diff options
| -rw-r--r-- | tests/functional/fileupload_form_test.php | 62 | ||||
| -rw-r--r-- | tests/functional/fileupload_remote_test.php | 72 | ||||
| -rw-r--r-- | tests/functional/fixtures/files/empty.png | 0 | ||||
| -rw-r--r-- | tests/functional/fixtures/files/illegal-extension.bif | bin | 0 -> 519 bytes | |||
| -rw-r--r-- | tests/functional/fixtures/files/too-large.png | bin | 0 -> 284717 bytes | |||
| -rw-r--r-- | tests/functional/fixtures/files/valid.jpg | bin | 0 -> 554 bytes | |||
| -rw-r--r-- | tests/mock/filespec.php | 32 | ||||
| -rw-r--r-- | tests/mock/fileupload.php | 52 | ||||
| -rw-r--r-- | tests/upload/filespec_test.php | 275 | ||||
| -rw-r--r-- | tests/upload/fileupload_test.php | 115 | ||||
| -rw-r--r-- | tests/upload/fixture/copies/.gitkeep | 0 | ||||
| -rw-r--r-- | tests/upload/fixture/gif | bin | 0 -> 35 bytes | |||
| -rw-r--r-- | tests/upload/fixture/jpg | bin | 0 -> 519 bytes | |||
| -rw-r--r-- | tests/upload/fixture/png | bin | 0 -> 69 bytes | |||
| -rw-r--r-- | tests/upload/fixture/tif | bin | 0 -> 256 bytes | |||
| -rw-r--r-- | tests/upload/fixture/txt | 2 |
16 files changed, 610 insertions, 0 deletions
diff --git a/tests/functional/fileupload_form_test.php b/tests/functional/fileupload_form_test.php new file mode 100644 index 0000000000..6ba55eeba7 --- /dev/null +++ b/tests/functional/fileupload_form_test.php @@ -0,0 +1,62 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2012 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +/** + * @group functional + */ +class phpbb_functional_fileupload_form_test extends phpbb_functional_test_case +{ + private $path; + + public function setUp() + { + parent::setUp(); + $this->path = __DIR__ . '/fixtures/files/'; + $this->add_lang('posting'); + $this->login(); + } + + public function test_empty_file() + { + $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid); + $form = $crawler->selectButton('add_file')->form(); + $form['fileupload']->upload($this->path . 'empty.png'); + $crawler = $this->client->submit($form); + $this->assertEquals($this->lang('ATTACHED_IMAGE_NOT_IMAGE'), $crawler->filter('div#message p')->text()); + } + + public function test_invalid_extension() + { + $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid); + $form = $crawler->selectButton('add_file')->form(); + $form['fileupload']->upload($this->path . 'illegal-extension.bif'); + $crawler = $this->client->submit($form); + $this->assertEquals($this->lang('DISALLOWED_EXTENSION', 'bif'), $crawler->filter('p.error')->text()); + } + + public function test_too_large() + { + $this->markTestIncomplete('Functional tests use an admin account which ignores maximum upload size.'); + $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid); + $form = $crawler->selectButton('add_file')->form(); + $form['fileupload']->upload($this->path . 'too-large.png'); + $crawler = $this->client->submit($form); + $this->assertEquals($this->lang('WRONG_FILESIZE', '256', 'KiB'), $crawler->filter('p.error')->text()); + } + + public function test_valid_file() + { + $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid); + $form = $crawler->selectButton('add_file')->form(); + $form['fileupload']->upload($this->path . 'valid.jpg'); + $crawler = $this->client->submit($form); + $this->assertEquals(0, $crawler->filter('p.error')->count()); + $this->assertContains($this->lang('POSTED_ATTACHMENTS'), $crawler->filter('#postform h3')->eq(1)->text()); + } +} diff --git a/tests/functional/fileupload_remote_test.php b/tests/functional/fileupload_remote_test.php new file mode 100644 index 0000000000..0deb79acf6 --- /dev/null +++ b/tests/functional/fileupload_remote_test.php @@ -0,0 +1,72 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2012 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +/** + * @group functional + */ +class phpbb_functional_fileupload_remote_test extends phpbb_functional_test_case +{ + public function setUp() + { + parent::setUp(); + // Only doing this within the functional framework because we need a + // URL + + // Global $config required by unique_id + // Global $user required by fileupload::remote_upload + global $config, $user; + + if (!is_array($config)) + { + $config = array(); + } + + $config['rand_seed'] = ''; + $config['rand_seed_last_update'] = time() + 600; + + $user = new phpbb_mock_user(); + $user->lang = new phpbb_mock_lang(); + } + + public function tearDown() + { + global $config, $user; + $user = null; + $config = array(); + } + + public function test_invalid_extension() + { + $upload = new fileupload('', array('jpg'), 100); + $file = $upload->remote_upload('http://example.com/image.gif'); + $this->assertEquals('URL_INVALID', $file->error[0]); + } + + public function test_non_existant() + { + $upload = new fileupload('', array('jpg'), 100); + $file = $upload->remote_upload('http://example.com/image.jpg'); + $this->assertEquals('EMPTY_REMOTE_DATA', $file->error[0]); + } + + public function test_successful_upload() + { + $upload = new fileupload('', array('gif'), 1000); + $file = $upload->remote_upload($this->root_url . 'styles/prosilver/theme/images/forum_read.gif'); + $this->assertEquals(0, sizeof($file->error)); + $this->assertTrue(file_exists($file->filename)); + } + + public function test_too_large() + { + $upload = new fileupload('', array('gif'), 100); + $file = $upload->remote_upload($this->root_url . 'styles/prosilver/theme/images/forum_read.gif'); + $this->assertEquals('WRONG_FILESIZE', $file->error[0]); + } +} diff --git a/tests/functional/fixtures/files/empty.png b/tests/functional/fixtures/files/empty.png new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/tests/functional/fixtures/files/empty.png diff --git a/tests/functional/fixtures/files/illegal-extension.bif b/tests/functional/fixtures/files/illegal-extension.bif Binary files differnew file mode 100644 index 0000000000..3cd5038e38 --- /dev/null +++ b/tests/functional/fixtures/files/illegal-extension.bif diff --git a/tests/functional/fixtures/files/too-large.png b/tests/functional/fixtures/files/too-large.png Binary files differnew file mode 100644 index 0000000000..ed4b0abd80 --- /dev/null +++ b/tests/functional/fixtures/files/too-large.png diff --git a/tests/functional/fixtures/files/valid.jpg b/tests/functional/fixtures/files/valid.jpg Binary files differnew file mode 100644 index 0000000000..95a87ddbdf --- /dev/null +++ b/tests/functional/fixtures/files/valid.jpg diff --git a/tests/mock/filespec.php b/tests/mock/filespec.php new file mode 100644 index 0000000000..9d2a5c84de --- /dev/null +++ b/tests/mock/filespec.php @@ -0,0 +1,32 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2012 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +/** + * Mock filespec class with some basic values to help with testing the + * fileupload class + */ +class phpbb_mock_filespec +{ + public $filesize; + public $realname; + public $extension; + public $width; + public $height; + public $error = array(); + + public function check_content($disallowed_content) + { + return true; + } + + public function get($property) + { + return $this->$property; + } +} diff --git a/tests/mock/fileupload.php b/tests/mock/fileupload.php new file mode 100644 index 0000000000..409036ba63 --- /dev/null +++ b/tests/mock/fileupload.php @@ -0,0 +1,52 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2012 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +/** + * Mock fileupload class with some basic values to help with testing the + * filespec class + */ +class phpbb_mock_fileupload +{ + public $max_filesize = 100; + public $error_prefix = ''; + + public function valid_dimensions($filespec) + { + return true; + } + + /** + * Copied verbatim from phpBB/includes/functions_upload.php's fileupload + * class to ensure the correct behaviour of filespec::move_file. + * + * Maps file extensions to the constant in second index of the array + * returned by getimagesize() + */ + public function image_types() + { + return array( + IMAGETYPE_GIF => array('gif'), + IMAGETYPE_JPEG => array('jpg', 'jpeg'), + IMAGETYPE_PNG => array('png'), + IMAGETYPE_SWF => array('swf'), + IMAGETYPE_PSD => array('psd'), + IMAGETYPE_BMP => array('bmp'), + IMAGETYPE_TIFF_II => array('tif', 'tiff'), + IMAGETYPE_TIFF_MM => array('tif', 