%ACTIVATEDPLUGINS%
%ADDTOHEAD{}%
expands in-place to an empty string, unless there is an error in which case the variable expands to an error string.
%ADDTOHEAD{ "..." text="..." }%
Parameter: | Description: | Comment: |
---|---|---|
"..." | ID of the head block, such as "MY_CSS" | Optional but recommended |
text="..." | HTML text to add to the head section | Mutually exclusive with topic="" |
topic="Web.TopicName" | Name of topic that contains the full HTML text to add to the head section, such as topic="Main.MyCssTopic" | Mutually exclusive with text="" |
section="name" | If topic parameter is used, includes only the specified named section, as defined in the topic by the STARTSECTION and ENDSECTION variables. Nothing is shown if the named section does not exists. section="" is equivalent to not specifying a section | Optional |
requires="..., ..." | Comma-separated list of other IDs this one depends on | Optional |
%ADDTOHEAD{ "MYBOX_CSS" text="<style type=\"text/css\"> .myBox { height: 22px; background-color: #AFB3C5; } </style>" }%
(this topic)
%CALC{formula}%
variable is handled by the SpreadSheetPlugin. Over 100 functions are available, such as $ABS()
, $EXACT()
, $EXISTS()
, $GET()/$SET()
, $IF()
, $LOG()
, $LOWER()
, $PERCENTILE()
, $TIME()
, $VALUE()
.
%CALC{formula}%
%CALC{$SUM($ABOVE())}%
returns the sum of all cells above the current cell
%CALC{$EXISTS(Web.SomeTopic)}%
returns 1
if the topic exists
%CALC{$UPPER(Collaboration)}%
returns COLLABORATION
%INCLUDE{%CALC{...}%}%
) because it does not get evaluated inside-out & left-to-right like ordinary TWiki variables. Use CALCULATE if you nest variables.
%CALCULATE{formula}%
variable is handled by the SpreadSheetPlugin. Over 100 functions are available, such as $ABS()
, $EXACT()
, $EXISTS()
, $GET()/$SET()
, $IF()
, $LOG()
, $LOWER()
, $PERCENTILE()
, $TIME()
, $VALUE()
.
%CALC{formula}%
%CALC{$EXISTS(Web.SomeTopic)}%
returns 1
if the topic exists
%CALC{$UPPER(Collaboration)}%
returns COLLABORATION
$LEFT()
or $T()
. Use CALC instead.
%DASHBOARD{...}%
variable.
%DASHBOARD{ section="..." ... }%
%DASHBOARD{ section="dashboard_start" }%
%DASHBOARD{ section="banner" image="..." title="..." }%
%DASHBOARD{ section="box_start" title="Box 1 title" }%
Box 1 content
%DASHBOARD{ section="box_end" }%
%DASHBOARD{ section="box_start" title="Box 2 title" }%
Box 2 content
%DASHBOARD{ section="box_end" }%
...
%DASHBOARD{ section="dashboard_end" }%
%EDITFORM{topic="..." formfields="..."}%
Parameter: | Description: | Default: |
---|---|---|
"..." ortopic="..." | Name of topic containing the TWiki form, such as "Bug1234" . Specify topic name or Web.TopicName | Either "..." , topic="" or formtemplate="" is required |
formtemplate="..." | Name of form template topic, such as "BugForm" . Specify topic name or Web.TopicName | |
elements="..." | Elements of edit form: formstart is the HTML form tag, header the form header, formfields the form fields, submit the submit button, hiddenfields are hidden input fields, formend is the HTML form end tag. | "formstart, header, |
header="..." | Form header, typically containing the form name. If "on" , the default format is used:"| *[[$formweb.$formtopic][$formtopic]]* ||" Supported variables: • $formweb - name of web containing the form definition. • $formtopic - name of topic containing the form definition. | "on" |
formfields="..., ..." | Specify names of TWiki form fields to use, in sequence. The all token shows all remaining fields. | "all" |
format="..." | Format of one form field. Supported variables: • $inputfield - rendered form input field. • $title - raw field name (includes space and other special characters). • $name - field name (sanitized title). • $size - size of field or selector. • $value - initial value, or select options. • $tooltip - tooltip message. • $attributes - type attributes, such as H for hidden, M for mandatory. • $extra - extra information, such as * for mandatory field. • $formweb - name of web containing the form definition. • $formtopic - name of topic containing the form definition. See details in TWikiForms#FormFieldTypes. | "| $title: $extra | $inputfield |" |
hiddenfields="..., ..." | List of form field names to use as hidden fields. For each name listed in hiddenfields="" , add a name="value" parameter to specify the value of the hidden input field. If you omit the name="value" parameter for a hidden input field, it will be excluded as a form field, even with a formfields="all" . | "" |
submit="..." | Format of submit button row. Line separator. Variable $submit expands to submit input field with label "Save", $submit(Save) to a submit input field with specific label. | "| | $submit |" |
onsubmit="..." | Execute JavaScript when the form is submitted, optional. | "" |
action="..." | Specify a TWiki script (view , edit , save , ...), or the full URL of an action to take on form submit. | "save" |
method="..." | HTML form action method. | "post" for saveaction, else "get" |
separator="..." | Line separator. Variable $br expands to <br /> tag, and $n to a newline. | "$n" |
default="..." | Text shown when no form or form fields are found | "" |
%EDITFORM{ topic="%INCLUDINGTOPIC%" }%
- show HTML form to update form data of the including topic (typically used in an included header)
%EDITFORM{
topic="%BASEWEB%.%BASETOPIC%"
formfields="Priority, Status"
hiddenfields="Updated"
Updated="%SERVERTIME{$year-$mo-$day}%"
submit=" | | $submit(Update) |"
}%
%EDITFORMFIELD{"fieldname" form="...Form"}%
- create form field defined in a TWiki Form template
%EDITFORMFIELD{"fieldname" topic="..."}%
- create form field based on a topic that has a TWiki Form & initialize its value
%EDITFORMFIELD{"fieldname" type="..."}%
- create an HTML input field
Parameter: | Description: | Default: |
---|---|---|
"fieldname" | The name of a TWiki form field or HTML form field. | Required |
form="..." | Name of form template topic, such as "BugForm" . Specify topic name or Web.TopicName | Either form or topic is required unless type is specified |
topic="..." | Name of topic containing form, such as "Bug1234" . Specify topic name or Web.TopicName | |
format="..." | Format string. Supported variables: • $inputfield - rendered form input field. • $title - raw field name (includes space and other special characters). • $name - field name (sanitized title). • $size - size of field or selector. • $value - initial value, or select options. • $tooltip - tooltip message. • $attributes - type attributes, such as H for hidden, M for mandatory. • $extra - extra information, such as * for mandatory field. See details in TWikiForms#FormFieldTypes. This parameter is ignored if type="..." is specified. | "$inputfield" |
