diff --git a/.gitignore b/.gitignore index f4e60abf..11cb916d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ .sass-cache /data/config.php +/data/writeable/* /web/css/* /log /web/zohoverify diff --git a/controller/action/OpsActions.class.php b/controller/action/OpsActions.class.php index 9a5d2569..23d09bfa 100644 --- a/controller/action/OpsActions.class.php +++ b/controller/action/OpsActions.class.php @@ -10,20 +10,18 @@ class OpsActions extends Actions public static function executePostCommit() { $payload = json_decode($_REQUEST['payload'], true); - $rawPost = file_get_contents('php://input'); - $secret = Config::get('github_key'); - - Actions::returnErrorIf(!isset($_SERVER['HTTP_X_HUB_SIGNATURE']), "HTTP header 'X-Hub-Signature' is missing."); - - list($algo, $hash) = explode('=', $_SERVER['HTTP_X_HUB_SIGNATURE'], 2) + array('', ''); - Actions::returnErrorIf(!in_array($algo, hash_algos(), TRUE), 'Invalid hash algorithm "' . $algo . '"'); - Actions::returnErrorIf($hash !== hash_hmac($algo, $rawPost, $secret), 'Hash does not match. "' . $secret . '"' . ' algo: ' . $algo . '$'); - if ($payload['ref'] === 'refs/heads/master') { - $ret = shell_exec('sudo -u lbry ' . ROOT_DIR . '/update.php 2>&1'); - echo "Successful post commit (aka the script executed, so maybe it is successful):\n"; - echo $ret; + Actions::returnErrorIf(!isset($_SERVER['HTTP_X_HUB_SIGNATURE']), "HTTP header 'X-Hub-Signature' is missing."); + + list($algo, $hash) = explode('=', $_SERVER['HTTP_X_HUB_SIGNATURE'], 2) + array('', ''); + Actions::returnErrorIf(!in_array($algo, hash_algos(), TRUE), 'Invalid hash algorithm "' . $algo . '"'); + + $rawPost = file_get_contents('php://input'); + $secret = Config::get('github_key'); + Actions::returnErrorIf($hash !== hash_hmac($algo, $rawPost, $secret), 'Hash does not match. "' . $secret . '"' . ' algo: ' . $algo . '$'); + + file_put_contents(ROOT_DIR . '/data/writeable/NEEDS_UPDATE', ''); } return [null, []]; diff --git a/data/writeable/.gitkeep b/data/writeable/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/update.php b/update.php index 35aee7f0..47b5faaa 100755 --- a/update.php +++ b/update.php @@ -3,6 +3,19 @@ include __DIR__.'/bootstrap.php'; +$options = getopt('f'); +$force = isset($options['f']); // update even if no NEEDS_UPDATE file exists + +$needsUpdateFile = ROOT_DIR . '/data/writeable/NEEDS_UPDATE'; +if (!$force && !file_exists($needsUpdateFile)) +{ + echo "No update necessary\n"; + return; +} + +unlink($needsUpdateFile); + + chdir(ROOT_DIR); Shell::exec('git fetch && git reset --hard origin/master');