11 files changed, 828 insertions, 119 deletions

diff --git a/.gitignore b/.gitignore
index 6302bc1c8..2531fe4cd 100755
--- a/.gitignore
+++ b/.gitignore
@@ -13,6 +13,9 @@ addon
 #ignore documentation, it should be newly built 
 doc/api
 
+#ignore reports, should be generted with every build
+report/
+
 #ignore config files from eclipse, we don't want IDE files in our repository
 .project
 .buildpath
diff --git a/.htaccess b/.htaccess
index 1df509670..5f9531a7e 100755
--- a/.htaccess
+++ b/.htaccess
@@ -5,6 +5,9 @@ AddType audio/ogg .oga
 <FilesMatch "\.(out|log)$">
 Deny from all
 </FilesMatch>
+<Files "(include|library)">
+Deny from all
+</Files>
 
 <IfModule mod_rewrite.c>
   RewriteEngine on
diff --git a/build.xml b/build.xml
index 83c530026..a61a5123d 100644
--- a/build.xml
+++ b/build.xml
@@ -1,14 +1,49 @@
 <?xml version="1.0" encoding="UTF-8"?>
 
 <project name="friendica" default="test">
-
+	<!-- ====================================================== -->
+	<!-- Target: clean-test -->
+	<!-- deletes directories with old test reports -->
+	<!-- ====================================================== -->
+	<target name="clean-test">
+		<delete dir="report" />
+	</target>
+	
+	<!-- ====================================================== -->
+	<!-- Target: prepare-test -->
+	<!-- creates directories for test reports -->
+	<!-- ====================================================== -->
+	<target name="prepare-test" depends="clean-test">
+		<mkdir dir="report" />
+	</target>
+	
 	<!-- =================================== -->
 	<!-- Target: test -->
 	<!-- this target runs all test files -->
 	<!-- =================================== -->
-
-	<target name="test">
-		<!-- there are no tests by now, so, nothing to do -->
+	<target name="test" depends="prepare-test">
+		<!-- coverage-setup database="./report/coverage-database">
+			<fileset dir=".">
+				<include name="**/*.php" />
+				<exclude name="*test.php"/>
+				<exclude name="index.php"/>
+				<exclude name="library/**"/>
+				<exclude name="doc/**"/>
+				<exclude name=".."/>
+			</fileset>
+		</coverage-setup -->
+		<phpunit printsummary="true">
+			<batchtest>
+				<fileset dir="tests">
+					<include name="*test.php" />
+				</fileset>
+			</batchtest>
+			<formatter type="xml" todir="report" outfile="testlog.xml" />
+		</phpunit>
+		<phpunitreport infile="report/testlog.xml" todir="report" />
+		<!-- coverage-report outfile="report/coverage-database">
+		      <report todir="report" styledir="/home/phing/etc" />
+		    </coverage-report -->
 	</target>
 
 	<!-- ===================================================== -->
@@ -31,6 +66,9 @@
 		<docblox title="Friendica API" destdir="./doc/api">
 			<fileset dir=".">
 				<include name="**/*.php" />
+				<include name="README"/>
+				<include name="INSTALL.txt"/>
+				<include name="LICENSE"/>
 			</fileset>
 		</docblox>
 	</target>
diff --git a/mod/item.php b/mod/item.php
index 6f31f917f..98cfb4338 100755
--- a/mod/item.php
+++ b/mod/item.php
@@ -425,110 +425,7 @@ function item_post(&$a) {
 
