Mercurial > public > src > phphgadmin

diff admin/application/libraries/hgphp.php @ 19:51f6d4415b09

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
completed Issue #8 security - block creation of 'admin' repository name and issue #2 concurrency - hgweb support
author joshjcarrier
date Sat, 15 May 2010 13:23:40 -0700
parents 9aceab434288
children 6f38dd98ff78
line wrap: on
line diff
--- a/admin/application/libraries/hgphp.php	Sat May 15 01:29:53 2010 -0700
+++ b/admin/application/libraries/hgphp.php	Sat May 15 13:23:40 2010 -0700
@@ -98,20 +98,29 @@
 		}
 		
 		$create_status = HGPHP_OK;
-		$lsdir = $this->lsdir($ofl_lock_hgwebconf);
+		$ofl_dummylock_hgwebconf = '';
+		$lsdir = $this->lsdir($ofl_dummylock_hgwebconf); // don't want to update the lock yet
+
+		// simplifies repo list into array where name is both key and value
+		// this is how hgweb.config wants it
 		$existingdir = array_keys($lsdir);
+		$tempexistingdir = array();
+		foreach($existingdir as $repo_name)
+		{
+			$tempexistingdir[$repo_name] = $repo_name;
+		}
+		$existingdir = $tempexistingdir;
 		
 		// not registered in hgweb.config
 		if(!isset($lsdir[$r_name]))
 		{
-			// create the repository
-			$create_status = $this->create_repository_dir($r_name, $hg_lock_hgrc);
-			
+			// edit the directory
+			$existingdir[$r_name] = $r_name;
+			$create_status = $this->_ci->hgconf2ini->setHgWebDirCollections($existingdir, $ofl_lock_hgwebconf);
 			if($create_status == HGPHP_OK)
 			{
-				// edit the directory
-				$existingdir[$r_name] = $r_name;
-				$create_status = $this->_ci->hgconf2ini->setHgWebDirCollections($existingdir, $ofl_lock_hgwebconf);
+				// then create the repository
+				$create_status = $this->create_repository_dir($r_name, $hg_lock_hgrc);
 			}
 		}
 		// TODO repair missing directory?
@@ -156,7 +165,8 @@
 		}
 		
 		$del_status = HGPHP_OK;
-		$lsdir = $this->lsdir($ofl_lock_hgwebconf);
+		$ofl_dummylock_hgwebconf = '';
+		$lsdir = $this->lsdir($ofl_dummylock_hgwebconf); // don't want to update lock yet
 		
 		// simplifies repo list into array where name is both key and value
 		// this is how hgweb.config wants it
@@ -170,24 +180,25 @@
 		
 		if(isset($lsdir[$r_name]))
 		{
-			// existing filesystem is not missing, thus needs to be deleted
-			if($lsdir[$r_name]['status'] != HGPHP_REPO_STATUS_MISSING)
-			{
-				$del_status = $this->_ci->hgconf2ini->unlinkHGRC($r_name, $ofl_lock);
+			// edit the directory
+			unset($existingdir[$r_name]);
+			// remove hgweb.config
+			$del_status = $this->_ci->hgconf2ini->setHgWebDirCollections($existingdir, $ofl_lock_hgwebconf);
 				
-				if($del_status == HGPHP_OK)
-				{
-					$del_status = $this->delete_repository_dir($r_name);
-				}
-			}
-			
 			// remove from hgweb.config
 			if($del_status == HGPHP_OK)
 			{
-				// edit the directory
-				unset($existingdir[$r_name]);
-
-				$del_status = $this->_ci->hgconf2ini->setHgWebDirCollections($existingdir, $ofl_lock);
+				// existing filesystem is not missing, thus needs to be deleted
+				if($lsdir[$r_name]['status'] != HGPHP_REPO_STATUS_MISSING)
+				{
+					// FIXME ofl lock?
+					$del_status = $this->_ci->hgconf2ini->unlinkHGRC($r_name, $ofl_lock);
+					
+					if($del_status == HGPHP_OK)
+					{
+						$del_status = $this->delete_repository_dir($r_name);
+					}
+				}
 			}
 		}
 		else