X-Git-Url: https://git.cweiske.de/phorkie.git/blobdiff_plain/2b4b34a76f42841e964a549fc64c02ba4f60a3f4..3bc2092b7732a33db738e12afde32645e49d5c47:/src/phorkie/Repository/Post.php diff --git a/src/phorkie/Repository/Post.php b/src/phorkie/Repository/Post.php index 627aa1f..633fb27 100644 --- a/src/phorkie/Repository/Post.php +++ b/src/phorkie/Repository/Post.php @@ -26,56 +26,103 @@ class Repository_Post } $vc = $this->repo->getVc(); - $this->repo->setDescription($postData['description']); + $bChanged = false; - foreach ($postData['files'] as $arFile) { - if ($arFile['content'] == '' && $arFile['name'] == '') { + $bCommit = false; + if ($postData['description'] != $this->repo->getDescription()) { + $this->repo->setDescription($postData['description']); + $bChanged = true; + } + + foreach ($postData['files'] as $num => $arFile) { + $bUpload = false; + if ($_FILES['files']['error'][$num]['upload'] == 0) { + //valid file upload + $bUpload = true; + } else if ($arFile['content'] == '' && $arFile['name'] == '') { //empty (new) file continue; } - $orignalName = $this->sanitizeFilename($arFile['original_name']); - $name = $this->sanitizeFilename($arFile['name']); + $orignalName = Tools::sanitizeFilename($arFile['original_name']); + $name = Tools::sanitizeFilename($arFile['name']); if ($name == '') { - $name = $this->getNextNumberedFile('phork') - . '.' . $arFile['type']; + if ($bUpload) { + $name = Tools::sanitizeFilename($_FILES['files']['name'][$num]['upload']); + } else { + $name = $this->getNextNumberedFile('phork') + . '.' . $arFile['type']; + } } $bNew = false; + $bDelete = false; if (!isset($orignalName) || $orignalName == '') { //new file $bNew = true; + if (strpos($name, '.') === false) { + //automatically append file extension if none is there + $name .= '.' . $arFile['type']; + } } else if (!$this->repo->hasFile($orignalName)) { //unknown file //FIXME: Show error message continue; + } else if (isset($arFile['delete']) && $arFile['delete'] == 1) { + $bDelete = true; } else if ($orignalName != $name) { - //FIXME: what to do with overwrites? - $vc->getCommand('mv') - ->addArgument($orignalName) - ->addArgument($name) - ->execute(); - $bChanged = true; + if (strpos($name, '/') === false) { + //ignore names with a slash in it, would be new directory + //FIXME: what to do with overwrites? + $vc->getCommand('mv') + ->addArgument($orignalName) + ->addArgument($name) + ->execute(); + $bCommit = true; + } else { + $name = $orignalName; + } } $file = $this->repo->getFileByName($name, false); - if ($bNew || $file->getContent() != $arFile['content']) { - file_put_contents($file->getPath(), $arFile['content']); + if ($bDelete) { + $command = $vc->getCommand('rm') + ->addArgument($file->getFilename()) + ->execute(); + $bCommit = true; + } else if ($bUpload) { + move_uploaded_file( + $_FILES['files']['tmp_name'][$num]['upload'], $file->getFullPath() + ); $command = $vc->getCommand('add') ->addArgument($file->getFilename()) ->execute(); - $bChanged = true; + $bCommit = true; + } else if ($bNew || (isset($arFile['content']) && $file->getContent() != $arFile['content'])) { + file_put_contents($file->getFullPath(), $arFile['content']); + $command = $vc->getCommand('add') + ->addArgument($file->getFilename()) + ->execute(); + $bCommit = true; } } - if ($bChanged) { + if ($bCommit) { $vc->getCommand('commit') ->setOption('message', '') ->setOption('allow-empty-message') ->setOption('author', 'Anonymous ') ->execute(); + $bChanged = true; + } + + if ($bChanged) { + //FIXME: index changed files only + //also handle file deletions + $db = new Database(); + $db->getIndexer()->updateRepo($this->repo); } return true; @@ -86,10 +133,19 @@ class Repository_Post $rs = new Repositories(); $repo = $rs->createNew(); $vc = $repo->getVc(); - $vc->initRepository(); - foreach (glob($repo->repoDir . '/.git/hooks/*') as $hookfile) { + $vc->getCommand('init') + //this should be setOption, but it fails with a = between name and value + ->addArgument('--separate-git-dir') + ->addArgument($GLOBALS['phorkie']['cfg']['gitdir'] . '/' . $repo->id . '.git') + ->addArgument($repo->workDir) + ->execute(); + + foreach (glob($repo->gitDir . '/hooks/*') as $hookfile) { unlink($hookfile); } + + touch($repo->gitDir . '/git-daemon-export-ok'); + return $repo; } @@ -98,33 +154,11 @@ class Repository_Post $num = -1; do { ++$num; - $files = glob($this->repo->repoDir . '/' . $prefix . $num . '.*'); + $files = glob($this->repo->workDir . '/' . $prefix . $num . '.*'); } while (count($files)); return $prefix . $num; } - - /** - * Removes malicious parts from a file name - * - * @param string $file File name from the user - * - * @return string Fixed and probably secure filename - */ - public function sanitizeFilename($file) - { - $file = trim($file); - $file = str_replace(array('\\', '//'), '/', $file); - $file = str_replace('/../', '/', $file); - if (substr($file, 0, 3) == '../') { - $file = substr($file, 3); - } - if (substr($file, 0, 1) == '../') { - $file = substr($file, 1); - } - - return $file; - } } ?>