 	if(count($tags)) {
 		foreach($tags as $tag) {
-			
-			if(isset($profile))
-				unset($profile);
-			if(strpos($tag,'#') === 0) {
-				if(strpos($tag,'[url='))
-					continue;
-				$basetag = str_replace('_',' ',substr($tag,1));
-				$body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$body);
-
-				$newtag = '#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
-				if(! stristr($str_tags,$newtag)) {
-					if(strlen($str_tags))
-						$str_tags .= ',';
-					$str_tags .= $newtag;
-				} 
-				continue;
-			}
-			if(strpos($tag,'@') === 0) {
-				if(strpos($tag,'[url='))
-					continue;
-				$stat = false;
-				$name = substr($tag,1);
-				if((strpos($name,'@')) || (strpos($name,'http://'))) {
-					$newname = $name;
-					$links = @lrdd($name);
-					if(count($links)) {
-						foreach($links as $link) {
-							if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
-                    			$profile = $link['@attributes']['href'];
-							if($link['@attributes']['rel'] === 'salmon') {
-								if(strlen($inform))
-									$inform .= ',';
-                    			$inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']);
-							}
-						}
-					}
-				}
-				else {
-					$newname = $name;
-					$alias = '';
-					$tagcid = 0;
-					if(strrpos($newname,'+')) {
-						$tagcid = intval(substr($newname,strrpos($newname,'+') + 1));
-						if(strpos($name,' '))
-							$name = substr($name,0,strpos($name,' '));
-					}	
-					if($tagcid) {
-						$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
-							intval($tagcid),
-							intval($profile_uid)
-						);
-					}
-					elseif(strstr($name,'_') || strstr($name,' ')) {
-						$newname = str_replace('_',' ',$name);
-						$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
-							dbesc($newname),
-							intval($profile_uid)
-						);
-					}
-					else {
-						$r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1",
-							dbesc($name),
-							dbesc($name),
-							intval($profile_uid)
-						);
-					}
-					if(count($r)) {
-						$profile = $r[0]['url'];
-						if($r[0]['network'] === 'stat') {
-							$newname = $r[0]['nick'];
-							$stat = true;
-							if($r[0]['alias'])
-								$alias = $r[0]['alias'];
-						}
-						else
-							$newname = $r[0]['name'];
-						if(strlen($inform))
-							$inform .= ',';
-						$inform .= 'cid:' . $r[0]['id'];
-					}
-				}
-				if($profile) {
-					$body = str_replace('@' . $name, '@' . '[url=' . $profile . ']' . $newname	. '[/url]', $body);
-					$profile = str_replace(',','%2c',$profile);
-					$newtag = '@[url=' . $profile . ']' . $newname	. '[/url]';
-					if(! stristr($str_tags,$newtag)) {
-						if(strlen($str_tags))
-							$str_tags .= ',';
-						$str_tags .= $newtag;
-					}
-
-					// Status.Net seems to require the numeric ID URL in a mention if the person isn't 
-					// subscribed to you. But the nickname URL is OK if they are. Grrr. We'll tag both. 
-
-					if(strlen($alias)) {
-						$newtag = '@[url=' . $alias . ']' . $newname	. '[/url]';
-						if(! stristr($str_tags,$newtag)) {
-							if(strlen($str_tags))
-								$str_tags .= ',';
-							$str_tags .= $newtag;
-						}
-					}
-				}
-			}
+			handle_tag($a, $body, $inform, $str_tags, $profile_uid, $tag); 
 		}
 	}
 
@@ -922,3 +819,142 @@ function item_content(&$a) {
 		drop_item($a->argv[2]);
 	}
 }
+
+/**
+ * This function removes the tag $tag from the text $body and replaces it with 
+ * the appropiate link. 
+ * 
+ * @param unknown_type $body the text to replace the tag in
+ * @param unknown_type $inform a comma-seperated string containing everybody to inform
+ * @param unknown_type $str_tags string to add the tag to
+ * @param unknown_type $profile_uid
+ * @param unknown_type $tag the tag to replace
+ */
+function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
+	//is it a hash tag? 
+	if(strpos($tag,'#') === 0) {

+		//if the tag is replaced...
+		if(strpos($tag,'[url='))
+			//...do nothing

+			continue;
+		//base tag has the tags name only

+		$basetag = str_replace('_',' ',substr($tag,1));

+		//create text for link
+		$newtag = '#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
+		//replace tag by the link

+		$body = str_replace($tag, $newtag, $body);

+	
+		//is the link already in str_tags?

+		if(! stristr($str_tags,$newtag)) {

+			//append or set str_tags
+			if(strlen($str_tags))

+				$str_tags .= ',';

+			$str_tags .= $newtag;

+		}

+		return;

+	}
+	//is it a person tag? 

+	if(strpos($tag,'@') === 0) {

+		//is it already replaced? 
+		if(strpos($tag,'[url='))

+			continue;

+		$stat = false;

+		//get the person's name
+		$name = substr($tag,1);
+		//is it a link or a full dfrn address? 

+		if((strpos($name,'@')) || (strpos($name,'http://'))) {

+			$newname = $name;

+			//get the profile links
+			$links = @lrdd($name);

+			if(count($links)) {

+				//for all links, collect how is to inform and how's profile is to link
+				foreach($links as $link) {

+					if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')

+						$profile = $link['@attributes']['href'];

+					if($link['@attributes']['rel'] === 'salmon') {

+						if(strlen($inform))

+							$inform .= ',';

+						$inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']);

+					}

+				}

+			}

+		} else { //if it is a name rather than an address

+			$newname = $name;

+			$alias = '';

+			$tagcid = 0;
+			//is it some generated name?

