diff options
-rwxr-xr-x | tests/autoname_test.php | 73 | ||||
-rwxr-xr-x | tests/contains_attribute_test.php | 51 | ||||
-rwxr-xr-x | tests/expand_acl_test.php | 142 | ||||
-rw-r--r-- | tests/xss_filter_test.php | 149 |
4 files changed, 269 insertions, 146 deletions
diff --git a/tests/autoname_test.php b/tests/autoname_test.php new file mode 100755 index 000000000..9dae920ca --- /dev/null +++ b/tests/autoname_test.php @@ -0,0 +1,73 @@ +<?php +/** + * this file contains tests for the autoname function + * + * @package test.util + */ + +/** required, it is the file under test */ +require_once('include/text.php'); + +/** + * TestCase for the autoname function + * + * @author Alexander Kampmann + * @package test.util + */ +class AutonameTest extends PHPUnit_Framework_TestCase { + /**
+ *autonames should be random, even length
+ */
+ public function testAutonameEven() {
+ $autoname1=autoname(10);
+ $autoname2=autoname(10);
+
+ $this->assertNotEquals($autoname1, $autoname2);
+ }
+
+ /**
+ *autonames should be random, odd length
+ */
+ public function testAutonameOdd() {
+ $autoname1=autoname(9);
+ $autoname2=autoname(9);
+
+ $this->assertNotEquals($autoname1, $autoname2);
+ }
+
+ /**
+ * try to fail autonames
+ */
+ public function testAutonameNoLength() {
+ $autoname1=autoname(0);
+ $this->assertEquals(0, count($autoname1));
+ }
+ + /** + * try to fail it with invalid input + * + * TODO: What's corect behaviour here? An exception? + */
+ public function testAutonameNegativeLength() {
+ $autoname1=autoname(-23);
+ $this->assertEquals(0, count($autoname1));
+ }
+
+ // public function testAutonameMaxLength() {
+ // $autoname2=autoname(PHP_INT_MAX);
+ // $this->assertEquals(PHP_INT_MAX, count($autoname2));
+ // }
+ + /** + * test with a length, that may be too short + */
+ public function testAutonameLength1() {
+ $autoname1=autoname(1);
+ $this->assertEquals(1, count($autoname1)); + + $autoname2=autoname(1);
+ $this->assertEquals(1, count($autoname2)); + + $this->assertFalse($autoname1==$autoname2);
+ } +}
\ No newline at end of file diff --git a/tests/contains_attribute_test.php b/tests/contains_attribute_test.php new file mode 100755 index 000000000..b0bb06acf --- /dev/null +++ b/tests/contains_attribute_test.php @@ -0,0 +1,51 @@ +<?php +/**
+ * this test tests the contains_attribute function
+ *
+ * @package test.util
+ */
+
+/** required, it is the file under test */
+require_once('include/text.php');
+
+/**
+ * TestCase for the contains_attribute function
+ *
+ * @author Alexander Kampmann
+ * @package test.util
+ */
+class ContainsAttributeTest extends PHPUnit_Framework_TestCase { + /**
+ * test attribute contains
+ */
+ public function testAttributeContains1() {
+ $testAttr="class1 notclass2 class3";
+ $this->assertTrue(attribute_contains($testAttr, "class3"));
+ $this->assertFalse(attribute_contains($testAttr, "class2"));
+ }
+
+ /**
+ * test attribute contains
+ */
+ public function testAttributeContains2() {
+ $testAttr="class1 not-class2 class3";
+ $this->assertTrue(attribute_contains($testAttr, "class3"));
+ $this->assertFalse(attribute_contains($testAttr, "class2"));
+ }
+ + /** + * test with empty input + */
+ public function testAttributeContainsEmpty() {
+ $testAttr="";
+ $this->assertFalse(attribute_contains($testAttr, "class2"));
+ }
+ + /** + * test input with special chars + */