value="..." | Initial value of input field. If omitted and if topic="..." is specified, the value is taken from the named form field. | "" |
type="start" | Special case: Start an HTML form. Parameters: "form" type="start" action="save" topic="..." method="" onsubmit="" onreset="" • action : Specify a TWiki script (view , edit , save , ...), or a full action URL, default "view" . • topic : Specify topic name or Web.TopicName , default current topic; ignored if full action URL is provided. • method : HTML form action method, default "post" for save action, else "get" . • onsubmit : Execute JavaScript when the form is submitted, optional. • onreset : Execute JavaScript when the reset button is clicked, optional. | "" |
type="end" | Special case: End an HTML form. Parameters: "form" type="end" | "" |
type="..." | Special case: Create an input field regardless of the type defined in the TWikiForm. Used mainly for hidden fields and submit button. The nameless parameter is the field name. Supported types: • "fieldname" type="hidden" value="..." - hidden input field. • "fieldname" type="submit" value="..." - submit button, value is button label. • "fieldname" type="button" value="..." onclick="..." - regular button, value is button label. • "fieldname" type="text" value="..." size="80" - text input field. • "fieldname" type="textarea" value="..." size="80x6" - multi line text area field, size denotes columns x rows. • "fieldname" type="checkbox" value="..." text="..." - checkbox, text is display text. • "fieldname" type="radio" value="..." text="..." - radio button, text is display text. • In addition, any valid XHML and HTML5 input type is supported, such as type="date" , type="file" , type="image" . Additional type-specific parameters can be supplied, such as alt="..." , checked="checked" , class="..." , max="..." , min="..." , placeholder="..." , src="..." , style="..." , width="..." . Consult HTML documentation. | "" |
%EDITFORMFIELD{ "ReleaseType" form="PackageForm" value="Beta-1" }%
%EDITFORMFIELD{ "form" type="start" action="save" topic="%BASEWEB%.%BASETOPIC%" method="post" }%
| Priority: | %EDITFORMFIELD{ "Priority" topic="%BASETOPIC%" }% |
| Status: | %EDITFORMFIELD{ "Status" topic="%BASETOPIC%" }% |
| | %EDITFORMFIELD{ "form" type="submit" value="Update" }% |
%EDITFORMFIELD{ "Updated" type="hidden" value="%SERVERTIME{$year-$mo-$day}%" }%
%EDITFORMFIELD{ "form" type="end" }%
"\n"
) and linefeed ("\r"
)
"<"
, ">"
, "&"
, single quote ('
) and double quote ("
)
"%"
, "["
, "]"
, "@"
, "_"
, "*"
, "="
and "|"
%ENCODE{"string"}%
Parameter: | Description: | Default: |
---|---|---|
"string" | String to encode | required (can be empty) |
type="url" | Encode special characters for URL parameter use, like a double quote into %22 | (this is the default) |
type="quotes" | Escape double quotes with backslashes (\" ), does not change other characters. This type does not protect against cross-site scripting. | type="url" |
type="moderate" | Encode special characters into HTML entities for moderate cross-site scripting protection: "<" , ">" , single quote (' ) and double quote (" ) are encoded. Useful to allow TWiki variables in comment boxes. | type="url" |
type="safe" | Encode special characters into HTML entities for cross-site scripting protection: "<" , ">" , "%" , single quote (' ) and double quote (" ) are encoded. | type="url" |
type="entity" | Encode special characters into HTML entities, like a double quote into " . Does not encode newline (\n ) or linefeed (\r ). | type="url" |
type="entity" extra=" $n$r" | For type="entity" only, use the extra parameter to encode additional characters to HTML numeric entities. Formatting tokens can be used, such as "$n" for newline. Note that type="entity" extra=" $n$r" is equivalent to type="html" . | type="url" extra="" |
type="html" | Encode special characters into HTML entities. In addition to type="entity" , it also encodes space, \n and \r . Useful to encode text properly in HTML input fields. See equivalent ENTITY. | type="url" |
type="json" | Escape double quotes and backslashes with backslashes (\" and \\ , respectively), escape non-printable characters with hex code \u0000 ... \u001F , does not change other characters. Use this to properly escape text for a JSON string. Example result: This is a string with \"quoted\" and \\backslashed\\ text . | type="url" |
type="csv" | Escape single quotes and double quotes by repeating them, other characters do not change. Use this to properly escape fields in CSV reports that output comma-separated values, such as "field 1","field 2 with ''single'' and ""double"" quotes" . | type="url" |
type="search" | Special encoding used for SEARCH: Substitute % characters into non-printable characters, so that TWikiVariables are no longer expanded. Also escapes quotes. Used to feed a search string from a URLPARAM into SEARCH without expanding any variables, such as when searching for %BR% . | type="url" |
newline="..." | Replace a newline with the specified value before encoding. Please note that newline="<br/>" does not bring <br/> to the output because < and > are encoded (except with the quotes and csv types). To have <br/> in the output, you need to specify newline="$br" . However, newline="$br" does not work in combination with type="url" (the defautl type). This shouldn't be a problem because it's very rare to need to have <br/> encoded in a URL. In addition to $br , $n has a special meaning in a newline parameter value - $n results in a newline in the output. This parameter is expected to be used in combination with the moderate , safe , entity , or html type. With the other types, it causes unuseful results. |
%ENCODE{"spaced name"}%
expands to spaced%20name
%ENCODE{"spaced name" type="entity" extra=" "}%
expands to spaced name
"html"
. A shorter %ENTITY{any text}%
can be used instead of the more verbose %ENCODE{ "any text" type="html" }%
. <input type="text" name="address" value="%ENTITY{any text}%" />
%SET{ "lunch" value="%ENCODE{ "string with "quotes"" type="quotes" }%" remember="1" }%
type="moderate"
, type="safe"
, type="entity"
or type="html"
to protect user input from URL parameters and external sources against cross-site scripting (XSS). type="html"
is the safest mode, but some TWiki applications might not work. type="safe"
provides a safe middle ground, type="moderate"
provides only moderate cross-site scripting protection.
