diff options
Diffstat (limited to 'tests/codeigniter')
| -rw-r--r-- | tests/codeigniter/core/Security_test.php | 32 | ||||
| -rw-r--r-- | tests/codeigniter/database/DB_driver_test.php | 4 | ||||
| -rw-r--r-- | tests/codeigniter/database/DB_test.php | 4 | ||||
| -rw-r--r-- | tests/codeigniter/database/query_builder/escape_test.php | 67 | ||||
| -rw-r--r-- | tests/codeigniter/libraries/Table_test.php | 24 |
5 files changed, 123 insertions, 8 deletions
diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index 1796ba74d..b2f8c69d2 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -70,4 +70,36 @@ class Security_test extends CI_TestCase { $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_string); } + + // -------------------------------------------------------------------- + + public function test_xss_hash() + { + $this->assertEmpty($this->security->xss_hash); + + // Perform hash + $this->security->xss_hash(); + + $this->assertTrue(preg_match('#^[0-9a-f]{32}$#iS', $this->security->xss_hash) === 1); + } + + // -------------------------------------------------------------------- + + public function test_entity_decode() + { + $encoded = '<div>Hello <b>Booya</b></div>'; + $decoded = $this->security->entity_decode($encoded); + + $this->assertEquals('<div>Hello <b>Booya</b></div>', $decoded); + } + + // -------------------------------------------------------------------- + + public function test_sanitize_filename() + { + $filename = './<!--foo-->'; + $safe_filename = $this->security->sanitize_filename($filename); + + $this->assertEquals('foo', $safe_filename); + } }
\ No newline at end of file diff --git a/tests/codeigniter/database/DB_driver_test.php b/tests/codeigniter/database/DB_driver_test.php index fb40f0608..9e16e29b4 100644 --- a/tests/codeigniter/database/DB_driver_test.php +++ b/tests/codeigniter/database/DB_driver_test.php @@ -2,8 +2,6 @@ class DB_driver_test extends CI_TestCase { - // ------------------------------------------------------------------------ - public function test_initialize() { $config = Mock_Database_DB::config(DB_DRIVER); @@ -32,5 +30,5 @@ class DB_driver_test extends CI_TestCase { { return new Mock_Database_Drivers_Postgre($config); } - + }
\ No newline at end of file diff --git a/tests/codeigniter/database/DB_test.php b/tests/codeigniter/database/DB_test.php index 9b93e223d..d5c0dea08 100644 --- a/tests/codeigniter/database/DB_test.php +++ b/tests/codeigniter/database/DB_test.php @@ -2,8 +2,6 @@ class DB_test extends CI_TestCase { - // ------------------------------------------------------------------------ - public function test_db_invalid() { $connection = new Mock_Database_DB(array( @@ -45,5 +43,5 @@ class DB_test extends CI_TestCase { $this->assertTrue($db instanceof CI_DB); $this->assertTrue($db instanceof CI_DB_Driver); } - + }
\ No newline at end of file diff --git a/tests/codeigniter/database/query_builder/escape_test.php b/tests/codeigniter/database/query_builder/escape_test.php new file mode 100644 index 000000000..5d575a37b --- /dev/null +++ b/tests/codeigniter/database/query_builder/escape_test.php @@ -0,0 +1,67 @@ +<?php + +class Escape_test extends CI_TestCase { + + /** + * @var object Database/Query Builder holder + */ + protected $db; + + public function set_up() + { + $this->db = Mock_Database_Schema_Skeleton::init(DB_DRIVER); + + Mock_Database_Schema_Skeleton::create_tables(); + Mock_Database_Schema_Skeleton::create_data(); + } + + // ------------------------------------------------------------------------ + + /** + * @see ./mocks/schema/skeleton.php + */ + public function test_escape_like_percent_sign() + { + // Escape the like string + $string = $this->db->escape_like_str('\%foo'); + + if (strpos(DB_DRIVER, 'mysql') !== FALSE) + { + $sql = "SELECT `value` FROM `misc` WHERE `key` LIKE '$string%' ESCAPE '';"; + } + else + { + $sql = 'SELECT "value" FROM "misc" WHERE "key" LIKE \''.$string.'%\' ESCAPE \'!\';'; + } + + $res = $this->db->query($sql)->result_array(); + + // Check the result + $this->assertEquals(1, count($res)); + } + + // ------------------------------------------------------------------------ + + /** + * @see ./mocks/schema/skeleton.php + */ + public function test_escape_like_backslash_sign() + { + // Escape the like string + $string = $this->db->escape_like_str('\\'); + + if (strpos(DB_DRIVER, 'mysql') !== FALSE) + { + $sql = "SELECT `value` FROM `misc` WHERE `key` LIKE '$string%' ESCAPE '';"; + } + else + { + $sql = 'SELECT "value" FROM "misc" WHERE "key" LIKE \''.$string.'%\' ESCAPE \'!\';'; + } + + $res = $this->db->query($sql)->result_array(); + + // Check the result + $this->assertEquals(2, count($res)); + } +}
\ No newline at end of file diff --git a/tests/codeigniter/libraries/Table_test.php b/tests/codeigniter/libraries/Table_test.php index 13f338c6b..f5133de1e 100644 --- a/tests/codeigniter/libraries/Table_test.php +++ b/tests/codeigniter/libraries/Table_test.php @@ -291,6 +291,26 @@ class Table_test extends CI_TestCase { ); } - // Test main generate method - // -------------------------------------------------------------------- + function test_generate() + { + // Prepare the data + $data = array( + array('Name', 'Color', 'Size'), + array('Fred', 'Blue', 'Small'), + array('Mary', 'Red', 'Large'), + array('John', 'Green', 'Medium') + ); + + $table = $this->table->generate($data); + + // Test the table header + $this->assertTrue(strpos($table, '<th>Name</th>') !== FALSE); + $this->assertTrue(strpos($table, '<th>Color</th>') !== FALSE); + $this->assertTrue(strpos($table, '<th>Size</th>') !== FALSE); + + // Test the first entry + $this->assertTrue(strpos($table, '<td>Fred</td>') !== FALSE); + $this->assertTrue(strpos($table, '<td>Blue</td>') !== FALSE); + $this->assertTrue(strpos($table, '<td>Small</td>') !== FALSE); + } }
\ No newline at end of file |