}
$vc = $this->repo->getVc();
- $this->repo->setDescription($postData['description']);
+
$bChanged = false;
+ $bCommit = false;
+ if ($postData['description'] != $this->repo->getDescription()) {
+ $this->repo->setDescription($postData['description']);
+ $bChanged = true;
+ }
+
foreach ($postData['files'] as $num => $arFile) {
$bUpload = false;
if ($_FILES['files']['error'][$num]['upload'] == 0) {
continue;
}
- $orignalName = $this->sanitizeFilename($arFile['original_name']);
- $name = $this->sanitizeFilename($arFile['name']);
+ $orignalName = Tools::sanitizeFilename($arFile['original_name']);
+ $name = Tools::sanitizeFilename($arFile['name']);
if ($name == '') {
if ($bUpload) {
- $name = $this->sanitizeFilename($_FILES['files']['name'][$num]['upload']);
+ $name = Tools::sanitizeFilename($_FILES['files']['name'][$num]['upload']);
} else {
$name = $this->getNextNumberedFile('phork')
. '.' . $arFile['type'];
} else if (isset($arFile['delete']) && $arFile['delete'] == 1) {
$bDelete = true;
} else if ($orignalName != $name) {
- //FIXME: what to do with overwrites?
- $vc->getCommand('mv')
- ->addArgument($orignalName)
- ->addArgument($name)
- ->execute();
- $bChanged = true;
+ if (strpos($name, '/') === false) {
+ //ignore names with a slash in it, would be new directory
+ //FIXME: what to do with overwrites?
+ $vc->getCommand('mv')
+ ->addArgument($orignalName)
+ ->addArgument($name)
+ ->execute();
+ $bCommit = true;
+ } else {
+ $name = $orignalName;
+ }
}
$file = $this->repo->getFileByName($name, false);
$command = $vc->getCommand('rm')
->addArgument($file->getFilename())
->execute();
- $bChanged = true;
+ $bCommit = true;
} else if ($bUpload) {
move_uploaded_file(
- $_FILES['files']['tmp_name'][$num]['upload'], $file->getPath()
+ $_FILES['files']['tmp_name'][$num]['upload'], $file->getFullPath()
);
$command = $vc->getCommand('add')
->addArgument($file->getFilename())
->execute();
- $bChanged = true;
- } else if ($bNew || $file->getContent() != $arFile['content']) {
- file_put_contents($file->getPath(), $arFile['content']);
+ $bCommit = true;
+ } else if ($bNew || (isset($arFile['content']) && $file->getContent() != $arFile['content'])) {
+ file_put_contents($file->getFullPath(), $arFile['content']);
$command = $vc->getCommand('add')
->addArgument($file->getFilename())
->execute();
- $bChanged = true;
+ $bCommit = true;
}
}
- if ($bChanged) {
+ if ($bCommit) {
$vc->getCommand('commit')
->setOption('message', '')
->setOption('allow-empty-message')
->setOption('author', 'Anonymous <anonymous@phorkie>')
->execute();
+ $bChanged = true;
+ }
+
+ if ($bChanged) {
+ //FIXME: index changed files only
+ //also handle file deletions
+ $db = new Database();
+ $db->getIndexer()->updateRepo($this->repo);
}
return true;
//this should be setOption, but it fails with a = between name and value
->addArgument('--separate-git-dir')
->addArgument($GLOBALS['phorkie']['cfg']['gitdir'] . '/' . $repo->id . '.git')
- ->addArgument($repo->workDir);
+ ->addArgument($repo->workDir)
->execute();
foreach (glob($repo->gitDir . '/hooks/*') as $hookfile) {
return $prefix . $num;
}
-
- /**
- * Removes malicious parts from a file name
- *
- * @param string $file File name from the user
- *
- * @return string Fixed and probably secure filename
- */
- public function sanitizeFilename($file)
- {
- $file = trim($file);
- $file = str_replace(array('\\', '//'), '/', $file);
- $file = str_replace('/../', '/', $file);
- if (substr($file, 0, 3) == '../') {
- $file = substr($file, 3);
- }
- if (substr($file, 0, 1) == '../') {
- $file = substr($file, 1);
- }
-
- return $file;
- }
}
?>