%ENDSECTION{"name"}%
%ENDSECTION{type="include"}%
%ENDSECTION{type="templateonly"}%
%ENDSECTION{type="expandvariables"}%
Parameter: | Description: |
---|---|
"name" | Name of the section. |
type="..." | Type of the section being terminated; supported types "section" , "include" , "templateonly" , "expandvariables" |
STARTSECTION
is named, the corresponding ENDSECTION
must also be named with the same name. If the STARTSECTION
specifies a type, then the corresponding ENDSECTION
must also specify the same type. If the section is unnamed, ENDSECTION
will match with the nearest unnamed %STARTSECTION%
of the same type above it.
"\n"
) and linefeed ("\r"
)
"<"
, ">"
, "&"
, single quote ('
) and double quote ("
)
"%"
, "["
, "]"
, "@"
, "_"
, "*"
, "="
and "|"
%ENTITY{string}%
%ENTITY{text with "quotes" and
newline}%
expands to text with "quotes" and newline
<input type="text" name="address" value="%ENTITY{any text}%" />
%ENTITY{string}%
is roughly equivalent to %ENCODE{ "string" type="html" }%
, but the latter cannot handle strings that have double quotes embedded in it.
%EXAMPLEVAR{}%
variable is handled by the EmptyPlugin
%EXAMPLEVAR{"text" format="..."}%
text="..."
- example text.
format="..."
- format of report.
%EXAMPLEVAR{"hello" format="| $topic: $summary |"}%
%FORM{topic="..." formfields="..." ...}%
Parameter: | Description: | Default: |
---|---|---|
"..." ortopic="..." | Name of topic containing the TWiki form, such as "Bug1234" . Specify topic name or Web.TopicName | Current topic |
rev="..." | Get the form from the specified topic revision, range "1" to top revision of topic. "0" is equivalent to the top revision | The rev URL parameter value if present, else the top revision |
formfields="..., ..." | Specify names of TWiki form fields to show, in sequence. The all token shows all remaining fields. | "all" |
header="..." | Form header, typically containing the form name. If "on" , the default format "| *[[$formweb.$formtopic][$formtopic]]* ||" is used. If "none" , the header is suppressed. Supported variables: • $formweb - name of web containing the form definition. • $formtopic - name of topic containing the form definition. | "on" |
format="..." | Format of one form field. Supported variables: • $title - raw field name (includes space and other special characters). • $name - field name (sanitized title). • $type - form field type. • $size - size of field or selector. • $value - form field value. • $value(20, -<br />) - value hyphenated every 20 characters using separator -<br />. • $value(30, ...) - value shortened to 30 characters. • $length - length of form field value. • $tooltip - tooltip message. • $attributes - type attributes, such as H for hidden, M for mandatory. • $formweb - name of web containing the form definition. • $formtopic - name of topic containing the form definition. See details in TWikiForms#FormFieldTypes. | "| $title: | $value |" |
separator="..." | Line separator. Variable $br expands to <br /> tag, and $n to a newline. | "$n" |
default="..." | Text shown when no form or form fields are found | "" |
newline="$br" | Convert newlines in textarea to other delimiters. Variable $br expands to <br /> tag, and $n to a newline. Other text is encoded based on encode parameter. | "$br" if format is a TWiki table, else "\n" |
encode="html" | Encode special characters in form field value into HTML entities. Additional encodings available: encode="quote" , encode="moderate" , encode="safe" , encode="entity" and encode="url" . See ENCODE for details. | "" (no encoding) |
showhidden="..." | Set to "on" to show also hidden form fields. | "" |
%FORM{topic="%INCLUDINGTOPIC%"}%
- show form data of the including topic (typically used in an included header)
%FORM{topic="Projects.SushiProject" formfields="Title, Status, Deadline" header="none"}%
- show a subset of form fields
%FORM{format="$name" header="none" separator=", "}%
- get all visible form field names as a list
%FORMFIELD{"fieldname"}%
Parameter: | Description: | Default: |
---|---|---|
"fieldname" | The name of a TWiki form field | required |
topic="..." | Topic where form data is located. May be of the form Web.TopicName | Current topic |
rev="..." | Get the form field value from the specified topic revision, range "1" to top revision of topic. "0" is equivalent to the top revision | The rev URL parameter value if present, otherwise the top revision |
format="..." | Format string. Supported variables: • $value - form field value • $value(20, -<br />) - value hyphenated every 20 characters using separator -<br /> • $value(30, ...) - value shortened to 30 characters • $length - length of value (can be used to test if value is set) • $title - raw field name (includes space and other special characters) • $name - field name (sanitized title) • $attributes - form field attributes • $formtopic - name of form definition topic | "$value" |
default="..." | Text shown when no value is defined for the field | "" |
alttext="..." | Text shown when field is not found in the form | "" |
newline="$br" | Convert newlines in textarea to other delimiters. Variable $br expands to <br /> tag, and $n to a newline. Other text is encoded based on encode parameter. | no conversion |
encode="html" | Encode special characters into HTML entities. If a FORMFIELD is passed into an HTML form field it should be encoded as "html" . Additional encodings available: encode="quote" , encode="moderate" , encode="safe" , encode="entity" , encode="url" and encode="csv" . See ENCODE for details. | "" (no encoding) |
%FORMFIELD{ "ProjectName" topic="Projects.SushiProject" default="(not set)" alttext="ProjectName field not found" }%
%FORMFIELD{ "Title" topic="%INCLUDINGTOPIC%" }%
topic="%INCLUDINGTOPIC%"
if you have a base topic that includes a report topic, and in the report topic you want to reference a field of the base topic
%FORMFIELD{ "LastName" topic="%USERSWEB%.%WIKINAME%" encode="safe" }%
encode="safe"
to guard against Cross-Site Scripting (XSS) attacks
<input type="text" name="Address" value="%FORMFIELD{ "Address" encode="html" }%" />
%SET{}%
. The %SET{}%
and %GET{}%
variables are handled by the SetGetPlugin.
