submodules: cpp-httplib: Update

Remove whitespace from id links, fix <br> closing
2025-05-08 22:38:32 +02:00 · 2025-03-09 15:21:14 +01:00 · 2024-12-23 10:44:21 +01:00 · 2024-10-13 15:14:19 +02:00 · 2024-09-20 20:25:55 +02:00 · 2024-06-09 15:42:39 +02:00
81 changed files with 1227 additions and 297 deletions
--- a/.gitignore
+++ b/.gitignore
@ -3,6 +3,8 @@
 *.out
 *.gch
 *.user
 *.swp
 *.kate-swp
 qswiki
 wikiqs*
 data/*
--- a/18
+++ b/18
@ -1,13 +1,15 @@
 CPPSTD=c++20
-CXXFLAGS=-std=$(CPPSTD) -O0 -g -no-pie -pipe -MMD -Wall -Wextra
+
-RELEASE_CXXFLAGS=-std=$(CPPSTD) -O3 -pipe -MMD -Wall -Wextra
+#CFIFLAGS=-fsanitize=cfi -fvisibility=hidden -fsanitize=cfi -flto
-LDFLAGS=-lsqlite3 -lpthread -lcrypto -lstdc++fs
+#Does not work reliably atm
 CFIFLAGS=
 CXXFLAGS=-std=$(CPPSTD) -O2 -g -no-pie -pipe -MMD -Wall -Wextra -DGLIBCXX_ASSERTIONS -D_LIBCPP_ENABLE_ASSERTIONS=1 $(CFIFLAGS)
 RELEASE_CXXFLAGS=-std=$(CPPSTD) -O3 -pipe -MMD -Wall -Wextra -DGLIBCXX_ASSERTIONS -D_LIBCPP_ENABLE_ASSERTIONS=1 $(CFIFLAGS)
 LDFLAGS=-lsqlite3 -lpthread -lcrypto -lstdc++fs $(CFIFLAGS)
 INCLUDEFLAGS=-I submodules/sqlitemoderncpp/hdr -I submodules/cpp-httplib -I submodules/exile.h
 CXX=g++
 SOURCES=$(wildcard *.cpp)
 SOURCES+=$(wildcard gateway/*.cpp)
 SOURCES+=$(wildcard handlers/*.cpp)
@ -54,7 +56,7 @@ exile.o: submodules/exile.h/exile.c
 	$(CC) -std=c99 -DHAVE_LANDLOCK=0 -c submodules/exile.h/exile.c -o exile.o
 qswiki: $(WIKIOBJECTS) exile.o
-	$(CXX) $(WIKIOBJECTS) exile.o ${LDFLAGS} ${INCLUDEFLAGS}  -o qswiki
+	$(CXX) $(shell shuf -e $(WIKIOBJECTS) exile.o ) ${LDFLAGS} ${INCLUDEFLAGS}  -o qswiki
 test: $(TESTOBJECTS)
 	$(CXX) $(TESTOBJECTS) ${LDFLAGS} -o test
--- a/README.md
+++ b/README.md
@ -1,23 +1,26 @@
 # qswiki
-About
+## About
-====
+qswiki is a wiki software, intended for my needs. Originally  implemented in C, it's now written in C++.
 qswiki is a wiki software, intended for small wikis. Originally 
 implemented in C, it's now written in C++.
-History
+## Dude... why?
-====
+
-A couple of years ago, I wanted to setup a personal wiki on my raspberry 
+tl;dr: It was a playground, an experiment (taken too far). I guess at some point I couldn't stop, because I've already
 started.
 ### History
 Several years ago, I wanted to setup a personal wiki on my raspberry
 pi. However, the distribution I used back then did not have a PHP package
 for ARM. So instead of switching distributions or searching for other
-wikis that I could use, I decided I would write one in C. Yes, 
+wikis that I could use, I simply decided I would write one in C. Yes,
 that's an odd way  to approach the problem and indeed, I may have had too
 much time back  then. Also, I wanted to see how it's like to write a
 "web app" in C and wanted to sharpen my C skills a little bit.
-Of course, it's pretty straightforward at first. No really: Just use CGI. 
+Of course, it's pretty straightforward at first. No really: Just use CGI
-And indeed, that would have been more than enough for my use cases. 
+and print your HTML to stdout.And indeed, that would have been more than enough for my use cases.
-Then I decided to play around and started using FastCGI (with the official 
+
 But then I decided to play around and started using FastCGI (with the official
 library from now  defunct fastcgi.com) and created a multi-threaded version.
 It initially  used a "pile of files database", but that became too painful,
 so then I started using sqlite.
@ -25,50 +28,51 @@ so then I started using sqlite.
 C++
 ---
 Eventually, since it was mostly a playground for me, the code became
-unmaintainable. Furthermore, I wanted something quick and given that 
+unmaintainable. Furthermore, I initially wanted something quick and given that
 it was CGI, I didn't bother taking care of memory leaks.
 After initiating a FastCGI interface, they became an issue and then the
 task of avoiding memory leaks became too annoying. And of course, C does n
 ot include any "batteries" and while I could manage, this too was another
 good reason.
-Overall, I am just continuing the experiment with C++17 now. It's not 
+Overall, I am just continuing the experiment with >=C++17 now. It's not
 nearly as bad as you would expect perhaps. Some things are surprisingly
 convenient even. Still, the standard library is lacking and
 I would hope for a some better built-in Unicode support in future C++
 standards.
-Features
+
-========
+## Features
-To be fair, at this point it doesn't even have a "diff" between revisions 
+Some essential features are lacking, such as a diff between revisions,
-yet and does not have features that would make you prefer it over other 
+user registration UI, etc.
-wikis.
+
 It doesn't compete with any other software anyway.
 - CGI
- - HTTP server using the header only library cpp-httplib. It's more 
+ - HTTP server using the header only library [cpp-httplib](https://github.com/yhirose/cpp-httplib). It's more
 portable and more "future-proof" than FastCGI (since the official website
 disappeared, the library's future appears to be uncertain).
 - Support for user accounts. Passwords are stored using PBKDF2.
  sqlite database, but not too much of an effort to add other types of
  storage backends. sqlite is using the great header only library
-  sqlite_modern_cpp
+  [sqlite_modern_cpp](https://github.com/SqliteModernCpp)
 - Relatively fine-grained permission system.
 - Categories
 - Templates
 - FTS search
 - Caching
 - Blog-like functionality
 - RSS/Atom feeds
-Security
+## Security
-========
+[exile.h](https://github.com/quitesimpleorg/exile.h) is used
-On Linux namespaces are used to restrict the process to only access
+to restrict access to the files the wiki needs.  It doesn't have access to other paths
-files it needs. It doesn't have access to other paths in the system.
+in the system and the system calls that the qswiki process can make are restricted.
-In addition, Seccomp is used to restrict the syscalls the qswiki process
+
-can call.  As for "web security", all POST requests are centrally
+As for "web security", all POST requests are centrally protected against CSRF attacks and all input is escaped against XSS
 protected against CSRF attacks and all input is escaped against XSS 
 attacks.
-Building
+## Building
 ========
 Dependencies:
  - cpp-httplib: https://github.com/yhirose/cpp-httplib
  - SqliteModernCpp: https://github.com/SqliteModernCpp
--- a/cache/mapcache.h
+++ b/cache/mapcache.h
@ -4,12 +4,14 @@
 #include <set>
 #include <shared_mutex>
 #include <optional>
 #include <string>
 #include "icache.h"
 /* Thread-Safe Key-Value store */
 template <class T> class MapCache
 {
  private:
-	std::map<std::string, T> cache;
+	std::unordered_map<std::string, T> cache;
 	mutable std::shared_mutex sharedMutex;
  public:
@ -33,6 +35,53 @@ template <class T> class MapCache
 		std::lock_guard<std::shared_mutex> lock{sharedMutex};
 		this->cache.clear();
 	}
 	void remove(const std::string &key)
 	{
 		std::lock_guard<std::shared_mutex> lock{sharedMutex};
 		this->cache.erase(key);
 	}
 	void removePrefix(const std::string &key)
 	{
 		std::lock_guard<std::shared_mutex> lock{sharedMutex};
 		std::erase_if(this->cache, [key](const auto &item)
 		{
 			auto const& [k, v] = item;
 			return k.starts_with(std::string_view(key));
 		});
 	}
 };
 class StringCache : public MapCache<std::string>, public ICache
 {
 	virtual std::optional<std::string> get(std::string_view key) const override
 	{
 		return MapCache<std::string>::find(std::string(key));
 	}
 	virtual void put(std::string_view key, std::string val) override
 	{
 		MapCache<std::string>::set(std::string(key), val);
 	}
 	virtual void remove(std::string_view key) override
 	{
 		MapCache<std::string>::remove(std::string(key));
 	}
 	virtual void removePrefix(std::string_view prefix)
 	{
 		MapCache<std::string>::removePrefix(std::string(prefix));
 	}
 	virtual void clear() override
 	{
 		MapCache<std::string>::clear();
 	}
 };
 #endif // MAPCACHE_H
--- a/cache/nocache.h
+++ b/cache/nocache.h
@ -0,0 +1,30 @@
 #include "icache.h"
 class NoCache : public ICache
 {
 public:
 	NoCache(std::string p)
 	{
 	}
 	virtual std::optional<std::string> get(std::string_view key) const
 	{
 		return {};
 	}
 	virtual void put(std::string_view key, std::string val)
 	{
 		return;
 	}
 	virtual void remove(std::string_view key)
 	{
 		return;
 	}
 	virtual void removePrefix(std::string_view prefix)
 	{
 		return;
 	}
 	virtual void clear()
 	{
 		return;
 	}
 };
--- a/cli.cpp
+++ b/cli.cpp
@ -141,10 +141,9 @@ std::pair<bool, std::string> CLIHandler::page_list([[maybe_unused]] const std::v
 	QueryOption o;
 	auto result = pageDao->getPageList(o);
 	std::stringstream stream;
-	for(std::string pagename : result)
+	for(Page &page : result)
 	{
-		Page p = pageDao->find(pagename).value();
+		stream << page.name << " " << page.pageid << " " << std::string(page.listed ? "listed" : "unlisted") << std::endl;
 		stream << p.name << " " << p.pageid << " " << std::string(p.listed ? "listed" : "unlisted") << std::endl;
 	}
 	return {true, stream.str()};
 }
@ -271,9 +270,9 @@ std::pair<bool, std::string> CLIHandler::category_show(const std::vector<std::st
 	auto categoryDao = this->db->createCategoryDao();
 	auto members = categoryDao->fetchMembers(args.at(0), QueryOption{});
 	std::stringstream stream;
-	for(std::string &member : members)
+	for(Page &member : members)
 	{
-		stream << member << std::endl;
+		stream << member.name << std::endl;
 	}
 	return {true, stream.str()};
 }
--- a/config.cpp
+++ b/config.cpp
@ -78,13 +78,16 @@ Config::Config(const std::map<std::string, std::string> &map)
 	this->templatepath = required("templatepath");
 	this->urls.linkallcats = required("linkallcats");
 	this->urls.linkallpages = required("linkallpages");
 	this->urls.linkallpagesrendertype = required ("linkallpagesrendertype");
 	this->urls.linkcategory = required("linkcategory");
 	this->urls.linkcategoryrendertype = required("linkcategoryrendertype");
 	this->urls.linkdelete = required("linkdelete");
 	this->urls.linkedit = required("linkedit");
 	this->urls.linkhistory = required("linkhistory");
 	this->urls.linkindex = required("linkindex");
 	this->urls.linklogout = required("linklogout");
 	this->urls.linkpage = required("linkpage");
 	this->urls.linkpagebytitle = required("linkpagebytitle");
 	this->urls.linkrecent = required("linkrecent");
 	this->urls.linkrevision = required("linkrevision");
 	this->urls.linksettings = required("linksettings");
@ -111,7 +114,7 @@ Config::Config(const std::map<std::string, std::string> &map)
 	this->templateprefix = "{qswiki:";
-	this->max_payload_length = optional("max_payload_length", 10 * 1024 * 1024);
+	this->max_payload_length = optional("max_payload_length", 60 * 1024 * 1024);
 	ConfigVariableResolver resolver{this->configmap};
 	this->configVarResolver = resolver;
--- a/config.h
+++ b/config.h
@ -23,9 +23,11 @@ struct ConfigUrls
 	std::string linkindex;
 	std::string linkrecent;
 	std::string linkallpages;
 	std::string linkallpagesrendertype;
 	std::string linkallcats;
 	std::string linkshere;
 	std::string linkpage;
 	std::string linkpagebytitle;
 	std::string linkrevision;
 	std::string linkhistory;
 	std::string linkedit;
@ -33,6 +35,7 @@ struct ConfigUrls
 	std::string linkdelete;
 	std::string linklogout;
 	std::string linkcategory;
 	std::string linkcategoryrendertype;
 	std::string loginurl;
 	std::string linkrecentsort;
 	std::string actionurl;
--- a/database/categorydao.h
+++ b/database/categorydao.h
@ -5,7 +5,7 @@
 #include <optional>
 #include "queryoption.h"
 #include "../category.h"
-
+#include "../page.h"
 class CategoryDao
 {
  public:
@ -14,7 +14,8 @@ class CategoryDao
 	virtual std::vector<std::string> fetchList(QueryOption o) = 0;
 	virtual std::optional<Category> find(std::string name) = 0;
 	virtual void deleteCategory(std::string name) = 0;
-	virtual std::vector<std::string> fetchMembers(std::string name, QueryOption o) = 0;
+	virtual std::vector<Page> fetchMembers(std::string name, QueryOption o) = 0;
 	virtual ~CategoryDao() = default;
 };
 #endif // CATEGORYDAO_H
--- a/database/categorydaosqlite.cpp
+++ b/database/categorydaosqlite.cpp
@ -72,6 +72,7 @@ void CategoryDaoSqlite::deleteCategory(std::string name)
 	}
 	catch(sqlite::sqlite_exception &e)
 	{
 		*db << "ROLLBACK";
 		throwFrom(e);
 	}
 }
@ -94,21 +95,36 @@ std::vector<std::string> CategoryDaoSqlite::fetchList(QueryOption o)
 	}
 	return result;
 }
-std::vector<std::string> CategoryDaoSqlite::fetchMembers(std::string name, QueryOption o)