+			if(strrpos($newname,'+')) {

+				//get the id
+				$tagcid = intval(substr($newname,strrpos($newname,'+') + 1));

+				//remove the next word from tag's name
+				if(strpos($name,' ')) {

+					$name = substr($name,0,strpos($name,' '));
+				}

+			}
+			if($tagcid) { //if there was an id
+				//select contact with that id from the logged in user's contact list

+				$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",

+						intval($tagcid),

+						intval($profile_uid)
+				);

+			} elseif(strstr($name,'_') || strstr($name,' ')) { //no id
+				//get the real name

+				$newname = str_replace('_',' ',$name);

+				//select someone from this user's contacts by name
+				$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",

+						dbesc($newname),

+						intval($profile_uid)

+				);

+			} else {
+				//select someone by attag or nick and the name passed in

+				$r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1",

+						dbesc($name),

+						dbesc($name),

+						intval($profile_uid)

+				);

+			}
+			//$r is set, if someone could be selected

+			if(count($r)) {

+				$profile = $r[0]['url'];
+				//set newname to nick, find alias

+				if($r[0]['network'] === 'stat') {

+					$newname = $r[0]['nick'];

+					$stat = true;

+					if($r[0]['alias'])

+						$alias = $r[0]['alias'];

+				}

+				else

+					$newname = $r[0]['name'];

+				//add person's id to $inform
+				if(strlen($inform))

+					$inform .= ',';

+				$inform .= 'cid:' . $r[0]['id'];

+			}

+		}
+		//if there is an url for this persons profile

+		if(isset($profile)) {

+			//create profile link
+			$profile = str_replace(',','%2c',$profile);

+			$newtag = '@[url=' . $profile . ']' . $newname	. '[/url]';

+			$body = str_replace('@' . $name, $newtag, $body);

+			//append tag to str_tags
+			if(! stristr($str_tags,$newtag)) {

+				if(strlen($str_tags))

+					$str_tags .= ',';

+				$str_tags .= $newtag;

+			}

+	

+			// Status.Net seems to require the numeric ID URL in a mention if the person isn't

+			// subscribed to you. But the nickname URL is OK if they are. Grrr. We'll tag both.

+	

+			if(strlen($alias)) {

+				$newtag = '@[url=' . $alias . ']' . $newname	. '[/url]';

+				if(! stristr($str_tags,$newtag)) {

+					if(strlen($str_tags))

+						$str_tags .= ',';

+					$str_tags .= $newtag;

+				}

+			}

+		}

+	}
+}
diff --git a/tests/autoname_test.php b/tests/autoname_test.php
new file mode 100755
index 000000000..9dae920ca
--- /dev/null
+++ b/tests/autoname_test.php
@@ -0,0 +1,73 @@
+<?php
+/**
+ * this file contains tests for the autoname function
+ * 
+ * @package test.util
+ */
+
+/** required, it is the file under test */
+require_once('include/text.php');
+
+/**
+ * TestCase for the autoname function
+ * 
+ * @author Alexander Kampmann
+ * @package test.util
+ */
+class AutonameTest extends PHPUnit_Framework_TestCase {
+	/**

+	 *autonames should be random, even length

+	 */

+	public function testAutonameEven() {

+		$autoname1=autoname(10);

+		$autoname2=autoname(10);

+	

+		$this->assertNotEquals($autoname1, $autoname2);

+	}

+	

+	/**

+	 *autonames should be random, odd length

+	 */

+	public function testAutonameOdd() {

+		$autoname1=autoname(9);

+		$autoname2=autoname(9);

+	

+		$this->assertNotEquals($autoname1, $autoname2);

+	}

+	

+	/**

+	 * try to fail autonames

+	 */

+	public function testAutonameNoLength() {

+		$autoname1=autoname(0);

+		$this->assertEquals(0, count($autoname1));

+	}

+	
+	/**
+	 * try to fail it with invalid input
+	 * 
+	 * TODO: What's corect behaviour here? An exception?
+	 */

+	public function testAutonameNegativeLength() {

+		$autoname1=autoname(-23);

+		$this->assertEquals(0, count($autoname1));

+	}

+	

+	// 	public function testAutonameMaxLength() {

+	// 		$autoname2=autoname(PHP_INT_MAX);

+	// 		$this->assertEquals(PHP_INT_MAX, count($autoname2));

+	// 	}

+	
+	/**
+	 * test with a length, that may be too short
+	 */

+	public function testAutonameLength1() {

+		$autoname1=autoname(1);

+		$this->assertEquals(1, count($autoname1));
+		
+		$autoname2=autoname(1);

+		$this->assertEquals(1, count($autoname2));
+		
+		$this->assertFalse($autoname1==$autoname2); 

+	}
+}
\ No newline at end of file
diff --git a/tests/contains_attribute_test.php b/tests/contains_attribute_test.php
new file mode 100755
index 000000000..b0bb06acf
--- /dev/null
+++ b/tests/contains_attribute_test.php
@@ -0,0 +1,51 @@
+<?php
+/**

+ * this test tests the contains_attribute function

+ *

+ * @package test.util

+ */

+

+/** required, it is the file under test */

+require_once('include/text.php');

