1# Delete Page Guard for DokuWiki 2 3The **Delete Page Guard** plugin prevents accidental or intentional deletion of 4wikipages in your DokuWiki installation by blocking the “empty save” 5operation when certain pages are protected. A page is considered for 6protection when its ID or relative file path matches one or more 7regular expressions configured via the DokuWiki Configuration Manager. 8 9## Features 10 11* Prevents deletion via “empty save” on protected pages. 12* Supports any number of protection patterns using PCRE syntax. 13* Choose whether to match against the colon‑separated page ID or the 14 relative file system path. 15* Allow administrators and optional additional groups to bypass the 16 protection. 17* Optionally treat whitespace‑only content as empty. 18 19## Installation 20 211. Copy the contents of this plugin directory into 22 `<dokuwiki>/lib/plugins/deletepageguard/`. 232. Ensure that the directory name matches the `base` value in 24 `plugin.info.txt` (here: `deletepageguard`). 253. Visit the **Configuration Manager** in your DokuWiki and adjust the 26 plugin settings under the “Delete Page Guard” section. 27 28## Configuration 29 30The following options are available in the Configuration Manager: 31 32| Setting | Description | 33|---|---| 34| **Protected page patterns** | List of PCRE regular expressions. Each line defines a pattern. When a page matches any pattern, non‑admin users cannot delete it by empty save. | 35| **Match against** | Choose whether the patterns should match against the page ID (e.g. `users:john:home`) or the relative file path (e.g. `users/john/home.txt`). | 36| **Extra groups allowed to delete** | Comma separated list of user groups that are allowed to delete protected pages, in addition to administrators. Leave empty to restrict deletion to admins only. | 37| **Treat whitespace‑only pages as empty** | If enabled, pages containing only whitespace will be treated as empty and deletion will be blocked on protected pages. | 38 39### Pattern examples 40 41* `^users:` – protect all pages in the `users` namespace. 42* `^users:[^:]+:start$` – protect every user's landing page named `start` under `users:<username>`. 43* `^projects:.*$` – protect everything in the `projects` namespace. 44* `^private/.*\.txt$` – when matching against file paths, protect any `.txt` file in the `private` directory. 45 46## How it works 47 48When a page is saved, DokuWiki triggers the `COMMON_WIKIPAGE_SAVE` event just before writing to disk. For normal edits, the plugin does nothing. However, when the new content is empty (after optional trimming) the plugin checks the configured patterns against the chosen target (ID or file path). If a match occurs and the current user is not an administrator and not in one of the exempt groups, the plugin prevents the deletion by calling `$event->preventDefault()` and `$event->stopPropagation()` as documented in DokuWiki's event system. An error message is displayed to the user informing them that deletion is not allowed. 49 50## Security Features 51 52* **Regex Validation**: All regular expressions are validated for syntax before use. 53* **ReDoS Protection**: Basic protection against Regular Expression Denial of Service attacks through pattern complexity checks and execution timeouts. 54* **Input Sanitization**: User input is properly sanitized and validated. 55 56## Compatibility 57 58This plugin hooks into the `COMMON_WIKIPAGE_SAVE` event, which was introduced in DokuWiki release **"Detritus" (2016‑02‑24)** and is marked as preventable. It has been tested for compatibility with current releases such as **"Kaos" (2024‑02‑06b)**. The plugin uses only public APIs and the documented event system, so it should continue to work with future versions as long as these events remain available. 59 60## License 61 62This plugin is released under the terms of the 63[GNU General Public License v2](https://www.gnu.org/licenses/gpl-2.0.html).