search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Adding tests for securing private variable inclussion on templates.
[akelos.git] / test / unit / lib / AkRequest / _base.php
blob5298bbbf8d53608d8ff7ef3d07f6d58cbd0d30b8
1 <?php
2
3 require_once(dirname(__FILE__).'/../../../fixtures/config/config.php');
4
5 require_once(AK_LIB_DIR.DS.'AkRequest.php');
6
7 class AkRequestTestCase extends AkUnitTest
8 {
9 var $test_request;
10 var $test_request2;
11 var $test_request3;
12 var $test_request4;
13 var $test_request5;
14
15 var $_testRequestInstance;
16 var $_original_values;
17
18 function setUp()
19 {
20 $sess_request = isset($_SESSION['request']) ? $_SESSION['request'] : null;
21 $this->_original_values = array($sess_request, $_COOKIE, $_POST, $_GET, $_REQUEST);
22
23 $_SESSION['request'] = array(
24 'session_param'=>'session',
25 'ak'=>'/session_controller/session_action',
26 'general_param'=>'session'
27 );
28
29 $_COOKIE = array(
30 'cookie_param'=>'cookie',
31 'session_param'=>'cookie',
32 'general_param'=>'cookie'
33 );
34
35 $_POST = array(
36 'post_param'=>'post',
37 'cookie_param'=>'post',
38 'session_param'=>'post',
39 'general_param'=>'post'
40 );
41
42 $_GET = array(
43 'get_param'=>'get',
44 'ak'=>'/get_controller/get_action',
45 'post_param'=>'get',
46 'cookie_param'=>'get',
47 'session_param'=>'get',
48 'general_param'=>'get',
49 'gpc_param'=>'Isn\\\'t it ironic'
50 );
51
52 $_REQUEST = array(
53 'cmd_param'=>'cmd',
54 'get_param'=>'cmd',
55 'post_param'=>'cmd',
56 'cookie_param'=>'cmd',
57 'session_param'=>'cmd',
58 'general_param'=>'cmd'
59 );
60
61
62
63 $this->_testRequestInstance =& new AkRequest();
64 $this->_testRequestInstance->init();
65
66 }
67
68 function tearDown()
69 {
70 unset($this->_testRequestInstance);
71
72 //We reset the original values
73 $_SESSION['request'] = $this->_original_values[0];
74 $_COOKIE = $this->_original_values[1];
75 $_POST = $this->_original_values[2];
76 $_GET = $this->_original_values[3];
77 $_REQUEST = $this->_original_values[4];
78 }
79
80
81 function Test_mergeRequest()
82 {
83 $gpc_param = get_magic_quotes_gpc() ? "Isn't it ironic" : 'Isn\\\'t it ironic';
84
85 $expected = array(
86 'cmd_param'=>'cmd',
87 'get_param'=>'get',
88 'post_param'=>'post',
89 'cookie_param'=>'cookie',
90 'session_param'=>'session',
91 'general_param'=>'session',
92 'ak'=>'/session_controller/session_action',
93 'gpc_param'=>$gpc_param,
94 );
95
96 $this->_testRequestInstance->_mergeRequest();
97
98 $this->assertEqual($this->_testRequestInstance->_request,$expected,'Comparing request precedence');
99 }
100
101
102 function Test_parseAkRequestString()
103 {
104 $expected_values = array('user','list','100');
105
106 $this->assertEqual($this->_testRequestInstance->_parseAkRequestString('/user/list/100'), $expected_values);
107 $this->assertEqual($this->_testRequestInstance->_parseAkRequestString('/user/list/100/'), $expected_values);
108 $this->assertEqual($this->_testRequestInstance->_parseAkRequestString('user/list/100/'), $expected_values);
109 $this->assertEqual($this->_testRequestInstance->_parseAkRequestString('user/list/100'), $expected_values);
110
111 $expected_keys = array('controller','action','id');
112 $this->assertEqual($this->_testRequestInstance->_parseAkRequestString('/:controller/:action/:id','/:'), $expected_keys);