+

+/**

+ * TestCase for the contains_attribute function

+ *

+ * @author Alexander Kampmann

+ * @package test.util

+ */

+class ContainsAttributeTest extends PHPUnit_Framework_TestCase {
+	/**

+	 * test attribute contains

+	 */

+	public function testAttributeContains1() {

+		$testAttr="class1 notclass2 class3";

+		$this->assertTrue(attribute_contains($testAttr, "class3"));

+		$this->assertFalse(attribute_contains($testAttr, "class2"));

+	}

+	

+	/**

+	 * test attribute contains

+	 */

+	public function testAttributeContains2() {

+		$testAttr="class1 not-class2 class3";

+		$this->assertTrue(attribute_contains($testAttr, "class3"));

+		$this->assertFalse(attribute_contains($testAttr, "class2"));

+	}

+	
+	/**
+	 * test with empty input
+	 */

+	public function testAttributeContainsEmpty() {

+		$testAttr="";

+		$this->assertFalse(attribute_contains($testAttr, "class2"));

+	}

+	
+	/**
+	 * test input with special chars
+	 */

+	public function testAttributeContainsSpecialChars() {

+		$testAttr="--... %\$ä() /(=?}";

+		$this->assertFalse(attribute_contains($testAttr, "class2"));

+	}
+}
\ No newline at end of file
diff --git a/tests/expand_acl_test.php b/tests/expand_acl_test.php
new file mode 100755
index 000000000..b516a3f14
--- /dev/null
+++ b/tests/expand_acl_test.php
@@ -0,0 +1,142 @@
+<?php
+/**
+ * this test tests the expand_acl function
+ *
+ * @package test.util
+ */
+
+/** required, it is the file under test */
+require_once('include/text.php');
+
+/**

+ * TestCase for the expand_acl function

+ *

+ * @author Alexander Kampmann

+ * @package test.util

+ */

+class ExpandAclTest extends PHPUnit_Framework_TestCase {
+	
+	/**

+	 * test expand_acl, perfect input

+	 */

+	public function testExpandAclNormal() {

+		$text='<1><2><3>';

+		$this->assertEquals(array(1, 2, 3), expand_acl($text));

+	}

+	
+	/**
+	 * test with a big number
+	 */

+	public function testExpandAclBigNumber() {

+		$text='<1><'.PHP_INT_MAX.'><15>';

+		$this->assertEquals(array(1, PHP_INT_MAX, 15), expand_acl($text));

+	}

+	
+	/**
+	 * test with a string in it. 
+	 * 
+	 * TODO: is this valid input? Otherwise: should there be an exception?
+	 */

+	public function testExpandAclString() {

+		$text="<1><279012><tt>"; 

+		$this->assertEquals(array(1, 279012, 'tt'), expand_acl($text));

+	}

+	
+	/**
+	 * test with a ' ' in it. 
+	 * 
+	 * TODO: is this valid input? Otherwise: should there be an exception?
+	 */

+	public function testExpandAclSpace() {

+		$text="<1><279 012><32>"; 

+		$this->assertEquals(array(1, "279 012", "32"), expand_acl($text));

+	}

+	
+	/**
+	 * test empty input
+	 */

+	public function testExpandAclEmpty() {

+		$text=""; 

+		$this->assertEquals(array(), expand_acl($text));

+	}

+	
+	/**
+	 * test invalid input, no < at all
+	 * 
+	 * TODO: should there be an exception?
+	 */

+	public function testExpandAclNoBrackets() {

+		$text="According to documentation, that's invalid. "; //should be invalid

+		$this->assertEquals(array(), expand_acl($text));

+	}

+	
+	/**

+	 * test invalid input, just open <

+	 *

+	 * TODO: should there be an exception?

+	 */

+	public function testExpandAclJustOneBracket1() {

+		$text="<Another invalid string"; //should be invalid

+		$this->assertEquals(array(), expand_acl($text));

+	}

+	
+	/**

+	 * test invalid input, just close >

+	 *

+	 * TODO: should there be an exception?

+	 */

+	public function testExpandAclJustOneBracket2() {

+		$text="Another invalid> string"; //should be invalid

+		$this->assertEquals(array(), expand_acl($text));

+	}

+	
+	/**

+	 * test invalid input, just close >

+	 *

+	 * TODO: should there be an exception?

+	 */

+	public function testExpandAclCloseOnly() {

+		$text="Another> invalid> string>"; //should be invalid

+		$this->assertEquals(array(), expand_acl($text));

+	}

+	
+	/**

+	 * test invalid input, just open <

+	 *

+	 * TODO: should there be an exception?

+	 */

+	public function testExpandAclOpenOnly() {

+		$text="<Another< invalid string<"; //should be invalid

+		$this->assertEquals(array(), expand_acl($text));

+	}

+	
+	/**

+	 * test invalid input, open and close do not match

+	 *

+	 * TODO: should there be an exception?

