1.7: Normalize file upload name using the intl extension, support PHP 7.1

README.md

@@ -1,6 +1,13 @@
 
 ## Changelog
 
+### 1.7.0
+
+ * Adds normalization of file upload name (https://github.com/Reposoft/rweb/pull/14)
+ * Drops support for svn <1.5
+ * Adds support for a REPOS_TEMP variable to specify tmp dir
+   - Performance of the backing volume matters in edit operations due to temporary WCs
+
 ### 1.6.0
 
  * Recommends PHP 7

build.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-VERSION=1.6.2
+VERSION=1.7.0
 rm -Rf target
 mkdir target
 cp -r repos-plugins target/

docker-compose.yml

@@ -1,10 +1,12 @@
-# For development at http://svn/, assuming local scripts build and libs install
+# For development at http://svn/, assuming local scripts build and libs install, and hosts file record for svn
+# Image builds see https://github.com/Reposoft/docker-svn
 # Create repo: docker-compose exec svn repocreate test -o daemon
 # Install libs: http://svn/repos-web/lib/smarty/install.php
+# or: docker-compose exec rweb php /opt/rweb/repos-web/lib/smarty/install.php
 version: '2.1'
 services:
   svn:
-    image: solsson/rweb-httpd@sha256:f69fc496a781e6cdcd8156e6a2c14b33377ef6b2b8538cdc6b570e47cb89adc8
+    image: solsson/rweb-httpd@sha256:4a0661e12da2ef4cc5dfbff08213a28b628bd522c85607e26e3425e30310821b
     expose:
       - "80"
     ports:
@@ -15,7 +17,7 @@ services:
     volumes:
       - .:/opt/rweb
   rweb:
-    image: solsson/rweb@sha256:4531be10995942642442a4efa73762dd9e11828a8457a98c2a15f673fbfa93d4
+    image: solsson/rweb@sha256:9690296ec8c59cef6a65e7a5bdb7fe77bbd8edc5cdd07b3bccc294c2cb6f02e2
     expose:
       - "9000"
     links:

package.json

@@ -1,6 +1,6 @@
 {
   "name": "rweb",
-  "version": "1.6.0",
+  "version": "1.7.0",
   "description": "Repos Web REST API and simple UI for version control",
   "author": "Repos Mjukvara AB",
   "license": "CC-BY-NC-4.0",

repos-web/conf/System.class.php

@@ -484,7 +484,10 @@ function _getSystemTemp() {
 		static $tempfolder = null;
 		if (!is_null($tempfolder)) return $tempfolder;
 		$type = '';
-		if (getenv('TMP')) {
+		if (getenv('REPOS_TEMP')) {
+			$type = 'REPOS_TEMP';
+			$tempdir = getenv('REPOS_TEMP');
+		} elseif (getenv('TMP')) {
 			$type = 'TMP';
 			$tempdir = getenv('TMP');
 		} elseif (getenv('TMPDIR')) {
@@ -501,7 +504,7 @@ function _getSystemTemp() {
 			$type = 'tempnam';
 			// suggest a directory that does not exist, so that tempnam uses system temp dir
 			$doesnotexist = 'dontexist'.rand();
-			$tmpfile = tempnam($doesnotexist, 'emptytempfile');
+			$tmpfile = @tempnam($doesnotexist, 'emptytempfile');
 			if (strpos($tmpfile, $doesnotexist)!==false) trigger_error("Could not get system temp, got: ".$tmpfile, E_USER_ERROR);
 			if (!file_exists($tmpfile)) trigger_error("Failed to create temp file using $type", E_USER_ERROR);
 			$tempdir = dirname($tmpfile);

repos-web/conf/repos.properties.php

@@ -17,7 +17,7 @@
  * @see Presentation
  * @package conf
  */
-define('REPOS_VERSION','1.6');
+define('REPOS_VERSION','1.7');
 
 // ----- global settings -----
 
@@ -625,6 +625,32 @@ function xmlEncodePath($path) {
 	return str_replace('&', '&', $path);
 }
 
