3 require_once(dirname(__FILE__
).'/../../../fixtures/config/config.php');
4 require_once(AK_LIB_DIR
.DS
.'AkActionView'.DS
.'AkPhpCodeSanitizer.php');
6 class AkPhpCodeSanitizer_TestCase
extends AkUnitTest
8 function test_should_avoid_private_variables()
10 $this->assertInvalidCode('<?php $_private; ?>');
11 $this->assertInvalidCode('<?=$_private?>');
14 function test_should_avoid_private_array_keys()
16 $this->assertInvalidCode('<?php echo $var[\'_private\']; ?>');
17 $this->assertInvalidCode('<?php $var["_private"]?>');
18 $this->assertInvalidCode('<?php $var[public][_private]?>');
19 $this->assertInvalidCode('<?php $var[{\'_private\'}]?>');
22 function test_should_avoid_private_object_attributes()
24 $this->assertInvalidCode('<?php echo $var->_private; ?>');
25 $this->assertInvalidCode('<?php $var->_private?>');
26 $this->assertInvalidCode('<?php $var->public->_private]?>');
27 $this->assertInvalidCode('<?php $var->{\'_private\'}?>');
28 $this->assertInvalidCode('<?php $var->$variable_attr?>');
31 function test_should_allow_ternary_operators()
33 $this->assertValidCode('<?php empty($Post->comments) ? null : $comment_loop_counter = 0; ?>');
36 function test_should_allow_conditional_assingments()
38 $this->assertValidCode('<?php if (isset($Preference->value)){ $value = $Preference->value; } ?>');
43 function assertValidCode($code)
45 $this->CodeSanitizer
=& new AkPhpCodeSanitizer();
46 $this->CodeSanitizer
->setOptions(array('code'=>$code));
47 $this->assertTrue($this->CodeSanitizer
->isCodeSecure(), 'Secure code not accepted: '.$code);
50 function assertInvalidCode($code)
52 $this->CodeSanitizer
=& new AkPhpCodeSanitizer();
53 $this->CodeSanitizer
->setOptions(array('code'=>$code));
54 $this->assertFalse($this->CodeSanitizer
->isCodeSecure(), 'Unsecure code not detected: '.$code);
55 $this->assertErrorPattern('/You can\'t use/');
