+class phpbb_security_all_tests extends PHPUnit_Framework_TestSuite

+ /**

+ * Set up the required user object and server variables for the suites

+ */

+ protected function setUp()

+ {

+ global $user;

+

+ // Put this into a global function being run by every test to init a proper user session

+ $_SERVER['HTTP_HOST'] = 'localhost';

+ $_SERVER['SERVER_NAME'] = 'localhost';

+ $_SERVER['SERVER_ADDR'] = '127.0.0.1';

+ $_SERVER['SERVER_PORT'] = 80;

+ $_SERVER['REMOTE_ADDR'] = '127.0.0.1';

+ $_SERVER['QUERY_STRING'] = '';

+ $_SERVER['REQUEST_URI'] = '/tests/';

+ $_SERVER['SCRIPT_NAME'] = '/tests/index.php';

+ $_SERVER['PHP_SELF'] = '/tests/index.php';

+ $_SERVER['HTTP_USER_AGENT'] = 'Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14';

+ $_SERVER['HTTP_ACCEPT_LANGUAGE'] = 'de-de,de;q=0.8,en-us;q=0.5,en;q=0.3';

+

+/*

+ [HTTP_ACCEPT_ENCODING] => gzip,deflate

+ [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.7

+ DOCUMENT_ROOT] => /var/www/

+ [SCRIPT_FILENAME] => /var/www/tests/index.php

+*/

+

+ // Set no user and trick a bit to circumvent errors

+ $user = new user();

+ $user->lang = true;

+ $user->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : '';

+ $user->referer = (!empty($_SERVER['HTTP_REFERER'])) ? htmlspecialchars((string) $_SERVER['HTTP_REFERER']) : '';

+ $user->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? (string) $_SERVER['HTTP_X_FORWARDED_FOR'] : '';

+ $user->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));

+ $user->page = session::extract_current_page(PHPBB_ROOT_PATH);

+ }

+

+ protected function tearDown()

+ {

+ global $user;

+ $user = NULL;

+ }

+

+ // I bet there is a better method calling this... :)

+ $suite = new phpbb_security_all_tests('phpBB Security Fixes');

+ protected $error_triggered = false;

+

+ // array(Input -> redirect(), expected triggered error (else false), expected returned result url (else false))

+ array('data://x', false, 'http://localhost/phpBB'),

+ array('http://www.otherdomain.com/somescript.php', false, 'http://localhost/phpBB'),

+ array("http://localhost/phpBB/memberlist.php\n\rConnection: close", 'Tried to redirect to potentially insecure url.', false),

+ array('javascript:test', false, 'http://localhost/phpBB/../tests/javascript:test'),

+ array('http://localhost/phpBB/index.php;url=', 'Tried to redirect to potentially insecure url.', false),

+ $this->error_triggered = true;

+ public function test_redirect($test, $expected_error, $expected_result)

+ set_error_handler(array($this, 'own_error_handler'));

+ $result = redirect($test, true);

+

+ // If we expect no error and a returned result, we set the output string to be expected and check if an error was triggered (then fail instantly)

+ if ($expected_error === false)

+ {

+ $this->expectOutputString($expected_result);

+ print $result;

+ if ($this->error_triggered)

+ {

+ $this->fail();

+ }

+ }

+ // If we expect an error, we set the expected output string to the error and check if there was an error triggered.

+ else

+ {

+ $this->expectOutputString($expected_error);

+ if (!$this->error_triggered)

+ {

+ $this->fail();

+ }

+ $this->error_triggered = false;

+ }