consider adding a security classification (e.g., For Internal Use Only) so people do not have to add this manually to every new topic.

If your Foswiki site is publicly accessible, you need to decide which copyright and license you wish to apply to all contributions. For open source applications, licenses such as the GNU Free Documentation License, FreeBSD Documentation License, and one of the various Creative Commons licenses are possible licenses to consider. Remember that once people have started contributing, you cannot retroactively change the license (unless it has a provision for this).

To change the copyright statement, perform the following steps:

• Copy the WEBCOPYRIGHT preference setting from System.DefaultPreferences to Main.SitePreferences. Change the value to your desired text. This value will be your new default across all webs.
• You can create a unique message for a specific web by setting the WEBCOPYRIGHT preference in the WebPreferences topic for the given web. For example, you could add a confidential classification to a web that has restricted access.
• The WEBCOPYRIGHT preference setting in System.WebPreferences covers the documentation that comes with Foswiki, and should not be changed.

#### WYSIWYG vs Raw Edit

In Foswiki, the WYSIWYG editor is used by default in edit mode. An Edit Raw link is available for those who prefer to edit the raw topic text.

If you prefer to use the raw text editor by default and have a separate WYSIWYG button, as in TWiki 4.1, then you can modify the templates that define the edit screen as described in Foswiki:Support.FaqHowToMakeRawEditDefault.

### Extensions

Foswiki:Extensions is an extensive library of plugins for Foswiki that enhance functionality in a huge number of ways. A few plugins are pre-installed in the Foswiki distribution. There are several types of Extensions available:
• Plugins extend Foswiki functionality without altering the core code.
• Skins Skins overlay regular templates to give different looks and feels to Foswiki screens.
• Contribs and AddOns are any other Extension that provides added functionality beyond Plugins and Skins

#### Installing extensions

Extensions can be installed using any of several different methods:
• the configure web interface
• the generic shell installer tools/extension_installer
Caution: Users of the debian .deb packages should only use the debian tools when installing extensions.

The simplest way is to visit configure:Extensions. Use the Find More Extensions button to download and install additional extensions from the foswiki.org website. If you are behind a firewall or your server has no access to the Internet, you can also install plugins manually. Installation instructions for each plugin are located in its corresponding topic on http://foswiki.org/. Additional documentation on Foswiki plugins can be found at Foswiki:Support.PluginsSupplement.

When installing an extension from the configure interface:
• Even if available, local Extension installers and archives are not used
• If the extension is already installed, a backup is taken to the working/configure/backup directory
• Dependencies on other Extensions are automatically resolved and installed
• Dependencies are downloaded from the same archive where the Extension was found. No additional searching is performed.
• The Extension is installed.
• By default, unless a collsion occurrs with an existing file, the Extension's topics will not be checked in to the revision control system.
• If previous topics or attachments are found, then the topic will be checked in under the Administrators user id.
• If the topics or attachments are flagged as !noci, disabling checkin, they will still be checked in if existing revision control files are found, suggesting that local modifications have occurred.
• CPAN dependencies and other external packages are not resolved and should be resolved manually

When installing extensions from the command line:
• The _installer package must be run from the root directory of the Foswiki installation.
• The Extension _installer module must be downloaded from the Extension repository. The extension archive will be downloaded if required.
• When the _installer is run, it will install the Extension and dependencies similar to the configure interface except:
• You will be given the option to use local archives if available in the root of the Foswiki installation
• You will be given the option to resolve CPAN dependencies after the Extensions and dependencies are installed.
• Any other dependencies still need to be manually resolved.

When using either the web or shell instalation tools:
• After installation, the Extension _installer module is saved in working/configure/pkgdata
• A complete log of the actions taken by the installer is saved in working/logs/configure/[NameOfExtension]-yyyymmdd-hhmmss-[Action].log

Plugins must be manually enabled in the Plugins section of the configure page. In addition, some extensions also require configuration in this section.

The instructions for using the extensions installer from the shell are retrieved by using the "usage" command: tools/extension_installer usage or ./SomePlugin_installer usage

perl working/configure/pkgdata/X509UserPlugin_installer usage

Usage as a custom installer:

X509UserPlugin_installer -a -n -d -r -u -c install
X509UserPlugin_installer -a -n uninstall
X509UserPlugin_installer manifest
X509UserPlugin_installer dependencies

Usage as a generic installer:

tools/extension_installer X509UserPlugin -a -n -d -r -u -c install
tools/extension_installer X509UserPlugin -a -n uninstall
tools/extension_installer X509UserPlugin manifest
tools/extension_installer X509UserPlugin dependencies

If command (install, uninstall ..) is not provided, default is to
install the extension.

Operates on the directory tree below where it is run from,
so should be run from the top level of your Foswiki installation.

Depending upon your installation, you may need to execute perl directly
perl tools/extension_installer ...   or
perl X509UserPlugin_installer ...

"install" will check dependencies and perform any required
post-install steps.

"uninstall" will remove all files that were installed for
X509UserPlugin even if they have been locally modified.

-a means don't prompt for confirmation before resolving
dependencies
-r means reuse packages on disc if -a (no effect if not -a)
-n means don't write any files into my current install, just
tell me what you would have done
-c means don't try to use CPAN to install missing libraries

"manifest" will generate a list of the files in the package on
standard output. The list is generated in the same format as
the MANIFEST files used by BuildContrib.

"dependencies" will generate a list of dependencies on standard
output.


#### Removing (uninstalling) extensions

Caution: When removing an extension, no dependency checking is performed.
• Dependencies are not removed
• Other Extensions dependent on the removed extension may become non-operational.
The web and command line interfaces can be used to uninstall extensions. When an extension is remove, the following occurs:
• The _installer package is used to recover the manifest. If it cannot be found locally, it will be downloaded from the configured extension repository
• A backup of the previously installed files per the manifest will be taken to the configure/working/backup directory
• Note: If download of the _uninstaller was required, the backup will be made per the current installer's manifest. It is preferable to always save the _installer modules.
• The Extension files along with any ,v revision control files will be removed, including the _installer.
• Any additional files saved locally are not removed.
• A complete log of the steps taken is saved in working/logs/configure/[NameOfExtension]-yyyymmdd-hhmmss-[Action].log

• Plugin modules are not automatically disabled in the configuration - they must be disabled manually.

Run the uninstall from the "root" of the Foswiki installation: working/configure/pkgdata/SomeExtension_installer uninstall

#### Restoring a removed, or previous version of an extension

The backup can be extracted from the root directory of the Foswiki installation. The archive is taken "relative" to the root of the installation, so an unzip or tar -xzf of the backup file should be all that is required:
cd /root/of/foswiki
tar -zxvf * working/configure/backup/[Extension}-backup-[yyyymmdd]-[hhmmss].tgz
# or
unzip working/configure/backup/[Extension}-backup-[yyyymmdd]-[hhmmss].zip


### TWiki Compatibility

Foswiki is 100% backwards compatible with TWiki® markup up to and including TWiki 4.2.4. Existing TWiki webs, topics and attachments can be used with Foswiki without requiring any changes.

To support a seamless upgrade from TWiki, Foswiki ships with a plugin called TWikiCompatibilityPlugin. This plugin enables most TWiki extensions to work with Foswiki, without modifications. It also maps requests for legacy TWiki web topics to their Foswiki equivalents, as defined in Foswiki:Development.TopicNameMappingTable. The TWIKIWEB and MAINWEB TWiki variables are also mapped to the new Foswiki macros SYSTEMWEB and USERSWEB.

If you are not upgrading an existing TWiki installation and do not plan to install plugins from the TWiki web site, it is recommended that you disable the TWikiCompatibilityPlugin in the Plugins Section on the configure page.

If a plugin exists both in a TWiki version and a Foswiki version, it is strongly recommended that you use the Foswiki version, as this is coded to work optimally with Foswiki. As part of the Foswiki project, the Foswiki community is evaluating all of the extensions that are available for TWiki, and porting them over to the Foswiki name space. Many of them are being enhanced through the removal of bugs and security vulnerabilities, resulting in better, more functional extensions for Foswiki.

### Web Acceleration (mod_perl, FastCGI, ...)

Foswiki is installed by default supporting standard CGI scripts as well as CLI access. For best performance, Foswiki can be accelerated using one of the several accelerators, however, you must install the required Foswiki extension and host modules before enabling accelereation! See the listed extensions for more information.

 Fast CGI FastCGIEngineContrib Supports the mod_fastcgi and mod_fcgid extensions mod_perl ModPerlEngineContrib supports the apache mod_perl extension

Caution
• Ensure your site is fully configured and working before enabling either of these extensions. They can be challenging to configure.
• The ApacheConfigGenerator will help creating a valid configuration for these accelerators.
• Enabling the apache configuration without installing the pre-req modules and extensions will break your site!
• The core default extensions are well tested with web acceleration, other extensions can exhibit inconsistent behaviour when accelerated.

TWiki is a registered trademark of Peter Thoeny.

This guide covers upgrading from a previous version of Foswiki or TWiki (such as Cairo or TWiki4.0) to Foswiki 1.1 (References to Cairo are for TWiki versions older than TWiki 4.0, such as TWikiRelease04Sep2004)

## Overview

Foswiki is a fork from TWiki 4.2.3. Upgrades from all TWiki versions and earlier Foswiki versions are supported. Foswiki is designed to be 100% compatible with the content of TWiki sites, using the same markup language and supporting the same plugin API (through the use of a TWikiCompatibilityPlugin), thereby enabling a smooth transition from TWiki to Foswiki.

• To upgrade from an old TWiki Release to the latest Foswiki production release, follow the instructions below.
• Before upgrading, you may wish to make a backup of your topics.
• Once the upgrade has been applied, an existing earlier installation will still be able to read all the topics, but should not be used to write.
• Some TWiki plugins are not compatible with Foswiki (usually ones that use a private API or execute helper scripts); you may need to migrate to the equivalent extension in the Foswiki:Extensions repository.

### Upgrading from TWiki to Foswiki

You are strongly advised to read the Foswiki:System.ReleaseNotes01x00 (also available in an HTML file in the root of your installation), which contains a list of changes from TWiki 4.2.3 to Foswiki 1.0. A number of system topics and macros (formerly known as TWiki variables) have been renamed, to better describe their purpose and, where appropriate, to rebrand to the Foswiki name.

## Upgrading to a new patch release

To upgrade to a new patch release — for example, from Foswiki 1.1.0 to 1.1.2 — an upgrade package can be used that will not overwrite any of your customizations.

For patch releases you will find a brief upgrade procedure on the download page for the release. Follow this procedure to upgrade to the patch release. It may contain important steps that are unique to each patch release (for example, some configure settings may need to be changed).

If you use the Foswiki PageCaching feature, be sure to refresh the cache after upgrading to a new Foswiki version.

The following is a high level view of the upgrade procedure:

1. Prepare for all upgrade steps.
2. Install the new Foswiki version and configure it with the same settings as the old version.
3. Install any additional extensions (Plugins) used by your old installation. Make sure to use the latest Foswiki versions.
4. Copy all the non-default webs from the old installation to the new one.
5. Copy the users, groups, and site customizations from the old installation to the Main web in the new installation, including all user topics.
6. Apply preferences from the old installation.
7. Apply your site customizations: skin, logos, menu bars, forms for personal information, and so forth.
8. Validate your Wiki applications and other key functionality.
9. Switch your production site from the old installation to the new installation.
Managing caches of static .js, .css files: some parts of Foswiki use URI versioning to help web browsers obtain a current version of these files when they change, but currently other parts do not. You may need to get your users to clear their browser's cache after upgrading your site to a new major or minor release (usually not necessary for patch upgrades). An alternative approach is to manage your web server configuration to strategically set appropriate expiry times for static files (see performance supplement)

More details for each step appear in the following sections. The steps may need to be modified or otherwise tailored with specifics for your installation. In particular, you must take care to preserve any special configuration or customizations you have made, especially if you have modified any of the default software files or system topics that are contained within the installation package.

For purposes of discussion, the following conventions are used:
• <oldwiki> refers to the directory in which the old installation is located
• <newwiki> refers to the directory in which the new installation is located; it is assumed to be immediately below the root directory of your web server
• <old_users_web> refers to the web in which the user topics are located in the old installation. The default value is the Main web. The web is specified in the Store settings pane of the configure page, in the {UsersWebName} setting (visible when Expert mode is enabled).
• <old_system_web> refers to the web used for documentation and default preferences in the old installation. In Foswiki, the default value is the System web; in TWiki, the default value is the TWiki web. The web is specified in the Store settings pane of the configure page, in the {SystemWebName} setting (visible when Expert mode is enabled).
After the upgrade, in the new installation, the Main web is used for user topics and site preferences, and the System web is used to hold documentation and default preferences.

The configure page mentioned in this document is accessible via your web browser at http://yourdomain/<newwiki>/bin/configure .

### Prepare for all upgrade steps

Read the Foswiki:System.ReleaseNotes01x00 and learn about the differences between your old installation and the new release to which you are upgrading. Take note of any areas that affect your site and what special steps you may need to take.

Check that all the extensions (plugins, contribs, skins) used by your old installation are available with the new release. Familiarize yourself with any new behaviour that you will have to adapt to or any configuration changes you will have to perform.

If you are using authentication, prepare a test plan to verify that your authentication mechanism is working correctly. Make sure you are able to test logins by a sufficient sample of users to cover all categories of users of your site. For example, users of various groups may need to be tested. In particular, ensure you test that non-admin users cannot access topics restricted to admins.

Identify all essential Wiki topics and Wiki applications that must be fully functional upon completion of the upgrade. Prepare a test plan to verify their functionality. If you are using access controls, ensure that the test plan will adequately test all categories and groups of users of your site.

If your testing will require a test environment to be set up, ensure that it is ready, with any required support infrastructure (for example, testbed authentication servers). If you need to be able to login with different users in different categories and groups, ensure that you have the required login information ready, or you have testers from those groups available to perform the required test cases.

### Installation

Follow the installation instructions in INSTALL.html, located in the root of the new installation. Install the new release in a new directory. Do not install on top of the old release.
• For public or otherwise sensitive installations, ensure that your web server configuration is set to deny access to the new Foswiki installation for anyone except you.
• Configure Foswiki using the configure page.
• If you are upgrading from an older Foswiki release, first copy your <oldwiki>/lib/LocalSite.cfg file to <newwiki>/lib/LocalSite.cfg in order to preserve your existing configuration settings. Alternatively, you can reconfigure the new installation from scratch (you can use your old LocalSite.cfg file as a reference).
• If you are upgrading from a TWiki site, you must reconfigure your Foswiki installation from scratch. You cannot copy over your old LocalSite.cfg file (though you can use it as a reference). Run configure and set the configuration values in the new installation to match those of the old installation.
• Verify all of the configuration settings on the configure page, including any new settings added in the new version. Save the configuration after you have completed your changes.
• To wipe out all your settings and start configuring from a fresh installation, just delete the <newwiki>/lib/LocalSite.cfg file and run configure.

Test your newly-installed Foswiki site and ensure that its basic functionality works: viewing and editing topics (you can try creating and editing a topic in the Sandbox web).

To make it easier to follow the subsequent steps, you can view this upgrade guide using your new Foswiki site by entering System.UpgradeGuide into the "Jump" text box on the top right of any topic. By doing this instead of using the UpgradeGuide.html file from the distribution, you will be able to use the embedded hyperlinks to jump directly to the referenced pages.

### Install extensions

Install all of the extensions that were installed in your old site. In particular, start with any extensions required for the authentication and authorization methods you use (if any). You can use the Find more extensions button in the Extensions section of the configure page to install and configure extensions from the Foswiki:Extensions repository. You can also install extensions manually; see the instructions on the extension's web page from where you obtained the extension (for Foswiki extensions, on foswiki.org).

• Note: some TWiki extensions may not work with Foswiki. By default, the TWikiCompatibilityPlugin is installed to provide backwards compatible support for TWiki plugins. However if the TWiki plugin calls private APIs or invokes helper scripts, it may still not work correctly. Check for an upgraded Foswiki version of the extension in the Foswiki:Extensions repository and install it instead.

Check the plugin topics from your old TWiki/Foswiki installation and transfer the plugin settings to the Main.SitePreferences topic in your new Foswiki site, prefixing each setting with the name of the plugin in uppercase followed by an underscore. For example, to copy over the DEFAULT_TYPE setting from the CommentPlugin topic in the old site to the new site, copy the value to a COMMENTPLUGIN_DEFAULT_TYPE setting in the Main.SitePreferences topic in the new site.

Commonly-customized plugin settings include the following:
• CommentPlugin - DEFAULT_TYPE
• EditTablePlugin - CHANGEROWS, QUIETSAVE, EDITBUTTON
• InterwikiPlugin - RULESTOPIC
• InterWikis - If you added your own rules, make sure you copy over the rules to the new installation.
• SlideShowPlugin - If you changed the embedded 'Default Slide Template', then copy your customed template to the topic in the new installation. You should prefer creating your own slide show template in a separate topic, so you will not have to take special steps over upgrades to preserve your modifications to the default slide template.
• SmiliesPlugin - If you added your own smileys, make sure you copy over your customizations to the topic in the new installatin.
• TablePlugin - TABLEATTRIBUTES

Activate, and if required, configure the installed extensions in configure.

### Copy content from non-default webs in old installation to the new installation

If you are upgrading from TWiki Cairo or earlier, it may be necessary to unlock the rcs files in data and pub directories from the old installation using the following shell commands:
• find data -name '*,v' -exec rcs -u -M '{}' \;
• find pub -name '*,v' -exec rcs -u -M '{}' \;

Copy your local webs over to the data and pub directories of the new installation. Do not copy the default webs: <old_system_web> (by default, either System or TWiki), Main, Trash, Sandbox, _default, and _empty.
• Make sure the data and pub directories, as well as the files within them, are readable and writeable by the web server user.
• Note: Foswiki's WebChanges topics depend on the file timestamp. If you touch the .txt files make sure to preserve the timestamp, or change them in the same chronological order as the old file timestamps.

### Copy users, user topics, and site customizations to Main web

Copy all topics and attachments from <old_users_web>: copy all files from <oldwiki>/data/<old_users_web>/ to <newwiki>/data/Main/, and copy all files from <oldwiki>/pub/<old_users_web>/ to <newwiki>/pub/Main/ . Do not overwrite any topics already present in the <newwiki>/data/Main/ directory.
• In addition to all the user topics, if you have created <old_users_web>.NewUserTemplate in the old installation, this step will copy over your template for user topics to the new installation.
• Ensure that the topic defining the admin group in your old installation is copied over. The admin group is defined in the Security setup pane of the configure page, in the {SuperAdminGroup} setting (visible when Expert mode is enabled). You can do either of the following:
• Set the {SuperAdminGroup} setting in your new installation to the old admin group.
• Move the contents of the old admin group to the new admin group. To avoid having to change all references to the old admin group, you must still keep the old admin group defined: set it so its only member is the new admin group, and the new admin group is the only user who can change or rename the old admin group topic.
• If your old installation did not customize {LocalSitePreferences} on the configure page, or if you did customize {LocalSitePreferences} but kept your site preferences within the <old_users_web> web, then this step will also copy over your site preferences to the new installation.

For upgrades from an older Foswiki installation:
• Manually merge all users from the <old_users_web>.WikiUsers topic in the old installation to the Main.WikiUsers topic in the new installation. If the new installation does not yet have an initial Main.WikiUsers topic, then copy <oldwiki>/data/<old_users_web>/WikiUsers.txt to <newwiki>/data/Main/WikiUsers.txt.
• Verify that the following default users are present in the Main.WikiUsers topic:
• ProjectContributor - the Foswiki documentation is attributed to this user
• RegistrationAgent - special user used during the new user registration process
• UnknownUser - used where the author of a previously stored piece of data can't be determined
• WikiGuest - guest user; used as a fallback if the user can't be identified
• If any of the default users are missing, then add them in manually to Main.WikiUsers, using the corresponding entries in Foswiki:System.UsersTemplate as an example.
• If you use data/.htpasswd for authentication, copy this file from the old installation to the new one.
• If you have customized <old_system_web>.UserRegistration, then either copy over <oldwiki>/data/<old_system_web>/UserRegistration.txt and <oldwiki>/data/<old_system_web>/UserRegistration.txt,v to the <newwiki>/data/System/ directory, or modify System.UserRegistration in the new installation to contain your customizations.

For upgrades from a TWiki installation:
• Manually merge all users from the <old_users_web>.TWikiUsers topic in the old installation to the Main.WikiUsers topic in the new installation. If the new installation does not yet have an initial Main.WikiUsers topic, then copy <oldwiki>/data/<old_users_web>/TWikiUsers.txt to <newwiki>/data/Main/WikiUsers.txt, and manually add the required default users (see the next steps).
• Verify that the following default users are present in the Main.WikiUsers topic:
• ProjectContributor - the Foswiki documentation is attributed to this user
• RegistrationAgent - special user used during the new user registration process
• UnknownUser - used where the author of a previously stored piece of data can't be determined
• WikiGuest - guest user; used as a fallback if the user can't be identified
• If any of the default users are missing, then add them in manually to Main.WikiUsers, using the corresponding entries in Foswiki:System.UsersTemplate as an example.
• If you use data/.htpasswd for authentication, copy this file from the old installation to the new one.
• If you are upgrading from Cairo and are using the Htpasswd login manager, run the tools/upgrade_emails.pl script to move the user emails out of the user topics and into the password file.
• If you have customized <old_system_web>.TWikiRegistration, then modify System.UserRegistration in the new installation to contain your customizations.

Copy over any topics and attachments you want to preserve from the Sandbox web in the old installation: copy the desired files from <oldwiki>/data/Sandbox/ to <newwiki>/data/Sandbox and from <oldwiki>/pub/Sandbox/ to <newwiki>/pub/Sandbox . Some pages you may wish to preserve are the WebHome topic and the WebLeftBar topic (if you had created it in the old wiki installation). The Sandbox web often contains work-in-progress topics that users will want to keep.

Make sure the data and pub directories, as well as the files within them, are readable and writeable by the web server user.

Execute your test plans for authentication and authorization. Test that users that you have transferred from the old installation can login with any problems, and that access controls work appropriately: check that users are able to view and edit pages for which they have access, and are denied permission to view or edit pages for which they do not have access. Also check that pages restricted to the admin group are not accessible by non-admin users, and that administrators continue to have access.

### Apply preferences from old installation

If you have not already set your desired site-wide preferences, as described in the section "Set Foswiki Preferences" in the System.InstallationGuide, then set your preferences. The location of your site preferences is specified in the Miscellaneous settings pane of the configure page, in the {LocalSitePreferences} setting (visible when Expert mode is enabled) — the default location is Main.SitePreferences. Copy any customized preferences from the site preferences topic in your old installation to the site preferences topic in the new installation. (Note you may have already copied over your customized preferences when you transfered the contents of the <old_users_web> web.)

If, in your old installation, you customized the default preferences in <old_system_web>.DefaultPreferences, then transfer your customizations from this topic to the site preferences topic instead (i.e. the topic specified in your {LocalSitePreferences} setting), so that your customizations will not get overwritten on the next upgrade.

If you are upgrading from TWiki, note that the default location of the default preferences in TWiki is <old_system_web>.TWikiPreferences, and the default location of the site preferences is Main.TWikiPreferences. Transfer any customized preferences from these topics to the site preferences topic in your new installation.

#### Modify skin with customizations for your site

If you did not already customize the appearance of your new installation, as described in the section "Customize the appearance of your Foswiki site" in the System.InstallationGuide, then reapply the customizations from your old installation to the new one. Ensure you transfer over any skin templates — .tmpl files, or topics referred to using VIEW_TEMPLATE or EDIT_TEMPLATE preferences — you need. Also ensure you transfer any style sheets or Javascript files required.

If you are upgrading from the Cairo version of TWiki: note that the skins from this release do not work well with Foswiki. Starting from TWiki 4.0.2, the default PatternSkin has been fairly stable and so your customizations should continue to work.

#### Customize pages for managing personal information

In your new installation, default copies of the following topics were installed:
• System.ChangePassword
• System.ResetPassword
• System.ChangeEmailAddress

If you customized these topics in your old installation, transfer the changes to these topics in the new installation. Use the corresponding files in the <oldwiki>/<old_system_web>/ directory as a reference.

### Validate your Wiki applications and other key functionality

Execute your test plan to validate the Wiki applications and other key functionality that need to be up and running after the upgrade.

### Switch your production site from the old installation to the new installation

If you had been running your old installation in parallel with the new one during a test phase, then disable your old installation, and repeat the step "Copy content from non-default webs in old installation to the new installation".

Change your web server configuration so that the new installation is accessible to all of your users, and so the old installation is no longer accessible.

Change your web server configuration so that the new installation is accessible using the same URL prefix as your old installation. For purposes of discussion, assume that your old installation is accessible from http://yourdomain/wiki/. You can use one of the following approaches to make the new installation accessible using the same URL prefix:
• You can rename your <newwiki>/ directory to wiki/ (renaming the directory of your old installation if necessary).
• If your operating system supports links to other directories and your web server is configured to follow links, then you can create a link called wiki/ that points to <newwiki>/ (renaming the directory of your old installation if necessary).
• You can configure your web server so that requests to /wiki/ are served from your <newwiki>/ directory.

Re-execute your test plan to verify that your newly-upgraded site is accessible to your users, and that all authentication and authorization mechanisms work as expected (including denying access to those who are not authorized).

Re-execute your test plan to verify that your Wiki applications and other key functionality work as intended.

### Favicon

The favicon is now configurable as a site preference or per-web preference. See System.DefaultPreferences for a description of the FAVICON preference. To set it for your site, add the FAVICON preference to your site preferences topic, Main.SitePreferences (or the topic you configured in your {LocalSitePreferences} setting in the Miscellaneous settings pane on the configure page). To set it for a web, add the FAVICON preference to the WebPreferences topic for that web.

## Important changes since TWiki 4.0.5

### Supported Perl version

To use Foswiki, you must use Perl 5.8 or higher. Foswiki no longer supports Perl version 5.6.x (the minimum version required for TWiki 4.0.5).

### Template spec changed

Until TWiki 4.0.5, any text inside template definition blocks for SkinTemplates (formerly called TWikiTemplates) — that is, between %TMPL:DEF{"block"}% and %TMPL:END% — was stripped of leading and trailing white space, including newlines. This made it difficult for skin developers to include a newline before or after a block of text.

From TWiki 4.1.0 onwards, and in Foswiki 1.0, this has changed so that white space is no longer stripped. Skins like PatternSkin and NatSkin have been updated so that they work with the new behavior. If you use an older skin or have written your own you will most likely need to make some adjustments.

In general, if you get mysterious blank lines in your skin, the newline after the %TMPL:DEF{"block"}% needs to be removed: the content of the block must follow on the same line as the TMPL:DEF.

CommentPlugin templates also must be modified to remove extraneous newlines — in particular, any newline immediately after the TMPL:DEF. See the System.CommentPluginTemplate for examples of how comment template definitions should look like in TWiki 4.1.x.

Example: a CommentPlugin template that adds a row to a table. With versions of TWiki prior to 4.1, the following syntax can be used:

%TMPL:DEF{OUTPUT:tabletest}%%POS:BEFORE%
|%URLPARAM{"comment"}%| -- %WIKIUSERNAME% - %DATE% |
%TMPL:END%


Starting in TWiki 4.1 and continuing with Foswiki 1.0, the newline before the start of the table row must be removed:

%TMPL:DEF{OUTPUT:tabletest}%%POS:BEFORE%|%URLPARAM{"comment"}%| -- %WIKIUSERNAME% - %DATE% |
%TMPL:END%


## Important changes for the upgrader - since TWiki 4.1.0

### New location for session and other temporary files

The directory for passthrough and session files have been replaced by a common directory for temporary files used by Foswiki. Previously the two configure settings {PassthroughDir} and {Sessions}{Dir} were set by default to /tmp. These config settings have been eliminated: Foswiki creates a tmp directory and other temporary directories under the directory defined by the configure setting {WorkingDir}.

## Important changes for the upgrader - since TWiki 4.1.2

### New WYSIWYG editor

Foswiki now ships with a new WYSIWYG editor based on TinyMCE that replaces the Kupu-based editor. When TinyMCEPlugin is enabled, the Edit button will initiate WYSIWYG editing mode. A Raw Edit link has been added for users to edit the topic markup directly.

The WYSIWYG button has been removed.

### UserForm and NewUserTemplate customization

When a new user registers on Foswiki his user topic is created based on the NewUserTemplate and UserForm in the Main web, if they exist. If the topic does not exist in the Main web, then the default version from System is used. Thus on upgrades, any customizations you made to NewUserTemplate or UserForm in the Main web will be preserved.

In previous TWiki versions, only System.NewUserTemplate and System.UserForm are used; you cannot override them by creating your own version in the Main web.

### WikiUsers no longer distributed

The Main.WikiUsers topic contains all the registered users. It is not included in the Foswiki distribution, so that your list of users will not be overwritten on upgrades. When the first user is registered in Foswiki, the Main.WikiUsers topic is created on demand.

### New working directory

The configuration setting {WorkingDir} in the General path settings pane on the configure page defines the location of a working directory for various subdirectories for use by Foswiki. The default value for this setting is the working subdirectory within the installation root directory for the Foswiki installation.

The subdirectories within the working directory include the following:

• registration_approvals — previously located in the data/ directory
• tmp — avoids security issues with using the /tmp directory
• work_areas — previously located in the pub/ directory.

If you have your own scheduled task to delete obsolete session files, note they are now located in the working/tmp/ subdirectory.

Foswiki has a new internal admin login feature that lets you login as a temporary administrator, using "admin" as your user name and the password for the configure page. The internal admin username can be configured in the {AdminUserLogin} setting in the Security setup pane on the configure page.

In order to add an initial user to the default {SuperAdminGroup}, Main.AdminGroup, you must login as the internal admin user using the link on the Main.AdminGroup page.

## Important changes for the upgrader - since Foswiki 1.0.4

An additional security feature has been added to Foswiki 1.0.5 so that saving data now requires the http method POST. This means that it is no longer possible to store data via an "<a href=..." link or img tag. It also means that if you have an application with an HTML form that creates new topics you must specify in the form tag method="post". This change is done to further tighten the security of Foswiki.

<form name="new" action="%SCRIPTURLPATH{"save"}%/Sandbox/" method="post">
...
</form>


The template webs _default and _empty are frequent targets for spammers because these webs are normally not monitored very carefully by the community around a Foswiki installation. These webs are now write protected so on an administrator can edit topics in these webs. When an administrator creates a new web it is important to remember to remove the access restriction from the WebPreferences in the new web.

## Important changes for the upgrader - since Foswiki 1.0.5

Foswiki 1.0.6 introduces a major security enhancement, protecting against Cross-Site Request Forgery. The extra safe "double submit" algorithm, as recommended by the Open Web Application Security Project (OWASP) project has been used. This is the same algorithm used by several major banks and other security-conscious institutions, and requires that users have Javascript enabled.

If these new countermeasures against CSRF creates problems for your users and your applications, you can alter the way the protection works or disable it. These are the configure parameters you need to visit (note that some are expert settings).

• {Validation}{Method} is by default "strikeone" which is the highest level of security and requires that users have Javascript enabled. You can lower this setting to "embedded" which uses a less safe validation method but does not require javascript. If you want to disable CSRF protection set it to "none". It is highly recommended to keep it at "strikeone".
• {Validation}{ValidForTime} is the time the validation key is valid. It is by default 1 hour. If your users often edit pages longer you can increase this time. Your users can still save pages with an expired validation key but they will be asked to confirm the saving.
• {Validation}{MaxKeysPerSession} is the maximum number of validation keys to store in a session. There is one key stored for each page rendered. If the number of keys exceeds this number, the oldest keys will be force-expired to bring the number down. If you have users that are very fast at editing pages and experience expired keys, you can increase this number. The default is 1000 and should be much higher than any normal person will experience.
• {Validation}{ExpireKeyOnUse} defines if validation keys expire when they are used for storing data. This prevents an attacker from evesdropping communication between server and browser and reuse keys. Unfortunately it also means that if a user edits a page, saves it, uses the back button of the browser, corrects his previous editing, and then saves again, he is asked to confirm that he intended to save the topic. Another use case is if you create an application with multiple forms and multiple submit buttons on a topic and you submit multiple times from this topic without navigating away from it, you will be asked to confirm the submission each time. If this is not acceptable to your use of Foswiki, you can turn off {Validation}{ExpireKeyOnUse}.

# User Authentication

Controlling who can access your site

## Overview

Authentication, or "login", is the process by which a user lets Foswiki know who they are.

Authentication isn't just to do with access control. Foswiki uses authentication to keep track of who made changes, and manage a wide range of personal settings. With authentication enabled, users can personalise Foswiki and contribute as recognised individuals, instead of shadows.

Foswiki authentication is very flexible, and can either stand alone or integrate with existing authentication schemes. You can set up Foswiki to require authentication for every access, or only for changes. Authentication is also essential for access control.

Quick Authentication Test - Use the %USERINFO% macro to return your current identity:
• You are guest, Main.WikiGuest,

Foswiki user authentication is split into four sections; password management, user mapping, user registration, and login management. Password management deals with how users personal data is stored. Registration deals with how new users are added to the wiki. Login management deals with how users log in.

Once a user is logged on, they can be remembered using a Client Session stored in a cookie in the browser (or by other less elegant means if the user has disabled cookies). This avoids them having to log on again and again.

Foswiki user authentication is configured through the Security Settings pane in the configure interface.

Please note FileAttachments are not protected by Foswiki User Authentication.

As shipped, Foswiki supports the Apache 'htpasswd' password manager. This manager supports the use of .htpasswd files on the server. These files can be unique to Foswiki, or can be shared with other applications (such as an Apache webserver). A variety of password encodings are supported for flexibility when re-using existing files. See the descriptive comments in the Security Settings section of the configure interface for more details.

Caution: Foswiki uses the .htpasswd file to also store the email addresses of registered users. If the .htpasswd file will be shared with another application, it is critical to preserve the email address stored as the last field in each line of the file.

You can easily plug in alternate password management modules to support interfaces to other third-party authentication databases.

The password manager is selected using the {PasswordManager} setting in configure.

## User Mapping

Usually when you are using an external authentication method, you want to map from an unfriendly "login name" to a more friendly WikiName. Also, an external authentication database may well have user information you want to import to Foswiki, such as user groups.

By default, Foswiki supports mapping of usernames to wikinames, and supports Foswiki groups internal to Foswiki. If you want, you can plug in an alternate user mapping module to support import of groups etc.

The user mapping manager is selected using the {UserMappingManager} setting in configure.

## User Registration

New user registration uses the password manager to set and change passwords and store email addresses. It is also responsible for the new user verification process. the registration process supports single user registration via the UserRegistration page, and bulk user registration via the BulkRegistration page (for admins only).

The registration process is also responsible for creating user topics, and setting up the mapping information used by the User Mapping support.

See Custom registration page for changing the user registration page.

Login management controls the way users have to log in. There are three basic options; no login, login via a Foswiki login page, and login using the webserver authentication support. the login manager is selected using the {LoginManager} setting in configure.

### No Login (select none)

Does exactly what it says on the tin. Forget about authentication to make your site completely public - anyone can browse and edit freely, in classic Wiki style. All visitors are given the Main.WikiGuest default identity, so you can't track individual user activity.

Note: This setup is not recommended on public websites for security reasons; anyone would be able to change system settings and perform tasks usually restricted to administrators.

### Template Login (select Foswiki::LoginManager::TemplateLogin)

Template Login asks for a username and password in a web page, and processes them using whatever Password Manager you choose. Users can log in and log out. Client Sessions are used to remember users. Users can choose to have their session remembered so they will automatically be logged in the next time they start their browser.

By default, your Foswiki installation is probably already using TemplateLogin, HtPasswdUser and TopicUserMappingContrib as the default Login, Password and user mapping options.
1. Using configure:
1. Navigate to the Login tab on the Security and Authentication panel. Select the Foswiki::LoginManager::TemplateLogin login manager.
2. Navigate to the Passwords tab. Select the appropriate PasswordManager for your system - the default is Foswiki::Users::HtPasswdUser.
There is also an EXPERT configure setting {TemplateLogin}{PreventBrowserRememberingPassword} that you can set to prevent Browsers from remembering username and passwords if you are concerned about public terminal usage.
2. Verify that registration works by registering yourself with the System.UserRegistration topic. If there are problems, try these troubleshooting tips:
1. Note: A standard Foswiki installation will not allow any new registrations unless there is a working SMTP configuration
2. If your PasswordManager is HtPasswdUser (the default), check the .htpasswd file is being updated correctly with a new entry. If not, check {Htpasswd}{FileName} is correct (under Security and Authentication on the Password tab in configure), and that the webserver user has write permission.
3. Create a new topic (in Sandbox web for example) to confirm that authentication works.
This is a very important step, as users in this group can access all topics, independent of Foswiki access controls.

Foswiki AccessControls do not protect topic attachments unless the web server has been configured to do so using the viewfile script. Visit Foswiki:Support.ApacheConfigGenerator for examples using Apache.

As Template Login uses a wiki page for its login prompt, there is a great deal of flexibility in customizing the login page for your purposes.

The default new user template page is in System.NewUserTemplate. The same macros get expanded as in the template topics. You can create a custom new user topic by creating the NewUserTemplate topic in Main web, which will then override the default in System web. See System.UserForm for copy instructions.

#### Custom registration page

You can customize the default System.UserRegistration topic by first copying System.DefaultUserRegistration to UserRegistration in Main web. This will ensure that your changes will remain intact next time you upgrade.

A couple of common fields are hidden from normal view to make the registration page as lean as possible. You can unhide those fields on the page by removing EXCLUDED_ from the INCLUDE tags) or add new ones.

New fields may also be added. The name="" parameter of the <input> tags must start with: "Fwk0..." (if this is an optional entry), or "Fwk1..." (if this is a required entry). This ensures that the fields are carried over into the user home page correctly.

#### Automatic Group Membership

The TopicUserMappingContrib can also enroll users into groups during registration. (Other mappers might not support this feature). Options include:
• Automatically enrolling users in one or more groups during registration
• Allow the user to select multiple groups from a list of eligible groups
• Allow the user to choose only one group from a list of eligible groups
• Don't do any group enrollment during registration.

The list of eligible groups can be generated in one of two ways:
• Manually by configuration. This fixed list of groups will always be listed.
• Automatically based upon CHANGE permission on the group topics.

There are two registration scenarios that apply:

Self-registration by Guest users
The actual registration will be processed by the special internal user Main.RegistrationAgent. Group topics must include an ALLOWTOPICCHANGE = Main.RegistrationAgent to be eligible for enrollment.
Registration by logged-in users
The registration form is filled out by some other logged-in user. In this case, the Main.RegistrationAgent is not used for Group updates. The current user must have ALLOWTOPICCHANGE permission for groups for them to be eligible for enrollment.
• Caution: If an administrator registers a user with automatic group membership enabled, the new user could potentially be added to All groups. Use caution with this feature!

