From 502942bd94fef292970df331b15652ef6e1385e7 Mon Sep 17 00:00:00 2001 From: Taufan Aditya Date: Fri, 25 May 2012 07:00:41 +0700 Subject: Explicitely testing escape_like_str API --- tests/codeigniter/database/query_builder/escape_test.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'tests') diff --git a/tests/codeigniter/database/query_builder/escape_test.php b/tests/codeigniter/database/query_builder/escape_test.php index 5dd2da058..ac1c8f659 100644 --- a/tests/codeigniter/database/query_builder/escape_test.php +++ b/tests/codeigniter/database/query_builder/escape_test.php @@ -13,6 +13,9 @@ class Escape_test extends CI_TestCase { Mock_Database_Schema_Skeleton::create_tables(); Mock_Database_Schema_Skeleton::create_data(); + + $this->pre = (strpos(DB_DRIVER, 'pgsql') === FALSE) ? '`' : '"'; + $this->esc = (strpos(DB_DRIVER, 'mysql') === FALSE) ? '!' : ''; } // ------------------------------------------------------------------------ @@ -23,8 +26,8 @@ class Escape_test extends CI_TestCase { public function test_escape_like_percent_sign() { $string = $this->db->escape_like_str('\%foo'); - $sql = "SELECT `value` FROM `misc` WHERE `key` LIKE '$string%'"; - $sql .= (strpos(DB_DRIVER, 'mysql') !== FALSE) ? ";" : "ESCAPE '!';"; + + $sql = "SELECT {$this->pre}value{$this->pre} FROM {$this->pre}misc{$this->pre} WHERE {$this->pre}key{$this->pre} LIKE '$string%' ESCAPE '$this->esc';"; $res = $this->db->query($sql)->result_array(); @@ -40,8 +43,9 @@ class Escape_test extends CI_TestCase { public function test_escape_like_backslash_sign() { $string = $this->db->escape_like_str('\\'); - $sql = "SELECT `value` FROM `misc` WHERE `key` LIKE '$string%'"; - $sql .= (strpos(DB_DRIVER, 'mysql') !== FALSE) ? ";" : "ESCAPE '!';"; + + $sql = "SELECT {$this->pre}value{$this->pre} FROM {$this->pre}misc{$this->pre} WHERE {$this->pre}key{$this->pre} LIKE '$string%' ESCAPE '$this->esc';"; + $res = $this->db->query($sql)->result_array(); // Check the result -- cgit v1.2.3-24-g4f1b From 3c5abf93d3031064c8181069cfee83ebfb54dcf0 Mon Sep 17 00:00:00 2001 From: Taufan Aditya Date: Fri, 25 May 2012 07:17:26 +0700 Subject: Clean up --- tests/codeigniter/database/query_builder/escape_test.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/codeigniter/database/query_builder/escape_test.php b/tests/codeigniter/database/query_builder/escape_test.php index fe225436a..5df812ca6 100644 --- a/tests/codeigniter/database/query_builder/escape_test.php +++ b/tests/codeigniter/database/query_builder/escape_test.php @@ -32,7 +32,7 @@ class Escape_test extends CI_TestCase { $res = $this->db->query($sql)->result_array(); // Check the result - $this->assertEquals(1, count($res->result_array())); + $this->assertEquals(1, count($res)); } // ------------------------------------------------------------------------ @@ -49,7 +49,7 @@ class Escape_test extends CI_TestCase { $res = $this->db->query($sql)->result_array(); // Check the result - $this->assertEquals(2, count($res->result_array())); + $this->assertEquals(2, count($res)); } } \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 1af5b47ad6f95f805d9f411ce020f2e2fa88b302 Mon Sep 17 00:00:00 2001 From: Taufan Aditya Date: Sat, 26 May 2012 16:04:39 +0700 Subject: Remove ternary --- .../database/query_builder/escape_test.php | 24 ++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) (limited to 'tests') diff --git a/tests/codeigniter/database/query_builder/escape_test.php b/tests/codeigniter/database/query_builder/escape_test.php index 5df812ca6..5d575a37b 100644 --- a/tests/codeigniter/database/query_builder/escape_test.php +++ b/tests/codeigniter/database/query_builder/escape_test.php @@ -13,9 +13,6 @@ class Escape_test extends CI_TestCase { Mock_Database_Schema_Skeleton::create_tables(); Mock_Database_Schema_Skeleton::create_data(); - - $this->pre = (strpos(DB_DRIVER, 'pgsql') === FALSE) ? '`' : '"'; - $this->esc = (strpos(DB_DRIVER, 'mysql') === FALSE) ? '!' : ''; } // ------------------------------------------------------------------------ @@ -25,9 +22,17 @@ class Escape_test extends CI_TestCase { */ public function test_escape_like_percent_sign() { + // Escape the like string $string = $this->db->escape_like_str('\%foo'); - $sql = "SELECT {$this->pre}value{$this->pre} FROM {$this->pre}misc{$this->pre} WHERE {$this->pre}key{$this->pre} LIKE '$string%' ESCAPE '$this->esc';"; + if (strpos(DB_DRIVER, 'mysql') !== FALSE) + { + $sql = "SELECT `value` FROM `misc` WHERE `key` LIKE '$string%' ESCAPE '';"; + } + else + { + $sql = 'SELECT "value" FROM "misc" WHERE "key" LIKE \''.$string.'%\' ESCAPE \'!\';'; + } $res = $this->db->query($sql)->result_array(); @@ -42,14 +47,21 @@ class Escape_test extends CI_TestCase { */ public function test_escape_like_backslash_sign() { + // Escape the like string $string = $this->db->escape_like_str('\\'); - $sql = "SELECT {$this->pre}value{$this->pre} FROM {$this->pre}misc{$this->pre} WHERE {$this->pre}key{$this->pre} LIKE '$string%' ESCAPE '$this->esc';"; + if (strpos(DB_DRIVER, 'mysql') !== FALSE) + { + $sql = "SELECT `value` FROM `misc` WHERE `key` LIKE '$string%' ESCAPE '';"; + } + else + { + $sql = 'SELECT "value" FROM "misc" WHERE "key" LIKE \''.$string.'%\' ESCAPE \'!\';'; + } $res = $this->db->query($sql)->result_array(); // Check the result $this->assertEquals(2, count($res)); } - } \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 4912f8b25cd8fa1b88b4babd1bad2b6bf29dd235 Mon Sep 17 00:00:00 2001 From: Taufan Aditya Date: Sat, 26 May 2012 22:09:58 +0700 Subject: Allowing main constants defined via phpunit config or other bootstraper --- tests/Bootstrap.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'tests') diff --git a/tests/Bootstrap.php b/tests/Bootstrap.php index 38615dd89..5216038c6 100644 --- a/tests/Bootstrap.php +++ b/tests/Bootstrap.php @@ -7,10 +7,10 @@ error_reporting(E_ALL | E_STRICT); $dir = realpath(dirname(__FILE__)); // Path constants -define('PROJECT_BASE', realpath($dir.'/../').'/'); -define('BASEPATH', PROJECT_BASE.'system/'); -define('APPPATH', PROJECT_BASE.'application/'); -define('VIEWPATH', PROJECT_BASE.''); +defined('PROJECT_BASE') OR define('PROJECT_BASE', realpath($dir.'/../').'/'); +defined('BASEPATH') OR define('BASEPATH', PROJECT_BASE.'system/'); +defined('APPPATH') OR define('APPPATH', PROJECT_BASE.'application/'); +defined('VIEWPATH') OR define('VIEWPATH', PROJECT_BASE.''); // Get vfsStream either via PEAR or composer foreach (explode(PATH_SEPARATOR, get_include_path()) as $path) -- cgit v1.2.3-24-g4f1b From 6c7526c95b3fbd502dc8105a67fd38da793caa4e Mon Sep 17 00:00:00 2001 From: Taufan Aditya Date: Sun, 27 May 2012 13:51:27 +0700 Subject: Continuation for Security and Table code-coverage, add coverage report to travis --- tests/codeigniter/core/Security_test.php | 32 ++++++++++++++++++++++++++++++ tests/codeigniter/libraries/Table_test.php | 24 ++++++++++++++++++++-- tests/mocks/autoloader.php | 4 ++-- tests/travis/mysql.phpunit.xml | 11 +++++----- tests/travis/pdo/mysql.phpunit.xml | 11 +++++----- tests/travis/pdo/pgsql.phpunit.xml | 11 +++++----- tests/travis/pdo/sqlite.phpunit.xml | 11 +++++----- tests/travis/pgsql.phpunit.xml | 11 +++++----- tests/travis/sqlite.phpunit.xml | 11 +++++----- 9 files changed, 86 insertions(+), 40 deletions(-) (limited to 'tests') diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index 