[Fusionforge-commits] FusionForge branch 6.1 updated. v6.1beta1-131-gd9fa448

Thu, 08 Feb 2018 08:02:58 -0800 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "FusionForge".

The branch, 6.1 has been updated
       via  d9fa4483c51e77e5770b6f612c9eb6af647ba09b (commit)
      from  f470a2022b26b55d353f7f4c14676756d2dc29bc (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://scm.fusionforge.org/anonscm/gitweb/?p=fusionforge/fusionforge.git;a=commitdiff;h=d9fa4483c51e77e5770b6f612c9eb6af647ba09b

commit d9fa4483c51e77e5770b6f612c9eb6af647ba09b
Author: Franck Villaume <franck.villa...@trivialdev.com>
Date:   Thu Feb 8 16:02:33 2018 +0000

    scmhg: start backend multirepo support

diff --git a/src/plugins/scmhg/common/HgPlugin.class.php 
b/src/plugins/scmhg/common/HgPlugin.class.php
index 9b6f234..5f3b3d8 100644
--- a/src/plugins/scmhg/common/HgPlugin.class.php
+++ b/src/plugins/scmhg/common/HgPlugin.class.php
@@ -366,6 +366,22 @@ Offer DAV or SSH access.");
                        system("chmod -R g=rwX,o=rX $root/$project_name");
                        system("chmod 660 $root/$project_name/.hg/hgrc");
                }
+
+               // Create project-wide secondary repositories
+               $result = db_query_params('SELECT repo_name, description, 
clone_url FROM scm_secondary_repos WHERE group_id=$1 AND next_action = $2 AND 
plugin_id=$3',
+                                               array($project->getID(),
+                                               SCM_EXTRA_REPO_ACTION_UPDATE,
+                                               $this->getID()));
+               $rows = db_numrows($result);
+               for ($i=0; $i<$rows; $i++) {
+                       $repo_name = db_result($result, $i, 'repo_name');
+                       $description = db_result($result, $i, 'description');
+                       $clone_url = db_result($result, $i, 'clone_url');
+                       // Clone URLs need to be validated to prevent a 
potential arbitrary command execution
+                       if (!preg_match('|^[-a-zA-Z0-9:./_]+$|', $clone_url)) {
+                               $clone_url = '';
+                       }
+               }
        }
 
        function updateRepositoryList($params) {

-----------------------------------------------------------------------

Summary of changes:
 src/plugins/scmhg/common/HgPlugin.class.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)


hooks/post-receive
-- 
FusionForge

_______________________________________________
Fusionforge-commits mailing list
Fusionforge-commits@lists.fusionforge.org
http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforge-commits

Reply via email to