+	 */

+	public function testExpandAclNoMatching1() {

+		$text="<Another<> invalid <string>"; //should be invalid

+		$this->assertEquals(array(), expand_acl($text));

+	}

+	
+	/**

+	 * test invalid input, open and close do not match

+	 *

+	 * TODO: should there be an exception?

+	 */

+	public function testExpandAclNoMatching2() {

+		$text="<1>2><3>";

+		$this->assertEquals(array(), expand_acl($text));

+	}
+	
+	/**

+	 * test invalid input, empty <>

+	 *

+	 * TODO: should there be an exception? Or array(1, 3)

+	 */

+	public function testExpandAclEmptyMatch() {

+		$text="<1><><3>";

+		$this->assertEquals(array(), expand_acl($text));

+	}
+}
\ No newline at end of file
diff --git a/tests/get_tags_test.php b/tests/get_tags_test.php
new file mode 100644
index 000000000..9051923be
--- /dev/null
+++ b/tests/get_tags_test.php
@@ -0,0 +1,313 @@
+<?php
+/**
+ * This file contains the tests for get_tags and the tag handling in item.php
+ * 
+ * @package test.util
+ */
+
+/**
+ * required, because it contains the get_tags() function
+ */
+require_once 'include/text.php';
+/**
+ * required, because it contains the tag handling
+ */
+require_once 'mod/item.php';
+
+/**
+ * A class which can be used as replacement for an app if
+ * only get_baseurl is used. 
+ * 
+ * @author Alexander Kampmann
+ * @package test.util
+ */
+class MockApp {
+	function get_baseurl() {
+		return "baseurl"; 
+	}
+}; 
+
+/**
+ * the test should not rely on a database, 
+ * so this is a replacement for the database access method q. 
+ * 
+ * It simulates the user with uid 11 has one contact, named Mike Lastname. 
+ * 
+ * @param string $sql
+ */
+function q($sql) {
+	$result=array(array('id'=>15, 
+			'attag'=>'', 'network'=>'dfrn', 
+			'name'=>'Mike Lastname', 'alias'=>'Mike', 
+			'nick'=>'Mike', 'url'=>"http://justatest.de")); 
+	
+	$args=func_get_args(); 
+
+	//last parameter is always (in this test) uid, so, it should be 11
+	if($args[count($args)-1]!=11) {
+		return; 
+	}
+	
+	
+	if(3==count($args)) {
+		//first call in handle_body, id only
+		if($result[0]['id']==$args[1]) {
+			return $result; 
+		}
+		//second call in handle_body, name
+		if($result[0]['name']===$args[1]) {

+			return $result;

+		}
+	}
+	//third call in handle_body, nick or attag
+	if($result[0]['nick']===$args[2] || $result[0]['attag']===$args[1]) {

+		return $result;

+	}
+}
+
+/**
+ * replacement for dbesc. 
+ * I don't want to test dbesc here, so
+ * I just return the input. It won't be a problem, because 
+ * the test does not use a real database. 
+ * 
+ * DON'T USE HAT FUNCTION OUTSIDE A TEST!
+ * 
+ * @param string $str
+ * @return input
+ */
+function dbesc($str) {
+	return $str; 
+}
+
+/**
+ * TestCase for tag handling. 
+ * 
+ * @author alexander
+ * @package test.util
+ */
+class GetTagsTest extends PHPUnit_Framework_TestCase {
+	/** the mock to use as app */
+	private $a; 

+
+	/**
+	 * initialize the test. That's a phpUnit function, 
+	 * don't change its name.
+	 */

+	public function setUp() {

+		$this->a=new MockApp(); 
+	}
+
+	/**

+	 * test with one Person tag

+	 */

+	public function testGetTagsShortPerson() {

+		$text="hi @Mike";

+

+		$tags=get_tags($text);

+
+		$inform=''; 
+		$str_tags='';
+		foreach($tags as $tag) {
+			handle_tag($this->a, $text, $inform, $str_tags, 11, $tag);
+		}
+
+		//correct tags found?
+		$this->assertEquals(1, count($tags)); 

+		$this->assertTrue(in_array("@Mike", $tags));
+		
+		//correct output from handle_tag?
+		$this->assertEquals("cid:15", $inform); 
+		$this->assertEquals("@[url=http://justatest.de]Mike Lastname[/url]", $str_tags);
+		$this->assertEquals("hi @[url=http://justatest.de]Mike Lastname[/url]", $text);

+	}
+	
+	/**

+	 * test with one Person tag. 
+	 * There's a minor spelling mistake...