1796ba74d..b2f8c69d2 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -70,4 +70,36 @@ class Security_test extends CI_TestCase { $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_string); } + + // -------------------------------------------------------------------- + + public function test_xss_hash() + { + $this->assertEmpty($this->security->xss_hash); + + // Perform hash + $this->security->xss_hash(); + + $this->assertTrue(preg_match('#^[0-9a-f]{32}$#iS', $this->security->xss_hash) === 1); + } + + // -------------------------------------------------------------------- + + public function test_entity_decode() + { + $encoded = '<div>Hello <b>Booya</b></div>'; + $decoded = $this->security->entity_decode($encoded); + + $this->assertEquals('
Hello Booya
', $decoded); + } + + // -------------------------------------------------------------------- + + public function test_sanitize_filename() + { + $filename = './'; + $safe_filename = $this->security->sanitize_filename($filename); + + $this->assertEquals('foo', $safe_filename); + } } \ No newline at end of file diff --git a/tests/codeigniter/libraries/Table_test.php b/tests/codeigniter/libraries/Table_test.php index 13f338c6b..f5133de1e 100644 --- a/tests/codeigniter/libraries/Table_test.php +++ b/tests/codeigniter/libraries/Table_test.php @@ -291,6 +291,26 @@ class Table_test extends CI_TestCase { ); } - // Test main generate method - // -------------------------------------------------------------------- + function test_generate() + { + // Prepare the data + $data = array( + array('Name', 'Color', 'Size'), + array('Fred', 'Blue', 'Small'), + array('Mary', 'Red', 'Large'), + array('John', 'Green', 'Medium') + ); + + $table = $this->table->generate($data); + + // Test the table header + $this->assertTrue(strpos($table, 'Name') !== FALSE); + $this->assertTrue(strpos($table, 'Color') !== FALSE); + $this->assertTrue(strpos($table, 'Size') !== FALSE); + + // Test the first entry + $this->assertTrue(strpos($table, 'Fred') !== FALSE); + $this->assertTrue(strpos($table, 'Blue') !== FALSE); + $this->assertTrue(strpos($table, 'Small') !== FALSE); + } } \ No newline at end of file diff --git a/tests/mocks/autoloader.php b/tests/mocks/autoloader.php index 92c9bea59..441c88944 100644 --- a/tests/mocks/autoloader.php +++ b/tests/mocks/autoloader.php @@ -22,7 +22,7 @@ function autoload($class) ); $ci_libraries = array( - 'Calendar', 'Cart', 'Driver', + 'Calendar', 'Cart', 'Driver_Library', 'Email', 'Encrypt', 'Form_validation', 'Ftp', 'Image_lib', 'Javascript', 'Log', 'Migration', 'Pagination', @@ -50,7 +50,7 @@ function autoload($class) elseif (in_array($subclass, $ci_libraries)) { $dir = BASEPATH.'libraries'.DIRECTORY_SEPARATOR; - $class = $subclass; + $class = ($subclass == 'Driver_Library') ? 'Driver' : $subclass; } elseif (preg_match('/^CI_DB_(.+)_(driver|forge|result|utility)$/', $class, $m) && count($m) == 3) { diff --git a/tests/travis/mysql.phpunit.xml b/tests/travis/mysql.phpunit.xml index 1792ae38d..38c8eba48 100644 --- a/tests/travis/mysql.phpunit.xml +++ b/tests/travis/mysql.phpunit.xml @@ -17,10 +17,9 @@ ../codeigniter - - - PEAR_INSTALL_DIR - PHP_LIBDIR - - + + + ../../system + + \ No newline at end of file diff --git a/tests/travis/pdo/mysql.phpunit.xml b/tests/travis/pdo/mysql.phpunit.xml index 602030d4e..c3113a66f 100644 --- a/tests/travis/pdo/mysql.phpunit.xml +++ b/tests/travis/pdo/mysql.phpunit.xml @@ -17,10 +17,9 @@ ../../codeigniter - - - PEAR_INSTALL_DIR - PHP_LIBDIR - - + + + ../../../system + + \ No newline at end of file diff --git a/tests/travis/pdo/pgsql.phpunit.xml b/tests/travis/pdo/pgsql.phpunit.xml