Note: During registration, if it turns out that the current user or Main.RegistrationAgent doesn't have permission to update the group topic, the group update will be silently skipped. The user will still be albe to register.

See DefaultPreferences#RegistrationOptions for further details. Copy the settings into Main.SitePreferences to make them active.

With Apache Login enabled, when Foswiki needs to authenticate the user, the standard HTTP authentication mechanism is used: the browser itself will prompt for a user name and password.

The advantage of this scheme is that if you have an existing website authentication scheme using Apache modules such as mod_auth_ldap or mod_auth_mysql you can just plug in to them directly.

The disadvantage is that because the user identity is cached in the browser, you can log in, but you can't log out again unless you restart the browser.

Foswiki maps the REMOTE_USER that was used to log in to the webserver to a WikiName using the table in Main.WikiUsers. This table is updated whenever a user registers, so users can choose not to register (in which case their webserver login name is used for their signature) or register (in which case that login name is mapped to their WikiName).

The same private .htpasswd file used in Foswiki Template Login can be used to authenticate Apache users, using the Apache Basic Authentication support.

Do not use the Apache htpasswd program with .htpasswd files generated by Foswiki! htpasswd wipes out email addresses that Foswiki plants in the info fields of this file.

You can use any Apache authentication module that sets the REMOTE_USER environment variable.

To setup Apache Login, perform the following steps:

1. Configure Apache Login. Under the Security and Authentication pane on the Login tab in configure:
1. Select Foswiki::LoginManager::ApacheLogin for {LoginManager}.
2. Select Foswiki::Users::HtPasswdUser for {PasswordManager}.
3. Select Foswiki::Users::TopicUserMapping for {UserMappingManager}.
5. Configure your Apache settings for HTTP authentication. Use the Foswiki:Support.ApacheConfigGenerator tool or the foswiki/bin-htaccess.txt file to set the following Apache directives on the bin scripts:
 <FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*">
require valid-user
</FilesMatch>
You can also refer to the sample foswiki_httpd_conf.txt and bin-htaccess.txt files to see how the appropriate Apache directives are specified.
2. Verify that registration works by registering yourself with the System.UserRegistration topic. If there are problems, try these troubleshooting tips:
1. Note: A standard Foswiki installation will not allow any new registrations unless there is a working SMTP configuration
2. If your PasswordManager is HtPasswdUser (the default), check the .htpasswd file is being updated correctly with a new entry. If not, check {Htpasswd}{FileName} is correct (under Security and Authentication on the Password tab in configure), and that the webserver user has write permission.
3. Create a new topic (in Sandbox web for example) to confirm that authentication works.
This is a very important step, as users in this group can access all topics, independent of Foswiki access controls.

#### Logons via bin/logon

Any time a user requests a page that needs authentication, they will be forced to log on. It may be convenient to have a "logon" link as well, to give the system a chance to identify the user and retrieve their personal settings. It may be convenient to force them to log on.

The bin/logon script enables this. If you are using Apache Login, the bin/logon script must be setup in the Apache configuration or bin/.htaccess file to be a script which requires a valid user. Once authenticated, it will redirect the user to the view URL for the page from which the logon script was linked.

## Sessions

Foswiki uses the CPAN:CGI::Session and CPAN:CGI::Cookie modules to track sessions. These modules are de facto standards for session management among Perl programmers. If you can't use Cookies for any reason, CPAN:CGI::Session also supports session tracking using the client IP address.

You don't have to enable sessions to support logins in Foswiki. However it is strongly recommended. Foswiki needs some way to remember the fact that you logged in from a particular browser, and it uses sessions to do this. If you don;t enable sessions, Foswiki will try hard to remember you, but due to limitations in the browsers it may also forget you (and then suddenly remember you again later!). So for the best user experience, you should enable sessions.

There are a number of macros available that you can use to interrogate your current session. You can even add your own session variables to the Foswiki cookie. Session variables are referred to as "sticky" variables.

### Getting, Setting, and Clearing Session Variables

You can get, set, and clear session variables from within Foswiki web pages or by using script parameters. This allows you to use the session as a personal "persistent memory space" that is not lost until the web browser is closed. Also note that if a session variable has the same name as a Foswiki preference, the session variables value takes precedence over the Foswiki preference. This allows for per-session preferences.

To make use of these features, use the tags:

%SESSION_VARIABLE{ "varName" }%
%SESSION_VARIABLE{ "varName" set="varValue" }%
%SESSION_VARIABLE{ "varName" clear="" }%


Access controls cannot be modified in this way

### Cookies and Transparent Session IDs

Foswiki normally uses cookies to store session information on a client computer. Cookies are a common way to pass session information from client to server. Foswiki cookies simply hold a unique session identifier that is used to look up a database of session information on the Foswiki server.

For a number of reasons, it may not be possible to use cookies. In this case, Foswiki has a fallback mechanism; it will automatically rewrite every internal URL it sees on pages being generated to one that also passes session information.

This section applies only if you are using authentication with existing login names (i.e. mapping from login names to WikiNames).

• Login Username: When you login to the intranet, you use your existing login username. This name is normally passed to Foswiki by the REMOTE_USER environment variable, and used internally. Login Usernames are maintained by your system administrator.

• Foswiki Username: Your name in WikiNotation, ex: JohnSmith, is recorded when you register using UserRegistration; doing so also generates a personal home page in the Main web.

Foswiki can automatically map an Intranet (Login) Username to a Foswiki Username if the {AllowLoginName} is enabled in configure. The default is to use your WikiName as a login name.

NOTE: To correctly enter a WikiName - your own or someone else's - be sure to include the Main web name in front of the Wiki username, followed by a period, and no spaces, for example Main.WikiUsername or %USERSWEB%.WikiUsername. This points WikiUsername to the Main web, where user home pages are located, no matter which web it's entered in. Without the web prefix, the name appears as a NewTopic everywhere but in the Main web.

If your {PasswordManager} supports password changing, you can change and reset passwords using forms on regular pages.

• The ChangePassword form ( Foswiki/ChangePassword )
• The ResetPassword form ( Foswiki/ResetPassword )

If the {PasswordManager} does not support password changing, the ChangePassword and ResetPassword will show a simple message. This message is defined iby the setting CHANGEPASSWORDDISABLEDMESSAGE in System.DefaultPreferences. You can redefine this setting by copying it to Main.SitePreferences and change it to include a link to the password management website of your organisation.

If the active {PasswordManager} supports storage and retrieval of user e-mail addresses, you can change your e-mail using a regular page. As shipped, this is true only for the Apache 'htpasswd' password manager.

• The ChangeEmailAddress form ( Foswiki/ChangeEmailAddress )

If the {PasswordManager} does not support password changing, ChangeEmailAddress will guide the user to define the email address in the user topic.

You may want to add or remove scripts from the list of scripts that require authentication. The method for doing this is different for each of Template Login and Apache Login. Any scripts listed as requiring authentication will not be usable by the Guest user. If you require that Main.WikiGuest be allowed to edit topics on your site, edit and save must be removed from the list of scripts requiring authentication.
• For Template Login, update the {AuthScripts} list using configure
• For Apache Login, add/remove the script from bin/.htaccess, or from the FilesMatch line in the Apache configuration.

## How to choose an authentication method

One of the key features of Foswiki is that it is possible to add HTML to topics. No authentication method is 100% secure on a website where end users can add HTML, as there is always a risk that a malicious user can add code to a topic that gathers user information, such as session IDs. The Foswiki developers have been forced to make certain tradeoffs, in the pursuit of efficiency, that may be exploited by a hacker.

This section discusses some of the known risks. You can be sure that any potential hackers have read this section as well!

At one extreme, the most secure method is to use Foswiki via SSL (Secure Sockets Layer), with a login manager installed and Client Sessions turned off.

Using Foswiki with sessions turned off is a pain, though, as with all the login managers there are occasions where Foswiki will forget who you are. The best user experience is achieved with sessions turned on.

As soon as you allow the server to maintain information about a logged-in user, you open a door to potential attacks. There are a variety of ways a malicious user can pervert Foswiki to obtain another users session ID, the most common of which is known as a cross-site scripting attack. Once a hacker has an SID they can pretend to be that user.

To help prevent these sorts of attacks, Foswiki supports IP matching, which ensures that the IP address of the user requesting a specific session is the same as the IP address of the user who created the session. This works well as long as IP addresses are unique to each client, and as long as the IP address of the client can't be faked.

Session IDs are usually stored by Foswiki in cookies, which are stored in the client browser. Cookies work well, but not all environments or users permit cookies to be stored in browsers. So Foswiki also supports two other methods of determining the session ID. The first method uses the client IP address to determine the session ID. The second uses a rewriting method that rewrites local URLs in Foswiki pages to include the session ID in the URL.

The first method works well as long as IP addresses are unique to each individual client, and client IP addresses can't be faked by a hacker. If IP addresses are unique and can't be faked, it is almost as secure as cookies + IP matching, so it ranks as the fourth most secure method.

If you have to turn IP matching off, and cookies can't be relied on, then you may have to rely on the second method, URL rewriting. This method exposes the session IDs very publicly, so should be regarded as "rather dodgy".

Most Foswiki sites don't use SSL, so, as is the case with most sites that don't use SSL, there is always a possibility that a password could be picked out of the aether. Browsers do not encrypt passwords sent over non-SSL links, so using Apache Login is no more secure than Template Login.

Of the two shipped login managers, Apache Login is probably the most useful. It lets you do this sort of thing: wget --http-user=RogerRabbit --http-password=i'mnottelling http://www.example.com/bin/save/Sandbox/StuffAUTOINC0?text=hohoho,%20this%20is%20interesting i.e. pass in a user and password to a request from the command-line. However it doesn't let you log out.

Template Login degrades to url re-writing when you use a client like dillo that does not support cookies. However, you can log out and back in as a different user.

Finally, it would be really neat if someone was to work out how to use certificates to identify users.....

# Access Control

Access Control allows you restrict access to single topics and entire webs, by individual user and by user Groups. Access control, combined with UserAuthentication, lets you easily create and manage an extremely flexible, fine-grained privilege system.

## An important consideration

Open, freeform editing is the essence of WikiCulture - what makes Foswiki different and often more effective than other collaboration tools. For that reason, it is strongly recommended that the decision to restrict read or write access to a web or a topic is made with great care - the more restrictions, the less Wiki in the mix. Experience shows that unrestricted write access works very well because:
• Peer influence is enough to ensure that only relevant content is posted.
• Peer editing - the ability for anyone to rearrange all content on a page - keeps topics focused.
• In Foswiki, content is transparently preserved under revision control:
• Edits can be undone by the administrator (per default a member of Main.AdminGroup; see #ManagingGroups).
• Users are encouraged to edit and refactor (condense a long topic), since there's a safety net.
As a collaboration guideline, create broad-based Groups (for more and varied input), and avoid creating view-only Users (if you can read it, you should be able to contribute to it).

## Permissions settings of the webs on this Foswiki site

The topic SitePermissions gives you an overview of the access control settings for all your webs.

## Authentication vs. Access Control

Authentication: Identifies who a user is based on a login procedure. See UserAuthentication.

Access control: Restrict access to content based on users and groups once a user is identified.

## Users and groups

Access control is based on the familiar concept of users and groups. Users are defined by their WikiNames. They can then be organized in unlimited combinations by inclusion in one or more user Groups. Groups can also be included in other Groups.

### Managing Users

In standard Foswiki a user can create an account in UserRegistration. The following actions are performed:
• WikiName, encrypted password and email address are recorded using the password manager if authentication is enabled.
• A confirmation e-mail is sent to the user.
• A user home page with the WikiName of the user is created in the Main web.
• The user is added to the Main.WikiUsers topic.
• Optionally the user is added to one or more groups.

The default visitor name is Main.WikiGuest. This is the non-authenticated user. By default the non-authenticated user is not permitted to edit topics. If you require anonymous editing, see UserAuthentication#IndividualScripts.

Your local Foswiki may have an alternate user mapping manager installed which doesn't support user registration. Check with your Wiki administrator if you are in doubt.

### Managing Groups

The following describes the standard Foswiki support for groups. Your local Foswiki may have an alternate group mapping manager installed. Check with your Wiki administrator if you are in doubt.

Groups are defined by group topics located in the Main web. To create a new group, visit Main.WikiGroups. You will find a "Create a new group" link at the top which reveals a form to create a new group. Enter the name of the new group ending in Group into the "Group Name" form field and the initial members in the "Members" field. This creates a new group topic.

By default any member of a group has access rights to both adding and removing users from the group through the nice user interface. If you need to limit this access further, change the ALLOWTOPICCHANGE setting through "More Topic Action" -> "Edit topic preference settings".

The ALLOWTOPICCHANGE setting defines who is allowed to change the group topic; it is a comma delimited list of users and groups. You typically want to restrict that to the members of the group itself, so it should contain the name of the topic. This prevents users not in the group from editing the topic to give themselves or others access. For example, for the KasabianGroup topic write:
• Set ALLOWTOPICCHANGE = Main.KasabianGroup
• Caution This is set in the "Topic Settings" and not inline in the topic text!

Foswiki has strict formatting rules. Make sure you have three spaces, an asterisk, and an extra space in front of any access control rule. See below for more information about ALLOWTOPICCHANGE.

Background: A group topic is an empty topic with 3 hidden preference settings.

• GROUP: Comma separated list of users and/or groups
• ALLOWTOPICCHANGE: Comma separated list of users and groups that are allowed to add and remove users from the group
• VIEW_TEMPLATE: Always set to the value GroupView. This alters the way the topic is presented to include a nice user interface for adding and removing users.

Foswiki 1.1 introduced the smart user interface for adding and removing members of a group. Group topics from prior versions of Foswiki will still work. These have the GROUP setting visible in the topic text itself and you edit it by editing the topic. Foswiki 1.1 Main.WikiGroups will show these old group topics with an "Upgrade Group Topic button". The administrator can upgrade an old group topic to the nice new user interface with one easy click.

A number of Foswiki functions (for example, renaming webs) are only available to administrators. Administrators are simply users who belong to the SuperAdminGroup. This is a standard user group, the name of which is defined by {SuperAdminGroup} setting in configure. The default name of this group is the AdminGroup. The system administrator may have chosen a different name for this group if your local Foswiki uses an alternate group mapping manager, but for simplicity we will use the default name AdminGroup in the rest of this topic.

• Set GROUP = Main.ElizabethWindsor, Main.TonyBlair
A member of the Super Admin Group has unrestricted access throughout the wiki, so only trusted staff should be added to this group.

## Restricting Access

Access to webs and topics is controlled by setting the values of certain preferences. These names of these preferences have the general form:

permission context mode

Where permission is ALLOW or DENY, _context is TOPIC, WEB, or ROOT, and mode is VIEW, CHANGE, or RENAME. For example, the preference ALLOWWEBCHANGE lists who is allowed to change topics in the current web.

• Restricting VIEW blocks viewing and searching of content. When you restric VIEW to a topic or web, this also restricts INCLUDE and Formatted SEARCH from showing the content of the topics.
• Restricting CHANGE blocks creating new topics, changing topics or attaching files.
• Restricting RENAME prevents renaming of topics within a web.

There is an important distinction between CHANGE access and RENAME access. A user can CHANGE a topic, but thanks to version control their changes cannot be lost (the history of the topic before the change is recorded). However if a topic or web is renamed, that history may be lost. Typically a site will only give RENAME access to administrators and content owners.

Note that ALLOWWEBxxx and DENYWEBxxx preferences can only be set in WebPreferences topics. You cannot define a site level access. Each web must be protected on their own. Subwebs inherit access settings from the parent web. See next section.

Note that ALLOWTOPICxxx and DENYTOPICxxx preferences apply only to the topic itself.

Be warned that some plugins may not respect access permissions.

FINALPREFERENCES affects access controls, allowing you to prevent changes to access control settings while still allowing edit access to topics.

You can define restrictions on who is allowed to view a Foswiki web. You can restrict access to certain webs to selected users and groups, by:

• authenticating all webs and restricting selected webs: Topic access in all webs is authenticated, and selected webs have restricted access.
• authenticating and restricting selected webs only: Provide unrestricted viewing access to open webs, with authentication and restriction only on selected webs.

• You can define these settings in the WebPreferences topic, preferable towards the end of the topic:
• Set DENYWEBVIEW = < comma-delimited list of users and groups >
• Set ALLOWWEBVIEW = < comma-delimited list of users and groups >
• Set DENYWEBCHANGE = < comma-delimited list of users and groups >
• Set ALLOWWEBCHANGE = < comma-delimited list of users and groups >
• Set DENYWEBRENAME = < comma-delimited list of users and groups >
• Set ALLOWWEBRENAME = < comma-delimited list of users and groups >

If your site allows sub-webs, then access to sub-webs is determined from the access controls of the parent web, plus the access controls in the sub-web. So, if the parent web has ALLOWWEBVIEW set, this will also apply to the subweb. Also note that you will need to ensure that the parent web's FINALPREFERENCES does not include the access control settings listed above. Otherwise you will not be able override the parent web's access control settings in sub-webs.

Creation and renaming of sub-webs is controlled by the WEBCHANGE setting on the parent web (or ROOTCHANGE for root webs). Renaming is additionally restricted by the setting of WEBRENAME in the web itself.

• You can define these settings in any topic, preferable towards the end of the topic:
• Set DENYTOPICVIEW = < comma-delimited list of users and groups >
• Set ALLOWTOPICVIEW = < comma-delimited list of users and groups >
• Set DENYTOPICCHANGE = < comma-delimited list of users and groups >
• Set ALLOWTOPICCHANGE = < comma-delimited list of users and groups >
• Set DENYTOPICRENAME = < comma-delimited list of users and groups >
• Set ALLOWTOPICRENAME = < comma-delimited list of users and groups >

Caution! Settings are always taken from the latest (current) revision of a topic. If older revisions of a topic had more restrictive access controls, they will not be used when accessing the older revision.

Remember when opening up access to specific topics within a restricted web that other topics in the web - for example, the WebLeftBar - may also be accessed when viewing the topics. The message you get when you are denied access should tell you what topic you were not permitted to access.

Be careful with empty values for any of these.

• Set ALLOWTOPICVIEW =
This means the same as not setting it at all. (This was documented wrong in versions 4.0.X, 4.1.0 and 4.1.1)

• Set DENYTOPICVIEW =
This means do not deny anyone the right to view this topic. If DENYTOPICVIEW is set to an empty value anyone has access even if ALLOWTOPICVIEW or ALLOWWEBVIEW is defined. This allows you to have very restrictive default access rights to an entire web and still allow individual topics to have more open access.

The same rules apply to ALLOWTOPICCHANGE/DENYTOPICCHANGE and APPLYTOPICRENAME/DENYTOPICRENAME. Setting ALLOWTOPICCHANGE or ALLOWTOPICRENAME to en empty value means the same as not defining it. Setting DENYTOPICCHANGE or DENYTOPICRENAME to an empty value means that anyone can edit or rename the topic.

If the same setting is defined multiple times the last one overrides the previous. They are not OR'ed together.

Setting to an empty value has caused confusion and great debate and it has been decided that the empty setting syntax will be replaced by something which is easier to understand in a later version of Foswiki. A method to upgrade will be provided. Please read the release notes carefully when you upgrade.

See "How Foswiki evaluates ALLOW/DENY settings" below for more on how ALLOW and DENY interacts.

Attachments are referred to directly, and are not normally indirected via Foswiki scripts. This means that the above instructions for access control will not apply to attachments. It is possible that someone may inadvertently publicise a URL that they expected to be access-controlled.

The easiest way to apply the same access control rules for attachments as apply to topics is to use the Apache mod_rewrite module, and configure your webserver to redirect accesses to attachments to the Foswiki viewfile script. For example,

    ScriptAlias /foswiki/bin/ /filesystem/path/to/bin/
Alias /foswiki/pub/       /filesystem/path/to/pub/

RewriteEngine on
RewriteCond %{REQUEST_URI} !^/+foswiki/+pub/+System/+.+
RewriteRule ^/+foswiki/+pub/+([^/]+)((/+([^/]+))+)/+(.+) /foswiki/bin/viewfile/$1/$2?filename=$5 [L,PT]  That way all the controls that apply to the topic also apply to attachments to the topic. Other types of webserver have similar support. Images embedded in topics will load much slower since each image will be delivered by the viewfile script. ### Controlling who can manage top-level webs Top level webs are a special case, because they don't have a parent web with a WebPreferences. So there has to be a special control just for the root level. • You can define these settings in the Main.SitePreferences topic, preferably towards the end of the topic: • Set DENYROOTCHANGE = < comma-delimited list of users and groups > • Set ALLOWROOTCHANGE = < comma-delimited list of users and groups > Note that you do not require ROOTCHANGE access to rename an existing top-level web. You just need WEBCHANGE in the web itself. ### How Foswiki evaluates ALLOW/DENY settings When deciding whether to grant access, Foswiki evaluates the following rules in order (read from the top of the list; if the logic arrives at PERMITTED or DENIED that applies immediately and no more rules are applied). You need to read the rules bearing in mind that VIEW, CHANGE and RENAME access may be granted/denied separately. Settings are only read from the most current (latest) revision of a topic. Settings from older revisions are never used, even when viewing an older revision with the rdiff script 1. If the user is an administrator • access is PERMITTED. 2. If DENYTOPIC is set to a list of wikinames • people in the list will be DENIED. 3. If DENYTOPIC is set to empty ( i.e. Set DENYTOPIC = ) • access is PERMITTED i.e no-one is denied access to this topic. Attention: Use this with caution. This is deprecated and will likely change in the next release. 4. If ALLOWTOPIC is set 1. people in the list are PERMITTED 2. everyone else is DENIED 5. If DENYWEB is set to a list of wikinames • people in the list are DENIED access 6. If ALLOWWEB is set to a list of wikinames • people in the list will be PERMITTED • everyone else will be DENIED 7. If you got this far, access is PERMITTED ## Access control and INCLUDE ALLOWTOPICVIEW and ALLOWTOPICCHANGE only applies to the topic in which the settings are defined. If a topic A includes another topic B, topic A does not inherit the access rights of the included topic B. Examples: Topic A includes topic B • If the included topic B has ALLOWTOPICCHANGE set to block editing for a user, it does not prevent editing the including topic A. • If the included topic B has ALLOWTOPICVIEW set to block view for a user, the user can still view topic A but he cannot see the included topic B. He will see a message No permission to view B ## Access control quick recipes ### Obfuscating webs Another way of hiding webs is by setting the NOSEARCHALL setting in WebPreferences. It does the following: • Prevents the all webs search option from accessing the web • Hides the web from the %WEBLIST% macro.  * Set NOSEARCHALL = on  This setup can be useful to hide a new web until content its ready for deployment, or reduce clutter in the WebLeftBar and default search results when restricted access is not desired. Setting NOSEARCHALL to any value other than the empty string will hide a web. Setting NOSEARCHALL = off will have the same effect as setting it to on Obfuscating a web without setting view access control is very insecure, as anyone who knows the URL can access the web, and explicit searches naming that web will also work. For security purposes it is better to use the ALLOW or DENY VIEW settings in the WebPreferences topic. %SEARCH% and %WEBLIST% will not show any results for webs that the current user does not have permission to view. ### Restrict Access to a whole Foswiki site For a firewalled Foswiki, e.g. an intranet wiki or extranet wiki, you want to allow only invited people to access your Foswiki. With this configuration, someone with access to the site needs to register new users. ResetPassword will also have to be done by administrators. #### When using Apache Login User authentication with ApacheLogin is enabled on your site. To reqire login for all scripts: • lock down access to the whole bin and pub directories to all but valid users. In the Apache .htaccess file or the appropriate .conf file, replace the <FilesMatch "(attach|edit|... section with this: <FilesMatch ".*"> require valid-user </FilesMatch>  If needed, you can further restrict access to selected webs with ALLOWWEBVIEW and other access control settings. #### When using Template Login User authentication with TemplateLogin is enabled on your site. To require login for all scripts: • Add all scripts in the foswiki/bin directory (except for login, logon and configure) to the list of {AuthScripts} in configure. For a default Foswiki installation: • Default (open) site: {AuthScripts} = 'attach,compareauth,edit,manage,previewauth,rdiffauth,rename,rest,restauth,save,statistics,upload,viewauth,viewfileauth';  • Restricted (closed) site: {AuthScripts} = 'attach,changes,compare,compareauth,edit,manage,oops,preview,previewauth,rdiff,rdiffauth,register,rename,resetpasswd,rest,restauth,save,search,statistics,upload,view,viewauth,viewfile,viewfileauth  If you install extensions that add scripts, you must also remember to add the new scripts to this list or the new scripts will not be protected. ### Authenticate all webs and restrict selected webs Use the following setup to authenticate users for topic viewing in all webs and to restrict access to selected webs. Requires UserAuthentication to be enabled. 1. The simple way is to add this to WebPreferences in all webs. • Set DENYWEBVIEW = WikiGuest 2. Restrict view access to selected users and groups. Set one or both of these settings in its WebPreferences topic: • Set ALLOWWEBVIEW = < list of users and groups > • Note: DENYWEBVIEW is evaluated before ALLOWWEBVIEW. Access is denied if the authenticated person is in the DENYWEBVIEW list, or not in the ALLOWWEBVIEW list. Access is granted if DENYWEBVIEW and ALLOWWEBVIEW are not defined. In rare cases it may be required to authenticate the view script. This can in some cases have a dramatic performance hit because the webserver must re-authenticate for every page view. 1. Set require valid-user on your view script in .htaccess or the appropriate Apache .conf file. This looks like: FilesMatch "(attach|edit|manage|rename|save|view|upload|mail|logon|.*auth).*" (normally view is not in that list). ### Authenticate and restrict selected webs only Use the following setup to provide unrestricted viewing access to open webs, with authentication only on selected webs. Requires UserAuthentication to be enabled. 1. Restrict view access to selected users and groups. Set one or both of these settings in its WebPreferences topic: • Set DENYWEBVIEW = < list of users and groups > • Set ALLOWWEBVIEW = < list of users and groups > • Note: DENYWEBVIEW is evaluated before ALLOWWEBVIEW. Access is denied if the authenticated person is in the DENYWEBVIEW list, or not in the ALLOWWEBVIEW list. Access is granted if DENYWEBVIEW and ALLOWWEBVIEW are not defined. ### Show control settings You can list the access controls affecting a topic using the %SHOWPREFERENCE{}% macro in the topic, thus: %SHOWPREFERENCE{"DENYWEBVIEW,ALLOWWEBVIEW,DENYWEBCHANGE,ALLOWWEBCHANGE,DENYWEBRENAME,ALLOWWEBRENAME"}%  For this topic, this displays: • Set DENYWEBVIEW = "" • Set ALLOWWEBVIEW = "" • Set DENYWEBCHANGE = "" • Set ALLOWWEBCHANGE = "%USERSWEB%.AdminGroup" • ALLOWWEBCHANGE was defined in SystemFoswiki.WebPreferences • Set DENYWEBRENAME = "" • Set ALLOWWEBRENAME = "%USERSWEB%.AdminGroup" • ALLOWWEBRENAME was defined in SystemFoswiki.WebPreferences ### Hide control settings To hide access control settings from normal browser viewing, you can put them into the topic preference settings by clicking the link Edit topic preference settings under More topic actions menu. Preferences set in this manner are not visible in the topic text, but take effect nevertheless. Access control settings added as topic preference settings are stored in the topic meta data and they override settings defined in the topic text. Alternatively, place them in HTML comment markers, but this exposes the access setting during ordinary editing. <!-- * Set DENYTOPICCHANGE = Main.SomeGroup -->  Back to top # Text Formatting Working in Foswiki is as easy as typing in text. You don't need to know HTML, though you can use it if you prefer. Links to topics are created automatically when you enter WikiWords. And Foswiki shorthand gives you all the power of HTML with a simple coding system that takes no time to learn. It's all laid out below. ## Editing Shorthand Formatting Command: You write: You get: Paragraphs: Blank lines will create new paragraphs. 1st paragraph 2nd paragraph  1st paragraph 2nd paragraph Headings: Three or more dashes at the beginning of a line, followed by plus signs and the heading text. One plus creates a top level heading, two pluses a second level heading, etc. The maximum heading depth is 6. You can create a table of contents with the %TOC% macro. If you want to exclude a heading from the TOC, put !! after the ---+. Empty headings are allowed, but won't appear in the table of contents. ---++ Sushi ---+++ Maguro ---+++!! Not in TOC  ## Sushi ### Maguro ### Not in TOC Bold Text: Words get shown in bold by enclosing them in * asterisks. *Bold*  Bold Italic Text: Words get shown in italic by enclosing them in _ underscores. _Italic_  Italic Bold Italic: Words get shown in bold italic by enclosing them in __ double-underscores. __Bold italic__  Bold italic Fixed Font: Words get shown in fixed font by enclosing them in = equal signs. =Fixed font=  Fixed font Bold Fixed Font: Words get shown in bold fixed font by enclosing them in double equal signs. ==Bold fixed==  Bold fixed You can follow the closing bold, italic, or other (* _ __ = ==) indicator with normal punctuation, such as commas and full stops. Make sure there is no space between the text and the indicators. _This works_, _this does not _  This works, _this does not _ Verbatim (Literal) Text: Surround code excerpts and other formatted text with <verbatim> and </verbatim> tags. verbatim tags disable HTML code. Use <pre> and </pre> tags instead if you want the HTML code within the tags to be interpreted. Preferences settings (* Set NAME = value) are set within verbatim tags. <verbatim> class CatAnimal { void purr() { <code here> } } </verbatim>  class CatAnimal { void purr() { <code here> } }  Verbatim (Literal) Code Highlighting: Surround code excerpts and other formatted text e.g. with <verbatim class="bash"> and </verbatim> tags. This type of code highlighting is based on Chili - the jQuery code highlighter plugin. Please find supported class attributes in SystemFoswiki.JQueryChili. verbatim tags disable HTML code. Use <pre class="bash"> and </pre> tags instead if you want the HTML code within the tags to be interpreted. Preferences settings (* Set NAME = value) are set within verbatim tags. <verbatim class="bash"> #!/bin/bash while [ -n "$(ls . ~/ \
~/pub* /var/www 2>/dev/null \
| fgrep foswiki )" ] ; do
clear
printf "\nFoswiki rules!\n"
sleep 10
clear
printf "\nFoswiki still rules!\n"
sleep 10
done; exit 0
</verbatim>

#!/bin/bash
while [ -n "$(ls . ~/ \ ~/pub* /var/www 2>/dev/null \ | fgrep foswiki )" ] ; do clear printf "\nFoswiki rules!\n" sleep 10 clear printf "\nFoswiki still rules!\n" sleep 10 done; exit 0  Separator (Horizontal Rule): Three or more three dashes at the beginning of a line.. ---  Bulleted List: Multiple of three spaces, an asterisk, and another space. For all the list types, you can break a list item over several lines by indenting lines after the first one by at least 3 spaces.  * level 1 * level 2 * back on 1 * A bullet broken over three lines * last bullet  • level 1 • level 2 • back on 1 • A bullet broken over three lines • last bullet Numbered List: Multiple of three spaces, a type character, a dot, and another space. Several types are available besides a number: Type Generated Style Sample Sequence 1. Arabic numerals 1, 2, 3, 4... A. Uppercase letters A, B, C, D... a. Lowercase letters a, b, c, d... I. Uppercase Roman Numerals I, II, III, IV... i. Lowercase Roman Numerals i, ii, iii, iv...  1. Sushi 1. Dim Sum 1. Fondue A. Sushi A. Dim Sum A. Fondue i. Sushi i. Dim Sum i. Fondue  1. Sushi 2. Dim Sum 3. Fondue 1. Sushi 2. Dim Sum 3. Fondue 1. Sushi 2. Dim Sum 3. Fondue Definition List: Three spaces, a dollar sign, the term, a colon, a space, followed by the definition. $ Sushi: Japan
Dim Sum: S.F.  Sushi Japan Dim Sum S.F. Definition List: (deprecated) Three spaces, the term (a single word, no spaces), a colon, a space, followed by the definition.  Sushi: Japan Dim-Sum: S.F.  Sushi Japan Dim-Sum S.F. Table: Each row of the table is a line containing of one or more cells. Each cell starts and ends with a vertical bar '|'. Any spaces at the beginning of a line are ignored. • | *bold* | header cell with text in asterisks • | center-aligned | cell with at least two, and equal number of spaces on either side • | right-aligned | cell with more spaces on the left • | 2 colspan || and multi-span columns with multiple |'s right next to each other • |^| cell with caret indicating follow-up row of multi-span rows • You can split rows over multiple lines by putting a backslash '\' at the end of each line • Contents of table cells wrap automatically as determined by the browser • Use %VBAR% or &#124; to add | characters in tables. • Use %CARET% or &#94; to add ^ characters in tables. The System.TablePlugin provides the |^| multiple-span row functionality and additional rendering features | *L* | *C* | *R* | | A2 | B2 | C2 | | A3 | B3 | C3 | | multi span ||| | A5-7 | 5 | 5 | |^| six | six | |^| seven | seven | | split\ | over\ | 3 lines | | A9 | B9 | C9 | | %CARET% | B10 |%VBAR%| | &#94; | B11 |&#124;|  L C R A2 B2 C2 A3 B3 C3 multi span A5-7 5 5 six six seven seven split over 3 lines A9 B9 C9 ^ B10 | ^ B11 | WikiWord Links: CapitalizedWordsStuckTogether (or WikiWords) will produce a link automatically if preceded by whitespace or parenthesis. If you want to link to a topic in a different web write Otherweb.TopicName. To link to a topic in a subweb write Otherweb.Subweb.TopicName. The link label excludes the name of the web, e.g. only the topic name is shown. As an exception, the name of the web is shown for the WebHome topic. Dots '.' are used to separate webs and subwebs from topic names and therefore cannot be used in topic names. It's generally a good idea to use the macros %SYSTEMWEB%, %SANDBOXWEB% and %USERSWEB% instead of System, Sandbox and Main. %STATISTICSTOPIC% %SANDBOXWEB%.WebNotify %SANDBOXWEB%.WebHome %SANDBOXWEB%.Subweb.TopicName  WebStatistics Sandbox.WebNotify Sandbox.WebHome TopicName Acronym Links: Words that are all capitals will produce a link automatically only if the topic already exists!. ACRONYM %SYSTEMWEB%.ACRONYM  ACRONYM System.ACRONYM Anchors: You can define a reference inside a topic (called an anchor name) and link to that. To define an anchor write #AnchorName at the beginning of a line. The anchor name must be a WikiWord of no more than 32 characters. To link to an anchor name use the [[MyTopic#MyAnchor]] syntax. You can omit the topic name if you want to link within the same topic. [[WikiWord#NotThere]] [[#MyAnchor][Jump]] #MyAnchor To here  WikiWord#NotThere Jump To here Forced Links: You can create a forced internal link by enclosing words in double square brackets. Text within the brackets may contain optional spaces; the topic name is formed by capitalizing the initial letter and by removing the spaces; for example, [[wiki syntax]] links to topic WikiSyntax. You can also refer to a different web and use anchors. To "escape" double square brackets that would otherwise make a link, prefix the leading left square bracket with an exclamation point. [[wiki syntax]] [[Main.Wiki groups]] escaped: ![[wiki syntax]]  wiki syntax Main.Wiki groups escaped: [[wiki syntax]] Specific Links: You can create a link where you specify the link text and the URL separately using nested square brackets [[reference][text]]. Internal link references (e.g. WikiSyntax) and URLs (e.g. http://foswiki.org/) are both supported. The rules described under Forced Links apply for internal link references. Anchor names can be added as well, to create a link to a specific place in a topic. [[WikiSyntax][wiki syntax]] [[http://gnu.org][GNU]]  wiki syntax GNU Prevent a Link: Prevent a WikiWord from being linked by prepending it with an exclamation point. !SunOS  SunOS Disable Links: You can disable automatic linking of WikiWords by surrounding text with <noautolink> and </noautolink> tags. It is possible to turn off all auto-linking with a NOAUTOLINK preference setting.  <noautolink> RedHat & SuSE </noautolink>  RedHat & SuSE Mailto Links: E-mail addresses are linked automatically. To create e-mail links that have more descriptive link text, specify subject lines or message bodies, or omit the e-mail address, you can write [[mailto:user@domain][descriptive text]]. a@b.com [[mailto:a@b.com][Mail]] [[mailto:?subject=Hi][Hi]]  a@b.com Mail Hi Literal content: Foswiki generates HTML code from TML shorthand. Experts surround anything that must be output literally in the HTML code, without the application of shorthand rules, with <literal>..</literal> tags. Any HTML within literal tags must be well formed i.e. all tags must be properly closed before the end of the literal block. Macros are expanded within literal blocks. <literal> | Not | A | Table | </literal>  | Not | A | Table | Protected content: Experts protect text from mangling by WYSIWYG editors using <sticky>..</sticky> tags. Sticky tags don't have any effect on normal topic display; they are only relevant when content has to be protected from a WYSIWYG editor (usually because it isn't well-formed HTML, or because it is HTML that WYSIWYG would normally filter out or modify). Protected content appears as plain text in the WYSIWYG editor. Any HTML within sticky tags must be well formed i.e. all tags must be properly closed before the end of the sticky block. Macros are expanded within sticky blocks. <sticky> <div> This div %RED%is%ENDCOLOR% required </div> </sticky>  This div is required ## Using HTML You can use most HTML tags in topics without a problem. This is useful where you want to add some content that is formatted in a way that is not supported using wiki syntax, for example, you can write <strike>deleted text</strike> to get deleted text. There are a few usability and technical considerations to keep in mind: • On collaboration pages, it's better not to use HTML, but to use wiki syntax instead - this keeps the text uncluttered and easy to edit using the plaintext editor. • If you must use HTML, use XHTML 1.0 Transitional syntax. • Use <literal>..</literal> tags around blocks of HTML to avoid accidental interpretation of Wiki syntax within the HTML. Script tags may be filtered out, at the discretion of your Wiki administrator. Recommendations when pasting HTML from other sources (using the plain-text editor): • Copy only text between <body> and </body> tags. • Remove all empty lines. Foswiki inserts <p /> paragraph tags on empty lines, which causes problems if done between HTML tags that do not allow paragraph tags, like for example between table tags. • Remove leading spaces. Foswiki might interpret some text as lists. • Do not span a tag over more than one line. Foswiki requires that the opening and closing angle brackets - <...> - of a HTML tag are on the same line, or the tag will be broken. • In your HTML editing program, save without hard line breaks on text wrap. When using a WYSIWYG editor, you can just copy-paste directly into the editor, and the content will be converted to wiki syntax automatically when you save. Being able to create links without any special formatting is a core Foswiki feature, made possible with WikiWords, Acronyms, and inline URLs. • GoodStyle is a WikiWord that links to the GoodStyle topic located in the current web. • NotExistingYet is a topic waiting to be written. Create the topic by clicking on the ?. (Try clicking, but then, Cancel - creating the topic would wreck this example!) • ACRONYM links to a topic name consisting of only upper-case letters. Acronyms are linked only if the target topic actually exists. • Protocols matching the configuration parameter LinkProtocolPattern, which by default is set to (file|ftp|gopher|https|http|irc|mailto|news|nntp|telnet), are linked automatically. You might change this setting to add more protocols (such as smb). LinkProtocolPattern is an expert setting in the Foswiki configuration and can only be changed by a systems administrator. Thus, all lines containing: • file://... • ftp://... • gopher://... • https://... • http://... • irc://... • mailto:...@... • news://... • nntp://... • telnet://... are linked automatically. • E-mail addresses like name@domain.com are linked automatically. • [[Square bracket rules]] let you easily create non-WikiWord links. • You can also write [[http://yahoo.com Yahoo home page]] as an easier way of doing external links with descriptive text for the link, such as http://yahoo.com/ Yahoo home page. ## Macros Macros are names enclosed in percent signs that are that are expanded to some other text when the topic is displayed. For example, %TOPIC% is expanded to TextFormattingRules, the title of this topic. Some macros can take arguments in curly braces - for example, %INCLUDE{"OtherTopic" ARG="arg"}%. Many macro definitions are built-in, and others (preference settings) are predefined for your convenience. You can also define your own preference settings at the entire site, individual web, or individual topic level. For more information, see Macros Macros are fully expanded before any of the text formatting rules are applied. ## Plugin Formatting Extensions Plugins can extend the functionality of Foswiki into many other areas. There are a huge number of plugins available from the foswiki site. Currently enabled plugins on this installation, as listed by %PLUGINDESCRIPTIONS%: • System.SpreadSheetPlugin (20 Jan 2017, 1.23): Add spreadsheet calculations like "SUM($ABOVE())" to Foswiki tables and other topic text • System.SlideShowPlugin (06 Sep 2016, 2.32): Create web based presentations based on topics with headings • System.AutoViewTemplatePlugin (2016-04-08, 1.24): Automatically sets VIEW_TEMPLATE and EDIT_TEMPLATE • System.CommentPlugin (22 Jan 2018, 2.93): Quickly post comments to a page without an edit/save cycle • System.CompareRevisionsAddonPlugin (1.114, 1.114): • System.ConfigurePlugin (08 Dec 2017, 1.09): configure interface using json-rpc • System.EditRowPlugin (5 Feb 2018, 3.321): Inline edit for tables • System.HistoryPlugin (22 Jan 2018, 1.14): Shows a complete history of a topic • System.HomePagePlugin (1.23, 1.23): Allow User specified home pages - on login • System.InterwikiPlugin (8 Dec 2017, 1.25): Link ExternalSite:Page text to external sites based on aliases defined in a rules topic • System.JQueryPlugin (2 May 2019, 9.10): jQuery JavaScript library for Foswiki • System.MailerContribPlugin (2.84, 2.84): Supports e-mail notification of changes • System.NatEditPlugin (25 Feb 2018, 9.21): A Wikiwyg Editor • System.PreferencesPlugin (1.16, 1.16): Allows editing of preferences using fields predefined in a form • System.PubLinkFixupPlugin (14 Sep 2015, 1.00): For non-utf-8 sites, fix up Pub links to use correct encoding. • System.RenderListPlugin (2.28, 2.28): Render bullet lists in a variety of formats • System.SmiliesPlugin (17 Sep 2015, 2.03): Render smilies like as icons • System.SubscribePlugin (08 Dec 2017, 3.6): This is a companion plugin to the MailerContrib. It allows you to trivially add a "Subscribe me" link to topics to get subscribed to changes. • System.TablePlugin (22 Jan 2018, 1.160): Control attributes of tables and sorting of table columns • System.TinyMCEPlugin (1.31, 1.31): Integration of the Tiny MCE WYSIWYG Editor • System.TwistyPlugin (1.63, 1.63): Twisty section Javascript library to open/close content dynamically • System.UpdatesPlugin (22 Jan 2018, 1.04): Checks Foswiki.org for updates • System.WysiwygPlugin (08 Dec 2017, 1.37): Translator framework for WYSIWYG editors Check on current Plugin status and settings for this site in System.Plugins. ## Common Editing Errors Foswiki formatting rules are fairly simple to use and quick to type. However, there are some things to watch out for: • Q: Text enclosed in angle brackets like <filename> is not displayed. How can I show it as it is? • A: The '<' and '>' characters have a special meaning in HTML, they define HTML tags. You need to escape them, so write '&lt;' instead of '<', and '&gt;' instead of '>'. Example: Type 'prog &lt;filename&gt;' to get 'prog <filename>'. • Q: Why is the '&' character sometimes not displayed? • A: The '&' character has a special meaning in HTML, it starts a so called character entity, i.e. '&copy;' is the © copyright character. You need to escape '&' to see it as it is, so write '&amp;' instead of '&'. Example: Type 'This &amp; that' to get 'This & that'. Back to top # Macros Special text strings expand on the fly to display user data or system info Macros are text strings in one of two forms: %MACRONAME% %MACRONAME{ parameter="value" }%  These usually expand into content when a topic is rendered for viewing. There are two types of macros: 1. Preference settings: May be defined and modified by the user 2. Registered macros: Defined by the system or by Plugins (for example, the SpreadSheetPlugin introduces a %CALC{}% macro) ## Using Macros To use a macro type its name. For example, • type %T% to get (a preference settings) • type %TOPIC% to get Macros (a predefined macro) • type %CALC{ "$UPPER(Text)" }% to get TEXT (CALC is a macro defined by SpreadSheetPlugin)

Note:
• To leave a macro unexpanded, precede it with an exclamation point, e.g. type !%TOPIC% to get %TOPIC%
• Alternatively, insert a <nop> anywhere in the macro, Eg. %<nop>TOPIC%
• Macros are expanded relative to the topic they are used in, not the topic they are defined in
• Type %ALLVARIABLES% to get a full listing of all macros defined for a particular topic
• If a macro is not defined, then it will be left in the text unless it is called with a default parameter, in which case the value of the default parameter will replace the macro call in the output. For example, %UNDEFINED{default="blank"}% will expand to blank.

