A few days ago, Lateral Code decided to switch over to using SVN (Subversion) for WordPress. This not only is an easy way to install WordPress for new users, but it also makes it a breeze to update your version.

For those of you who aren’t familiar with Subversion, it’s a version control system. You can read more about it here.

The Invasion of .svn

Upon reinstalling WordPress with a few simple SVN commands, we noticed many .svn directories. These were located in every single section of our site’s files. Not only that, but we had also read about the dangers of keeping .svn directories in our file system earlier through Smashing Magazine.

The Exterminator: PHP

To solve this problem, we decided to write a simple PHP script that recursively removes all .svn directories. I’ll first present the complete script and then explain the details. You may also download it below if you like:

// preconditon: $dir ends with a forward slash (/) and is a valid directory
// postcondition: $dir and all it's sub-directories are recursively
// searched through for .svn directories. If a .svn directory is found,
// it is deleted to remove any security holes.
function removeSVN( $dir ) {
	echo "Searching: $dir\n\t";

	$flag = false; // haven't found .svn directory
	$svn = $dir . '.svn';

	if( is_dir( $svn ) ) {
		if( !chmod( $svn, 0777 ) )
			echo "File permissions could not be changed (this may or may not be a problem--check the statement below).\n\t"; // if the permissions were already 777, this is not a problem

		delTree( $svn ); // remove the .svn directory with a helper function

		if( is_dir( $svn ) ) // deleting failed
			echo "Failed to delete $svn due to file permissions.";
			echo "Successfully deleted $svn from the file system.";

		$flag = true; // found directory

	if( !$flag ) // no .svn directory
		echo 'No .svn directory found.';
	echo "\n\n";

	$handle = opendir( $dir );
	while( false !== ( $file = readdir( $handle ) ) ) {
		if( $file == '.' || $file == '..' ) // don't get lost by recursively going through the current or top directory

		if( is_dir( $dir . $file ) )
			removeSVN( $dir . $file . '/' ); // apply the SVN removal for sub directories

This is a recursive function that requires a directory name as a parameter. It first checks if a .svn directory exists in the given directory. If so, it will attempt to modify its permissions and subsequently delete it. During this whole process, it will notify the user of any errors/successes.

After the deletion, the script searches through the directory for any sub-directories. If it finds some, it will recursively call itself to remove more .svn directories. Note that there is a helper function, delTree(), which is called here. It looks like this:

// precondition: $dir is a valid directory
// postcondition: $dir and all it's contents are removed
// simple function found at http://www.php.net/manual/en/function.rmdir.php#93836
function delTree( $dir ) {
	$files = glob( $dir . '*', GLOB_MARK ); // find all files in the directory

	foreach( $files as $file ) {
		if( substr( $file, -1 ) == '/' )
			delTree( $file ); // recursively apply this to sub directories
			unlink( $file );

	if ( is_dir( $dir ) )
		rmdir( $dir ); // remove the directory itself (rmdir only removes a directory once it is empty)

delTree is yet another recursive function. It deletes all files in a directory and recursively calls itself with sub-directories. Consequently, it will remove the directory itself with rmdir().

Now that the function is complete, you can easily call it using the following:

header( 'Content-type: text/plain' ); // plain text for easy display

// remove all .svn directories in the
// current directory and sub directories
// (recursively applied)
removeSVN( './' );

If this file is not in the root of your server, then you can easily just change the directory that is fed to removeSVN(). Good luck! You may download the script here.

Leave a Reply

Removing .svn Directories With PHP