summaryrefslogtreecommitdiffstats
path: root/tests/codeigniter/core
diff options
context:
space:
mode:
Diffstat (limited to 'tests/codeigniter/core')
-rw-r--r--tests/codeigniter/core/Benchmark_test.php42
-rw-r--r--tests/codeigniter/core/Input_test.php146
-rw-r--r--tests/codeigniter/core/Lang_test.php9
-rw-r--r--tests/codeigniter/core/Security_test.php105
4 files changed, 298 insertions, 4 deletions
diff --git a/tests/codeigniter/core/Benchmark_test.php b/tests/codeigniter/core/Benchmark_test.php
new file mode 100644
index 000000000..109b38821
--- /dev/null
+++ b/tests/codeigniter/core/Benchmark_test.php
@@ -0,0 +1,42 @@
+<?php
+
+class Benchmark_test extends CI_TestCase {
+
+ public function set_up()
+ {
+ $this->benchmark = new Mock_Core_Benchmark();
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_mark()
+ {
+ $this->assertEmpty($this->benchmark->marker);
+
+ $this->benchmark->mark('code_start');
+
+ $this->assertEquals(1, count($this->benchmark->marker));
+ $this->assertArrayHasKey('code_start', $this->benchmark->marker);
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_elapsed_time()
+ {
+ $this->assertEquals('{elapsed_time}', $this->benchmark->elapsed_time());
+ $this->assertEmpty($this->benchmark->elapsed_time('undefined_point'));
+
+ $this->benchmark->mark('code_start');
+ sleep(1);
+ $this->benchmark->mark('code_end');
+
+ $this->assertEquals('1.0', $this->benchmark->elapsed_time('code_start', 'code_end', 1));
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_memory_usage()
+ {
+ $this->assertEquals('{memory_usage}', $this->benchmark->memory_usage());
+ }
+} \ No newline at end of file
diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php
new file mode 100644
index 000000000..cfc80c950
--- /dev/null
+++ b/tests/codeigniter/core/Input_test.php
@@ -0,0 +1,146 @@
+<?php
+
+class Input_test extends CI_TestCase {
+
+ public function set_up()
+ {
+ // Set server variable to GET as default, since this will leave unset in STDIN env
+ $_SERVER['REQUEST_METHOD'] = 'GET';
+
+ // Set config for Input class
+ $this->ci_set_config('allow_get_array', TRUE);
+ $this->ci_set_config('global_xss_filtering', FALSE);
+ $this->ci_set_config('csrf_protection', FALSE);
+
+ $security = new Mock_Core_Security();
+ $utf8 = new Mock_Core_Utf8();
+
+ $this->input = new Mock_Core_Input($security, $utf8);
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_get_not_exists()
+ {
+ $this->assertEmpty($this->input->get());
+ $this->assertEmpty($this->input->get('foo'));
+
+ $this->assertTrue( ! $this->input->get());
+ $this->assertTrue( ! $this->input->get('foo'));
+
+ // Test we're getting empty results
+ $this->assertTrue($this->input->get() === NULL);
+ $this->assertTrue($this->input->get('foo') === NULL);
+
+ // Test new 3.0 behaviour for non existant results (used to be FALSE)
+ $this->assertTrue($this->input->get() === NULL);
+ $this->assertTrue($this->input->get('foo') === NULL);
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_get_exist()
+ {
+ $_SERVER['REQUEST_METHOD'] = 'GET';
+ $_GET['foo'] = 'bar';
+
+ $this->assertArrayHasKey('foo', $this->input->get());
+ $this->assertEquals('bar', $this->input->get('foo'));
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_get_exist_with_xss_clean()
+ {
+ $_SERVER['REQUEST_METHOD'] = 'GET';
+ $_GET['harm'] = "Hello, i try to <script>alert('Hack');</script> your site";
+
+ $this->assertArrayHasKey('harm', $this->input->get());
+ $this->assertEquals("Hello, i try to <script>alert('Hack');</script> your site", $this->input->get('harm'));
+ $this->assertEquals("Hello, i try to [removed]alert&#40;'Hack'&#41;;[removed] your site", $this->input->get('harm', TRUE));
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_post_not_exists()
+ {
+ $this->assertEmpty($this->input->post());
+ $this->assertEmpty($this->input->post('foo'));
+
+ $this->assertTrue( ! $this->input->post());
+ $this->assertTrue( ! $this->input->post('foo'));
+
+ $this->assertTrue($this->input->post() === NULL);
+ $this->assertTrue($this->input->post('foo') === NULL);
+
+ $this->assertTrue($this->input->post() === NULL);
+ $this->assertTrue($this->input->post('foo') === NULL);
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_post_exist()
+ {
+ $_SERVER['REQUEST_METHOD'] = 'POST';
+ $_POST['foo'] = 'bar';
+
+ $this->assertArrayHasKey('foo', $this->input->post());
+ $this->assertEquals('bar', $this->input->post('foo'));
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_post_exist_with_xss_clean()
+ {
+ $_SERVER['REQUEST_METHOD'] = 'POST';
+ $_POST['harm'] = "Hello, i try to <script>alert('Hack');</script> your site";
+
+ $this->assertArrayHasKey('harm', $this->input->post());
+ $this->assertEquals("Hello, i try to <script>alert('Hack');</script> your site", $this->input->post('harm'));
+ $this->assertEquals("Hello, i try to [removed]alert&#40;'Hack'&#41;;[removed] your site", $this->input->post('harm', TRUE));
