1 files changed, 28 insertions, 16 deletions
diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php
index 0f5128884b..767b901a43 100644
--- a/tests/security/extract_current_page_test.php
+++ b/tests/security/extract_current_page_test.php
@@ -1,36 +1,45 @@
 <?php
 /**
 *
-* @package testing
-* @copyright (c) 2008 phpBB Group
-* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
 *
 */
 
 require_once dirname(__FILE__) . '/base.php';
 
 require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
-require_once dirname(__FILE__) . '/../../phpBB/includes/session.php';
 
 class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 {
-	static public function security_variables()
+	public function security_variables()
 	{
 		return array(
-			array('http://localhost/phpBB/index.php', 'mark=forums&x="><script>alert(/XSS/);</script>', 'mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E'),
-			array('http://localhost/phpBB/index.php', 'mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E', 'mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E'),
+			array('mark=forums&x="><script>alert(/XSS/);</script>', 'mark=forums&x=%22%3E%3Cscript%3Ealert%28%2FXSS%2F%29%3B%3C%2Fscript%3E'),
+			array('mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E', 'mark=forums&x=%22%3E%3Cscript%3Ealert%28%2FXSS%2F%29%3B%3C%2Fscript%3E'),
+			array('mark=forums&x=%22%3E%3Cscript%3Ealert%28%2FXSS%2F%29%3B%3C%2Fscript%3E', 'mark=forums&x=%22%3E%3Cscript%3Ealert%28%2FXSS%2F%29%3B%3C%2Fscript%3E'),
 		);
 	}
 
 	/**
 	* @dataProvider security_variables
 	*/
-	public function test_query_string_php_self($url, $query_string, $expected)
+	public function test_query_string_php_self($query_string, $expected)
 	{
-		$_SERVER['PHP_SELF'] = $url;
-		$_SERVER['QUERY_STRING'] = $query_string;
+		global $symfony_request, $request;
+
+		$this->server['REQUEST_URI'] = '';
+		$this->server['QUERY_STRING'] = $query_string;
+
+		$request = new phpbb_mock_request(array(), array(), array(), $this->server);
+		$symfony_request = new \phpbb\symfony_request($request);
 
-		$result = session::extract_current_page('./');
+		$result = \phpbb\session::extract_current_page('./');
 
 		$label = 'Running extract_current_page on ' . $query_string . ' with PHP_SELF filled.';
 		$this->assertEquals($expected, $result['query_string'], $label);
@@ -39,15 +48,18 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 	/**
 	* @dataProvider security_variables
 	*/
-	public function test_query_string_request_uri($url, $query_string, $expected)
+	public function test_query_string_request_uri($query_string, $expected)
 	{
-		$_SERVER['REQUEST_URI'] = $url . '?' . $query_string;
-		$_SERVER['QUERY_STRING'] = $query_string;
+		global $symfony_request, $request;
 
-		$result = session::extract_current_page('./');
+		$this->server['QUERY_STRING'] = $query_string;
+
+		$request = new phpbb_mock_request(array(), array(), array(), $this->server);
+		$symfony_request = new \phpbb\symfony_request($request);
+
+		$result = \phpbb\session::extract_current_page('./');
 
 		$label = 'Running extract_current_page on ' . $query_string . ' with REQUEST_URI filled.';
 		$this->assertEquals($expected, $result['query_string'], $label);
 	}
 }
-