aboutsummaryrefslogtreecommitdiffstats
path: root/tests/security
Commit message (Collapse)AuthorAgeFilesLines
* [ticket/14576] Move common required files to bootstrapMatt Friedman2016-03-313-4/+0
| | | | PHPBB3-14576
* [ticket/13762] Moving language related functionality into a separate classMateBartus2015-05-021-1/+3
| | | | PHPBB3-13762
* Merge branch '3.1.x'Andreas Fischer2015-04-281-3/+8
|\ | | | | | | | | | | | | | | | | | | * 3.1.x: [ticket/security-180] Use language variable for redirect error in 3.1+ [ticket/security-180] Merge if statement with previous one in 3.1.x [ticket/security-180] Add tests for redirecting to main URL [ticket/security-180] Always fail when redirecting to an insecure URL [ticket/security-180] Make sure that redirect goes to full URL plus slash [ticket/security-180] Check if redirect URL contains board URL
| * Merge branch 'ticket/security-180' into ticket/security-180-ascMarc Alexander2015-04-281-4/+6
| |\ | | | | | | | | | | | | Conflicts: tests/security/redirect_test.php
| | * [ticket/security-180] Add tests for redirecting to main URLMarc Alexander2015-04-231-0/+2
| | | | | | | | | | | | SECURITY-180
| | * [ticket/security-180] Always fail when redirecting to an insecure URLJoas Schilling2015-04-111-3/+3
| | | | | | | | | | | | SECURITY-180
| * | Merge branch 'ticket/security-180' into ticket/security-180-ascMarc Alexander2015-04-281-0/+3
| |\ \ | | |/ | | | | | | | | | Conflicts: tests/security/redirect_test.php
| | * [ticket/security-180] Make sure that redirect goes to full URL plus slashMarc Alexander2015-04-111-0/+3
| | | | | | | | | | | | SECURITY-180
| | * [ticket/13549] Do not exit when ORIG_PATH_INFO just contains SCRIPT_NAME.Marc Alexander2015-01-281-1/+6
| | | | | | | | | | | | | | | | | | | | | The ORIG_PATH_INFO on IIS also contains the script name. Only use that for killing the script after removing the script name from ORIG_PATH_INFO. PHPBB3-13549
| | * [ticket/13531] Explicitly disallow trailing paths (e.g. PATH_INFO).Marc Alexander2015-01-211-0/+55
| | | | | | | | | | | | PHPBB3-13531
* | | [ticket/13697] Moving filesystem related functions to filesystem serviceMateBartus2015-04-162-2/+2
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Moving filesystem service to \phpbb\filesystem namespace * Wraping Symfony's Filesystem component * Moving filesystem related functions from includes/functions.php into \phpbb\filesystem\filesystem Functions moved (and deprecated): - phpbb_chmod - phpbb_is_writable - phpbb_is_absolute - phpbb_own_realpath - phpbb_realpath * Adding interface for filesystem service PHPBB3-13697
* | [ticket/13280] Output escaping for the symfony request objectTristan Darricau2014-11-161-14/+14
| | | | | | | | PHPBB3-13280
* | [ticket/13280] Make the tests failingTristan Darricau2014-11-123-78/+53
| | | | | | | | PHPBB3-13280
* | [ticket/13280] Revert "Merge pull request #3107 from marc1706/ticket/13280"Tristan Darricau2014-11-121-20/+8
| | | | | | | | | | | | | | This reverts commit a1b58d05d158ff7afd789c1b27821e17198f8d58, reversing changes made to 0e772afb9db640e54e84cfccaddcf74f3edbb3fb. PHPBB3-13280
* | [ticket/13280] Only run sanitizer for server superglobal and modify testsMarc Alexander2014-11-041-1/+6
| | | | | | | | PHPBB3-13280
* | [ticket/13280] Properly format the current page and add sanitizer to testsMarc Alexander2014-11-031-8/+15
| | | | | | | | PHPBB3-13280
* | [ticket/12932] Fix tests and calls to create_datetimeMarc Alexander2014-08-101-1/+1
| | | | | | | | PHPBB3-12932
* | [ticket/12099] Remove config againJoas Schilling2014-06-291-1/+0
| | | | | | | | PHPBB3-12099
* | [ticket/12099] Add request argument to path_helper servicePico882014-06-291-0/+2
| | | | | | | | PHPBB3-12099
* | [ticket/12594] Remove @package tags and update file headersYuriy Rusko2014-05-274-12/+28
| | | | | | | | PHPBB3-12594