+	 */

+	public function testGetTagsShortPersonSpelling() {

+		$text="hi @Mike.because";

+	

+		$tags=get_tags($text);

+	
+		//correct tags found?

+		$this->assertEquals(1, count($tags));

+		$this->assertTrue(in_array("@Mike.because", $tags));
+		

+		$inform='';

+		$str_tags='';

+		handle_tag($this->a, $text, $inform, $str_tags, 11, $tags[0]);

+	

+		$this->assertEquals("cid:15", $inform); 
+		$this->assertEquals("@[url=http://justatest.de]Mike Lastname[/url]", $str_tags);
+		$this->assertEquals("hi @[url=http://justatest.de]Mike Lastname[/url].because", $text);

+	}
+	
+	/**

+	 * test with two Person tags. 
+	 * There's a minor spelling mistake...

+	 */

+	public function testGetTagsPerson2Spelling() {

+		$text="hi @Mike@campino@friendica.eu";

+	

+		$tags=get_tags($text);

+	
+		$this->assertEquals(2, count($tags)); 

+		$this->assertTrue(in_array("@Mike", $tags));
+		$this->assertTrue(in_array("@campino@friendica.eu", $tags));

+	}

+
+	/**
+	 * Test with one hash tag.
+	 */

+	public function testGetTagsShortTag() {

+		$text="This is a #test_case";

+

+		$tags=get_tags($text);

+
+		$this->assertEquals(1, count($tags));

+		$this->assertTrue(in_array("#test_case", $tags));

+	}

+
+	/**
+	 * test with a person and a hash tag
+	 */

+	public function testGetTagsShortTagAndPerson() {

+		$text="hi @Mike This is a #test_case";

+

+		$tags=get_tags($text);

+
+		$this->assertEquals(3, count($tags));
+		$this->assertTrue(in_array("@Mike", $tags));
+		$this->assertTrue(in_array("@Mike This", $tags));

+		$this->assertTrue(in_array("#test_case", $tags));

+
+		$inform='';
+		$str_tags='';
+		foreach($tags as $tag) {
+			handle_tag($this->a, $text, $inform, $str_tags, 11, $tag);
+		}
+		

+		$this->assertEquals("cid:15", $inform); 
+		$this->assertEquals("@[url=http://justatest.de]Mike Lastname[/url],#[url=baseurl/search?search=test%20case]test case[/url]", $str_tags);
+		$this->assertEquals("hi @[url=http://justatest.de]Mike Lastname[/url] This is a #[url=baseurl/search?search=test%20case]test case[/url]", $text); 
+		

+	}

+
+	/**
+	 * test with a person, a hash tag and some special chars.
+	 */

+	public function testGetTagsShortTagAndPersonSpecialChars() {

+		$text="hi @Mike, This is a #test_case.";

+

+		$tags=get_tags($text);

+

+		$this->assertEquals(2, count($tags));
+		$this->assertTrue(in_array("@Mike", $tags));
+		$this->assertTrue(in_array("#test_case", $tags));

+	}

+
+	/**
+	 * Test with a person tag and text behind it.
+	 */

+	public function testGetTagsPersonOnly() {

+		$text="@Test I saw the Theme Dev group was created.";

+

+		$tags=get_tags($text);

+
+		$this->assertEquals(2, count($tags));

+		$this->assertTrue(in_array("@Test I", $tags));
+		$this->assertTrue(in_array("@Test", $tags));

+	}

+
+	/**
+	 * this test demonstrates strange behaviour by intval. 
+	 * It makes the next test fail. 
+	 */
+	public function testIntval() {
+		$this->assertEquals(15, intval("15 it")); 
+	}
+	
+	/**
+	 * test a tag with an id in it
+	 */
+	public function testIdTag() {
+		$text="Test with @mike+15 id tag"; 
+		
+		$tags=get_tags($text); 
+		
+		$this->assertEquals(2, count($tags)); 
+		$this->assertTrue(in_array("@mike+15", $tags));
+		
+		//happens right now, but it shouldn't be necessary
+		$this->assertTrue(in_array("@mike+15 id", $tags));
+		
+		$inform='';

+		$str_tags='';
+		foreach($tags as $tag) {
+			handle_tag($this->a, $text, $inform, $str_tags, 11, $tag);
+		}
+		
+		$this->assertEquals("Test with @[url=http://justatest.de]Mike Lastname[/url] id tag", $text);

+		$this->assertEquals("@[url=http://justatest.de]Mike Lastname[/url]", $str_tags);

+		$this->assertEquals("cid:15", $inform);
+	}
+	
+	/**
+	 * test with two persons and one special tag.
+	 */

+	public function testGetTags2Persons1TagSpecialChars() {

+		$text="hi @Mike, I'm just writing #test_cases, so"

+		." so @somebody@friendica.com may change #things.";

+

+		$tags=get_tags($text);

