8 public function __construct(Repository $repo = null)
14 * Processes the POST data, changes description and files
16 * @return boolean True if the post was successful
18 public function process($postData)
20 if (!isset($postData['files'])) {
25 $this->repo = $this->createRepo();
28 $vc = $this->repo->getVc();
29 $this->repo->setDescription($postData['description']);
32 foreach ($postData['files'] as $arFile) {
33 if ($arFile['content'] == '' && $arFile['name'] == '') {
38 $orignalName = $this->sanitizeFilename($arFile['original_name']);
39 $name = $this->sanitizeFilename($arFile['name']);
42 $name = $this->getNextNumberedFile('phork')
43 . '.' . $arFile['type'];
48 if (!isset($orignalName) || $orignalName == '') {
51 if (strpos($name, '.') === false) {
52 //automatically append file extension if none is there
53 $name .= '.' . $arFile['type'];
55 } else if (!$this->repo->hasFile($orignalName)) {
57 //FIXME: Show error message
59 } else if (isset($arFile['delete']) && $arFile['delete'] == 1) {
61 } else if ($orignalName != $name) {
62 //FIXME: what to do with overwrites?
64 ->addArgument($orignalName)
70 $file = $this->repo->getFileByName($name, false);
72 $command = $vc->getCommand('rm')
73 ->addArgument($file->getFilename())
76 } else if ($bNew || $file->getContent() != $arFile['content']) {
77 file_put_contents($file->getPath(), $arFile['content']);
78 $command = $vc->getCommand('add')
79 ->addArgument($file->getFilename())
86 $vc->getCommand('commit')
87 ->setOption('message', '')
88 ->setOption('allow-empty-message')
89 ->setOption('author', 'Anonymous <anonymous@phorkie>')
96 public function createRepo()
98 $rs = new Repositories();
99 $repo = $rs->createNew();
100 $vc = $repo->getVc();
101 $vc->initRepository();
103 foreach (glob($repo->repoDir . '/.git/hooks/*') as $hookfile) {
107 touch($repo->repoDir . '/.git/git-daemon-export-ok');
112 public function getNextNumberedFile($prefix)
117 $files = glob($this->repo->repoDir . '/' . $prefix . $num . '.*');
118 } while (count($files));
120 return $prefix . $num;
124 * Removes malicious parts from a file name
126 * @param string $file File name from the user
128 * @return string Fixed and probably secure filename
130 public function sanitizeFilename($file)
133 $file = str_replace(array('\\', '//'), '/', $file);
134 $file = str_replace('/../', '/', $file);
135 if (substr($file, 0, 3) == '../') {
136 $file = substr($file, 3);
138 if (substr($file, 0, 1) == '../') {
139 $file = substr($file, 1);