'tiff'), + IMAGETYPE_JPC => array('jpg', 'jpeg'), + IMAGETYPE_JP2 => array('jpg', 'jpeg'), + IMAGETYPE_JPX => array('jpg', 'jpeg'), + IMAGETYPE_JB2 => array('jpg', 'jpeg'), + IMAGETYPE_SWC => array('swc'), + IMAGETYPE_IFF => array('iff'), + IMAGETYPE_WBMP => array('wbmp'), + IMAGETYPE_XBM => array('xbm'), + ); + } +} diff --git a/tests/upload/filespec_test.php b/tests/upload/filespec_test.php new file mode 100644 index 0000000000..c7ff2e78e0 --- /dev/null +++ b/tests/upload/filespec_test.php @@ -0,0 +1,275 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2012 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once __DIR__ . '/../../phpBB/includes/functions.php'; +require_once __DIR__ . '/../../phpBB/includes/utf/utf_tools.php'; +require_once __DIR__ . '/../../phpBB/includes/functions_upload.php'; + +class phpbb_filespec_test extends phpbb_test_case +{ + const TEST_COUNT = 100; + const PREFIX = 'phpbb_'; + const MAX_STR_LEN = 50; + const UPLOAD_MAX_FILESIZE = 1000; + + private $config; + public $path; + + protected function setUp() + { + // Global $config required by unique_id + // Global $user required by filespec::additional_checks and + // filespec::move_file + global $config, $user; + + if (!is_array($config)) + { + $config = array(); + } + + $config['rand_seed'] = ''; + $config['rand_seed_last_update'] = time() + 600; + // This config value is normally pulled from the database which is set + // to this value at install time. + // See: phpBB/install/schemas/schema_data.sql + $config['mime_triggers'] = 'body|head|html|img|plaintext|a href|pre|script|table|title'; + + $user = new phpbb_mock_user(); + $user->lang = new phpbb_mock_lang(); + + $this->config = &$config; + $this->path = __DIR__ . '/fixture/'; + + // Create copies of the files for use in testing move_file + $iterator = new DirectoryIterator($this->path); + foreach ($iterator as $fileinfo) + { + if ($fileinfo->isDot() || $fileinfo->isDir()) + { + continue; + } + + copy($fileinfo->getPathname(), $this->path . 'copies/' . $fileinfo->getFilename() . '_copy'); + if ($fileinfo->getFilename() === 'txt') + { + copy($fileinfo->getPathname(), $this->path . 'copies/' . $fileinfo->getFilename() . '_copy_2'); + } + } + } + + private function get_filespec($override = array()) + { + // Initialise a blank filespec object for use with trivial methods + $upload_ary = array( + 'name' => '', + 'type' => '', + 'size' => '', + 'tmp_name' => '', + 'error' => '', + ); + + return new filespec(array_merge($upload_ary, $override), null); + } + + protected function tearDown() + { + global $user; + $this->config = array(); + $user = null; + + $iterator = new DirectoryIterator($this->path . 'copies'); + foreach ($iterator as $fileinfo) + { + $name = $fileinfo->getFilename(); + if ($name[0] !== '.') + { + unlink($fileinfo->getPathname()); + } + } + } + + public function additional_checks_variables() + { + // False here just indicates the file is too large and fails the + // filespec::additional_checks method because of it. All other code + // paths in that method are covered elsewhere. + return array( + array('gif', true), + array('jpg', false), + array('png', true), + array('tif', false), + array('txt', false), + ); + } + + /** + * @dataProvider additional_checks_variables + */ + public function test_additional_checks($filename, $expected) + { + $upload = new phpbb_mock_fileupload(); + $filespec = $this->get_filespec(); + $filespec->upload = $upload; + $filespec->file_moved = true; + $filespec->filesize = $filespec->get_filesize($this->path . $filename); + + $this->assertEquals($expected, $filespec->additional_checks()); + } + + public function check_content_variables() + { + // False here indicates that a file is non-binary and contains + // disallowed content that makes IE report the mimetype incorrectly. + return array( + array('gif', true), + array('jpg', true), + array('png', true), + array('tif', true), + array('txt', false), + ); + } + + /** + * @dataProvider check_content_variables + */ + public function test_check_content($filename, $expected) + { + $disallowed_content = explode('|', $this->config['mime_triggers']); + $filespec = $this->get_filespec(array('tmp_name' => $this->path . $filename)); + $this->assertEquals($expected, $filespec->check_content($disallowed_content)); + } + + public function clean_filename_variables() + { + $chunks = str_split('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ\'\\" /:*?