113 $this->assertEqual($this->_testRequestInstance->_parseAkRequestString('/:controller/:action/:id/:','/:'), $expected_keys);
114 $this->assertEqual($this->_testRequestInstance->_parseAkRequestString('controller/:action/:id/:','/:'), $expected_keys);
115 $this->assertEqual($this->_testRequestInstance->_parseAkRequestString('controller/:action/:id','/:'), $expected_keys);
116 }
117
118
119
120 function test_for_getRemoteIp()
121 {
122 $Request = new AkRequest();
123
124 $Request->env = array('HTTP_CLIENT_IP'=>'64.68.15.10');
125 $this->assertEqual($Request->getRemoteIp(),'64.68.15.10');
126
127 $Request->env = array('HTTP_X_FORWARDED_FOR'=>'64.68.15.11');
128 $this->assertEqual($Request->getRemoteIp(),'64.68.15.11');
129
130 $Request->env = array('HTTP_X_FORWARDED_FOR'=>'364.68.15.11');
131 $this->assertEqual($Request->getRemoteIp(),'');
132
133 $Request->env = array('HTTP_X_FORWARDED_FOR'=>'3e4f:123f:c12a:5566:888e:9975:aaff:2344');
134 $this->assertEqual($Request->getRemoteIp(),'3e4f:123f:c12a:5566:888e:9975:aaff:2344');
135
136 $Request->env = array('HTTP_X_FORWARDED_FOR'=>'3e4f:123f:c12a:5566:888e:9975:aafg:2344');
137 $this->assertEqual($Request->getRemoteIp(),'');
138
139 $Request->env = array('HTTP_X_FORWARDED_FOR'=>'364.68.15.11,64.68.15.11');
140 $this->assertEqual($Request->getRemoteIp(),'64.68.15.11');
141
142 $Request->env = array('REMOTE_ADDR'=>'64.68.15.11');
143 $this->assertEqual($Request->getRemoteIp(),'64.68.15.11');
144 }
145
146 function test_for_getDomain()
147 {
148 $Request = new AkRequest();
149
150 $env_backup = $Request->env;
151
152 $Request->env['SERVER_NAME'] = 'localhost';
153 $Request->env['SERVER_ADDR'] = '127.0.0.1';
154
155 $this->assertEqual($Request->getDomain(), 'localhost');
156
157 $Request->_host = 'www.dev.akelos.com';
158
159 $this->assertEqual($Request->getDomain(),'akelos.com');
160 $this->assertEqual($Request->getDomain(2),'dev.akelos.com');
161
162 $Request->env = $env_backup;
163 }
164
165 function test_for_getSubDomains()
166 {
167 $Request = new AkRequest();
168
169 $env_backup = $Request->env;
170
171 $Request->_host = 'www.dev.akelos.com';
172
173 $this->assertEqual($Request->getSubdomains(), array('www','dev'));
174 $this->assertEqual($Request->getSubdomains(2),array('www'));
175
176 $Request->env = $env_backup;
177 }
178
179
180 function test_should_normalize_single_level_file_uploads()
181 {
182 $Request = new AkRequest();
183 $_FILES = array (
184 'image0' => array ( 'name' => 'mod_rewrite_cheat_sheet.pdf', 'type' => 'application/pdf', 'tmp_name' => '/tmp/php0JvZ0p', 'error' => 0, 'size' => 332133 ),
185 'image1' => array ( 'name' => 'microformats_cheat_sheet.pdf', 'type' => 'application/pdf', 'tmp_name' => '/tmp/phpKry1xs', 'error' => 0, 'size' => 427735 ),
186 'image2' => array ( 'name' => '', 'type' => '', 'tmp_name' => '', 'error' => 4, 'size' => 0 ) );
187 $normalized = array (
188 'image0' => array ( 'name' => 'mod_rewrite_cheat_sheet.pdf', 'type' => 'application/pdf', 'tmp_name' => '/tmp/php0JvZ0p', 'error' => 0, 'size' => 332133 ),
189 'image1' => array ( 'name' => 'microformats_cheat_sheet.pdf', 'type' => 'application/pdf', 'tmp_name' => '/tmp/phpKry1xs', 'error' => 0, 'size' => 427735 ));
190