* | Merge pull request #2092 from nickvergessen/ticket/12090Nathan Guse2014-03-101-31/+2
|\ \ | | | | | | [ticket/12090] Pass route name to url() instead of the url itself
| * | [ticket/12090] Change redirect tests to use route()Joas Schilling2014-03-071-31/+2
| | | | | | | | | | | | PHPBB3-12090
* | | [ticket/12239] Move deprecated passwords functions to compatibility fileMarc Alexander2014-03-061-1/+1
|/ / | | | | | | | | | | | | | | The deprecated passwords functions are no longer used in the core and have been replaced with the passwords manager. Therefore, the functions are moved to the functions_compatibility file. PHPBB3-12239
* | Merge pull request #1716 from marc1706/feature/passwordsNils Adermann2014-02-021-0/+25
|\ \ | | | | | | [feature/passwords] Add password hashing manager with support for newer hashing algorithms
| * | [feature/passwords] Get rid of set_name/get_name methods for passwords driversMarc Alexander2014-02-021-5/+0
| | | | | | | | | | | | PHPBB3-11610
| * | Merge branch 'develop' of https://github.com/phpbb/phpbb into feature/passwordsMarc Alexander2013-12-292-11/+47
| |\ \ | | | | | | | | | | | | | | | | Conflicts: phpBB/config/services.yml
| * | | [feature/passwords] Pass list of default types to passwords managerMarc Alexander2013-10-271-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This list is in the order of how the driver types would be used. If a driver is not supported we will try the subsequent one. PHPBB3-11610
| * | | [feature/passwords] Fix hash_test for use of passwords managerMarc Alexander2013-10-031-1/+4
| | | | | | | | | | | | | | | | PHPBB3-11610
| * | | Merge branch 'develop' of https://github.com/phpbb/phpbb3 into feature/passwordsMarc Alexander2013-10-031-0/+8
| |\ \ \ | | | | | | | | | | | | | | | | | | | | Conflicts: phpBB/includes/functions.php
| * | | | [feature/passwords] Add prepending backslash to class namespacesMarc Alexander2013-10-021-8/+8
| | | | | | | | | | | | | | | | | | | | PHPBB3-11610
| * | | | [feature/passwords] Fix tests after changes to phpBB hashing functionsMarc Alexander2013-10-021-0/+27
| | | | | | | | | | | | | | | | | | | | PHPBB3-11610
* | | | | [ticket/11997] Add user's page dir to redirect path and fix unit tests for itMarc Alexander2013-12-281-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The user's page directory needs to be added to the redirect URL for proper redirects outside of the forum root. Fix the unit tests accordingly. PHPBB3-11997
* | | | | [ticket/11997] Do not check if file or dir we redirect to existMarc Alexander2013-12-271-14/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The redirect function will now properly redirect to where we want it to. It will no longer try to check if the file or directory we redirect to exist. This will ensure compatibility with the new routes. PHPBB3-11997
* | | | | [ticket/11997] Modifiy tests after adding path_helper clean_url methodMarc Alexander2013-12-211-3/+3
| | | | | | | | | | | | | | | | | | | | PHPBB3-11997
* | | | | [ticket/11997] Allow redirects to parent folders like previouslyMarc Alexander2013-12-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Redirects to parent folders were possible with the previous redirect function. This change will allow these redirects again. PHPBB3-11997
* | | | | [ticket/11997] Fix tests for path_helper's get_controller_redirect_url()Marc Alexander2013-12-071-9/+20
| | | | | | | | | | | | | | | | | | | | PHPBB3-11997
* | | | | [ticket/11997] Use $phpbb_filesystem->clean_path() for proper redirect pathsMarc Alexander2013-11-121-23/+35
| | | | | | | | | | | | | | | | | | | | PHPBB3-11997
* | | | | [ticket/11997] Correctly redirect to front controllersMarc Alexander2013-11-081-1/+15
