From 0bf6966c5228d446c4f0d3862619db0f619c7369 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Wed, 13 Jul 2011 19:20:16 +0200 Subject: [feature/request-class] Add server(), header() and is_ajax() to request Extend the request class with helpers for reading server vars (server()) and HTTP request headers (header()). Refactor the existing code base to make use of these helpers, make $_SERVER a deactivated super global. Also introduce an is_ajax() method, which checks the X-Requested-With header for the value 'XMLHttpRequest', which is sent by JavaScript libraries, such as jQuery. PHPBB3-9716 --- tests/request/request_test.php | 15 ++++++++++++++- tests/request/type_cast_helper_test.php | 10 ++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) (limited to 'tests/request') diff --git a/tests/request/request_test.php b/tests/request/request_test.php index 203c9fd880..9999e88121 100644 --- a/tests/request/request_test.php +++ b/tests/request/request_test.php @@ -23,7 +23,6 @@ class phpbb_request_test extends phpbb_test_case $_GET['unset'] = ''; $this->type_cast_helper = $this->getMock('phpbb_request_type_cast_helper_interface'); - $this->request = new phpbb_request($this->type_cast_helper); } @@ -60,6 +59,20 @@ class phpbb_request_test extends phpbb_test_case $this->assertFalse($this->request->is_set_post('unset')); } + public function test_is_ajax_without_ajax() + { + $this->assertFalse($this->request->is_ajax()); + } + + public function test_is_ajax_with_ajax() + { + $this->request->enable_super_globals(); + $_SERVER['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'; + $this->request = new phpbb_request($this->type_cast_helper); + + $this->assertTrue($this->request->is_ajax()); + } + public function test_variable_names() { $expected = array('test', 'unset'); diff --git a/tests/request/type_cast_helper_test.php b/tests/request/type_cast_helper_test.php index 06cf2e1bf6..0103c51561 100644 --- a/tests/request/type_cast_helper_test.php +++ b/tests/request/type_cast_helper_test.php @@ -48,4 +48,14 @@ class phpbb_type_cast_helper_test extends phpbb_test_case $this->assertEquals($expected, $data); } + + public function test_simple_set_var_without_html_encoding() + { + $data = 'eviL<3'; + $expected = 'eviL<3'; + + $this->type_cast_helper->recursive_set_var($data, '', true, false); + + $this->assertEquals($expected, $data); + } } -- cgit v1.2.1 From 24e9fb24d105b8e475dbaf66fd99be2839b86675 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Sat, 6 Aug 2011 19:47:12 +0200 Subject: [feature/request-class] Make server() use the $html_encode parameter $request->server() should not auto html-escape values. header() however should. Also introduce some tests for this behaviour. Thanks to nn- for catching this. PHPBB3-9716 --- tests/request/request_test.php | 44 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) (limited to 'tests/request') diff --git a/tests/request/request_test.php b/tests/request/request_test.php index 9999e88121..24c9ae5112 100644 --- a/tests/request/request_test.php +++ b/tests/request/request_test.php @@ -22,6 +22,10 @@ class phpbb_request_test extends phpbb_test_case $_REQUEST['test'] = 3; $_GET['unset'] = ''; + $_SERVER['HTTP_HOST'] = 'example.com'; + $_SERVER['HTTP_ACCEPT'] = 'application/json'; + $_SERVER['HTTP_SOMEVAR'] = ''; + $this->type_cast_helper = $this->getMock('phpbb_request_type_cast_helper_interface'); $this->request = new phpbb_request($this->type_cast_helper); } @@ -43,6 +47,46 @@ class phpbb_request_test extends phpbb_test_case $this->assertEquals($_POST, $GLOBALS['_POST'], 'Checking whether $_POST can still be accessed via $GLOBALS[\'_POST\']'); } + public function test_server() + { + $this->assertEquals('example.com', $this->request->server('HTTP_HOST')); + } + + public function test_server_escaping() + { + $this->type_cast_helper + ->expects($this->once()) + ->method('recursive_set_var') + ->with( + $this->anything(), + '', + true, + false + ); + + $this->request->server('HTTP_SOMEVAR'); + } + + public function test_header() + { + $this->assertEquals('application/json', $this->request->header('Accept')); + } + + public function test_header_escaping() + { + $this->type_cast_helper + ->expects($this->once()) + ->method('recursive_set_var') + ->with( + $this->anything(), + '', + true, + true + ); + + $this->request->header('SOMEVAR'); + } + /** * Checks that directly accessing $_POST will trigger * an error. -- cgit v1.2.1 From a48889fed83b007202e76ddf1ba5436eca310df0 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Thu, 18 Aug 2011 22:21:50 +0200 Subject: [feature/request-class] Add is_secure method to request for HTTPS PHPBB3-9716 --- tests/request/request_test.