### Order of expansion

The following describes only these types of macros:

#### Standard form

The key to understanding nested expressions in Foswiki is to understand that macros are expanded "inside-out, left-to-right". Example:

%MACRO1{
something="%MACRO2{
somethingelse="%MACRO3%, %MACRO4%"
}%"
}%

The macros are expanded in this order: MACRO3, MACRO4, MACRO2, MACRO1.

##### Animated Example
%INCLUDE{
"%QUERY{
"'%THETOPIC%'/%THEFIELD%"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
"%QUERY{
"'%SYSTEMWEB%.FAQWhatIsWikiWiki'/%THEFIELD%"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
"%QUERY{
"'%SYSTEMWEB%.FAQWhatIsWikiWiki'/TopicClassification"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
"%QUERY{
"'System.FAQWhatIsWikiWiki'/TopicClassification"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification


These topics are for frequently

* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification


These topics are for frequently

* Set THETOPIC = System.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification


#### Delayed form

Standard form macros can nearly always be used to build the parameter string of another macro; however, sometimes it is desirable to bypass the inside-out expansion order and delay the inner macro until after the outer macro has finished expansion. This is accomplished by using the $percent format token instead of %, and escaping any " character it uses (becomes \") When working with a given macro, consult its documentation to determine which parameters support the $percent/$percnt format tokens. Generally only output parameters like header, format and footer support format tokens. Example: %MACRO1{ format="$percentMACRO2{
format=\"%MACRO3%, %MACRO4%\"
}$percent" }%  The macros are expanded in this order: MACRO3, MACRO4, MACRO1, MACRO2. ##### Animated Example From the conditional output example: %SEARCH{ "info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31')" type="query" limit="2" nonoise="on" format=" *$percentICON{
\"$percentIF{ \"'$topic'/parent.name='%PARENT%'\"
then=\"info\" else=\"gear\"
}$percent\" }$percent [[$topic]]" }% ---- * Set PARENT = UserDocumentationCategory  %SEARCH{ "info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31')" type="query" limit="2" nonoise="on" format=" *$percentICON{
\"$percentIF{ \"'$topic'/parent.name='UserDocumentationCategory'\"
then=\"info\" else=\"gear\"
}$percent\" }$percent [[topic]]" }% ---- * Set PARENT = UserDocumentationCategory   * %ICON{ "%IF{ "'AccessKeys'/parent.name='UserDocumentationCategory'" then="info" else="gear" }%" }% [[AccessKeys]] * %ICON{ "%IF{ "'AdminSkillsAssumptions'/parent.name='UserDocumentationCategory'" then="info" else="gear" }%" }% [[AdminSkillsAssumptions]] ---- * Set PARENT = UserDocumentationCategory   * %ICON{ "info" }% [[AccessKeys]] * %ICON{ "gear" }% [[AdminSkillsAssumptions]] ---- * Set PARENT = UserDocumentationCategory   * <img src="https://matisse.oca.eu/foswiki/bin/../pub/System/DocumentGraphics/info.png"/> [[AccessKeys]] * <img src="https://matisse.oca.eu/foswiki/bin/../pub/System/DocumentGraphics/gear.png"/> [[AdminSkillsAssumptions]] ---- * Set PARENT = UserDocumentationCategory  See also: FormattedSearch ## Macro Names Macro names must start with a letter. The following characters can be letters, numbers and the underscore '_'. Letters may be upper or lower-case, E.g. %MYVAR%, %MyVar%, %My2ndVar%, and %My_Var% are all separate, valid macro names (macros are case sensitive - %MyVAR% and %MYVAR% are not the same). By convention all settings, predefined macros and macros registered by plugins are always UPPER-CASE. %META:TOPICPARENT{name="AdminToolsCategory"}% #SettingPrefs ## Preference Settings A preference setting lets you define a simple macro that will be expanded in your output. A preference setting looks like this: [multiple of 3 spaces] * [space] Set [space] MACRONAME [space] = [space] value Example:  * Set WEBBGCOLOR = #FFFFC0 Macros defined using preference settings are expanded by enclosing their name in percent signs. So when you write %WEBBGCOLOR%, it gets expanded to #FFD8AA A preference macro is always taken from the most current topic revision, even when accessing previous revisions of a topic. Preferences can be defined in a number of places: 1. System.DefaultPreferences (Foswiki upgrades overwrite this topic) 2. In (some) plugin documentation topics. (Deprecated) 3. Main.SitePreferences 4. In user topics, if the user has one (yours is Main.WikiGuest) 5. WebPreferences 6. Sub-webs inherit the WebPreferences of their parent 7. In the topic being accessed In this list, Set statements which occur at numerically higher locations override macros of the same name defined at lower numbered levels, unless the macro was listed in a finalpreferences setting (finalised) at a lower-numbered level. in this case, the macro is locked to the value at that level; set statements at higher-numbered levels are ignored. ## Writing preference settings Preference settings are written as a simple bullet. In TML, they are written as 3-spaces,asterisk,equals,value  * Set MYSETTING = My setting value When using the Wysiwyg editor, click the "Bullet" button and write the setting as a simple bullet. Don't include the asterisk. Spaces between the = sign and the value will be ignored. You can split a value over several lines by indenting following lines with spaces - as long as you don't try to use * as the first character on the following line. Example:  * Set MACRONAME = value starts here and continues here  Whatever you include in your macro will be expanded on display, exactly as if it had been entered directly (though see Parameters, below). Example: Create a custom logo macro • To place a logo anywhere in a web by typing %MYLOGO%, define the preference settings in the web's WebPreferences topic, and upload a logo file, ex: mylogo.gif. You can upload by attaching the file to WebPreferences, or, to avoid clutter, to any other topic in the same web, e.g. LogoTopic. Sample preference setting in WebPreferences:  * Set MYLOGO = %PUBURL%/%WEB%/LogoTopic/mylogo.gif Preference settings are case sensitive. (Foswiki by convention always writes settings in upper case.)  * Set lower = This is LOWER * Set LOWER = This is UPPER * Set LoWeR = This is MIXED Expand %lower%, %LOWER% and %LoWeR%  Expand %lower%, %LOWER% and %LoWeR%. preference settings can easily be disabled with a # sign. Example:  * #Set DENYWEBCHANGE = %USERSWEB%.UnknownUser ### Hiding preference settings You can hide preference settings in the output by enclosing them in HTML comments; for example, <!-- * Set HIDDEN = This will be invisible in the output -->  You can also set preference settings in a topic by clicking the link Edit topic preference settings under More topic actions. Preferences set in this manner are known as 'meta' preferences and are not visible in the topic text, but take effect nevertheless. Caution If your topic will be used in an INCLUDE, it is recommended to not use HTML comments. instead, set preferences into the topic metadata by using the "Edit Settings for this topic" button on the "More topic actions" page. Settings in an included topic are always ignored, but nested comments will break the HTML. ### Order of perference settings If you are setting a preference and using it in the same topic, note that Foswiki reads all the preference settings from the saved version of the topic before it displays anything. This means you can use a setting anywhere in the topic, even if you set it at the very end. But beware: it also means that if you change the setting of a macro you are using in the same topic, Preview will show the wrong thing, and you must Save the topic to see it correctly. ### Preference settings and topic revision history Foswiki always reads the settings from the most current topic revision, so viewing older revisions of a topic can show unexpected results. And especially important, preference settings are never overridden or set in "%INCLUDE{" topics. in the below example about weather conditions, note the difference in the CONDITIONS expansion ### Parameters Note that %CONDITIONS% expands differently when this example is viewed in Macros. This is because Set statement are not active in included topics. The including topic's set statements are used. Macros defined using preference settings can take parameters. These are symbols passed in the call to the macro to define local macros that will be expanded in the output. For example,  * Set CONDITIONS = According to [[%BASETOPIC%]] the %WHAT% is %STATE% today (Set in ...).  You can call this macro passing in values for WHAT and STATE. For example: • %CONDITIONS{WHAT="sea" STATE="choppy"}% • expands to %CONDITIONS{WHAT="sea" STATE="choppy"}%. #### Parameter defaults • The special parameter name DEFAULT gets the value of any unnamed parameter in the macro call. • Parameter macros can accept a default parameter so that they expand to something even when a value isn't passed for them in the call. Example:  * Set WEATHER = It's %DEFAULT{default="raining"}%.  • %WEATHER% expands to %WEATHER% • %WEATHER{"sunny"}% expands to %WEATHER{"sunny"}% The standard formatting tokens can be used in parameters. They will be expanded immediately when the macro is instantiated. Note that parameters override all other macros, including system defined macros, in the expansion of the macro where they are used. ### Access Control Settings These are special types of preference settings to control access to content. AccessControl explains these security settings in detail. Parameters are not available in access control settings. ### Local values for preferences Certain topics (user, plugin, web, site and default preferences topics) have a problem; macros defined in those topics can have two meanings. For example, consider a user topic. A user may want to use a double-height edit box when they are editing their home topic - but only when editing their home topic. The rest of the time, they want to have a normal edit box. This separation is achieved using Local in place of Set in the macro definition. For example, if the user sets the following in their home topic:  * Set EDITBOXHEIGHT = 10 * Local EDITBOXHEIGHT = 20  Then, when they are editing any other topic, they will get a 10 high edit box. However, when they are editing their home topic they will get a 20 high edit box. Local can be used wherever a preference needs to take a different value depending on where the current operation is being performed. Use this powerful feature with great care! %ALLVARIABLES% can be used to get a listing of the values of all macros in their evaluation order, so you can see macro scope if you get confused. Deprecation warning. The setting used in this example, EDITBOXHEIGHT, is being deprecated and will be remove from Foswiki 1.2. Note that if the edit box size is changed using the javascript controls in the lower right corner of the edit box window, those settings will be used, and the EDITBOX* settings will be ignored. ## Predefined Macros Most predefined macros return values that were either set in the configuration when Foswiki was installed, or taken from server info (such as current username, or date and time). Some, like %SEARCH%, are powerful and general tools. Predefined macros can be overridden by preference settings (except TOPIC and WEB) Plugins may extend the set of predefined macros (see individual Plugins topics for details) Take the time to thoroughly read through ALL preference macros. If you actively configure your site, review macros periodically. They cover a wide range of functions, and it can be easy to miss the one perfect macro for something you have in mind. For example, see %BASETOPIC%, %INCLUDE%, and the mighty %SEARCH%. Your installation of Foswiki v2.1.6 has the following registered macros: # ACTIVATEDPLUGINS -- list of currently activated plugins ## Examples • %ACTIVATEDPLUGINS% expands to System.SpreadSheetPlugin, System.SlideShowPlugin, System.AutoViewTemplatePlugin, System.CommentPlugin, System.CompareRevisionsAddonPlugin, System.ConfigurePlugin, System.EditRowPlugin, System.HistoryPlugin, System.HomePagePlugin, System.InterwikiPlugin, System.JQueryPlugin, System.MailerContribPlugin, System.NatEditPlugin, System.PreferencesPlugin, System.PubLinkFixupPlugin, System.RenderListPlugin, System.SmiliesPlugin, System.SubscribePlugin, System.TablePlugin, System.TinyMCEPlugin, System.TwistyPlugin, System.UpdatesPlugin, System.WysiwygPlugin # ADDTOHEAD -- deprecated, use ADDTOZONE instead This macro is deprecated. Please use System.VarADDTOZONE instead. It effecively is a shortcut for %ADDTOZONE{"head" ...}% # ADDTOZONE -- add content to a named zone on the page ## Parameters Parameter Description Default "zone" comma-separated list of the names of zones that the content should be added to. The only zones guaranteed to exist are head, script and body. head id identifier for the text being added with the ADDTOZONE call, to be used in the requires parameter of other ADDTOZONE calls. Multiple ADDTOZONE calls with the same id parameter will simply overwrite the earlier ADDTOZONE call. requires comma separated string of ids of text within this zone that this content should follow when the zone is rendered. The content will be rendered even if a specified id is missing. text text to be added to the named zone, mutually exclusive with topic. topic full qualified web.topic name that contains the text to be added, mutually exclusive with text. %BASETOPIC% section section of the topic to be added the default section between STARTINCLUDE and STOPINCLUDE ## What is a "Zone"? Zones are specific places in the output HTML that are marked by calls to the RENDERZONE macro. Zones are used to collect various content together, such as Javascript and CSS, that must be included in the output HTML in a specific order, and in a specific place. There are three special zones called head, script and body. The head zone is rendered as part of the HTML head section. It is the catch-all container for any content supposed to be placed into the HTML head section, except Javascript, which is collected in the script zone. All Javascript must always be added to the script zone exclusively, in order to grant ordering constraints among scripts are resolved properly. Never add Javascript to the head zone -- never add non-Javascript content to the script zone. Both head and script zones are added to the HTML head section automatically just before the closing </head> tag as if they were specified explicitly in the skin templates using: <head> ... %RENDERZONE{"head"}% %RENDERZONE{"script"}% </head>  The body zone is added to the end of the rendered page just prior to the closing <body> tag. The body zone is new with Foswiki 2.1.5. It was added for improved compatibility with the System.NatSkin. You may create as many zones in addition to the standard head and script zones as you like. For any non-standard zone specified in ADDTOZONE you will also need to provide an appropriate RENDERZONE. Interesting use cases in wiki applications: • Create a sidebar zone to add widgets, • Create a toolbar zone to add buttons icons • Create a menu zone to add menu entries ### Adding content to a zone ADDTOZONE adds content to a zone identified with the id parameter. An id identifier is unique within the zone that they are added to. When the same id is used in multiple calls to ADDTOZONE the last call will win, that is previous content of the same id will be overwritten. ### Enforcing a linear order of content within a zone An ADDTOZONE call may ensure that its content appears after the content of some other ADDTOZONE calls by specifying their ids in the requires parameter. The requires parameter constraints the linear order of content added to a zone. When a zone is rendered, all ordering constraints expressed via requires are satisfied. Those ids not found in a zone don't have any influence on the final ordering. Missing ids aren't considered an error rather than an over-specified ordering problem. ### Working with {MergeHeadAndScriptZones} disabled (default) In this mode, the head and script zones are treated separately. Even when head and script zones are treated separately, the head zone will always be rendered before the script zone, unless otherwise specified using RENDERZONE explicitly. So any content in the script zone that depends on content placed into the head zone is satisfied intrinsicly as they are both rendered as specified above. ### Working with {MergeHeadAndScriptZones} enabled In this mode, the head and script zones are separate when adding to them, but may be treated as merged when you call RENDERZONE if there are any dependencies specified that only exist in the opposite zone. This allows an ADDTOZONE{"head"...} to to successfully require an id that has been added to script. {MergeHeadAndScriptZones} is provided to maintain compatibility with legacy extensions that use ADDTOHEAD to add <script> markup and require content that is now in the script zone. {MergeHeadAndScriptZones} will be removed from a future version of Foswiki. ## Examples ### Adding to a zone with missing dependencies You must ensure that no head content (and no inline Javascript) depends on script content. Any such dependency will be ignored. In real world application this isn't a problem as Javascript is never added to the head zone or Javascript zone part of the script zone never really depends on non-Javascript content part of the head zone. HTML comment decoration which normally appears after each id's content in the rendered HTML will contain a small informative text to aid debugging. Example %ADDTOZONE{ "script" text=" <script type='text/javascript'> alert('test'); </script>" requires="some-id-that-exists-in-script" id="MY::TEST" }%  Result <script type='text/javascript'> alert('test'); </script> <!-- MY::TEST: requires= missing ids: some-id-that-exists-in-script -->  ### Adding Javascript to a page Make sure that all inline Javascript code in the topic (if it is allowed) is added to the page using %ADDTOZONE{"script"...requires="library-id"}% with the appropriate library-id to guarantee a correct load order. For example, jQuery code should be added as follows: %JQREQUIRE{"shake"}% %ADDTOZONE{ "script" id="MyApp::ShakePart" text=" <script type='text/javascript'> jQuery('#something').shake(3, 10, 180); </script>" requires="JQUERYPLUGIN::SHAKE" }%  where "MyApp::ShakePart" is a unique id to identify the text added to script; and JQUERYPLUGIN::SHAKE signifies that the content added with that identifier should appear beforehand. ### Adding CSS to a page %ADDTOZONE{"head" id="MyCSS" text=" <style type='text/css' media='all'> @import url('%PUBURLPATH%/%SYSTEMWEB%/MyCSS/foo.css'); </style>" }%  # ALLVARIABLES -- list of currently defined macros Expands to a table showing all defined macros in the current context Deprecated 2009-04-29 in favour of SHOWPREFERENCE # ATTACHURL -- full URL for attachments in the current topic Shorthand for PUBURL, with path set to the current topic. Otherwise supports all the same parameters as PUBURL. # ATTACHURLPATH -- path of the attachment URL of the current topic Shorthand for PUBURLPATH with path set to the current topic. Otherwise supports all the same parameters as PUBURLPATH. # AUTHREALM -- authentication realm String defined as the {AuthRealm} expert option in configure Security And Authentication tab, =Login sub-tab.. This is used in certain password encodings, and in login templates as part of the login prompt. ## Examples • %AUTHREALM% expands to Enter your System.WikiName. (First name and last name, no space, no dots, capitalized, e.g. System.JohnSmith). Cancel to register if you do not have one. # BASETOPIC -- base topic where an INCLUDE started The name of the topic where a single or nested INCLUDE started - same as %TOPIC% if there is no INCLUDE. This is the name of the topic requested by the user. # BASEWEB -- base web where an INCLUDE started The web name where the includes started, e.g. the web of the first topic of nested includes. Same as %WEB% in case there is no include. This is the name of the web requested by the user. # BUTTON -- renders a nice button ## Parameters Parameter Description Default "text" text to be put on this button value text to be put on this button accesskey access key used for this button class e.g. use simple for a non-3D button align left, right, center href url of the click target # icon icon to be put on the left; note, this can be any icon attached to the {IconSearchPath}; see also System.VarJQICON id html id for this button onclick javascript event triggered when clicking the button target topic to open when clicking on the button title popup title displayed when hovering over the button type type of action to be performed; available actions are • button - normal click button, target specified in target or href parameter • clear - clears all input fields in the form that contains the button • reset - resets all input fields in a form to their initial value • submit - submits the form that contains the button • save - same as submit but takes care of extra validation steps when saving a wiki topic button ## Examples %BUTTON{ "%MAKETEXT{"Submit"}%" icon="tick" onclick="confirm('Are your sure?')" }% %BUTTON{ "%MAKETEXT{"Cancel"}%" icon="cross" target="%WEB%.%TOPIC%" }% %CLEAR% • Expands as: Note: BUTTONS are floating to the left by default. Take care to add a %CLEAR% after the %BUTTON{...}% so that further content does not overlap with the button. # CALC -- add spreadsheet calculations to tables and outside tables The %CALC{"formula"}% macro is handled by the System.SpreadSheetPlugin. There are around 90 formulae, such as ABS(), $EXACT(), $EXISTS(), $GET()/$SET(), $IF(), $LOG(), $LOWER(), $PERCENTILE(), $TIME(), $VALUE().
• This macro is specifically for manipulating data in tables, and so is evaluated after the normal Macro expansion order. If you need a standard ordered evaluation see CALCULATE

## Examples

• %CALC{"$SUM($ABOVE())"}% returns the sum of all cells above the current cell
• %CALC{"$EXISTS(Web.SomeTopic)"}% returns 1 if the topic exists • %CALC{"$UPPER(Collaboration)"}% returns COLLABORATION

# CALCULATE -- add spreadsheet formulae calls using standard Macro evaluation order.

The %CALCULATE{"formula"}% macro is handled by the System.SpreadSheetPlugin. There are around 90 formulae, such as $ABS(), $EXACT(), $EXISTS(), $GET()/$SET(), $IF(), $LOG(), $LOWER(), $PERCENTILE(), $TIME(), $VALUE(). This macro is uses the normal (left to right, inside out) Macro expansion order. If you need to evaluate after expanding table data, see CALC ## Examples • %CALCULATE{"$EXISTS(Web.SomeTopic)"}% returns 1 if the topic exists
• %CALCULATE{"$UPPER(Collaboration)"}% returns COLLABORATION CALC, IF, System.SpreadSheetPlugin # COMMENT -- insert an edit box into the topic to easily add comments. ## Parameters • The following standard attributes are recognized Name Description Default type This is the name of the template to use for this comment. Comment templates are defined in a Foswiki template - see Customisation, below. If this attribute is not defined, the type is whatever is defined by COMMENTPLUGIN_DEFAULT_TYPE preference setting. below default Default text to put into the prompt. target Name of the topic to add the comment to the current topic mode For compatibility with older versions only, synonymous with type nonotify Set to "on" to disable change notification for target topics off noform Set to "on" to disable the automatic form that is generated around your comment prompt if you don't provide a FORM template. See CommentPluginExamples:noform for an example. off nopost Set to "on" to disable insertion of the posted text into the topic. off remove Set to "on" to remove the comment prompt after the first time it is clicked. off button Button label text Add comment ## Examples • A %COMMENT% without parameters shows a simple text box. # COVER -- current skin cover Extends the skin search path. For instance, if SKIN is set to catskin, bearskin, and COVER is set to ruskin, the skin search path becomes ruskin, catskin, bearskin. The COVER setting can be overridden using the URL parameter cover, such as ?cover=ruskin ## Examples • %COVER% currently expands to %COVER% (it will only expand when a cover is actually set) # DATE -- signature format date ## Examples • %DATE% expands to 22 Oct 2021 • Date format defined as {DefaultDateFormat} in configure When used in a template topic, this variable will be expanded when the template is used to create a new topic. See System.TemplateTopics#TemplateTopicsVars for details. # DISPLAYTIME -- display formatted time Formatted time - either GMT or Local server time, depending on {DisplayTimeValues} setting in configure. Same format qualifiers as %GMTIME% ## Parameters Parameter Description Default "format" Optional format (see GMTIME) ## Examples • %DISPLAYTIME% expands to 22 Oct 2021 - 07:03 • %DISPLAYTIME{"$hou:$min"}% expands to 07:03 ### EDITTABLE{ attributes } -- edit tables using edit fields and other input fields • The %EDITTABLE{}% macro is handled by the System.EditTablePlugin • Syntax: %EDITTABLE{ attributes }% • Supported attributes: Attribute Comment Default header Specify the header format of a new table like "|*Food*|*Drink*|". Useful to start a table with only a button (no header) format The format of one column when editing the table. A cell can be a text input field, or any of these edit field types: • Text input field (1 line): | text, <size>, <initial value> | • Textarea input field: | textarea, <rows>x<columns>, <initial value> | • Drop down box: | select, <size>, <option 1>, <option 2>, etc* | * only one item can be selected • Radio buttons: | radio, <size*>, <option 1>, <option 2>, etc | * size indicates the number of buttons per line in edit mode • Checkboxes: | checkbox, <size*>, <option 1>, <option 2>, etc | * size indicates the number of checkboxes per line in edit mode • Fixed label: | label, 0, <label text> | • Row number: | row, <offset> | • Date: | date, <size>, <initial value>, <DHTML date format> | (see Date Field Type) "text, 16" for all cells changerows Rows can be added and removed if "on" Rows can be added but not removed if "add" Rows cannot be added or removed if "off" CHANGEROWS plugin setting quietsave Quiet Save button is shown if "on", hidden if "off" QUIETSAVE plugin setting include Other topic defining the EDITTABLE parameters. The first %EDITTABLE% in the topic is used. This is useful if you have many topics with the same table format and you want to update the format in one place. Use topic or web.topic notation. (none) helptopic Topic name containing help text shown below the table when editing a table. The %STARTINCLUDE% and %STOPINCLUDE% macros can be used in the topic to specify what is shown. (no help text) headerislabel Table header cells are read-only (labels) if "on"; header cells can be edited if "off" or "0" "on" editbutton Set edit button text, e.g. "Edit this table"; set button image with alt text, e.g. "Edit table, %PUBURL%/%SYSTEMWEB%/DocumentGraphics/edittopic.gif"; hide edit button at the end of the table with "hide" (Note: Button is automatically hidden if an edit button is present in a cell) EDITBUTTON plugin setting buttonrow Set to top to put the edit buttons above the table. bottom javascriptinterface Use javascript to directly move and delete row without page refresh. Enable with "on", disable with "off". JAVASCRIPTINTERFACE plugin setting Example: %EDITTABLE{ format="| text, 20 | select, 1, one, two, three |" changerows="on" }% | *Name* | *Type* | | Foo | two | Produces: %EDITTABLE{ format="| text, 20 | select, 1, one, two, three |" changerows="on" }% Name Type Foo two Related: See System.EditTablePlugin for more details # ENCODE -- encode characters in a string Encode character sequences in "string", by mapping characters (or sequences of characters) to an alternative character (or sequence of characters). This macro can be used to encode strings for use in URLs, to encode to HTML entities, to protect quotes, and for as many other uses as you can imagine. ## Parameters Parameter Description Default "string" String to encode "" (empty string) type Use a predefined encoding (see below). Default is 'url'. Parameter type not be used if old or new are given. old Comma-separated list of tokens to replace. Tokens are normally single characters, but can also be sequences of characters. The standard format tokens may be used in this list. Each token must be unique - you cannot list the same token twice. May not be used with type; required if new is used new comma-separated list of replacement tokens. The elements in this list match 1:1 with the elements in the old list. Again, the standard format tokens may be used. An empty element in the new list will result in the corresponding token in the old list being deleted from the string. If the new list is shorter than the old list it will be extended to the same length using the empty element. Tokens do not have to be unique. When using old and new, be aware that the results of applying earlier tokens are not processed again using later tokens. (see examples below) May not be used with type; required if old is used If ENCODE is called with no optional parameters (e.g. %ENCODE{"string"}%) then the default type="url" encoding will be used. ## Predefined encodings Unless otherwise specified, the type parameter encodes the following "special characters" • type="entity" or type="entities" Encode special characters into HTML entities, like a double quote into &#34; • all non-printable ASCII characters below space, except newline ("\n") and carriage return ("\r"). • HTML special characters "<", ">", "&", single quote (') and double quote (") • TML special characters "%", "[", "]", "@", "_", "*", "=", "$" and "|"
• type="html" As type="entity" except it also encodes \n (newline) and carriage return ("\r").
• type="safe" Encode just the characters '"<>% into HTML entities.
• type="quote" or type="quotes" Escapes double quotes with backslashes (\"), does not change any other characters
• type="url" (default) Encode special characters for use in URL parameters, like a double quote into %22.

# Examples

• %ENCODE{"spaced name"}% expands to spaced%20name
• %ENCODE{"| Blah | | More blah |" old="|,$n" new="&#124;,<br />"}% expands to =| Blah | | More blah | - this encoding is useful to protect special TML characters in tables. • %ENCODE{"10xx1x01x" old="1,x,0" new="A,,B"}% expands to ABABA • %ENCODE{"1,2" old="$comma" new=";"}% expands to 1;2
Values for HTML input fields must be entity encoded.
Example:
<input type="text" name="address" value="%ENCODE{ "any text" type="entity" }%" />
ENCODE can be used to filter user input from URL parameters and similar to help protect against cross-site scripting. The safest approach is to use type="entity". This can however prevent an application from fully working. You can alternatively use type="safe" which encodes only the characters '"<>% into HTML entities. When ENCODE is passing a string inside another macro always use double quotes ("") type="quote". For maximum protection against cross-site scripting you are advised to install the Foswiki:Extensions.SafeWikiPlugin.

Double quotes in strings must be escaped when passed into other macros.
Example:
%SEARCH{ "%ENCODE{ "string with "quotes"" type="quotes" }%" noheader="on" }%

When using old and new, be aware that the results of applying earlier tokens are not processed again using later tokens. For example:
   %ENCODE{"A" old="A,B" new="B,C"}% will result in 'B' (not 'C'),
%ENCODE{"asd" old="as,d" new="d,f"}% will yield 'df', and
%ENCODE{"A" old="A,AA" new="AA,B"}% will give 'AA' and.
%ENCODE{"asdf" old="a,asdf" new="a,2"}% will give 'asdf'

# ENDCOLOR -- end colored text

ENDCOLOR is one of the shortcut macros predefined in System.DefaultPreferences. It is used to terminate a colour change (revert back to the default colour).

The following colours are available: %YELLOW%, %ORANGE%, %RED%, %PINK%, %PURPLE%, %TEAL%, %NAVY%, %BLUE%, %AQUA%, %LIME%, %GREEN%, %OLIVE%, %MAROON%, %BROWN%, %BLACK%, %GRAY%, %SILVER%

## Examples

• %GREEN% green text %ENDCOLOR% expands to  green text

# ENDINCLUDE -- end position of topic text if included

If present in included topic, stop to include text at this location and ignore the remaining text. A normal view of the topic shows everyting exept the %STOPINCLUDE% macro itself.

# ENDSECTION -- marks the end of a named section within a topic

If the STARTSECTION is named, the corresponding ENDSECTION must also be named with the same name. If the STARTSECTION specifies a type, then the corresponding ENDSECTION must also specify the same type. If the section is unnamed, ENDSECTION will match with the nearest unnamed %STARTSECTION% of the same type above it.

## Parameters

Parameter Description Default
"name" Name of the section
type Type of the section being terminated; supported types section, include, expandvariables, templateonly. section

## Examples

• %ENDSECTION{"X" type="expandvariables"}%

# ENDTAB -- ending marker for a tab of a tabpane

This closes a previously opened TAB.

# ENDTABPANE -- ending tag for tabpane widget

This closes a previously opened TABPANE.

# ENDTWISTY -- complements an opening TWISTY tag to close a twisty

Closes an open twisty

# ENDTWISTYTOGGLE -- Twisty closure

Will end the most inner unclosed Twisty Toggle section, using the proper tag

## Examples

%ENDTWISTYTOGGLE%

# ENV -- inspect the value of an environment variable

Returns the current value of the environment variable in the CGI (Common Gateway Interface) environment. This is the environment that the System.CommandAndCGIScripts are running in.

If an environment variable is undefined (as against being set to the empty string) it will be returned as not set.

Note: For security reasons, only those environment variables whose names match the regular expression in the configuration setting {AccessibleENV} (in the Security Settings/Miscellaneous section of configure) can be displayed. Any other variable will just be shown as an empty string, irrespective of its real value.

## Examples

• %ENV{MOD_PERL}% displays as: not set

# EXAMPLETAG -- example macro tag

The %EXAMPLETAG% variable is handled by the System.ExamplePlugin

## Parameters

Parameter Description Default
"..." Unnamed parameter
text - example text "..."
format format of report

## Examples

• %EXAMPLETAG{"hello" format="| $topic:$summary |"}%

# EXPAND -- expand macros in a string as if they were used in another topic

The viewer must have VIEW access to topictoexpandin for this to work. All the standard formatting macros can be used in expression, such as $percent and $quot.

## Parameters

Parameter Description Default
"text" Text to expand. Note that %-signs must be escaped using $percent, or they will be expanded in the context of the calling topic scope Scope to expand the topic in. This is the name of a topic. You can use Web.Topic syntax to refer to a topic in another web %TOPIC% ## Examples EXPAND can be useful when you want to pick up the value of macros defined in another topic. For example, you might want to define a set of preferences in one topic, but pick up their value in another topic (this is very useful when building reusable applications). In this case you can write:  * Set MYPREFERENCE = value  in "SettingsTopic" and then, in "MyTopic", write: %EXPAND{"$percentMYPREFERENCE$percent" scope="SettingsTopic"}%  Of course we can also write: %EXPAND{"$percentMYPREFERENCE$percent" scope="%OTHERTOPIC%"}%  which lets us select which other topic to get the preference value from. Additional parameters can be passed to the macro being expanded using the standard macro syntax in the name of the macro; for example, %EXPAND{"$percentMYPREFERENCE{$quotdefault$quot param=$quotvalue$quot}" scope="SettingsTopic"}%


EXPAND is not very efficient, and should be used sparingly.

To expand a web preference (for example, a web access control) then set scope="Theotherweb.%WEBPREFSTOPIC%"

# FAILEDPLUGINS -- debugging for plugins that failed to load

Also generates a list of handlers defined by plugins

## Examples

• %FAILEDPLUGINS%

# FORMAT -- format a list of objects

## Parameters

Parameter Description Default
"one, two, three" The list to be expanded into the format. Required. Currently only two types of list data are supported; topic names (type="topic") and plain strings (type="string").
format Format string; see Supported formatting tokens for possible values.
header Text to come before the formatted output
footer Text to come after the formatted output
separator Separator between formatted elements $n type Treat input list as either topic or string topic ## Examples  %FORMAT{"one,two,three" type="string" format=" *$item"}%
%FORMAT{"%SKIN%"
header="the Skin setting is evaluated in this order:"
format="   1 =$topic=" footer=" 1 =default=" }% ## Supported formatting tokens If type="topic" (the default) the format string can contain any of the topic-specific format tokens specified in FormattedSearch ($web, $topic, $parent, $text, $locked, $date, $isodate, $index, $item, $rev, $username, $wikiname, $wikiusername, $createdate, $createusername, $createwikiname, $createwikiusername, $summary, $changes, $formname, $formfield, $pattern, $count, $ntopics, $nhits, $pager). In addition, the macro supports all the standard format tokens. If type="string" then the comma separated list is treated as a list of strings. In this case, the format tokens $index and $item will return the position of the item in the list (1-based), and the item itself, respectively. Note that a comma can be embedded in the data using the standard formatting token $comma.

