stefansundin/svnsync.php

## svnsync.php
<?php
/*
https://gist.github.com/stefansundin/5224325
https://code.google.com/p/support/wiki/PostCommitWebHooks

To use PHP to verify the authentication hash, you can do this. It supports multiple projects and can also run svnsync. However, this requires you to make your web server user (often 'www-data') to be able to launch svnsync without sudo having to ask for a password:

$ sudo visudo
Then add this to the bottom (it's important that it is in the bottom!):
www-data ALL=(ALL) NOPASSWD:/usr/bin/svnsync

However, this is really much work for just running svnsync. I suggest that, if that's your only goal, set up a cronjob to run svnsync @daily (or @hourly). It's easier and more resistant to errors. Run with user that has access to your svnsync repo:

$ crontab -e
And add:
@daily svnsync sync --non-interactive --no-auth-cache --username svnsync file:///home/path/to/svnsync/for/proj1
*/

$auth_keys = array(
    "proj1" => "0123456789abcdef",
    "proj2" => "0123456789abcdef",
);

if (!isset($_SERVER["HTTP_GOOGLE_CODE_PROJECT_HOSTING_HOOK_HMAC"])) {
    die("No authentication hash.");
}

$hmac = $_SERVER["HTTP_GOOGLE_CODE_PROJECT_HOSTING_HOOK_HMAC"];
$data = file_get_contents("php://input");
$json = json_decode($data, true);
if (!isset($json["project name"]) || !in_array($json["project name"],array_keys($auth_keys))) {
    die("Invalid project name.");
}
$p = $json["project name"]; // This can also be retrieved from $_GET["p"] if you set up your url as ?p=%p
$digest = hash_hmac("md5", $data, $auth_keys[$p]);
if ($digest != $hmac) {
    die("Invalid authentication hash.");
}

# Run svnsync with the correct user using sudo (remember to edit sudoers!)
system("sudo -u userwithaccesstosyncrep svnsync sync --non-interactive --no-auth-cache --username svnsync file:///home/path/to/svnsync/repo/for/$p");
	<?php
	/*
	https://gist.github.com/stefansundin/5224325
	https://code.google.com/p/support/wiki/PostCommitWebHooks

	To use PHP to verify the authentication hash, you can do this. It supports multiple projects and can also run svnsync. However, this requires you to make your web server user (often 'www-data') to be able to launch svnsync without sudo having to ask for a password:

	$ sudo visudo
	Then add this to the bottom (it's important that it is in the bottom!):
	www-data ALL=(ALL) NOPASSWD:/usr/bin/svnsync

	However, this is really much work for just running svnsync. I suggest that, if that's your only goal, set up a cronjob to run svnsync @daily (or @hourly). It's easier and more resistant to errors. Run with user that has access to your svnsync repo:

	$ crontab -e
	And add:
	@daily svnsync sync --non-interactive --no-auth-cache --username svnsync file:///home/path/to/svnsync/for/proj1
	*/

	$auth_keys = array(
	"proj1" => "0123456789abcdef",
	"proj2" => "0123456789abcdef",
	);

	if (!isset($_SERVER["HTTP_GOOGLE_CODE_PROJECT_HOSTING_HOOK_HMAC"])) {
	die("No authentication hash.");
	}

	$hmac = $_SERVER["HTTP_GOOGLE_CODE_PROJECT_HOSTING_HOOK_HMAC"];
	$data = file_get_contents("php://input");
	$json = json_decode($data, true);
	if (!isset($json["project name"]) \|\| !in_array($json["project name"],array_keys($auth_keys))) {
	die("Invalid project name.");
	}
	$p = $json["project name"]; // This can also be retrieved from $_GET["p"] if you set up your url as ?p=%p
	$digest = hash_hmac("md5", $data, $auth_keys[$p]);
	if ($digest != $hmac) {
	die("Invalid authentication hash.");
	}

	# Run svnsync with the correct user using sudo (remember to edit sudoers!)
	system("sudo -u userwithaccesstosyncrep svnsync sync --non-interactive --no-auth-cache --username svnsync file:///home/path/to/svnsync/repo/for/$p");