+
 std::vector<Page> CategoryDaoSqlite::fetchMembers(std::string name, QueryOption o)
 {
-	std::vector<std::string> result;
+	std::vector<Page> result;
 	SqliteQueryOption queryOption{o};
 	std::string queryoptions =
-		queryOption.setOrderByColumn("name").setVisibleColumnName("page.visible").setPrependWhere(false).build();
+		queryOption.setOrderByColumn("name").setListedColumnName("page.listed").setPrependWhere(false).build();
 	try
 	{
-		auto query = *db << "SELECT page.name AS name FROM categorymember INNER JOIN page ON page.id = "
+		auto query =
-							"categorymember.page WHERE category = (SELECT id FROM category WHERE name = ? ) AND " +
+			*db
-								queryoptions
+			<< "SELECT page.id, page.name AS name, page.title, page.lastrevision, page.listed, page.feedlisted FROM "
-						 << name;
+			   "categorymember INNER JOIN page ON page.id = "
-		query >> [&](std::string p) { result.push_back(p); };
+			   "categorymember.page WHERE category = (SELECT id FROM category WHERE name = ? ) AND " +
 				   queryoptions
 			<< name;
 		query >> [&](unsigned int id, std::string name, std::string title, unsigned int lastrevision, bool listed,
 					 bool feedlisted)
 		{
 			Page p;
 			p.name = name;
 			p.pageid = id;
 			p.title = title;
 			p.current_revision = lastrevision;
 			p.listed = listed;
 			p.feedlisted = feedlisted;
 			result.push_back(p);
 		};
 	}
 	catch(const sqlite::exceptions::no_rows &e)
 	{
--- a/database/categorydaosqlite.h
+++ b/database/categorydaosqlite.h
@ -3,12 +3,13 @@
 #include "categorydao.h"
 #include "sqlitedao.h"
 #include "../page.h"
 class CategoryDaoSqlite : public CategoryDao, protected SqliteDao
 {
  public:
 	CategoryDaoSqlite();
 	std::vector<std::string> fetchList(QueryOption o) override;
-	std::vector<std::string> fetchMembers(std::string name, QueryOption o) override;
+	std::vector<Page> fetchMembers(std::string name, QueryOption o) override;
 	void save(const Category &c) override;
 	void deleteCategory(std::string name) override;
 	std::optional<Category> find(std::string name) override;
--- a/database/database.h
+++ b/database/database.h
@ -13,7 +13,7 @@
 #include "permissionsdao.h"
 class Database
 {
-  private:
+  protected:
 	std::string connnectionstring;
  public:
--- a/database/pagedao.h
+++ b/database/pagedao.h
@ -13,8 +13,9 @@ class PageDao
 	virtual bool exists(std::string page) const = 0;
 	virtual bool exists(unsigned int id) const = 0;
 	virtual std::optional<Page> find(std::string name) = 0;
 	virtual std::optional<Page> findByTitle(std::string title) = 0;
 	virtual std::optional<Page> find(unsigned int id) = 0;
-	virtual std::vector<std::string> getPageList(QueryOption option) = 0;
+	virtual std::vector<Page> getPageList(QueryOption option) = 0;
 	virtual std::vector<std::string> fetchCategories(std::string pagename, QueryOption option) = 0;
 	virtual void deletePage(std::string page) = 0;
 	virtual void save(const Page &page) = 0;
@ -22,6 +23,8 @@ class PageDao
 	virtual void setCategories(std::string pagename, const std::vector<std::string> &catnames) = 0;
 	virtual std::vector<SearchResult> search(std::string query, QueryOption option) = 0;
 	virtual std::vector<std::string> getChildren(std::string pagename) = 0;
 	virtual ~PageDao()
 	{
 	}
--- a/database/pagedaosqlite.cpp
+++ b/database/pagedaosqlite.cpp
@ -52,15 +52,43 @@ std::optional<Page> PageDaoSqlite::find(std::string name)
 	}
 }
 std::optional<Page> PageDaoSqlite::findByTitle(std::string title)
 {
 	Page result;
 	try
 	{
 		auto ps =
 			*db
 			<< "SELECT id, name, title, lastrevision, listed, feedlisted, (SELECT name FROM page WHERE id = parent) "
 			   "FROM page WHERE title = ?";
 		ps << title >> std::tie(result.pageid, result.name, result.title, result.current_revision, result.listed,
 								result.feedlisted, result.parentpage);
 	}
 	catch(const sqlite::errors::no_rows &e)
 	{
 		return {};
 	}
 	catch(sqlite::sqlite_exception &e)
 	{
 		throwFrom(e);
 	}
 	return result;
 }
 std::optional<Page> PageDaoSqlite::find(unsigned int id)
 {
 	Page result;
 	result.pageid = id;
 	try
 	{
-		auto ps = *db << "SELECT name, title, lastrevision, visible FROM page WHERE id = ?";
+		auto ps =
 			*db
 			<< "SELECT name, title, lastrevision, listed, feedlisted, (SELECT name FROM page WHERE id = parent) FROM "
 			   "page WHERE id = ?";
-		ps << id >> std::tie(result.name, result.title, result.current_revision, result.listed);
+		ps << id >> std::tie(result.name, result.title, result.current_revision, result.listed, result.feedlisted,
 							 result.parentpage);
 	}
 	catch(const sqlite::errors::no_rows &e)
 	{
@ -89,6 +117,7 @@ void PageDaoSqlite::deletePage(std::string page)
 	}
 	catch(sqlite::sqlite_exception &e)
 	{
 		*db << "ROLLBACK";
 		throwFrom(e);
 	}
 }
@ -97,31 +126,44 @@ void PageDaoSqlite::save(const Page &page)
 {
 	try
 	{
-		*db << "INSERT OR REPLACE INTO page (id, name, title, lastrevision, visible) VALUES((SELECT id FROM page WHERE "
+		*db << "INSERT OR REPLACE INTO page (id, name, title, lastrevision, listed, feedlisted, parent) VALUES((SELECT "
-			   "name = "
+			   "id FROM page WHERE name = ? OR id = ?), ?, ?, ?, ?, ?, (SELECT id FROM page WHERE name = ?))"
-			   "? OR id = ?), ?, ?, ?, ?)"
+			<< page.name << page.pageid << page.name << page.title << page.current_revision << page.listed
-			<< page.name << page.pageid << page.name << page.title << page.current_revision << page.listed;
+			<< page.feedlisted << page.parentpage;
 	}
 	catch(sqlite::sqlite_exception &e)
 	{
 		throwFrom(e);
 	}
 }
-std::vector<std::string> PageDaoSqlite::getPageList(QueryOption option)
+
 std::vector<Page> PageDaoSqlite::getPageList(QueryOption option)
 {
-	std::vector<std::string> result;
+	std::vector<Page> result;
 	try
 	{
 		std::string queryOption = SqliteQueryOption(option)
 									  .setOrderByColumn("lower(name)")
-									  .setVisibleColumnName("visible")
+									  .setListedColumnName("listed")
 									  .setPrependWhere(true)
 									  .build();
-		std::string query = "SELECT name FROM page " + queryOption;
+		std::string query = "SELECT id, name, title, lastrevision, listed, feedlisted,  (SELECT name FROM page WHERE "
-
+							"id = parent) FROM page " +
-		*db << query >> [&](std::string name) { result.push_back(name); };
+							queryOption;
 		*db << query >> [&](unsigned int pageid, std::string name, std::string title, unsigned int current_revision,
 							bool listed, bool feedlisted, std::string parent)
 		{
 			Page tmp;
 			tmp.pageid = pageid;
 			tmp.name = name;
 			tmp.title = title;
 			tmp.current_revision = current_revision;
 			tmp.listed = listed;
 			tmp.feedlisted = feedlisted;
 			tmp.parentpage = parent;
 			result.push_back(tmp);
 		};
 	}
 	catch(const sqlite::errors::no_rows &e)
 	{
@ -232,3 +274,11 @@ int PageDaoSqlite::fetchPageId(std::string pagename)
 	auto binder = *db << "SELECT id FROM page WHERE name = ?" << pagename;
 	return execInt(binder);
 }
 std::vector<std::string> PageDaoSqlite::getChildren(std::string pagename)
 {
 	std::vector<std::string> result;
 	auto query = *db << "SELECT name FROM page WHERE parent = (SELECT id FROM page WHERE name = ?)" << pagename;
 	query >> [&](std::string page) { result.push_back(page); };
 	return result;
 }
--- a/database/pagedaosqlite.h
+++ b/database/pagedaosqlite.h
@ -20,13 +20,16 @@ class PageDaoSqlite : public PageDao, protected SqliteDao
 	bool exists(std::string name) const override;
 	void save(const Page &page) override;
 	std::optional<Page> find(std::string name) override;
 	std::optional<Page> findByTitle(std::string title) override;
 	std::optional<Page> find(unsigned int id) override;
-	std::vector<std::string> getPageList(QueryOption option) override;
+	std::vector<Page> getPageList(QueryOption option) override;
 	std::vector<std::string> fetchCategories(std::string pagename, QueryOption option) override;
 	using SqliteDao::SqliteDao;
 	int fetchPageId(std::string pagename);
 	std::vector<SearchResult> search(std::string query, QueryOption option) override;
 	void setCategories(std::string pagename, const std::vector<std::string> &catnames) override;
 	std::vector<std::string> getChildren(std::string pagename) override;
 };
 #endif // PAGEDAOSQLITE_H
--- a/database/permissionsdao.h
+++ b/database/permissionsdao.h
@ -9,6 +9,9 @@ class PermissionsDao
 	PermissionsDao();
 	virtual std::optional<Permissions> find(std::string pagename, std::string username) = 0;
 	virtual void save(std::string pagename, std::string username, Permissions perms) = 0;
 	virtual void clearForPage(std::string pagename) = 0;
 	virtual ~PermissionsDao() = default;
 };
 #endif // PERMISSIONSDAO_H
--- a/database/permissionsdaosqlite.cpp
+++ b/database/permissionsdaosqlite.cpp
@ -59,3 +59,16 @@ void PermissionsDaoSqlite::save(std::string pagename, std::string username, Perm
 		throwFrom(e);
 	}
 }
 void PermissionsDaoSqlite::clearForPage(std::string pagename)
 {
 	try
 	{
 		auto stmt = *db << "DELETE FROM permissions WHERE page = (SELECT id FROM page WHERE name = ?)" << pagename;
 		stmt.execute();
 	}
 	catch(sqlite::sqlite_exception &e)
 	{
 		throwFrom(e);
 	}
 }
--- a/database/permissionsdaosqlite.h
+++ b/database/permissionsdaosqlite.h
@ -10,6 +10,7 @@ class PermissionsDaoSqlite : public PermissionsDao, protected SqliteDao
 	std::optional<Permissions> find(std::string pagename, std::string username) override;
 	virtual void save(std::string pagename, std::string username, Permissions perms) override;
 	virtual void clearForPage(std::string pagename) override;
 	using SqliteDao::SqliteDao;
 };
--- a/database/queryoption.h
+++ b/database/queryoption.h
@ -13,7 +13,7 @@ class QueryOption
 	unsigned int offset = 0;
 	unsigned int limit = 0;
 	SORT_ORDER order = ASCENDING;
-	bool includeInvisible = true;
+	bool includeUnlisted = true;
 };
 #endif // QUERYOPTION_H
--- a/database/revisiondaosqlite.cpp
+++ b/database/revisiondaosqlite.cpp
@ -52,7 +52,7 @@ std::vector<Revision> RevisionDaoSqlite::getAllRevisions(QueryOption &options)
 	{
 		SqliteQueryOption queryOption{options};
 		std::string queryOptionSql = queryOption.setPrependWhere(true)
-										 .setVisibleColumnName("page.visible")
+										 .setListedColumnName("page.listed")
 										 .setOrderByColumn("creationtime")
 										 .build();
 		auto query =
@ -61,7 +61,8 @@ std::vector<Revision> RevisionDaoSqlite::getAllRevisions(QueryOption &options)
 			   "page.name, revisionid FROM revision INNER JOIN page ON revision.page = page.id " +
 				   queryOptionSql;
 		query >> [&](std::string author, std::string comment, std::string content, time_t creationtime,
-					 std::string page, unsigned int revisionid) {
+					 std::string page, unsigned int revisionid)
 		{
 			Revision r;
 			r.author = author;
 			r.comment = comment;
@ -91,7 +92,7 @@ std::vector<Revision> RevisionDaoSqlite::getAllRevisionsForPage(std::string page
 	{
 		SqliteQueryOption queryOption{option};
 		std::string queryOptionSql = queryOption.setPrependWhere(false)
-										 .setVisibleColumnName("page.visible")
+										 .setListedColumnName("page.listed")
 										 .setOrderByColumn("creationtime")
 										 .build();
 		auto query = *db << "SELECT (SELECT username FROM user WHERE id = author), comment, content, "
@ -101,7 +102,8 @@ std::vector<Revision> RevisionDaoSqlite::getAllRevisionsForPage(std::string page
 						 << pagename;
 		query >> [&](std::string author, std::string comment, std::string content, time_t creationtime,
-					 std::string page, unsigned int revisionid) {
+					 std::string page, unsigned int revisionid)
 		{
 			Revision r;
 			r.author = author;
 			r.comment = comment;
@ -129,9 +131,9 @@ std::optional<Revision> RevisionDaoSqlite::getCurrentForPage(std::string pagenam
 	try
 	{
 		auto query = *db << "SELECT (SELECT username FROM user WHERE id = author), comment, content, "
-							"strftime('%s',creationtime), page, revisionid FROM revision WHERE page = (SELECT id FROM "
+							"strftime('%s',creationtime), page.name, revisionid FROM revision INNER JOIN page ON "
-							"page WHERE name = ? ) AND revisionid = (SELECT lastrevision FROM page WHERE name = ?)";
+							"revision.page = page.id WHERE page.name = ? AND page.lastrevision = revision.revisionid";
-		query << pagename << pagename;
+		query << pagename;
 		query >>
 			std::tie(result.author, result.comment, result.content, result.timestamp, result.page, result.revision);
 	}
