3 * Tests, without pHPUnit by now
7 require_once("include/template_processor.php");
8 require_once('include/text.php');
10 class AntiXSSTest extends PHPUnit_Framework_TestCase {
12 public function setUp() {
14 get_include_path() . PATH_SEPARATOR
\r
15 . 'include' . PATH_SEPARATOR
\r
16 . 'library' . PATH_SEPARATOR
\r
17 . 'library/phpsec' . PATH_SEPARATOR
\r
24 public function testEscapeTags() {
25 $invalidstring='<submit type="button" onclick="alert(\'failed!\');" />';
27 $validstring=notags($invalidstring);
28 $escapedString=escape_tags($invalidstring);
30 $this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring);
31 $this->assertEquals("<submit type="button" onclick="alert('failed!');" />", $escapedString);
35 *autonames should be random, even length
37 public function testAutonameEven() {
38 $autoname1=autoname(10);
39 $autoname2=autoname(10);
41 $this->assertNotEquals($autoname1, $autoname2);
45 *autonames should be random, odd length
47 public function testAutonameOdd() {
48 $autoname1=autoname(9);
49 $autoname2=autoname(9);
51 $this->assertNotEquals($autoname1, $autoname2);
55 * try to fail autonames
57 public function testAutonameNoLength() {
58 $autoname1=autoname(0);
59 $this->assertEquals(0, count($autoname1));
62 public function testAutonameNegativeLength() {
63 $autoname1=autoname(-23);
64 $this->assertEquals(0, count($autoname1));
67 // public function testAutonameMaxLength() {
68 // $autoname2=autoname(PHP_INT_MAX);
69 // $this->assertEquals(PHP_INT_MAX, count($autoname2));
72 public function testAutonameLength1() {
73 $autoname3=autoname(1);
74 $this->assertEquals(1, count($autoname3));
80 public function testXmlify() {
81 $text="<tag>I want to break\n this!11!<?hard?></tag>";
82 $xml=xmlify($text); //test whether it actually may be part of a xml document
83 $retext=unxmlify($text);
85 $this->assertEquals($text, $retext);
89 * test hex2bin and reverse
92 public function testHex2Bin() {
93 $this->assertEquals(-3, hex2bin(bin2hex(-3)));
94 $this->assertEquals(0, hex2bin(bin2hex(0)));
95 $this->assertEquals(12, hex2bin(bin2hex(12)));
96 $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX)));
102 public function testExpandAclNormal() {
104 $this->assertEquals(array(1, 2, 3), expand_acl($text));
107 public function testExpandAclBigNumber() {
108 $text="<1><279012><15>";
109 $this->assertEquals(array(1, 279012, 15), expand_acl($text));
112 public function testExpandAclString() {
113 $text="<1><279012><tt>"; //maybe that's invalid
114 $this->assertEquals(array(1, 279012, 'tt'), expand_acl($text));
117 public function testExpandAclSpace() {
118 $text="<1><279 012><32>"; //maybe that's invalid
119 $this->assertEquals(array(1, "279 012", "32"), expand_acl($text));
122 public function testExpandAclEmpty() {
123 $text=""; //maybe that's invalid
124 $this->assertEquals(array(), expand_acl($text));
127 public function testExpandAclNoBrackets() {
128 $text="According to documentation, that's invalid. "; //should be invalid
129 $this->assertEquals(array(), expand_acl($text));
132 public function testExpandAclJustOneBracket1() {
133 $text="<Another invalid string"; //should be invalid
134 $this->assertEquals(array(), expand_acl($text));
137 public function testExpandAclJustOneBracket2() {
138 $text="Another invalid> string"; //should be invalid
139 $this->assertEquals(array(), expand_acl($text));
142 public function testExpandAclCloseOnly() {
143 $text="Another> invalid> string>"; //should be invalid
144 $this->assertEquals(array(), expand_acl($text));
147 public function testExpandAclOpenOnly() {
148 $text="<Another< invalid string<"; //should be invalid
149 $this->assertEquals(array(), expand_acl($text));