+
+		$this->assertEquals(5, count($tags));

+		$this->assertTrue(in_array("@Mike", $tags));

+		$this->assertTrue(in_array("#test_cases", $tags));
+		$this->assertTrue(in_array("@somebody@friendica.com", $tags));

+		$this->assertTrue(in_array("@somebody@friendica.com may", $tags));

+		$this->assertTrue(in_array("#things", $tags));

+	}

+
+	/**
+	 * test with a long text.
+	 */

+	public function testGetTags() {

+		$text="hi @Mike, I'm just writing #test_cases, "

+		." so @somebody@friendica.com may change #things. Of course I "

+		."look for a lot of #pitfalls, like #tags at the end of a sentence "

+		."@comment. I hope noone forgets about @fullstops.because that might"

+		." break #things. @Mike@campino@friendica.eu is also #nice, isn't it? "

+		."Now, add a @first_last tag. ";

+		

+		$tags=get_tags($text);

+

+		$this->assertTrue(in_array("@Mike", $tags));

+		$this->assertTrue(in_array("#test_cases", $tags));

+		$this->assertTrue(in_array("@somebody@friendica.com", $tags));

+		$this->assertTrue(in_array("#things", $tags));

+		$this->assertTrue(in_array("#pitfalls", $tags));

+		$this->assertTrue(in_array("#tags", $tags));

+		$this->assertTrue(in_array("@comment", $tags));

+		$this->assertTrue(in_array("@fullstops.because", $tags));

+		$this->assertTrue(in_array("#things", $tags));

+		$this->assertTrue(in_array("@Mike", $tags));

+		$this->assertTrue(in_array("#nice", $tags));

+		$this->assertTrue(in_array("@first_last", $tags));
+		
+		//right now, none of the is matched
+		$this->assertFalse(in_array("@Mike@campino@friendica.eu", $tags));

+		$this->assertTrue(in_array("@campino@friendica.eu", $tags));
+		$this->assertTrue(in_array("@campino@friendica.eu is", $tags));

+	}

+
+	/**
+	 * test with an empty string
+	 */

+	public function testGetTagsEmpty() {

+		$tags=get_tags("");

+		$this->assertEquals(0, count($tags));

+	}
+}
\ No newline at end of file
diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php
new file mode 100644
index 000000000..d7dcf0472
--- /dev/null
+++ b/tests/xss_filter_test.php
@@ -0,0 +1,50 @@
+<?php
+/**
+ * tests several functions which are used to prevent xss attacks
+ * 
+ * @package test.util
+ */
+
+require_once('include/text.php');
+
+class AntiXSSTest extends PHPUnit_Framework_TestCase {
+
+	/**
+	 * test, that tags are escaped
+	 */
+	public function testEscapeTags() {
+		$invalidstring='<submit type="button" onclick="alert(\'failed!\');" />';
+
+		$validstring=notags($invalidstring);
+		$escapedString=escape_tags($invalidstring);
+
+		$this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring);
+		$this->assertEquals("&lt;submit type=&quot;button&quot; onclick=&quot;alert('failed!');&quot; /&gt;", $escapedString);
+	}
+
+	/**
+	 *xmlify and unxmlify
+	 */
+	public function testXmlify() {
+		$text="<tag>I want to break\n this!11!<?hard?></tag>";
+		$xml=xmlify($text); //test whether it actually may be part of a xml document
+		$retext=unxmlify($text);
+
+		$this->assertEquals($text, $retext);
+	}
+
+	/**
+	 * test hex2bin and reverse
+	 */
+	public function testHex2Bin() {
+		$this->assertEquals(-3, hex2bin(bin2hex(-3)));
+		$this->assertEquals(0, hex2bin(bin2hex(0)));
+		$this->assertEquals(12, hex2bin(bin2hex(12)));
+		$this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX)));
+	}
+
+	//function qp, quick and dirty??
+	//get_mentions
+	//get_contact_block, bis Zeile 538
+}
+?>
diff --git a/util/db_update.php b/util/db_update.php
index a6177324a..35620e80b 100755
--- a/util/db_update.php
+++ b/util/db_update.php
@@ -26,7 +26,7 @@ echo "New DB VERSION: " . DB_UPDATE_VERSION . "\n";
 
 if($build != DB_UPDATE_VERSION) {
 	echo "Updating database...";
-	check_config();
+	check_config($a);
 	echo "Done\n";
 }
 