+ public function testAttributeContainsSpecialChars() {
+ $testAttr="--... %\$ä() /(=?}";
+ $this->assertFalse(attribute_contains($testAttr, "class2"));
+ } +}
\ No newline at end of file diff --git a/tests/expand_acl_test.php b/tests/expand_acl_test.php new file mode 100755 index 000000000..b516a3f14 --- /dev/null +++ b/tests/expand_acl_test.php @@ -0,0 +1,142 @@ +<?php +/** + * this test tests the expand_acl function + * + * @package test.util + */ + +/** required, it is the file under test */ +require_once('include/text.php'); + +/**
+ * TestCase for the expand_acl function
+ *
+ * @author Alexander Kampmann
+ * @package test.util
+ */
+class ExpandAclTest extends PHPUnit_Framework_TestCase { + + /**
+ * test expand_acl, perfect input
+ */
+ public function testExpandAclNormal() {
+ $text='<1><2><3>';
+ $this->assertEquals(array(1, 2, 3), expand_acl($text));
+ }
+ + /** + * test with a big number + */
+ public function testExpandAclBigNumber() {
+ $text='<1><'.PHP_INT_MAX.'><15>';
+ $this->assertEquals(array(1, PHP_INT_MAX, 15), expand_acl($text));
+ }
+ + /** + * test with a string in it. + * + * TODO: is this valid input? Otherwise: should there be an exception? + */
+ public function testExpandAclString() {
+ $text="<1><279012><tt>";
+ $this->assertEquals(array(1, 279012, 'tt'), expand_acl($text));
+ }
+ + /** + * test with a ' ' in it. + * + * TODO: is this valid input? Otherwise: should there be an exception? + */
+ public function testExpandAclSpace() {
+ $text="<1><279 012><32>";
+ $this->assertEquals(array(1, "279 012", "32"), expand_acl($text));
+ }
+ + /** + * test empty input + */
+ public function testExpandAclEmpty() {
+ $text="";
+ $this->assertEquals(array(), expand_acl($text));
+ }
+ + /** + * test invalid input, no < at all + * + * TODO: should there be an exception? + */
+ public function testExpandAclNoBrackets() {
+ $text="According to documentation, that's invalid. "; //should be invalid
+ $this->assertEquals(array(), expand_acl($text));
+ }
+ + /**
+ * test invalid input, just open <
+ *
+ * TODO: should there be an exception?
+ */
+ public function testExpandAclJustOneBracket1() {
+ $text="<Another invalid string"; //should be invalid
+ $this->assertEquals(array(), expand_acl($text));
+ }
+ + /**
+ * test invalid input, just close >
+ *
+ * TODO: should there be an exception?
+ */
+ public function testExpandAclJustOneBracket2() {
+ $text="Another invalid> string"; //should be invalid
+ $this->assertEquals(array(), expand_acl($text));
+ }
+ + /**
+ * test invalid input, just close >
+ *
+ * TODO: should there be an exception?
+ */
+ public function testExpandAclCloseOnly() {
+ $text="Another> invalid> string>"; //should be invalid
+ $this->assertEquals(array(), expand_acl($text));
+ }
+ + /**
+ * test invalid input, just open <
+ *
+ * TODO: should there be an exception?
+ */
+ public function testExpandAclOpenOnly() {
+ $text="<Another< invalid string<"; //should be invalid
+ $this->assertEquals(array(), expand_acl($text));
+ }
+ + /**
+ * test invalid input, open and close do not match
+ *
+ * TODO: should there be an exception?
+ */
+ public function testExpandAclNoMatching1() {
+ $text="<Another<> invalid <string>"; //should be invalid
+ $this->assertEquals(array(), expand_acl($text));
+ }
+ + /**
+ * test invalid input, open and close do not match
+ *
+ * TODO: should there be an exception?
