3 * tests several functions which are used to prevent xss attacks
8 require_once('include/text.php');
10 class AntiXSSTest extends PHPUnit_Framework_TestCase {
13 * test, that tags are escaped
15 public function testEscapeTags() {
16 $invalidstring='<submit type="button" onclick="alert(\'failed!\');" />';
18 $validstring=notags($invalidstring);
19 $escapedString=escape_tags($invalidstring);
21 $this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring);
22 $this->assertEquals("<submit type="button" onclick="alert('failed!');" />", $escapedString);
28 public function testXmlify() {
29 $text="<tag>I want to break\n this!11!<?hard?></tag>";
31 $retext=unxmlify($text);
33 $this->assertEquals($text, $retext);
37 * xmlify and put in a document
\r
39 public function testXmlifyDocument() {
\r
40 $tag="<tag>I want to break</tag>";
\r
42 $text='<text>'.$xml.'</text>';
\r
44 $xml_parser=xml_parser_create();
45 //should be possible to parse it
46 $values=array(); $index=array();
47 $this->assertEquals(1, xml_parse_into_struct($xml_parser, $text, $values, $index));
49 $this->assertEquals(array('TEXT'=>array(0)),
51 $this->assertEquals(array(array('tag'=>'TEXT', 'type'=>'complete', 'level'=>1, 'value'=>$tag)),
\r
54 xml_parser_free($xml_parser);
\r
58 * test hex2bin and reverse
60 public function testHex2Bin() {
61 $this->assertEquals(-3, hex2bin(bin2hex(-3)));
62 $this->assertEquals(0, hex2bin(bin2hex(0)));
63 $this->assertEquals(12, hex2bin(bin2hex(12)));
64 $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX)));
67 //function qp, quick and dirty??
69 //get_contact_block, bis Zeile 538