+/**
+ * Runs unicode normalization on request parameters.
+ *
+ * For example to help avoid https://issues.apache.org/jira/browse/SVN-2464
+ * reposNormalizeParams($_POST, ['name']);
+ */
+function reposNormalizeParams(&$hash, $params) {
+	if (isset($_SERVER['REPOS_NORMALIZE']) && $_SERVER['REPOS_NORMALIZE']=='off') {
+		return;
+	}
+	if (!is_array($hash)) {
+		error_log("reposNormalizeParams called with a non-hash");
+		return;
+	}
+	if (!class_exists('Normalizer')) {
+		error_log("Normalize class not found. Is the intl extension enabled?");
+		return;
+	}
+	foreach ($params as $param) {
+		if (array_key_exists($param, $hash) && !Normalizer::isNormalized($hash[$param])) {
+			error_log("Param '$param' needs unicode normalization from: $hash[$param]");
+			$hash[$param] = Normalizer::normalize($hash[$param]);
+		}
+	}
+}
+
 // ----- internal functions -----
 
 function _getStackTrace() {

repos-web/edit/delete/index.php

@@ -28,6 +28,7 @@ function delete($message) {
 	$edit->addArgUrl(getTargetUrl());
 	$edit->addArgRevpropsFromPost();
 	$edit->exec();
-	displayEdit(Presentation::background(), dirname(rtrim(getTargetUrl(),'/')), false);
+	$template = Presentation::background();
+	displayEdit($template, dirname(rtrim(getTargetUrl(),'/')), false);
 }
 ?>

repos-web/edit/upload/index.php

@@ -44,7 +44,9 @@
 		// it might not automatically send credentials for this path
 		targetLogin();	
 	}
-
+
+	reposNormalizeParams($_POST, ['name']);
+
 	$folderRule = new ResourceExistsRule('target');
 	new NewFilenameRule("name", $folderRule->getValue());
 
@@ -125,19 +127,7 @@ function processFile($upload) {
 		$sparse->addArgPath($dir . $filename);
 		if ($sparse->execNoDisplay()) trigger_error('Failed to get target file from repository.', E_USER_ERROR);
 	} else {
-		// warn because this operation may have serious performance impact
-		error_log('svn depth=empty checkout for file upload failed -- temp working copy will contain all folder immediates');
-		// fallback: svn 1.4 and older
-		$checkout = new SvnEdit('checkout');
-		$checkout->addArgOption('--non-recursive');
-		if ($fromrev) $checkout->addArgOption('-r', $fromrev, false);
-		$checkout->addArgUrl($repoFolder);
-		$checkout->addArgPath($dir);
-		$checkout->exec();
-		if (!$checkout->isSuccessful()) {
-			$presentation->showError("Could not read current version of file "
-				.$upload->getTargetUrl().". ".$checkout->getResult());
-		}
+		trigger_error('Failed to create working copy', E_USER_ERROR);
 	}
 	// for PHP operations like file_exist below, we need to use an encoded path on windows
 	// while the subversion commands use $dir.$filename and the setlocale in Command class

repos-web/index_en.html

@@ -67,7 +67,7 @@ <h2>Server settings</h2>
 </div>
 
 <div id="footer">
-<a id="releaseversion" class="versiondisplay" href="version/">Repos 1.6</a>
+<a id="releaseversion" class="versiondisplay" href="version/">Repos 1.7</a>
 <span class="legal">Repos is a web platform for version control with <a target="_blank" href="http://subversion.tigris.org/">Subversion</a></span>
 </div>
 

repos-web/version/index.php

@@ -8,7 +8,7 @@
 $v = array();
 
 # tag replaced by build script
-$v['releaseversion'] = '1.6';
+$v['releaseversion'] = '1.7';
 
 # info from svn if the application is checked out
 $v['system'] = array();

repos-web/view/repos.xsl

@@ -177,7 +177,7 @@
 	<xsl:template name="footer">
 		<div id="footer">
 		<span>version <span class="revision"><xsl:value-of select="@rev"/></span></span>
-		<span id="resourceversion" class="versiondisplay" style="display:none"> - repos.se stylesheet 1.6 $Rev$</span>
+		<span id="resourceversion" class="versiondisplay" style="display:none"> - repos.se stylesheet 1.7 $Rev$</span>
 		<span id="badges">
 		</span>
 		<span class="legal">