152 public function testExpandAclNoMatching1() {
153 $text="<Another<> invalid <string>"; //should be invalid
154 $this->assertEquals(array(), expand_acl($text));
157 public function testExpandAclNoMatching2() {
159 $this->assertEquals(array(), expand_acl($text));
163 * test attribute contains
165 public function testAttributeContains1() {
166 $testAttr="class1 notclass2 class3";
167 $this->assertTrue(attribute_contains($testAttr, "class3"));
168 $this->assertFalse(attribute_contains($testAttr, "class2"));
172 * test attribute contains
174 public function testAttributeContains2() {
175 $testAttr="class1 not-class2 class3";
176 $this->assertTrue(attribute_contains($testAttr, "class3"));
177 $this->assertFalse(attribute_contains($testAttr, "class2"));
180 public function testAttributeContainsEmpty() {
182 $this->assertFalse(attribute_contains($testAttr, "class2"));
185 public function testAttributeContainsSpecialChars() {
186 $testAttr="--... %\$รค() /(=?}";
187 $this->assertFalse(attribute_contains($testAttr, "class2"));
193 public function testGetTagsShortPerson() {
196 $tags=get_tags($text);
198 $this->assertEquals("@Mike", $tags[0]);
201 public function testGetTagsShortTag() {
\r
202 $text="This is a #test_case";
\r
204 $tags=get_tags($text);
\r
206 $this->assertEquals("#test_case", $tags[0]);
\r
209 public function testGetTagsShortTagAndPerson() {
\r
210 $text="hi @Mike This is a #test_case";
\r
212 $tags=get_tags($text);
\r
214 $this->assertEquals("@Mike", $tags[0]);
\r
215 $this->assertEquals("#test_case", $tags[1]);
\r
218 public function testGetTagsShortTagAndPersonSpecialChars() {
\r
219 $text="hi @Mike, This is a #test_case.";
\r
221 $tags=get_tags($text);
\r
223 $this->assertEquals("@Mike", $tags[0]);
\r
224 $this->assertEquals("#test_case", $tags[1]);
\r
227 public function testGetTagsPersonOnly() {
228 $text="@Mike I saw the Theme Dev group was created.";
230 $tags=get_tags($text);
\r
232 $this->assertEquals("@Mike", $tags[0]);
235 public function testGetTags2Persons1TagSpecialChars() {
\r
236 $text="hi @Mike, I'm just writing #test_cases, so"
237 ." so @somebody@friendica.com may change #things.";
\r
239 $tags=get_tags($text);
\r
241 $this->assertEquals("@Mike", $tags[0]);
\r
242 $this->assertEquals("#test_cases", $tags[1]);
243 $this->assertEquals("@somebody@friendica.com", $tags[2]);
244 $this->assertEquals("#things", $tags[3]);
\r
247 public function testGetTags() {
248 $text="hi @Mike, I'm just writing #test_cases, "
249 ." so @somebody@friendica.com may change #things. Of course I "
250 ."look for a lot of #pitfalls, like #tags at the end of a sentence "
251 ."@comment. I hope noone forgets about @fullstops.because that might"
252 ." break #things. @Mike@campino@friendica.eu is also #nice, isn't it? "
253 ."Now, add a @first_last tag. ";
254 //check whether this are all variants (no, auto-stuff is missing).
256 $tags=get_tags($text);
258 $this->assertEquals("@Mike", $tags[0]);
259 $this->assertEquals("#test_cases", $tags[1]);
260 $this->assertEquals("@somebody@friendica.com", $tags[2]);
261 $this->assertEquals("#things", $tags[3]);
262 $this->assertEquals("#pitfalls", $tags[4]);
263 $this->assertEquals("#tags", $tags[5]);
264 $this->assertEquals("@comment", $tags[6]);
265 $this->assertEquals("@fullstops", $tags[7]);
266 $this->assertEquals("#things", $tags[8]);
267 $this->assertEquals("@Mike", $tags[9]);
268 $this->assertEquals("@campino@friendica.eu", $tags[10]);
269 $this->assertEquals("#nice", $tags[11]);
270 $this->assertEquals("@first_last", $tags[12]);
273 public function testGetTagsEmpty() {
275 $this->assertEquals(0, count($tags));
277 //function qp, quick and dirty??
279 //get_contact_block, bis Zeile 538