%GET{ "name" default="..." }%
Parameter | Description | Default |
---|---|---|
"name" | Name of variable, such as menu . May optionally contain a JSON path, such as menu.File.Open . | (required) |
format="..." | Format with supported variables: • $name for variable name • $value for variable value • $isdefined expanding to 1 or 0 depending if variable is defined or not • $isset expanding to 1 or 0 depending if variable is logically true or false • $ispersistent expanding to 1 or 0 depending if variable is persistent or not • all FormatTokens such as $dollar , $n , $percnt . | "$value" |
default="..." | Text shown if variable is not defined, e.g. not found. This parameter overrides the format parameter. | "" (empty string) |
store="..." | Specify a store name that holds the persistent variable. This assumes the variable was previously set with the same store name. | "" |
%GET{"lunch"}%
returns Sushi
if the following has been previously set:%SET{ "lunch" value="Sushi" }%
- see more examples
%GET{ name }%
- see description.
%SET{ menu = { "File": { "New": [ "new", "F" ], "Open": [ "open", "F" ] }, "Edit": { "Copy": [ "cpy", "F" ], "Paste": [ "pst", "F" ] } } }%
- set a JSON object
%GET{ menu.File.Open }%
- returns: ["open","F"]
%IF{"CONDITION" then="THEN" else="ELSE"}%
shows "THEN"
if "CONDITION"
evaluates to TRUE
, otherwise "ELSE"
will be shown
%IF{"defined FUNFACTOR" then="FUNFACTOR is defined" else="FUNFACTOR is not defined"}%
renders as FUNFACTOR is not defined
%INCLUDE{"page" ...}%
Parameter: | Description: | Default: |
---|---|---|
"SomeTopic" | The name of a topic located in the current web, i.e. %INCLUDE{"WebNotify"}% | |
"Web.Topic" | A topic in another web, i.e. %INCLUDE{"TWiki.SiteMap"}% | |
"http://..." | A full qualified URL, i.e. %INCLUDE{"http://twiki.org:80/index.html"}% . Supported content types are text/html and text/plain by default. See allowanytype .if the URL resolves to an attachment file on the server this will automatically translate to a server-side include. | |
attachment="filename.ext" | Include the specified attachment instead of topic text. The attachment content is subject to processing just like when topic text is included. For example, text up to %STARTINCLUDE% is excluded. When including an attachment, you can do without topic specification - %INCLUDE{attachment="filename.ext"}% works, which results in including the attachment of the same topic. | |
allowanytype="on" | Suppress the content type checking in including the web page specified by a URL. | disabled |
charset="CHARSET" | Specify the charset of the included content so that a proper charset conversion happens when it's different from the site charset. Needless to say, this works for a TWiki topic, a topic attachment, and a content specified with a URL. This parameter overrides otherwise specified or implied charset. | none |
pattern="..." | Include a subset of a topic or a web page. Specify a RegularExpression that scans from start ('^' ) to end and contains the text you want to keep in parenthesis, e.g., pattern="^.*?(from here.*?to here).*" . IncludeTopicsAndWebPages has more. | none |
headingoffset="2" | Adjust the level of headings in the included topic. A "2" or "+2" increases the level by two, e.g. a ---+ H1 turns into a ---+++ H3. Positive and negative values are supported. Adjusted min and max levels are H1 and H6, respectively. | no adjustment |
hidetoc="on" | Remove %TOC% in included content. Useful to show table of contents in individual topics, while suppressing them if included in a big master document. | TOC_HIDE_IF_ setting |
rev="2" | Include a previous topic revision; N/A for URLs | top revision |
raw="on" (for HTTP inclusion) | When a page is included via HTTP, normally TWiki will process it, doing the following: 1) Alter relative links to point back to originating host, 2) Remove some basic HTML tags (html, head, body, script) and finally 3) Remove newlines from HTML tags spanning multiple lines. If you prefer to include exactly what is in the source of the originating page set this to on . raw="on" is short for disableremoveheaders="on" , disableremovescript="on" , disableremovebody="on" , disablecompresstags="on" and disablerewriteurls="on" . | disabled |
raw="on" (for topic or attachment inclusion) | When a topic is included, normally TWiki variables in the included topic are expanded in the context of the included topic. If raw="on" is specified, that variable expansion does not happen. You may wonder what's that for and what are the implications, which are found out on IncludeTopicRaw. Because of the "in the raw" nature of the parameter, if it's specified, parameters such as encode , headingoffset , hidetoc , newline , nofinalnewline , and section are ignored. | disabled |
literal="on" | While using the raw option will indeed include the raw content, the included content will still be processed and rendered like regular topic content. To disable parsing of the included content, set the literal option to "on" . | disabled |
nofinalnewline="on" | Delete the new line at the end of the result if exists | disabled |
newline="$br" | Convert newlines in textarea to other delimiters. Variable $br expands to <br /> tag, and $n to a newline. Other text is encoded based on encode parameter. | no conversion |
encode="html" | Encode special characters into HTML entities. If a FORMFIELD is passed into an HTML form field it should be encoded as "html" . Additional encodings available: encode="quote" , encode="moderate" , encode="safe" , encode="entity" and encode="url" . See ENCODE for details. | no encoding |
disableremoveheaders="on" | Bypass stripping headers from included HTML (everything until first </head> tag) | disabled |
disableremovescript="on" | Bypass stripping all <script> tags from included HTML | disabled |
disableremovebody="on" | Bypass stripping the </body> tag and everything around over and below it | disabled |
disablecompresstags="on" | Bypass replacing newlines in HTML tags with spaces. This compression step rewrites unmatched <'s into < entities unless bypassed | disabled |
disablerewriteurls="on" | Bypass rewriting relative URLs into absolute ones | disabled |
disablefixlinks="on" | Bypass fixing WikiWord links if include is done across webs. Fixing links in included text such as from SomeLink to Otherweb.SomeLink is usually desirable so that links in included text still point to the same target | disabled |
warn="off" | Warn if topic include fails: Fail silently (if off ); output default warning (if set to on ); else, output specific text (use $topic for topic name) | %INCLUDEWARNING% preferences setting |
section="name" | Includes only the specified named section, as defined in the included topic by the STARTSECTION and ENDSECTION variables. Nothing is shown if the named section does not exists. section="" is equivalent to not specifying a section | |
PARAMONE="val 1" | Any other parameter will be defined as a variable within the scope of the included topic. The example parameters on the left will result in %PARAMONE% and %PARAMTWO% being defined within the included topic. A default value for a variable can be specified in the included topic in case the corresponding parameter is not specified, such as %PARAMONE{ default="..." }% |
%INCLUDE{"http://www.google.com/"}%
is turned off by default. To turn this on, ask your TWiki administrator to enable the {INCLUDE}{AllowURLs}
flag in the Security setup section of configure.
raw
or disableremovescript
parameter.