<>|[];(){},#+=-_`', 8); + return array( + array($chunks[0] . $chunks[7]), + array($chunks[1] . $chunks[8]), + array($chunks[2] . $chunks[9]), + array($chunks[3] . $chunks[4]), + array($chunks[5] . $chunks[6]), + ); + } + + /** + * @dataProvider clean_filename_variables + */ + public function test_clean_filename_real($filename) + { + $bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|'); + $filespec = $this->get_filespec(array('name' => $filename)); + $filespec->clean_filename('real', self::PREFIX); + $name = $filespec->realname; + + $this->assertEquals(0, preg_match('/%(\w{2})/', $name)); + foreach ($bad_chars as $char) + { + $this->assertFalse(strpos($name, $char)); + } + } + + public function test_clean_filename_unique() + { + $filenames = array(); + for ($tests = 0; $tests < self::TEST_COUNT; $tests++) + { + $filespec = $this->get_filespec(); + $filespec->clean_filename('unique', self::PREFIX); + $name = $filespec->realname; + + $this->assertEquals(strlen($name), 32 + strlen(self::PREFIX)); + $this->assertRegExp('#^[A-Za-z0-9]+$#', substr($name, strlen(self::PREFIX))); + $this->assertFalse(isset($filenames[$name])); + $filenames[$name] = true; + } + } + + public function get_extension_variables() + { + return array( + array('file.png', 'png'), + array('file.phpbb.gif', 'gif'), + array('file..', ''), + array('.file..jpg.webp', 'webp'), + ); + } + + /** + * @dataProvider get_extension_variables + */ + public function test_get_extension($filename, $expected) + { + $filespec = $this->get_filespec(); + $this->assertEquals($expected, $filespec->get_extension($filename)); + } + + public function is_image_variables() + { + return array( + array('gif', 'image/gif', true), + array('jpg', 'image/jpg', true), + array('png', 'image/png', true), + array('tif', 'image/tif', true), + array('txt', 'text/plain', false), + ); + } + + /** + * @dataProvider is_image_variables + */ + public function test_is_image($filename, $mimetype, $expected) + { + $filespec = $this->get_filespec(array('tmp_name' => $this->path . $filename, 'type' => $mimetype)); + $this->assertEquals($expected, $filespec->is_image()); + } + + public function move_file_variables() + { + return array( + array('gif_copy', 'gif_moved', 'image/gif', 'gif', false, true), + array('non_existant', 'still_non_existant', 'text/plain', 'txt', 'GENERAL_UPLOAD_ERROR', false), + array('txt_copy', 'txt_as_img', 'image/jpg', 'txt', false, true), + array('txt_copy_2', 'txt_moved', 'text/plain', 'txt', false, true), + array('jpg_copy', 'jpg_moved', 'image/png', 'jpg', false, true), + array('png_copy', 'png_moved', 'image/png', 'jpg', 'IMAGE_FILETYPE_MISMATCH', true), + ); + } + + /** + * @dataProvider move_file_variables + */ + public function test_move_file($tmp_name, $realname, $mime_type, $extension, $error, $expected) + { + // Global $phpbb_root_path and $phpEx are required by phpbb_chmod + global $phpbb_root_path, $phpEx; + $phpbb_root_path = ''; + $phpEx = 'php'; + + $upload = new phpbb_mock_fileupload(); + $upload->max_filesize = self::UPLOAD_MAX_FILESIZE; + + $filespec = $this->get_filespec(array( + 'tmp_name' => $this->path . 'copies/' . $tmp_name, + 'name' => $realname, + 'type' => $mime_type, + )); + $filespec->extension = $extension; + $filespec->upload = $upload; + $filespec->local = true; + + $this->assertEquals($expected, $filespec->move_file($this->path . 'copies')); + $this->assertEquals($filespec->file_moved, file_exists($this->path . 