From 0bf6966c5228d446c4f0d3862619db0f619c7369 Mon Sep 17 00:00:00 2001
From: Igor Wiedler <igor@wiedler.ch>
Date: Wed, 13 Jul 2011 19:20:16 +0200
Subject: [feature/request-class] Add server(), header() and is_ajax() to
 request

Extend the request class with helpers for reading server vars (server())
and HTTP request headers (header()). Refactor the existing code base
to make use of these helpers, make $_SERVER a deactivated super global.

Also introduce an is_ajax() method, which checks the X-Requested-With
header for the value 'XMLHttpRequest', which is sent by JavaScript
libraries, such as jQuery.

PHPBB3-9716
---
 tests/security/extract_current_page_test.php | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

(limited to 'tests/security/extract_current_page_test.php')

diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php
index 71c7a3a397..34c7b52f49 100644
--- a/tests/security/extract_current_page_test.php
+++ b/tests/security/extract_current_page_test.php
@@ -27,8 +27,12 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 	*/
 	public function test_query_string_php_self($url, $query_string, $expected)
 	{
-		$_SERVER['PHP_SELF'] = $url;
-		$_SERVER['QUERY_STRING'] = $query_string;
+		global $request;
+
+		$request->merge(phpbb_request_interface::SERVER, array(
+			'PHP_SELF'	=> $url,
+			'QUERY_STRING'	=> $query_string,
+		));
 
 		$result = session::extract_current_page('./');
 
@@ -41,8 +45,12 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 	*/
 	public function test_query_string_request_uri($url, $query_string, $expected)
 	{
-		$_SERVER['REQUEST_URI'] = $url . '?' . $query_string;
-		$_SERVER['QUERY_STRING'] = $query_string;
+		global $request;
+
+		$request->merge(phpbb_request_interface::SERVER, array(
+			'PHP_SELF'	=> $url,
+			'QUERY_STRING'	=> $query_string,
+		));
 
 		$result = session::extract_current_page('./');
 
-- 
cgit v1.2.1


From 17991823ea72ef973852fd9d0a9c516703f2137e Mon Sep 17 00:00:00 2001
From: Unknown <unknownbliss@phpbbdevelopers.net>
Date: Sat, 31 Dec 2011 16:05:02 +0000
Subject: [ticket/9916] Updating License in the header

PHPBB3-9916
---
 tests/security/extract_current_page_test.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'tests/security/extract_current_page_test.php')

diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php
index 71c7a3a397..4911f7b452 100644
--- a/tests/security/extract_current_page_test.php
+++ b/tests/security/extract_current_page_test.php
@@ -3,7 +3,7 @@
 *
 * @package testing
 * @copyright (c) 2008 phpBB Group
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
 *
 */
 
-- 
cgit v1.2.1


From 6deb7b3671c29ab7ce1db6e11b5c6be0950d265f Mon Sep 17 00:00:00 2001
From: Igor Wiedler <igor@wiedler.ch>
Date: Sat, 31 Mar 2012 02:50:19 +0200
Subject: [feature/class-prefix] Rename user and session to phpbb_*

PHPBB-10609
---
 tests/security/extract_current_page_test.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'tests/security/extract_current_page_test.php')

diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php
index 00fc3b5841..b4a475ffb3 100644
--- a/tests/security/extract_current_page_test.php
+++ b/tests/security/extract_current_page_test.php
@@ -10,7 +10,6 @@
 require_once dirname(__FILE__) . '/base.php';
 
 require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
-require_once dirname(__FILE__) . '/../../phpBB/includes/session.php';
 
 class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 {
@@ -34,7 +33,7 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 			'QUERY_STRING'	=> $query_string,
 		));
 
-		$result = session::extract_current_page('./');
+		$result = phpbb_session::extract_current_page('./');
 
 		$label = 'Running extract_current_page on ' . $query_string . ' with PHP_SELF filled.';
 		$this->assertEquals($expected, $result['query_string'], $label);
@@ -52,7 +51,7 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 			'QUERY_STRING'	=> $query_string,
 		));
 
-		$result = session::extract_current_page('./');
+		$result = phpbb_session::extract_current_page('./');
 
 		$label = 'Running extract_current_page on ' . $query_string . ' with REQUEST_URI filled.';
 		$this->assertEquals($expected, $result['query_string'], $label);
-- 
cgit v1.2.1


From f5bac7686b1678dbd33eddd368d845237bb18943 Mon Sep 17 00:00:00 2001
From: Vjacheslav Trushkin <arty@phpbb.com>
Date: Sun, 1 Apr 2012 19:14:53 +0300
Subject: [ticket/10733] Removing static from data providers

Removing static from data provider functions

PHPBB3-10733
---
 tests/security/extract_current_page_test.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'tests/security/extract_current_page_test.php')

diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php
index b4a475ffb3..d77cbbcaf3 100644
--- a/tests/security/extract_current_page_test.php
+++ b/tests/security/extract_current_page_test.php
@@ -13,7 +13,7 @@ require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
 
 class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 {
-	public static function security_variables()
+	public function security_variables()
 	{
 		return array(
 			array('http://localhost/phpBB/index.php', 'mark=forums&x="><script>alert(/XSS/);</script>', 'mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E'),
-- 
cgit v1.2.1