%INCLUDE{"http://THIS_SERVER/.../THIS_WEB/THIS_TOPIC}%
is detected and blocked.
$TWiki::cfg{UrlHostRegex}
should be set so that it matches all possible server names. e.g. $TWiki::cfg{UrlHostRegex} = qr{http://(www\.)?domain\.com};
attachment="filename.ext"
%STARTINCLUDE%
and %STOPINCLUDE%
in the attachment are observed. The section
parameter is observed. The variables are expanded in the context of the topic having the attachment. For example, %TOPIC%
is expanded to the name of the topic having the attachment.
%INCLUDE{%ATTACHURL%/foo.txt}%
) raw="on"
is specified, the content of <body>...</body>
is extracted, all occurrences of <script>...</script>
are removed. Topic context change doesn't happen because in general inclusion via HTTP doesn't cause topic context change.
%MAKETEXT{"string" args="..."}%
Parameter | Description | Default |
---|---|---|
"text" or string="text" | The text to be displayed. | none |
args="param1, param2" | a comma-separated list of arguments to be interpolated in the string, replacing the [_N] placeholders in it. | none |
%MAKETEXT{string="Notes:"}%
%MAKETEXT{"If you have any questions, please contact [_1]." args="%WIKIWEBMASTER%"}%
%MAKETEXT{"Did you want to ~[~[[_1]~]~[reset [_2]'s password~]~]?" args="%SYSTEMWEB%.ResetPassword, %WIKINAME%"}%
string
to the current user's language only if it has such string in its translation table for that language.
&
) followed by one letter (one of a...z
, A...Z
-- say, X
) in the translatable string will be translated to <span class='twikiAccessKey'>X</span>
. This is used to implement access keys. If you want to write an actual amperstand that stays just before a letter, write two consecutive amperstands (&&
): they will be transformed in just one.
~[
and ~]
in the text have a special meaning and need to be escaped using ~[
and ~]
, respectively.
_
) are reserved. You must not use translatable phrases starting with an underscore.
%VARIABLES%
inside the translatable strings - string would not get translated because variables get expanded before the %MAKETEXT{...}%
itself is handled.
%QUERYPARAMS{...}%
format="..."
format string for each entry, default $name=$value
separator="..."
separator string, default separator="$n"
(newline)
encode="..."
the encoding to apply to parameter values; see ENCODE for a description of the available encodings. If this parameter is not given, no encoding is performed.
Sequence: | Expands To: |
---|---|
$name | Name of the parameter |
$value | String value of the parameter. Multi-valued parameters will have a "row" for each value. |
$n or $n() | New line. Use $n() if followed by alphanumeric character, e.g. write Foo$n()Bar instead of Foo$nBar |
$nop or $nop() | Is a "no operation". This variable gets removed; useful for nested search |
$quot or \" | Double quote (" ) |
$aquot | Apostrophe quote (' ) |
$percnt | Percent sign (% ) |
$dollar | Dollar sign ($ ) |
$lt | Less than sign (< ) |
$gt | Greater than sign (> ) |
%QUERYPARAMS{format="<input type='hidden' name='$name' value='$value' encoding="html" />"}%
%QUERYPARAMS%
.
%QUERYSTRING%
search=;category=DevelopmentVariables
%REMOTE_ADDR%
44.192.26.226
%REMOTE_PORT%
%REMOTE_USER%
viewauth.cgi
)
%SCRIPTNAME%
view
.pl
or .cgi
%SCRIPTSUFFIX%
%SCRIPTURL%
https://www.opengrm.org/twiki/bin
edit
script should always be used in conjunction with ?t=%GMTIME{"$epoch"}%
to ensure pages about to be edited are not cached in the browser
edit
, save
, attach
, upload
, and rename
, the URL on the master site is returned. master="on"
parameter is specified, the URL on the master site is returned.
%SCRIPTURL{"script" ...}%
Parameter: | Description: | Default: |
---|---|---|
"script" | The name of the script | |
web="WEB" | Specifies a web | When a topic name is specified and a web is not, the current web is assumed |
topic="TOPIC" or topic="WEB.TOPIC" | Specifies a topic or both a web and a topic | |
master="on" | A URL on the master site is needed or not | off |
web="WEB"
is specified but topic
is not specified, the resulting URL ends with WEB
.
%SCRIPTURL{"viewauth"}%/%WEB%/%TOPIC%
which expands to https://www.opengrm.org/twiki/bin/viewauth/TWiki/TWikiVariablesSearch
. It can be written %SCRIPTURL{"viewauth" topic="%TOPIC%"}%
as well.
http://florawiki/cgi-bin
. Then %SCRIPTURL{"edit" web="Flowers"}%
expands to http://florawiki/cgi-bin/edit/Flowers
. This is because the 'Flower' web on this site is a slave and editing needs to happen on the master site.
%SCRIPTURL{"view" web="Flowers" master="on"}%
expands to http://florawiki/cgi-bin/view/Flowers
. The view
script works on a slave site, but master="on"
parameter forces to yield the master site URL.
[[%SCRIPTURL{view}%/%WEB%/MyQuery?food=sushi][Sushi]]
%SCRIPTURLPATH{"script"}%
instead, as it works with URL rewriting much better
%SCRIPTURL%
, but doesn't include the protocol and host part of the URL
%SCRIPTURLPATH%
/twiki/bin
edit
script should always be used in conjunction with ?t=%GMTIME{"$epoch"}%
to ensure pages about to be edited are not cached in the browser
%SCRIPTURL{"script"}%
, but doesn't include the protocol and host part of the URL
%SCRIPTURL{"script"}%
, this variable is aware of ReadOnlyAndMirrorWebs. So it may return a URL of a different site.
