diff options
Diffstat (limited to 'tests/codeigniter/core')
-rw-r--r-- | tests/codeigniter/core/Benchmark_test.php | 42 | ||||
-rw-r--r-- | tests/codeigniter/core/Input_test.php | 146 | ||||
-rw-r--r-- | tests/codeigniter/core/Lang_test.php | 9 | ||||
-rw-r--r-- | tests/codeigniter/core/Security_test.php | 105 |
4 files changed, 298 insertions, 4 deletions
diff --git a/tests/codeigniter/core/Benchmark_test.php b/tests/codeigniter/core/Benchmark_test.php new file mode 100644 index 000000000..109b38821 --- /dev/null +++ b/tests/codeigniter/core/Benchmark_test.php @@ -0,0 +1,42 @@ +<?php + +class Benchmark_test extends CI_TestCase { + + public function set_up() + { + $this->benchmark = new Mock_Core_Benchmark(); + } + + // -------------------------------------------------------------------- + + public function test_mark() + { + $this->assertEmpty($this->benchmark->marker); + + $this->benchmark->mark('code_start'); + + $this->assertEquals(1, count($this->benchmark->marker)); + $this->assertArrayHasKey('code_start', $this->benchmark->marker); + } + + // -------------------------------------------------------------------- + + public function test_elapsed_time() + { + $this->assertEquals('{elapsed_time}', $this->benchmark->elapsed_time()); + $this->assertEmpty($this->benchmark->elapsed_time('undefined_point')); + + $this->benchmark->mark('code_start'); + sleep(1); + $this->benchmark->mark('code_end'); + + $this->assertEquals('1.0', $this->benchmark->elapsed_time('code_start', 'code_end', 1)); + } + + // -------------------------------------------------------------------- + + public function test_memory_usage() + { + $this->assertEquals('{memory_usage}', $this->benchmark->memory_usage()); + } +}
\ No newline at end of file diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php new file mode 100644 index 000000000..cfc80c950 --- /dev/null +++ b/tests/codeigniter/core/Input_test.php @@ -0,0 +1,146 @@ +<?php + +class Input_test extends CI_TestCase { + + public function set_up() + { + // Set server variable to GET as default, since this will leave unset in STDIN env + $_SERVER['REQUEST_METHOD'] = 'GET'; + + // Set config for Input class + $this->ci_set_config('allow_get_array', TRUE); + $this->ci_set_config('global_xss_filtering', FALSE); + $this->ci_set_config('csrf_protection', FALSE); + + $security = new Mock_Core_Security(); + $utf8 = new Mock_Core_Utf8(); + + $this->input = new Mock_Core_Input($security, $utf8); + } + + // -------------------------------------------------------------------- + + public function test_get_not_exists() + { + $this->assertEmpty($this->input->get()); + $this->assertEmpty($this->input->get('foo')); + + $this->assertTrue( ! $this->input->get()); + $this->assertTrue( ! $this->input->get('foo')); + + // Test we're getting empty results + $this->assertTrue($this->input->get() === NULL); + $this->assertTrue($this->input->get('foo') === NULL); + + // Test new 3.0 behaviour for non existant results (used to be FALSE) + $this->assertTrue($this->input->get() === NULL); + $this->assertTrue($this->input->get('foo') === NULL); + } + + // -------------------------------------------------------------------- + + public function test_get_exist() + { + $_SERVER['REQUEST_METHOD'] = 'GET'; + $_GET['foo'] = 'bar'; + + $this->assertArrayHasKey('foo', $this->input->get()); + $this->assertEquals('bar', $this->input->get('foo')); + } + + // -------------------------------------------------------------------- + + public function test_get_exist_with_xss_clean() + { + $_SERVER['REQUEST_METHOD'] = 'GET'; + $_GET['harm'] = "Hello, i try to <script>alert('Hack');</script> your site"; + + $this->assertArrayHasKey('harm', $this->input->get()); + $this->assertEquals("Hello, i try to <script>alert('Hack');</script> your site", $this->input->get('harm')); + $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $this->input->get('harm', TRUE)); + } + + // -------------------------------------------------------------------- + + public function test_post_not_exists() + { + $this->assertEmpty($this->input->post()); + $this->assertEmpty($this->input->post('foo')); + + $this->assertTrue( ! $this->input->post()); + $this->assertTrue( ! $this->input->post('foo')); + + $this->assertTrue($this->input->post() === NULL); + $this->assertTrue($this->input->post('foo') === NULL); + + $this->assertTrue($this->input->post() === NULL); + $this->assertTrue($this->input->post('foo') === NULL); + } + + // -------------------------------------------------------------------- + + public function test_post_exist() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + $_POST['foo'] = 'bar'; + + $this->assertArrayHasKey('foo', $this->input->post()); + $this->assertEquals('bar', $this->input->post('foo')); + } + + // -------------------------------------------------------------------- + + public function test_post_exist_with_xss_clean() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + $_POST['harm'] = "Hello, i try to <script>alert('Hack');</script> your site"; + + $this->assertArrayHasKey('harm', $this->input->post()); + $this->assertEquals("Hello, i try to <script>alert('Hack');</script> your site", $this->input->post('harm')); + $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $this->input->post('harm', TRUE)); + } + + // -------------------------------------------------------------------- + + public