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'tests/request') diff --git a/tests/request/request_test.php b/tests/request/request_test.php index 24c9ae5112..2e56841601 100644 --- a/tests/request/request_test.php +++ b/tests/request/request_test.php @@ -117,6 +117,17 @@ class phpbb_request_test extends phpbb_test_case $this->assertTrue($this->request->is_ajax()); } + public function test_is_secure() + { + $this->assertFalse($this->request->is_secure()); + + $this->request->enable_super_globals(); + $_SERVER['HTTPS'] = 'on'; + $this->request = new phpbb_request($this->type_cast_helper); + + $this->assertTrue($this->request->is_secure()); + } + public function test_variable_names() { $expected = array('test', 'unset'); -- cgit v1.2.1 From fd08cd8dd013c0d1bf8e18611f798c6987d9de9c Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Thu, 18 Aug 2011 23:19:48 +0200 Subject: [feature/request-class] Remove $html_encode arg, force manual decoding PHPBB3-9716 --- tests/request/request_test.php | 4 +--- tests/request/type_cast_helper_test.php | 10 ---------- 2 files changed, 1 insertion(+), 13 deletions(-) (limited to 'tests/request') diff --git a/tests/request/request_test.php b/tests/request/request_test.php index 2e56841601..e492fa5cf1 100644 --- a/tests/request/request_test.php +++ b/tests/request/request_test.php @@ -60,8 +60,7 @@ class phpbb_request_test extends phpbb_test_case ->with( $this->anything(), '', - true, - false + true ); $this->request->server('HTTP_SOMEVAR'); @@ -80,7 +79,6 @@ class phpbb_request_test extends phpbb_test_case ->with( $this->anything(), '', - true, true ); diff --git a/tests/request/type_cast_helper_test.php b/tests/request/type_cast_helper_test.php index 0103c51561..06cf2e1bf6 100644 --- a/tests/request/type_cast_helper_test.php +++ b/tests/request/type_cast_helper_test.php @@ -48,14 +48,4 @@ class phpbb_type_cast_helper_test extends phpbb_test_case $this->assertEquals($expected, $data); } - - public function test_simple_set_var_without_html_encoding() - { - $data = 'eviL<3'; - $expected = 'eviL<3'; - - $this->type_cast_helper->recursive_set_var($data, '', true, false); - - $this->assertEquals($expected, $data); - } } -- cgit v1.2.1 From 17991823ea72ef973852fd9d0a9c516703f2137e Mon Sep 17 00:00:00 2001 From: Unknown Date: Sat, 31 Dec 2011 16:05:02 +0000 Subject: [ticket/9916] Updating License in the header PHPBB3-9916 --- tests/request/request_var_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/request') diff --git a/tests/request/request_var_test.php b/tests/request/request_var_test.php index fa17b1909f..8e609c00af 100644 --- a/tests/request/request_var_test.php +++ b/tests/request/request_var_test.php @@ -3,7 +3,7 @@ * * @package testing * @copyright (c) 2008 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ -- cgit v1.2.1 From 66c50f6b30400b729d3fea4fb06dad5eb559aa51 Mon Sep 17 00:00:00 2001 From: Unknown Date: Mon, 2 Jan 2012 17:14:00 +0000 Subject: [ticket/9916] Updating license in non-distributed files PHPBB3-9916 --- tests/request/deactivated_super_global_test.php | 2 +- tests/request/request_test.php | 2 +- tests/request/type_cast_helper_test.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'tests/request') diff --git a/tests/request/deactivated_super_global_test.php b/tests/request/deactivated_super_global_test.php index 995f93443d..2e19928a5a 100644 --- a/tests/request/deactivated_super_global_test.php +++ b/tests/request/deactivated_super_global_test.php @@ -4,7 +4,7 @@ * @package testing * @version $Id$ * @copyright (c) 2009 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ diff --git a/tests/request/request_test.php b/tests/request/request_test.php index e492fa5cf1..bca5125b7a 100644 --- a/tests/request/request_test.php +++ b/tests/request/request_test.php @@ -4,7 +4,7 @@ * @package testing * @version $Id$ * @copyright (c) 2009 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ diff --git a/tests/request/type_cast_helper_test.php b/tests/request/type_cast_helper_test.php index 06cf2e1bf6..d553d5b8cd 100644 --- a/tests/request/type_cast_helper_test.php +++ b/tests/request/type_cast_helper_test.php @@ -4,7 +4,7 @@ * @package testing * @version $Id$ * @copyright (c) 2009 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ -- cgit v1.2.1 From f5bac7686b1678dbd33eddd368d845237bb18943 Mon Sep 17 00:00:00 2001 From: Vjacheslav Trushkin Date: Sun, 1 Apr 2012 19:14:53 +0300 Subject: [ticket/10733] Removing static from data providers Removing static from data provider functions PHPBB3-10733 --- tests/request/request_var_test.