The FORMAT macro is currently only of use in formatting lists of topics, or of simple strings. It will be extended in future releases to add the capability to render other object types.

For more sophisticated handling of string lists, consider installing Foswiki:Extensions.FilterPlugin

# FORMFIELD -- renders a field in the form attached to some topic

## Parameters

Parameter Description Default
"name" The name of a Data form field
topic="..." Topic where form data is located. May be of the form Web.TopicName Current topic
format Format string. See Tokens expanded in format below. $value default Text shown if the field is defined in the topic, but the field value is empty. For example, a text field for which all the content has been deleted. alttext Text shown if the field is not defined in the topic (even if it is specified in the form definition). For example, this is used when a field exists in the form definition, but the referring topic hasn't been edited since it was added. rev="n" Specify a revision of the topic. If not specified, defaults to the most recent rev (or the viewed rev if viewing an old rev of the same topic) Tokens expanded in format: • $value expands to the raw field value
• $value(display) is the form field value after mapping the stored value to the display value (use with +values form fields). If the field type does not support value mapping, renders the same as $value
• $name is the field name • $title expands to the field title
• $formname gives the name of the form the field is in. $form is maintained for compatibility, but is deprecated
• $attributes - from the field definition • $type - from the field definition
• $size - from the field definition • $definingTopic - topic in which the field is defined
• The standard format tokens are also expanded

## Examples

 %FORMFIELD{"ProjectName"
topic="Projects.SushiProject"
default="(no project name given)"
}%

# GMTIME -- formatted Greenwich Mean Time (UTC)

## Parameters

Parameter Description Default
"format" format $day$month $year -$hour:$min %GMTIME% uses the default date format defined by the {DefaultDateFormat} setting in configure ### Supported special format tokens: Token: Unit: Example $seconds seconds 59
$minutes minutes 59 $hours hours 23
$day day of month 31 $wday day of the Week (Sun, Mon, Tue, Wed, Thu, Fri, Sat) Thu
$dow day of the week (Sun = 0) 2 $week number of week in year (ISO 8601) 34
$month short name of month Dec $mo 2 digit month 12
$year 4 digit year 1999 $ye 2 digit year 99
$tz either "GMT" (if set to gmtime), or "Local" (if set to servertime) GMT $iso ISO format timestamp 2021-10-22T07:03:58Z
$rcs RCS format timestamp 2021/10/22 07:03:58 $http E-mail & http format timestamp Fri, 22 Oct 2021 07:03:58 GMT
$epoch Number of seconds since 00:00 on 1st January, 1970 1634886238 Tokens can be shortened to 3 characters ## Examples • %GMTIME% expands to 22 Oct 2021 - 07:03 • %GMTIME{"$day $month,$year - $hour:$min:$sec"}% expands to 22 Oct, 2021 - 07:03:58 When used in a template topic, this macro will be expanded when the template is used to create a new topic. See System.TemplateTopics#TemplateTopicsVars for details. # GROUPINFO -- retrieve details about a group ## Parameters Parameter Description Default "groupname" Optional name of group format Format of a single user or group in the list. • $name expands to the group name, and (for users list only)
• $wikiname, $username and $wikiusername to the relevant strings. • $allowschange returns 0 (false) or 1 (true) if the group can be modified by the group member being processed.
• The standard System.FormatTokens are also supported.

separator separator between items in the list ,
header Header for the list
footer Footer for the list
zeroresults If set, and there are no Groups or Members that can be shown, the header and footer are suppressed, and this text is output undefined
show filter the output list of Groups - can be set to all, allowschange, denychange, allowschange(UserWikiName), denychange(UserWikiName) all
expand Set false if users should not be expanded from nested groups. Default behavior is to expand all nested groups into a flat list of users. 1
limit If set, limits the number of results to this
limited If limit is set, and the list is truncated, this text will be added at the end of the list

Note: GROUPINFO will not list members that are hidden from the current authenticated user. If the current user does not have VIEW authority for a user's topic, then the user will not be shown as a group member.

## Examples

• %GROUPINFO% expands to BaseGroup, System.AdminGroup, System.DocExchangeGroup, System.EsoExchangeGroup, System.NobodyGroup, System.ScienceFrGroup, System.TWikiUsersGroup, Workshop2015Group (comma-separated list of all groups)
• %GROUPINFO{AdminGroup"}% expands to Main.AdminUser, Main.JeanMichelClausse, Main.MichelDUGUE, Main.PhilippeBerio, Main.FlorentinMillour, Main.PierreCruzalebes (comma-separated list of users in the requested group)
• groupname can optionally be qualified with the Main prefix, any other web prefix will return an empty list.

# GROUPS -- a formatted list of groups

Deprecated - do not use. Use System.VarGROUPINFO instead
• Expands to a formatted list of user groups.
• The macro is intended to be used in Main.WikiGroups, to allow a group listing for various user mapping managers.

# HISTORY -- control attributes of tables and sorting of table columns

The %HISTORY{}% macro is handled by the System.HistoryPlugin

## Parameters

Parameter Description Default
"format"
format="format"
Format of one line, may include any variable which is supported by macro REVINFO r$rev -$date - $wikiusername topic Topic name, can be in web.topic format current topic web Web name current web versions Number or range (format: from..to). Examples: To get version 2, write: versions="2" To get version 2 to 3, write: versions="2..3" To get version 2 to the latest, write: versions="2.." To get all versions up to version 5, write: versions="..5" To get all versions up to but not including the latest, write: versions="..-1" To get the versions from 1 to 5 in reverse order, write: versions="5..1" all versions in the order latest to first header Text to print before the list. May contain the tokens $next and $previous which will be evaluated if there are newer or older revisions available for the topic that are not listed according to versions (or rev1, rev2, nrev). These tokens take the syntax $next{'some text' url='url'} (the same for $previous). 'some text' is the text which should be printed, 'url' is the url for the corresponding link. The tokens $rev1, $rev2, $nrev in 'text' or 'url' will be replaced by appropriate values for the next or previous block of revisions. See the attached oopshistory.tmpl for an example of how to use this.
$next footer="text" Text to print after the list. May contain the tokens $next and $previous (see header) $previous

Deprecated (but supported) parameters:
Parameter Description Default
nrev Number of revisions to show. Ignored if versions is specified, or if both rev1 and rev2 are specified. 10
rev2 Newest revision to show rev1+nrev if rev1 is specified, latest revision otherwise
rev1 Oldest revision to show rev2-nrev
reverse Show newest revisions first, if on "on"

The following macros are expanded only if there is a corresponding %HISTORY% on the page. If more than one %HISTORY% is used on the same page, the values from the last one will be used.

• %HISTORY_REV1%: Oldest revision from the printed history
• %HISTORY_REV2%: Latest revision from the printed history
• %HISTORY_NREV%: Number of the printed revisions
• %HISTORY_MAXREV%: Latest available revision of the topic

# HOMETOPIC -- home topic in each web

## Examples

• %HOMETOPIC% expands to WebHome, renders as System

# HTTP -- get HTTP headers

• Called with the name of an HTTP request header field, returns its value. Capitalization and the use of hyphens versus underscores are not significant.
• Request headers are sent by the browser to the server. It is not possible to access the Response headers returned to the browser.
• Only returns headers permitted by site configuration. Returns '' if the header is not allowed.
• When called without a parameter, nothing is returned. See System.VarHTTPS for other options.
The HTTP and HTTPS macros are deprecated as of Foswiki release 2.1. and will be removed in a future release.

## Parameters

Name Description
"name" Name of the header to get

## Examples

Write Returns Notes
%HTTP%   Always returns ''
%HTTP{"Accept-language"}% en-US,en;q=0.5
%HTTP{"User-Agent"}% CCBot/2.0 (https://commoncrawl.org/faq/)
%HTTP{"Cookie"}%   Not allowed by default.
You can see the HTTP headers your browser sends to the server on a number of sites e.g. http://www.ericgiguere.com/tools/http-header-viewer.html

# HTTP_HOST -- environment variable

## Examples

• %HTTP_HOST% expands to matisse.oca.eu

# HTTPS -- get HTTPS headers

The same as %HTTP% but operates on the HTTPS environment variables present when the SSL protocol is in effect. Can be used to determine whether SSL is turned on.
• Called with the name of an HTTP request header field, returns its value. Capitalization and the use of hyphens versus underscores are not significant.
• Request headers are sent by the browser to the server. It is not possible to access the Response headers returned to the browser.
• Only returns headers permitted by site configuration.
• When called without a parameter, nothing is returned. See System.VarHTTPS for other options.
The HTTP and HTTPS macros are deprecated as of Foswiki release 2.1. and will be removed in a future release.

## Parameters

Parameter Description Default
"name" Name of the header to get optional

## Examples

Write Returns Notes
%HTTPS% 1 Returns '1' if HTTPS is active
%HTTPS{"Accept-language"}% en-US,en;q=0.5
%HTTPS{"User-Agent"}% CCBot/2.0 (https://commoncrawl.org/faq/)
%HTTPS{"Cookie"}%   Not allowed by default.
You can see the HTTP headers your browser sends to the server on a number of sites e.g. http://www.ericgiguere.com/tools/http-header-viewer.html

# ICON -- small documentation graphic or icon of common attachment types

Generates a small graphic image from the set attached to System.DocumentGraphics. Images typically have a 16x16 pixel size. You can select a specific image by name, or you can give a full filename, in which case the type of the file will be used to select one of a collection of common file type icons. If you specify an icon which cannot be found, the one specified in the default parameter will be used (and if that fails, the else icon will be used)

## Parameters

Parameter Description Default
"filename or icon name" requested icon else
default default icon to use if requested icon is not found
alt alt text to be added to the HTML img tag
quote allows you to control the quote used in the generated HTML "

## Examples

• %ICON{"flag-gray"}% displays as
• %ICON{"pdf"}% displays as
• %ICON{"docx" default="doc"}% displays as
• %ICON{"smile.pdf"}% displays as
• %ICON{"/dont/you/dare/smile.pdf"}% returns
• %ICON{"data.unknown" alt="Unknown file type"}% displays as
• %ICON{"data.unknown"}% displays as
• %ICON{"http://trunk.foswiki.org/pub/System/DocumentGraphics/xsl.gif"}% displays

• Graphics: arrowbright, bubble, choice-yes, hand
• File types: bmp, doc, gif, hlp, html, mp3, pdf, ppt, txt, xls, xml, zip

If you find that ICON is producing broken HTML when it is used in another macro e.g. for formatting search results, then this may be because it is using the wrong kind of quotes for the context. In this case you can control the quotes it uses using the quote parameter. For example
• %ICON{"pdf" quote="'"}%
You can also use formatting tokens such as $quot and $dollar in quote.

# ICONURL -- URL of small documentation graphic or icon

Generates the full URL of a System.DocumentGraphics image, which Foswiki renders as an image. The related %ICON{"name"}% generates the full HTML img tag. Specify image name or full filename (see ICON for details on filenames.)

## Parameters

Parameter Description Default
"name" Name of the icon, or pathname to extract an extension from else
default Optional default icon if the primary icon can't be found else

## Examples

• %ICONURL% returns https://matisse.oca.eu/foswiki/bin/../pub/System/DocumentGraphics/else.png
• %ICONURL{"arrowbright"}% returns https://matisse.oca.eu/foswiki/bin/../pub/System/DocumentGraphics/arrowbright.png
• %ICONURL{"novel.pdf"}% returns https://matisse.oca.eu/foswiki/bin/../pub/System/DocumentGraphics/pdf.png
• %ICONURL{"notanicon" default="ram"}% returns https://matisse.oca.eu/foswiki/bin/../pub/System/DocumentGraphics/ram.png
• %ICONURL{"/queen/boheme.mp3"}% returns https://matisse.oca.eu/foswiki/bin/../pub/System/DocumentGraphics/mp3.png

# ICONURLPATH -- URL path of small documentation graphic or icon

Generates the relative URL path of a System.DocumentGraphics image, typically used in an HTML img tag. Specify image name or full filename (see ICON for details on filenames.)

## Parameters

Parameter Description Default
"name" Name of the icon, or pathname to extract an extension from else
default Optional default icon if the primary icon can't be found else

## Examples

• %ICONURLPATH{"locktopic"}% returns /foswiki/bin/../pub/System/DocumentGraphics/locktopic.png
• %ICONURLPATH{"eggysmell.xml"}% returns /foswiki/bin/../pub/System/DocumentGraphics/xml.png
• %ICONURLPATH{"notanicon" default="ram"}% returns /foswiki/bin/../pub/System/DocumentGraphics/ram.png
• %ICONURLPATH{"/doc/xhtml.xsl"}% returns /foswiki/bin/../pub/System/DocumentGraphics/xsl.png

# IF -- simple conditionals

Evaluate a condition and show one text or another based on the result. See details in IfStatements.
Parameter Description Default
"condition" Condition to test
then String to expand if the condition evaluates to true
else String to expand if the condition evaluates to false

## Examples

• %IF{"CONDITION" then="THEN" else="ELSE"}% shows
"THEN" if "CONDITION" evaluates to TRUE, otherwise "ELSE" will be shown
 %IF{"defined FUNFACTOR"
then="FUNFACTOR is defined"
else="FUNFACTOR is not defined"
}%
renders as
FUNFACTOR is not defined

# INCLUDE -- include another topic, or subsection of a topic, or a URL, or Foswiki embedded documentation

## (Including a topic) Parameters

Parameter: Description: Default:
"SomeTopic" The name of a topic located in the current web, i.e. %INCLUDE{"WebNotify"}%
"Web.Topic" A topic in another web, i.e. %INCLUDE{"System.SiteMap"}%
"Web.Topic, SomeOtherTopic, System.OrOtherTopic" A list of topics - INCLUDE will include the first topic that exists and the user has permission to VIEW. If a section is also specified, it will use the first topic that has that section defined in it.
pattern Include a subset of a topic or a web page. Specify a System.RegularExpression that contains the text you want to keep in parenthesis, e.g. pattern="(from here.*?to here)". System.IncludeTopicsAndWebPages has more. none
rev Include a previous topic revision; N/A for URLs top revision
warn Warn if topic include fails: Fail silently (if off); output default warning (if set to on); else, output specific text (use $topic for topic name) %INCLUDEWARNING% preferences setting headingoffset Adds the given offset to any HTML headings generated in the included text. Works on headings defined by HTML tags as well as headings defined using foswiki markup. 0 section Includes only the specified named section, as defined in the included topic by the [VarSTARTSECTION][STARTSECTION{"name" type="section"} ]] and [VarENDSECTION][ENDSECTION{"name" type="section"}]] macros. Nothing is shown if the named section does not exists. section="" is equivalent to not specifying a section Any other parameter will be defined as a macro within the scope of the included topic. The example parameters on the left will result in %PARONE% and %PARTWO% being defined within the included topic. • Examples: See System.IncludeTopicsAndWebPages ## (Including a web page) Parameters Parameter Description Default "http://..." A full qualified URL, i.e. %INCLUDE{"https://foswiki.org:80/index.html"}%. Supported content types are text/html and text/plain. If the URL resolves to an attachment file on the server this will automatically translate to a server-side include. pattern Include a subset of a topic or a web page. Specify a System.RegularExpression that contains the text you want to keep in parenthesis, e.g. pattern="(from here.*?to here)". System.IncludeTopicsAndWebPages has more. none raw When a page is included, normally Foswiki will process it, doing the following: 1) Alter relative links to point back to originating host, 2) Remove some basic HTML tags (html, head, body, script) and finally 3) Remove newlines from HTML tags spanning multiple lines. If you prefer to include exactly what is in the source of the originating page set this to on. raw="on" is short for disableremoveheaders="on", disableremovescript="on", disableremovebody="on", disablecompresstags="on" and disablerewriteurls="on". disabled literal While using the raw option will indeed include the raw content, the included content will still be processed and rendered like regular topic content. To disable parsing of the included content, set the literal option to "on". off disableremoveheaders Bypass stripping headers from included HTML (everything until first </head> tag) off disableremovescript Bypass stripping all <script> tags from included HTML off disableremovebody Bypass stripping the </body> tag and everything around over and below it off disablecompresstags Bypass replacing newlines in HTML tags with spaces. This compression step rewrites unmatched <'s into &lt; entities unless bypassed off disablerewriteurls Bypass rewriting relative URLs into absolute ones off warn Warn if URL include fails: Fail silently (if off); output default warning (if set to on); else, output specific text (use $topic for topic name) appended with the http error information. %INCLUDEWARNING% preferences setting

JavaScript in included webpages is filtered out as a security precaution per default (disable filter with disableremovescript parameter)

Foswiki by default is configured to deny URL format includes.
• Examples: See System.IncludeTopicsAndWebPages

## (Including Foswiki embedded module documentation) Parameters

Parameter Description Default
"doc:..." A full qualified Foswiki module, i.e. %INCLUDE{"doc:Foswiki::Func"}%. The module must be found on the Foswiki lib path
level Override the root heading level to the specified number
pattern Include a subset of the module. Specify a System.RegularExpression that contains the text you want to keep in parenthesis, e.g. pattern="(from here.*?to here)". System.IncludeTopicsAndWebPages has more. none

# INCLUDINGTOPIC -- name of topic that includes current topic

The name of the topic that includes the current topic - same as %TOPIC% in case there is no include. If a topic is used in a chain of INCLUDEs, INCLUDINGTOPIC is set to the topic directly INCLUDing this one, NOT the topic that has been requested by the user (which is given by BASETOPIC)
Be careful of the subtle difference between INCLUDINGTOPIC and BASETOPIC. You probably should be using BASETOPIC

# INCLUDINGWEB -- web that includes current topic

The web name of the topic that includes the current topic - same as %WEB% if there is no INCLUDE. If a topic is used in a chain of INCLUDEs, INCLUDINGWEB is set to the topic directly INCLUDing this one, NOT the web that has been requested by the user (which is given by BASEWEB)
Be careful of the subtle difference between INCLUDINGWEB and BASEWEB. You probably should be using BASEWEB

# JQICON -- render an image

Renders an icon made availabe by the System.IconService.

## Parameters

Parameter Description Default
"name" name of the icon to display
class additional css class for the img tag
animate can be one of bounce, burst, flash, float, horizontal, passing, pulse, ring, shake, spin, tada, vertical, wrench
alt alt attribute
title title attribute
style css style format to be added to the image element
format format string used to render the icon; known variables to be used in the format string are:
• $iconName: name as given to the name parameter • $iconPath: url path
• $iconClass: css class as specified by the class parameter • $iconStyle: css styles as specified by the style parameter
• $iconAlt: alt attribute-value; if the alt parameter to JQICON is set, this expands to alt='...' • $iconTitle: title attribute-value; if the title parameter to JQICON is set, this expands to title='...'
for image icons: <img src='$iconPath' class='$iconClass $iconName'$iconStyle $iconAlt$iconTitle/>; for font icons: <i class='$iconClass'$iconStyle $iconTitle></i> Example for famfamfam icons: %JQICON{"tick" alt="alternative content" title="this is a tick icon"}% %JQICON{"cross"}% %JQICON{"disk"}% %JQICON{"star"}% %JQICON{"lightbulb"}% %JQICON{"camera"}% %JQICON{"date"}% %JQICON{"heart" animate="bounce"}%  Produces: Example for font-awesome icons: %JQICON{"fa-pagelines" style="font-size:1em;color:#00BF00"}% %JQICON{"fa-pagelines" style="font-size:2em;color:#0FAF0F"}% %JQICON{"fa-pagelines" style="font-size:3em;color:#1F9C1F"}% %JQICON{"fa-pagelines" style="font-size:4em;color:#2D812D"}% %JQICON{"fa-pagelines" style="font-size:5em;color:#315C31"}%  Produces: # JQICONPATH -- render the url path to an image icon This is a shortcut for: %JQICON{"name" format="$iconPath"}%

Note that this macro only makes sense for image icons, those that refer to a single image file. It does not work for font icons such as those defined in JQueryFontAwesome. This web font holds all icons in one large font file and as such cannot be refered to individually by means of their url path the same way as images can.

## Examples

%JQICONPATH{"tick"}% expands to /foswiki/bin/../pub/System/FamFamFamSilkIcons/tick.png

# JQPLUGINS -- display a summary of available plugins

## Parameters

Parameter Description Default
"plugins" this is a regular expression that the plugin identifier must match to be displayed
format format string to render information for each matching plugin; known variables to be used in the format string are:
• $active state of the plugin: displays (active) when this plugin is loaded on the current page • $author author of the plugin
• $documentation plugin documentation topic defaults to %SYSTEMWEB%.JQuery$name
• $homepage link to the hompeage of this third party plugin • $index the current index in the list of all plugins being displayed
• $name name of the plugin as can be used in JQREQUIRE • $summary short description what this plugin does; most plugins provide this piece of information in the summary section of the documentation topic
• $tags list of TML macros this plugin implements • $version version of the plugin as provided by the author of this plugin
   1 <a href="$homepage">$name</a> $active$version $author header header string prepended to the output; empty when no plugin matches footer footer string appended to the output; empty when no plugin matches separator separator put between each plugin rendered in a row $n
tagformat format string to render a link to any tag documentation a plugin implements [[%SYSTEMWEB%.Var$tag][$tag]]

## Examples

 %JQPLUGINS{
"treeview|slimbox"
header="   * JQuery Plugins:$n" format=" * [[$documentation][$name]] v$version was developed by [[$homepage][$author]]"
}%
Produces:

# JQREQUIRE -- enable a plugin on the current page

This macro will load a list of plugins to be added to the current page. Use JQPLUGINS to display the list of available and active plugins. While loading a plugin, additional plugins it may depend on are loaded as well. Information about these dependencies is stored within the plugins themselves and can't be changed. Dependencies also make sure the javascript code is added to the html page in the right order. It uses ADDTOZONE to aggregate javascript and css at the right place on the html page.
in case of an error JQREQUIRE will produce an inline HTML error message.

## Parameters

Parameter Description Default
"plugin,plugin,plugin" comma-separated list of plugins to be loaded
warn (on/off) allows you to switch off warnings when a plugin was not found on

## Examples

• %JQREQUIRE{"easing,sliding,falling"}%

# JQTHEME -- switch jQuery UI theme

Foswiki's default UI theme is configured in $Foswiki::cfg{JQueryPlugin}{JQueryTheme} and defaults to foswiki. Use configure to change this site wide. Use JQTHEME if you decide to use a different theme on the current page. Some Foswiki skins may come with their own jQuery UI matching the overall user experience of the web design. in case of an error JQTHEME will produce an inline HTML error message. ## Parameters Parameter Description Default "name" name of theme: JQueryPlugin knows the following themes base, lightness, redmod, smoothness; additional themes maybe created using the themeroller and installed to /foswiki/bin/../pub/System/JQueryPlugin/$name foswiki
warn (on/off) allows you to switch off warnings when a theme was not found on

# LANG -- the language specified by the server locale

This macro is used to generate the lang (and xml:lang) attribute in generated HTML pages. If {UseLocale} is enabled, it is calculated from the configure Internationalization tab -> Locale sub-tab setting of {Site}{Locale}. Otherwise it defaults to en (English).
• In templates the lang attribute is defined like this:
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="%LANG%" lang="%LANG%">
• Do not confuse LANG with LANGUAGE

## Examples

• %LANG% expands to en

# LANGUAGE -- language code for the current user

Returns the language code for the current user. This is the language used by Foswiki to generate the user interface. The language is detected from the user's browser, unless some site/web/user/session-defined preference setting overrides it.

If a LANGUAGE preference is explicitly set, this will be used as the user language instead of any language detected from the browser.
Avoid defining LANGUAGE in a non- per-user way, otherwise users will not be able to choose their preferred language.

## Examples

• %LANGUAGE% expands to en

# LANGUAGES -- list available languages

List the languages available (as PO files). These are the languages in which the user interface is available.

## Parameters

Parameter Description Default
format format for each item. See below for format tokens available in the format string. "   * $langname" separator separator between items. "\n" (newline) Note: The standard format tokens can also be used here. marker Text for $marker if the item matches selection "selected"
selection Current language to be selected in list (none)
format tokens: (In addition to these tokens, the standard format tokens can also be used)
Token Meaning
$langname language's name, as informed by the translators $langtag language's tag. Ex: en, pt-br, etc.

# LOCALSITEPREFS -- web.topicname of site preferences topic

• The full name of the local site preferences topic. These local site preferences overload the system level preferences defined in System.DefaultPreferences.

## Examples

• %LOCALSITEPREFS% expands to Main.SitePreferences, renders as Main.SitePreferences

## Examples

• %LOGIN% expands to Log In

# LOGOUT -- present a full logout link

You are already logged out, so %LOGOUT expands to an empty string

## Examples

• %LOGOUT% expands to

# MAINWEB -- deprecated synonym for USERSWEB

Deprecated. Please use %USERSWEB% instead.

# MAKETEXT -- creates text using Foswiki's I18N infrastructure

Strings captured in the MAKETEXT macro are automatically mapped to the current user's selected language via locale/*.po translation files.

## Parameters

Parameter Description Default
"text"
string="text"
The text to be displayed (the translatable string).
args a comma-separated list of arguments to be interpolated in the string, replacing [_N] placeholders in it.

## Examples

• %MAKETEXT{string="Edit"}% expands to Edit
• %MAKETEXT{"If you have any questions, please contact [_1]." args="%WIKIWEBMASTER%"}% expands to If you have any questions, please contact wiki-ref-webmaster@oca.eu.
• %MAKETEXT{"Did you want to [[[_1]][reset [_2]'s password]]?" args="%SYSTEMWEB%.ResetPassword,%WIKIUSERNAME%"}% expands to Did you want to reset Main.WikiGuest's password?

### Notes

• [_n] brackets are validated to a positive integer from 1 to 100.
• Missing arguments are replaced with an empty string ''.
• An ampersand (&) followed by one ascii alphabetic character (a...z, A...Z) in the translatable string will be expanded to an access key string. For example, &X will expand to <span class='foswikiAccessKey'>X</span>. If you want to write an actual ampersand, either follow it with a non-alphabetic character or write two consecutive ampersands (&&).
• Translatable strings starting with underscores (_) are reserved. You cannot use translatable phrases starting with an underscore.
• Make sure that the translatable string is constant. Do not include %MACROS% inside the translatable strings as they will be expanded before the %MAKETEXT{...}% itself is handled. You can, however, use macros in the args, as shown in the examples above.
• The string will be output in English if no mapping can be found in the .po translation file for the current user's selected language.

## Plurals

The %MAKETEXT macro also supports a limited subset of the quant style bracket notation:
• %MAKETEXT{string="Edit [*,_1,file]" args="4"}% expands to Edit 4 files

### Notes on plurals

• Only 3 arguments are supported.
• The first parameter must be an asterisk. Literals quant, numf or # are not supported.
• The 2nd parameter must be the argument number
• The 3rd parameter is the word or phrase to be made plural.

# META -- displays meta-data

Provided mainly for use in templates, this macro generates the parts of the topic view that relate to meta-data (attachments, forms etc.).

## Parameters

The unnamed parameter controls what meta-data is displayed, other parameters control how it is displayed.

### "form"

Generates the table showing the form fields.

### "attachments"

Generates a table of attachments
Parameter Description Default
all to show hidden attachments off
title to show a title - only if attachments are displayed
template to use a custom template for the rendering of attachments attachtables

### "moved"

If a topic was moved or renamed, generates a message with details and a revert link
Parameter Description Default
prefix Prefix that goes before the moved message, but only if the message is generated
suffix Prefix that goes after the moved message, but only if the message is generated

## "parent"

Display details of ancestor topics
Parameter Description Default
dontrecurse Recursing up the tree incurs some cost. Equivalent to depth=1 off
depth Return only the specified ancestor
nowebhome Suppress WebHome
format Format string used to display each parent topic where $web expands to the web name, and $topic expands to the topic name [[$web.$topic][$topic]] separator Separator between parents > prefix Prefix that goes before parents, but only if there are parents suffix Suffix, only appears if there are parents ## "formfield" Display the value of a single form field Parameter Description Default name name of the field newline how to represent newlines in the value $n
bar How to represent vertical bars in the data. Vertical bars are rewritten to an HTML entity by default so as to not be mistaken for a table separator. This option allows you to change what is produced. &vbar;
display If on retrieves the displayed value of a *+values formfield type, as against the default, stored, value off
topic Select which topic to get the meta-data from
QUERY

# METASEARCH -- special search of meta data

METASEARCH is deprecated in favour of the new and much more powerful query type search. See SEARCH and System.QuerySearch.

## Parameters

Parameter: Description: Default:
type="topicmoved" What sort of search is required?
"topicmoved" if search for a topic that may have been moved
"parent" if searching for topics that have a specific parent i.e. its children
"field" if searching for topics that have a particular form field value (use the name and value parameters to specify which field to search).
Required
web="%WEB%" Wiki web to search: A web, a list of webs separated by whitespace, or all webs. Current web
topic="%TOPIC%" The topic the search relates to, for topicmoved and parent searches All topics in a web
!| name | form field to search, for field type searches. May be a regular expression (see SEARCH). | | !| value | form field value, for field type searches. May be a regular expression (see SEARCH). | |
 title="Title" Text that is prefixed to any search results empty
!| format="..." | Custom format results. Supports same format strings as SEARCH. See FormattedSearch for usage & examples | Results in table |
 default="none" Default text shown if no search hit Empty
• Examples:
  %METASEARCH{
type="topicmoved"
web="%WEB%"
topic="%TOPIC%"
title="This topic used to exist and was moved to: "
}%
You may want to use this in System.WebTopicViewTemplate and System.WebTopicNonWikiTemplate:
  %METASEARCH{
type="parent"
web="%WEB%"
topic="%TOPIC%"
title="Children: "
}%

%METASEARCH{
type="field"
name="Country"
value="China"
}%

# NONCE -- generate a nonce (developers only)

DEVELOPERS ONLY

This macro is used to generate a 'nonce', a unique key that identifies the source of a request in order to block some kinds of cyber attack. See https://foswiki.org/Support/HowToIntegrateWithRequestValidation for more information.

# NOP -- template text not to be expanded in instantiated topics

• %NOP%
• In normal topic text, expands to <nop>, which prevents expansion of adjacent macros and wikiwords
• When the topic containing this is used as a template for another topic, it is removed.
• %NOP{...}% deprecated
• In normal topic text, expands to whatever is in the curly braces (if anything).
This is deprecated. Do not use it. Use %STARTSECTION{type="templateonly"}% .. %ENDSECTION{type="templateonly"}% instead (see System.TemplateTopics for more details).

# NOTIFYTOPIC -- name of the notify topic

## Examples

• %NOTIFYTOPIC% expands to WebNotify, renders as WebNotify

# PERLDEPENDENCYREPORT -- report perl module dependencies

Intended for use by installers / administrators, reports on the status of Perl dependencies in the Foswiki core and extensions.

## Parameters

Parameter Description Default
"extensions" requests dependencies of installed extensions. (not set)

# PLUGINDESCRIPTIONS -- list of plugin descriptions

## Examples

• %PLUGINDESCRIPTIONS% expands to
• System.SpreadSheetPlugin (20 Jan 2017, 1.23): Add spreadsheet calculations like "$SUM($ABOVE())" to Foswiki tables and other topic text
• System.SlideShowPlugin (06 Sep 2016, 2.32): Create web based presentations based on topics with headings
• System.AutoViewTemplatePlugin (2016-04-08, 1.24): Automatically sets VIEW_TEMPLATE and EDIT_TEMPLATE
• System.CommentPlugin (22 Jan 2018, 2.93): Quickly post comments to a page without an edit/save cycle
• System.ConfigurePlugin (08 Dec 2017, 1.09): configure interface using json-rpc
• System.EditRowPlugin (5 Feb 2018, 3.321): Inline edit for tables
• System.HistoryPlugin (22 Jan 2018, 1.14): Shows a complete history of a topic
• System.InterwikiPlugin (8 Dec 2017, 1.25): Link ExternalSite:Page text to external sites based on aliases defined in a rules topic
• System.JQueryPlugin (2 May 2019, 9.10): jQuery JavaScript library for Foswiki
• System.MailerContribPlugin (2.84, 2.84): Supports e-mail notification of changes
• System.NatEditPlugin (25 Feb 2018, 9.21): A Wikiwyg Editor
• System.PreferencesPlugin (1.16, 1.16): Allows editing of preferences using fields predefined in a form
• System.PubLinkFixupPlugin (14 Sep 2015, 1.00): For non-utf-8 sites, fix up Pub links to use correct encoding.
• System.RenderListPlugin (2.28, 2.28): Render bullet lists in a variety of formats
• System.SmiliesPlugin (17 Sep 2015, 2.03): Render smilies like as icons
• System.SubscribePlugin (08 Dec 2017, 3.6): This is a companion plugin to the System.MailerContrib. It allows you to trivially add a "Subscribe me" link to topics to get subscribed to changes.
• System.TablePlugin (22 Jan 2018, 1.160): Control attributes of tables and sorting of table columns
• System.TinyMCEPlugin (1.31, 1.31): Integration of the Tiny MCE System.WYSIWYG Editor
• System.TwistyPlugin (1.63, 1.63): Twisty section Javascript library to open/close content dynamically
• System.WysiwygPlugin (08 Dec 2017, 1.37): Translator framework for System.WYSIWYG editors

# PLUGINVERSION -- the version of a Foswiki Plugin, or the Foswiki Plugins API

Use %PLUGINVERSION{"name"}% to get the version of a specific plugin

## Examples

• %PLUGINVERSION{"InterwikiPlugin"}% expands to 1.25
• %PLUGINVERSION% to get the version of the API, expands to 2.4

# POPUPWINDOW -- opens a topic or url in a new window

## Parameters

Parameter Description Default
"topic"
topic="topic"
topic="web.topic"
Topic to open
url URL to open (if topic is not used)
label Link label the topic or the url
template View template to call when viewing a topic; not used for URLs "viewplain"
width Width of window "600"
height Height of window "480"
toolbar Show toolbars? "0"
scrollbars Show scrollbars? "1"
status Show status? "1"
location Show location bar? "0"
resizable Is the window resizable? "1"
left Left position "0"
top Top position "0"
center Center the window? "0"
menubar Show menubar? "0"
createnew Create a new window for each popup? "1"

## Examples

%POPUPWINDOW{"CompleteDocumentation" label="Open this topic in a new window"}%
Generates: Open this topic in a new window
• Example with URL:
%POPUPWINDOW{url="https://foswiki.org"}%
Generates: https://foswiki.org
• Enable POPUPWINDOW by writing %JQREQUIRE{"popupwindow"}% on the page

# PUBURL -- generate an URL for an attachment

Generate an absolute URL for an attachment, or for a web or topic within the attachment database.

## Parameters

Parameter Description Default
"attachment" Name of attachment to link
web Web
topic Topic, or Web.Topic
topic_version Select topic version, if supported most recent
attachment_version Select attachment version, if supported most recent

## Examples

• %PUBURL% expands to https://matisse.oca.eu/foswiki/bin/../pub
• %PUBURL{"icon_plus.png"}% expands to =%PUBURL{"icon_plus.png"}%
• %PUBURL{web="System"}% expands to https://matisse.oca.eu/foswiki/bin/../pub/System
• %PUBURL{topic="System.MainFeatures"}% expands to https://matisse.oca.eu/foswiki/bin/../pub/System/MainFeatures
• %PUBURL{web="System" topic="MainFeatures"}% expands to https://matisse.oca.eu/foswiki/bin/../pub/System/MainFeatures
• %PUBURL{topic="System.MainFeatures"}% expands to https://matisse.oca.eu/foswiki/bin/../pub/System/MainFeatures
• %PUBURL{topic="System.MainFeatures" "icon_plus.png"}% expands to https://matisse.oca.eu/foswiki/bin/../pub/System/MainFeatures/icon_plus.png
• Also supports topic_version and attachment_version parameters. These can be used with advanced store implementations to select specific attachment versions. However simple file-based stores do not normally support them.
The 'old' way of building URLs using PUBURL involved concatenating the web and topic names to the PUBURL e.g. %PUBURL%/Main/SystemFeatures. This practice is strongly discouraged, as it does not correctly handle encoding of the parts of the URL. At the first opportunity you should replace all such URLs with the equivalent %PUBURL%{topic="System.MainFeatures"}%, which will handle URL encoding for you.

ATTACHURL provides a shorter way to refer to the attachments on the current topic.

# PUBURLPATH -- generate a relative URL for an attachment

Generate a relative URL for an attachment, or for a web or topic within the attachment database.

## Parameters

Parameter Description Default
"attachment" Name of attachment to link
web Web
topic Topic, or Web.Topic
topic_version Select topic version, if supported most recent
attachment_version Select attachment version, if supported most recent

## Examples

• %PUBURLPATH% expands to /foswiki/bin/../pub
• %PUBURLPATH{"icon_plus.png"}% expands to =%PUBURLPATH{"icon_plus.png"}%
• %PUBURLPATH{web="System"}% expands to /foswiki/bin/../pub/System
• %PUBURLPATH{topic="System.MainFeatures"}% expands to /foswiki/bin/../pub/System/MainFeatures
• %PUBURLPATH{web="System" topic="MainFeatures"}% expands to /foswiki/bin/../pub/System/MainFeatures
• %PUBURLPATH{topic="System.MainFeatures" "icon_plus.png"}% expands to /foswiki/bin/../pub/System/MainFeatures/icon_plus.png
• Also supports topic_version and attachment_version parameters. These can be used with advanced store implements to select specific attachment versions. However simple file-based stores do not normally support them.
This macro will only generate a relative URL if the store supports them, and the context allows it. Otherwise it will generate the same as PUBURL

The 'old' way of building URLs using PUBURLPATHPATH involved concatenating the web and topic names to the PUBURLPATH e.g. %PUBURLPATH%/%WEB%/%TOPIC%. This practice is strongly discouraged, as it does not correctly handle encoding of the parts of the URL. At the first opportunity you should replace all such URLs with the equivalent %PUBURLPATH%{topic="System.MainFeatures"}%, which will handle URL encoding for you.

ATTACHURLPATH provides a shorter way to refer to the attachments on the current topic.

# QUERY -- get the value of meta-data

Uses the query syntax described in QuerySearch to get information about meta-data from one specified topic.
• supports formatted access to formfields and other meta-data in topics using the same syntax as is used in IF and SEARCH statements,
• supports reporting values using JSON and other standards, simplifying the retrieval of meta-data for REST applications,
• replaces the FORMFIELD macro for most applications.
See QuerySearch for more details of how to write queries

## Parameters

Parameter Description Default
"item" The meta-data to query
style set the output format (see below)
rev operate on the given version of the current topic. Note that this will only affect simple queries that refer to the current topic, such as form.name. More complex queries that use searches or indirection to refer to other topics always use the latest version of those topics.