function test_get_post() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + $_POST['foo'] = 'bar'; + + $this->assertEquals('bar', $this->input->get_post('foo')); + } + + // -------------------------------------------------------------------- + + public function test_cookie() + { + $_COOKIE['foo'] = 'bar'; + + $this->assertEquals('bar', $this->input->cookie('foo')); + } + + // -------------------------------------------------------------------- + + public function test_server() + { + $this->assertEquals('GET', $this->input->server('REQUEST_METHOD')); + } + + // -------------------------------------------------------------------- + + public function test_fetch_from_array() + { + $data = array( + 'foo' => 'bar', + 'harm' => 'Hello, i try to <script>alert(\'Hack\');</script> your site', + ); + + $foo = $this->input->fetch_from_array($data, 'foo'); + $harm = $this->input->fetch_from_array($data, 'harm'); + $harmless = $this->input->fetch_from_array($data, 'harm', TRUE); + + $this->assertEquals('bar', $foo); + $this->assertEquals("Hello, i try to <script>alert('Hack');</script> your site", $harm); + $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless); + } +}
\ No newline at end of file diff --git a/tests/codeigniter/core/Lang_test.php b/tests/codeigniter/core/Lang_test.php index a414f0ace..874230feb 100644 --- a/tests/codeigniter/core/Lang_test.php +++ b/tests/codeigniter/core/Lang_test.php @@ -18,13 +18,14 @@ class Lang_test extends CI_TestCase { public function test_load() { $this->assertTrue($this->lang->load('profiler', 'english')); + $this->assertEquals('URI STRING', $this->lang->line('profiler_uri_string')); } - - // -------------------------------------------------------------------- - public function test_line() + // -------------------------------------------------------------------- + + public function test_load_with_unspecified_language() { - $this->assertTrue($this->lang->load('profiler', 'english')); + $this->assertTrue($this->lang->load('profiler')); $this->assertEquals('URI STRING', $this->lang->line('profiler_uri_string')); } diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php new file mode 100644 index 000000000..b2f8c69d2 --- /dev/null +++ b/tests/codeigniter/core/Security_test.php @@ -0,0 +1,105 @@ +<?php + +class Security_test extends CI_TestCase { + + public function set_up() + { + // Set cookie for security test + $_COOKIE['ci_csrf_cookie'] = md5(uniqid(rand(), TRUE)); + + // Set config for Security class + $this->ci_set_config('csrf_protection', TRUE); + $this->ci_set_config('csrf_token_name', 'ci_csrf_token'); + $this->ci_set_config('csrf_cookie_name', 'ci_csrf_cookie'); + + $this->security = new Mock_Core_Security(); + } + + // -------------------------------------------------------------------- + + public function test_csrf_verify() + { + $_SERVER['REQUEST_METHOD'] = 'GET'; + + $this->assertInstanceOf('CI_Security', $this->security->csrf_verify()); + } + + // -------------------------------------------------------------------- + + public function test_csrf_verify_invalid() + { + // Without issuing $_POST[csrf_token_name], this request will triggering CSRF error + $_SERVER['REQUEST_METHOD'] = 'POST'; + + $this->setExpectedException('RuntimeException', 'CI Error: The action you have requested is not allowed'); + + $this->security->csrf_verify(); + } + + // -------------------------------------------------------------------- + + public function test_csrf_verify_valid() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + $_POST[$this->security->csrf_token_name] = $this->security->csrf_hash; + + $this->assertInstanceOf('CI_Security', $this->security->csrf_verify()); + } + + // -------------------------------------------------------------------- + + public function test_get_csrf_hash() + { + $this->assertEquals($this->security->csrf_hash, $this->security->get_csrf_hash()); + } + + // -------------------------------------------------------------------- + + public function test_get_csrf_token_name() + { + $this->assertEquals('ci_csrf_token', $this->security->get_csrf_token_name()); + } + + // -------------------------------------------------------------------- + + public function test_xss_clean() + { + $harm_string = "Hello, i try to <script>alert('Hack');</script> your site"; + + $harmless_string = $this->security->xss_clean($harm_string); + + $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_string); + } + + // -------------------------------------------------------------------- + + public function test_xss_hash() + { + $this->assertEmpty($this->security->xss_hash); + + // Perform hash + $this->security->xss_hash(); + + $this->assertTrue(preg_match('#^[0-9a-f]{32}$#iS', $this->security->xss_hash) === 1); + } + + // -------------------------------------------------------------------- + + public function test_entity_decode() + { + $encoded = '<div>Hello <b>Booya</b></div>'; + $decoded = $this->security->entity_decode($encoded); + + $this->assertEquals('<div>Hello <b>Booya</b></div>', $decoded); + } + + // -------------------------------------------------------------------- + + public function test_sanitize_filename() + { + $filename = './<!--foo-->'; + $safe_filename = $this->security->sanitize_filename($filename); + + $this->assertEquals('foo', $safe_filename); + } +}
\ No newline at end of file |