@ -155,7 +157,8 @@ std::optional<Revision> RevisionDaoSqlite::getRevisionForPage(std::string pagena
 		auto query =
 			*db
 			<< "SELECT (SELECT username FROM user WHERE id = author), comment, content, strftime('%s',creationtime), "
-			   "page, revisionid FROM revision WHERE page = (SELECT id FROM page WHERE name = ? ) AND revisionid = ?";
+			   "page.name, revisionid FROM revision INNER JOIN page ON revision.page = page.id WHERE page.name = ? AND "
 			   "revisionid = ?  ";
 		query << pagename << revision;
 		query >>
 			std::tie(result.author, result.comment, result.content, result.timestamp, result.page, result.revision);
--- a/database/sessiondao.h
+++ b/database/sessiondao.h
@ -10,6 +10,7 @@ class SessionDao
 	virtual void save(const Session &session) = 0;
 	virtual std::optional<Session> find(std::string token) = 0;
 	virtual void deleteSession(std::string token) = 0;
 	virtual std::vector<Session> fetch() = 0;
 	virtual ~SessionDao()
 	{
 	}
--- a/database/sessiondaosqlite.cpp
+++ b/database/sessiondaosqlite.cpp
@ -50,6 +50,29 @@ void SessionDaoSqlite::deleteSession(std::string token)
 	}
 }
 void SessionDaoSqlite::fillSession(int userid, Session &sess)
 {
 	if(userid > -1)
 	{
 		UserDaoSqlite userDao{*this->db};
 		auto u = userDao.find(userid);
 		if(u)
 		{
 			sess.user = *u;
 		}
 		else
 		{
 			Logger::error() << "Session for non existent user";
 			throw DatabaseQueryException("Session for non existent user");
 		}
 	}
 	else
 	{
 		sess.user = User::Anonymous();
 	}
 	sess.loggedIn = userid != -1;
 }
 std::optional<Session> SessionDaoSqlite::find(std::string token)
 {
 	Session result;
@ -62,25 +85,7 @@ std::optional<Session> SessionDaoSqlite::find(std::string token)
 		int userid;
 		q >> std::tie(userid, result.token, result.csrf_token, result.creation_time);
-		if(userid > -1)
+		fillSession(userid, result);
 		{
 			UserDaoSqlite userDao{this->db};
 			auto u = userDao.find(userid);
 			if(u)
 			{
 				result.user = *u;
 			}
 			else
 			{
 				Logger::error() << "Session for non existent user";
 				throw DatabaseQueryException("Session for non existent user");
 			}
 		}
 		else
 		{
 			result.user = User::Anonymous();
 		}
 		result.loggedIn = userid != -1;
 	}
 	catch(const sqlite::exceptions::no_rows &e)
 	{
@ -92,3 +97,23 @@ std::optional<Session> SessionDaoSqlite::find(std::string token)
 	}
 	return result;
 }
 std::vector<Session> SessionDaoSqlite::fetch()
 {
 	std::vector<Session> result;
 	*db << "SELECT userid, token, csrf_token, strftime('%s', creationtime) FROM session" >>
 		[this, &result](int userid, std::string token, std::string csrf_token, time_t creationtime)
 	{
 		Session tmp;
 		tmp.csrf_token = csrf_token;
 		tmp.token = token;
 		tmp.creation_time = creationtime;
 		fillSession(userid, tmp);
 		result.push_back(tmp);
 	};
 	return result;
 }
--- a/database/sessiondaosqlite.h
+++ b/database/sessiondaosqlite.h
@ -6,11 +6,15 @@
 class SessionDaoSqlite : public SessionDao, protected SqliteDao
 {
 private:
  void fillSession(int userid, Session &sess);
  public:
 	SessionDaoSqlite();
 	void save(const Session &session) override;
 	std::optional<Session> find(std::string token) override;
 	void deleteSession(std::string token) override;
 	std::vector<Session> fetch() override;
 	using SqliteDao::SqliteDao;
 };
--- a/database/sqlite.cpp
+++ b/database/sqlite.cpp
@ -18,23 +18,43 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
 */
 #include <atomic>
 #include "sqlite.h"
 #include "../logger.h"
 #include "pagedaosqlite.h"
 #include "revisiondaosqlite.h"
 #include "sessiondaosqlite.h"
 #include "sqlite_modern_cpp.h"
 #include "userdaosqlite.h"
 #include "categorydaosqlite.h"
 #include "exceptions.h"
 #include "permissionsdaosqlite.h"
 thread_local sqlite::database *Sqlite::db = nullptr;
 std::atomic<int> instances = 0;
 Sqlite::Sqlite(std::string path) : Database(path)
 {
-	this->db = std::make_shared<sqlite::database>(path);
+	instances++;
-
+	if(instances.load() > 1)
-	*db << "PRAGMA journal_mode=WAL;";
+	{
 		std::cerr << "temporal (yeah, right) HACK... only one instance allowed" << std::endl;
 		abort();
 	}
 }
 std::mutex dbmutex;
 sqlite::database &Sqlite::database() const
 {
 	if(Sqlite::db == nullptr)
 	{
 		sqlite::sqlite_config config;
 		config.flags = config.flags | sqlite::OpenFlags::FULLMUTEX;
 		std::lock_guard<std::mutex> dbguard(dbmutex);
 		Sqlite::db = new sqlite::database(this->connnectionstring, config);
 		*Sqlite::db << "PRAGMA journal_mode=WAL;";
 		*Sqlite::db << "PRAGMA busy_timeout=10000;";
 	}
 	return *Sqlite::db;
 }
 std::unique_ptr<RevisionDao> Sqlite::createRevisionDao() const
 {
 	return create<RevisionDaoSqlite>();
@ -67,27 +87,20 @@ std::unique_ptr<PermissionsDao> Sqlite::createPermissionsDao() const
 void Sqlite::beginTransaction()
 {
-	if(!inTransaction)
+	*db << "begin;";
 	{
 		*db << "begin;";
 		inTransaction = true;
 	}
 }
 void Sqlite::rollbackTransaction()
 {
-	if(inTransaction)
+	*db << "rollback;";
 	{
 		*db << "rollback;";
 		inTransaction = false;
 	}
 }
 void Sqlite::commitTransaction()
 {
-	if(inTransaction)
+	*db << "commit;";
-	{
+}
-		*db << "commit;";
+
-		inTransaction = false;
+Sqlite::~Sqlite()
-	}
+{
 	delete this->db;
 }
--- a/database/sqlite.h
+++ b/database/sqlite.h
@ -8,14 +8,15 @@
 class Sqlite : public Database
 {
  private:
-	bool inTransaction = false;
+	static thread_local sqlite::database *db;
 	std::shared_ptr<sqlite::database> db;
 	template <class T> std::unique_ptr<T> create() const
 	{
-		return std::make_unique<T>(db);
+		return std::make_unique<T>(database());
 	}
 	sqlite::database &database() const;
  public:
 	Sqlite(std::string path);
 	std::unique_ptr<PageDao> createPageDao() const;
@ -27,6 +28,7 @@ class Sqlite : public Database
 	void beginTransaction();
 	void commitTransaction();
 	void rollbackTransaction();
 	virtual ~Sqlite();
 };
 #endif // SQLITE_H
--- a/database/sqlitedao.h
+++ b/database/sqlitedao.h
@ -12,20 +12,20 @@
 class SqliteDao
 {
  protected:
-	std::shared_ptr<sqlite::database> db;
+	sqlite::database *db = nullptr;
  public:
 	SqliteDao()
 	{
 	}
-	SqliteDao(std::shared_ptr<sqlite::database> db)
+	SqliteDao(sqlite::database &db)
 	{
-		this->db = db;
+		this->db = &db;
 	}
-	void setDb(std::shared_ptr<sqlite::database> db)
+	void setDb(sqlite::database &db)
 	{
-		this->db = db;
+		this->db = &db;
 	}
 	inline void throwFrom(const sqlite::sqlite_exception &e) const
@ -37,6 +37,8 @@ class SqliteDao
 	bool execBool(sqlite::database_binder &binder) const;
 	int execInt(sqlite::database_binder &binder) const;
 	virtual ~SqliteDao() = default;
 };
 #endif // SQLITEDAO_H
--- a/database/sqlitequeryoption.cpp
+++ b/database/sqlitequeryoption.cpp
@ -31,9 +31,9 @@ SqliteQueryOption &SqliteQueryOption::setOrderByColumn(std::string name)
 	return *this;
 }
-SqliteQueryOption &SqliteQueryOption::setVisibleColumnName(std::string name)
+SqliteQueryOption &SqliteQueryOption::setListedColumnName(std::string name)
 {
-	this->visibleColumnName = name;
+	this->listedColumnName = name;
 	return *this;
 }
@ -50,9 +50,9 @@ std::string SqliteQueryOption::build()
 	{
 		result += "WHERE ";
 	}
-	if(!o.includeInvisible && !this->visibleColumnName.empty())
+	if(!o.includeUnlisted && !this->listedColumnName.empty())
 	{
-		result += this->visibleColumnName + " = 1";
+		result += this->listedColumnName + " = 1";
 	}
 	else
 	{
--- a/database/sqlitequeryoption.h
+++ b/database/sqlitequeryoption.h
@ -7,7 +7,7 @@ class SqliteQueryOption
 {
  private:
 	QueryOption o;
-	std::string visibleColumnName;
+	std::string listedColumnName;
 	std::string orderByColumnName;
 	bool prependWhere;
@ -17,7 +17,7 @@ class SqliteQueryOption
 	SqliteQueryOption &setOrderByColumn(std::string name);
-	SqliteQueryOption &setVisibleColumnName(std::string name);
+	SqliteQueryOption &setListedColumnName(std::string name);
 	SqliteQueryOption &setPrependWhere(bool b);
--- a/dynamic/dynamiccontent.cpp
+++ b/dynamic/dynamiccontent.cpp
@ -1,8 +1,9 @@
 #include "dynamiccontent.h"
-DynamicContent::DynamicContent(Template &templ, Database &database, UrlProvider &provider)
+DynamicContent::DynamicContent(Template &templ, Database &database, UrlProvider &provider, Session &session)
 {
 	this->templ = &templ;
 	this->database = &database;
 	this->urlProvider = &provider;
 	this->userSession = &session;
 }
--- a/dynamic/dynamiccontent.h
+++ b/dynamic/dynamiccontent.h
@ -10,11 +10,12 @@ class DynamicContent
 	Template *templ;
 	Database *database;
 	UrlProvider *urlProvider;
 	Session *userSession;
 	std::string argument;
  public:
-	DynamicContent(Template &templ, Database &database, UrlProvider &urlProvider);
+	DynamicContent(Template &templ, Database &database, UrlProvider &urlProvider, Session &session);
 	virtual std::string render() = 0;
 	virtual void setArgument(std::string argument)
 	{
--- a/dynamic/dynamiccontentfactory.h
+++ b/dynamic/dynamiccontentfactory.h
@ -0,0 +1,30 @@
 #ifndef DYNAMICCONTENTFACTORY_H
 #define DYNAMICCONTENTFACTORY_H
 #include "dynamiccontent.h"
 class DynamicContentFactory
 {
 private:
 	Template *templ;
 	Database *db;
 	UrlProvider *urlProvider;
 	Session *session;
 public:
 	DynamicContentFactory(Template &templ, Database &db, UrlProvider &urlProvider, Session &session)
 	{
 		this->templ = &templ;
 		this->db = &db;
 		this->urlProvider = &urlProvider;
 		this->session = &session;
 	}
 	template <class T> inline std::shared_ptr<T> createDynamicContent()
 	{
 		return std::make_shared<T>(*this->templ, *this->db, *this->urlProvider, *this->session);
 	}
 };
 #endif // DYNAMICCONTENTFACTORY_H_INCLUDED
--- a/dynamic/dynamiccontentgetvar.cpp
+++ b/dynamic/dynamiccontentgetvar.cpp
@ -0,0 +1,11 @@
 #include "dynamiccontentgetvar.h"
 std::string DynamicContentGetVar::render()
 {
 	return (*this->map)[this->argument];
 }
 void DynamicContentGetVar::setMap(std::map<std::string, std::string> &map)
 {
 	this->map = &map;
 }
--- a/dynamic/dynamiccontentgetvar.h
+++ b/dynamic/dynamiccontentgetvar.h
@ -0,0 +1,19 @@
 #ifndef DYNAMICCONTENTGETVAR_H
 #define DYNAMICCONTENTGETVAR_H
 #include "dynamiccontent.h"
 class DynamicContentGetVar : public DynamicContent
 {
  private:
 	std::map<std::string, std::string> *map;
  public:
 	using DynamicContent::DynamicContent;
 	// DynamicContent interface
  public:
 	std::string render();
 	void setMap(std::map<std::string, std::string> &map);
 };
 #endif // DYNAMICCONTENTGETVAR_H
--- a/dynamic/dynamiccontentincludepage.cpp
+++ b/dynamic/dynamiccontentincludepage.cpp
@ -6,9 +6,11 @@ std::string DynamicContentIncludePage::render()
 	auto rev = revisionDao->getCurrentForPage(this->argument);
 	if(rev)
 	{
-		Parser parser;
+		/* Quite dirty */
-		auto result = parser.parse(*this->database->createPageDao(), *this->urlProvider, rev->content);
+		if(rev->content.find("[cmd:allowinclude]1[") != std::string::npos)
-		return result;
+		{
 			return rev->content;
 		}
 	}
 	return {};
 }
--- a/dynamic/dynamiccontentpostlist.cpp
+++ b/dynamic/dynamiccontentpostlist.cpp
@ -6,14 +6,21 @@ std::string DynamicContentPostList::render()
 	auto categoryDao = this->database->createCategoryDao();
 	auto pageDao = this->database->createPageDao();
 	auto revisionDao = this->database->createRevisionDao();
 	auto permissionDao = this->database->createPermissionsDao();
 	QueryOption option;
-	option.includeInvisible = false;
+	option.includeUnlisted = false;
 	auto members = categoryDao->fetchMembers(this->argument, option);
 	std::vector<std::pair<std::string, time_t>> pageList;
-	for(std::string &member : members)
+	for(const Page &member : members)
 	{
-		auto revision = revisionDao->getRevisionForPage(member, 1);
+		Permissions perms = permissionDao->find(member.name, this->userSession->user.login)
-		pageList.push_back({member, revision->timestamp});
+								.value_or(this->userSession->user.permissions);
 		if(perms.canRead()) /* TODO: Maybe add canList() */
 		{
 			auto revision = revisionDao->getRevisionForPage(member.name, 1);
 			pageList.push_back({member.name, revision->timestamp});
 		}
 	}
 	std::sort(pageList.begin(), pageList.end(),
 			  [](std::pair<std::string, time_t> &a, std::pair<std::string, time_t> &b) { return a.second > b.second; });
--- a/dynamic/dynamiccontentsetvar.cpp
+++ b/dynamic/dynamiccontentsetvar.cpp
@ -0,0 +1,21 @@
 #include "dynamiccontentsetvar.h"
 std::string DynamicContentSetVar::render()
 {
 	auto result = utils::split(this->argument, '=');
 	if(result.size() == 2)
 	{
 		this->map->emplace(std::make_pair(result[0], result[1]));