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_get_post()
+ {
+ $_SERVER['REQUEST_METHOD'] = 'POST';
+ $_POST['foo'] = 'bar';
+
+ $this->assertEquals('bar', $this->input->get_post('foo'));
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_cookie()
+ {
+ $_COOKIE['foo'] = 'bar';
+
+ $this->assertEquals('bar', $this->input->cookie('foo'));
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_server()
+ {
+ $this->assertEquals('GET', $this->input->server('REQUEST_METHOD'));
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_fetch_from_array()
+ {
+ $data = array(
+ 'foo' => 'bar',
+ 'harm' => 'Hello, i try to <script>alert(\'Hack\');</script> your site',
+ );
+
+ $foo = $this->input->fetch_from_array($data, 'foo');
+ $harm = $this->input->fetch_from_array($data, 'harm');
+ $harmless = $this->input->fetch_from_array($data, 'harm', TRUE);
+
+ $this->assertEquals('bar', $foo);
+ $this->assertEquals("Hello, i try to <script>alert('Hack');</script> your site", $harm);
+ $this->assertEquals("Hello, i try to [removed]alert&#40;'Hack'&#41;;[removed] your site", $harmless);
+ }
+} \ No newline at end of file
diff --git a/tests/codeigniter/core/Lang_test.php b/tests/codeigniter/core/Lang_test.php
index a414f0ace..874230feb 100644
--- a/tests/codeigniter/core/Lang_test.php
+++ b/tests/codeigniter/core/Lang_test.php
@@ -18,13 +18,14 @@ class Lang_test extends CI_TestCase {
public function test_load()
{
$this->assertTrue($this->lang->load('profiler', 'english'));
+ $this->assertEquals('URI STRING', $this->lang->line('profiler_uri_string'));
}
-
- // --------------------------------------------------------------------
- public function test_line()
+ // --------------------------------------------------------------------
+
+ public function test_load_with_unspecified_language()
{
- $this->assertTrue($this->lang->load('profiler', 'english'));
+ $this->assertTrue($this->lang->load('profiler'));
$this->assertEquals('URI STRING', $this->lang->line('profiler_uri_string'));
}
diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php
new file mode 100644
index 000000000..b2f8c69d2
--- /dev/null
+++ b/tests/codeigniter/core/Security_test.php
@@ -0,0 +1,105 @@
+<?php
+
+class Security_test extends CI_TestCase {
+
+ public function set_up()
+ {
+ // Set cookie for security test
+ $_COOKIE['ci_csrf_cookie'] = md5(uniqid(rand(), TRUE));
+
+ // Set config for Security class
+ $this->ci_set_config('csrf_protection', TRUE);
+ $this->ci_set_config('csrf_token_name', 'ci_csrf_token');
+ $this->ci_set_config('csrf_cookie_name', 'ci_csrf_cookie');
+
+ $this->security = new Mock_Core_Security();
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_csrf_verify()
+ {
+ $_SERVER['REQUEST_METHOD'] = 'GET';
+
+ $this->assertInstanceOf('CI_Security', $this->security->csrf_verify());
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_csrf_verify_invalid()
+ {
+ // Without issuing $_POST[csrf_token_name], this request will triggering CSRF error
+ $_SERVER['REQUEST_METHOD'] = 'POST';
+
+ $this->setExpectedException('RuntimeException', 'CI Error: The action you have requested is not allowed');
+
+ $this->security->csrf_verify();
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_csrf_verify_valid()
+ {
+ $_SERVER['REQUEST_METHOD'] = 'POST';
+ $_POST[$this->security->csrf_token_name] = $this->security->csrf_hash;
+
+ $this->assertInstanceOf('CI_Security', $this->security->csrf_verify());
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_get_csrf_hash()
+ {
+ $this->assertEquals($this->security->csrf_hash, $this->security->get_csrf_hash());
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_get_csrf_token_name()
+ {
+ $this->assertEquals('ci_csrf_token', $this->security->get_csrf_token_name());
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_xss_clean()
+ {
+ $harm_string = "Hello, i try to <script>alert('Hack');</script> your site";
+
+ $harmless_string = $this->security->xss_clean($harm_string);
+
+ $this->assertEquals("Hello, i try to [removed]alert&#40;'Hack'&#41;;[removed] your site", $harmless_string);
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_xss_hash()
+ {
+ $this->assertEmpty($this->security->xss_hash);
+
+ // Perform hash
+ $this->security->xss_hash();
+
+ $this->assertTrue(preg_match('#^[0-9a-f]{32}$#iS', $this->security->xss_hash) === 1);
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_entity_decode()
+ {
+ $encoded = '&lt;div&gt;Hello &lt;b&gt;Booya&lt;/b&gt;&lt;/div&gt;';
+ $decoded = $this->security->entity_decode($encoded);
+
+ $this->assertEquals('<div>Hello <b>Booya</b></div>', $decoded);
+ }
+
+ // --------------------------------------------------------------------
+
+ public function test_sanitize_filename()
+ {
+ $filename = './<!--foo-->';
+ $safe_filename = $this->security->sanitize_filename($filename);
+
+ $this->assertEquals('foo', $safe_filename);
+ }
+} \ No newline at end of file