191 $this->assertEqual($Request->_getNormalizedFilesArray(), $normalized);
192 }
193
194 function test_should_normalize_multi_level_but_flat_file_uploads()
195 {
196 $Request = new AkRequest();
197 $_FILES = array ( 'image' => array ( 'name' => array ( 'file' => array ( 'a' => 'mod_rewrite_cheat_sheet.pdf', 'b' => 'microformats_cheat_sheet.pdf', 'c' => '', ), ), 'type' => array ( 'file' => array ( 'a' => 'application/pdf', 'b' => 'application/pdf', 'c' => '', ), ), 'tmp_name' => array ( 'file' => array ( 'a' => '/tmp/phporGMwx', 'b' => '/tmp/phpGycyd6', 'c' => '', ), ), 'error' => array ( 'file' => array ( 'a' => 0, 'b' => 0, 'c' => 4, ), ), 'size' => array ( 'file' => array ( 'a' => 332133, 'b' => 427735, 'c' => 0, ), ), ), );
198 $normalized = array ( 'image' => array ( 'file' => array ( 'a' => array ( 'name' => 'mod_rewrite_cheat_sheet.pdf', 'tmp_name' => '/tmp/phporGMwx', 'size' => 332133, 'type' => 'application/pdf', 'error' => 0, ), 'b' => array ( 'name' => 'microformats_cheat_sheet.pdf', 'tmp_name' => '/tmp/phpGycyd6', 'size' => 427735, 'type' => 'application/pdf', 'error' => 0, ), ), ), );
199
200 $this->assertEqual($Request->_getNormalizedFilesArray(), $normalized);
201 }
202
203 function test_should_normalize_multi_level_as_array_file_uploads()
204 {
205 $Request = new AkRequest();
206 $_FILES = array ( 'image' => array ( 'name' => array ( 'file' => array ( 0 => 'mod_rewrite_cheat_sheet.pdf', 1 => 'microformats_cheat_sheet.pdf', 2 => '', ), ), 'type' => array ( 'file' => array ( 0 => 'application/pdf', 1 => 'application/pdf', 2 => '', ), ), 'tmp_name' => array ( 'file' => array ( 0 => '/tmp/phpoOcNXs', 1 => '/tmp/php4xVEbv', 2 => '', ), ), 'error' => array ( 'file' => array ( 0 => 0, 1 => 0, 2 => 4, ), ), 'size' => array ( 'file' => array ( 0 => 332133, 1 => 427735, 2 => 0, ), ), ), );
207 $normalized = array ( 'image' => array ( 'file' => array ( 0 => array ( 'name' => 'mod_rewrite_cheat_sheet.pdf', 'tmp_name' => '/tmp/phpoOcNXs', 'size' => 332133, 'type' => 'application/pdf', 'error' => 0, ), 1 => array ( 'name' => 'microformats_cheat_sheet.pdf', 'tmp_name' => '/tmp/php4xVEbv', 'size' => 427735, 'type' => 'application/pdf', 'error' => 0, ), ), ), );
208
209 $this->assertEqual($Request->_getNormalizedFilesArray(), $normalized);
210 }
211
212 function test_should_normalize_simple_level_as_array_file_uploads()
213 {
214 $Request = new AkRequest();
215 $_FILES = array ( 'image' => array ( 'name' => array ( 0 => 'mod_rewrite_cheat_sheet.pdf', 1 => 'microformats_cheat_sheet.pdf', 2 => '', ), 'type' => array ( 0 => 'application/pdf', 1 => 'application/pdf', 2 => '', ), 'tmp_name' => array ( 0 => '/tmp/phpXpfUKA', 1 => '/tmp/phpkB6MnX', 2 => '', ), 'error' => array ( 0 => 0, 1 => 0, 2 => 4, ), 'size' => array ( 0 => 332133, 1 => 427735, 2 => 0, ), ), );
216 $normalized = array ('image' => array (0 => array ('name' => 'mod_rewrite_cheat_sheet.pdf','tmp_name' => '/tmp/phpXpfUKA','size' => 332133,'type' => 'application/pdf','error' => 0),1 => array ('name' => 'microformats_cheat_sheet.pdf','tmp_name' => '/tmp/phpkB6MnX','size' => 427735,'type' => 'application/pdf','error' => 0)));
217 $this->assertEqual($Request->_getNormalizedFilesArray(), $normalized);
218 }
219
220 }
221
222
223 ?>
git-svn copy of the project.