diff options
author | Maat <maat-pub@mageia.biz> | 2020-05-08 21:52:11 +0200 |
---|---|---|
committer | Maat <maat-pub@mageia.biz> | 2020-05-08 21:52:11 +0200 |
commit | 8ea437e30605e0f66b5220bf904a61d7c1d11ddd (patch) | |
tree | e0db2bb4a012d5b06a633160b19f62f4868ecd28 /tests/functional/user_password_reset_test.php | |
parent | 36bc1870f21fac04736a1049c1d5b8e127d729f4 (diff) | |
parent | 2fdd46b36431ae0f58bb2e78e42553168db9a0ff (diff) | |
download | forums-8ea437e30605e0f66b5220bf904a61d7c1d11ddd.tar forums-8ea437e30605e0f66b5220bf904a61d7c1d11ddd.tar.gz forums-8ea437e30605e0f66b5220bf904a61d7c1d11ddd.tar.bz2 forums-8ea437e30605e0f66b5220bf904a61d7c1d11ddd.tar.xz forums-8ea437e30605e0f66b5220bf904a61d7c1d11ddd.zip |
Merge remote-tracking branch 'upstream/prep-release-3.2.9'
Diffstat (limited to 'tests/functional/user_password_reset_test.php')
-rw-r--r-- | tests/functional/user_password_reset_test.php | 57 |
1 files changed, 44 insertions, 13 deletions
diff --git a/tests/functional/user_password_reset_test.php b/tests/functional/user_password_reset_test.php index 3da78407cf..2361eed066 100644 --- a/tests/functional/user_password_reset_test.php +++ b/tests/functional/user_password_reset_test.php @@ -21,25 +21,56 @@ class phpbb_functional_user_password_reset_test extends phpbb_functional_test_ca public function test_password_reset() { $this->add_lang('ucp'); - $user_id = $this->create_user('reset-password-test-user'); + $user_id = $this->create_user('reset-password-test-user', 'reset-password-test-user@test.com'); + // test without email + $crawler = self::request('GET', "ucp.php?mode=sendpassword&sid={$this->sid}"); + $form = $crawler->selectButton('submit')->form(); + $crawler = self::submit($form); + $this->assertContainsLang('NO_EMAIL_USER', $crawler->text()); + + // test with non-existent email $crawler = self::request('GET', "ucp.php?mode=sendpassword&sid={$this->sid}"); $form = $crawler->selectButton('submit')->form(array( - 'username' => 'reset-password-test-user', + 'email' => 'non-existent@email.com', )); $crawler = self::submit($form); - $this->assertContainsLang('NO_EMAIL_USER', $crawler->text()); + $this->assertContainsLang('PASSWORD_UPDATED_IF_EXISTED', $crawler->text()); + // test with correct email $crawler = self::request('GET', "ucp.php?mode=sendpassword&sid={$this->sid}"); $form = $crawler->selectButton('submit')->form(array( - 'username' => 'reset-password-test-user', - 'email' => 'nobody@example.com', + 'email' => 'reset-password-test-user@test.com', + )); + $crawler = self::submit($form); + $this->assertContainsLang('PASSWORD_UPDATED_IF_EXISTED', $crawler->text()); + + // Check if columns in database were updated for password reset + $this->get_user_data('reset-password-test-user'); + $this->assertNotNull($this->user_data['user_actkey']); + $this->assertNotNull($this->user_data['user_newpasswd']); + + // Create another user with the same email + $this->create_user('reset-password-test-user1', 'reset-password-test-user@test.com'); + + // Test that username is now also required + $crawler = self::request('GET', "ucp.php?mode=sendpassword&sid={$this->sid}"); + $form = $crawler->selectButton('submit')->form(array( + 'email' => 'reset-password-test-user@test.com', + )); + $crawler = self::submit($form); + $this->assertContainsLang('EMAIL_NOT_UNIQUE', $crawler->text()); + + // Provide both username and email + $form = $crawler->selectButton('submit')->form(array( + 'email' => 'reset-password-test-user@test.com', + 'username' => 'reset-password-test-user1', )); $crawler = self::submit($form); - $this->assertContainsLang('PASSWORD_UPDATED', $crawler->text()); + $this->assertContainsLang('PASSWORD_UPDATED_IF_EXISTED', $crawler->text()); // Check if columns in database were updated for password reset - $this->get_user_data(); + $this->get_user_data('reset-password-test-user1'); $this->assertNotNull($this->user_data['user_actkey']); $this->assertNotNull($this->user_data['user_newpasswd']); @@ -73,7 +104,7 @@ class phpbb_functional_user_password_reset_test extends phpbb_functional_test_ca public function test_activate_new_password($expected, $user_id, $act_key) { $this->add_lang('ucp'); - $this->get_user_data(); + $this->get_user_data('reset-password-test-user'); $user_id = (!$user_id) ? $this->user_data['user_id'] : $user_id; $act_key = (!$act_key) ? $this->user_data['user_actkey'] : $act_key; @@ -119,7 +150,7 @@ class phpbb_functional_user_password_reset_test extends phpbb_functional_test_ca public function test_acivateAfterDeactivate() { // User is active, actkey should not exist - $this->get_user_data(); + $this->get_user_data('reset-password-test-user'); $this->assertEmpty($this->user_data['user_actkey']); $this->login(); @@ -143,7 +174,7 @@ class phpbb_functional_user_password_reset_test extends phpbb_functional_test_ca $crawler = self::request('GET', preg_replace('#(.+)(adm/index.php.+)#', '$2', $link->getUri())); // Ensure again that actkey is empty after deactivation - $this->get_user_data(); + $this->get_user_data('reset-password-test-user'); $this->assertEmpty($this->user_data['user_actkey']); // Force reactivation of account and check that act key is not empty anymore @@ -152,16 +183,16 @@ class phpbb_functional_user_password_reset_test extends phpbb_functional_test_ca $crawler = self::submit($form, array('action' => 'reactivate')); $this->assertContainsLang('FORCE_REACTIVATION_SUCCESS', $crawler->filter('html')->text()); - $this->get_user_data(); + $this->get_user_data('reset-password-test-user'); $this->assertNotEmpty($this->user_data['user_actkey']); } - protected function get_user_data() + protected function get_user_data($username) { $db = $this->get_db(); $sql = 'SELECT user_id, username, user_type, user_email, user_newpasswd, user_lang, user_notify_type, user_actkey, user_inactive_reason FROM ' . USERS_TABLE . " - WHERE username = 'reset-password-test-user'"; + WHERE username = '" . $db->sql_escape($username) . "'"; $result = $db->sql_query($sql); $this->user_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); |