| |_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We currently do a lot of checks in order to prevent users from getting to a 404 page. However, this logic relies on checking if a file or folder exists. Due to the front controllers and the URL rewriting in 3.1, it is no longer possible to rely on existing files for redirecting. This patch will take care of properly redirecting users to front controller files. An incorrect link will cause users to get a 404 error though. PHPBB3-11997
* | | | [ticket/11850] More namespacesNathan Guse2013-09-301-1/+1
| | | | | | | | | | | | | | | | PHPBB3-11850
* | | | [ticket/11850] More namespacesNathan Guse2013-09-302-3/+3
| | | | | | | | | | | | | | | | PHPBB3-11850
* | | | [ticket/11850] Update for namespacesNathan Guse2013-09-301-1/+1
| | | | | | | | | | | | | | | | PHPBB3-11850
* | | | Merge branch 'develop' of github.com:phpbb/phpbb3 into ticket/11850Nathan Guse2013-09-303-3/+11
|\ \ \ \ | | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | # By Nils Adermann (68) and others # Via Andreas Fischer (12) and others * 'develop' of github.com:phpbb/phpbb3: (102 commits) [ticket/11876] Replace MD5 with SHA256. [ticket/11876] Move checksum generation from build PHP files to phing build.xml [develop-olympus] Build against 3.0.12 instead of 3.0.12-RC3. Tag exists now. [prep-release-3.0.12] Update changelog for 3.0.12 release. [ticket/11873] Add unit test for large password input. [ticket/11873] Do not hash very large passwords in order to safe resources. [ticket/11862] Correct var names in user_delete() events due to prune-users [develop-olympus] Use 3.0.13-dev as build version. Use latest 3.0.12 RC tag. [prep-release-3.0.12] Bumping version number for 3.0.12 final. [ticket/11852] Add class file [ticket/11852] Move tests to folder with new class name [ticket/11852] Split filesystem and path_helper into 2 classes [ticket/11868] Add @depends to test [ticket/11868] Add functional test for registration [ticket/11868] Replace phpbb_request_interface references [ticket/11866] Only single backslash in .md files [ticket/11866] Remove outdated and broken develop script [ticket/11866] More namespaces [ticket/11866] Update some occurances of phpbb_db_ to new Namespace [ticket/11865] Convert old class name to namespaced version ... Conflicts: tests/security/extract_current_page_test.php tests/session/testable_facade.php
| * | | Merge branch 'develop-olympus' into developAndreas Fischer2013-09-281-0/+8
| |\ \ \ | | |/ / | |/| / | | |/ | | | | | | | | | * develop-olympus: [prep-release-3.0.12] Update changelog for 3.0.12 release. [ticket/11873] Add unit test for large password input. [ticket/11873] Do not hash very large passwords in order to safe resources.
| | * [ticket/11873] Add unit test for large password input.Joas Schilling2013-09-281-0/+8
| | | | | | | | | | | | | | | | | | The password should be rejected quite fast. PHPBB3-11873
| | * [ticket/11159] static public is the currently approved order.Oleg Pudeyev2012-11-062-2/+2
| | | | | | | | | | | | PHPBB3-11159
| * | [ticket/11700] Move all recent code to namespacesNils Adermann2013-09-162-6/+6
| | | | | | | | | | | | PHPBB3-11700
| * | [ticket/11700] Modify all code to use the new interface namesNils Adermann2013-07-141-2/+2
| | | | | | | | | | | | PHPBB3-11700
* | | [ticket/11850] Fix extract current page testNathan Guse2013-09-192-11/+47
|/ / | | | | | | PHPBB3-11850
* | [ticket/9975] Moved a few E_USER_ERROR errors to /languageasperous2013-04-231-3/+3
| | | | | | | | | | | | There were a few error messages that a user could experience that would, previously, be without any the ability to be localized. There are some more E_USER_ERRORs that I did not change to a constant, for example the error message that is displayed if there aren't any folders in /language. PHPBB3-9975
* | [ticket/10973] Drop all require_once for mocks. Use autoloading.Andreas Fischer2012-07-081-2/+0
| | | | | | | | PHPBB3-10973