 	}
 	return {};
 }
 void DynamicContentSetVar::setArgument(std::string argument)
 {
 	this->argument = argument;
 }
 void DynamicContentSetVar::setMap(std::map<std::string, std::string> &map)
 {
 	this->map = &map;
 }
--- a/dynamic/dynamiccontentsetvar.h
+++ b/dynamic/dynamiccontentsetvar.h
@ -0,0 +1,17 @@
 #ifndef DYNAMCCONTENTPUSHVAR_H
 #define DYNAMCCONTENTPUSHVAR_H
 #include "dynamiccontent.h"
 class DynamicContentSetVar : public DynamicContent
 {
  private:
 	std::map<std::string, std::string> *map;
  public:
 	using DynamicContent::DynamicContent;
 	std::string render();
 	void setArgument(std::string argument);
 	void setMap(std::map<std::string, std::string> &map);
 };
 #endif // DYNAMCCONTENTPUSHVAR_H
--- a/dynamic/dynamicpostrenderer.cpp
+++ b/dynamic/dynamicpostrenderer.cpp
@ -0,0 +1,73 @@
 #include <chrono>
 #include "dynamicpostrenderer.h"
 #include "../parser.h"
 #include "../utils.h"
 void DynamicPostRenderer::setArgument(std::string argument)
 {
 	auto splitted = utils::split(argument, '|');
 	this->category = splitted[0];
 	if(splitted.size() >= 2)
 	{
 		this->templatepartname = splitted[1];
 	}
 	if(splitted.size() >= 3)
 	{
 		this->customlinkurl = splitted[2];
 	}
 }
 std::string DynamicPostRenderer::linkToPage(std::string page)
 {
 	if(this->customlinkurl.empty())
 	{
 		return this->urlProvider->page(page);
 	}
 	return utils::strreplace(this->customlinkurl, "{page}", page);
 }
 std::string DynamicPostRenderer::render()
 {
 	auto categoryDao = this->database->createCategoryDao();
 	auto pageDao = this->database->createPageDao();
 	auto revisionDao = this->database->createRevisionDao();
 	auto permissionDao = this->database->createPermissionsDao();
 	QueryOption option;
 	option.includeUnlisted = true;
 	auto members = categoryDao->fetchMembers(this->category, option);
 	std::vector<std::pair<std::string, time_t>> pageList;
 	for(const Page &member : members)
 	{
 		Permissions perms = permissionDao->find(member.name, this->userSession->user.login)
 								.value_or(this->userSession->user.permissions);
 		if(perms.canRead())
 		{
 			auto revision = revisionDao->getRevisionForPage(member.name, 1);
 			pageList.push_back({member.name, revision->timestamp});
 		}
 	}
 	std::sort(pageList.begin(), pageList.end(),
 			  [](std::pair<std::string, time_t> &a, std::pair<std::string, time_t> &b) { return a.second > b.second; });
 	std::string entry = this->templ->loadResolvedPart(this->templatepartname);
 	std::stringstream stream;
 	for(auto &pair : pageList)
 	{
 		std::optional<Revision> revision = revisionDao->getCurrentForPage(pair.first);
 		if(revision)
 		{
 			std::string link = linkToPage(pair.first);
 			Parser parser;
 			std::string date = utils::toISODateTime(revision->timestamp);
 			Varreplacer replacer{"{"};
 			replacer.addKeyValue("url", link);
 			replacer.addKeyValue("date", date);
 			replacer.addKeyValue("content", parser.parse(*pageDao, *this->urlProvider,
 														 parser.extractFirstTag("content", revision->content)));
 			stream << replacer.parse(entry);
 		}
 	}
 	return stream.str();
 }
--- a/dynamic/dynamicpostrenderer.h
+++ b/dynamic/dynamicpostrenderer.h
@ -0,0 +1,18 @@
 #ifndef DYNAMICPOSTRENDERER_H
 #define DYNAMICPOSTRENDERER_H
 #include "dynamiccontent.h"
 class DynamicPostRenderer : public DynamicContent
 {
 private:
 	std::string category;
 	std::string customlinkurl;
 	std::string templatepartname = "dynamic/categoryrendererentry";
  public:
 	using DynamicContent::DynamicContent;
 	std::string render() override;
 	void setArgument(std::string argument) override;
 	std::string linkToPage(std::string page);
 };
 #endif // DYNAMICPOSTRENDERER_H
--- a/gateway/httpgateway.h
+++ b/gateway/httpgateway.h
@ -1,5 +1,8 @@
 #ifndef HTTPGATEWAY_H
 #define HTTPGATEWAY_H
 #define CPPHTTPLIB_FORM_URL_ENCODED_PAYLOAD_MAX_LENGTH 65536
 #include <httplib.h>
 #include "gatewayinterface.h"
 #include "../requestworker.h"
--- a/grouper.cpp
+++ b/grouper.cpp
--- a/grouper.h
+++ b/grouper.h
@ -0,0 +1,26 @@
 #include "utils.h"
 template<class G, class V, class C>
 class Grouper
 {
 	std::map<G, std::vector<const V*>, C> results;
 public:
 	Grouper(C c)
 	{
 		results = std::map<G, std::vector<const V*>, C>(c);
 	}
 	void group(const std::function<G(const V&)> &map, const std::vector<V> &values)
 	{
 		for(const V &v : values)
 		{
 			results[map(v)].push_back(&v);
 		}
 	}
 	std::map<G, std::vector<const V*>, C> &getResults()
 	{
 		return this->results;
 	}
 };
--- a/handlers/handler.cpp
+++ b/handlers/handler.cpp
@ -53,7 +53,7 @@ std::string Handler::createPageTitle(std::string title)
 QueryOption Handler::queryOption(const Request &r, SORT_ORDER defaultSort) const
 {
 	QueryOption result;
-	result.includeInvisible = false;
+	result.includeUnlisted = false;
 	try
 	{
 		result.limit = utils::toUInt(r.get("limit"));
@ -98,7 +98,10 @@ Response Handler::handle(const Request &r)
 Permissions Handler::effectivePermissions(std::string page)
 {
-	return this->database->createPermissionsDao()
+	Permissions &userPerms = this->userSession->user.permissions;
-		->find(page, this->userSession->user.login)
+	if(userPerms.isAdmin())
-		.value_or(this->userSession->user.permissions);
+	{
 		return userPerms;
 	}
 	return this->database->createPermissionsDao()->find(page, this->userSession->user.login).value_or(userPerms);
 }
--- a/handlers/handlerallpages.cpp
+++ b/handlers/handlerallpages.cpp
@ -19,6 +19,8 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
 */
 #include "handlerallpages.h"
 #include "../grouper.h"
 #include "../pagelistrenderer.h"
 Response HandlerAllPages::handleRequest(const Request &r)
 {
@ -27,17 +29,21 @@ Response HandlerAllPages::handleRequest(const Request &r)
 		Response response;
 		auto pageDao = this->database->createPageDao();
 		QueryOption qo = queryOption(r);
-		auto resultList = pageDao->getPageList(qo);
+		std::vector<Page> pageList = pageDao->getPageList(qo);
-		if(resultList.size() == 0)
+		if(pageList.size() == 0)
 		{
 			return errorResponse("No pages", "This wiki does not have any pages yet");
 		}
-		TemplatePage searchPage = this->templ->getPage("allpages");
+		
-		std::string body = this->templ->renderSearch(resultList);
+		PageListRenderer pagelistrender(*this->templ, *this->urlProvider, *this->database);
-		searchPage.setVar("pagelist", body);
+		TemplatePage allPages = this->templ->getPage("allpages");
-		searchPage.setVar("title", createPageTitle("All pages"));
+		allPages.setVar("pagelistcontent", pagelistrender.render(pageList, r.get("rendertype")));
-		setGeneralVars(searchPage);
+		allPages.setVar("pagelistletterlink", this->urlProvider->allPages(PageListRenderer::RENDER_GROUP_BY_LETTER));
-		response.setBody(searchPage.render());
+		allPages.setVar("pagelistcreationdatelink",  this->urlProvider->allPages(PageListRenderer::RENDER_GROUP_BY_CREATIONDATE));
 		allPages.setVar("title", createPageTitle("All pages"));
 		setGeneralVars(allPages);
 		response.setBody(allPages.render());
 		response.setStatus(200);
 		return response;
 	}
--- a/handlers/handlercategory.cpp
+++ b/handlers/handlercategory.cpp
@ -19,6 +19,7 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
 */
 #include "handlercategory.h"
 #include "../pagelistrenderer.h"
 Response HandlerCategory::handleRequest(const Request &r)
 {
@ -34,8 +35,12 @@ Response HandlerCategory::handleRequest(const Request &r)
 		QueryOption qo = queryOption(r);
 		auto resultList = categoryDao->fetchMembers(categoryname, qo);
 		TemplatePage searchPage = this->templ->getPage("show_category");
-		std::string body = this->templ->renderSearch(resultList);
+		PageListRenderer pagelistrender(*this->templ, *this->urlProvider, *this->database);
-		searchPage.setVar("pagelist", body);
+
 		std::string body = pagelistrender.render(resultList, r.get("rendertype"));
 		searchPage.setVar("pagelistcontent", body);
 		searchPage.setVar("pagelistletterlink", this->urlProvider->category(categoryname, PageListRenderer::RENDER_GROUP_BY_LETTER));
 		searchPage.setVar("pagelistcreationdatelink",  this->urlProvider->category(categoryname, PageListRenderer::RENDER_GROUP_BY_CREATIONDATE));
 		searchPage.setVar("categoryname", categoryname);
 		setGeneralVars(searchPage);
 		searchPage.setVar("title", createPageTitle("Category: " + categoryname));
--- a/handlers/handlerfeedgenerator.cpp
+++ b/handlers/handlerfeedgenerator.cpp
@ -1,16 +1,19 @@
 #include "handlerfeedgenerator.h"
-#include "../parser.h"
+#include "../revisionrenderer.h"
 std::vector<HandlerFeedGenerator::EntryRevisionPair> HandlerFeedGenerator::fetchEntries(
 	std::vector<std::string> categories)
 {
 	auto revisionDao = this->database->createRevisionDao();
 	auto pageDao = this->database->createPageDao();
 	auto permissionDao = this->database->createPermissionsDao();
 	std::vector<EntryRevisionPair> result;
 	QueryOption option;
-	option.includeInvisible = false;
+	option.includeUnlisted = true;
 	// option.limit = 20;
-	std::set<std::string> members;
+
 	auto comppage = [](const Page &a, const Page &b) { return a.name < b.name; };
 	std::set<Page, decltype(comppage)> members(comppage);
 	if(categories.empty())
 	{
 		auto pages = pageDao->getPageList(option);
@ -29,11 +32,18 @@ std::vector<HandlerFeedGenerator::EntryRevisionPair> HandlerFeedGenerator::fetch
 			std::copy(catmembers.begin(), catmembers.end(), std::inserter(members, members.end()));
 		}
 	}
-	for(const std::string &member : members)
+	for(const Page &member : members)
 	{
-		auto page = pageDao->find(member).value();
+		if(member.feedlisted)
-		auto revision = revisionDao->getRevisionForPage(page.name, 1).value();
+		{
-		result.push_back({page, revision});
+			Permissions perms = permissionDao->find(member.name, this->userSession->user.login)
 									.value_or(this->userSession->user.permissions);
 			if(perms.canRead())
 			{
 				auto revision = revisionDao->getRevisionForPage(member.name, 1).value();
 				result.push_back({member, revision});
 			}
 		}
 	}
 	std::sort(result.begin(), result.end(),
 			  [](EntryRevisionPair &a, EntryRevisionPair &b) { return a.second.timestamp > b.second.timestamp; });
@ -66,6 +76,8 @@ std::string HandlerFeedGenerator::generateAtom(const std::vector<HandlerFeedGene
 		subtitle = "All pages";
 	}
 	RevisionRenderer revisionRenderer{*this->templ, *this->database, *this->urlProvider, *this->userSession};
 	for(const EntryRevisionPair &entry : entries)
 	{
 		const Page &page = entry.first;
@ -77,17 +89,15 @@ std::string HandlerFeedGenerator::generateAtom(const std::vector<HandlerFeedGene
 			newestPublished = initialRevision.timestamp;
 		}
 		std::string entryPublished = utils::formatLocalDate(initialRevision.timestamp, dateformat) + "Z";
 		std::string entryUpdated = utils::formatLocalDate(current.timestamp, dateformat) + "Z";
 		std::string entryurl =
 			this->urlProvider->combine({this->urlProvider->rootUrl(), this->urlProvider->page(page.name)});
 		TemplatePage atomentry = this->templ->getPage("feeds/atomentry");
-		atomentry.setVar("entrytitle", utils::html_xss(page.title));
+		atomentry.setVar("entrytitle", page.title);
 		atomentry.setVar("entryurl", utils::html_xss(entryurl));
 		atomentry.setVar("entryid", utils::html_xss(entryurl));
 		atomentry.setVar("entrypublished", entryPublished);
-		atomentry.setVar("entryupdated", entryUpdated);
+		atomentry.setVar("entryupdated", entryPublished);
-		Parser parser;
+		atomentry.setVar("entrycontent", utils::html_xss(revisionRenderer.renderContent(current, page.title)));
 		atomentry.setVar("entrycontent", utils::html_xss(parser.parse(*pageDao, *this->urlProvider, current.content)));
 		stream << atomentry.render();
 	}
 	stream << atomfooter;
--- a/handlers/handlerpage.cpp
+++ b/handlers/handlerpage.cpp
@ -27,7 +27,18 @@ Response HandlerPage::handle(const Request &r)
 	auto pageDao = this->database->createPageDao();
 	if(pagename.empty())
 	{
-		return errorResponse("No page given", "No page given to request");
+		std::string title = r.get("title");
 		if(title.empty())
 		{
 			return errorResponse("No page given", "No page given to request");
 		}
 		title = utils::strreplace(title, "-", " ");
 		auto page = pageDao->findByTitle(title);
 		if(!page)
 		{
 			return errorResponse("No page by such title", "No page with such title exists");
 		}
 		pagename = page->name;
 	}
 	if(pageMustExist() && !pageDao->exists(pagename))
--- a/handlers/handlerpageedit.cpp
+++ b/handlers/handlerpageedit.cpp
@ -23,6 +23,8 @@ SOFTWARE.