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/request') diff --git a/tests/request/request_var_test.php b/tests/request/request_var_test.php index 1fa0afae13..0e85d4694b 100644 --- a/tests/request/request_var_test.php +++ b/tests/request/request_var_test.php @@ -112,7 +112,7 @@ class phpbb_request_var_test extends phpbb_test_case $this->assertEquals($expected, $result, 'Testing deep access to multidimensional input arrays: ' . $path); } - public static function deep_access() + public function deep_access() { return array( // array(path, default, expected result) @@ -123,7 +123,7 @@ class phpbb_request_var_test extends phpbb_test_case ); } - public static function request_variables() + public function request_variables() { return array( // strings -- cgit v1.2.1 From b3cd5a649be62f175de651a16ae02c5f709ca2f4 Mon Sep 17 00:00:00 2001 From: Nathaniel Guse Date: Mon, 3 Sep 2012 13:32:33 -0500 Subject: [ticket/8713] Do not trim login inputs Create a function to request variables which are not trimmed. All requests for passwords (except forum passwords) now use the untrimmed request function. PHPBB3-8713 --- tests/request/type_cast_helper_test.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'tests/request') diff --git a/tests/request/type_cast_helper_test.php b/tests/request/type_cast_helper_test.php index d553d5b8cd..f7e5cd873e 100644 --- a/tests/request/type_cast_helper_test.php +++ b/tests/request/type_cast_helper_test.php @@ -48,4 +48,14 @@ class phpbb_type_cast_helper_test extends phpbb_test_case $this->assertEquals($expected, $data); } + + public function test_untrimmed_strings() + { + $data = array(' eviL<3 '); + $expected = array(' eviL<3 '); + + $this->type_cast_helper->recursive_set_var($data, '', true, false); + + $this->assertEquals($expected, $data); + } } -- cgit v1.2.1 From 06c3868c27c394747bbaa5a8dac6ed83b5d61951 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sat, 8 Sep 2012 13:40:28 +0200 Subject: [ticket/8713] Adjust test method name to other recursive_set_var() tests. PHPBB3-8713 --- tests/request/type_cast_helper_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/request') diff --git a/tests/request/type_cast_helper_test.php b/tests/request/type_cast_helper_test.php index f7e5cd873e..94b6e9146f 100644 --- a/tests/request/type_cast_helper_test.php +++ b/tests/request/type_cast_helper_test.php @@ -49,7 +49,7 @@ class phpbb_type_cast_helper_test extends phpbb_test_case $this->assertEquals($expected, $data); } - public function test_untrimmed_strings() + public function test_nested_untrimmed_recursive_set_var() { $data = array(' eviL<3 '); $expected = array(' eviL<3 '); -- cgit v1.2.1 From 2c41b9062a6a8335aa1bfa7c80077f4ae33d33e4 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sat, 8 Sep 2012 13:41:51 +0200 Subject: [ticket/8713] Use correct parameter for nested data. PHPBB3-8713 --- tests/request/type_cast_helper_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/request') diff --git a/tests/request/type_cast_helper_test.php b/tests/request/type_cast_helper_test.php index 94b6e9146f..176638dc44 100644 --- a/tests/request/type_cast_helper_test.php +++ b/tests/request/type_cast_helper_test.php @@ -54,7 +54,7 @@ class phpbb_type_cast_helper_test extends phpbb_test_case $data = array(' eviL<3 '); $expected = array(' eviL<3 '); - $this->type_cast_helper->recursive_set_var($data, '', true, false); + $this->type_cast_helper->recursive_set_var($data, array(0 => ''), true, false); $this->assertEquals($expected, $data); } -- cgit v1.2.1 From 4550fff55a10be737b76275ae5323675ab1c3939 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sat, 8 Sep 2012 13:43:14 +0200 Subject: [ticket/8713] Use \t in double quotes instead of tabs. PHPBB3-8713 --- tests/request/type_cast_helper_test.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/request') diff --git a/tests/request/type_cast_helper_test.php b/tests/request/type_cast_helper_test.php index 176638dc44..8203703639 100644 --- a/tests/request/type_cast_helper_test.php +++ b/tests/request/type_cast_helper_test.php @@ -51,8 +51,8 @@ class phpbb_type_cast_helper_test extends phpbb_test_case public function test_nested_untrimmed_recursive_set_var() { - $data = array(' eviL<3 '); - $expected = array(' eviL<3 '); + $data = array(" eviL<3\t\t"); + $expected = array(" eviL<3\t\t"); $this->type_cast_helper->recursive_set_var($data, array(0 => ''), true, false); -- cgit v1.2.1 From 160c49351b5ce7d2d811a388a4630ec37258bb8f Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sat, 8 Sep 2012 13:44:50 +0200 Subject: [ticket/8713] Add simple (non-nested) test case for untrimmed set_var(). PHPBB3-8713 --- tests/request/type_cast_helper_test.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'tests/request') diff --git a/tests/request/type_cast_helper_test.php b/tests/request/type_cast_helper_test.php index 8203703639..f41db005af 100644 --- a/tests/request/type_cast_helper_test.php +++ b/tests/request/type_cast_helper_test.php @@ -49,6 +49,16 @@ class phpbb_type_cast_helper_test extends phpbb_test_case $this->assertEquals($expected, $data); } + public function test_simple_untrimmed_recursive_set_var() + { + $data = " eviL<3\t\t"; + $expected = " eviL<3\t\t"; + + $this->type_cast_helper->recursive_set_var($data, '', true, false); + + $this->assertEquals($expected, $data); + } + public function test_nested_untrimmed_recursive_set_var() { $data = array(" eviL<3\t\t"); -- cgit v1.2.1