index 77e1493c6..232025523 100644 --- a/tests/travis/pdo/pgsql.phpunit.xml +++ b/tests/travis/pdo/pgsql.phpunit.xml @@ -17,10 +17,9 @@ ../../codeigniter - - - PEAR_INSTALL_DIR - PHP_LIBDIR - - + + + ../../../system + + \ No newline at end of file diff --git a/tests/travis/pdo/sqlite.phpunit.xml b/tests/travis/pdo/sqlite.phpunit.xml index cdccef017..3d1256721 100644 --- a/tests/travis/pdo/sqlite.phpunit.xml +++ b/tests/travis/pdo/sqlite.phpunit.xml @@ -17,10 +17,9 @@ ../../codeigniter - - - PEAR_INSTALL_DIR - PHP_LIBDIR - - + + + ../../../system + + \ No newline at end of file diff --git a/tests/travis/pgsql.phpunit.xml b/tests/travis/pgsql.phpunit.xml index dfc1bff1c..51e433d76 100644 --- a/tests/travis/pgsql.phpunit.xml +++ b/tests/travis/pgsql.phpunit.xml @@ -17,10 +17,9 @@ ../codeigniter - - - PEAR_INSTALL_DIR - PHP_LIBDIR - - + + + ../../system + + \ No newline at end of file diff --git a/tests/travis/sqlite.phpunit.xml b/tests/travis/sqlite.phpunit.xml index 3223da5e7..701165734 100644 --- a/tests/travis/sqlite.phpunit.xml +++ b/tests/travis/sqlite.phpunit.xml @@ -17,10 +17,9 @@ ../codeigniter - - - PEAR_INSTALL_DIR - PHP_LIBDIR - - + + + ../../system + + \ No newline at end of file -- cgit v1.2.3-24-g4f1b From b2e10b7de0d8979ce19fed5859e696904e2923dd Mon Sep 17 00:00:00 2001 From: Taufan Aditya Date: Sun, 27 May 2012 15:31:53 +0700 Subject: Adding more flexibilities to mock-common --- tests/mocks/core/common.php | 167 +++++++++++++++++++++++++++----------------- 1 file changed, 103 insertions(+), 64 deletions(-) (limited to 'tests') diff --git a/tests/mocks/core/common.php b/tests/mocks/core/common.php index fc94d7fff..e74576626 100644 --- a/tests/mocks/core/common.php +++ b/tests/mocks/core/common.php @@ -2,53 +2,65 @@ // Set up the global CI functions in their most minimal core representation -function &get_instance() +if ( ! function_exists('get_instance')) { - $test = CI_TestCase::instance(); - $instance = $test->ci_instance(); - return $instance; + function &get_instance() + { + $test = CI_TestCase::instance(); + $instance = $test->ci_instance(); + return $instance; + } } // -------------------------------------------------------------------- -function &get_config() { - $test = CI_TestCase::instance(); - $config = $test->ci_get_config(); - - return $config; +if ( ! function_exists('get_config')) +{ + function &get_config() { + $test = CI_TestCase::instance(); + $config = $test->ci_get_config(); + + return $config; + } } -function config_item($item) +if ( ! function_exists('config_item')) { - $config =& get_config(); - - if ( ! isset($config[$item])) + function config_item($item) { - return FALSE; + $config =& get_config(); + + if ( ! isset($config[$item])) + { + return FALSE; + } + + return $config[$item]; } - - return $config[$item]; } // -------------------------------------------------------------------- -function load_class($class, $directory = 'libraries', $prefix = 'CI_') +if ( ! function_exists('load_class')) { - if ($directory != 'core' OR $prefix != 'CI_') - { - throw new Exception('Not Implemented: Non-core load_class()'); - } - - $test = CI_TestCase::instance(); - - $obj =& $test->ci_core_class($class); - - if (is_string($obj)) + function load_class($class, $directory = 'libraries', $prefix = 'CI_') { - throw new Exception('Bad Isolation: Use ci_set_core_class to set '.$class.''); + if ($directory != 'core' OR $prefix != 'CI_') + { + throw new Exception('Not Implemented: Non-core load_class()'); + } + + $test = CI_TestCase::instance(); + + $obj =& $test->ci_core_class($class); + + if (is_string($obj)) + { + throw new Exception('Bad Isolation: Use ci_set_core_class to set '.