 #include "../request.h"
 #include "../parser.h"
 #include "../revisionrenderer.h"
 bool HandlerPageEdit::canAccess([[maybe_unused]] std::string page)
 {
 	return effectivePermissions(page).canEdit();
@ -41,7 +43,7 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
 		return errorResponse("No permission", "You don't have permission to create new pages");
 	}
 	auto revisiondao = this->database->createRevisionDao();
-	auto revision = this->database->createRevisionDao()->getCurrentForPage(pagename);
+	auto revision = revisiondao->getCurrentForPage(pagename);
 	std::string body;
 	unsigned int current_revision = 0;
@ -50,6 +52,16 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
 		body = revision->content;
 		current_revision = revision->revision;
 	}
 	std::string from = r.get("frompage");
 	if(!from.empty())
 	{
 		if(!effectivePermissions(from).canRead())
 		{
 			return this->errorResponse("Permission denied",
 									   "No access permissions, so you can't use this page as a template");
 		}
 		body = revisiondao->getCurrentForPage(from)->content;
 	}
 	if(r.getRequestMethod() == "POST")
 	{
 		if(r.post("do") == "submit")
@ -64,9 +76,27 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
 			try
 			{
 				this->database->beginTransaction();
 				std::string visiblecmd = parser.extractCommand("visible", newContent);
 				std::string listedcmd = parser.extractCommand("listed", newContent);
 				/* Backwarts compatibility */
 				if(listedcmd.empty())
 				{
 					listedcmd = visiblecmd;
 				}
 				std::string feedlistedcmd = parser.extractCommand("feedlisted", newContent);
 				std::string rename = parser.extractCommand("rename", newContent);
 				std::string customtitle = parser.extractCommand("pagetitle", newContent);
 				std::string parentpage = parser.extractCommand("parentpage", newContent);
 				std::vector<std::string> perms = parser.extractCommands("permissions", newContent);
 				if(parentpage != "" && !pageDao.find(parentpage))
 				{
 					return this->errorResponse("Invalid parent",
 											   "Specified parent page " + parentpage + " does not exist");
 				}
 				Page page;
 				std::optional<Page> currentPage = pageDao.find(pagename);
 				if(currentPage)
@ -81,10 +111,48 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
 					}
 					pagename = rename;
 				}
 				std::vector<std::pair<std::string, Permissions>> collectedPermissions;
 				auto permissionDao = this->database->createPermissionsDao();
 				for(const std::string &perm : perms)
 				{
 					auto splitted = utils::split(perm, '|');
 					if(splitted.size() != 2)
 					{
 						return this->errorResponse("Invalid command", "permissions command is misformated");
 					}
 					auto currentPermission = permissionDao->find(pagename, splitted[0]);
 					Permissions newPermissions = Permissions{splitted[1]};
 					if(!currentPermission || newPermissions != currentPermission.value())
 					{
 						if(!this->userSession->user.permissions.canSetPagePerms())
 						{
 							this->database->rollbackTransaction();
 							return errorResponse("Permission denied",
 												 "You don't have permission to change permissions. Don't touch the "
 												 "permission commands");
 						}
 					}
 					collectedPermissions.emplace_back(splitted[0], newPermissions);
 				}
 				if(this->userSession->user.permissions.canSetPagePerms())
 				{
 					permissionDao->clearForPage(pagename);
 					for(auto &perms : collectedPermissions)
 					{
 						permissionDao->save(pagename, perms.first, perms.second);
 					}
 				}
 				page.current_revision = current_revision;
-				page.listed = !(visiblecmd == "0");
+				page.listed = !(listedcmd == "0");
 				page.feedlisted = !(feedlistedcmd == "0");
 				page.name = pagename;
 				page.title = customtitle;
 				page.parentpage = parentpage;
 				if(page.title.empty())
 				{
 					page.title = page.name;
@ -105,6 +173,7 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
 			}
 			catch(const DatabaseException &e)
 			{
 				this->database->rollbackTransaction();
 				Logger::debug() << "Error saving revision: " << e.what();
 				return errorResponse("Database error", "A database error occured while trying to save this revision");
 			}
@ -115,12 +184,16 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
 		{
 			std::string newContent = r.post("content");
 			Parser parser;
 			std::string title = parser.extractCommand("pagetitle", newContent);
 			TemplatePage templatePage = this->templ->getPage("page_creation_preview");
 			templatePage.setVar("actionurl", urlProvider->editPage(pagename));
-			templatePage.setVar("preview_content", parser.parse(pageDao, *this->urlProvider, newContent));
+
 			RevisionRenderer revisionRenderer{*this->templ, *this->database, *this->urlProvider, *this->userSession};
 			templatePage.setVar("preview_content", revisionRenderer.renderContent(newContent));
 			templatePage.setVar("content", newContent);
 			setPageVars(templatePage, pagename);
-			templatePage.setVar("title", createPageTitle("Preview: " + pagename));
+			templatePage.setVar("title", createPageTitle("Preview: " + title));
 			templatePage.setVar("comment", r.post("comment"));
 			Response response;
 			response.setBody(templatePage.render());
--- a/handlers/handlerpageview.cpp
+++ b/handlers/handlerpageview.cpp
@ -25,6 +25,10 @@ SOFTWARE.
 #include "../htmllink.h"
 #include "../dynamic/dynamiccontentpostlist.h"
 #include "../dynamic/dynamiccontentincludepage.h"
 #include "../dynamic/dynamiccontentsetvar.h"
 #include "../dynamic/dynamiccontentgetvar.h"
 #include "../revisionrenderer.h"
 bool HandlerPageView::canAccess(std::string page)
 {
 	return effectivePermissions(page).canRead();
@ -56,7 +60,7 @@ std::string HandlerPageView::createIndexContent(IParser &parser, std::string con
 		}
 		previous = h.level;
 		HtmlLink link;
-		link.href = "#" + h.title;
+		link.href = "#" + utils::strreplace(h.title, " ", "");
 		link.innervalue = h.title;
 		link.cssclass = "indexlink";
 		indexcontent += "<li>" + link.render() + "</li>";
@ -87,19 +91,20 @@ Response HandlerPageView::handleRequest(PageDao &pageDao, std::string pagename,
 	std::optional<Revision> revision;
 	std::string templatepartname;
 	auto revisionDao = this->database->createRevisionDao();
 	try
 	{
 		if(revisionid > 0)
 		{
 			if(!effectivePermissions(pagename).canSeePageHistory())
 			{
-				auto current = this->database->createRevisionDao()->getCurrentForPage(pagename);
+				auto current = revisionDao->getCurrentForPage(pagename);
 				if(current && current->revision > revisionid)
 				{
 					return errorResponse("Error", "You are not allowed to view older revisions of this page");
 				}
 			}
-			revision = this->database->createRevisionDao()->getRevisionForPage(pagename, revisionid);
+			revision = revisionDao->getRevisionForPage(pagename, revisionid);
 			if(!revision)
 			{
 				return errorResponse("Revision not found", "No such revision found");
@ -119,7 +124,7 @@ Response HandlerPageView::handleRequest(PageDao &pageDao, std::string pagename,
 					return r;
 				}
 			}
-			revision = this->database->createRevisionDao()->getCurrentForPage(pagename);
+			revision = revisionDao->getCurrentForPage(pagename);
 			templatepartname = "page_view";
 		}
 	}
@ -129,63 +134,19 @@ Response HandlerPageView::handleRequest(PageDao &pageDao, std::string pagename,
 		return errorResponse("Database error", "While trying to fetch revision, a database error occured");
 	}
 	TemplatePage page = this->templ->getPage(templatepartname);
 	Parser parser;
 	Response result;
 	result.setStatus(200);
 	std::string indexcontent;
 	std::string parsedcontent;
-	std::function<std::string(std::string_view, std::string_view)> dynamicParseCallback =
+	RevisionRenderer revisionRenderer{*this->templ, *this->database, *this->urlProvider, *this->userSession};
-		[&](std::string_view key, std::string_view value) -> std::string
+
 	{
 		if(key == "dynamic:postlist")
 		{
 			std::shared_ptr<DynamicContentPostList> postlist = createDynamic<DynamicContentPostList>();
 			postlist->setArgument(std::string(value));
 			return postlist->render();
 		}
 		if(key == "dynamic:includepage")
 		{
 			std::shared_ptr<DynamicContentIncludePage> includePage = createDynamic<DynamicContentIncludePage>();
 			includePage->setArgument(std::string(value));
 			return includePage->render();
 		}
 		return std::string{};
 	};
 	if(revisionid > 0)
 	{
 		indexcontent = createIndexContent(parser, revision->content);
 		parsedcontent = parser.parse(pageDao, *this->urlProvider, revision->content, dynamicParseCallback);
 	}
 	else
 	{
 		std::string cachekeyindexcontent = "page:indexcontent:" + pagename;
 		std::string cachekeyparsedcontent = "page:parsedcontent:" + pagename;
 		auto cachedindexcontent = this->cache->get(cachekeyindexcontent);
 		auto cachedparsedcontent = this->cache->get(cachekeyparsedcontent);
 		if(cachedindexcontent)
 		{
 			indexcontent = *cachedindexcontent;
 		}
 		else
 		{
 			indexcontent = createIndexContent(parser, revision->content);
 			this->cache->put(cachekeyindexcontent, indexcontent);
 		}
 		if(cachedparsedcontent)
 		{
 			parsedcontent = *cachedparsedcontent;
 		}
 		else
 		{
 			parsedcontent = parser.parse(pageDao, *this->urlProvider, revision->content, dynamicParseCallback);
 			this->cache->put(cachekeyparsedcontent, parsedcontent);
 		}
 	}
 	std::string revisionstr = std::to_string(revision->revision);
 	std::string customtitle = parser.extractCommand("pagetitle", revision->content);
 	std::string parsedcontent = revisionRenderer.renderContent(revision.value(), customtitle);
 	/* TODO: Dynamic includes not considered, probably fine in practise */
 	std::string indexcontent = createIndexContent(parser, revision->content);
 	std::string revisionstr = std::to_string(revision->revision);
 	TemplatePage page = this->templ->getPage(templatepartname);
 	page.setVar("content", parsedcontent);
 	page.setVar("index", indexcontent);
 	page.setVar("editedby", revision->author);
--- a/iparser.h
+++ b/iparser.h
@ -15,7 +15,10 @@ class IParser
 	}
  public:
 	virtual std::string extractFirstTag(std::string tagname, const std::string &content) const = 0;
 	virtual std::string extractCommand(std::string cmdname, const std::string &content) const = 0;
 	virtual std::vector<std::string> extractCommands(std::string cmdname, const std::string &content) const = 0;
 	virtual std::vector<Headline> extractHeadlines(const std::string &content) const = 0;
 	virtual inline std::string parse(const PageDao &pagedao, UrlProvider &provider, const std::string &content) const
 	{
@ -23,6 +26,10 @@ class IParser
 	}
 	virtual std::string parse(const PageDao &pagedao, UrlProvider &provider, const std::string &content,
 							  const std::function<std::string(std::string_view, std::string_view)> &callback) const = 0;
 	virtual std::string parseDynamics(
 		const std::string &content,
 		const std::function<std::string(std::string_view, std::string_view)> &callback) const = 0;
 	virtual std::vector<std::string> extractCategories(const std::string &content) const = 0;
 	virtual ~IParser(){};
--- a/logger.h
+++ b/logger.h
@ -7,8 +7,8 @@ class Logger
  private:
 	class LogEntry
 	{
-		bool headerSent;
+		bool headerSent = false;
-		std::ostream *out;
+		std::ostream *out = nullptr;
 		std::string prefix;
 	  public:
--- a/page.h
+++ b/page.h
@ -8,7 +8,9 @@ class Page
 	Page();
 	std::string name;
 	std::string title;
 	std::string parentpage;
 	bool listed;
 	bool feedlisted;
 	unsigned int current_revision;
 	unsigned int pageid;
 };
--- a/pagelistrenderer.cpp
+++ b/pagelistrenderer.cpp
@ -0,0 +1,66 @@
 #include "pagelistrenderer.h"
 #include "grouper.h"
 PageListRenderer::PageListRenderer(Template &templ, UrlProvider &provider, Database &database)
 {
 	this->templ = &templ;
 	this->urlProvider = &provider;
 	this->database = &database;
 }
 std::string PageListRenderer::render(const std::vector<Page> &pagelist, std::string type) const
 {
 	TemplatePage pagelistrendergroup = this->templ->loadResolvedPart("pagelistrender_group");
 	TemplatePage pagelistlink = this->templ->loadResolvedPart("pagelistrender_link");
 	std::function<bool(const std::string &, const std::string &)> lesser = [](const std::string &a, const std::string &b) -> bool {
 		return a < b;
 	};
 	std::function<bool(const std::string &, const std::string &)> greater = [](const std::string &a, const std::string &b) -> bool {
 		return a > b;
 	};
 	using Grouper = Grouper<std::string, Page, std::function<bool(const std::string &,const std::string &)>>;
 	Grouper grouper = (type == "letter") ? Grouper(lesser) : Grouper(greater);
 	if(type == "letter")
 	{
 		auto az = [&](const Page &p) -> std::string {
 			int upper = toupper(p.title[0]); // TODO: this is not unicode safe.
