<?php
// Pseudo security. REMOTE_ADDR could easily be faked.
if(gethostbyaddr($_SERVER['REMOTE_ADDR']) != 'github.com')
die("Get lost.");
// This function makes the requests.
// http://netevil.org/blog/2006/nov/http-post-from-php-without-curl
function do_post_request($url, $data, $optional_headers = null) {
$params = array('http' => array(
'method' => 'POST',
'content' => $data
));
if ($optional_headers !== null) {
$params['http']['header'] = $optional_headers;
}
$ctx = stream_context_create($params);
$fp = @fopen($url, 'rb', false, $ctx);
$response = @stream_get_contents($fp);
return $response;
}
// Decode json payload
$payload = $_POST['payload'];
$data = json_decode(stripslashes($payload));
// Debug to postbin.org if you feel like it
/* do_post_request('http://www.postbin.org/q4wrg1', http_build_query(array(
'referer' => gethostbyaddr($_SERVER['REMOTE_ADDR']),
'payload' => stripslashes($paylaod),
'data' => $data
))); */
// read commit messages and forward '# ...' messages to twitter clone
if(is_object($data) && is_array($data->commits)) {
foreach($data->commits as $commit) {
if($commit->author->name == 'KevBurnsJr'
&& substr($commit->message, 0, 1) == '#') {
$url = 'http://user:pass@tools.companyname.com/twitter_clone.php';
// form fields
$data = array(
'headline' => substr($commit->message, 2),
'hightlight' => 0,
'workgroup' => 5,
'submit' => 'Save',
'userid' => 4
);
do_post_request($url, http_build_query($data));
}
}
} else {
// $sample_payload_a = "{\"after\": \"0e2a75ac4434d110c3a1f03c53dda93f73bfcda9\", \"ref\": \"refs\/heads\/master\", \"commits\": [{\"added\": [], \"removed\": [], \"url\": \"http:\/\/github.com\/weareus\/core\/commit\/0e2a75ac4434d110c3a1f03c53dda93f73bfcda9\", \"modified\": [\"app\/views\/content\/_table.tpl.php\", \"app\/views\/question\/_table.tpl.php\"], \"timestamp\": \"2009-03-19T19:52:51-07:00\", \"message\": \"# Removing inaccurate table summaries\", \"author\": {\"name\": \"KevBurnsJr\", \"email\": \"kevburnsjr@gmail.com\"}, \"id\": \"0e2a75ac4434d110c3a1f03c53dda93f73bfcda9\"}], \"repository\": {\"owner\": {\"name\": \"weareus\", \"email\": \"info@weare.us\"}, \"description\": \"\", \"name\": \"core\", \"private\": true, \"forks\": 0, \"url\": \"http:\/\/github.com\/weareus\/core\", \"fork\": false, \"watchers\": 4, \"homepage\": \"http:\/\/weare.us\"}, \"before\": \"cd2fe2ef3c6f6aac4cabf34d6201635ada6d8033\"}";
// $sample_payload_b = "{\"after\": \"0e2a75ac4434d110c3a1f03c53dda93f73bfcda9\", \"ref\": \"refs\/heads\/master\", \"commits\": [{\"added\": [], \"removed\": [], \"url\": \"http:\/\/github.com\/weareus\/core\/commit\/0e2a75ac4434d110c3a1f03c53dda93f73bfcda9\", \"modified\": [\"app\/views\/content\/_table.tpl.php\", \"app\/views\/question\/_table.tpl.php\"], \"timestamp\": \"2009-03-19T19:52:51-07:00\", \"message\": \"Removing inaccurate table summaries\", \"author\": {\"name\": \"KevBurnsJr\", \"email\": \"kevburnsjr@gmail.com\"}, \"id\": \"0e2a75ac4434d110c3a1f03c53dda93f73bfcda9\"}], \"repository\": {\"owner\": {\"name\": \"weareus\", \"email\": \"info@weare.us\"}, \"description\": \"\", \"name\": \"core\", \"private\": true, \"forks\": 0, \"url\": \"http:\/\/github.com\/weareus\/core\", \"fork\": false, \"watchers\": 4, \"homepage\": \"http:\/\/weare.us\"}, \"before\": \"cd2fe2ef3c6f6aac4cabf34d6201635ada6d8033\"}";
/* ?>
<form>
<input type='submit'>
<input type='hidden' name='payload' value='<?=stripslashes($sample_payload_a)?>'>
</form>
<? */
die('no data');
}