diff options
Diffstat (limited to 'src/phorkie/Repository/Post.php')
| -rw-r--r-- | src/phorkie/Repository/Post.php | 130 |
1 files changed, 130 insertions, 0 deletions
diff --git a/src/phorkie/Repository/Post.php b/src/phorkie/Repository/Post.php new file mode 100644 index 0000000..627aa1f --- /dev/null +++ b/src/phorkie/Repository/Post.php @@ -0,0 +1,130 @@ +<?php +namespace phorkie; + +class Repository_Post +{ + public $repo; + + public function __construct(Repository $repo = null) + { + $this->repo = $repo; + } + + /** + * Processes the POST data, changes description and files + * + * @return boolean True if the post was successful + */ + public function process($postData) + { + if (!isset($postData['files'])) { + return false; + } + + if (!$this->repo) { + $this->repo = $this->createRepo(); + } + + $vc = $this->repo->getVc(); + $this->repo->setDescription($postData['description']); + + $bChanged = false; + foreach ($postData['files'] as $arFile) { + if ($arFile['content'] == '' && $arFile['name'] == '') { + //empty (new) file + continue; + } + + $orignalName = $this->sanitizeFilename($arFile['original_name']); + $name = $this->sanitizeFilename($arFile['name']); + + if ($name == '') { + $name = $this->getNextNumberedFile('phork') + . '.' . $arFile['type']; + } + + $bNew = false; + if (!isset($orignalName) || $orignalName == '') { + //new file + $bNew = true; + } else if (!$this->repo->hasFile($orignalName)) { + //unknown file + //FIXME: Show error message + continue; + } else if ($orignalName != $name) { + //FIXME: what to do with overwrites? + $vc->getCommand('mv') + ->addArgument($orignalName) + ->addArgument($name) + ->execute(); + $bChanged = true; + } + + $file = $this->repo->getFileByName($name, false); + if ($bNew || $file->getContent() != $arFile['content']) { + file_put_contents($file->getPath(), $arFile['content']); + $command = $vc->getCommand('add') + ->addArgument($file->getFilename()) + ->execute(); + $bChanged = true; + } + } + + if ($bChanged) { + $vc->getCommand('commit') + ->setOption('message', '') + ->setOption('allow-empty-message') + ->setOption('author', 'Anonymous <anonymous@phorkie>') + ->execute(); + } + + return true; + } + + public function createRepo() + { + $rs = new Repositories(); + $repo = $rs->createNew(); + $vc = $repo->getVc(); + $vc->initRepository(); + foreach (glob($repo->repoDir . '/.git/hooks/*') as $hookfile) { + unlink($hookfile); + } + return $repo; + } + + public function getNextNumberedFile($prefix) + { + $num = -1; + do { + ++$num; + $files = glob($this->repo->repoDir . '/' . $prefix . $num . '.*'); + } while (count($files)); + + return $prefix . $num; + } + + /** + * Removes malicious parts from a file name + * + * @param string $file File name from the user + * + * @return string Fixed and probably secure filename + */ + public function sanitizeFilename($file) + { + $file = trim($file); + $file = str_replace(array('\\', '//'), '/', $file); + $file = str_replace('/../', '/', $file); + if (substr($file, 0, 3) == '../') { + $file = substr($file, 3); + } + if (substr($file, 0, 1) == '../') { + $file = substr($file, 1); + } + + return $file; + } +} + +?> |