 			return { (char)upper };
 		};
 		grouper.group(az, pagelist);
 	}
 	else
 	{
 		auto revisionDao = this->database->createRevisionDao();
 		auto creationdate = [&revisionDao](const Page &p) -> std::string {
 			return utils::formatLocalDate(revisionDao->getRevisionForPage(p.name, 1).value().timestamp, "%Y-%m");
 		};
 		grouper.group(creationdate, pagelist);
 	}
 	std::stringstream stream;
 	std::string lastGroup = "";
 	for(auto &entry : grouper.getResults())
 	{
 		std::string groupname = entry.first;
 		const std::vector<const Page*> &pages = entry.second;
 		if(lastGroup != groupname)
 		{
 			lastGroup = groupname;
 			pagelistrendergroup.setVar("groupname", groupname);
 			stream << pagelistrendergroup.render();
 		}
 		for(const Page *p : pages)
 		{
 			pagelistlink.setVar("inner", p->title);
 			pagelistlink.setVar("href", this->urlProvider->page(p->name));
 			stream << pagelistlink.render();
 		}
 	}
 	return stream.str();
 }
--- a/pagelistrenderer.h
+++ b/pagelistrenderer.h
@ -0,0 +1,27 @@
 #ifndef PAGELISTRENDERER_H
 #define PAGELISTRENDERER_H
 #include "utils.h"
 #include "page.h"
 #include "template.h"
 #include "htmllink.h"
 #include "urlprovider.h"
 #include "database/database.h"
 class PageListRenderer
 {
 private:
 	Template *templ;
 	UrlProvider *urlProvider;
 	Database *database;
 public:
 	PageListRenderer(Template &templ, UrlProvider &provider, Database &database);
 	std::string render(const std::vector<Page> &pages, std::string type) const;
 	inline static const std::string RENDER_GROUP_BY_LETTER { "letter" };
 	inline static const std::string RENDER_GROUP_BY_CREATIONDATE { "creationdate" };
 };
 #endif
--- a/parser.cpp
+++ b/parser.cpp
@ -30,7 +30,8 @@ SOFTWARE.
 std::vector<Headline> Parser::extractHeadlines(const std::string &content) const
 {
 	std::vector<Headline> result;
-	std::string reg = R"(\[h(1|2|3)\](.*?)\[/h\1\])";
+
 	std::string reg = R"(\[h(1|2|3)\](\[.*?\])*(.*?)(\[.*?\])*\[\/h\1\])";
 	std::regex headerfinder(reg);
 	auto begin = std::sregex_iterator(content.begin(), content.end(), headerfinder);
 	auto end = std::sregex_iterator();
@ -40,7 +41,7 @@ std::vector<Headline> Parser::extractHeadlines(const std::string &content) const
 		auto smatch = *it;
 		Headline h;
 		h.level = utils::toUInt(smatch.str(1));
-		h.title = smatch.str(2);
+		h.title = smatch.str(3);
 		result.push_back(h);
 	}
 	return result;
@ -62,11 +63,10 @@ std::vector<std::string> Parser::extractCategories(const std::string &content) c
 	return result;
 }
-std::string Parser::extractCommand(std::string cmdname, const std::string &content) const
+std::string Parser::extractFirstTag(std::string tagname, const std::string &content) const
 {
-	std::string cmd = "[cmd:" + cmdname + "]";
+	std::string cmd = "[" + tagname + "]";
-	std::string cmdend = "[/cmd:" + cmdname + "]";
+	std::string cmdend = "[/" + tagname + "]";
 	std::string_view view = content;
 	size_t pos = 0;
 	if((pos = view.find(cmd)) != std::string::npos)
@ -81,6 +81,34 @@ std::string Parser::extractCommand(std::string cmdname, const std::string &conte
 	}
 	return "";
 }
 std::string Parser::extractCommand(std::string cmdname, const std::string &content) const
 {
 	return extractFirstTag("cmd:" + cmdname, content);
 }
 std::vector<std::string> Parser::extractCommands(std::string cmdname, const std::string &content) const
 {
 	std::vector<std::string> result;
 	std::string cmd = "[cmd:" + cmdname + "]";
 	std::string cmdend = "[/cmd:" + cmdname + "]";
 	std::string_view view = content;
 	size_t pos = 0;
 	while((pos = view.find(cmd)) != std::string::npos)
 	{
 		view.remove_prefix(pos);
 		view.remove_prefix(cmd.size());
 		if((pos = view.find(cmdend)) != std::string::npos)
 		{
 			result.emplace_back(view.substr(0, pos));
 		}
 	}
 	return result;
 }
 std::string Parser::processLink(const PageDao &pageDao, UrlProvider &urlProvider, std::smatch &match) const
 {
 	std::string linktag = match.str(1);
@ -116,37 +144,102 @@ std::string Parser::processLink(const PageDao &pageDao, UrlProvider &urlProvider
 	return htmllink.render();
 }
 std::string Parser::processImage(std::smatch &match) const
 {
 	std::string tag = match.str(1);
 	std::string inside = match.str(2);
 	std::vector<std::string> splitted = utils::split(inside, '|');
 	std::string width;
 	std::string height;
 	std::string src;
 	if(splitted.size() == 3)
 	{
 		width = splitted[0];
 		height = splitted[1];
 		src = splitted[2];
 	}
 	else
 	{
 		src = splitted[0];
 	}
 	if(!width.empty() && !height.empty())
 	{
 		return "<img src=\"" + src + "\" width=\"" + width + "\" height=\"" + height + "\"/>";
 	}
 	return "<img src=\"" + src + "\"/>";
 }
 std::string Parser::parse(const PageDao &pagedao, UrlProvider &provider, const std::string &content,
 						  const std::function<std::string(std::string_view, std::string_view)> &callback) const
 {
 	std::string result;
 	// we don't care about commands, but we nevertheless replace them with empty strings
 	std::regex tagfinder(
-		R"(\[(b|i|u|li||ul|ol|link|wikilink|h\d|cmd:rename|cmd:redirect|cmd:pagetitle|category|dynamic:postlist|dynamic:includepage)*?\]((\s|\S)*?)\[/\1])");
+		R"(\[(b|i|u|s|li|p|br|ul|ol|code|blockquote|img|link|wikilink|h\d|cmd:visible|cmd:listed|cmd:feedlisted|cmd:rename|cmd:redirect|cmd:pagetitle|cmd:allowinclude|cmd:permissions|cmd:parentpage|content|category|dynamic:postlist|dynamic:includepage|dynamic:getvar|dynamic:setvar)*?\]((\s|\S)*?)\[/\1](\r\n)*)");
 	const std::string justreplace[] = {"b", "i", "u", "p", "br", "ul", "li", "ol"};
 	result = utils::regex_callback_replacer(
 		tagfinder, content,
 		[&](std::smatch &match)
 		{
 			std::string tag = match.str(1);
 			std::string content = match.str(2);
-			std::string justreplace[] = {"b", "i", "u", "ul", "li", "ol"};
+
-			content = parse(pagedao, provider, content, callback);
+			std::string newlines = match.str(4);
 			if(newlines == "\r\n")
 			{
 				newlines = "<br>";
 			}
 			if(tag == "br")
 			{
 				return std::string("<br>");
 			}
 			if(tag != "code" && tag != "blockquote")
 			{
 				content = parse(pagedao, provider, content, callback);
 			}
 			/* [content] just helps extracting the actual content of a page, pretty much noop otherwise */
 			if(tag == "content")
 			{
 				return parse(pagedao, provider, content, callback);
 			}
 			if(std::find(std::begin(justreplace), std::end(justreplace), tag) != std::end(justreplace))
 			{
-				return "<" + tag + ">" + content + "</" + tag + ">";
+				if(tag == "p" || tag == "br")
 				{
 					newlines = "";
 				}
 				return "<" + tag + ">" + content + "</" + tag + ">" + newlines;
 			}
 			if(tag == "link" || tag == "wikilink")
 			{
-				return this->processLink(
+				return this->processLink(pagedao, provider,
-					pagedao, provider,
+										 match) +
-					match); // TODO: recreate this so we don't check inside the function stuff again
+					   newlines; // TODO: recreate this so we don't check inside the function stuff again
 			}
 			if(tag == "img")
 			{
 				return this->processImage(match);
 			}
 			if(tag[0] == 'h')
 			{
-				return "<" + tag + " id='" + content + "'>" + content + "</" + tag + ">";
+				return "<" + tag + " id='" + utils::strreplace(content, " ", "") + "'>" + content + "</" + tag + ">";
 			}
 			if(tag == "code" || tag == "blockquote")
 			{
 				return "<pre><" + tag + ">" + utils::strreplace(content, "\r\n", "\n") + "</" + tag + "></pre>";
 			}
 			return callback(tag, content);
 		});
 	result = utils::strreplace(result, "\r\n", "<br>");
 	return result;
 }
 std::string Parser::parseDynamics(const std::string &content,
 								  const std::function<std::string(std::string_view, std::string_view)> &callback) const
 {
 	std::regex tagfinder(R"(\[(dynamic:\w+)*?\]((\s|\S)*?)\[/\1])");
 	return utils::regex_callback_replacer(tagfinder, content,
 										  [&](std::smatch &match) { return callback(match.str(1), match.str(2)); });
 }
--- a/parser.h
+++ b/parser.h
@ -6,15 +6,21 @@ class Parser : public IParser
 {
  private:
 	std::string processLink(const PageDao &pageDao, UrlProvider &urlProvider, std::smatch &match) const;
 	std::string processImage(std::smatch &match) const;
  public:
-	std::string extractCommand(std::string cmdname, const std::string &content) const;
+	std::string extractFirstTag(std::string tagname, const std::string &content) const override;
 	std::string extractCommand(std::string cmdname, const std::string &content) const override;
 	std::vector<std::string> extractCommands(std::string cmdname, const std::string &content) const override;
 	std::vector<Headline> extractHeadlines(const std::string &content) const override;
 	std::vector<std::string> extractCategories(const std::string &content) const override;
 	using IParser::parse;
 	virtual std::string parse(
 		const PageDao &pagedao, UrlProvider &provider, const std::string &content,
 		const std::function<std::string(std::string_view, std::string_view)> &callback) const override;
 	std::string parseDynamics(
 		const std::string &content,
 		const std::function<std::string(std::string_view, std::string_view)> &callback) const override;
 	using IParser::IParser;
 };
--- a/permissions.cpp
+++ b/permissions.cpp
@ -20,7 +20,8 @@ SOFTWARE.
 */
 #include "permissions.h"
-static const std::map<std::string, int> permmap = {{"can_read", PERM_CAN_READ},
+static const std::map<std::string, int> permmap = {{"can_nothing", PERM_CAN_NOTHING},
 												   {"can_read", PERM_CAN_READ},
 												   {"can_edit", PERM_CAN_EDIT},
 												   {"can_page_history", PERM_CAN_PAGE_HISTORY},
 												   {"can_global_history", PERM_CAN_GLOBAL_HISTORY},
@ -29,7 +30,8 @@ static const std::map<std::string, int> permmap = {{"can_read", PERM_CAN_READ},
 												   {"can_create", PERM_CAN_CREATE},
 												   {"can_see_category_list", PERM_CAN_SEE_CATEGORY_LIST},
 												   {"can_see_links_here", PERM_CAN_SEE_LINKS_HERE},
-												   {"can_search", PERM_CAN_SEARCH}};
+												   {"can_search", PERM_CAN_SEARCH},
 												   {"can_set_page_perms", PERM_CAN_SET_PAGE_PERMS}};
 Permissions::Permissions(int permissions)
 {
--- a/permissions.h
+++ b/permissions.h
@ -1,6 +1,7 @@
 #ifndef PERMISSIONS_H
 #define PERMISSIONS_H
 #define PERM_CAN_NOTHING 0
 #define PERM_CAN_READ 1 << 0
 #define PERM_CAN_EDIT 1 << 1
 #define PERM_CAN_PAGE_HISTORY 1 << 2
@ -11,6 +12,8 @@
 #define PERM_CAN_SEE_CATEGORY_LIST 1 << 7
 #define PERM_CAN_SEE_LINKS_HERE 1 << 8
 #define PERM_CAN_SEARCH 1 << 9
 #define PERM_CAN_SET_PAGE_PERMS 1 << 10
 #define PERM_IS_ADMIN (1L<<31)-1
 #include <string>
 #include <map>
@ -54,10 +57,16 @@ class Permissions
 		return this->permissions;
 	}
 	bool canNothing() const
 	{
 		return this->permissions == PERM_CAN_NOTHING;
 	}
 	bool canRead() const
 	{
 		return this->permissions & PERM_CAN_READ;
 	}
 	bool canEdit() const
 	{
 		return this->permissions & PERM_CAN_EDIT;
@ -95,12 +104,27 @@ class Permissions
 		return this->permissions & PERM_CAN_SEE_PAGE_LIST;
 	}
 	bool canSetPagePerms() const
 	{
 		return this->permissions & PERM_CAN_SET_PAGE_PERMS;
 	}
 	bool isAdmin() const
 	{
 		return this->permissions == PERM_IS_ADMIN;
 	}
 	std::string toString() const
 	{
 		return Permissions::toString(this->permissions);
 	}
 	static std::string toString(int perms);
 	bool operator==(const Permissions &o) const
 	{
 		return this->permissions == o.permissions;
 	}
 };
 #endif // PERMISSIONS_H
--- a/qswiki.cpp
+++ b/qswiki.cpp
@ -31,12 +31,13 @@ SOFTWARE.
