diff options
| author | Jonatas Miguel <jonatas.df.miguel@gmail.com> | 2012-10-24 19:30:36 +0200 |
|---|---|---|
| committer | Jonatas Miguel <jonatas.df.miguel@gmail.com> | 2012-10-24 19:30:36 +0200 |
| commit | b51823dde5fbae508b8ebf99258d2f514a8bece8 (patch) | |
| tree | 4db09a22f85e0ddf151c940cd3e6fbaa799b8513 /tests/codeigniter/helpers/security_helper_test.php | |
| parent | a53f402b78ad07fb0f6da19cff0c7bec3a09a4c0 (diff) | |
| parent | a7001e968a4791312391eb245ad84888893cda8f (diff) | |
Merge branch 'develop' of git://github.com/EllisLab/CodeIgniter into develop
Conflicts:
user_guide_src/source/changelog.rst
Diffstat (limited to 'tests/codeigniter/helpers/security_helper_test.php')
| -rw-r--r-- | tests/codeigniter/helpers/security_helper_test.php | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/tests/codeigniter/helpers/security_helper_test.php b/tests/codeigniter/helpers/security_helper_test.php new file mode 100644 index 000000000..effd3ec02 --- /dev/null +++ b/tests/codeigniter/helpers/security_helper_test.php @@ -0,0 +1,64 @@ +<?php + +class Security_helper_tests extends CI_TestCase { + + function setUp() + { + $this->helper('security'); + $obj = new stdClass; + $obj->security = new Mock_Core_Security(); + $this->ci_instance($obj); + } + + function test_xss_clean() + { + $this->assertEquals('foo', xss_clean('foo')); + + $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", xss_clean("Hello, i try to <script>alert('Hack');</script> your site")); + } + + function test_sanitize_filename() + { + $this->assertEquals('hello.doc', sanitize_filename('hello.doc')); + + $filename = './<!--foo-->'; + $this->assertEquals('foo', sanitize_filename($filename)); + } + + function test_do_hash() + { + $md5 = md5('foo'); + $sha1 = sha1('foo'); + + $algos = hash_algos(); + $algo_results = array(); + foreach ($algos as $k => $v) + { + $algo_results[$v] = hash($v, 'foo'); + } + + $this->assertEquals($sha1, do_hash('foo')); + $this->assertEquals($sha1, do_hash('foo', 'sha1')); + $this->assertEquals($md5, do_hash('foo', 'md5')); + $this->assertEquals($md5, do_hash('foo', 'foobar')); + + // Test each algorithm available to PHP + foreach ($algo_results as $algo => $result) + { + $this->assertEquals($result, do_hash('foo', $algo)); + } + } + + function test_strip_image_tags() + { + $this->assertEquals('http://example.com/spacer.gif', strip_image_tags('http://example.com/spacer.gif')); + + $this->assertEquals('http://example.com/spacer.gif', strip_image_tags('<img src="http://example.com/spacer.gif" alt="Who needs CSS when you have a spacer.gif?" />')); + } + + function test_encode_php_tags() + { + $this->assertEquals('<? echo $foo; ?>', encode_php_tags('<? echo $foo; ?>')); + } + +}
\ No newline at end of file |