%SCRIPTURLPATH{"script" ...}%
Parameter: | Description: | Default: |
---|---|---|
"script" | The name of the script. | |
web="WEB" | Specifies a web | When a topic name is specified and a web is not, the current web is assumed |
topic="TOPIC" or topic="WEB.TOPIC" | Specifies a topic or both a web and a topic | |
master="on" | A URL on the master site is needed or not. | off |
web="WEB"
is specified but topic
is not specified, the resulting URL ends with WEB
.
%SCRIPTURLPATH{"view"}%
expands to "/twiki/bin/view"
(This might be a null string. Hence surrounded by double quotes)
%SCRIPTURLPATH{"view" web="%WEB%"}%
expands to /twiki/bin/view/TWiki
%SCRIPTURLPATH{"view" topic="%TOPIC%"}%
expands to /twiki/bin/view/TWiki/VarSCRIPTURLPATH2
http://florawiki/cgi-bin
. Then %SCRIPTURLPATH{"edit" web="Flowers"}%
expands to http://florawiki/cgi-bin/edit/Flowers
. This is because the 'Flower' web on this site is a slave and editing needs to happen on the master site.
%SEARCH{"text" ...}%
Parameter: | Description: | Default: |
---|---|---|
"text" | Search term. Is a keyword search, literal search, regular expression search, or query, depending on the type parameter. SearchHelp has more | required |
search="text" | (Alternative to above) | N/A |
web="Name" web="Main, Know" web="all" | Comma-separated list of webs to search. You can specifically \*exclude\* webs from an all search using a minus sign - for example, web="all,-Secretweb" . The special word all means all webs that do not have the NOSEARCHALL variable set to on in their WebPreferences. Note that TWikiAccessControls are respected when searching webs; it is much better to use them than NOSEARCHALL . | Current web |
topic="WebPreferences" topic="*Bug" | Limit search to topics: A topic, a topic with asterisk wildcards, or a list of topics separated by comma. Note this is a list of topic names and must not include web names. | All topics in a web |
excludetopic="Web*" excludetopic="WebHome, WebChanges" | Exclude topics from search: A topic, a topic with asterisk wildcards, or a list of topics separated by comma. Note this is a list of topic names and must not include web names. | None |
scope="topic" scope="text" scope="all" | Search topic name (title); the text (body) of topic; or all (title and body) | "text" |
type="keyword" type="word" type="literal" type="regex" type="query" | Control how the search is performed when scope="text" or scope="all" keyword : use Google-like controls as in soap "web service" -shampoo ; searches word parts: using the example, topics with "soapsuds" will be found as well, but topics with "shampoos" will be excluded word : identical to keyword but searches whole words: topics with "soapsuds" will not be found, and topics with "shampoos" will not be excluded literal : search for the exact string, like web service regex : use a RegularExpression search like soap;web service;!shampoo ; to search on whole words use \bsoap\b query : query search of form fields and other meta-data, like (Firstname='Emma' OR Firstname='John') AND Lastname='Peel' | %SEARCHVAR- DEFAULTTYPE% preferences setting (literal) |
sort="topic" sort="created" sort="modified" sort="editby" sort="parent" sort="parent(99)" sort="formfield(name)" sort="parent, | Sort the search results by: • topic : topic name, • created : topic creation time, • modified : last modified time, • editby : last editor, • parent : parent topic name, • parent(N) : parent breadcrumb up to indicated level, • formfield(NAME) : named TWikiForms field, • or a combination to sort by more than one field using a comma list. The sorting is done web by web; if you want to sort across webs, create a formatted table and sort it with TablePlugin's initsort. Note that dates are sorted most recent date last (i.e at the bottom of the table). Legacy order parameter is used in case sort is not specified. | "topic" |
reverse="on" reverse="off, on" | Reverse the direction of the search. Specify a comma list of on, off tokens to toggle direction by sort field. If sort has more fields than reverse tokens, the state of the last reverse token is taken for the remaining fields. | "off" |
start="0" start="20" | Specify the number of results to skip. This is done after sorting if sort parameter is specified. This is intended for pagination of results. If this parameter is specified, %NTOPICS% in the search template is replaced with the number of topics matched. Without this parameter, %NTOPICS% doesn't exceed the limit value. | "0" |
limit="all" limit="16" | Limit the number of results returned. This is done after sorting if sort parameter is specified. This parameter specifing the number of results remains the same in the presense of the start parameter. Assuming there are more than 20 results matched, start="10" limit="10" results in 11th to 20th results are returned | "all" |
date="..." | limits the results to those pages with latest edit time in the given time interval. | All results |
createdate="..." | similar to date but it's about create time instead of last edit. You can specify both date and createdate , in which case topics matching both conditions are shown. | All results |
casesensitive="on" | Case sensitive search | Ignore case |
bookview="on" | BookView search, e.g. show complete topic text | Show topic summary |
nonoise="on" | Shorthand for nosummary="on" nosearch="on" nototal="on" zeroresults="off" noheader="on" noempty="on" | Off |
nosummary="on" | Show topic title only | Show topic summary |
nosearch="on" | Suppress search string | Show search string |
noheader="on" | Suppress default search header Topics: Changed: By: , unless a header is explicitly specified | Show default search header, unless search is inline and a format is specified (Cairo compatibility) |
nototal="on" | Do not show number of topics found | Show number |
zeroresults="off" | Suppress all output if there are no hits | zeroresults="on" , displays: "Number of topics: 0" |
noempty="on" | Suppress results for webs that have no hits. | Show webs with no hits |
headingoffset="2" | Adjust the level of headings in text of topics found, taking effect in $text and $pattern() of a FormattedSearch. A "2" or "+2" increases the level by two, e.g. a ---+ H1 turns into a ---+++ H3. Positive and negative values are supported. Adjusted min and max levels are H1 and H6, respectively. | no adjustment |
header="..." format="..." footer="..." | Custom format results. See FormattedSearch for usage, variables & examples | Results in table |
default="..." | Default message if there are no hits in a web. See FormattedSearch for usage, variables & examples | No output |
expandvariables="on" | Expand variables before applying a FormattedSearch on a search hit. Useful to show the expanded text, e.g. to show the result of a SpreadSheetPlugin %CALC{}% instead of the formula | Raw text |