 #include "handlers/handlerfactory.h"
 #include "database/databasefactory.h"
 #include "config.h"
 #include "template.h"
 #include "session.h"
 #include "template.h"
 #include "logger.h"
 #include "urlprovider.h"
 #include "requestworker.h"
 #include "cache/fscache.h"
 #include "cache/nocache.h"
 #include "sandbox/sandboxfactory.h"
 #include "cli.h"
 #include "cliconsole.h"
@ -68,12 +69,41 @@ static struct option long_options[] = {{"cli", no_argument, 0, 'c'}, {"version",
 std::unique_ptr<ICache> createCache(const ConfigVariableResolver &resolver)
 {
 	std::string path = resolver.getConfig("cache_fs_dir");
-
+	if(path == "")
 	{
 		return std::make_unique<StringCache>();
 	}
 	return std::make_unique<FsCache>(path);
 }
 std::thread background_worker;
 void start_background_worker(Database &database, Config &config)
 {
 	background_worker = std::thread(
 		[&database, &config]()
 		{
 			while(true)
 			{
 				Logger::log() << "Executing background worker";
 				auto sessionDao = database.createSessionDao();
 				auto sessionList = sessionDao->fetch();
 				time_t now = time(NULL);
 				for(Session &sess : sessionList)
 				{
 					if(now - sess.creation_time > config.session_max_lifetime)
 					{
 						sessionDao->deleteSession(sess.token);
 					}
 				}
 				std::this_thread::sleep_for(std::chrono::hours(1));
 			}
 		});
 }
 int main(int argc, char **argv)
 {
@ -136,6 +166,7 @@ int main(int argc, char **argv)
 		Logger::setStream(&logstream);
 		auto database = createDatabase(config);
 		std::string socketPath = config.configVarResolver.getConfig("socketpath");
 		CLIHandler cliHandler(config, *database);
@ -158,6 +189,8 @@ int main(int argc, char **argv)
 			exit(EXIT_FAILURE);
 		}
 		start_background_worker(*database.get(), config);
 		CLIServer cliServer{cliHandler};
 		if(!cliServer.detachServer(socketPath))
 		{
--- a/request.cpp
+++ b/request.cpp
@ -40,7 +40,7 @@ std::pair<std::string, std::string> Request::createPairFromVar(std::string var)
 	else
 	{
 		std::string key = var.substr(0, equal);
-		std::string val = utils::html_xss(var.substr(equal + 1));
+		std::string val = utils::html_xss(utils::urldecode(var.substr(equal + 1)));
 		return std::make_pair(std::move(key), std::move(val));
 	}
 }
@ -75,7 +75,7 @@ void Request::initPostMap(const std::string &url)
 void Request::initCookies(const std::string &cookiestr)
 {
 	// TODO: find out what it really should be, ";" or "; "?
-	std::regex regex { ";+\\s?" };
+	std::regex regex{";+\\s?"};
 	auto cookiesplitted = utils::split(cookiestr, regex);
 	for(const std::string &part : cookiesplitted)
 	{
--- a/revisionrenderer.cpp
+++ b/revisionrenderer.cpp
@ -0,0 +1,78 @@
 #include "revisionrenderer.h"
 #include "templatepage.h"
 #include "dynamic/dynamiccontentpostlist.h"
 #include "dynamic/dynamiccontentincludepage.h"
 #include "dynamic/dynamiccontentgetvar.h"
 #include "dynamic/dynamiccontentsetvar.h"
 #include "dynamic/dynamicpostrenderer.h"
 #include "parser.h"
 #include "htmllink.h"
 std::string RevisionRenderer::dynamicCallback(std::string_view key, std::string_view value)
 {
 	if(key == "dynamic:postlist")
 	{
 		auto postlist = this->dynamicContentFactory.createDynamicContent<DynamicContentPostList>();
 		postlist->setArgument(std::string(value));
 		return postlist->render();
 	}
 	if(key == "dynamic:includepage")
 	{
 		auto includePage = this->dynamicContentFactory.createDynamicContent<DynamicContentIncludePage>();
 		includePage->setArgument(std::string(value));
 		return parser.parseDynamics(includePage->render(), std::bind(&RevisionRenderer::dynamicCallback, this,
 																	 std::placeholders::_1, std::placeholders::_2));
 	}
 	if(key == "dynamic:setvar")
 	{
 		auto setVar = this->dynamicContentFactory.createDynamicContent<DynamicContentSetVar>();
 		setVar->setMap(dynamicVarsMap);
 		setVar->setArgument(std::string(value));
 		return setVar->render();
 	}
 	if(key == "dynamic:getvar")
 	{
 		auto getVar = this->dynamicContentFactory.createDynamicContent<DynamicContentGetVar>();
 		getVar->setMap(dynamicVarsMap);
 		getVar->setArgument(std::string(value));
 		return getVar->render();
 	}
 	if(key == "dynamic:postrenderer")
 	{
 		auto renderer = this->dynamicContentFactory.createDynamicContent<DynamicPostRenderer>();
 		renderer->setArgument(std::string(value));
 		return renderer->render();
 	}
 	return std::string{};
 }
 std::string RevisionRenderer::renderContent(std::string content)
 {
 	dynamicVarsMap["pagetitle"] = parser.extractCommand("pagetitle", content);
 	dynamicVarsMap["createdon"] = utils::toISODate(time(NULL));
 	dynamicVarsMap["modifydatetime"] = utils::toISODateTime(time(NULL));
 	std::string resolvedContent = parser.parseDynamics(
 		content, std::bind(&RevisionRenderer::dynamicCallback, this, std::placeholders::_1, std::placeholders::_2));
 	return parser.parse(*this->db->createPageDao(), *this->urlProvider, resolvedContent);
 }
 std::string RevisionRenderer::renderContent(const Revision &r, std::string_view customTitle)
 {
 	auto revisionDao = this->db->createRevisionDao();
 	auto firstRevision = revisionDao->getRevisionForPage(r.page, 1);
 	if(!firstRevision)
 	{
 		throw std::runtime_error("Could not get first revision for page, which is odd. Solar flares?");
 	}
 	dynamicVarsMap["createdon"] = utils::toISODate(firstRevision.value().timestamp);
 	dynamicVarsMap["pagetitle"] = customTitle;
 	dynamicVarsMap["modifydatetime"] = utils::toISODateTime(r.timestamp);
 	std::string resolvedContent = parser.parseDynamics(
 		r.content, std::bind(&RevisionRenderer::dynamicCallback, this, std::placeholders::_1, std::placeholders::_2));
 	return parser.parse(*this->db->createPageDao(), *this->urlProvider, resolvedContent);
 }
--- a/revisionrenderer.h
+++ b/revisionrenderer.h
@ -0,0 +1,29 @@
 #ifndef REVISIONRENDERER_H
 #define REVISIONRENDERER_H
 #include "revision.h"
 #include "templatepage.h"
 #include "dynamic/dynamiccontentfactory.h"
 #include "iparser.h"
 #include "parser.h"
 class RevisionRenderer
 {
 private:
 	DynamicContentFactory dynamicContentFactory;
 	Database *db;
 	UrlProvider *urlProvider;
 	std::map<std::string, std::string> dynamicVarsMap;
 	std::string dynamicCallback(std::string_view key, std::string_view value);
 	Parser parser;
 public:
 	RevisionRenderer(Template &templ, Database &db, UrlProvider &urlProvider, Session &session) :dynamicContentFactory(templ, db, urlProvider, session)
 	{
 		this->db = &db;
 		this->urlProvider = &urlProvider;
 	}
 	std::string renderContent(std::string content);
 	std::string renderContent(const Revision &r, std::string_view customTitle);
 };
 #endif // REVISIONRENDERER_H
--- a/sandbox/sandbox-linux.cpp
+++ b/sandbox/sandbox-linux.cpp
@ -49,16 +49,17 @@ bool SandboxLinux::enable(std::vector<std::string> fsPaths)
 	}
 	for(unsigned int i = 0; i < fsPaths.size(); i++)
 	{
-		exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_ALL_WRITE, fsPaths[i].c_str());
+		std::string &path = fsPaths[i];
 		if(path.size() > 0)
 		{
 			exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_ALL_WRITE, path.c_str());
 		}
 	}
 	policy->drop_caps = 1;
 	policy->not_dumpable = 1;
 	policy->no_new_privs = 1;
 	policy->mount_path_policies_to_chroot = 1;
-	policy->vow_promises = EXILE_SYSCALL_VOW_STDIO | EXILE_SYSCALL_VOW_WPATH | EXILE_SYSCALL_VOW_CPATH |
+	policy->vow_promises = exile_vows_from_str("stdio wpath cpath rpath inet unix thread");
 						   EXILE_SYSCALL_VOW_RPATH | EXILE_SYSCALL_VOW_INET | EXILE_SYSCALL_VOW_UNIX |
 						   EXILE_SYSCALL_VOW_THREAD;
 	if(exile_enable_policy(policy) != 0)
 	{
 		Logger::error() << "Sandbox: Activation of exile failed!";
--- a/setup/sqlite.sql
+++ b/setup/sqlite.sql
@ -1,4 +1,4 @@
-CREATE TABLE page(id INTEGER PRIMARY KEY, name varchar(256), title varchar(1024), lastrevision integer, visible integer DEFAULT 1);
+CREATE TABLE page(id INTEGER PRIMARY KEY, name varchar(256), title varchar(1024), lastrevision integer, listed integer DEFAULT 1, parent integer REFERENCES page(id), feedlisted integer DEFAULT 1);
 CREATE TABLE user(id INTEGER PRIMARY KEY,username varchar(64), 
 password blob, salt blob, permissions integer, enabled integer DEFAULT 1);
 CREATE TABLE session(id INTEGER PRIMARY KEY, csrf_token varchar(32), 
--- a/submodules/cpp-httplib
+++ b/submodules/cpp-httplib
--- a/submodules/exile.h
+++ b/submodules/exile.h
--- a/template.cpp
+++ b/template.cpp
@ -18,6 +18,7 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
 */
 #include <filesystem>
 #include "template.h"
 #include "varreplacer.h"
 #include "urlprovider.h"
@ -47,9 +48,15 @@ TemplatePage Template::getPage(const std::string &pagename)
 std::string Template::getPartPath(std::string_view partname)
 {
-	// TODO: utils::concatPath? C++17 paths?