'copies/' . $realname)); + if ($error) + { + $this->assertEquals($error, $filespec->error[0]); + } + + $phpEx = ''; + } +} diff --git a/tests/upload/fileupload_test.php b/tests/upload/fileupload_test.php new file mode 100644 index 0000000000..076855ab56 --- /dev/null +++ b/tests/upload/fileupload_test.php @@ -0,0 +1,115 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2012 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once __DIR__ . '/../../phpBB/includes/functions.php'; +require_once __DIR__ . '/../../phpBB/includes/utf/utf_tools.php'; +require_once __DIR__ . '/../../phpBB/includes/functions_upload.php'; + +class phpbb_fileupload_test extends phpbb_test_case +{ + private $path; + + protected function setUp() + { + // Global $config required by unique_id + // Global $user required by several functions dealing with translations + global $config, $user; + + if (!is_array($config)) + { + $config = array(); + } + + $config['rand_seed'] = ''; + $config['rand_seed_last_update'] = time() + 600; + + $user = new phpbb_mock_user(); + $user->lang = new phpbb_mock_lang(); + $this->path = __DIR__ . '/fixture/'; + } + + private function gen_valid_filespec() + { + $filespec = new phpbb_mock_filespec(); + $filespec->filesize = 1; + $filespec->extension = 'jpg'; + $filespec->realname = 'valid'; + $filespec->width = 2; + $filespec->height = 2; + + return $filespec; + } + + protected function tearDown() + { + // Clear globals + global $config, $user; + $config = array(); + $user = null; + } + + public function test_common_checks_invalid_extension() + { + $upload = new fileupload('', array('png'), 100); + $file = $this->gen_valid_filespec(); + $upload->common_checks($file); + $this->assertEquals('DISALLOWED_EXTENSION', $file->error[0]); + } + + public function test_common_checks_invalid_filename() + { + $upload = new fileupload('', array('jpg'), 100); + $file = $this->gen_valid_filespec(); + $file->realname = 'invalid?'; + $upload->common_checks($file); + $this->assertEquals('INVALID_FILENAME', $file->error[0]); + } + + public function test_common_checks_too_large() + { + $upload = new fileupload('', array('jpg'), 100); + $file = $this->gen_valid_filespec(); + $file->filesize = 1000; + $upload->common_checks($file); + $this->assertEquals('WRONG_FILESIZE', $file->error[0]); + } + + public function test_common_checks_valid_file() + { + $upload = new fileupload('', array('jpg'), 1000); + $file = $this->gen_valid_filespec(); + $upload->common_checks($file); + $this->assertEquals(0, sizeof($file->error)); + } + + public function test_local_upload() + { + $upload = new fileupload('', array('jpg'), 1000); + + copy($this->path . 'jpg', $this->path . 'jpg.jpg'); + $file = $upload->local_upload($this->path . 'jpg.jpg'); + $this->assertEquals(0, sizeof($file->error)); + unlink($this->path . 'jpg.jpg'); + } + + public function test_valid_dimensions() + { + $upload = new fileupload('', false, false, 1, 1, 100, 100); + + $file1 = $this->gen_valid_filespec(); + $file2 = $this->gen_valid_filespec(); + $file2->height = 101; + $file3 = $this->gen_valid_filespec(); + $file3->width = 0; + + $this->assertTrue($upload->valid_dimensions($file1)); + $this->assertFalse($upload->valid_dimensions($file2)); + $this->assertFalse($upload->valid_dimensions($file3)); + } +} diff --git a/tests/upload/fixture/copies/.gitkeep b/tests/upload/fixture/copies/.gitkeep new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/tests/upload/fixture/copies/.gitkeep diff --git a/tests/upload/fixture/gif b/tests/upload/fixture/gif Binary files differnew file mode 100644 index 0000000000..b636f4b8df --- /dev/null +++ b/tests/upload/fixture/gif diff --git a/tests/upload/fixture/jpg b/tests/upload/fixture/jpg Binary files differnew file mode 100644 index 0000000000..3cd5038e38 --- /dev/null +++ b/tests/upload/fixture/jpg diff --git a/tests/upload/fixture/png b/tests/upload/fixture/png Binary files differnew file mode 100644 index 0000000000..5514ad40e9 --- /dev/null +++ b/tests/upload/fixture/png diff --git a/tests/upload/fixture/tif b/tests/upload/fixture/tif Binary files differnew file mode 100644 index 0000000000..248b50f9cb --- /dev/null +++ b/tests/upload/fixture/tif diff --git a/tests/upload/fixture/txt b/tests/upload/fixture/txt new file mode 100644 index 0000000000..a78c858f5c --- /dev/null +++ b/tests/upload/fixture/txt @@ -0,0 +1,2 @@ +<HTML>mime trigger</HTML> +The HTML tags should remain uppercase so that case-insensitivity can be checked. |