$class.''); + } + + return $obj; } - - return $obj; } // This is sort of meh. Should probably be mocked up with @@ -57,76 +69,103 @@ function load_class($class, $directory = 'libraries', $prefix = 'CI_') // bootstrap testsuite. // -------------------------------------------------------------------- -function remove_invisible_characters($str, $url_encoded = TRUE) +if ( ! function_exists('remove_invisible_characters')) { - $non_displayables = array(); - - // every control character except newline (dec 10) - // carriage return (dec 13), and horizontal tab (dec 09) - - if ($url_encoded) + function remove_invisible_characters($str, $url_encoded = TRUE) { - $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 - $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 - } - - $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 + $non_displayables = array(); + + // every control character except newline (dec 10) + // carriage return (dec 13), and horizontal tab (dec 09) + + if ($url_encoded) + { + $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 + $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 + } + + $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 - do - { - $str = preg_replace($non_displayables, '', $str, -1, $count); - } - while ($count); + do + { + $str = preg_replace($non_displayables, '', $str, -1, $count); + } + while ($count); - return $str; + return $str; + } } // Clean up error messages // -------------------------------------------------------------------- -function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered') +if ( ! function_exists('show_error')) { - throw new RuntimeException('CI Error: '.$message); + function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered') + { + throw new RuntimeException('CI Error: '.$message); + } } -function show_404($page = '', $log_error = TRUE) +if ( ! function_exists('show_404')) { - throw new RuntimeException('CI Error: 404'); + function show_404($page = '', $log_error = TRUE) + { + throw new RuntimeException('CI Error: 404'); + } } -function _exception_handler($severity, $message, $filepath, $line) +if ( ! function_exists('_exception_handler')) { - throw new RuntimeException('CI Exception: '.$message.' | '.$filepath.' | '.$line); + function _exception_handler($severity, $message, $filepath, $line) + { + throw new RuntimeException('CI Exception: '.$message.' | '.$filepath.' | '.$line); + } } // We assume a few things about our environment ... // -------------------------------------------------------------------- -function is_php($version = '5.0.0') +if ( ! function_exists('is_php')) { - return ! (version_compare(PHP_VERSION, $version) < 0); + function is_php($version = '5.0.0') + { + return ! (version_compare(PHP_VERSION, $version) < 0); + } } -function is_really_writable($file) +if ( ! function_exists('is_really_writable')) { - return is_writable($file); + function is_really_writable($file) + { + return is_writable($file); + } } -function is_loaded() +if ( ! function_exists('is_loaded')) { - throw new Exception('Bad Isolation: mock up environment'); + function is_loaded() + { + throw new Exception('Bad Isolation: mock up environment'); + } } -function log_message($level = 'error', $message, $php_error = FALSE) +if ( ! function_exists('log_message')) { - return TRUE; + function log_message($level = 'error', $message, $php_error = FALSE) + { + return TRUE; + } } -function set_status_header($code = 200, $text = '') +if ( ! function_exists('set_status_header')) { - return TRUE; + function set_status_header($code = 200, $text = '') + { + return TRUE; + } } // EOF \ No newline at end of file -- cgit v1.2.3-24-g4f1b