+	auto absolute_path = std::filesystem::canonical(std::filesystem::path{this->templatepath} / partname);
-	return this->templatepath + "/" + std::string(partname);
+	std::string result = absolute_path.string();
 	if(result.starts_with(this->templatepath))
 	{
 		return result;
 	}
 	return "";
 }
 std::string Template::loadPartContent(std::string_view partname)
 {
 	std::string partpath = getPartPath(partname);
--- a/template/quitesimple/allpages
+++ b/template/quitesimple/allpages
@ -1,6 +1,6 @@
 {qswiki:include:general_header}
 <div id="content" style="margin-top: 10px;">
 <h2>All pages</h2>
-{qswiki:var:pagelist}
+{qswiki:include:pagelistrender}
 </div>
 {qswiki:include:general_footer}
--- a/template/quitesimple/general_footer
+++ b/template/quitesimple/general_footer
@ -4,8 +4,5 @@
 		<li style="font-size: 10pt">Powered by qswiki</li>
 	</ul>
 </footer>
 <script>
 {qswiki:include:js_session_refresh}
 </script>
 </body>
 </html>
--- a/template/quitesimple/js_session_refresh
+++ b/template/quitesimple/js_session_refresh
@ -1,5 +0,0 @@
 function refreshSession()
 {
 fetch(new Request("{qswiki:config:refreshsessionurl}"));
 }
 setInterval(refreshSession, 60*2*1000);
--- a/template/quitesimple/page_footer
+++ b/template/quitesimple/page_footer
@ -5,8 +5,9 @@
 		<li style="font-size: 10pt">Powered by qswiki</li>
 	</ul>
 </footer>
 <script src="{qswiki:config:highlightjspath}"></script>
 <script>
-{qswiki:include:js_session_refresh}
+hljs.highlightAll();
 </script>
 </body>
 </html>
--- a/template/quitesimple/page_header
+++ b/template/quitesimple/page_header
@ -3,6 +3,8 @@
 <meta http-equiv="content-type" content="text/html; charset=UTF-8">
 <meta name="viewport" content="width=device-width, initial-scale=1">
 <link rel="stylesheet" type="text/css" href="{qswiki:config:csspath}">
 <link rel="stylesheet" href="{qswiki:config:highlightjsstyle}">
 <title>{qswiki:var:title}</title>
 <body>
 <nav>
--- a/template/quitesimple/pagelistrender
+++ b/template/quitesimple/pagelistrender
@ -0,0 +1,3 @@
 {qswiki:include:pagelistrender_header}
 {qswiki:var:pagelistcontent}
 {qswiki:include:pagelistrender_footer}
--- a/template/quitesimple/pagelistrender_footer
+++ b/template/quitesimple/pagelistrender_footer
--- a/template/quitesimple/pagelistrender_group
+++ b/template/quitesimple/pagelistrender_group
@ -0,0 +1 @@
 <div class="letter_search_result">{qswiki:var:groupname}</div>
--- a/template/quitesimple/pagelistrender_header
+++ b/template/quitesimple/pagelistrender_header
@ -0,0 +1 @@
 Sort by: <a href="{qswiki:var:pagelistletterlink}">A-Z</a> - <a href="{qswiki:var:pagelistcreationdatelink}">Creation date</a>
--- a/template/quitesimple/pagelistrender_link
+++ b/template/quitesimple/pagelistrender_link
@ -0,0 +1 @@
 <a href="{qswiki:var:href}">{qswiki:var:inner}</a><br>
--- a/template/quitesimple/show_category
+++ b/template/quitesimple/show_category
@ -1,6 +1,6 @@
 {qswiki:include:general_header}
 <main id="content">
 <h2>Category: {qswiki:var:categoryname}</h2>
-{qswiki:var:pagelist}
+{qswiki:include:pagelistrender}
 </main>
 {qswiki:include:general_footer}
--- a/urlprovider.cpp
+++ b/urlprovider.cpp
@ -53,6 +53,11 @@ std::string UrlProvider::allPages()
 	return config->linkallpages;
 }
 std::string UrlProvider::allPages(std::string rendertype)
 {
 	return replaceSingleVar(config->linkallpagesrendertype, "type", rendertype);
 }
 std::string UrlProvider::allCats()
 {
 	return config->linkallcats;
@ -63,6 +68,11 @@ std::string UrlProvider::page(std::string pagename)
 	return replaceOnlyPage(config->linkpage, pagename);
 }
 std::string UrlProvider::pageByTitle(std::string title)
 {
 	return replaceSingleVar(config->linkpagebytitle, "title", utils::strreplace(title, " ", "-"));
 }
 std::string UrlProvider::linksHere(std::string pagename)
 {
 	return replaceOnlyPage(config->linkshere, pagename);
@ -116,6 +126,16 @@ std::string UrlProvider::category(std::string catname)
 {
 	return replaceSingleVar(config->linkcategory, "category", catname);
 }
 std::string UrlProvider::category(std::string catname, std::string rendertype)
 {
 	Varreplacer replace("{");
 	replace.addKeyValue("category", catname);
 	replace.addKeyValue("type", rendertype);
 	return replace.parse(config->linkcategoryrendertype);
 }
 std::string UrlProvider::login(std::string page)
 {
 	return replaceOnlyPage(config->loginurl, page);
--- a/urlprovider.h
+++ b/urlprovider.h
@ -22,11 +22,14 @@ class UrlProvider
 	std::string recentSorted(unsigned int limit, unsigned int offset, unsigned int sort);
 	std::string allPages();
 	std::string allPages(std::string rendertype);
 	std::string allCats();
 	std::string page(std::string pagename);
 	std::string pageByTitle(std::string title);
 	std::string linksHere(std::string pagename);
 	std::string pageHistory(std::string pagename);
@ -46,6 +49,7 @@ class UrlProvider
 	std::string refreshSession();
 	std::string category(std::string catname);
 	std::string category(std::string catname, std::string rendertype);
 	std::string login(std::string page);
--- a/utils.cpp
+++ b/utils.cpp
@ -136,11 +136,10 @@ std::string utils::getenv(const std::string &key)
 std::string utils::readCompleteFile(std::string_view filepath)
 {
 	std::fstream stream(std::string{filepath});
 	if(!stream.is_open())
 	{
-		throw std::runtime_error("stream is not open");
+		throw std::runtime_error("utils::readCompleteFile(): stream is not open");
 	}
 	std::stringstream ss;
 	ss << stream.rdbuf();
Author	SHA1	Message	Date
Albert S.	22e3941f2c	submodules: cpp-httplib: Update	2025-05-08 22:38:32 +02:00
Albert S.	168d24c545	submodules: cpp-httplib: Update	2025-03-09 15:21:14 +01:00
Albert S.	d1358f7e77	Remove whitespace from id links, fix <br> closing	2024-12-23 10:44:21 +01:00
Albert S.	79d69f4b65	cache: Introduce StringCache, switch to unordered_map, default to memory cache if fs cache dir not given	2024-10-13 15:14:19 +02:00
Albert S.	bfeacb0510	submodules: cpp-httplib: Update	2024-09-20 20:25:55 +02:00
Albert S.	c6013338a9	HandlerFeedGenerator: Remove 'entryUpdated' as it requires another approach Any small change on a page "updates" the feed, which is misleading to clients. May need "minor edit" or something. For now, get rid of it.	2024-06-09 15:42:39 +02:00
Albert S.	dab0b94ec4	submodules: cpp-httplib: Update	2024-06-09 10:42:03 +02:00
Albert S.	2ebdbd0b6d	parser: Consume superfluous newlines, add [br] and [p]	2024-06-09 10:32:50 +02:00
Albert S.	61e84a98c7	dynamic: Add dynamicpostrenderer	2024-03-16 22:07:37 +01:00
Albert S.	61f289625c	RevisionRenderer: Add 'dynamicpostrenderer'	2024-03-16 22:07:37 +01:00
Albert S.	6a12070d0d	add cmd:feedlisted and cmd:listed	2024-03-16 22:07:37 +01:00
Albert S.	03c6816528	tree: visible => listed	2024-03-16 22:07:37 +01:00
Albert S.	18f4ad9d51	setup: sqlite: Rename visible => listed, Add 'feedlisted' to indicate whether page should be listed in feeds	2024-03-16 22:07:37 +01:00
Albert S.	84adaa934a	template: getPartPath(): Ensure return path isn't outside template dir user-input to this function might become possible soon	2024-03-16 22:07:37 +01:00
Albert S.	579fadfb10	parser: Add [content] tag, add extractFirstTag() method	2024-03-16 22:07:37 +01:00
Albert S.	ff01a00217	cache: mapcache: Add <string> header	2024-03-16 22:07:37 +01:00
Albert S.	daed17848c	handlers: handlerpageedit: Handle [cmd:parentpage]	2024-03-16 22:07:37 +01:00
Albert S.	0fb0457dbb	setup: sqlite: Add "parent" refere to "page"	2024-03-16 22:07:37 +01:00
Albert S.	2d5d483790	database: pagedao: Add-support for subpages	2024-03-16 22:07:37 +01:00
Albert S	f08e235d03	HandlerPageEdit: Use clearForPage() before setting Permissions	2023-08-11 09:22:04 +02:00
Albert S	8998fb8793	PermissionsDao: Add clearForPage()	2023-08-11 09:21:02 +02:00
Albert S	9088154372	submodules: cpp-httplib: Update	2023-08-09 13:56:04 +02:00
Albert S	8a2d9fdc58	{page,categorydao}sqlite: Add missing ROLLBACK	2023-08-09 13:53:49 +02:00
Albert S	c0049fc7b6	sqlite: Use per-thread connections	2023-07-29 10:00:27 +02:00
Albert S	fe533a5076	Disable caching if no cache dir given	2023-07-29 09:52:07 +02:00
Albert S	ec3cbe3f76	cache: Add dummy NoCache class	2023-07-29 09:45:51 +02:00
Albert S	1095d38b02	Add [cmd:permissions]	2023-07-28 15:04:58 +02:00
Albert S	234db99ef5	dynamic,HandlerFeedGenerator: Check for read permissions	2023-07-27 18:02:12 +02:00
Albert S	32af0e2857	handlers: HandlerPageEdit: Add transaction rollback on exception	2023-07-26 20:21:44 +02:00
Albert S	aa362331a5	submodules: cpp-httplib: Update	2023-05-31 21:16:58 +02:00
Albert S	64b6e7e61c	parser: Add [s]	2023-04-01 13:48:11 +02:00
Albert S	3bc51b9d34	submodules: cpp-httplib: Update	2023-03-09 09:03:22 +01:00
Albert S	7dee7bc06b	Update .gitignore	2023-02-03 16:08:39 +01:00
Albert S	afea31f231	revisionrenderer: renderContent(): Add modifydatetime var	2023-02-03 16:08:39 +01:00
Albert S	004665e943	qswiki: Add background worker, currently to clean old sessions mainly	2023-02-03 16:08:39 +01:00
Albert S	b9595bd513	database: Add fetch() for SessionDao	2023-02-03 16:08:28 +01:00
Albert S	48e3614e78	Retire javascript session refresh	2023-02-03 16:07:11 +01:00
Albert S	7c086e0d78	logger: Initialize members with default vals	2023-01-19 12:17:52 +01:00
Albert S	24121a1618	Makefile: Add libstdc++ assertions + randomize link order	2023-01-16 20:43:34 +01:00
Albert S	172129179e	submodules: cpp-httplib: Update	2022-12-13 10:18:10 +01:00
Albert S	8603e55c59	config: Adjust default payload length	2022-12-13 10:17:40 +01:00
Albert S	e326e09a36	gateway: httpgateway: Adjust default payload length for urlencoded content	2022-12-13 10:16:30 +01:00
Albert S	a71c3da129	template: Enable syntax highlighting using highlight.js	2022-11-08 08:48:22 +01:00
Albert S	fbfe5510a1	parser: Render <code> and <blockquote> preformated	2022-11-08 08:47:53 +01:00
Albert S	78b9e5e043	README: update	2022-10-30 11:30:27 +01:00
Albert S	ef8eebdbaa	database: Add missing virtual destructors for some classes	2022-10-24 15:17:04 +02:00
Albert S	7ef9d7f020	sandbox: Use exile_vows_from_str() for seccomp policy	2022-10-23 21:36:58 +02:00
Albert S	d3bd5f79cc	HandlerFeedGenerator: Don't escape title again	2022-08-20 12:57:54 +02:00
Albert S	995a980d49	HandlerPageEdit: Add 'frompage' GET parameter to use a page as a template	2022-08-20 12:41:30 +02:00
Albert S	2ee760d9ca	submodules: cpp-httplib: Update	2022-08-20 12:31:15 +02:00
Albert S	ffeea8cfd1	submodules: exile.h: Update	2022-08-20 12:31:15 +02:00
Albert S	a81963181a	RevisionDaoSqlite: Fix cases where we got pageid instead of the page name	2022-08-20 12:31:15 +02:00
Albert S	d18c0669ce	handlers: HandlerPageEdit: Use RevisionRenderer	2022-08-20 12:31:15 +02:00
Albert S	ecd45a61c8	HandlerPageView: Use RevisionRenderer	2022-08-20 12:30:47 +02:00
Albert S	2b1c3c71b7	HandlerFeedGenerator: Use RevisionRenderer	2022-08-20 12:30:47 +02:00
Albert S	a1042720a7	Add RevisionRenderer	2022-08-20 12:30:47 +02:00
Albert S	6dbe8d34dc	Add DynamicContentFactory	2022-08-20 10:24:23 +02:00
Albert S	51b259f385	HandlerPageView: Set 'pagetitle' dynamic variable	2022-08-17 22:41:15 +02:00
Albert S	0cad11004f	HandlerPageView: Drop partial caches Anonymous access is the common case, this is already cached. For other cases this logic cannot be justified as there is hardly a practical gain for that extra complexity.	2022-08-17 21:57:19 +02:00
Albert S	2102cf4e6b	Add [cmd:allowinclude] Pages must specify whether they want to be included or not. Otherwise there too many surprises possibe, enforcing access restrictions will get more complicated	2022-08-17 21:54:34 +02:00
Albert S	86890660f4	HandlerPageView: Set 'createdon' dynamic variable	2022-08-17 19:35:52 +02:00
Albert S	0325cdf936	Parser: Add code,blockquote and begin img tag	2022-04-19 19:50:22 +02:00
Albert S	b0c715c4ea	Parser: Add cmd:visible, it's also a tag	2022-04-03 14:35:14 +02:00
Albert S	63a4437de7	HandlerFeedGenerator: Fix comparator condition	2022-04-03 12:07:43 +02:00
Albert S	c88889b10b	Parser: Fix headline extraction for the default case broken by `fbca85e5`	2022-04-03 11:48:16 +02:00
Albert S	634cb2d7ee	Handlers: HandlerAllPages / HandlerCategory: Use PageListRenderer	2022-04-03 11:15:02 +02:00
Albert S	1c1416934b	UrlProvider: Add Links to specify rendertype in allpages / category view	2022-04-03 11:15:02 +02:00
Albert S	622ef5af6a	Database: PageDao/CategoryDao: Return 'Page' object, not pagename string	2022-04-03 11:15:02 +02:00
Albert S	5f83981d68	utils: readCompleteFile(): Fix error string which is too generic without context	2022-04-03 11:07:26 +02:00
Albert S	b5b2a42839	Add PageListRenderer: Allow rendering pagelist by creationdate and A-Z as before	2022-04-03 11:06:19 +02:00
Albert S	e217218a3f	Add Grouper: Maps a key to a vectors	2022-04-03 11:05:13 +02:00
Albert S	82c081385b	Request: createPairFromVar(): Explicitly decode value May not be the case on POST requests.	2022-03-30 22:59:20 +02:00
Albert S	91951abe9c	Revert "dynamic: DynamicContentPostList: Link using UrlProvider::pageByTitle()" This reverts commit `9b35e43161`.	2022-03-29 22:45:17 +02:00
Albert S	9b35e43161	dynamic: DynamicContentPostList: Link using UrlProvider::pageByTitle()	2022-03-29 22:37:45 +02:00
Albert S	73a4e4c10f	UrlProvider: Add pageByTitle()	2022-03-29 22:37:20 +02:00
Albert S	1e224fdac6	HandlerPageView: First resolve all dynamics before parsing tags Should make more sense this way, especially to extract headlines.	2022-03-29 22:36:05 +02:00
Albert S	fbca85e5ed	Parser: Seperate parseDynamcis(), fix headline extraction with tags inside them	2022-03-29 22:35:45 +02:00
Albert S	15e4f081cc	HandlerPage: Support lookup by title	2022-03-29 22:34:22 +02:00
Albert S	e876b15c5d	dynamic: Add DynamicContent{Get,Set}Var	2022-03-29 22:33:32 +02:00
Albert S	3e736db0ef	database: pagedao: Add findByTitle()	2022-03-29 22:30:20 +02:00
Albert S	03c5646858	HandlerPageView: Parse dynamically included pages recursively	2022-03-28 21:25:37 +02:00
		`@ -0,0 +1 @@`
							`<div class="letter_search_result">{qswiki:var:groupname}</div>`
		`@ -0,0 +1 @@`
							`Sort by: <a href="{qswiki:var:pagelistletterlink}">A-Z</a> - <a href="{qswiki:var:pagelistcreationdatelink}">Creation date</a>`
		`@ -0,0 +1 @@`
							`<a href="{qswiki:var:href}">{qswiki:var:inner}</a><br>`