Showing revision: 1



qswiki is a wiki software, intended for small wikis. Originally implemented in C, it's now written in C++.


A couple of years ago, I wanted to setup a personal wiki on my raspberry pi. However, the distribution I used back then did not have a PHP package for ARM. So I decided I would write one in C. Yes, that's an odd way to approach the problem and indeed, I may have had too much time back then. Also, I wanted to see how it's like to write a "web app" in C and wanted to sharpen my C a little bit.

Of course, it's pretty straightforward at first. No really. Just use CGI. And indeed, that's probably more than enough. Then I decided to play around and started using FastCGI (with the official library from now defunct and created a multi-threaded version. It initially used a "pile of files database", but that became too painful, so then I started using sqlite.


Eventually the code became unmaintainable. Initially, I wanted something quick. I did not care about memory leaks (as it was CGI initially). After FastCGI, they became an issue. In the end, the task of avoiding memory leaks became too annoying. And of course, C does not include any batteries and while I could manage, this too was another good reason.

Overall, I am just continuing the experiment with C++17 now. I would not consider it the best language for a software like this, but it's not nearly as bad as you would expect perhaps. Some things are surprisingly convenient even. Still, I would hope for a some better built-in Unicode support in the future.


To be fair, at this point it doesn't even have a "diff" between revisions yet and does not have futures that distinguish it from other wikis I suppose.

-HTTP server using the header only library cpp-httplib. It's more portable and more "future-proof" than FastCGI (since the official website disappeared, the library's future appears to be uncertain).
-Support for user accounts. Passwords are stored using PBKDF2.
-sqlite database, but not too much of an effort to add other types of storage backends. sqlite is using the great header only library sqlite_modern_cpp
-Relatively Fine-grained permission system.
-FTS search


The most reasonable way would have been to add some sort sandboxing support right away, but this is lacking so far. As for "web security", all POST requests are centrally protected against CSRF attacks and all input is escaped against XSS attacks.-