8 public function __construct(Repository $repo = null)
14 * Processes the POST data, changes description and files
16 * @return boolean True if the post was successful
18 public function process($postData)
20 if (!isset($postData['files'])) {
25 $this->repo = $this->createRepo();
28 $vc = $this->repo->getVc();
29 $this->repo->setDescription($postData['description']);
32 foreach ($postData['files'] as $num => $arFile) {
34 if ($_FILES['files']['error'][$num]['upload'] == 0) {
37 } else if ($arFile['content'] == '' && $arFile['name'] == '') {
42 $orignalName = $this->sanitizeFilename($arFile['original_name']);
43 $name = $this->sanitizeFilename($arFile['name']);
47 $name = $this->sanitizeFilename($_FILES['files']['name'][$num]['upload']);
49 $name = $this->getNextNumberedFile('phork')
50 . '.' . $arFile['type'];
56 if (!isset($orignalName) || $orignalName == '') {
59 if (strpos($name, '.') === false) {
60 //automatically append file extension if none is there
61 $name .= '.' . $arFile['type'];
63 } else if (!$this->repo->hasFile($orignalName)) {
65 //FIXME: Show error message
67 } else if (isset($arFile['delete']) && $arFile['delete'] == 1) {
69 } else if ($orignalName != $name) {
70 if (strpos($name, '/') === false) {
71 //ignore names with a slash in it, would be new directory
72 //FIXME: what to do with overwrites?
74 ->addArgument($orignalName)
83 $file = $this->repo->getFileByName($name, false);
85 $command = $vc->getCommand('rm')
86 ->addArgument($file->getFilename())
89 } else if ($bUpload) {
91 $_FILES['files']['tmp_name'][$num]['upload'], $file->getPath()
93 $command = $vc->getCommand('add')
94 ->addArgument($file->getFilename())
97 } else if ($bNew || (isset($arFile['content']) && $file->getContent() != $arFile['content'])) {
98 file_put_contents($file->getPath(), $arFile['content']);
99 $command = $vc->getCommand('add')
100 ->addArgument($file->getFilename())
107 $vc->getCommand('commit')
108 ->setOption('message', '')
109 ->setOption('allow-empty-message')
110 ->setOption('author', 'Anonymous <anonymous@phorkie>')
117 public function createRepo()
119 $rs = new Repositories();
120 $repo = $rs->createNew();
121 $vc = $repo->getVc();
122 $vc->getCommand('init')
123 //this should be setOption, but it fails with a = between name and value
124 ->addArgument('--separate-git-dir')
125 ->addArgument($GLOBALS['phorkie']['cfg']['gitdir'] . '/' . $repo->id . '.git')
126 ->addArgument($repo->workDir)
129 foreach (glob($repo->gitDir . '/hooks/*') as $hookfile) {
133 touch($repo->gitDir . '/git-daemon-export-ok');
138 public function getNextNumberedFile($prefix)
143 $files = glob($this->repo->workDir . '/' . $prefix . $num . '.*');
144 } while (count($files));
146 return $prefix . $num;
150 * Removes malicious parts from a file name
152 * @param string $file File name from the user
154 * @return string Fixed and probably secure filename
156 public function sanitizeFilename($file)
159 $file = str_replace(array('\\', '//'), '/', $file);
160 $file = str_replace('/../', '/', $file);
161 if (substr($file, 0, 3) == '../') {
162 $file = substr($file, 3);
164 if (substr($file, 0, 1) == '../') {
165 $file = substr($file, 1);