## Examples

      Get the name of the form in the current topic:
%QUERY{"form.name"}%

Get the value of the 'Firstname' form field in
the current topic:
%QUERY{"fields[name='Firstname'].value"}%

Get the value of the 'Firstname' form field in
the current topic (shorthand version):
%QUERY{"Firstname"}%

Get a list of all the names of attachments on
the topic 'System.DocumentGraphics':
%QUERY{"'System.DocumentGraphics'/attachments.name"}%

Get configuration setting {NameFilter}:
%QUERY{"{NameFilter}"}%

Plain strings (such as field values) are returned without quotes. Simple arrays of scalars are also returned without quotes, in a comma-separated list (beware of values that contain commas!).

More complex data structures (e.g. arrays of hashes) will only be returned if style="perl" or style="json" are set - else will return a string containing 'undef'.

You can make the macro generate different output formats using the style parameter:
• style="perl" - generates values as Perl code strings generated by running through CPAN:Data::Dumper
• style="json" - generates values as JSON strings, suitable for reading by browsers.

Only some configuration settings are available via QUERY: {AccessControlACL}{EnableDeprecatedEmptyDeny}, {AccessibleCFG}, {AdminUserLogin}, {AdminUserWikiName}, {AntiSpam}{EmailPadding}, {AntiSpam}{EntityEncode}, {AntiSpam}{HideUserDetails}, {AntiSpam}{RobotsAreWelcome}, {AttachmentNameFilter}, {AuthRealm}, {AuthScripts}, {Cache}{Enabled}, {DefaultDateFormat}, {DefaultUrlHost}, {DenyDotDotInclude}, {DisplayTimeValues}, {EnableEmail}, {EnableHierarchicalWebs}, {FormTypes}, {HomeTopicName}, {LeaseLength}, {LeaseLengthLessForceful}, {LinkProtocolPattern}, {LocalSitePreferences}, {LoginNameFilterIn}, {MaxRevisionsInADiff}, {MinPasswordLength}, {NameFilter}, {NotifyTopicName}, {NumberOfRevisions}, {PluginsOrder}, {Plugins}{WebSearchPath}, {PluralToSingular}, {Register}{AllowLoginName}, {Register}{Approvers}, {Register}{DisablePasswordConfirmation}, {Register}{EnableNewUserRegistration}, {Register}{NeedApproval}, {Register}{NeedVerification}, {Register}{RegistrationAgentWikiName}, {ReplaceIfEditedAgainWithin}, {SandboxWebName}, {ScriptSuffix}, {ScriptUrlPath}, {Site}{Locale}, {SitePrefsTopicName}, {Stats}{TopContrib}, {Stats}{TopicName}, {Stats}{TopViews}, {SuperAdminGroup}, {SystemWebName}, {TemplateLogin}{AllowLoginUsingEmailAddress}, {TemplatePath}, {TrashWebName}, {UploadFilter}, {UseLocale}, {UserInterfaceInternationalisation}, {UsersTopicName}, {UsersWebName}, {Validation}{Method}, {WebMasterEmail}, {WebMasterName}, {WebPrefsTopicName}

# QUERYPARAMS -- show parameters to the query

Expands the parameters to the query that was used to display the page.

## Parameters

Parameter: Description: Default:
format Format string for each entry $name=$value
separator Separator string $n (newline) encoding Control how special characters are encoded. If this parameter is not given, safe encoding is performed which HTML entity encodes the characters '"<>%. entity - Encode special characters into HTML entities, like a double quote into &#034;. Does not encode \n or \r. safe - Encode characters '"<>% into HTML entities. (this is the default) html - As type="entity" except it also encodes \n and \r quotes - Escape double quotes with backslashes (\"), does not change other characters url - Encode special characters for URL parameter use, like a double quote into %22 safe The following tokens are expanded in the format string: Token Expands To $name Name of the parameter
$value String value of the parameter. Multi-valued parameters will have a "row" for each value. In addition the standard format tokens are also expanded. ## Examples  %QUERYPARAMS{ format="<input type='hidden' name='$name' value='$value' encoding="entity" />" }% Security warning! Using QUERYPARAMS can easily be misused for cross-site scripting unless specific characters are entity encoded. By default QUERYPARAMS encodes the characters '"<>% into HTML entities (same as encoding="safe") which is relatively safe. The safest is to use encoding="entity". When passing QUERYPARAMS inside another macro always use double quotes ("") combined with using QUERYPARAMS with encoding="quote". For maximum security against cross-site scripting you are advised to install the Foswiki:Extensions.SafeWikiPlugin. # QUERYSTRING -- full, unprocessed string of parameters to this URL • String of all the URL parameters that were on the URL used to get to the current page. For example, if you add ?name=Samantha;age=24;eyes=blue to this URL you can see this in action. This string can be appended to a URL to pass parameter values on to another page. URLs built this way are typically restricted in length, typically to 2048 characters. If you need more space than this, you will need to use an HTML form and =%QUERYPARAMS%= ## Examples • %QUERYSTRING% expands to  sortcol=1;table=31;up=0  # REMOTE_ADDR -- environment variable ## Examples • %REMOTE_ADDR% expands to 3.237.16.210 # REMOTE_PORT -- environment variable ## Examples • %REMOTE_PORT% expands to # REMOTE_USER -- environment variable ## Examples • %REMOTE_USER% expands to Displays the user identity established by the Web Server. Not available when using Template Autentication. The REMOTE_USER variable only expands when the active script is configured to Require valid-user in the Apache configuration. Eg. If your site uses Apache authentication and allows guest access, view this page with bin/view and bin/viewauth to see the effect. # RENDERLIST -- render bullet lists in a variety of formats The %RENDERLIST% macro is handled by the System.RenderListPlugin ## Examples %RENDERLIST{"org" focus="Sales.WestCoastTeam"}% * [[Eng.WebHome][Engineering]] * [[Eng.TechPubs][Tech Pubs]] * [[Sales.WestCoastTeam][Sales]] * [[Sales.EastCoastTeam][East Coast]] * [[Sales.WestCoastTeam][West Coast]] Expands as:  Sales  East Coast  West Coast # RENDERZONE - render the content of a zone Rendersa zone. See ADDTOZONE for an explanation of zones. ## Parameters Parameter Description Default "zone" name of the zone (reguired) format format string for each item added to the zone $item <!--<literal> $id$missing</literal>-->
missingtoken string assigned to the $missing format token for use in the format parameter. $id: requires= missing ids: $missingids chomp remove leading and trailing whitespace from formatted items, can be useful for pretty-printing and compression. off header prepended to the output footer appended to the output separator put between each item of a zone The following tokens are expanded in the format string: • $id - id of the ADDTOZONE call within the zone currently being rendered.
• $item - text of the ADDTOZONE call within the zone currently being rendered. • $zone - the "zone" currently being rendered.
• $missing - if the ADDTOZONE call being rendered required any id which was not found, then $missing is the missingtoken parameter; empty string otherwise.

## Examples

• %REVINFO% expands to r1 - 21 Sep 2017 - 01:45:29 - Main.ProjectContributor
• %REVINFO{"$n *$topic: $date"}% expands to • System.VarREVINFO: 21 Sep 2017 ## Parameters Parameter Description Default "format" Format of revision information, see supported formatting tokens below "r$rev - $date -$time - $wikiusername" web Name of web Current web topic Topic name Current topic rev Specific revision number Latest revision Supported formatting tokens: Token Unit $web Name of web
$topic Topic name $rev Revision number
$username Login username of revision $wikiname System.WikiName of revision
$wikiusername WikiName with Main web prefix $date Revision date. Actual date format defined as {DefaultDateFormat} in configure
$time Revision time $iso Revision date in ISO date format
$min, $sec, etc. Same date format qualifiers as GMTIME{"format"}

## Examples

• %REVINFO{"$date -$wikiusername" rev="43"}%
• To get the latest revision, even when looking at an older revision:
%REVINFO{"$rev" rev="-1"}% # REVTITLE -- The requested revision as displayed in topic breadcrumbs If a topic revision is requested in the URL, it returns the printable revision of the current topic revision. Otherwise returns an empty string. ## Examples • %REVTITLE% expands to (simulated) (r3) (actual) # SCRIPTNAME -- name of current script • The name of the current script is shown, including script suffix, if any (for example viewauth.cgi) ## Examples • %SCRIPTNAME% expands to view # SCRIPTSUFFIX -- script suffix • Some Foswiki installations require a file extension for CGI scripts, such as .pl or .cgi ## Examples • %SCRIPTSUFFIX% expands to # SCRIPTURL -- URL of script(s) Expands to the URL of a script, or the base URL of all scripts ## Parameters Parameter Description Default "$script" Name of script
web Web name to add to URL
topic Topic (or Web.Topic) to add to URL
Any other parameters to the macro will be added as parameters to the URL

## Examples

• %SCRIPTURL{"view" topic="Cartoons.EvilMonkey"}% will expand to https://matisse.oca.eu/foswiki/bin/view/Cartoons/EvilMonkey
• %SCRIPTURL{"view" web="Cartoons"}% will expand to https://matisse.oca.eu/foswiki/bin/view/Cartoons?web=Cartoons
• %SCRIPTURL{"view" topic="Cartoons.EvilMonkey" rev="1"}% will expand to https://matisse.oca.eu/foswiki/bin/view/Cartoons/EvilMonkey?rev=1
• %SCRIPTURL{"edit" web="Cartoons" topic="EvilMonkey" t="%GMTIME{"$epoch"}%"}% expands to https://matisse.oca.eu/foswiki/bin/edit/Cartoons/EvilMonkey?t=1634886238 • %SCRIPTURL% expands to https://matisse.oca.eu/foswiki/bin • %SCRIPTURL{script}% expands to https://matisse.oca.eu/foswiki/bin/script In most cases you should use SCRIPTURLPATH instead, as it works much better with URL rewriting The edit script should always be used in conjunction a t="%GMTIME{"$epoch"}%" parameter to ensure pages about to be edited are not cached in the browser

The 'old' way of building URLs using SCRIPTURL involved concatenating the web and topic names to the SCRIPTURL e.g. %SCRIPTURL{"script"}%/Cartoons/EvilMonkey. This practice is strongly discouraged, as it does not correctly handle encoding of the parts of the URL. At the first opportunity you should replace all such URLs with the equivalent %SCRIPTURL%{"script" topic="Cartoons.EvilMonkey"}%, which will handle URL encoding for you.

The SCRIPTURL macro does NOT support building jsonrpc or rest requests with parameters. They should still use the "contatenation" method. This is expected to be fixed in Foswiki 2.2.

# SCRIPTURLPATH -- URL path of script(s)

Expands to the base URL of scripts, without protocol or host

## Parameters

Parameter Description Default
"$script" Name of script web Web name to add to URL topic Topic (or Web.Topic) to add to URL Any other parameters to the macro will be added as parameters to the URL ## Examples • %SCRIPTURLPATH{"view" topic="Cartoons.EvilMonkey"}% expands to /foswiki/bin/view/Cartoons/EvilMonkey • %SCRIPTURLPATH{"view" web="Cartoons"}% expands to /foswiki/bin/view/Cartoons?web=Cartoons • %SCRIPTURLPATH{"view" topic="Cartoons.EvilMonkey" rev="1"}% will expand to /foswiki/bin/view/Cartoons/EvilMonkey?rev=1 • %SCRIPTURLPATH{"edit" web="Cartoons" topic="EvilMonkey" t="%GMTIME{"$epoch"}%"}% expands to /foswiki/bin/edit/Cartoons/EvilMonkey?t=1634886238
• %SCRIPTURLPATH% expands to /foswiki/bin
• %SCRIPTURLPATH{script}% expands to /foswiki/bin/script
The edit script should always be used in conjunction with a t="%GMTIME{"$epoch"}%" parameter to ensure pages about to be edited are not cached in the browser See SCRIPTURL if you expect to need the protocol and host e.g. if you are saving the HTML of the page and using it on a different host. The 'old' way of building URLs using SCRIPTURLPATH involved concatenating the web and topic names to the SCRIPTURLPATH e.g. %SCRIPTURLPATH{"script"}%/Cartoons/EvilMonkey. This practice is strongly discouraged, as it does not correctly handle encoding of the parts of the URL. At the first opportunity you should replace such URLs with the equivalent %SCRIPTURLPATH%{"script" topic="Cartoons.EvilMonkey"}%, which will handle URL encoding for you. The SCRIPTURL macro does NOT support building jsonrpc or rest requests with parameters. They should still use the "contatenation" method. This is expected to be fixed in Foswiki 2.2. # SEARCH -- search content Inline search, shows a search result embedded in a topic ## Parameters Parameter Description Default: "text" search="text" Search term. Is a keyword search, literal search, regular expression search, or query, depending on the type parameter. System.SearchHelp has more required web Comma-separated list of webs to search. e.g. web="Main, Know" web="all" The special word all means all webs that do not have the NOSEARCHALL preference set to on in their System.WebPreferences. You can specifically exclude webs from an all search using a minus sign - for example, web="all,-Secretweb". Caution: The "all,-Secretweb" syntax does not exclude subwebs of the excluded web. It applies to only a single web. See Foswikitask:Item8893 AccessControls are respected when searching webs; it is much better to use them than NOSEARCHALL. Wildcards are not currently supported for web names. Current web topic Limit search to topics e.g. topic="WebPreferences" topic="*Bug" topic="MyTopic,YourTopic" A topic, a topic with asterisk wildcards, or a list of topics separated by comma. Note this is a list of topic names and must not include web names. Adding a topic restriction to a search can greatly improve the search performance. All topics in a web excludetopic Exclude topics from search e.g. excludetopic="Web*" excludetopic="WebHome, WebChanges" A topic, a topic with asterisk wildcards, or a list of topics separated by comma. Note this is a list of topic names and must not include web names. scope Search topic name ("topic"); the body ("text") of the topic; or name and body ("all") text type Control how the search is performed when scope="text" or scope="all" "keyword" - use Google-like controls as in soap "web service" -shampoo; searches word parts: using the example, topics with "soapsuds" will be found as well, but topics with "shampoos" will be excluded "word" - identical to keyword but searches whole words: topics with "soapsuds" will not be found, and topics with "shampoos" will not be excluded "literal" - search for the exact string, like web service "regex" - use a System.RegularExpression search like soap;web service;!shampoo; to search on whole words use \bsoap\b "query" - query search of form fields and other meta-data, like (Firstname='Emma' OR Firstname='John') AND Lastname='Peel' %SEARCHVARDEFAULTTYPE% preferences setting (currently literal) order Sort the results of search by the topic names ("topic"), topic creation time ("created"), last modified time ("modified"), last editor's System.WikiName ("editby"), or named field of System.DataForms ("formfield(name)"). The sorting is done web by web; if you want to sort across webs, create a formatted table and sort it with TablePlugin's initsort. Note that dates are sorted most recent date last (i.e at the bottom of the table). The web order is always alphabetical. When ordered by topic the result is first ordered by web and then by topic. topic limit A number will limit the number of topics from which results will be returned. This is done after sorting if order is specified. Note that this does not limit the number of hits from the same topic when you have multiple="on". all date limits the results to those pages with latest edit time in the given time interval. reverse If "on" will reverse the direction of the search. Does only apply to key specified by order. off casesensitive If "on" perform a case sensitive search. (For type=query searches, casesensitive is always on. See System.QuerySearch for more flexible case comparison options) off decode Reverse any encoding done to protect search terms by %URLPARAM{}% macro. Comma separated list of encodings, entered in reverse order of the URLPARAM macro arguments. Supported decoding types are entity|entities, safe and url. bookview If ="on", perform a System.BookView search, e.g. show complete topic text. Very resource demanding. Use only with small result sets off nonoise If "on", shorthand for nosummary="on" nosearch="on" nototal="on" zeroresults="off" noheader="on" noempty="on" off nosummary Show topic title only, no content summary off nosearch Suppress search string off noheader Suppress default search header Topics: Changed: By: , unless a header is explicitly specified Show default search header, unless search is inline and a format is specified nototal Do not show number of topics found off zeroresults If off, false or 0, suppress/replace all output if there are no hits. Can also be set to a FormattedSearch string to customise the output on - displays the summary, and number of topics found. "Number of topics: 0" noempty If "on", suppress results for webs that have no hits. off header Custom format results: see FormattedSearch for usage & examples format Custom format results: see FormattedSearch for usage & examples footer Custom format results: see FormattedSearch for usage & examples expandvariables If "on", expand embedded macros before applying a System.FormattedSearch on a search hit. Useful to show the expanded text, e.g. to show the result of a System.SpreadSheetPlugin %CALC{}% instead of the formula off multiple If ="on", find multiple hits per topic. Each hit can be formatted. The last token is used in case of a regular expression ";" and search off (only one hit found per topic nofinalnewline If "on", the search variable does not end in a line by itself. Any text continuing immediately after the SEARCH macro on the same line will be rendered as part of the table generated by the search, if appropriate. This feature is only active when format is defined. on recurse If "on", recurse into subwebs, if subwebs are enabled. Note: recurse will currently search subwebs of explicitly excluded webs. (web="all, -Sandbox" recurse="on") will still search subwebs of Sandbox. This behavior is likely to change in a future release. off separator Separator between search hits (only used when format is set) uses System.FormatTokens. If separator is not defined, the default is "$n" (newline). Not defining the separator will additionally cause a newline to be added after a header and before a footer.
$n (Newline) headingoffset Adds the given offset to any HTML headings generated in the search result. Works on headings defined by HTML tags as well as headings defined using foswiki markup. 0 newline Line separator within a search hit. Useful if you want to put multi-line content into a table cell, for example if the format parameter contains a $pattern() or a $formfield() the result of which may contain newlines, in which case you could use newline="%BR%" $n (Newline)
pagesize number of items to show per page 25
showpage Page of items to show (starts at 1) (overridden by the value specified by the URL parameter hash from $previousurl and $nexturl) "1"
pager If "on" adds paging to your SEARCHes
Note: the default pager (when pagerformat is not defined) requires the parameters to the SEARCH to not change while paging, as it uses $previousurl and $nexturl. If you use time variable parameters, you will have to define your own pagerformat.
off
pagerformat Custom format results: see FormattedSearch for usage & examples filled from skin template
groupby Warning: this option is liable to change dramatically (and potentially incompatibly) in the next major release of foswiki. Setting to "none" applies only to multi-web SEARCHs, and means the header and footer are only output once - at the beginning and end of the list of results, and the order parameter is applied over the entire set of results (this setting removes the legacy that results are always partitioned by web) see System.SiteChanges for an example. web

## Examples

• %SEARCH{"wiki" web="%USERSWEB%" scope="topic"}%
• %SEARCH{
"FAQ"
nonoise="on"
header="| *Topic: * | *Summary: * |"
format="| $topic |$summary    |"
}%
(displays results in a table with header - details)

Results are sorted alphanumerically on the web name (major key) and topic name (minor key). Only the minor key is affected by the order parameter.

The appearance of the table emitted by the SEARCH may be controlled with TablePlugin's %TABLE{}% macro placed just before the %SEARCH{}%. Example: %TABLE{ tablewidth="90%" }%

# SERVERINFORMATION -- report detailed web server information

Intended for use by installers / administrators, reports on the runtime information of the Foswiki installation, including all environment variables and other execution related information.

## Parameters

Parameter Description Default
environment Displays critical %ENV Environment variables. (Displayed if nothing set)
execution Displays important execution details. (Displayed if nothing set)
modules Displays loaded modules, along with version and location.. (Displayed if nothing set)

# SERVERTIME -- formatted server time

Same format parameters as VarGMTIME[GMTIME%]], but displaying the server time instead of UTC.

## Examples

• %SERVERTIME% elsnds to 22 Oct 2021 - 09:03
• %SERVERTIME{"$hou:$min"}% expands to 09:03
Note: When used in a template topic, this macro will be expanded when the template is used to create a new topic. See System.TemplateTopics#TemplateTopicsVars for details.

# SESSIONID -- unique ID for this session

## Examples

• %SESSIONID% expands to ce8e08f7e9e7a6d3af3e2ba90b9c76e9

# SESSIONVAR -- name of CGI and session variable that stores the session ID

## Examples

• %SESSIONVAR% expands to SFOSWIKISID

# SESSION_VARIABLE -- get, set or clear a session variable

## Parameters

Parameter Description
"name" name of variable
set value to set it to
clear if it is to be cleared
The users ID is in the AUTHUSER session variable, and is read-only

## Examples

• %SESSION_VARIABLE{"MYVAR" set="myval"}%
• %SESSION_VARIABLE{"MYVAR" clear=""}%

# SET -- set a preference setting during runtime

A preference setting created via a %SET macro is usable by the topic containing the %SET statement, and in any other topics %INCLUDing or %INCLUDEd when rendering the topic TML. This is unlike list or META style preference settings which are only set when the base topic is loaded, and never set during macro expension when an %INCLUDEd topic is processed.

A TMPL:DEF template definition containing %SET macros will also add those values to the current scope as if these settings have been parsed as part of the base topic's text.

Setting a preference setting in a list like in

   * Set foo = %SEARCH{...


or in META settings will store the text of the TML expression.

The equivalent %SET statement:

%SET{"foo" value="%SEARCH{..."}%


will store the result of the TML expression as a consequence of the parser processing macros inside-out-left-to-right.

## Parameters

Parameter Description Default
"name" Name of preference to set
value Value to set it to

## Examples

To cache the result of another macro use %SET{"search_result" value="%SEARCH{...}%"}%. The result of the value expression will be temporarily bound to the variable %search_result% and might be used within the scope of the current topic being processed, or in %INCLUDing or other %INCLUDEd topics.

Note that this macro does NOT expand format tokens that are used to alter the macro processing sequence. ($percent,$dollar, ...).

# SHOWPREFERENCE -- show where preferences are defined.

Preference values are shown in a bulleted list, together with where they were defined.

## Parameters

Parameter Description Default:
"name,name,name" Comma-separated list of preferences to show

## Examples

• %SHOWPREFERENCE% will show all preferences
• %SHOWPREFERENCE{"ATTACHFILESIZELIMIT"}% expands to
   * Set ATTACHFILESIZELIMIT = "25000000"
* ATTACHFILESIZELIMIT was defined in Main.SitePreferences


• %SHOWPREFERENCE{"DENYWEBCHANGE,ALLOWWEBCHANGE"}% expands to
   * Set DENYWEBCHANGE = ""
* ALLOWWEBCHANGE was defined in SystemFoswiki.WebPreferences



# SKIN -- current skin

%SKIN% expands the skin search path. For instance, SKIN can be set to catskin, bearskin. The SKIN setting can be overridden using the URL parameter skin, such as ?skin=catskin,bearskin You can also extend the existing skin path using covers - see COVER

## Examples

• %SKIN% expands to pattern

# SLIDESHOWEND -- end slideshow

The %SLIDESHOWEND% macro is handled by the System.SlideShowPlugin

## Examples

See SLIDESHOWSTART

# SLIDESHOWSTART -- convert a topic with headings into a slideshow

Handled by the System.SlideShowPlugin

## Parameters

Parameter Description
template optional name of slide template to use

## Examples

 %SLIDESHOWSTART%
---++ Sample Slide 1
* Bullet 1
* Bullet 2
---++ Sample Slide 2
* Bullet 1
* Bullet 2
%SLIDESHOWEND%
• Expands as:

Start presentation

• Bullet 1
• Bullet 2

• Bullet 1
• Bullet 2

# SPACEDTOPIC -- topic name, spaced and URL-encoded deprecated

The current topic name with added URL-encoded spaces, for use in regular expressions that search for backlinks to the current topic

## Examples

• %SPACEDTOPIC% expands to Var%20*SPACEDTOPIC
This is a deprecated macro. It can be duplicated with %ENCODE{%SPACEOUT{"%TOPIC%" separator=" *"}%}%

# SPACEOUT -- renders string with spaces inserted in sensible places

Inserts spaces after lower case letters that are followed by a digit or a capital letter, and after digits that are followed by a capital letter. Useful for spacing out System.WikiWords

## Examples

• %SPACEOUT{"WebHome"}% expands to: Web Home

## Parameters

Parameter Description Default
separator The separator to put between words e.g. %SPACEOUT{"DogsCatsBudgies" separator=", "}% -> Dogs, Cats, Budgies ' '
Spaced out WikiWords are not automatically linked. To SPACEOUT a WikiWord but preserve the link use "double bracket" format. For example, [[WebHome][%SPACEOUT{"WebHome"}%]] expands to Web Home

# STARTINCLUDE -- start position of topic text if included

If present in included topic, start to include text from this location up to the next %ENDINCLUDE% macro, or to the end. A normal view of the topic shows everything except the %STARTINCLUDE% macro itself.
If you want more than one part of the topic included, use %STARTSECTION{type="include"}% instead

# STARTSECTION -- marks the start of a section within a topic

Section boundaries are defined with %STARTSECTION{}% and %ENDSECTION{}%. Sections may be given a name to help identify them, and/or a type, which changes how they are used.
• type="section" - the default, used for a generic section, such as a named section used by INCLUDE.
• type="include" - like %STARTINCLUDE% ... %STOPINCLUDE% except that you can have as many include blocks as you want which are all merged into one when included (%STARTINCLUDE% is restricted to only one). Sections of type include may not be given a name.
• type="expandvariables" - all macros inside an "expandvariables" type section gets expanded when a new topic based on the template topic is created. See System.TemplateTopics for more information.
• type="templateonly" - start position of text to be removed when a template topic is used. This is used to embed text that you do not want expanded when a new topic based on the template topic is created. See System.TemplateTopics for more information.

## Parameters

Parameter Description Default
"name" Name of the section. Must be unique inside a topic. Generated name
=type=" Type of the section; type "section", "expandvariables", "include" or "templateonly" "section"
Any other parameter will be defined as a default value for a macro within the scope of the section. The example parameters on the left will result in %PARONE% and %PARTWO% being defined if they are not defined parameters to the INCLUDE, or nested INCLUDEs surrounding it, or previsouly defined Preferences.

If a section is not given a name, it will be assigned one. Unnamed sections are assigned names starting with _SECTION0 for the first unnamed section in the topic, _SECTION1 for the second, etc..

You can define nested sections. It is not recommended to overlap sections, although it is valid in Foswiki. Use named sections to make sure that the correct START and ENDs are matched. Section markers are not displayed when a topic is viewed.

## Examples

• %STARTSECTION{"name"}% ................... %ENDSECTION{"name"}%
• %STARTSECTION{"name" type="section"}% .... %ENDSECTION{"name" type="section"}% (type="section" is the default)
• %STARTSECTION{type="include"}% ........... %ENDSECTION{type="include"}%
• %STARTSECTION{type="expandvariables"}% ... %ENDSECTION{type="expandvariables"}%
• %STARTSECTION{type="templateonly"}% ...... %ENDSECTION{type="templateonly"}%

# STATISTICSTOPIC -- name of statistics topic

## Examples

• %STATISTICSTOPIC% expands to WebStatistics, renders as WebStatistics

# SUBSCRIBE{ attributes } - subscribe the current user for notification of changes to the current topic

Anywhere in a topic or template:
• %SUBSCRIBE{...}% or simply %SUBSCRIBE%
Parameter Default Meaning
who Logged-in user Who to subscribe (wikiname, no web)
topic Current topic Topic to subscribe to. Wildcards may be used e.g. topic="Item*" will subscribe to all topics starting with Item. Use topic="Main.*" to subscribe to the WebNotify for the Main web.
unsubscribe Not set If set to "on", will unsubscribe the user

The format of the Subscribe/Unsubscribe button is defined in a template file templates/subscribe.tmpl. The normal skin mechanisms can be used to override this with your own local definitions. The default template works with Javascript to provide a smooth interactive experience.

The format and formatunsubscribe parameters have been removed and will be ignored. The version of PatternSkin shipped with Foswiki 1.1.9 used these parameters.

# SYSTEMWEB -- name of documentation web

The web containing all documentation and default preference settings

## Examples

• %SYSTEMWEB% expands to System

# TAB -- tab inside a tabpane widget

Defines a tab inside a TABPANE area; must be closed using ENDTAB.

## Parameters

Parameter Description Default
"text" label of the tab Tab
before when switching tabs, this is the javascript fragment to be executed just before the tab is displayed
after this javascript handler is to be executed after the tab has been made visible
afterload this javascript handler will be called when content loaded asynchronously (using the url parameter, below) has finished loading; depending on the network latency, this can be significantly later than execution of the after handler above
id id of this tab; this id can be used in the TABPANEs select parameter to display this tab; this id is also added to the class attribute of the html element representing the tab button
url link from where to load the content of the tab asynchronously when selecting this tab; the result of the addressed handler will replace the content area; if no url is set the content of the TAB ... ENDTAB area will be shown when the tab is selected
width width of the tab area auto
height height of the tab area auto
container element where ajax content will be loaded; this is only used together with url

# TABLE -- control attributes of tables and sorting of table columns

The %TABLE{}% macro is handled by the System.TablePlugin

#### Attributes for tables

Parameter Description Default Example
tableborder Table border width (pixels). "1" tableborder="2"
tablebordercolor Table border color. unspecified tablebordercolor="#333"
tableframe Table frame, set to "void" (no sides), "above" (the top side only), "below" (the bottom side only), "hsides" (the top and bottom sides only), "lhs" (the left-hand side only), "rhs" (the right-hand side only), "vsides" (the right and left sides only), "box" (all four sides), "border" (all four sides). unspecified tableframe="hsides"
tablerules Table rules, set to "none" (no rules), "groups" (rules will appear between row groups and column groups only), "rows" (rules will appear between rows only), "cols" (rules will appear between columns only), "all" (rules will appear between all rows and columns). See also: headerrules and datarules. unspecified tablerules="rows"
tablewidth Table width: percentage of window width, or absolute pixel value. unspecified tablewidth="100%"
headerrows Number of header rows to exclude from sort. (will be rendered in a HTML thead section) "1" headerrows="1"
footerrows Number of footer rows to exclude from sort. (will be rendered in a HTML tfoot section) "0" footerrows="1"
id Unique table identifier string, used for targeting a table with CSS. tableN (where N is the table order number on the page) id="userTable"
summary Table summary used by screen readers: A summary of what the table presents. It should provide an orientation for someone who listens to the table. unspecified summary="List of subscribed users"
caption Table caption: A title that will be displayed just above the table. unspecified caption="Users"
inlinemarkup Set to "on" to generate inline markup HTML (in addition to the CSS markup); useful if you need to copy the table, for instance to paste the table into an email). unspecified inlinemarkup="on"
class Add specified class to the default foswikiTable class. unspecified class="mytable"

#### Attributes for table sorting

Parameter Description Default Example
sort Set the table sorting user interface (clickable column headers) "on" or "off". unspecified sort="on"
initsort Column to sort initially (use "1" for the first column). If specified, sorting is enabled; by setting sort="off" the sorting interface can be hidden. unspecified initsort="2"
initdirection Initial sorting direction for initsort, set to "up" (descending, or decreasing in value) or "down" (ascending, or increasing in value). down initdirection="up"
disableallsort Disable all sorting, both initsort and header sort. This is mainly used by plugins such as the System.EditTablePlugin to disable sorting in a table while editing the table. unspecified disableallsort="on"

#### Attributes for table cells

Argument Description Default Example
cellpadding Cell padding (pixels). unspecified cellpadding="0"
cellspacing Cell spacing (pixels). unspecified cellspacing="3"
cellborder Cell border width (pixels). unspecified cellborder="0"
valign Vertical alignment of cells and headers, set to "top", "middle", "bottom" or "baseline". unspecified valign="top"
columnwidths Column widths: Comma delimited list of column widths, percentage or absolute pixel value. unspecified columnwidths="80%,20%"

#### Attributes for data cells

Parameter Description Default Example
datarules Set to "none" (no rules), "rows" (rules will appear between rows only), "cols" (rules will appear between columns only), "all" (rules will appear between all rows and columns). Overrides tablerules for data cells. unspecified datarules="none"
datavalign Vertical alignment of data cells; overrides valign. unspecified datavalign="top"
dataalign Data cell alignment, one value for all columns, or a comma separated list for different alignment of individual columns. Set to "left", "center", "right" or "justify". Overrides individual cell settings. unspecified dataalign="center"
databg Data cell background colour, a comma separated list. Specify "none" for no colour, that is to use the colour/background of the page the table is on. "#edf4f9,#fff" databg="#f2f2f2,#fff"
databgsorted Data cell background colour of a sorted column; see databg. the values of databg databgsorted="#d4e8e4, #e5f5ea"
datacolor Data cell text colour, a comma separated list. unspecified datacolor="#00c, #000"

Parameter Description Default Example
headerrules Set to "none" (no rules), "rows" (rules will appear between rows only), "cols" (rules will appear between columns only), "all" (rules will appear between all rows and columns). Overrides tablerules for header cells. unspecified headerrules="none"
headerbg Header cell background colour. Specify "none" for no colour, that is to use the colour/background of the page the table is on. "#6b7f93" headerbg="#999"
headerbgsorted Header cell background colour of a sorted column. Specify "none" for no colour, that is to use the colour/background of the page the table is on. the value of headerbg headerbgsorted="#32596c"
headercolor Header cell text colour. "#fff" headercolor="#00c"
headervalign Vertical alignment of header cells; overrides valign. unspecified headervalign="top"
headeralign Header cell alignment, one value for all columns, or a comma separated list for different alignment of individual columns. Set to "left", "center", "right" or "justify". Overrides individual cell settings. unspecified headeralign="left,right"
headerrows See: Attributes for tables

#### Other attributes

Parameter Description Default Example
include Other topic defining the TABLE parameters. The first %TABLE% in the topic is used. This is useful if you have many topics with the same table format and you want to update the format in one place. Use topic or web.topic notation. unspecified include="Main.WebHome"

## Examples

 %TABLE{ sort="off" tableborder="0" cellpadding="4" cellspacing="3" cellborder="0" }%
| *A1* | *B1* |
| A2   | B2   |
• Expands as:
A1 B1
A2 B2

# TABPANE -- tabpane widget

This macro starts the tabpane, containing a series of TAB...ENDTABs and ends with ENDTABPANE. A complete tabpane normally looks like this:
%TABPANE%
%TAB{"tab 1"}%
...
%ENDTAB%
%TAB{"tab 2"}%
...
%ENDTAB%
%ENDTABPANE%

Multiple tabpanes can be nested using the following scheme:
%TABPANE%
%TAB{"tab 1"}%
%TABPANE%
%TAB{"tab 1.1"}%
...
%ENDTAB%
%TAB{"tab1.2"}%
...
%ENDTAB%
%ENDTABPANE%
%ENDTAB%
%TAB{"tab 2"}%
...
%ENDTAB%
%ENDTABPANE%


## Parameters

Parameter Description Default
select number or id of tab to select 1
automaxexpand resizes the tabpane to the maximum height to fit into the window off
minheight when automaxexpand is enabled, this is the minimum size a tab is allowed to be resized 230
class extra class: use simple for a non-3D tabpane; use=plain= for a no-frame look&feel
animate enables/disables animation of switching tabs off
remember enables/disables recording the current tab into the url anchor, as well as initialize the currently selected tab reading the anchor off

## Examples

see System.JQueryTabpane for more examples

Shows a Table of Contents that is generated automatically based on headings of a topic. Headings in System.TopicMarkupLanguage ("---++ text") and HTML ("<h2>text</h2>") are taken into account. Any heading text after "!!" is excluded from the TOC; for example, write "---+!! text" if you do not want to list a header in the TOC

## Parameters

Parameter Description Default
"TopicName" topic name Current topic
web Name of web Current web
depth Limit depth of headings shown in TOC 6
title Title to appear at top of TOC
align Align at left or right side of the page
id Optional ID in case multiple TOCs are on the page and each TOC needs to be addressable with an anchor link. Allowed characters: a-zA-Z0-9-_, no spaces. If you don't specify an id, the anchor foswikiTOC can be used in a link to the first TOC: [[#foswikiTOC][Back to TOC]] creates Back to TOC. Multiple TOC macros will increment the generated ID. #foswikiTOC, #foswikiTOC2 ... "foswikiTOC"

## Preference Settings

Default settings are defined in System.DefaultPreferences, and can be overridden in Main.SitePreferences:
Setting Description Value
TOC_MIN_DEPTH The first header level to appear in the TOC 1
TOC_MAX_DEPTH The last header level to appear in the TOC
TOC_TITLE The default TOC title On this page:
TOC_HIDE_IF_INCLUDED Do not show a TOC if the topic it contains is included in another topic on

## Examples

%TOC{depth="2"}%
%TOC{"CompleteDocumentation" web="%SYSTEMWEB%" title="Contents:"}%
If multiple headers have the exact same text, the anchors for the 2nd, 3rd etc will be suffixed by _AN1, _AN2 etc so the anchors become unique.

If other topics are included using INCLUDE then any headingoffset specified on the INCLUDE macro will not be seen by TOC.

# TOPIC -- name of current topic

• %TOPIC% expands to the name of the topic. If you are looking at the text of an included topic, it is the name of the included topic.

## Examples

• %TOPIC% expands to Macros, renders as Macros

# TOPICLIST -- topic index of a web

marker Text for $marker if the item matches selection "selected" selection Current value to be selected in list (none) ## Examples  Create a bullet list of all topics: %TOPICLIST{" *$web.$topic"}% Create a comma separated list of all topics: %TOPICLIST{separator=", "}% Create an option list (for drop down menus): %TOPICLIST{" <option>$topic</option>"}%

Create an option list of web topics with the current topic selected:
<select>%TOPICLIST{

## Examples

%URLPARAM{"skin"}% returns print for a .../view/System/Macros?skin=print URL

URL parameters passed into HTML form fields must be entity encoded.

Double quotes in URL parameters must be escaped when passed into other macros.
Example: %SEARCH{ "%URLPARAM{ "search" encode="safe, quote" }%" noheader="on" }%

Reverse the encoding when used in SEARCH.
Example: %SEARCH{ "%URLPARAM{ "search" encode="safe, quote"}%" decode="safe" noheader="on" }%. (It is not necessary to reverse quote encoding, otherwise decode= options should be specified in the reverse order from the encode= options.)

When used in a template topic, this macro will be expanded when the template is used to create a new topic. See System.TemplateTopics#TemplateTopicsVars for details.

Watch out for internal parameters, such as rev, skin, template, topic, web; they have a special meaning in Foswiki. Common parameters and view script specific parameters are documented at System.CommandAndCGIScripts.

If you have %URLPARAM{ in the value of a URL parameter, it will be modified to %<nop>URLPARAM{. This is to prevent an infinite loop during expansion.

Security warning! Using URLPARAM can easily be misused for cross-site scripting unless specific characters are entity encoded. By default URLPARAM encodes the characters '"<>% into HTML entities (same as encode="safe") which is relatively safe. The safest is to use encode="entity". When passing URLPARAM inside another macro always use double quotes ("") combined with using URLPARAM with encode="quote". For maximum security against cross-site scripting you are adviced to install the Foswiki:Extensions.SafeWikiPlugin.