diff --git a/view/de/strings.php b/view/de/strings.php
index 3f9176cd7..5438a1c9f 100755
--- a/view/de/strings.php
+++ b/view/de/strings.php
@@ -4,23 +4,23 @@ function string_plural_select_de($n){
 	return ($n != 1);
 }
 ;
-$a->strings["Post successful."] = "Beitrag erfolgreich veröffentlicht.";
+$a->strings["Post successful."] = "Beitrag erfolgreich ver�ffentlicht.";
 $a->strings["[Embedded content - reload page to view]"] = "[Eingebetteter Inhalt - Seite neu laden zum Betrachten]";
 $a->strings["Contact settings applied."] = "Einstellungen zum Kontakt angewandt.";
 $a->strings["Contact update failed."] = "Konnte den Kontakt nicht aktualisieren.";
 $a->strings["Permission denied."] = "Zugriff verweigert.";
 $a->strings["Contact not found."] = "Kontakt nicht gefunden.";
 $a->strings["Repair Contact Settings"] = "Kontakt-Einstellungen reparieren";
-$a->strings["<strong>WARNING: This is highly advanced</strong> and if you enter incorrect information your communications with this contact may stop working."] = "<strong>ACHTUNG: Das sind Experten-Einstellungen!</strong> Wenn Du etwas Falsches eingibst, funktioniert die Kommunikation mit diesem Kontakt evtl. nicht mehr.";
-$a->strings["Please use your browser 'Back' button <strong>now</strong> if you are uncertain what to do on this page."] = "Bitte nutze den Zurück-Button deines Browsers <strong>jetzt</strong>, wenn du dir unsicher bist, was du tun willst.";
-$a->strings["Return to contact editor"] = "Zurück zum Kontakteditor";
+$a->strings["<strong>WARNING: This is highly advanced</strong> and if you enter incorrect information your communications with this contact may stop working."] = "<strong>ACHTUNG: Das sind Experten-Einstellungen!</strong> Wenn Du etwas falsches eingibst, funktioniert die Kommunikation mit diesem Kontakt evtl. nicht mehr.";
+$a->strings["Please use your browser 'Back' button <strong>now</strong> if you are uncertain what to do on this page."] = "Bitte nutze den Zur�ck-Button deines Browsers <strong>jetzt</strong>, wenn du dir unsicher bist, was auf dieser Seite gemacht wird.";
+$a->strings["Return to contact editor"] = "Zur�ck zum Kontakteditor";
 $a->strings["Name"] = "Name";
 $a->strings["Account Nickname"] = "Account-Spitzname";
-$a->strings["@Tagname - overrides Name/Nickname"] = "@Tagname - überschreibt Name/Spitzname";
+$a->strings["@Tagname - overrides Name/Nickname"] = "@Tagname - �berschreibt Name/Spitzname";
 $a->strings["Account URL"] = "Account-URL";
-$a->strings["Friend Request URL"] = "URL für Freundschaftsanfragen";
-$a->strings["Friend Confirm URL"] = "URL für Bestätigungen von Freundschaftsanfragen";
-$a->strings["Notification Endpoint URL"] = "URL-Endpunkt für Benachrichtigungen";
+$a->strings["Friend Request URL"] = "URL f�r Freundschaftsanfragen";
+$a->strings["Friend Confirm URL"] = "URL f�r Best�tigungen von Freundschaftsanfragen";
+$a->strings["Notification Endpoint URL"] = "URL-Endpunkt f�r Benachrichtigungen";
 $a->strings["Poll/Feed URL"] = "Pull/Feed-URL";
 $a->strings["New photo from this URL"] = "Neues Foto von dieser URL";
 $a->strings["Submit"] = "Senden";
@@ -28,7 +28,7 @@ $a->strings["Help:"] = "Hilfe:";
 $a->strings["Help"] = "Hilfe";
 $a->strings["Not Found"] = "Nicht gefunden";
 $a->strings["Page not found."] = "Seite nicht gefunden.";
-$a->strings["File exceeds size limit of %d"] = "Die Datei ist größer als das erlaubte Limit von %d";
+$a->strings["File exceeds size limit of %d"] = "Die Datei ist gr��er als das erlaubte Limit von %d";
 $a->strings["File upload failed."] = "Hochladen der Datei fehlgeschlagen.";
 $a->strings["Friend suggestion sent."] = "Kontaktvorschlag gesendet.";
 $a->strings["Suggest Friends"] = "Kontakte vorschlagen";
@@ -40,7 +40,7 @@ $a->strings["link to source"] = "Link zum Originalbeitrag";
 $a->strings["Events"] = "Veranstaltungen";
 $a->strings["Create New Event"] = "Neue Veranstaltung erstellen";
 $a->strings["Previous"] = "Vorherige";
-$a->strings["Next"] = "Nächste";
+$a->strings["Next"] = "N�chste";
 $a->strings["hour:minute"] = "Stunde:Minute";
 $a->strings["Event details"] = "Veranstaltungsdetails";
 $a->strings["Format is %s %s. Starting date and Description are required."] = "Format ist %s %s. Anfangsdatum und Beschreibung sind notwendig.";