Translation update done using Pootle.
[phpmyadmin/ammaryasirr.git] / test / libraries / PMA_sanitize_test.php
blob3f0cbf1d97014a43798c64a3b311aae03a411af0
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * tests for PMA_sanitize()
6 * @package phpMyAdmin-test
7 */
9 /*
10 * Include to test
12 require_once 'libraries/sanitizing.lib.php';
13 require_once 'libraries/url_generating.lib.php';
14 require_once 'libraries/core.lib.php';
16 class PMA_sanitize_test extends PHPUnit_Framework_TestCase
18 function setUp()
20 $_SESSION[' PMA_token '] = 'token';
23 /**
24 * Tests for proper escaping of XSS.
26 public function testXssInHref()
28 $this->assertEquals('[a@javascript:alert(\'XSS\');@target]link</a>',
29 PMA_sanitize('[a@javascript:alert(\'XSS\');@target]link[/a]'));
32 /**
33 * Tests correct generating of link redirector.
35 public function testLink()
37 unset($GLOBALS['server']);
38 unset($GLOBALS['lang']);
39 $this->assertEquals('<a href="./url.php?url=http%3A%2F%2Fwww.phpmyadmin.net%2F&amp;token=token" target="target">link</a>',
40 PMA_sanitize('[a@http://www.phpmyadmin.net/@target]link[/a]'));
43 /**
44 * Tests links to documentation.
46 public function testLinkDoc()
48 $this->assertEquals('<a href="./Documentation.html">doc</a>',
49 PMA_sanitize('[a@./Documentation.html]doc[/a]'));
52 /**
53 * Tests link target validation.
55 public function testInvalidTarget()
57 $this->assertEquals('[a@./Documentation.html@INVALID9]doc</a>',
58 PMA_sanitize('[a@./Documentation.html@INVALID9]doc[/a]'));
61 /**
62 * Tests XSS escaping after valid link.
64 public function testLinkDocXss()
66 $this->assertEquals('[a@./Documentation.html" onmouseover="alert(foo)"]doc</a>',
67 PMA_sanitize('[a@./Documentation.html" onmouseover="alert(foo)"]doc[/a]'));
70 /**
71 * Tests proper handling of multi link code.
73 public function testLinkAndXssInHref()
75 $this->assertEquals('<a href="./Documentation.html">doc</a>[a@javascript:alert(\'XSS\');@target]link</a>',
76 PMA_sanitize('[a@./Documentation.html]doc[/a][a@javascript:alert(\'XSS\');@target]link[/a]'));
79 /**
80 * Test escaping of HTML tags
82 public function testHtmlTags()
84 $this->assertEquals('&lt;div onclick=""&gt;',
85 PMA_sanitize('<div onclick="">'));
88 /**
89 * Tests basic BB code.
91 public function testBBCode()
93 $this->assertEquals('<strong>strong</strong>',
94 PMA_sanitize('[b]strong[/b]'));
97 /**
98 * Tests output escaping.
100 public function testEscape()
102 $this->assertEquals('&lt;strong&gt;strong&lt;/strong&gt;',
103 PMA_sanitize('[strong]strong[/strong]', true));