multiple="on" | Multiple hits per topic. Each hit can be formatted. The last token is used in case of a regular expression ";" and search | Only one hit per topic |
nofinalnewline="on" | If on , the search variable does not end in a line by itself. Any text continuing immediately after the search variable on the same line will be rendered as part of the table generated by the search, if appropriate. | off |
recurse="on" | Recurse into subwebs, if subwebs are enabled. | off |
separator=", " | Line separator between search hits. Specify format="$topic" separator=", " to get a comma separated list of topic names. The following variables can be used in the separator value: $n expands to a newline, $br expands to a <br /> line break tag. | "$n" (Newline) |
newline="$br" | Line separator within a search hit. Useful if you want to put multi-line content into a table cell, for example if the format="" parameter contains a $pattern() that captures more than one line, or contains a $formfield() that returns a multi-line textfield. The following variables can be used in the newline value: $n expands to a newline, $br expands to a <br /> line break tag. | "$n" (Newline) |
encode="html" | Encode special characters into HTML entities. If a FORMFIELD is passed into an HTML form field it should be encoded as "html" . Additional encodings available: encode="quote" , encode="moderate" , encode="safe" , encode="entity" and encode="url" . See ENCODE for details. | no encoding |
%SEARCH{"wiki" web="Main" scope="topic"}%
%SEARCH{"%URLPARAM{"query" encode="search"}%" web="Main"}%
%SEARCH{"FAQ" scope="topic" nosearch="on" nototal="on" header="| *Topic: * | *Summary: * |" format="| $topic | $summary |"}%
(displays results in a table with header - details)
%TABLE{}%
variable just before the %SEARCH{}%
to alter the output of a search. Example: %TABLE{ tablewidth="90%" }%
%SESSIONID%
%SESSIONVAR%
%SESSION_VARIABLE{"name"}%
- read a session variable
%SESSION_VARIABLE{"name" set="value"}%
- set a session variable
%SESSION_VARIABLE{"name" clear=""}%
- clear a session variable
%SESSION_VARIABLE{"AUTHUSER"}%
- user ID, current value:
%SESSION_VARIABLE{"SESSION_REQUEST_NUMBER"}%
- number of pages accessed by current user since login, current value:
"_NON_OF_YOUR_BUSINESS"
%GET{}%
. No output is shown, e.g. %SET{}%
resolves to an empty string. It is also possible to set a JSON object using a JSON path. The %SET{}%
and %GET{}%
variables are handled by the SetGetPlugin.
%SET{ "name" value="..." remember="1" }%
Parameter | Description | Default |
---|---|---|
"name" | Name of variable. Alphanumeric characters, dashes and underscores can be used. | (required) |
value="..." | Value of variable. Escape double quotes with backslash. | (required, may be empty) |
remember="1" | If set, the variable will be stored persistently so that it can be used later in any TWiki topic. Alternatively use the store parameter. See important notes. | "0" |
store="..." | Specify a store name to persistently store the variable, such as store="Parts" . Use alphanumeric characters, dashes and underscores for the name. For better performance, store is preferred over the remember parameter if you need to store a large dataset. See important notes. | "" |
%SET{"lunch" value="Sushi"}%
- see more examples.
%SET{ name = { ... } remember="1" }%
- see description. remember="1"
or store="..."
parameter can be appended. If specified, the JSON object will be stored persistently so that it can be used later in any TWiki topic.
%SET{ menu = { "File": { "New": [ "new", "F" ], "Open": [ "open", "F" ] }, "Edit": { "Copy": [ "cpy", "F" ], "Paste": [ "pst", "F" ] } } }%
- set a JSON object
%GET{ menu }%
- returns: {"File":{"New":["new","F"],"Open":["open","F"]},"Edit":{"Copy":["cpy","F"],"Paste":["pst","F"]}}
%SET{ menu.File.Open[1] = "T" }%
- modify a JSON object
%GET{ menu }%
- returns: {"File":{"New":["new","F"],"Open":["open","T"]},"Edit":{"Copy":["cpy","F"],"Paste":["pst","F"]}}
%SET{ menu.Edit.Cut = [ "cut", "T" ] }%
- add to a JSON object
%GET{ menu }%
- returns: {"File":{"New":["new","F"],"Open":["open","T"]},"Edit":{"Copy":["cpy","F"],"Paste":["pst","F"],"Cut":["cut","T"]}}
%SET{}%
. The %SETGETDUMP{}%
, %SET{}%
, and %GET{}%
variables are handled by the SetGetPlugin.
%SETGETDUMP{ remember="1" format="..." separator="..." }%
Parameter | Description | Default |
---|---|---|
remember="1" | Dump all persistent variables | (volatile variables) |
store="..." | Dump variables of a specific store | (volatile variables) |
format="..." | Format output using variables $name and $value | "name: $name, value: $value <br />" |
separator="..." | String used for separating entries | "\n" |
%SETGETDUMP{"| $name | $value |" separator="$n"}%
- see more examples.
%STOPINCLUDE%
variable. A normal view of the topic shows everything exept the %STARTINCLUDE%
variable itself.
%STARTSECTION{type="include"}%
instead
%STARTINCLUDE%
%STARTSECTION{}%
and %ENDSECTION{}%
.
type="section"
- the default, used for a generic section, such as a named section used by INCLUDE.
type="include"
- like %STARTINCLUDE%
... %STOPINCLUDE%
except that you can have as many include blocks as you want (%STARTINCLUDE%
is restricted to only one).
type="templateonly"
- start position of text to be removed when a template topic is used. Use this to embed text that you do not want expanded when a new topic based on the template topic is created. TWikiTemplates has more.
type="expandvariables"
- start position where TWikiVariables get expanded when a new topic is created. As documented in TWikiTemplates#VariableExpansion, only certain variables get expanded when a new topic based on the template topic is created. All variables get expanded within a "expandvariables"
section.
%STARTSECTION{"name"}% ................... %ENDSECTION{"name"}%
%STARTSECTION{type="include"}% ........... %ENDSECTION{type="include"}%
%STARTSECTION{type="templateonly"}% ...... %ENDSECTION{type="templateonly"}%
%STARTSECTION{type="expandvariables"}% ... %ENDSECTION{type="expandvariables"}%
Parameter: | Description: | Default |
---|---|---|
"name" | Name of the section. Must be unique inside a topic. | Generated name |
type="..." | Type of the section; type "section" , "include" , "templateonly" , or "expandvariables" | "section" |
disablefixlinks="on" | Only for named sections: Bypass fixing WikiWord links if section is included from a topic in another web. Fixing links in included text such as from SomeLink to Thisweb.SomeLink is usually desirable so that links in included text still point to the same target. | fix links |
_SECTION0
for the first unnamed section in the topic, _SECTION1
for the second, etc..
