| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
MySql and PostgreSQL does of course have different names for charsets,
so we have to explicitly define them in the respective phpunit.xml
files. This also allows testing with other charsets if there should be a
need for that, though I think utf8 should cover everything and then
some.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This should fix issue #1828.
This patch makes it explicit that we store arrays in the config as json
encoded arrays, while we allow both json encoded and PHP serialized
arrays to be deserialized correctly. Unless it's a brand new install,
the existing data in the database will be PHP serialized.
I've also added a hardening measure in case we fall back to PHP
unserialize, making sure we're not vulnerable to a PHP Object Injection
attack. This means that deserializing arrays containing PHP objects will
no longer work, but afaict we never do that anyways, so I don't think
that should break anything.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since the tests now have access to the database, there's no longer any
need for mocking or stubbing functions that uses the db. As the codebase
relies on global state and static class functions (aka classes as
namespace), stubbing these are not straight forward and complicates the
test code, and reliability.
With access to the database, we can now perform these tests by
populating the db tables with the content relevant for the test, and
perform the actual tests to verify that the code behaves as expected
given the db content we've created.
In the tests I enabled in this patch, I've explicitly set the expected
configuration in the db using the available API's in the code itself.
While it would also be possible to add more permanent fixtures to set
the db in the expected state, doing it dynamically like this has some
advantages.
It allows very specific setups for the test that we may not want to be
set of every test. The photo factory test to ignore Image Magick is a
good example of that. We may want to also test the opposite, that Image
Magick is selected if the flag is not set (and the extention is
available.)
Also, the fixtures themselves are not more informative than the table
column names they contain, so comments would be needed to document both
the content and how it fits into the test environment. With the more
dynamic approach the test code becomes more self documenting.
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
First test that relies on the test db and fixtures.
|
| | |
| |
| |
| |
| | |
This probably needs to be optimized a bit to avoid loading large amounts
of db fixtures before each test. But it's getting somewhere!
|
| | | |
|
| |/ |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add type annotations for constructor and set* methods, and throw an
exception if the passed in arrays are missing required keys. This means
that both invalid input types and missing keys will throw and exception
rather than just die with a runtime error.
There's not checks to verify that the contents of the required array
keys are valid or make sense, though. They are just assigned, and
returned as is by the get method when requested.
Also, the set_from_array method is not well tested at the moment.
|
| | |
|
| |
|
|
|
| |
This cleans up the doc comment. Should probably try to do this
everywhere.
|
| | |
|
| |
|
|
| |
Just no need to have them spread around in various other tests cases.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
These tests actually tests both the get_tags() function, and the
handle_tags() function. The latter don't work, and should probably be
split into it's own test cases.
There's also some stubs here that we may want to deal with in another
way.
Also removed meaningless "test" of intval() builtin function. It behaves
as documented, no need for us to test it.
|
| |
|
|
| |
Mostly cosmetic to satisfy phpcs + remove explicit require.
|
| |
|
|
| |
Not sure if this test is actually useful, but leave it for now.
|
| |
|
|
| |
Rely on PHPUnit config to load the app and the code under test.
|
| | |
|
| |
|
|
|
|
| |
- Start comments with capital letter
- Fix indentation
- Add missing doc comments
|
| | |
|
| |
|
|
|
| |
Not quite unit test clean, but a somewhat pragmatic approach to make the
tests pass as is.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The escaping makes the URL safe for display and for use in HTML element
attributes (such as href="..." etc), but does not guarantee that the URL
itself is valid after conversion. This should be good enough for
mitigating XSS issues caused by injecting html or javascript into a URL.
Also probably good enough for _most_ normal URLs, but there may be
devils hidden in the details somewhere.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
| |
(cherry picked from commit 1affcb80172576dc46e4434cd10e1a534a9bb6c2)
|
| | |
|
| |
|
| |
This reverts commit c5fca0a1e784130b0e6f7aeee0bc36999f120bbf
|
| |
|
| |
This reverts commit 8401e9c2b4bca3bf19eb7590f827b7169f4647d9
|