+ */
+ public function testExpandAclNoMatching2() {
+ $text="<1>2><3>";
+ $this->assertEquals(array(), expand_acl($text));
+ } + + /**
+ * test invalid input, empty <>
+ *
+ * TODO: should there be an exception? Or array(1, 3)
+ */
+ public function testExpandAclEmptyMatch() {
+ $text="<1><><3>";
+ $this->assertEquals(array(), expand_acl($text));
+ } +}
\ No newline at end of file diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php index fe944c2a7..d7dcf0472 100644 --- a/tests/xss_filter_test.php +++ b/tests/xss_filter_test.php @@ -1,24 +1,16 @@ <?php /** + * tests several functions which are used to prevent xss attacks + * * @package test.util */ -require_once("include/template_processor.php"); require_once('include/text.php'); class AntiXSSTest extends PHPUnit_Framework_TestCase { - public function setUp() { - set_include_path(
- get_include_path() . PATH_SEPARATOR
- . 'include' . PATH_SEPARATOR
- . 'library' . PATH_SEPARATOR
- . 'library/phpsec' . PATH_SEPARATOR
- . '.' ); - } - /** - * test no tags + * test, that tags are escaped */ public function testEscapeTags() { $invalidstring='<submit type="button" onclick="alert(\'failed!\');" />'; @@ -31,49 +23,6 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { } /** - *autonames should be random, even length - */ - public function testAutonameEven() { - $autoname1=autoname(10); - $autoname2=autoname(10); - - $this->assertNotEquals($autoname1, $autoname2); - } - - /** - *autonames should be random, odd length - */ - public function testAutonameOdd() { - $autoname1=autoname(9); - $autoname2=autoname(9); - - $this->assertNotEquals($autoname1, $autoname2); - } - - /** - * try to fail autonames - */ - public function testAutonameNoLength() { - $autoname1=autoname(0); - $this->assertEquals(0, count($autoname1)); - } - - public function testAutonameNegativeLength() { - $autoname1=autoname(-23); - $this->assertEquals(0, count($autoname1)); - } - - // public function testAutonameMaxLength() { - // $autoname2=autoname(PHP_INT_MAX); - // $this->assertEquals(PHP_INT_MAX, count($autoname2)); - // } - - public function testAutonameLength1() { - $autoname3=autoname(1); - $this->assertEquals(1, count($autoname3)); - } - - /** *xmlify and unxmlify */ public function testXmlify() { @@ -87,7 +36,6 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { /** * test hex2bin and reverse */ - public function testHex2Bin() { $this->assertEquals(-3, hex2bin(bin2hex(-3))); $this->assertEquals(0, hex2bin(bin2hex(0))); @@ -95,97 +43,6 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX))); } - /** - * test expand_acl - */ - public function testExpandAclNormal() { - $text="<1><2><3>"; - $this->assertEquals(array(1, 2, 3), expand_acl($text)); - } - - public function testExpandAclBigNumber() { - $text="<1><279012><15>"; - $this->assertEquals(array(1, 279012, 15), expand_acl($text)); - } - - public function testExpandAclString() { - $text="<1><279012><tt>"; //maybe that's invalid - $this->assertEquals(array(1, 279012, 'tt'), expand_acl($text)); - } - - public function testExpandAclSpace() { - $text="<1><279 012><32>"; //maybe that's invalid - $this->assertEquals(array(1, "279 012", "32"), expand_acl($text)); - } - - public function testExpandAclEmpty() { - $text=""; //maybe that's invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclNoBrackets() { - $text="According to documentation, that's invalid. "; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclJustOneBracket1() { - $text="<Another invalid string"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclJustOneBracket2() { - $text="Another invalid> string"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclCloseOnly() { - $text="Another> invalid> string>"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclOpenOnly() { - $text="<Another< invalid string<"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclNoMatching1() { - $text="<Another<> invalid <string>"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclNoMatching2() { - $text="<1>2><3>"; - $this->assertEquals(array(), expand_acl($text)); - } - - /** - * test attribute contains - */ - public function testAttributeContains1() { - $testAttr="class1 notclass2 class3"; - $this->assertTrue(attribute_contains($testAttr, "class3")); - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - - /** - * test attribute contains - */ - public function testAttributeContains2() { - $testAttr="class1 not-class2 class3"; - $this->assertTrue(attribute_contains($testAttr, "class3")); - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - - public function testAttributeContainsEmpty() { - $testAttr=""; - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - - public function testAttributeContainsSpecialChars() { - $testAttr="--... %\$ä() /(=?}"; - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - //function qp, quick and dirty?? //get_mentions //get_contact_block, bis Zeile 538 |