8 public function __construct(Repository $repo = null)
14 * Processes the POST data, changes description and files
16 * @return boolean True if the post was successful
18 public function process($postData)
20 if (!isset($postData['files'])) {
25 $this->repo = $this->createRepo();
28 $vc = $this->repo->getVc();
29 $this->repo->setDescription($postData['description']);
32 foreach ($postData['files'] as $num => $arFile) {
34 if ($_FILES['files']['error'][$num]['upload'] == 0) {
37 } else if ($arFile['content'] == '' && $arFile['name'] == '') {
42 $orignalName = $this->sanitizeFilename($arFile['original_name']);
43 $name = $this->sanitizeFilename($arFile['name']);
47 $name = $this->sanitizeFilename($_FILES['files']['name'][$num]['upload']);
49 $name = $this->getNextNumberedFile('phork')
50 . '.' . $arFile['type'];
56 if (!isset($orignalName) || $orignalName == '') {
59 if (strpos($name, '.') === false) {
60 //automatically append file extension if none is there
61 $name .= '.' . $arFile['type'];
63 } else if (!$this->repo->hasFile($orignalName)) {
65 //FIXME: Show error message
67 } else if (isset($arFile['delete']) && $arFile['delete'] == 1) {
69 } else if ($orignalName != $name) {
70 //FIXME: what to do with overwrites?
72 ->addArgument($orignalName)
78 $file = $this->repo->getFileByName($name, false);
80 $command = $vc->getCommand('rm')
81 ->addArgument($file->getFilename())
84 } else if ($bUpload) {
86 $_FILES['files']['tmp_name'][$num]['upload'], $file->getPath()
88 $command = $vc->getCommand('add')
89 ->addArgument($file->getFilename())
92 } else if ($bNew || $file->getContent() != $arFile['content']) {
93 file_put_contents($file->getPath(), $arFile['content']);
94 $command = $vc->getCommand('add')
95 ->addArgument($file->getFilename())
102 $vc->getCommand('commit')
103 ->setOption('message', '')
104 ->setOption('allow-empty-message')
105 ->setOption('author', 'Anonymous <anonymous@phorkie>')
112 public function createRepo()
114 $rs = new Repositories();
115 $repo = $rs->createNew();
116 $vc = $repo->getVc();
117 $vc->getCommand('init')
118 //this should be setOption, but it fails with a = between name and value
119 ->addArgument('--separate-git-dir')
120 ->addArgument($GLOBALS['phorkie']['cfg']['gitdir'] . '/' . $repo->id . '.git')
121 ->addArgument($repo->workDir)
124 foreach (glob($repo->gitDir . '/hooks/*') as $hookfile) {
128 touch($repo->gitDir . '/git-daemon-export-ok');
133 public function getNextNumberedFile($prefix)
138 $files = glob($this->repo->workDir . '/' . $prefix . $num . '.*');
139 } while (count($files));
141 return $prefix . $num;
145 * Removes malicious parts from a file name
147 * @param string $file File name from the user
149 * @return string Fixed and probably secure filename
151 public function sanitizeFilename($file)
154 $file = str_replace(array('\\', '//'), '/', $file);
155 $file = str_replace('/../', '/', $file);
156 if (substr($file, 0, 3) == '../') {
157 $file = substr($file, 3);
159 if (substr($file, 0, 1) == '../') {
160 $file = substr($file, 1);