# USERINFO -- retrieve details about a user

## Parameters

Parameter Description
"name" System.WikiName or login username. May be a group. current user
format Format string; see below for supported formatting tokens. $username,$wikiusername, $emails Format tokens that can be used in format: Token Description $emails (*) Comma separated list of email addresses known to the user mapper (this would normally be System.TopicUserMappingContrib). If expanding for a group, then this will be the email addresses of all members.
$username (*) Login username. If expanding for a group, this should expand as unknown $wikiname, $wikiusername The user's WikiName and Main.WikiName, respectively $groups (*) Comma separated list of group membership. Currently only expands for users
$isadmin (*) Has admin privileges (expands to true or false) $isgroup Is a group (expands to true or false)
Tokens flagged '(*)' are considered private and are hidden from other users by default.
The standard format tokens are also supported.

• %USERINFO{"name" format="..."}% expands to guest, Main.WikiGuest,  (lists $username,$wikiusername, $emails) With formatted output, using tokens: %USERINFO{ format="$username is really $wikiname" }% Expands to: guest is really WikiGuest Retrieve information about another user. You can use either a wikiname or a username to identify the user. You can only see the restricted information about another user if you are an admin, or the {AntiSpam}{HideUserDetails} configuration option is not enabled. (User details are hidden on this site) : %USERINFO{ "WikiGuest" format="$username is really $wikiname" }% Expands to: guest is really WikiGuest # USERNAME -- your login username Foswiki makes names available in three formats: USERNAME like jsmith, WIKINAME like JohnSmith and WIKIUSERNAME like Main.JohnSmith. Un-authenticated users are all Main.WikiGuest. This macro is an alias for the USERINFO macro with a fixed format="$username".
The login username is considered "protected" information by default and will not be revealed to non-admin users.

## Parameters

Parameter Description
"name" System.WikiName or login username. current user

## Examples

• %USERNAME% expands to guest
• %USERNAME{AdminUser}% expands to ==
When used in a template topic, this macro will be expanded when the template is used to create a new topic. See System.TemplateTopics#TemplateTopicsVars for details

# USERSWEB -- name of users web

• The web containing individual user topics, Main.WikiGroups, and customised site-wide preferences.

## Examples

• %USERSWEB% expands to Main

# VAR -- get a preference value from another web

## Parameters

Parameter Description
"name" name of preference to retrieve
web name of web to retrieve the preference from

## Examples

• %VAR{"WEBBGCOLOR"}% expands to #B9DAFF
• %VAR{"WEBBGCOLOR" web="Main"}% expands to #FFEFA6

# WEB -- name of current web

• %WEB% expands to the name of the web where the topic is located. If you are looking at the text of an included topic, it is the web where the included topic is located.

## Examples

• %WEB% expands to System

# WEBLIST -- index of all webs

Generate a list of webs. Obfuscated webs are excluded, e.g. webs with a NOSEARCHALL = on preference setting. The "format" defines the format of one web item. The $name gets expanded to the name of the web, $qname gets expanded to double quoted name, $marker to marker where web matches selection. Subwebs are listed recursively. ## Parameters Parameter Description Default "format" format="format" Format of one line, may include $name (the name of the web), $qname (the name of the web in double quotes), $indentedname (the name of the web with parent web names replaced by indents, for use in indented lists), and $marker (which expands to marker for the item matching selection only). The standard format tokens may also be used. $name
separator Web separator $n (new line). Standard format tokens may also be used. web if you specify $web in format, it will be replaced with this value.
webs Comma separated list of webs to consider. This list can include two pseudo-webs, public which expands to all non-hidden and webtemplate which expands to the names of all template webs.
NOTE: Administrators will see all webs, not just the public ones
public
subwebs Specifies a single web. If specified, then public and webtemplate (described above) will expand relative to show subwebs *below this web only.
selection Entry to be selected in list. If one of the webs matches this selection, then $marker in the format will be expanded %WEB% marker Text for $marker if the item matches selection selected="selected"

## Examples

Create a bullet list of all webs:
%WEBLIST{"   * [[$name.%HOMETOPIC%][$name.%HOMETOPIC%]]"}%
Create a dropdown of all public webs + Trash web, with the current web highlighted:
<form><select name="web">%WEBLIST{

## Parameters

Parameter Description
"name" System.WikiName or login username. current user

## Examples

• %WIKINAME% expands to WikiGuest
• %WIKINAME{guest}% expands to WikiGuest
When used in a template topic, this macro will be expanded when the template is used to create new topic. See System.TemplateTopics#TemplateTopicsVars for details

# WIKIPREFSTOPIC -- name of site-wide preferences topic

## Examples

• %WIKIPREFSTOPIC% expands to DefaultPreferences, renders as DefaultPreferences

# WIKITOOLNAME -- name of your site

## Examples

• %WIKITOOLNAME% expands to Foswiki

Your %WIKINAME% with Main web prefix, useful to point to your Foswiki home page This macro is an alias for the USERINFO macro with a fixed format="$wikiusername". ## Parameters Parameter Description "name" System.WikiName or login username. current user ## Examples • %WIKIUSERNAME% expands to Main.WikiGuest, renders as Main.WikiGuest • %WIKIUSERNAME{guest}% expands to Main.WikiGuest, renders as Main.WikiGuest When used in a template topic, this macro will be expanded when the template is used to create a new topic. See System.TemplateTopics#TemplateTopicsVars for details # WIKIUSERSTOPIC -- name of topic listing all registered users ## Examples • %WIKIUSERSTOPIC% expands to WikiUsers • with Main prefix renders as Main.WikiUsers # WIKIVERSION -- the version of the installed Foswiki engine ## Examples • %WIKIVERSION% expands to v2.1.6 # WIKIWEBMASTER -- feedback email address for site ## Examples • %WIKIWEBMASTER% expands to wiki-ref-webmaster@oca.eu # WIKIWEBMASTERNAME -- Name of the administrator for the site ## Examples • %WIKIWEBMASTERNAME% expands to Wiki Administrator ### Shortcuts The following macros are preference settings and are frequently used in topic content. • %BR% - line break • %BULLET% - bullet sign • %BB% - line break and bullet combined • %BB2% - indented line break and bullet • %RED% text %ENDCOLOR% - colored text (also %YELLOW%, %ORANGE%, %PINK%, %PURPLE%, %TEAL%, %NAVY%, %BLUE%, %AQUA%, %LIME%, %GREEN%, %OLIVE%, %MAROON%, %BROWN%, %BLACK%, %GRAY%, %SILVER%, %WHITE%) • %H% - Help icon • %I% - Idea icon • %M% - Moved to icon • %N% - New icon • %P% - Refactor icon • %Q% - Question icon • %S% - Red star icon • %T% - Tip icon • %U% - Updated icon • %X% - Alert icon • %Y% - Done icon See ShortcutMacros for a full list of predefined shortcuts. Back to top # Formatted Search Customize the display of search results. The default output format of a %SEARCH{...}% is a table consisting of topic names and topic summaries. Use the format="..." parameter to customize the search result. The format parameter typically defines a bullet or a table row containing macros, such as %SEARCH{ "food" format="|$topic | $summary |" }%. See %SEARCH{...}% for other search parameters, such as separator="". ## Syntax Three parameters can be used to specify a customized search result: ### 1. header="..." parameter Use the header parameter to specify the header of a search result. It should correspond to the format of the format parameter. This parameter is optional. Example: header="| *Topic:* | *Summary:* |" Format tokens that can be used in the header string: Name: Expands To: $web Name of the web
$ntopics Number of topics found in current web. Will be 0 (zero). $nhits Number of hits if multiple="on". Will be 0 (zero).
$pager pager control - can be optionally customised using the pagerformat below $n or $n() New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar
Most macros accept parameter strings which are split over multiple lines. This is usually more readable than using $n tokens. If you are familiar with sectional includes, you might also consider nested sectional includes to hold the newline content outside of the parameter string entirely. Note that newline is not a line break. The browser will wrap the lines together. If you require a line break, displaying the results on two lines, use %BR%. Or use two consecutive newlines to create a TML "Paragraph". $nop or $nop() Is a "no operation". This token gets removed; useful for nested search $quot Double quote (") (\" also works)
$percent Percent sign (%) ($percnt also works)
$dollar Dollar sign ($)
$lt Less than sign (<) $gt Greater than sign (>)
$amp Ampersand (&) $comma Comma (,)

Note that if the separator parameter for SEARCH is not defined a newline is added after the header.

### 2. footer="..." parameter

Use the footer parameter to specify the footer of a search result. It should correspond to the format of the format parameter. This parameter is optional. Example:
footer="| *Total:* | *$nhits* |" Format tokens that can be used in the footer string: Name: Expands To: $web Name of the web
$ntopics Number of topics found in current web $nhits Number of hits if multiple="on". Cumulative across all topics in current web. Identical to $ntopics unless multiple="on" $pager pager control - can be optionally customised using the pagerformat below
$n or $n() New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar Most macros accept parameter strings which are split over multiple lines. This is usually more readable than using $n tokens. If you are familiar with sectional includes, you might also consider nested sectional includes to hold the newline content outside of the parameter string entirely.
Note that newline is not a line break. The browser will wrap the lines together. If you require a line break, displaying the results on two lines, use %BR%. Or use two consecutive newlines to create a TML "Paragraph".
$nop or $nop() Is a "no operation". This token gets removed; useful for nested search
$quot Double quote (") (\" also works) $percent Percent sign (%) ($percnt also works) $dollar Dollar sign ($) $lt Less than sign (<)
$gt Greater than sign (>) $amp Ampersand (&)
$comma Comma (,) Note that if the separator parameter for SEARCH is not defined a newline is added after the last search result. ### 3. pagerformat="..." parameter Use the pagerformat parameter to customise the appearance of the paging control. It should correspond to the format of the format parameter. This parameter is optional. Example: pagerformat="Page$currentpage of $numberofpages [[$nexturl][next page]]"

Format tokens that can be used in the pagerformat string:

Name: Expands To:
$previouspage The page number before the currently displayed one $currentpage The currently displayed page number
$nextpage The page number after the currently displayed one $numberofpages Total number of pages there are results for
$pagesize The number of results per page $previousurl full URL to the previous page - IF using the built in pager system
$nexturl full URL to the previous page - IF using the built in pager system $previousbutton skin template (SEARCH:pager_previous) html for the full URL to the previous page - IF using the built in pager system
$nextbutton skin template (SEARCH:pager_next) html for the full URL to the previous page - IF using the built in pager system $n or $n() New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar
Most macros accept parameter strings which are split over multiple lines. This is usually more readable than using $n tokens. If you are familiar with sectional includes, you might also consider nested sectional includes to hold the newline content outside of the parameter string entirely. Note that newline is not a line break. The browser will wrap the lines together. If you require a line break, displaying the results on two lines, use %BR%. Or use two consecutive newlines to create a TML "Paragraph". $nop or $nop() Is a "no operation". This token gets removed; useful for nested search $quot Double quote (") (\" also works)
$percent Percent sign (%) ($percnt also works)
$dollar Dollar sign ($)
$lt Less than sign (<) $gt Greater than sign (>)
$amp Ampersand (&) $comma Comma (,)

### 4. format="..." parameter

Use the format parameter to specify the format of one search hit. Example:
format="| $topic |$summary |"

Format tokens that can be used in the format string:

Name: Expands To:
$web Name of the web $topic Topic name
$topic(20) Topic name, "- " hyphenated every 20 characters $topic(30, -<br />) Topic name, hyphenated every 30 characters with separator "-<br />"
$topic(40, ...) Topic name, shortened to 40 characters with trailing ellipsis. $parent Name of parent topic; empty if not set
$parent(20) Name of parent topic, same hyphenation/shortening as $topic()
$text Formatted topic text. In case of a multiple="on" search, it is the line found for each search hit. $locked LOCKED flag (if any)
$date Time stamp of last topic update, e.g. 22 Oct 2021 - 07:03 $isodate Time stamp of last topic update, e.g. 2021-10-22T07:03Z
$index number of total results - can be used as a running counter in the format, or in the footer. This$index is not affected by web based partitioning of results.
$item the full name of a result item - in a SEARCH context, equivalent to $web.$topic $rev Number of last topic revision, e.g. 4
$username Login name of last topic update, e.g. jsmith $wikiname Wiki user name of last topic update, e.g. JohnSmith
$wikiusername Wiki user name of last topic update, like Main.JohnSmith $createdate Time stamp of topic revision 1
$createusername Login name of topic revision 1, e.g. jsmith $createwikiname Wiki user name of topic revision 1, e.g. JohnSmith
$createwikiusername Wiki user name of topic revision 1, e.g. Main.JohnSmith $summary Topic summary, just the plain text, all formatting and line breaks removed; up to 162 characters
$summary(50) Topic summary, up to 50 characters shown $summary(showvarnames) Topic summary, with %SOMEMACRO{...}% macros shown as SOMEMACRO{...}
$summary(noheader) Topic summary, with leading ---+ headers removed Note: The tokens can be combined, for example $summary(100, showvarnames, noheader)
$summary(searchcontext) Creates a topic summary with the search terms highlighted $summary(searchcontext, 50) Creates a topic summary with the search terms highlighted, up to 50 characters
$changes Summary of changes between latest rev and previous rev $changes(n) Summary of changes between latest rev and rev n
$formname The name of the form attached to the topic; empty if none $formfield(name) The field value of a form field; for example, if FAQWhatIsWikiWiki was a search hit, $formfield(TopicClassification) would get expanded to ==. This applies only to topics that have a DataForm. For multi-line textfields new lines are replace by an HTML <br /> $formfield(name, 10) Form field value, "- " hyphenated every 10 characters
$formfield(name, 20, -<br />) Form field value, hyphenated every 20 characters with separator "-<br />" $formfield(name,30,...) Form field value, shortened to 30 characters with trailing ellipsis.
$formfield(name, display) Form field value after mapping the stored value to the display value (use with +values form fields). You can still use the hyphenation controls described above by placing them after display e.g. $formfield(name, display, 10)
$pattern(reg-exp) A regular expression pattern to extract some text from a topic (does not search meta data; use $formfield instead). In case of a multiple="on" search, the pattern is applied to the line found in each search hit.
• Specify a RegularExpression that covers the whole text (topic or line), which typically starts with .*, and must end in .*
• Put text you want to keep in parenthesis, like $pattern(.*?(from here.*?to here).*) • Example: $pattern(.*?\*.*?Email\:\s*([^\n\r]+).*) extracts the e-mail address from a bullet of format * Email: ...
• This example has non-greedy .*? patterns to scan for the first occurance of the Email bullet; use greedy .* patterns to scan for the last occurance
• Limitation: Do not use .*) inside the pattern, e.g. $pattern(.*foo(.*)bar.*) does not work, but $pattern(.*foo(.*?)bar.*) does
• Note: Make sure that the integrity of a web page is not compromised; for example, if you include an HTML table make sure to include everything including the table end tag
$count(reg-exp) Count of number of times a regular expression pattern appears in the text of a topic (does not search meta data). Follows guidelines for use and limitations outlined above under $pattern(reg-exp). Example: $count(.*?(---[+][+][+][+]) .*) counts the number of <H4> headers in a page. $ntopics Number of topics found in current web. This is the current topic count, not the total number of topics
$nhits Number of hits if multiple="on". Cumulative across all topics in current web. Identical to $ntopics unless multiple="on"
$pager pager control - can be optionally customised using the pagerformat below $n or $n() New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar
Most macros accept parameter strings which are split over multiple lines. This is usually more readable than using $n tokens. If you are familiar with sectional includes, you might also consider nested sectional includes to hold the newline content outside of the parameter string entirely. Note that newline is not a line break. The browser will wrap the lines together. If you require a line break, displaying the results on two lines, use %BR%. Or use two consecutive newlines to create a TML "Paragraph". $nop or $nop() Is a "no operation". This token gets removed; useful for nested search $quot Double quote (") (\" also works)
$percent Percent sign (%) ($percnt also works)
$dollar Dollar sign ($)
$lt Less than sign (<) $gt Greater than sign (>)
$amp Ampersand (&) $comma Comma (,)

## Examples

Here are some samples of formatted searches. The SearchPatternCookbook has other examples, such as creating a picklist of usernames, searching for topic children and more.

### Search showing topic name and summary

Write this:

%SEARCH{
"VarREMOTE"
scope="topic"
nonoise="on"
format="| [[$topic]] |$summary   |"
footer="| *Topics found* | *$ntopics* |" }% To get this: Topic Summary Topics found 3 VarREMOTEADDR #VarREMOTEADDR REMOTE_ADDR environment variable * Syntax: %REMOTE_ADDR% * Expands to: == * Related: ENV, HTTP_HOST, REMOTE_PORT, REMOTE_USER VarREMOTEPORT #VarREMOTEPORT REMOTE_PORT environment variable * Syntax: %REMOTE_PORT% * Expands to: * Related: ENV, HTTP_HOST, REMOTE_ADDR, REMOTE_USER VarREMOTEUSER #VarREMOTEUSER REMOTE_USER environment variable * Syntax: %REMOTE_USER% * Expands to: * Related: ENV, HTTP_HOST, REMOTE_ADDR, REMOTE_PORT, USERNAME, ... ### Table showing form field values of topics with a form In a web where there is a form that contains a TopicClassification field, an OperatingSystem field and an OsVersion field we could write: | *Topic:* | *!OperatingSystem:* | *!OsVersion:* | %SEARCH{ "TopicClassification~'FrequentlyAskedQuestion'" type="query" nonoise="on" format="| [[$topic]] | $formfield(OperatingSystem) |$formfield(OsVersion) |"
}%

To get this (simulated):

Topic: OperatingSystem: OsVersion:
IncorrectDllVersionW32PTH10DLL OsWin 95/98
WinDoze95Crash OsWin 95

### Extract some text from a topic using regular expression

The following example makes use of the $pattern() token to extract the first level-1 heading for each topic: %SEARCH{ "^---[+][^+][^\r\n]+[\r\n]" type="regex" nonoise="on" header="Headings:" limit="5" format=" * [[$topic][$pattern([\r\n\-+!]+([^\r\n]*?)[\r\n].*)]]" footer="Found$ntopics topics with level-1 headings"
}%

### Test case

SEARCH is one of many macros that produce output which may be controlled with format, header and footer parameters, among others. To make use of additional macros in the output, familiarity with inside-out, left-to-right order of expansion rules is required. There are two forms:
1. Standard: Use %INNERMACRO% to build the parameter string before %OUTERMACRO% is expanded
 %OUTERMACRO{
format="%INNERMACRO%"
}%
2. Delayed: Use the parameter string to incorporate %INNERMACRO% into the output of %OUTERMACRO%
 %OUTERMACRO{
format="$percentINNERMACRO$percent"
}%
When working with a given macro, consult its documentation to determine which parameters support the $percent/$percnt format tokens. Generally only output parameters like header, format and footer support format tokens.

#### Standard form

The key to understanding nested expressions in Foswiki is to understand that macros are expanded "inside-out, left-to-right". Example:

%MACRO1{
something="%MACRO2{
somethingelse="%MACRO3%, %MACRO4%"
}%"
}%

The macros are expanded in this order: MACRO3, MACRO4, MACRO2, MACRO1.

##### Animated Example
%INCLUDE{
"%QUERY{
"'%THETOPIC%'/%THEFIELD%"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
"%QUERY{
"'%SYSTEMWEB%.FAQWhatIsWikiWiki'/%THEFIELD%"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
"%QUERY{
"'%SYSTEMWEB%.FAQWhatIsWikiWiki'/TopicClassification"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
"%QUERY{
"'System.FAQWhatIsWikiWiki'/TopicClassification"
}%"
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification

%INCLUDE{
section="Summary"
}%
* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification


These topics are for frequently

* Set THETOPIC = %SYSTEMWEB%.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification


These topics are for frequently

* Set THETOPIC = System.FAQWhatIsWikiWiki
* Set THEFIELD = TopicClassification


#### Delayed form

Standard form macros can nearly always be used to build the parameter string of another macro; however, sometimes it is desirable to bypass the inside-out expansion order and delay the inner macro until after the outer macro has finished expansion. This is accomplished by using the $percent format token instead of %, and escaping any " character it uses (becomes \") When working with a given macro, consult its documentation to determine which parameters support the $percent/$percnt format tokens. Generally only output parameters like header, format and footer support format tokens. Example: %MACRO1{ format="$percentMACRO2{
format=\"%MACRO3%, %MACRO4%\"
}$percent" }%  The macros are expanded in this order: MACRO3, MACRO4, MACRO1, MACRO2. ##### Animated Example From the conditional output example: %SEARCH{ "info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31')" type="query" limit="2" nonoise="on" format=" *$percentICON{
\"$percentIF{ \"'$topic'/parent.name='%PARENT%'\"
then=\"info\" else=\"gear\"
}$percent\" }$percent [[$topic]]" }% ---- * Set PARENT = UserDocumentationCategory  %SEARCH{ "info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31')" type="query" limit="2" nonoise="on" format=" *$percentICON{
\"$percentIF{ \"'$topic'/parent.name='UserDocumentationCategory'\"
then=\"info\" else=\"gear\"
}$percent\" }$percent [[$topic]]" }% ---- * Set PARENT = UserDocumentationCategory   * %ICON{ "%IF{ "'AccessKeys'/parent.name='UserDocumentationCategory'" then="info" else="gear" }%" }% [[AccessKeys]] * %ICON{ "%IF{ "'AdminSkillsAssumptions'/parent.name='UserDocumentationCategory'" then="info" else="gear" }%" }% [[AdminSkillsAssumptions]] ---- * Set PARENT = UserDocumentationCategory   * %ICON{ "info" }% [[AccessKeys]] * %ICON{ "gear" }% [[AdminSkillsAssumptions]] ---- * Set PARENT = UserDocumentationCategory   * <img src="https://matisse.oca.eu/foswiki/bin/../pub/System/DocumentGraphics/info.png"/> [[AccessKeys]] * <img src="https://matisse.oca.eu/foswiki/bin/../pub/System/DocumentGraphics/gear.png"/> [[AdminSkillsAssumptions]] ---- * Set PARENT = UserDocumentationCategory  #### Worked example Problem: search for some topics in an initial (outer) search, and for each of them apply a second (inner) search. The idea is to use the outer search to build a series of inner seraches. Consider the following example. Let's search for all topics that contain the word "culture" (outer search), and find out where each topic found is linked from (inner search). Initial (outer) search: %SEARCH{ "culture" nonoise="on" format=" *$topic is referenced by: (list all references)"
}%

Second (inner) search:

For each hit, we want this search:
%SEARCH{
"(topic found in outer search)"
nonoise="on"
format="$topic" separator=", " }% Now let's nest the two. ##### Method 1 (nesting with escapes) The inner search cannot be placed directly into the format string of the outer, because of the "inside-out, left-to-right" macro expansion behaviour discussed earlier. It must be delayed so that the outer search is evaluated first. To do this, we need to escape the inner search, i.e. let the outer search build a series of searches comprised of the inner search. • Use $percent to escape (delay) the inner search's SEARCH macro
• Use \" to escape the double quotes
• Use $dollar to escape the $ of $topic Write this: %SEARCH{ "culture" nonoise="on" limit="5" format="\ *$topic is referenced by:
* $percentSEARCH{ \"$topic\"
nonoise=\"on\"
format=\"$dollartopic\" separator=\", \" }$percent"
}%


To get this:
• AccessControl is referenced by:
• AdminDocumentationCategory, CommandAndCGIScripts, CompleteDocumentation, DataForms, DefaultPreferences, DevelopingPlugins, FAQHiddenUsersAndGroups, FAQRebuildingWikiUsersTopic, FileAttachment, InstallationGuidePart1, ManagingTopics, ManagingUsers, MetaCommentPlugin, PreferenceSettings, PublishedAPI, ReferenceManual, ReleaseHistory, ReleaseNotes01x00, ReleaseNotes01x01, SitePermissions, SiteTools, SkinTemplates, TipTopic017, TopicsAndWebs, TwentyMinuteTutorial, UserAuthentication, VarSEARCH, WebPreferencesHelp, WikiWord
• PatternSkinElements, ReleaseNotes01x00, ReleaseNotes01x01, UserDocumentationCategory, WebHome, WebLeftBarExample, WelcomeGuest
• FAQWhatIsWikiWiki is referenced by:
• DataForms, FAQWhatIsWikiWiki, FormattedSearch, Macros, UserDocumentationCategory
• FormattedSearch is referenced by:
• AccessControl, BookView, CompleteDocumentation, DataForms, DeveloperDocumentationCategory, EditTablePlugin, FormatTokens, IfStatements, Macros, MetaData, QuerySearch, ReferenceManual, ReleaseHistory, ReleaseNotes01x00, ReleaseNotes01x01, RenderListPlugin, SearchHelp, SearchPatternCookbook, SiteTools, SpreadSheetPlugin, TopicsAndWebs, TwistyPlugin, UserDocumentationCategory, VarFORMAT, VarMETASEARCH, VarSEARCH, VarURLPARAM, WebLeftBarExample, WebPreferences
• UserDocumentationCategory is referenced by:
• ACRONYM, AccessControl, AccessKeys, AdminDocumentationCategory, AdminToolsCategory, BookView, BumpyWord, CompleteDocumentation, DataForms, DeveloperDocumentationCategory, DocumentGraphics, DontNotify, FAQAnApplicationWithWikiForm, FAQDeleteOrRenameATopic, FAQDeleteOrRenameAnAttachment, FAQEditDoesNotIncreaseTheRevision, FAQGnuGeneralPublicLicense, FAQSimultaneousEdits, FileAttachment, FileAttribute, ForceNewRevision, FormattedSearch, GlossaryOfTerms, GoBox, GoodStyle, HiddenAttachment, IncludeTopicsAndWebPages, InterWikis, LoginName, Macros, MainFeatures, ManagingTopics, ProjectLogos, QuietSave, ReferenceManual, RegularExpression, SearchPatternCookbook, SitePermissions, SkinBrowser, StandardColors, TextEditor, TimeSpecifications, TopicsAndWebs, TwentyMinuteTutorial, UserToolsCategory, UsingHTML, WabiSabi, WebLeftBarExample, WikiNotation, WikiWikiClones, WikiWord, YouAreHere

When nesting with escapes, each new nesting level must "escape the escapes", e.g. write $dollarpercentSEARCH{ for level three, $dollardollarpercentSEARCH{ for level four, etc.

##### Method 2 (nesting with sectional includes)
Nested expressions with delayed macros can be difficult to write: care must be taken to escape all the quotes of the inner delayed macro, and it may become confusing whether to use $topic, $dollartopic or $dollardollartopic. If you find yourself using escaped tokens like $dollartopic, another approach is to use the STARTSECTION/ENDSECTION feature of INCLUDE. Instead of nesting the inner search expression directly inside the format string of the outer, the inner search is written as a separate stand-alone section of a topic which is INCLUDEd into the format string of the outer.

Write this:
%SEARCH{
"culture"
nonoise="on"
limit="5"
format="\
* $topic is referenced by: *$percentINCLUDE{\"%TOPIC%\" section=\"mysearch\" thetopic=\"$topic\"}$percent"
}%

<!-- HTML comment to hide this section from the user and web browser's DOM.
verbatim prevents the section being evaluated. Alternatively, sections
like this can be placed into dedicated utility topics which may hold
many such re-usable pieces of your wiki application
<verbatim>
%SEARCH{
"%thetopic%"
nonoise="on"
format="$topic" separator=", " }% </verbatim> -->  Output will be the same as for the first method Nested search can be slow, especially if you nest more than 3 levels deep. Nesting is limited to 16 levels. ### Most recently changed pages Write this: %SEARCH{ "1" type="query" nonoise="on" order="modified" reverse="on" limit="7" format="| [[$topic]] | $wikiusername |$date |"
}%

To get this:
 DefaultPreferencesForm Main.UnknownUser 07 Feb 2019 - 14:58 EmptyPlugin Main.UnknownUser 07 Feb 2019 - 14:58 TWikiCompatibilityPlugin Main.UnknownUser 07 Feb 2019 - 14:58 TinyMCEQuickHelp Main.UnknownUser 07 Feb 2019 - 14:58 PrintSkin Main.UnknownUser 07 Feb 2019 - 14:58 ReleaseNotes01x01 Main.UnknownUser 07 Feb 2019 - 14:58 SkinTemplateViewTemplate Main.UnknownUser 07 Feb 2019 - 14:58

### Search with conditional output

Sometimes it may be desirable for each hit to be displayed differently depending on some criteria. For example, maybe you want to list 20 topics modified in 2009, but decorate the hits which are children of UserDocumentationCategory with an icon.
1. Specify a search which returns the hits you need
2. For each search hit, test the condition that will influence the output using a nested IF statement

Write this:
%SEARCH{
"info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31')"
type="query"
limit="20"
format="   * $percentICON{ \"$percentIF{
\"'$topic'/parent.name='UserDocumentationCategory'\" then=\"info\" else=\"gear\" }$percent\"
}$percent [[$topic]]"
}%
Details:
• The SEARCH has a delayed ICON. The $percent ensures that ICON is evaluated once for each search hit • The ICON contains an IF, which again is delayed with the $percent token and will also be evaluated for each SEARCH hit. Additionally, the inside-out, left-to-right rule discussed earlier means that this IF expression will be evaluated before ICON.
• If $topic is a child of UserDocumentationCategory, the info icon is used; otherwise, gear. To get this: Searched: info.date >= d2n('2009-01-01') AND info.date <= d2n('2009-12-31') Number of topics: 20 ### Embedding search forms to return a formatted result Use an HTML form and an embedded formatted search on the same topic. You can link them together with an URLPARAM macro. Example: Write this: <form action="%SCRIPTURLPATH{"view"}%/%WEB%/%TOPIC%"> Find Topics: <input type="text" name="q" size="32"\ value="%URLPARAM{"q" encode="entity"}%" />&nbsp;<input\ type="submit" class="foswikiSubmit" value="Search" /> </form> Result: %SEARCH{ "%URLPARAM{"q" encode="quote"}%" type="keyword" nosearch="on" format=" *$web.$topic: %BR%$summary"
}%


To get this:
Find Topics:

Result:
Number of topics: 0

Related Topics: UserDocumentationCategory, SearchHelp, Macros#VarSEARCH, SearchPatternCookbook, RegularExpression

# File Attachments

Each topic can have one or more files of any type attached to it by using the Attach screen to upload (or download) files from your local PC. Attachments are stored under revision control: uploads are automatically backed up; all previous versions of a modified file can be retrieved.

## What are attachments good for?

File Attachments can be used to archive data, or to create powerful customized groupware solutions, like file sharing and document management systems, and quick Web page authoring.

### Document management system

You can use Attachments to store and retrieve documents (in any format, with associated graphics, and other media files); attach documents to topics; collaborate on documents with full revision control; distribute documents on a need-to-know basis using web and topic-level access control; create a central reference library that's easy to share with an user group spread around the world.

### File sharing

For file sharing, FileAttachments on a series of topics can be used to quickly create a well-documented, categorized digital download center for all types of files: documents, graphics and other media, drivers and patches, applications; anything you can safely upload!

### Web authoring

Through your web browser, you can easily upload graphics (or sound files, or anything else you want to link to on a page) and place them on a single page, or use them across a web, or site-wide.

You can also add graphics - any files - directly, typically by FTP upload. This requires FTP access, and may be more convenient if you have a large number of files to load. FTP-ed files cannot be managed using browser-based attachment controls. You can use your browser to create shortcuts using Macros, like this %H% = .

### Attachment Names

Attachment names are stored directly in the server native file system, so filenames are sanitized to prevent use of names that would be unacceptable to the variety of platforms where Foswiki is supported. Note that the rules are different depending on whether or not your installation is configured to support international characters (UseLocale)

#### Default rules without international character set support.

• Filenames must only be compose of:
• "Mixed Alpha-Numeric" characters. (A-Z, a-z and 0-9)
• May also contain:
• . (period / decimal point / "dot")
• _ (Underscore)
• - (Hyphen or dash)
• embedded spaces (Will be converted to underscore (_) during upload
• Any other characters are removed from the filename.
• Any leading dots or slashes (., \ or /) will be stripped
• Embedded spaces will be converted to underscore _
• Certain filenames that might be interpreted as executable code will have .txt appended. (This is set locally by your system administrator)

#### Attachment name rules with international character set support enabled.

• Embedded spaces are converted to _ (Underscore).
• The default rules will strip the following characters from the filename:
• Any "whitespace" characters
• * (Asterisk)
• ? (Question mark)
• ~ (Tilde)
• ^ (Caret / Circumflex)
• \ (Backslash)
• $ (Dollar-sign) • @ (At-sign) • % (Percent-sign) • '" Quotes (Open-quote, Close-quote/Apostrophe, and Double-quote) • & (Ampersand) • ; (Semicolon) • | (Vertical line) • <> (Less and Greater signs) • [] (Open and close square brackets) • And any ASCII control characters (Hex x00-x1f) • Any leading dots or slashes (., \ or /) will be stripped • Certain filenames that might be interpreted as executable code will have .txt appended. (This is set locally by your system administrator) ## Uploading files • Click on the [Attach] link at the bottom of the page. The Attach screen lets you browse for a file, add a comment, and upload it. The uploaded file will show up in the file attachment table. The topic must already exist. If it does not, it is a two step process: First create the topic, then add the file attachment. • Any type of file can be uploaded. Some files that might pose a security risk are renamed, for example: *.php files are renamed to *.php.txt so that no one can place code that would be read in a .php file. • Foswiki can limit the file size. This is defined by the %ATTACHFILESIZELIMIT% preference settings, currently set at 25000000 kB. It is not recommended to upload files greater than a few hundred K through a browser. Large files can be extremely slow-loading, and often time out. Use an FTP site for large file uploads. • Automatic attachments: • When enabled, all files with valid names in a topic's attachment directory are shown as attachments to the topic - even if they were directly copied to the directory and never attached by using an [Attach] link. This is a convenient way to quickly "attach" files to a topic without uploading them one by one; although at the cost of losing audit trail and version control. • Before an attachment is shown, the filename is filtered per the above Attachment name rules. If the filtered name is not identical to the actual file name, the file will not be included in the list of attachments • To enable this feature, set the {AutoAttachPubFiles} configuration option. The automatic attachment feature can only be used by an administrator who has access to the server's file system. • Linking to the attached file in the topic: • Checking the "Create a link to the attached file" appends a link at the end of the topic. The format can be modified with the %ATTACHEDFILELINKFORMAT% preference setting. Images (files ending in gif, jpg, jpeg or png) are handled by %ATTACHEDIMAGEFORMAT%. • The two named preference settings may use the following variables: • $filename: the name of the file
• $fileurl: URL encoded version of the filename • $comment: the file comment from the upload dialog
• $size: the filesize (%ATTACHEDIMAGEFORMAT% only) • $name: (deprecated, should no longer be used)

There is no access control on individual attachments. If you need control over single files, create a separate topic per file and set topic-level access restrictions for each.

## Moving attachment files

An attachment can be moved between topics.
• Click [Manage] on the Attachment to be moved.
• On the control screen, select the new web and/or topic.
• Click [Move]. The attachment and its version history are moved. The original location is stored as topic meta data.

## Deleting attachments

Move unwanted Attachments to web Trash, topic TrashAttachment.

• Once a file is attached it can be referenced in the topic. Example:
1. [Attach] a file, for example: Sample.txt
2.  the topic you attached the file to and enter: %ATTACHURL%/Sample.txt
3. [Preview]: the %ATTACHURL%/Sample.txt text appears as: https://matisse.oca.eu/foswiki/bin/../pub/SystemFoswiki/FileAttachment/Sample.txt, a link to the text file.

• To reference an attachment located in another topic, enter:
• %PUBURL%/%WEB%/OtherTopic/Sample.txt (if it's within the same web)
• %PUBURL%/Otherweb/OtherTopic/Sample.txt (if it's in a different web)

• Attached HTML files and text files can be inlined in a topic. Example:
1. [Attach] file: Sample.txt
2.  topic and write text: %INCLUDE{"%ATTACHURL%/Sample.txt"}%

• GIF, JPG and PNG images can be attached and shown embedded in a topic. Example:
1. [Attach] an image file, for example: Smile.gif
2.  topic and write text: %ATTACHURL%/Smile.gif
3. [Preview]: text appears as , an image.

## Securing Attachments

In most installations, attachments are not secured. Anyone can read them if they know the name of the web, topic and attachment.

To secure attachments, you have to control access to the attachments through the viewfile script, which requires a change in your web server configuration. To see how to configure Apache to do this, see http://foswiki.org/Support/ApacheConfigGenerator#Attachments

## Examples

Following you will find some examples of screens and tables related to this topic and referenced throughout the previous text. The appearance of these tables might vary, depending on what skin is used on your Foswiki installation.

### File attachment table

Files attached to a topic are displayed in a directory table, showing the different file names and attributes. An h means the attachment is hidden and not listed when viewing a topic in normal mode.

The file attachment table is normally displayed at the bottom of the page, or optionally, hidden and accessed when you click [Attach].

Topic attachments
I Attachment Action Size Date Who Comment
txt Sample.txt manage 0.1 K 22 Jul 2000 - 19:37 ProjectContributor Just a sample
gif Smile.gif manage 0.1 K 22 Jul 2000 - 19:38 ProjectContributor Smiley face

### File attachment controls

Clicking on a [Manage] link takes you to a new page that looks a bit like this (depending on what skin is selected).

Here, you have different options:
• To update an existing file, choose the updated file on your local drive and click [Update file]. The filename of the original attachment will preserved; the filename of the local file you chose will not be used.
• To change the comment on an attachment, enter a new comment and then click [Change comment and properties only]. Note that the comment listed against the specific version will not change, however the comment displayed when viewing the topic does change.
• To hide/unhide an attachment, enable the Do not show attachment in table checkbox, then click [Change comment and properties only].

### Attach new file

Select a new local file to update attachment Sample.txt

### Comment

Describe the file so other people know what it is.

### Properties

Images will be displayed, for other attachments a link will be created.

Attachments will not be shown in topic view page.

or Cancel

# Data Forms

This page introduces structured data, and explains how to set up and work with data forms.

## Overview

Next to freeform topic contents, each topic can store additional data in name/value pairs.

Topic data is normally not visible when you view a topic (except for a small table at the bottom of the topic - dependent on the used skin). Topic data works "behind the scenes" and facilitates searches, reports and custom displays.

Topic data, or better: structured data, can be used in many ways. The Foswiki Support questions serves as a demonstration how topic data can be used:
• To create a complete list of "Support Questions" topics
• To show a subset of all questions that have not been answered yet
• To display the title and subject of each question

Another uses for structured data could be:
• Create a list of all contributions of one particular author
• Create a quick report of all employee names and phone numbers
• Create a software documentation repository
• Create a bug tracker

To work with topic data, you will need 3 things:
1. The data definition, specified in a table in a "data form" topic. The table lists all fields and their types - see The data definition.
2. The web's WebPreferences needs to list the form in the WEBFORMS setting - see Enabling forms.
3. The form must get connected to the topic - see Adding a form to a topic.
Then you are ready to enter data values for each topic.

Optional further steps are:
1. Create a template topic so that new topics based on that template have the form already added - see Template topics.
2. Build an HTML form to create new topics based on that template topic, or to pass field values from the HTML form to the data form.
3. Build a search to create a report from the stored data

For a step by step tutorial, see the FAQ How can I create a simple data form based application?.

