aboutsummaryrefslogtreecommitdiffstats
path: root/tests/security
diff options
context:
space:
mode:
Diffstat (limited to 'tests/security')
-rw-r--r--tests/security/base.php (renamed from tests/security/all_tests.php)36
-rw-r--r--tests/security/extract_current_page_test.php (renamed from tests/security/extract_current_page.php)10
-rw-r--r--tests/security/hash_test.php21
-rw-r--r--tests/security/redirect_test.php (renamed from tests/security/redirect.php)14
4 files changed, 36 insertions, 45 deletions
diff --git a/tests/security/all_tests.php b/tests/security/base.php
index 8e3916733f..2658798237 100644
--- a/tests/security/all_tests.php
+++ b/tests/security/base.php
@@ -3,22 +3,11 @@
*
* @package testing
* @copyright (c) 2008 phpBB Group
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/
-if (!defined('PHPUnit_MAIN_METHOD'))
-{
- define('PHPUnit_MAIN_METHOD', 'phpbb_security_all_tests::main');
-}
-
-require_once 'test_framework/framework.php';
-require_once 'PHPUnit/TextUI/TestRunner.php';
-
-require_once 'security/extract_current_page.php';
-require_once 'security/redirect.php';
-
-class phpbb_security_all_tests extends PHPUnit_Framework_TestSuite
+abstract class phpbb_security_test_base extends phpbb_test_case
{
/**
* Set up the required user object and server variables for the suites
@@ -62,25 +51,4 @@ class phpbb_security_all_tests extends PHPUnit_Framework_TestSuite
global $user;
$user = NULL;
}
-
- public static function main()
- {
- PHPUnit_TextUI_TestRunner::run(self::suite());
- }
-
- public static function suite()
- {
- // I bet there is a better method calling this... :)
- $suite = new phpbb_security_all_tests('phpBB Security Fixes');
-
- $suite->addTestSuite('phpbb_security_extract_current_page_test');
- $suite->addTestSuite('phpbb_security_redirect_test');
-
- return $suite;
- }
-}
-
-if (PHPUnit_MAIN_METHOD == 'phpbb_security_all_tests::main')
-{
- phpbb_security_all_tests::main();
}
diff --git a/tests/security/extract_current_page.php b/tests/security/extract_current_page_test.php
index 8c72fe1440..4911f7b452 100644
--- a/tests/security/extract_current_page.php
+++ b/tests/security/extract_current_page_test.php
@@ -3,16 +3,16 @@
*
* @package testing
* @copyright (c) 2008 phpBB Group
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/
-require_once 'test_framework/framework.php';
+require_once dirname(__FILE__) . '/base.php';
-require_once '../phpBB/includes/functions.php';
-require_once '../phpBB/includes/session.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/session.php';
-class phpbb_security_extract_current_page_test extends phpbb_test_case
+class phpbb_security_extract_current_page_test extends phpbb_security_test_base
{
public static function security_variables()
{
diff --git a/tests/security/hash_test.php b/tests/security/hash_test.php
new file mode 100644
index 0000000000..0c2580c19b
--- /dev/null
+++ b/tests/security/hash_test.php
@@ -0,0 +1,21 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2011 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
+
+class phpbb_security_hash_test extends phpbb_test_case
+{
+ public function test_check_hash_with_phpass()
+ {
+ $this->assertTrue(phpbb_check_hash('test', '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1'));
+ $this->assertTrue(phpbb_check_hash('test', '$P$9isfrtKXWqrz8PvztXlL3.daw4U0zI1'));
+ $this->assertFalse(phpbb_check_hash('foo', '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1'));
+ }
+}
+
diff --git a/tests/security/redirect.php b/tests/security/redirect_test.php
index 37b0a5bb41..4848a938c6 100644
--- a/tests/security/redirect.php
+++ b/tests/security/redirect_test.php
@@ -3,16 +3,16 @@
*
* @package testing
* @copyright (c) 2008 phpBB Group
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/
-require_once 'test_framework/framework.php';
+require_once dirname(__FILE__) . '/base.php';
-require_once '../phpBB/includes/functions.php';
-require_once '../phpBB/includes/session.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/session.php';
-class phpbb_security_redirect_test extends phpbb_test_case
+class phpbb_security_redirect_test extends phpbb_security_test_base
{
public static function provider()
{
@@ -22,13 +22,15 @@ class phpbb_security_redirect_test extends phpbb_test_case
array('bad://localhost/phpBB/index.php', 'Tried to redirect to potentially insecure url.', false),
array('http://www.otherdomain.com/somescript.php', false, 'http://localhost/phpBB'),
array("http://localhost/phpBB/memberlist.php\n\rConnection: close", 'Tried to redirect to potentially insecure url.', false),
- array('javascript:test', false, 'http://localhost/phpBB/../tests/javascript:test'),
+ array('javascript:test', false, 'http://localhost/phpBB/../javascript:test'),
array('http://localhost/phpBB/index.php;url=', 'Tried to redirect to potentially insecure url.', false),
);
}
protected function setUp()
{
+ parent::setUp();
+
$GLOBALS['config'] = array(
'force_server_vars' => '0',
);
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-02 05:34:17 +0000