'Invalid secret', ], 403 ); } function badRequest(array $content = []) { response($content, 404); } function requiredBagVar($bag, $index) { if (!array_key_exists($index, $bag)) { badRequest([ 'error' => 'Bad request', 'missing_param' => [$index, $bag], ]); } } function isValidSecret($secret, $accounts) { return in_array( $secret, $accounts ); } requiredBagVar($_POST, 'payload'); $payload = json_decode($_POST['payload'], true); requiredBagVar($payload, 'secret'); $accounts = require 'accounts.php'; if (!isValidSecret($payload['secret'], $accounts)) { badSecret(); } $repository = preg_replace('/-project$/', '', $payload['repository']['name']); $repository = str_replace(['/', '.'], '', $repository); $command = 'sudo -u git $HOME/bin/webhook-project '.escapeshellarg($repository); $execute = shell_exec($command); response([ 'action' => 'Gitnet project push event', 'output' => $execute, ]);