%STOPINCLUDE%
variable itself.
%STOPINCLUDE%
%URLPARAM{"name"}%
Parameter: | Description: | Default: |
---|---|---|
"name" | The name of a URL parameter | required |
newline="$br" | Convert newlines in textarea to other delimiters. Variables $br (for <br /> tag), $n (for newline) are expanded. Other text is encoded based on encode parameter. | no conversion |
encode="off" | Turn off encoding. See important security note below | encode="safe" |
encode="quote" | Escape double quotes with backslashes (\" ), does not change other characters; required when feeding URL parameters into other TWiki variables. This encoding does not protect against cross-site scripting. | encode="safe" |
encode="moderate" | Encode special characters into HTML entities for moderate cross-site scripting protection: "<" , ">" , single quote (' ) and double quote (" ) are encoded. Useful to allow TWiki variables in comment boxes. | encode="safe" |
encode="safe" | Encode special characters into HTML entities for cross-site scripting protection: "<" , ">" , "%" , single quote (' ) and double quote (" ) are encoded. | (this is the default) |
encode="entity" | Encode special characters into HTML entities. See ENCODE for details. | encode="safe" |
encode="html" | Encode special characters into HTML entities. In addition to encode="entity" , it also encodes space, newline (\n ) and linefeed (\r ). Useful to encode text properly in HTML input fields. | encode="safe" |
encode="url" | Encode special characters for URL parameter use, like a double quote into %22 | encode="safe" |
encode="search" | Special encoding used for SEARCH: Substitute % characters into non-printable characters, so that TWikiVariables are no longer expanded. Also escapes quotes. Used to feed a search string from a URLPARAM into SEARCH without expanding any variables, such as when searching for %BR% . | type="url" |
multiple="on" multiple="[[$item]]" | If set, gets all selected elements of a <select multiple="multiple"> tag. A format can be specified, with $item indicating the element, e.g. multiple="Option: $item" | first element |
separator=", " | Separator between multiple selections. Only relevant if multiple is specified | "\n" (newline) |
format="..." | Format the result. $value expands to the URL parameter. If multiple is specified, $value expands to the result of the concatenated items. | "$value" |
default="..." | Default value in case parameter is empty or missing. The format parameter is not applied. | empty string |
%URLPARAM{"skin"}%
returns print
for a .../view/TWiki/TWikiVariablesSearch?skin=print
URL
encode="safe"
is the default, it provides a safe middle ground. The encode="entity"
is more aggressive, but some TWiki applications might not work.
"html"
. <input type="text" name="address" value="%URLPARAM{ "address" encode="html" }%" />
%SET{ "lunch" value="%ENCODE{ "string with "quotes"" type="quotes" }%" remember="1" }%
%SEARCH{ "%URLPARAM{ "query" encode="search" }%" noheader="on" }%
rev
, skin
, template
, topic
, web
; they have a special meaning in TWiki. Common parameters and view script specific parameters are documented at TWikiScripts.
%URLPARAM{
in the value of a URL parameter, it will be modified to %<nop>URLPARAM{
. This is to prevent an infinite loop during expansion.
%USERREPORT{ action="..." ... }%
Report | action= | Parameters |
---|---|---|
Show a simple list of registered users | "user_list" | search , limit , sort , reverse |
Show the profile picture image of a user | "profile_picture" | user , height , width , title |
Show slim, one line height user boxes | "slim_box_start" "slim_box" or "slim_box_list" "slim_box_end" | style user , style users , style none |
Show small, two line height user boxes | "small_box_start" "small_box" or "small_box_list" "small_box_end" | style user , style users , style none |
Show users in business card format | "business_card_start" "business_card" or "business_card_list" "business_card_end" | style user , style users , style none |
Show a selector to pick a user, for use in HTML forms | "select_one_user" | name , selected , users |
Show rows of checkboxes to select users, for use in HTML forms | "select_users" | name , selected , users , colums , style |
%USERREPORT{ action="user_list" search="jane" limit="5" }%
topic
parameter is specified, it gets the value of the specified preferences variable in the specified topic. Please note that the WebPreferences of the web of the specified topic is not examined. So the returned value may not be the same as the value of the variable when the specified topic is viewed.
topic
parameter is not specified and the web
parameter is specified, it gets the value of the specified preferences variable in the specified web, which means the specified web's WebPreferences is examined for the variable.
topic
nor web
parameter is specified, it gets the value of the specified variable in the current context -- the variable can either be a preferences variable or a session variable but cannot be a tag with a tag handler (e.g. %GMTIME%
). %VAR{"NAME"}%
is similar to %NAME%
, but they differ if NAME
is undefined, in which case %VAR{"NAME"}%
is expanded to null (zero width string) while %NAME%
remains as is (%NAME%
). %VAR{"NAME"}%
yields the same value as %IF{"defined NAME" then="$percntNAME$percnt"}%
if NAME is a variable, but the latter is cubmersome.
%VAR{"NAME" ...}%
Parameter: | Description: | Default: |
---|---|---|
"Variable" | The name of the variable to be retrieved. If not specified, %VAR{...}% is expanded to null. | required |
topic="Web.Topic" | Specifies the topic in which the specified preferences vaiable is fetched. | none |
topic="Topic" | Same as above, but the web is specified specified explicitly with the web parameter or the current web is specified. | none |
web="Web" | Specifies the web in which the specified preferences variable is fetched. | none |
default="Value" | Specifies the value to be returned if the specified variable is undefined. | "" (null string) |
ignorenull="on" | If specified, a null string ("") value is regarded as undefined. This affects whether or not the value specified by the default parameter is returned. | "off" |
%VAR{"GROUP" topic="%USERSWEB%.TWikiAdminGroup"}%
, which expands to Main.MichaelRiley, CyrilAllauzen, KyleGorman, BrianRoark
.
%WEBBGCOLOR%
of the Main web write %VAR{"WEBBGCOLOR" web="Main"}%
, which expands to #FFEFA6
%VAR{"FOOSKIN_HTML_HEAD_HOOK" default="<nop>" ignorenull="on"}%