Sometimes new users with a web programming background are confused how "data forms" and "HTML forms" are related. They are not related. But you'll see later on that you can use web forms to pass data to a topic data form.

## The data definition

Topics can store data as name/value pairs, or form fields. The attributes of each form field are specified in the data definition, which is an ordinary topic.

### The data form topic

The data definition is defined in a TML table and looks like this:
| *Name*  | *Type* | *Size* | *Values* | *Tooltip message* | *Attributes* |
| TopicTitle | text | 100 | | | H |
| Version | select | 1 | ,Version in SVN,Foswiki 1.1.4,Foswiki 1.1.3,Foswiki 1.1.2,Foswiki 1.1.1 | | |
| Related Topics | textboxlist | | | |

In the next section we'll go into the details of the table contents.

The name of the data form topic usually ends with "Form". For example, the form topic for the Support Questions is named "QuestionForm". The form topic can be placed in any web, but usually this is in the same web as the topics that will be using it.

Topic types
You could consider the data form topic as the data type. For instance, all topics that use the form QuestionForm are topics of type "Question".

A useful core feature of Foswiki 1.1 is the automatic selection of view and edit templates based on the name of the form attached to a topic. With this we are really starting build up a topic as something resembling a typed object: its form name being the type identifier, and its form+templates as the details of its implementation. See AutoViewTemplatePlugin for details of this feature.

General Notes:
• The topic definition is not read when a topic is viewed.
• Form definition topics can be protected in the usual manner, using AccessControl, to limit who can change the form definition and/or individual value lists. Note that view access is required to be able to edit topics that use the form definition, though view access to the form definition is not required to view a topic where the form has been used.

### The form table

A form is to a web as a table is to a database. -- Andrew Steele

The data form table is a kind of spreadsheet:
• Each row of the table specifies one form field
• The table header defines what attributes of the form fields need to be specified

Each column name in the table header row is one element of an entry field:
| *Name*  | *Type* | *Size* | *Values* | *Tooltip message* | *Attributes* |


Only Name, Type and Size are required. So the minimum table has this header row:
| *Name* | *Type* | *Size* |


A simple form just supporting entry of a name and a date would be:
| *Name* | *Type* | *Size* |
| Name   | text   | 80     |
| Date   | date   | 30     |


#### Form field rows

Each form field is defined by these attributes:

 Name The name of the form field; must be unique for that form. Type The data type: text, date, single or multi-value, labels (read-only). The type also defines how form field data can be entered in the edit screen, such as text field or radio buttons. Size The input size of the form field inputs on the edit screen. Values For checkboxes, radio buttons and dropdown lists: predefined input to select from. More advanced: this can be a dynamically generated list of values. Tooltip message (hardly used or useful anymore) A message that will be displayed when the cursor is hovered over the field in edit view. Attributes Whether the field is mandatory or hidden in view mode.

As said, only Name, Type and Size are required.

### Form field attributes

#### Name

The name of the form field.

• Names have to be unique for each data definition.
• A very few field names are reserved. If you try to use one of these names, Foswiki will automatically append an underscore to the name when the form is used. But do not use the field name undefined (or any variant of that name, such as UnDefined), as that name is reserved for use in search queries.
• You can space out the title of the field, and it will still find the topic e.g. Aeroplane Manufacturers is equivalent to AeroplaneManufacturers.
• If a label field has no name, it will not be shown when the form is viewed, only when it is edited.
• Field names can in theory include any text, but you should stick to alphanumeric characters. If you want to use a non-wikiname for a select, checkbox or radio field, and want to get the values from another topic, you can use [[...]] double bracket links. This notation can also be used when referencing another topic to obtain field values, but a name other than the topic name is required as the name of the field.
• If you want the Field name to include embedded spaces, use the format [<nop>[FieldName][Descriptive human-friendly Field Name]].
• Leading and trailing spaces do not matter.

#### Type

The data type defines the kind of input: text, date, single or multi-value, or labels (read-only). This is done by setting the type of interface control on the edit screen: checkbox, radio button, text field, and so on.

The control appearance is also specified by size and (initial) value. More on those attributes below.

Type Description Size attribute Value attribute Modifiers
checkbox One or more checkboxes. How many checkboxes will be displayed on each line. A comma-separated list of item labels. checkbox+buttons will add Set and Clear buttons to the basic checkbox type.
checkbox+values allows the definition of values that are different to the displayed text.
date A single-line text box and a calendar icon button next to it; clicking on the button will bring up a calendar from which the user can select a date. The date can also be typed into the text box. The text box width in characters. The initial text.
label Read-only label text.   The text of the label.
radio Like checkbox except that radio buttons are mutually exclusive; only one can be selected. radio+values allows the definition of values that are different to the displayed text.
select A select box / dropdown. A fixed size for the box (e.g. 1, or a range e.g. 3..10. To get a dropdown, use size 1.
If you specify a range, the box will never be smaller than 3 items, never larger than 10, and will be 5 high if there are only 5 options.
Caution size 1 dropdown is incompatible with select+multi modifier on some browsers.
A comma-separated list of options for the box. select+multi turns multiselect on for the select, to allow Shift+Click and Ctrl+Click to select (or deselect) multiple items.
select+values allows the definition of values that are different to the displayed text. You can combine these modifiers e.g. select+multi+values
text A one-line text field. The text box width in number of characters. The initial (default) content when a new topic is created with this form definition.
textarea A multi-line text box. Size in columns x rows, e.g. 80x6; default size is 40x5. The initial text.

##### Example of select+values
A formfield definition like:
| Field 9 | select+values | 1 | One, Two=2, Three=III, Four | Various values formats |


displays as:

The generated HTML code reveals that the form values differ from the option labels:
<select name="Field9" size="1" class="foswikiSelect">
<option value="One" class="foswikiOption">One</option>
<option value="2" class="foswikiOption">Two</option>
<option value="III" class="foswikiOption">Three</option>
<option value="Four" class="foswikiOption">Four</option>
</select>


##### Extending the range of form data types
Some plugins add data types. For instance, JQueryPlugin's sub-plugin JQueryFarbtastic adds the data type color:
| *Name*  | *Type* | *Size* | *Values* | *Tooltip message* | *Attributes* |
| MyColor | color | 10 | | | |


Example (click in the field to view):

Note to extension developers
Such extended data types are single-valued (can only have one value) with the following exceptions:
• any type name starting with checkbox
• any type name with +multi anywhere in the name
Types with names like this can both take multiple values.

#### Size

The input size of the form field inputs on the edit screen. The size acts a bit different for each type - see the Type table above.

#### Values

For checkboxes, radio buttons and dropdown lists: predefined input to select from. More advanced: this can be a dynamically generated list of values.

• The field value will be used to initialize a field when a form is created, unless specific values are given by the topic template or query parameters. The first item in the list for a select or radio type is the default item. For label, text, and textarea fields the value may also contain commas. checkbox fields cannot be initialized through the form definition.
• Leading and trailing spaces do not matter.
• Field values can also be generated through a System.FormattedSearch, which must yield a suitable table as the result.
• Macros in the initial values of a form definition get expanded when the form definition is loaded.
• If you want to use a | character in the initial values field, you have to precede it with a backslash, thus: \|.
• You can use <nop> to prevent macros from being expanded.
• The Format tokens can be used to prevent expansion of other characters.

##### How to retrieve values from other topics
If you have rows defined like this:
| *Name*  | *Type* | *Size* | *Values* | *Tooltip message* | *Attributes* |
| AeroplaneManufacturers | select | | | | |

... Foswiki will look for the topic AeroplaneManufacturers to get the possible values for the select field.

The Values column must be empty.

The AeroplaneManufacturers topic must contain a table, where each row of the table describes a possible value. The table only requires one column, Name. Other columns may be present, but are ignored.

For example:
| *Name* |
| Routan |
| Focke-Wulf |
| De Havilland |


##### How to set field values using a macro
A powerful way to populate selectable field values is by using SEARCH to generate a comma-separated list of values.

For example, to create a list of documentation topics whose name contain "Wiki", you write:
| *Name*  | *Type* | *Size* | *Values* | *Tooltip message* | *Attributes* |
| Subject | select+multi | 10 | ,%SEARCH{ \
"Wiki" \
scope="topic" \
web="%SYSTEMWEB%" \
nonoise="on" \
type="regex" \
format="$topic" \ separator=", " \ }% | | |  Note the use of the backslash to be able to write the macro in a more readable way using multiple lines. The comma just before the SEARCH means "empty value" to make it possible to select none. Sometimes you have a topic with a bullet list that can be used as selectable values. The rather advanced SEARCH expression would be: | Subject | select+multi | 10 | ,%SEARCH{ \ " *\s*.*?" \ topic="QuestionSubjectCategory" \ type="regex" \ multiple="on" \ casesensitive="on" \ nonoise="on" \ separator="," \ format="$pattern(.*   \*\s*([^\n]*).*)" \
}% | | |

You are not expected to write these kind of search expressions yourself, but if you like you can find more of these in Search Pattern Cookbook.

Fields and linefeeds
Some browsers may strip linefeeds from text fields when a topic is saved. If you need linefeeds in a field, make sure it is a textarea.

#### Tooltip message

(hardly used or useful anymore) A message that will be displayed when the cursor is hovered over the field in edit view.

#### Attributes

Whether the field is mandatory or hidden in view mode.

 H Indicates that this field should not be shown in view mode. However, the field is available for editing and storing information. M Indicates that this field is mandatory. The topic cannot be saved unless a value is provided for this field. If the field is found empty during topic save, the user is presented with an error message. Mandatory fields are indicated by an asterisk next to the field name.

Multiple attributes can be entered, separated by spaces:
| TopicTitle | text | 100 | | | H M |


## Enabling forms

Before connecting topics to a data definition, the definition must be enabled in the Web's WebPreferences topic.

This is done by adding the form topic name to the WEBFORMS setting. The setting accepts a comma-separated list of form topics:
   * Set WEBFORMS = BugForm, FeatureForm, Books.BookLoanForm, %USERSWEB%.UserForm

As you can see, form topics located in other webs can be added by using their web prefix.

You have to list the available form topics explicitly. You cannot use a SEARCH to define WEBFORMS.

## Adding a form to a topic

With WEBFORMS enabled, a form can be added or changed on the edit screen.

### Manual operation

1. Add a form: click the "Add form" button and select one of the forms in the list.
2. Switching or removing a form: click the "Change form" button and select another one, or none, from the list.

### Automatically adding a form to a new topic

#### Using a template topic

If you don't want users to select a form themselves, this step can be automated by using a template topic that has the form connected.

For example, Question topics on foswiki.org are created using QuestionTemplate:
%META:FORM{name="QuestionForm"}%
%META:FIELD{name="TopicTitle" attributes="H" title="TopicTitle" value=""}%
%META:FIELD{name="Subject" attributes="" title="Subject" value=""}%

In the template initial field values can be set, like the "Status" field in this example.

#### Using the edit template

If you will use only one form in a web, you can also modify the web's WebTopicEditTemplate topic to contain the form reference.

#### Using url parameters

You can also pass the formtemplate parameter to the edit (not save) URL. Initial values can then be provided in the URLs or as form values.

For example:
%SCRIPTURL{edit}%/%WEB%/KnowledgeTopicAUTOINC00001?formtemplate=MyForm;Subject=FAQWhatIsWikiWiki;Category=One;Category=Two;action=form


• XxxYyyAUTOINC00001: creates a new auto-numbered topic name with base "XxxYyy" - see automatically generate unique topic names
• formtemplate: specifies the form topic, like: formtemplate=MyForm
• form values: name=value, like: Subject=FAQWhatIsWikiWiki
• form values with multiple values like checkboxes: name=value1;name=value2, like: Category=One;Category=Two
• action=form: shows the topic data form and hides the topic text form

### Using a web form to create a topic and pass data

If you want to create+save a topic instead of bringing up the edit screen, you must use a web form.

The same parameters as above can be set in HTML (hidden) form fields:
<form name="newtopic" action="%SCRIPTURLPATH{"save"}%/%SANDBOXWEB%/" method="post">
<input type="hidden" name="formtemplate" value="SimpleForm" />
<input type="hidden" name="topic" value="KnowledgeTopicAUTOINC00001" />
<input type="hidden" name="Subject" value="FAQWhatIsWikiWiki" />
<input type="hidden" name="Category" value="One" />
<input type="hidden" name="Category" value="Two" />
<input type="submit" class="foswikiSubmit" value="Create topic" />
</form>


Creates:
For an overview of web form parameters, see CGI and Command Line Scripts.

## Changing a form

You can change a form definition, and Foswiki will try to make sure you don't lose any data from the topics that use that form.

• If you change the form definition, the changes will not take affect in a topic that uses that form until you edit and save it.
• If you add a new field to the form, then it will appear next time you edit a topic that uses the form.
• If you delete a field from the form, or change a field name, then the data will not be visible when you edit the topic (the changed form definition will be used). If you save the topic, the old data will be lost (though thanks to revision control, you can always see it in older versions of the topic)
• If two people edit the same topic containing a form at exactly the same time, and both change fields in the form, Foswiki will try to merge the changes so that no data is lost.

## Searching in form data

The best way to search in form data is using the structured query language in the SEARCH macro.

As an example, the search used on Foswiki Support questions is:
%SEARCH{
type="query"
excludetopic="QuestionTemplate"
web="%WEB%"
format="   * [[$web.$topic][$formfield(TopicTitle)]]$formfield(Subject)"
order="formfield(Extension)"
nonoise="on"
}%

For a step by step tutorial, see the FAQ How can I create a simple data form based application?.

See SEARCH for an overview of SEARCH parameters, and Query Search for the query language specifics.

# Template topics

Template topics are topics that define the default text for new topics.

## Overview

There are four types of template topics:

Topic Name: What it is:
WebCreateNewTopicTemplate Page shown when you click on a Create New Topic link. It provides a form requesting the necessary information to create a new, nonexistent topic.
TopicDoesNotExistViewTemplate Alert page shown when you try to view a nonexistent topic and usually used as a prompt to help you create this new topic. For this reason, the form of the WebCreateNewTopicTemplate is included and therefore shown, too.
WebTopicEditTemplate Default text used in a new topic.
<MyCustomNamed>Template Whenever you create a topic ending in the word "Template", it is automatically added to the list of available template topics in the "Use Template" drop down field on the WebCreateNewTopic page.

When you create a new topic using the edit script, the system locates a template topic according to the following search order:
1. A topic name specified by the templatetopic CGI parameter
• if no web is specified, the current web is searched first and then the System web
2. WebTopicEditTemplate in the current web
3. WebTopicEditTemplate in the System web

## Macro expansion

When the following macros are used in a template topic, they automatically get expanded when new topic is created based on it:

Macro: Description:
%DATE% Signature format date. See VarDATE
%GMTIME% Date/time. See VarGMTIME
%GMTIME{...}% Formatted date/time. See VarGMTIME
%NOP% A no-operation macro that gets removed. Useful to prevent a SEARCH from hitting an edit template topic; also useful to escape a variable, such as %URLPA%NOP%RAM{...}% escaping URLPARAM
%STARTSECTION{type="templateonly"}%...%ENDSECTION{type="templateonly"}% Text that gets removed when a new topic based on the template topic is created. See notes below.
%STARTSECTION{type="expandvariables"}%...%ENDSECTION{type="expandvariables"}% All Foswiki macros in this section type are expanded when a new topic based on the template topic is created. Otherwise only the macros listed here are expanded.
%SERVERTIME% Date/time. See VarSERVERTIME
%SERVERTIME{...}% Formatted date/time. See VarSERVERTIME
%USERNAME% Login name of user who is instantiating the new topic, e.g. guest
%URLPARAM{"name"}% Value of a named URL or HTTP POST parameter
%WIKINAME% WikiName of user who is creating the new topic, e.g. WikiGuest
%WIKIUSERNAME% User name of user who is creating the new topic, e.g. Main.WikiGuest

### Macro notes:

%STARTSECTION{type="templateonly"}%...%ENDSECTION{type="templateonly"}%
markers are used to embed text that you do not want expanded when a new topic based on the template topic is created. For example, you might want to write in the template topic:
%STARTSECTION{type="templateonly"}%
This template topic can only be changed by:
%ENDSECTION{type="templateonly"}%

This will restrict who can edit the template topic, but will get removed when a new topic based on that template topic is created.

%NOP% can be used to prevent expansion of macros that would otherwise be expanded during topic creation e.g. escape %SERVERTIME% with %SER%NOP%VERTIME%.

All other macros are unchanged, e.g. are carried over "as is" into the new topic, unless they are contained within a %STARTSECTION{type="expandvariables"}% section.

## Specifying a form

When you create a new topic based on a template topic, you often want the new topic to have a form attached to it. You can attach a form to the template topic, in which case it will automatically be copied into the new topic.

Sometimes this isn't quite what you want, as it copies all the existing data from the template topic into the new topic. To avoid this and use the default values specified in the form definition instead, you can use the formtemplate parameter to the edit script to specify the name of a form to attach.

See CommandAndCGIScripts for information about this, and all the other parameters to edit.

## Automatically generated topic names

For some applications it is useful to be able to automatically generate unique topicnames, such as BugID0001, BugID0002, etc. You can add AUTOINC<n> to the topic name in the edit and save scripts, and it will be replaced with an auto-incremented number on topic save. <n> is a number starting from 0, and may include leading zeros. Leading zeros are used to zero-pad numbers so that auto-incremented topic names can sort properly. Deleted topics are not re-used to ensure uniqueness of topic names. That is, the auto-incremented number is always higher than the existing ones, even if there are gaps in the number sequence.

Examples:
• BugAUTOINC0 - creates topic names Bug0, Bug1, Bug2, ... (does not sort properly)
• ItemAUTOINC0000 - creates topic names Item0000, Item0001, Item0002, ... (sorts properly up to 9999)
• DocIDAUTOINC10001 - start with DocID10001, DocID10002, ... (sorts properly up to 99999; auto-links)

Example link to create a new topic:
[[%SCRIPTURLPATH{edit}%/%WEB%/BugIDAUTOINC00001?templatetopic=BugTemplate;topicparent=%TOPIC%;t=%SERVERTIME{"$day$hour$min$sec"}%][Create new item]]


## Template topics in action

Here is an example for creating new topics (in the Sandbox web) based on a specific template topic and form:

New example topic:

The above form asks for a topic name. A hidden input tag named templatetopic specifies ExampleTopicTemplate as the template topic to use. Here is the HTML source of the form:

<form name="new" action="%SCRIPTURLPATH{edit}%/%SANDBOXWEB%/" method="post">
New example topic: <input type="text" name="topic" class="foswikiInputField" value="ExampleTopicAUTOINC0001" size="30" />&nbsp;<input type="submit" class="foswikiSubmit" value="Create" />
<input type="hidden" name="templatetopic" value="%SYSTEMWEB%.ExampleTopicTemplate" />
<input type="hidden" name="topicparent" value="%TOPIC%" />
<input type="hidden" name="onlywikiname" value="on" />
<input type="hidden" name="onlynewtopic" value="on" />
</form>


Note: You can create a topic in one step, without going through the edit screen. To do that, specify the save script instead of the edit script in the form action. When you specify the save script you must use the "post" method. Example:
<form name="new" action="%SCRIPTURLPATH{save}%/Sandbox/" method="post">
...
</form>


See CommandAndCGIScripts#edit for details of the parameters that the edit script understands.

You can use the %WIKIUSERNAME% and %DATE% macros in your template topics to include the signature of the person creating a new topic. The macros are expanded into fixed text when a new topic is created. The standard signature is:
-- %WIKIUSERNAME% - %DATE%

## Using absolute vs relative URLs in templates

When you use Macros such as %PUBURL% and %PUBURLPATH% in template topics you should be aware that using %PUBURL% instead of %PUBURLPATH% puts absolute URLs in the produced HTML. This means that when a user saves a page in HTML and emails the file to someone outside a company firewall, the receiver has a severe problem viewing it. It is therefore recommended always to use the %PUBURLPATH% to refer to images, CSS, Javascript files etc so links become relative. This way browsers just give up right away and show a usable html file.

# Skin Templates

The framework used to render output.

## Overview

Skin Templates are plain text with embedded template directives, macros and tokens that are expanded by Foswiki to build an output, usually HTML.

Skin templates are used when composing the output from all actions, such as view, edit, and preview. By sharing common template definitions between all these actions, it makes it easy to change the look and feel of all pages by editing just a few templates.

Skin templates are either stored as text files with the extension .tmpl in the templates/ directory, or in Foswiki topics.

Template directives are expanded when the template is loaded, and are used to define the general structure of the output. Macros and Template Tokens are expanded when the page is rendered, and fill in page-specific information.

Note that Macros and Tokens are written using the same syntax. See Macros for more information on macros.

Tokens look exactly like Macros, but they are specific for the script expanding the template, and cannot be used elsewhere in Foswiki. See SkinTemplateTokens for more information on tokens.

## How Template Directives Work

Template directives look a lot like standard macros.
• %TMPL:INCLUDE{"file"}% includes a template file. The file is found as described below.
• %TMPL:DEF{"name"}% defines a block. All text between this and the next %TMPL:END% directive is removed and saved for later use with %TMPL:P%.
• %TMPL:END% ends a block definition.
• %TMPL:PREV%: returns the previous definition of the block being defined.
• %TMPL:P{"name"}% includes a previously defined block.
• %{...}% is a comment. Whitespace either side of the comment (newlines, spaces, tabs etc) is treated as part of the comment, and removed when the comment is removed.
You can use a block before or after declaring it. If you define the same block twice, only the second definition is used.

Most template directives work only for templates: they do not get processed in normal topic text. The one exception is %TMPL:P.

### Parameters to blocks

%TMPL:DEF% and %TMPL:P% support simple parameters.

Parameters are only available in the immediate definition being included; they are not passed on to any other TMPL:P inside the TMPL:DEF being expanded unless they are passed on explicitly in a new parameter.

#### Block parameters

For example, we can define a parameter P inside a block:
%TMPL:DEF{"x"}% x%P%z %TMPL:END%

then pass a value to that parameter:
%TMPL:P{"x" P="y"}%

This will expand to xyz.

#### Naming

Any alphanumeric characters can be used in parameter names. TMPL:P parameters override any other possible definition of the name, so you should not use parameter names that might clash with Macros.

### Conditional expansion

Three parameter names, context, then and else are reserved. They are used to support a limited form of "if" condition that you can use to select which of two TMPL:DEF to expand, based on a context identifier:
%TMPL:DEF{"link_inactive"}%<input type="button" disabled value="Link>%TMPL:END%

When the inactive context is set, then this will expand the link_inactive TMPL:DEF; otherwise it will expand link_active.

This style of conditional expansion is used in preference to the %IF{} macro where possible because it is much more efficient.

See If Statements: Context identifiers for details of supported context identifiers.

### TMPL:INCLUDE recursion

You can use recursion with %TMPL:INCLUDE% for piecewise customisation, or mixing in new features.

If there is a recursion in the %TMPL:INCLUDE% chain (eg. view.tmpl contains %TMPL:INCLUDE{"view"}%), the templating system will detect that you are trying to include the same template again, and will instead include the next version of the template of that name that it finds in the template path.

For example, say you only want to override the breadcrumbs for the view script. You could create a tempate called view.crumbless.tmpl:
%TMPL:INCLUDE{"view"}%
%TMPL:DEF{"breadcrumb"}% We don't want any crumbs %TMPL:END%

and then * Set SKIN=crumbless,pattern

Remember: the template path contains the most specific template first.

Comments %{...}% are removed from the templates as soon as the file is read, before any other template macros are evaluated. Whitespace either side of the comment (newlines, spaces, tabs etc) is also removed.

## Finding Skin Templates

Most skin templates are stored in .tmpl files in the templates directory. For example, templates/view.tmpl is the default skin template file for the bin/view script. You can also save skin templates in user topics.

The {TemplatePath} configuration setting (in the Miscellaneous section of the configure page) defines which directories, files and Foswiki topics will be recognised as containing templates.

Skin templates that are loaded using %TMPL:INCLUDE with an explicit .tmpl extension are looked for only in the templates/ directory. For instance %TMPL:INCLUDE{"example.tmpl"}% will only return templates/example.tmpl, regardless of {TemplatePath} and SKIN settings.

