}
$vc = $this->repo->getVc();
- $this->repo->setDescription($postData['description']);
+
$bChanged = false;
+ $bCommit = false;
+ if ($postData['description'] != $this->repo->getDescription()) {
+ $this->repo->setDescription($postData['description']);
+ $bChanged = true;
+ }
+
foreach ($postData['files'] as $num => $arFile) {
$bUpload = false;
if ($_FILES['files']['error'][$num]['upload'] == 0) {
continue;
}
- $orignalName = $this->sanitizeFilename($arFile['original_name']);
- $name = $this->sanitizeFilename($arFile['name']);
+ $orignalName = Tools::sanitizeFilename($arFile['original_name']);
+ $name = Tools::sanitizeFilename($arFile['name']);
if ($name == '') {
if ($bUpload) {
- $name = $this->sanitizeFilename($_FILES['files']['name'][$num]['upload']);
+ $name = Tools::sanitizeFilename($_FILES['files']['name'][$num]['upload']);
} else {
$name = $this->getNextNumberedFile('phork')
. '.' . $arFile['type'];
->addArgument($orignalName)
->addArgument($name)
->execute();
- $bChanged = true;
+ $bCommit = true;
} else {
$name = $orignalName;
}
$command = $vc->getCommand('rm')
->addArgument($file->getFilename())
->execute();
- $bChanged = true;
+ $bCommit = true;
} else if ($bUpload) {
move_uploaded_file(
$_FILES['files']['tmp_name'][$num]['upload'], $file->getFullPath()
$command = $vc->getCommand('add')
->addArgument($file->getFilename())
->execute();
- $bChanged = true;
+ $bCommit = true;
} else if ($bNew || (isset($arFile['content']) && $file->getContent() != $arFile['content'])) {
file_put_contents($file->getFullPath(), $arFile['content']);
$command = $vc->getCommand('add')
->addArgument($file->getFilename())
->execute();
- $bChanged = true;
+ $bCommit = true;
}
}
- if ($bChanged) {
+ if ($bCommit) {
$vc->getCommand('commit')
->setOption('message', '')
->setOption('allow-empty-message')
->setOption('author', 'Anonymous <anonymous@phorkie>')
->execute();
+ $bChanged = true;
+ }
+
+ if ($bChanged) {
+ //FIXME: index changed files only
+ //also handle file deletions
+ $db = new Database();
+ $db->getIndexer()->updateRepo($this->repo);
}
return true;
return $prefix . $num;
}
-
- /**
- * Removes malicious parts from a file name
- *
- * @param string $file File name from the user
- *
- * @return string Fixed and probably secure filename
- */
- public function sanitizeFilename($file)
- {
- $file = trim($file);
- $file = str_replace(array('\\', '//'), '/', $file);
- $file = str_replace('/../', '/', $file);
- if (substr($file, 0, 3) == '../') {
- $file = substr($file, 3);
- }
- if (substr($file, 0, 1) == '../') {
- $file = substr($file, 1);
- }
-
- return $file;
- }
}
?>