All other templates are searched for using the {TemplatePath}. This is a list of generic name patterns, each of which contains the placeholders $name (the template name), $web (the web), and $skin (the skin), each standing in for part of the name. Each entry in this list is expanded in turn until the template is found. The rules defined by the out-of-the-box setting of {TemplatePath} are: 1. templates/$web/$name.$skin.tmpl
2. templates/$name.$skin.tmpl
3. $web.$skinSkin$nameTemplate 4. System.$skinSkin$nameTemplate 5. templates/$web/$name.tmpl 6. templates/$name.tmpl
7. $web.$nameTemplate
8. System.$nameTemplate For example, let's say we are viewing a topic in web Sandbox and are searching for the template called function. The skin path is set to custom,pattern. The following locations will be considered in turn, until a template is found: 1. templates/Sandbox/function.custom.tmpl (rule 1) 2. templates/Sandbox/function.pattern.tmpl (rule 1) 3. templates/function.custom.tmpl (rule 2) 4. templates/function.pattern.tmpl (rule 2) 5. Sandbox.CustomSkinFunctionTemplate (rule 3) 6. Sandbox.PatternSkinFunctionTemplate (rule 3) 7. System.CustomSkinFunctionTemplate (rule 4) 8. System.PatternSkinFunctionTemplate (rule 4) 9. templates/Sandbox/function.tmpl (rule 5) 10. templates/function.tmpl (rule 6) 11. Sandbox.FunctionTemplate (rule 7) 12. System.FunctionTemplate (rule 8) This usage is supported for compatibility only and is deprecated. Store web-specific templates in topics instead. When a skin name or template name is used to build a topic name, the first character is automatically capitalised. The skin path is set as described in Skins. Template file names are usually derived from the name of the currently executing script; however it is also possible to override these settings in the view and edit scripts, for example when a topic-specific template is required. Two preference settings can be used to override the skin templates used: • VIEW_TEMPLATE sets the template to be used for viewing a topic. • EDIT_TEMPLATE sets the template for editing a topic. If these preferences are set then the indicated templates will be chosen for view and edit respectively. The template search order remains as specified above. ### Security and usability Setting the {TemplatePath} is a compromise between the often opposing goals of security and usability. From a security perspective, allowing templates to be loaded from topics might open a door to people who want to inject their own evil HTML in those topics. From a usability perspective, it's very desireable to be able to override templates from topics, as it vastly increases the range of wiki applications. The default {TemplatePath} comes down on the side of usability, by allowing templates from topics to be found before templates from the (more secure) templates directory. If you are particularly security concious, you may want to reverse this order, so that templates in templates/ are always found before those in topics. You can do this by simply moving rules 3 and 7 to the end of the list. Note that topics containing templates are checked for VIEW access using the normal Foswiki access controls. Any access control failure is silently ignored, and the template path expansion continues. ## Developing new templates ### Debugging When writing new templates, it can sometimes it can be hard to work out where different parts of the generated output come from. To help you debug your new templates, the Foswiki::Templates module has a "trace" mode. In this mode, the output is annotated with HTML comments that are wrapped around the output generated by each template, as it is expanded. For example, when trace mode is off, %TMPL:DEF{"x:y"}% de %TMPL:END% blah %TMPL:P{"x:y"}% blah  will expand to: blah de blah  With tracing enabled, it will expand to: blah <!--x:y--> de <!--/x:y--> blah  To enable the trace mode, edit lib/Foswiki/Templates.pm in your installation and change use constant TRACE => 0 to use constant TRACE => 1. Note that the trace annotations may make your output look strange. However you can usually "view source" in the browser to see what was generated (or you may be able to run the script from the command-line e.g. cd bin; perl -T -I . view topic=MyWeb.MyTopic skin=mynewskin). Don't forget to switch the trace mode off again when you are finished! ### Overview of the default templates Finally, here's a very high-level overview of the default templates. These templates are rarely used on their own, but are used as the base on which skins, such as PatternSkin, are built. foswiki.tmpl is the default master template. The main purpose of this template is to instantiate the following blocks: • htmldoctype - start of all HTML pages • bodystart - start of the body tag • main - page content • bodyend - end of the page Default definitions are provided for each of these blocks. foswiki.tmpl is never used on its own, but is frequently included by other templates. Next, there are a number of action-specific templates, such as view.tmpl, edit.tmpl, login.tmpl. These are the templates loaded by the actions of the same name. Their purpose is to include foswiki.tmpl, and provide new, page-specific, definitions of the blocks described above. Several of the action-specific templates have skinned versions, such as view.print.tmpl and view.text.tmpl. These skinned versions are used to view the page in a specific way - for printing, or as plain text, for example. messages.tmpl is an important template; it provides the basic definitions of all error and warning messages that Foswiki issues. These are defined using the %MAKETEXT macro to simplify translation into different languages. attachtables.tmpl is another template worthy of separate mention. This template defines the different parts of the page that are involved in displaying tables of attachments. The blocks defined in this template are instantiated directly from code, rather than via %TMPL:P. The remainder of the templates are used for varying purposes; their names, or introductory comments, should clarify. A skin can provide a new version of any or all of these templates, depending on the depth of customisation. See the template files named *.pattern.* to see what PatternSkin defines. Related Topics: Skins Macros JavascriptFiles Back to top # Foswiki Skins Skins overlay regular templates to give different looks and feels to Foswiki screens. ## Overview Foswiki uses skin templates as the basis of all the screens it uses to interact with users. Each screen has an associated template file that contains the basic layout of the screen. This is then filled in by the code to generate what you see in the browser. Foswiki ships with a default set of template files that give a very basic, CSS-themable, look-and-feel. Foswiki also includes support for skins that can be selected to give different, more sophisticated, look and feel. A default Foswiki installation will usually start up with the PatternSkin already selected. Skins may also be defined by third parties and loaded into a Foswiki installation to give more options. To see how Foswiki looks when no skin is selected, view this topic with a non-existant skin. Topic text is not affected by the choice of skin, though a skin can be defined to use a CSS (Cascading Style Sheet), which can sometimes give a radically different appearance to the text. ## Changing the default skin Foswiki by default ships with the PatternSkin activated. You can set the skin for the whole site (via Main.SitePreferences), a single web (via its WebPreferences topic) or topic, for each user individually, or even per request - see Activating Skins below for more details. ## Defining Skins You may want to define your own skin, for example to comply with corporate web guidelines, or because you have a aesthetic vision that you want to share. There are a couple of places you can start doing this. Skin templates are located by looking at a list of possible locations, including topics and files in the templates directory. The lookup process is configurable, and is described in SkinTemplates#FindingTemplates. You can choose to define your skin entirely in topics, entirely in files in templates, or in a mixture of both. The easiest way to start creating a new skin is to layer it over an existing skin, only overriding those parts of the existing skin that you want to customise. Foswiki can be configured to fall back to another skin if a template is not defined in your skin. A custom skin can be as small as one file! Most skins, even those that look radically different to the default, use this layering approach, by basing themselves on the default skin templates (those template files with no skin name e.g view.tmpl, edit.tmpl etc). These templates provide a minimal interface that is easy to understand and build on. Another advantage of this approach is that if new features are exposed in the default templates, your skin has a chance to pick them up "for free". If you use PatternSkin as your starting point, and you want to modify the layout, colors or even the templates to suit your own needs, have a look first at the topics PatternSkinCustomization and PatternSkinCssCookbook. These topics also provide practical instructions how to create custom skin template files. Note: Don't call your skin text or rss as these two skin names have reserved meanings, see below at hard-coded meanings. The following template names are used for Foswiki screens, and are referenced in the Foswiki core code. If a skin doesn't define its own version of a template file, then Foswiki will fall back to the next skin in the skin path, or finally, to the default version of the template file. (Certain template files are expected to provide certain TMPL:DEFs - these are listed in sub-bullets) • addform - used to select a new form for a topic • attachagain - used when refreshing an existing attachment • attachnew - used when attaching a new file to a topic • attachtables - defines the format of attachments at the bottom of the standard topic view • ATTACH:files:footer, ATTACH:files:header, ATTACH:files:row, ATTACH:versions:footer, ATTACH:versions:header, ATTACH:versions:row • changeform - used to change the form in a topic • changes - used by the changes script • edit - used for the edit screen • form • formtables - used to defined the format of forms • FORM:display:footer, FORM:display:header, FORM:display:row • login - used for loggin in when using the TemplateLoginManager • LOG_IN, LOG_IN_BANNER, LOG_OUT, LOGGED_IN_BANNER, NEW_USER_NOTE, UNRECOGNISED_USER • moveattachment - used when moving an attachment • oopsaccessdenied - used to format Access Denied messages • no_such_topic, no_such_web, only_group, topic_access • oopsattention - used to format Attention messages • already_exists, bad_email, bad_ver_code, bad_wikiname, base_web_missing, confirm, created_web, delete_err, invalid_web_color, invalid_web_name, in_a_group, mandatory_field, merge_notice, missing_action, missing_fields, move_err, missing_action, no_form_def, no_users_to_reset, not_a_user, oversized_upload, password_changed, password_mismatch, problem_adding, remove_user_done, rename_err, rename_not_wikiword, rename_topic_exists, rename_web_err, rename_web_exists, rename_web_prerequisites, reset_bad, reset_ok, save_error, send_mail_error, thanks, topic_exists, unrecognized_action, upload_name_changed, web_creation_error, web_exists, web_missing, wrong_password, zero_size_upload • oopsgeneric - a basic dialog for user information; provides "ok" button only • oopslanguagechanged - used to confirm a new language when internationalisation is enabled • oopsleaseconflict - used to format lease Conflict messages • lease_active, lease_old • preview - used for previewing edited topics before saving • rdiff - used for viewing topic differences • registernotify - used by the user registration system • registernotifyadmin - used by the user registration system • rename - used when renaming a topic • renameconfirm - used when renaming a topic • renamedelete - used when renaming a topic • renameweb - used when renaming a web • renamewebconfirm - used when renaming a web • renamewebdelete - used when renaming a web • searchbookview - used to format search results in book view • searchformat - used to format search results • search - used to format inline search results if no formatting is specified • settings • view - used by the view CGI script • viewprint - used to create the printable view foswiki.tmpl is a master template conventionally used by other templates, but not used directly by code. Note: Make sure templates do not end with a newline. Any newline will expand to an empty <p /> in the generated html. It will produce invalid html, and may break the page layout. ### Partial customisation, or adding in new features to an existing skin You can use recursion in the TMPL:INCLUDE chain. For example, if view.tmpl contains %TMPL:INCLUDE{"foswiki"}%, the templating system will include the next SKIN in the skin path. To create a customisation of the Pattern skin, where you only want to remove the edit & WYSIWYG buttons from the view screen, you create only a view.yourlocal.tmpl: %TMPL:INCLUDE{"view"}% %TMPL:DEF{"edit_topic_link"}%%TMPL:END% %TMPL:DEF{"edit_wysiwyg_link"}%%TMPL:END%  and then set SKIN=yourlocal,pattern in Main.SitePreferences, a particular web's WebPreferences, or in an individual topic, depending on the desired scope of the skin. ## Settings in Skins You can use template directives, ordinary macros, and other predefined settings in your skins. Some commonly used macros in skins: Macro: Expanded to: %WEBLOGONAME% Filename of web logo %WEBLOGOIMG% Image URL of web logo %WEBLOGOURL% Link of web logo %WEBLOGOALT% Alt text of web logo %WIKILOGOURL% Link of page logo %WIKILOGOIMG% Image URL of page logo %WIKILOGOALT% Alt text of page logo %WEBBGCOLOR% Web-specific background color, defined in the WebPreferences %WIKITOOLNAME% The name of your Foswiki site %SCRIPTURL% The script URL of Foswiki %SCRIPTURLPATH% The script URL path %SCRIPTSUFFIX% The script suffix, ex: .pl, .cgi %WEB% The name of the current web. %TOPIC% The name of the current topic. %WEBTOPICLIST% Common links of current web, defined in the WebPreferences. It includes a Go box %TEXT% The topic text, e.g. the content that can be edited %QUERY{"form.name"}% DataForm, if any %QUERY{"attachments.name"}% FileAttachment list %QUERY{"parent.name"}% The topic parent %EDITTOPIC% Edit link %REVTITLE% The revision title, if any, ex: (r1.6) %REVINFO% Revision info, ex: r1.6 - 24 Dec 2002 - 08:12 GMT - Main.WikiGuest %WEBCOPYRIGHT% Copyright notice, defined in the WebPreferences %BROADCASTMESSAGE% Broadcast message at the beginning of your view template, can be used to alert users of scheduled downtimes; can be set in Main.SitePreferences ## Using Cascading Style Sheets CSS files are gererally attachments to the skin topic that are included in the skin templates - in the case of PatternSkin in the template css.pattern.tmpl. • General documentation of CSS classes: AppendixCascadingStyleSheets • To see how CSS is used in the default Foswiki skin, see: PatternSkin • If you write a complete new skin, this is the syntax to use in a template file: %ADDTOZONE{ "head" id="MySkin/mystyle" text=" <style type='text/css' media='all'> @import url('%PUBURLPATH%/%SYSTEMWEB%/MySkin/mystyle.css'); </style>" }%  See ADDTOZONE ## Skin parts ### The "Go" Box and Navigation Box The default skins include a "Go" box, also called "Jump" box, to jump to a topic. The box also understands URLs, e.g. you can type http://www.google.com/ to jump to an external web site. The feature is handy if you build a skin that has a select box of frequently used links, like Intranet home, employee database, sales database and such. A little JavaScript gets into action on the onchange method of the select tag to fill the selected URL into the "Go" box field, then submits the form. Here is an example form that has a select box and the "Go" box for illustration purposes. You need to have JavaScript enabled for this to work:  Bare bones header, for demo only Navigate: chooseIntranet homeEmployee indexMain webSystem webGoogleYahoo! Jump: Note: Redirect to a URL only works if it is enabled in configure (Miscellaneous, {AllowRedirectUrl}). ### FLASHNOTE Notifications PatternSkin has a notification message display using the variable FLASHNOTE. For example: • Set FLASHNOTE = Skins documentation See the alert at the top of this topic. While this feature is not yet used by the system, it might be a good idea to already prepare your skin. ### Attachment Tables Controlling the look and feel of attachment tables is a little bit more complex than for the rest of a skin. By default, the attachment table is a standard Foswiki table, and the look is controlled in the same way as other tables. In a very few cases you may want to change the content of the table as well. The format of standard attachment tables is defined through the use of special template directives which by default, are defined in the attachtables.tmpl template using the %TMPL:DEF directive syntax described in SkinTemplates. These macros are: Macro Description ATTACH:files:header Standard title bar ATTACH:files:row Standard row ATTACH:files:footer Footer for all screens ATTACH:files:header:A Title bar for upload screens, with attributes column ATTACH:files:row:A Row for upload screen ATTACH:files:footer:A Footer for all screens The format of tables of file versions in the Upload screen can also be changed, using the macros: Macro Description ATTACH:versions:header Header for versions table on upload screen ATTACH:versions:row Row format for versions table on upload screen ATTACH:versions:footer Footer for versions table on upload screen The ATTACH:row macros are expanded for each file in the attachment table, using the following special tags: Tag Description %A_URL% viewfile URL that will recover the file %A_REV% Revision of this file %A_ICON% A file icon suitable for representing the attachment content %A_FILE% The name of the file. To get the 'pub' url of the file, use %PUBURL%/%WEB%/%TOPIC%/%A_FILE% %A_SIZE% The size of the file %A_DATE% The date the file was uploaded %A_USER% The user who uploaded it %A_COMMENT% The comment they put in when uploading it %A_ATTRS% The attributes of the file as seen on the upload screen e.g "h" for a hidden file ## Packaging and Publishing Skins See Foswiki:Development/ExtensionDeveloperGuide For your own skin you are encouraged to show a small 88x31 pixel logo at the bottom of your skin: <a href="http://foswiki.org/"> <img src="%PUBURL%/%SYSTEMWEB%/ProjectLogos/foswiki-badge.gif"\ alt="Powered by Foswiki" width="88" height="31"\ title="Powered by Foswiki" border="0" /> </a> Generating: The standard Foswiki skins show the logo in the %WEBCOPYRIGHT%. ## Browsing Installed Skins You can try out all installed skins in the SkinBrowser. ## Activating Skins Foswiki uses a skin search path, which lets you combine skins additively. The skin path is defined using a combination of preference settings and URL parameters. Foswiki works by asking for a template for a particular function - for example, 'view'. The detail of how templates are searched for is described in SkinTemplates, but in summary, the templates directory is searched for a file called view.skin.tmpl, where skin is the name of the skin e.g. pattern. If no template is found, then the fallback is to use view.tmpl. Each skin on the path is searched for in turn. For example, if you have set the skin path to local,pattern then view.local.tmpl will be searched for first, then view.pattern.tmpl and finally view.tmpl. The basic skin is defined by the SKIN preference:  * Set SKIN = catskin, bearskin You can override this using the URL parameter skin, such as ?skin=catskin,bearskin: Setting the ?skin parameter in the URL replaces the existing skin path setting for the current request only. You can also extend the existing skin path using covers:  * Set COVER = ruskin This pushes a different skin to the front of the skin search path, so the final skin path will be ruskin, catskin, bearskin. There is also a cover URL parameter that can be used to push yet more skin names in front of the COVER preference. So the final value of the skin path is given by: 1. value of the cover url parameter 2. value of the COVER preference 3. value of the skin url parameter, if it is non-null 4. value of the SKIN preference, if the skin url parameter is not given For example, if we have  * Set SKIN = muscle,bone * Set COVER = epidermis and a URL with the parameter ?cover=hair,dermis then the final skin path will be hair, dermis, epidermis, muscle, bone. Or we might specify a skin url parameter, ?skin=flesh. With the same preferences this will set the skin path epidermis, flesh. Note that you cannot use the cover url parameter to remove a skin applied by the COVER preference. Once a COVER preference is defined, it is always applied. ## Hard-Coded Skins The text skin is reserved for Foswiki internal use. Skin names starting with rss also have a special meaning; if one or more of the skins in the skin path starts with 'rss' then 8-bit characters will be encoded as XML entities in the output, and the content-type header will be forced to text/xml. Related Topics: SkinTemplates, SkinBrowser, AdminDocumentationCategory, DeveloperDocumentationCategory Back to top # Meta data Additional data, Foswiki-generated or from forms, may be embedded in the topic text using META: macros ## Overview The default store engines store topics in plain-text files on disk, in a simple and obvious directory structure. The big advantage of this approach is that it makes it very easy to manipulate topics from outside Foswiki, and it is also very robust; there are no complex binary indexes to maintain, and moving a topic from one installation to another is as simple as copying a couple of text files. To keep everything together in one place, meta-data (Foswiki-generated or from forms) is embedded directly in topics, using special macros. These macros are easy to spot, as they all start with the reserved META: prefix. META: data includes information such as file attachments, topic movement history, and form field values. For efficiency reasons, the topic history is not stored in this meta-data, but is expected to be implemented elsewhere by the store engine. ## Meta data syntax • Format is the same as for any other macros except that each meta-data macro must be on a line on its own. • %META:<type>{key1="value1" key2="value2" ...}% • The characters %"\r\n{} are encoded in argument values, using the standard URL encoding. • Meta-data is divided into core meta-data, described below, and extension meta-data, which shares the same syntax but is used by extensions. • Dates are stored as "epoch times" i.e. the integer number of seconds since 1st January 1970. Example of core meta-data %META:TOPICINFO{version="6" date="976762663" author="LastEditor" format="1.0"}% text of the topic %META:TOPICMOVED{from="Real.SecretAgents" to="Hollywood.SecretAgents" by="CoverUp" date="976762680"}% %META:TOPICPARENT{name="MilitaryIntelligence5"}% %META:FILEATTACHMENT{name="CV.txt" version="3" ... }% %META:FILEATTACHMENT{name="Photo.gif" version="1" ... }% %META:FORM{name="SecretAgentForm"}% %META:FIELD{name="ChosenWeapon" value="Beretta"}% %META:FIELD{name="Paramour" value="PussyGalore"}% %META:PREFERENCE{name="ALLOWTOPICCHANGE" value="JamesBond"}% %META:PREFERENCE{name="DENYTOPICVIEW" value="ErnstBlofeld"}%  ## Core meta-data The following meta-data macros are supported by the Foswiki core. Other macros may be used by extensions; see the extension documentation for more details. The core will read and write these extension macros, but will otherwise ignore them. Some fields are required by macros, while others are optional. Required fields are marked with a %REG% symbol. The %REG% character is not part of the attribute name. ### META:TOPICINFO This macro caches some of the information that would normally be derived from the underlying store engine. It does this for efficiency reasons. Key Comment author%REG% Canonical user identifier of last user to change the topic. The exact format of this depends on the user mapping manager. version Topic version; a plain integer. date epoch time format Format of this topic, will be used for automatic format conversion reprev Set when a revision is overwritten by the same author within the {ReplaceIfEditedAgainWithin} window (set in configure ). If reprev is the same as version, it prevents Foswiki from attempting to do a 3-way merge when merging overlapping edits by two different users. Note that the version and date fields are advisory only and cannot be trusted. This is because processes outside of Foswiki's control may write topic files without maintaining these fields. ### META:TOPICMOVED This only exists if the topic has been moved. If a topic is moved more than once, only the most recent META:TOPICMOVED meta datum exists in the topic. Older ones can to be found in the topic history. %META:TOPICMOVED{from="Real.SecretAgents" to="Hollywood.SecretAgents" by="CoverUp" date="976762680"}% Key Comment from%REG% Full name, i.e., web.topic to%REG% Full name, i.e., web.topic by%REG% Canonical user identifier of who moved the topic. The exact format of this depends on the user mapping manager. date%REG% epoch time Notes: • the moved version numbers can be deduced from the topic history. ### META:TOPICPARENT The topic from which this topic was created, typically when clicking on a ? question mark link, or by filling out a form. The topic parent may also be manipulated in the user interface. Key Comment name%REG% Normally just TopicName, but it can be a full Web.TopicName format if the parent is in a different Web. ### META:FILEATTACHMENT Reference to a file attached to this topic. Key Comment name%REG% Name of file, no path. Must be unique within topic version An integer path Full path file was loaded from size In bytes date epoch time when the file was attached user Canonical user identifier of user who uploaded the attachment. The exact format of this depends on the user mapping manager. comment As supplied when file uploaded attr h if hidden, optional Extra fields that are added if an attachment is moved: Key Comment movedfrom full topic name - web.topic.filename movedby Canonical user identifier of user who moved the attachment. The exact format of this depends on the user mapping manager. movedto full topic name - web.topic.filename movedwhen epoch time ### META:FORM Key Comment name%REG% The name of the topic containing the form definition. Can optionally include the web name (i.e., web.topic), but doesn't normally ### META:FIELD Should only be present if there is a META:FORM entry. Key Name name%REG% Ties to entry in the form definition. This is the title with all characters except alphanumerics and . removed value%REG% Value user has supplied via form title Full text from the form definition ### META:PREFERENCE Out-of-band preference. Key Name name%REG% Preference name value%REG% Preference value type Set or Local (Set is the default) There is no absolute need for meta-data macros to be listed in a specific order within a topic, but it makes sense to do so, because form fields are displayed in the order they are defined when the topic is viewed. The recommended sequence is: • META:TOPICINFO • META:TOPICPARENT (optional) • text of topic • META:TOPICMOVED (optional) • META:FILEATTACHMENT (0 or more entries) • META:FORM (optional) • META:FIELD (0 or more entries; FORM required) • META:PREFERENCE (0 or more entries) ## Viewing meta-data embedded in page source You can append the raw=debug parameter to the URL to view the topic text with embedded meta-data, e.g: debug view for this topic. raw=all lets you view the topic source as plain text, e.g: plain text view for this topic. ## Including meta data in viewed topics ### %META Meta-data belonging to the viewed topic can be included in the view using the %META macro. See VarMETA for details. ### %FORMFIELD The %FORMFIELD macro lets you inspect the values of form field meta-data in other topics. See VarFORMFIELD for details. ### %SEARCH %SEARCH can also be used to extract meta data. See VarSEARCH and the examples in FormattedSearch and SearchPatternCookbook. ## Extending meta-data in Extensions Extensions can extend meta-data with information of their own. See Foswiki::Func for more information. Related Topics: DeveloperDocumentationCategory Back to top # Add-Ons Add functionality with extensions not based on the Foswiki scripts. ## Overview An add-on runs separately from the Foswiki scripts, e.g. for data import, export to static HTML, etc. Add-Ons normally do not call any Foswiki code directly, though may invoke Foswiki scripts. There are different types of add-ons, they may be stand alone scripts, browser plugins, office tool extensions, or even a set of topics that form a wiki application. See other types of extensions: Contribs, Plugins, Skins ## Add-Ons Installed on this site Number of topics: 1 ## Installing Add-Ons • Download an add-on from Foswiki:Extensions. • Follow the installation instructions in the add-on topic. ## Creating new Add-Ons Back to top # Foswiki Contribs Extensions to Foswiki that are not plugins ## Overview The term "Contrib" is used to refer to any package that is not just a simple plugin. Foswiki contribs may • extend the functionality of Foswiki, in a lower-level way than plugins, • or provide alternative implementations for sections of the Foswiki core e.g. user management, or when an extension just can't be implemented as a plugin because it requires very close access to Foswiki internals, • or they might provide other files that Foswiki uses, for example language files, • or they might be packages of topics that implement a "Wiki Application", using the wiki macro language, TML. Relevant links on Foswiki.org: See other types of extensions: ContributedAddOns, Plugins, Skins ## Foswiki Contribs Installed on this site Number of topics: 8 ## Installing Contribs • Use configure to browse to the list of extensions available from Foswiki.org • Or, download an extension package from some other source, and unzip it • Follow the installation instructions in the contrib topic. Back to top # Foswiki Plugins Extensions that use a simple API to talk to Foswiki ## Overview You can add plugins to extend Foswiki functionality without altering the core code. A plug-in approach lets you: • add virtually unlimited features while keeping the main Foswiki code compact and efficient; • heavily customize an installation and still do clean updates to new versions of Foswiki; • rapidly develop new Foswiki functions in Perl using the plugin API. Everything to do with Foswiki plugins - demos, new releases, downloads, development, general discussion - is available at Foswiki.org, in the Foswiki:Extensions web. Foswiki plugins are developed and contributed by interested members of the community. Plugins are provided on an 'as is' basis; they are not a part of Foswiki, but are independently developed and maintained. Most TWiki® plugins can also be used with Foswiki if the TWikiCompatibilityPlugin is installed. See other types of extensions: Contribs, Skins See InstalledPlugins for a list of plugins installed on this site. ## Installing Plugins Each plugin comes with its own documentation page, which includes step-by-step installation instructions, a detailed description of any special requirements, and version details. Many also have a worked example for testing. The easiest way to install plugins is to use the configure interface. However you can also install plugins from the command-line. Every plugin comes with installation instructions. Each plugin has a standard release topic, located in the Foswiki:Extensions web at Foswiki.org. There's usually a number of other related topics, such as a developers page, and an appraisal page. After installation, a copy of this page will be installed to your System web. If you install a plugin and it doesn't seem to work, then you can get information on all the installed plugins that may help to resolve the issue. Failing that, you may want to check your webserver error log and the various Foswiki log files, and any notes in the support topic for the plugin (linked from the plugin front page). ### Some Notes on Plugin Performance The performance of the system depends to some extent on the number of plugins installed and on the plugin implementation. Some plugins impose no measurable performance decrease, some do. For example, a Plugin might use many Perl libraries that need to be initialized with each page view (unless you run mod_perl). You can only really tell the performance impact by installing the plugin and by measuring the performance with and without the new plugin, on real data. If you need to install an "expensive" plugin, but you only need its functionality only in a subset of your data, you can disable it elsewhere by defining the %DISABLEDPLUGINS% setting. Define DISABLEDPLUGINS to be a comma-separated list of names of plugins to disable. Define it in Main.SitePreferences to disable those plugins everywhere, in the WebPreferences topic to disable them in an individual web, or in a topic to disable them in that topic. For example,  * Set DISABLEDPLUGINS = SpreadSheetPlugin, EditTablePlugin  ## Managing Installed Plugins Some plugins require additional settings or offer extra options that you have to select. Also, you may want to make a plugin available only in certain webs, or temporarily disable it. And may want to list all available plugins in certain topics. You can handle all of these management tasks with simple procedures: ### Listing Active Plugins Plugin status macros let you list all active plugins wherever needed. This site is running Foswiki version v2.1.6, plugin API version 2.4 • %ACTIVATEDPLUGINS% - shows the activated plugins • %PLUGINVERSION% - shows the plugins API version • %FAILEDPLUGINS% - shows what plugins failed, and why ### Enabling Plugins Plugins can be enabled and disabled with the configure script. An installed plugin needs to be enabled before it can be used. Plugins can also be selectively disabled again using the DISABLED_PLUGINS preference, as described above. ### Plugin Evaluation Order By default, plugins are executed in alphabetical order of plugin name. It is possible to change the order, for example to evaluate database macros before the spreadsheet CALCs, using the {PluginsOrder} in the Extensions section of configure. ### Plugin-Specific Settings Some plugins are configured with plugin preference settings, some with configure settings, and some with both. The plugin topic will contain details. configure settings are accessible though the configure interface. Note that some older plugins use preference settings defined in the plugin topic. For example, the (fictional) BathPlugin topic might contain: • Set ELECTRIC = on This setting defines the default value for the preference BATHPLUGIN_ELECTRIC. You should never edit the BathPlugin topic to change this setting; instead, override the setting by defining BATHPLUGIN_ELECTRIC as described in preference settings. ## Developing your own plugins Developing plugins provides a simple introduction to hooking into Foswiki code from your own Perl modules. Foswiki:Development.GettingStarted is the starting point for more comprehensive documentation. Back to top # Developing Plugins The usual way Foswiki is extended is by writing a Plugin. Plugins extend Foswiki by providing functions that 'listen' to events in the Foswiki core, and handling these events. These functions are called "Plugin Handlers" and they are described in depth in EmptyPlugin ( lib/Foswiki/Plugins/EmptyPlugin.pm ). ## The 3048m view of how Foswiki works Foswiki is a web application that runs inside a web server. When the web server receives a request that it recognises as being for Foswiki, it calls one of the perl scripts in the Foswiki bin directory. Each of the scripts has a specific function, as described in command and CGI scripts. The scripts are responsible for interpreting the parameters passed in the request, and generating a response that is sent back to the browser, usually in the form of an HTML page. Foswiki contains three engines that are used by the scripts; the template engine, the macro engine, and the TML engine. 1. The template engine reads predefined templates from files on the server. These templates contain directives that are expanded by the engine to create the output HTML skeleton. One of these directives expands to the topic text. 2. The macro engine then expands the macros in the skeleton. This is also where macros registered by plugins are expanded. • Macros, including those registered by plugins, are processed in a strict left-right-inside-out processing order. See macros for more details. • Macros include things like searches, so this is usually the slowest part of generating a page. 3. The TML (Topic Markup Language) engine now processes the expanded text, looking for TML constructs such as bulleted lists and tables. It generates HTML for these constructs. Once all the engines have run, the output is sent to the browser. There are several ways plugins can interact with this process. 1. They can register macros that are expanded by the macro engine. This is the simplest kind of plugin. 2. The can interact with various points in the rendering pipeline by implementing handlers (callbacks). 3. They can register REST handlers that are invoked via the rest script to support some form of transaction outside those supported by the standard scripts. ## APIs available to Extensions To be robust, extensions must avoid using any unpublished functionality from the Foswiki core. The following perl packages give access to features for extension authors. These APIs are not just for Plugins, they can be used in any type of extension. Click on the name of the package to see the full documentation. • Foswiki::Func - this is the package you will use most. This package exposes a lot of core functionality in a way that is friendly to extension writers. If you find that there are two ways of doing something - a Foswiki::Func way, and another call to one of the packages below, then the Foswiki::Func way is almost always the right way. • Foswiki::Meta - topic and web meta-data. Certain Foswiki::Func methods, and some plugin handlers, are passed (or return) objects of this type. Almost all of the methods of Foswiki::Meta have analagous methods in Foswiki::Func - in general you should call the Foswiki::Func methods in preference to calling Foswiki::Meta methods directly. • Foswiki::OopsException - special exception for invoking the 'oops' script • Foswiki::AccessControlException - access control exception • Foswiki::Attrs - parser and storage object for macro parameters • Foswiki::Time - time parsing and formatting • Foswiki::Sandbox - safe server-side program execution, used for calling external programs. • Iterators - these are classes that implement the Foswiki::Iterator specification • Foswiki::ListIterator - utility class for iterator objects that iterate over list contents • Foswiki::LineIterator - utility class for iterator objects that iterate over lines in a block of text • Foswiki::AggregateIterator - utility class for iterator objects that aggregate other iterators into a single iteration In addition the following global variables may be referred to: • $Foswiki::Plugins::VERSION - plugin handler API version number
• $Foswiki::Plugins::SESSION - reference to Foswiki singleton object • $Foswiki::cfg - reference to configuration hash
• $Foswiki::regex - see Standard Regular Expressions, below Foswiki:Development.GettingStarted is the starting point for more comprehensive documentation on developing for Foswiki. Note: the APIs are available to all extensions, but rely on a Foswiki singleton object having been created before the APIs can be used. This will only be a problem if you are writing an extension that doesn't use the standard initialisation sequence. ### Standard Regular Expressions A number of standard regular expressions are available for use in extensions, in the $Foswiki::regex hash. these regular expressions are precompiled in an I18N-compatible manner. The following are guaranteed to be present. Others may exist, but their use is unsupported and they may be removed in future Foswiki versions.

In the table below, the expression marked type 'String' are intended for use within character classes (i.e. for use within square brackets inside a regular expression), for example:
   my $isCapitalizedWord = ($s =~ /[$Foswiki::regex{upperAlpha}][$Foswiki::regex{mixedAlpha}]+/ );

Those expressions marked type 'RE' are precompiled regular expressions that can be used outside square brackets. For example:
   my $isWebName = ($s =~ m/$Foswiki::regex{webNameRegex}/ );  Name Matches Type upperAlpha Upper case characters String upperAlphaNum Upper case characters and digits String lowerAlpha Lower case characters String lowerAlphaNum Lower case characters and digits String numeric Digits String mixedAlpha Alphabetic characters String mixedAlphaNum Alphanumeric characters String wikiWordRegex WikiWords RE webNameRegex User web names RE topicNameRegex Topic names RE anchorRegex #AnchorNames RE abbrevRegex Abbreviations/Acronyms e.g. GOV, IRS RE emailAddrRegex email@address.com RE tagNameRegex Standard macro names e.g. %THIS_BIT% (THIS_BIT only) RE ## Creating New Plugins With a reasonable knowledge of the Perl scripting language, you can create new plugins or modify and extend existing ones. ### Anatomy of a Plugin A (very) basic Foswiki plugin consists of two files: • a Perl module, e.g. lib/Foswiki/Plugins/MyFirstPlugin.pm • a documentation topic, e.g. MyFirstPlugin.txt The Perl module can invoke other, non-Foswiki, elements, like other Perl modules (including other plugins), graphics, external applications, or just about anything else that Perl can call. The plugin API handles the details of connecting your Perl module with the Foswiki core. The Foswiki:Extensions.BuildContrib module provides a lot of support for plugins development, including a plugin creator, automatic publishing support, and automatic installation script writer. If you plan on writing more than one plugin, you probably need it. ### Creating the Perl Module Copy file lib/Foswiki/Plugins/EmptyPlugin.pm to <name>Plugin.pm. The EmptyPlugin does nothing, but it contains all the information you need to create you own custom plugin. ### Writing the Documentation Topic The plugin documentation topic contains usage instructions and version details. (The doc topic is also included in the distribution package.) To create a documentation topic: 1. Copy the plugin topic template from EmptyPlugin 2. Customize your plugin topic. • Important: In case you plan to publish your plugin on Foswiki.org, use Interwiki names for author names and links to Foswiki.org topics, such as Foswiki:Main/WikiGuest. This is important because links should work properly in a plugin topic installed on any Foswiki, not just on Foswiki.org. 3. Save your topic, for use in packaging and publishing your plugin. OUTLINE: Doc Topic Contents Check the plugins web on Foswiki.org for the latest plugin doc topic template. Here's a quick overview of what's covered: Syntax Rules: <Describe any special text formatting that will be rendered.>" Example: <Include an example of the plugin in action. Possibly include a static HTML version of the example to compare if the installation was a success!>" Plugin Settings: <Description and settings for custom plugin settings, and those required by Foswiki.>" • Plugins Preferences <If user settings are needed, link to preference settings and explain the role of the plugin name prefix Plugin Installation Instructions: <Step-by-step set-up guide, user help, whatever it takes to install and run, goes here.>" Plugin Info: <Version, credits, history, requirements - entered in a form, displayed as a table. Both are automatically generated when you create or edit a page in the Foswiki:Extensions web.> ### Packaging for Distribution The Foswiki:Extensions.BuildContrib is a powerful build environment that is used by the Foswiki project to build Foswiki itself, as well as many of the plugins. You don't have to use it, but it is highly recommended! If you don't want to (or can't) use the BuildContrib, then a minimum plugin release consists of a Perl module with a WikiName that ends in Plugin, ex: MyFirstPlugin.pm, and a documentation page with the same name(MyFirstPlugin.txt). 1. Distribute the plugin files in a directory structure that mirrors Foswiki. If your plugin uses additional files, include them all: • lib/Foswiki/Plugins/MyFirstPlugin.pm • data/Foswiki/MyFirstPlugin.txt • pub/Foswiki/MyFirstPlugin/uparrow.gif [a required graphic] 2. Create a zip archive with the plugin name (MyFirstPlugin.zip) and add the entire directory structure from Step 1. The archive should look like this: • lib/Foswiki/Plugins/MyFirstPlugin.pm • data/Foswiki/MyFirstPlugin.txt • pub/Foswiki/MyFirstPlugin/uparrow.gif ### Publishing for Public Use You can release your tested, packaged plugin to the Foswiki community through the Foswiki:Extensions web. All plugins submitted to Foswiki.org are available for public download and further development. Publish your plugin by following these steps: 1. Post the plugin documentation topic to the Foswiki:Extensions web 2. Attach the distribution zip file(s) to the topic, eg: MyFirstPlugin.zip 3. Add a user support hub by visiting Foswiki:Support.CreateNewSupportHub 4. Optionally, check in the sources to the Foswiki subversion repository (see Foswiki:Development.HowToStartExtensionDevelopmentInSubversion) Once you have done the above steps once, you can use the BuildContrib to upload updates to your plugin. Thank you very much for sharing your plugin with the Foswiki community ## Hints on Writing Fast Plugins • Delay initialization as late as possible. For example, if your plugin is a simple syntax processor, you might delay loading extra Perl modules until you actually see the syntax in the text. • For example, use an eval block like this: eval { require IPC::Run } return "<font color=\"red\">SamplePlugin: Can't load required modules ($@)</font>" if $@; • Keep the main plugin package as small as possible; create other packages that are loaded if and only if they are used. For example, create sub-packages of BathPlugin in lib/Foswiki/Plugins/BathPlugin/. • Avoid using preferences in the plugin topic; set $NO_PREFS_IN_TOPIC if you possibly can, as that will stop Foswiki from reading the plugin topic for every page. Use Config.spec instead.
• Use registered tag handlers

## Security

• Badly written plugins can open security holes in Foswiki. This is especially true if care isn't taken to prevent execution of arbitrary commands on the server.
• Don't allow sensitive configuration data to be edited by users. Use the %Foswiki::cfg hash for configuration options. Don't ask installers to edit topics in the System web.
• Make sure that all user input is checked and validated. Be especially careful to filter characters that might be used in perl string interpolation.
• Avoid eval, and if you must use it make sure you sanitise parameters
• Always use the Foswiki::sandbox to execute commands. Never use backtick or qx//.
• Use Foswiki::Func::checkAccessPermission to check the access rights of the current user.
• Always audit the plugins you install, and make sure you are happy with the level of security provided. While every effort is made to monitor plugin authors activities, at the end of the day they are uncontrolled user contributions.

Plugins sometimes need to store data. This can be plugin internal data such as cache data, or data generated for browser consumption such as images. Plugins should store data using Foswiki::Func functions that support saving and loading of topics and attachments.

### Plugin Internal Data

You can create a plugin "work area" using the Foswiki::Func::getWorkArea() function, which gives you a persistent directory where you can store data files. By default they will not be web accessible. The directory is guaranteed to exist, and to be writable by the webserver user. For convenience, Foswiki::Func::storeFile() and Foswiki::Func::readFile() are provided to persistently store and retrieve simple data in this area.

### Web Accessible Data

The internal data area is not normally made web-accessible for security reasons. If yoou want to store web accessible data, for example generated images, then you should use Foswiki's attachment mechanisms.

Topic-specific data such as generated images can be stored in the topic's attachment area, which is web accessible. Use the Foswiki::Func::saveAttachment() function to store the data.

Recommendation for file name:
• Prefix the filename with an underscore (the leading underscore avoids a name clash with files attached to the same topic)
• Identify where the attachment originated from, typically by including the plugin name in the file name
• Use only alphanumeric characters, underscores, dashes and periods to avoid platform dependency issues and URL issues
• Example: _GaugePlugin_img123.gif
Such auto-generated attachments han be hidden from users by setting the 'h' attribute in the attachment attributes.

Web specific data should be stored in the attachment area of a topic in the web that you specify for the purpose, e.g. Web.BathPlugPictures. Use the Foswiki::Func::saveAttachment() function to store the data in this topic.

## Integrating with configure

Some extensions have setup requirements that are best integrated into configure rather than trying to use preference settings. These extensions use Config.spec files to publish their configuration requirements.

Config.spec files are read during configuration. Once a Config.spec has defined a configuration item, it is available for edit through the standard configure interface. Config.spec files are stored in the 'plugin directory' e.g. lib/Foswiki/Plugins/BathPlugin/Config.spec.

### Structure of a Config.spec file

The Config.spec file for a plugin starts with a line that declares what section the configuration should appear in. The standard for all extensions is:
# ---+ Extensions

Next we have a sub-heading for the configuration specific to this extension, and the actual configuration options:
# ----++ BathPlugin
# This plugin senses the level of water in your bath, and ensures the plug
# is not removed while the water is still warm.

This is followed by one or more configuration items. Each configuration item has a type, a description and a default. For example:
# **SELECT Plastic,Rubber,Metal**
# Select the plug type
$Foswiki::cfg{BathPlugin}{PlugType} = 'Plastic'; # **NUMBER** # Enter the chain length in cm$Foswiki::cfg{BathPlugin}{ChainLength} = '30';

# **BOOLEAN EXPERT**
# Turn this option off to disable the water temperature alarm
$Foswiki::cfg{BathPlugin}{TempSensorEnabled} = '1';  The type (e.g. **SELECT** ) tells configure to how to prompt for the value. It also tells configure how to do some basic checking on the value you actually enter. All the comments between the type and the configuration item are taken as part of the description. The configuration item itself defines the default value for the configuration item. The above spec defines the configuration items $Foswiki::cfg{BathPlugin}{PlugType}, $Foswiki::cfg{BathPlugin}{ChainLength}, and $Foswiki::cfg{BathPlugin}{TempSensorEnabled} for use in your plugin. For example,
if( $Foswiki::cfg{BathPlugin}{TempSensorEnabled} &&$curTemperature > 50 ) {
die "The bathwater is too hot for comfort";
}

You can use other $Foswiki::cfg values in other settings, but you must be sure they are only evaluated under program control, and not when this file is parsed by perl. For example: $Foswiki::cfg{BathPlugin}{MyBath} = "$Foswiki::cfg{PubDir}/enamel.gif"; # BAD # Perl will interpolate variables in double-quotes, so$Foswiki::cfg{PubDir}
# will be evaluated at configuration time, which will make reconfiguration
# difficult.

$Foswiki::cfg{BathPlugin}{MyBath} = '$Foswiki::cfg{PubDir}/enamel.gif'; # GOOD
# The single quotes make sure $Foswiki::cfg{PubDir} will only be evaluated # at run-time.  The Config.spec file is read by configure, and configure then writes LocalSite.cfg with the values chosen by the local site admin. A range of types are available for use in Config.spec files:  BOOLEAN A true/false value, represented as a checkbox COMMAND length A shell command LANGUAGE A language (selected from {LocalesDir} NUMBER A number OCTAL An octal number PASSWORD length A password (input is hidden) PATH length A file path PERL A simplified perl data structure, consisting of arrays, hashes and scalar values REGEX length A perl regular expression SELECT choices Pick one of a range of choices SELECTCLASS package-specifier Select a perl package (class) e.g. SELECTCLASS Foswiki::Plugins::BathPlugin::*Plug lets the user select between all packages with names ending in Plug, Foswiki::Plugins::BathPlugin::RubberPlug, Foswiki::Plugins::BathPlugin::BrassPlug etc. STRING length A string URL length A url URLPATH length A relative URL path All types can be followed by a comma-separated list of attributes.  EXPERT means this an expert option M means the setting is mandatory (may not be empty) H means the option is not visible in configure 5x80 means "use a 5 row, 80 column textarea". Can be used with any text entry field type, such as STRING, COMMAND, PERL etc. See lib/Foswiki.spec for many more examples. Config.spec files are also used for other (non-plugin) extensions. in this case they are stored under the Contrib directory instead of the Plugins directory. ### Linking to configure You can link to your configure settings by using the following: [[%SCRIPTURL{"configure"}%/#BathPlugin$Extensions][configure]]


Replace BathPlugin with the name of your extension.

## Maintaining Plugins

### Discussions and Feedback on Plugins

Usually published plugins have a support hub in the Support web on Foswiki.org.Support hubs have links to where to discuss feature enhancements and give feedback to the developer and user communities.

### Maintaining Compatibility with Earlier Foswiki Versions

The plugin interface (Foswiki::Func functions and plugin handlers) evolve over time. Foswiki introduces new API functions to address the needs of plugin authors. Plugins using unofficial Foswiki internal functions may no longer work on a Foswiki upgrade.

Organizations typically do not upgrade to the latest Foswiki for many months. However, many administrators still would like to install the latest versions of a plugin on their older Foswiki installation. This need is fulfilled if plugins are maintained in a compatible manner.

Tip: Plugins can be written to be compatible with older and newer Foswiki releases. This can be done also for plugins using unofficial Foswiki internal functions of an earlier release that no longer work on the latest Foswiki codebase. Here is an example; the Foswiki:Support.PluginsSupplement has more details.

    if( $Foswiki::Plugins::VERSION >= 1.1 ) { @webs = Foswiki::Func::getListOfWebs( 'user,public' ); } else { @webs = Foswiki::Func::getPublicWebList( ); }  ### Handling deprecated functions From time-to-time, the Foswiki developers will add new functions to the interface (either to Foswiki::Func, or new handlers). Sometimes these improvements mean that old functions have to be deprecated to keep the code manageable. When this happens, the deprecated functions will be supported in the interface for at least one more Foswiki release, and probably longer, though this cannot be guaranteed. When a plugin defines deprecated handlers, a warning will be shown in the list generated by %FAILEDPLUGINS%. Admins who see these warnings should check Foswiki.org and if necessary, contact the plugin author, for an updated version of the plugin. Updated plugins may still need to define deprecated handlers for compatibility with old Foswiki versions. In this case, the plugin package that defines old handlers can suppress the warnings in %FAILEDPLUGINS%. This is done by defining a map from the handler name to the Foswiki::Plugins version in which the handler was first deprecated. For example, if we need to define the endRenderingHandler for compatibility with Foswiki::Plugins versions before 1.1, we would add this to the plugin: package Foswiki::Plugins::SinkPlugin; use vars qw( %FoswikiCompatibility );$FoswikiCompatibility{endRenderingHandler} = 1.1;

If the currently-running Foswiki version is 1.1 or later, then the handler will not be called and the warning will not be issued. Foswiki with versions of Foswiki::Plugins before 1.1 will still call the handler as required.

### TWiki® Plugins

Most plugins written for TWiki can also be run in Foswiki, by installing the TWikiCompatibilityPlugin. See Foswiki:Extensions.TWikiCompatibilityPlugin for more information.

# CGI and Command Line Scripts

Programs on the server performing actions such as rendering, saving and renaming topics.

These scripts are located in the bin and tools directories. This topic describes the interfaces to some of those scripts. All scripts in the bin directory can be called from the CGI (Common Gateway Interface) environment or from the command line. The scripts in the tools directory can only be called from the command line.

## CGI Scripts

Details on CGI scripts located in the bin directory.

Note that a blank in the 'Default' column means that the parameter is not required, and has no default. required means the parameter is required, and has no default. text in italics describes default behaviour if no value is given.

### General Information

#### CGI environment

In the CGI environment parameters are passed to the scripts via the URL and URL parameters. Environment variables are also used to determine the user performing the action. If the environment is not set up, the default user is used (usually guest).

#### Command-line

You must be have the bin directory on the perl path to run the scripts from the command line. To avoid issues with file permissions, run the scripts as the web server user such as nobody or www.

Parameters are passed on the command line using two possible formats:

• Traditional command line "switch" style format: -name value, The "-" prefix for the keyword is required.
$cd /usr/local/foswiki/bin$ save -topic MyWeb.MyTopic -user admin -action save -text "New text of the topic"

• Keyword format: parameter=value. A "-" prefix is optional.
$cd /usr/local/foswiki/bin$ save topic=MyWeb.MyTopic user=admin action=save text="New text of the topic"

All parameters require a value, even if that is the empty string. Note that parameters passed on the command-line should not be URL-encoded.

##### "Authentication" in the command line environment

Unlike the CGI environment, the default user for command line operations is AdminUser.

• The -user parameter is specific to the command line and is not recognized by in the web environment. It allows a user to be specified without requiring that the password be supplied. It is only active from the command line.
• The -username / -password parameters are processed by the authentication system and require the password be authenticated. Depending upon the authentication implementation, it may or may not be usable in the command line environment.

When calling a tools script from the command line, you normally need to be cd'd to the =bin directory e.g.
$cd bin$ ../tools/mailnotify -q -nonews -nochanges -Main -System


#### Context

Each script sets a Foswiki context to signal to plugins and other components the environment that they are running. In addition to the per-script context, two additional contexts are optionally set:
• command_line is set if there is no CGI query object available.
• static is set by scripts that render static content like PDF or other offline publishing tools

A comprehensive list of core context identifiers used by Foswiki is found in the System.IfStatements#Context_identifiers.

### Common parameters

All the scripts accept a number of common parameters. The first two components of the URL after the script name are taken as the web and the topic, respectively. Standard URL parameters are:

Parameter Description Default
cover Specifies temporary skin path to prepend to the skin path for this script only (see Skins)
debugenableplugins During debugging it can be useful to selectively disable all but a subset of plugins. This parameter allows the caller to specify a comma-separated list of plugins that should be enabled.
foswikioriginalquery The original query that was being made before a redirect for user confirmation was required.
foswiki_redirect_cache Foswiki sometimes caches long lists of parameters that must survive over a sequence of browser redirects. This parameter identifies one of these caches. The parameter value is a "magic number" that uniquely idenitifies a file in the working/tmp directory. These files have a very short lifetime, and are destroyed when the cache is read.
logout requests the LoginManager to log the current user out (this happens at the begining of the request so will terminate any other operation requested)
refresh If the Foswiki page cache is in use, setting this parameter will invalidate the cache. Valid values are cache, on and all. See PageCaching for more information on the page cache.
response Used as part of the request validation process.
skin Overrides the default skin path (see Skins) value of the SKIN preference
t While the t parameter is not actively used by any scripts, it is used when building links to scripts such as edit, to ensure that each edit link is unique. This stops the browser from trying to use a cached reply from a previous call to the script. generally set to current time, in seconds
topic Overrides the web.topic path given in the URL (specify Web.TopicName)
user Command-line only; set the name of the user performing the action. Note: this usage is inherently insecure, as it bypasses webserver login constraints. For this reason only authorised users should be allowed to execute scripts from the command line.
validation_key part of cross-site scripting protection. Any request sent from browsers that might change data stored on the server must carry a key that indentifies the source of the request.
<any name> Any other parameter name passed to the script is passed through for possible use by the script. This is typically only applicable to the edit, save and view scripts.

*Note:* Prior releases of Foswiki would accept the undocumented username and password parameter on any script. Foswiki 1.1.9 restricts this to the view script and only on POST transactions unless overridden in the Foswiki configuration.

### attach

Despite the name, this script doesn't actually attach a file to a topic - for that, use upload. This script is part of the transactions sequence executed when a file is uploaded from the browser. it just generates the "new attachment" page for a topic.

Parameter Description Default
filename Name of existing attachment (if provided, this is a "manage attachment" action) this is a "new attachment" action

### changes

Shows all the changes in the given web.

The changes script can receive one parameter:

Parameter Description Default
minor If 0, show only major changes. If 1, show all the changes (both minor and major) show major changes

The main difference between invoking this script and using WebChanges is that WebChanges is based on a %SEARCH%, while this script reads the changes file in each web, making it much faster.

NOTE: The result from changes script and the topic WebChanges can be different, if the changes file is deleted from a web. In particular, in new installations the changes script will return no results while the WebChanges topic will.

### configure

configure is the browser script used for inspection of, and changes to, the site configuration. None of the parameters to this script are useable for any purpose except configure. See configure.

### edit

The edit script understands the following parameters, typically supplied by HTML input fields.

A major role of the edit script is new topic creation. Parameters that are mainly relevant to new topic creation are marked with

Parameter name Description Default
action If action=text, then hide the form. If action=form, then hide the normal text area and only edit the form. edit both
breaklock If set, any lease conflicts will be ignored, and the edit will proceed even if someone is already editing the topic.
contenttype Optional parameter that defines the application type to write into the CGI header. May be used to invoke alternative client applications text/html
formtemplate Name of the form to instantiate in the topic. Set to none to remove any existing form.
notemplateexpansion`