diff --git a/build.xml b/build.xml index 83c5300264..0f57450726 100644 --- a/build.xml +++ b/build.xml @@ -1,14 +1,58 @@ - + + + set_include_path( + get_include_path() . PATH_SEPARATOR + . 'include' . PATH_SEPARATOR + . 'library' . PATH_SEPARATOR + . 'library/phpsec' . PATH_SEPARATOR + . '.' ); + + + + + + + + + + + + + + + + + + - - - + + + + + + + + + + + + + + + + + + + + + + diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php new file mode 100644 index 0000000000..e480ef7ec0 --- /dev/null +++ b/tests/xss_filter_test.php @@ -0,0 +1,217 @@ +'; + + $validstring=notags($invalidstring); + $escapedString=escape_tags($invalidstring); + + $this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring); + $this->assertEquals("<submit type="button" onclick="alert('failed!');" />", $escapedString); + } + + /** + *autonames should be random, even length + */ + public function testAutonameEven() { + $autoname1=autoname(10); + $autoname2=autoname(10); + + $this->assertNotEquals($autoname1, $autoname2); + } + + /** + *autonames should be random, odd length + */ + public function testAutonameOdd() { + $autoname1=autoname(9); + $autoname2=autoname(9); + + $this->assertNotEquals($autoname1, $autoname2); + } + + /** + * try to fail autonames + */ + public function testAutonameNoLength() { + $autoname1=autoname(0); + $this->assertEquals(0, count($autoname1)); + } + + public function testAutonameNegativeLength() { + $autoname1=autoname(-23); + $this->assertEquals(0, count($autoname1)); + } + +// public function testAutonameMaxLength() { +// $autoname2=autoname(PHP_INT_MAX); +// $this->assertEquals(PHP_INT_MAX, count($autoname2)); +// } + + public function testAutonameLength1() { + $autoname3=autoname(1); + $this->assertEquals(1, count($autoname3)); + } + + /** + *xmlify and unxmlify + */ + public function testXmlify() { + $text="I want to break\n this!11!"; + $xml=xmlify($text); //test whether it actually may be part of a xml document + $retext=unxmlify($text); + + $this->assertEquals($text, $retext); + } + + /** + * test hex2bin and reverse + */ + + public function testHex2Bin() { + $this->assertEquals(-3, hex2bin(bin2hex(-3))); + $this->assertEquals(0, hex2bin(bin2hex(0))); + $this->assertEquals(12, hex2bin(bin2hex(12))); + $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX))); + } + + /** + * test expand_acl + */ + public function testExpandAclNormal() { + $text="<1><2><3>"; + $this->assertEquals(array(1, 2, 3), expand_acl($text)); + } + + public function testExpandAclBigNumber() { + $text="<1><279012><15>"; + $this->assertEquals(array(1, 279012, 15), expand_acl($text)); + } + + public function testExpandAclString() { + $text="<1><279012>"; //maybe that's invalid + $this->assertEquals(array(1, 279012, 'tt'), expand_acl($text)); + } + + public function testExpandAclSpace() { + $text="<1><279 012><32>"; //maybe that's invalid + $this->assertEquals(array(1, "279 012", "32"), expand_acl($text)); + } + + public function testExpandAclEmpty() { + $text=""; //maybe that's invalid + $this->assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclNoBrackets() { + $text="According to documentation, that's invalid. "; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclJustOneBracket1() { + $text="assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclJustOneBracket2() { + $text="Another invalid> string"; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclCloseOnly() { + $text="Another> invalid> string>"; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclOpenOnly() { + $text="assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclNoMatching1() { + $text=" invalid "; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclNoMatching2() { + $text="<1>2><3>"; + $this->assertEquals(array(), expand_acl($text)); + } + + /** + * test attribute contains + */ + public function testAttributeContains1() { + $testAttr="class1 notclass2 class3"; + $this->assertTrue(attribute_contains($testAttr, "class3")); + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + /** + * test attribute contains + */ + public function testAttributeContains2() { + $testAttr="class1 not-class2 class3"; + $this->assertTrue(attribute_contains($testAttr, "class3")); + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + public function testAttributeContainsEmpty() { + $testAttr=""; + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + public function testAttributeContainsSpecialChars() { + $testAttr="--... %\$ä() /(=?}"; + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + /** + * test get_tags + */ + public function testGetTags() { + $text="hi @Mike, I'm just writing #test_cases, " + ." so @somebody@friendica.com may change #things. Of course I " + ."look for a lot of #pitfalls, like #tags at the end of a sentence " + ."@comment. I hope noone forgets about @fullstops.because that might" + ." break #things. @Mike@campino@friendica.eu is also #nice, isn't it? " + ."Now, add a @first_last tag. "; + //check whether this are all variants (no, auto-stuff is missing). + + $tags=get_tags($text); + + $this->assertEquals("@Mike", $tags[0]); + $this->assertEquals("#test_cases", $tags[1]); + $this->assertEquals("@somebody@friendica.com", $tags[2]); + $this->assertEquals("#things", $tags[3]); + $this->assertEquals("#pitfalls", $tags[4]); + $this->assertEquals("#tags", $tags[5]); + $this->assertEquals("@comment", $tags[6]); + $this->assertEquals("@fullstops", $tags[7]); + $this->assertEquals("#things", $tags[8]); + $this->assertEquals("@Mike", $tags[9]); + $this->assertEquals("@campino@friendica.eu", $tags[10]); + $this->assertEquals("#nice", $tags[11]); + $this->assertEquals("@first_last", $tags[12]); + } + + public function testGetTagsEmpty() { + $tags=get_tags(""); + $this->assertEquals(0, count($tags)); + } +//function qp, quick and dirty?? +//get_mentions +//get_contact_block, bis Zeile 538 +} +?> diff --git a/tests/xss_filter_tests.php b/tests/xss_filter_tests.php deleted file mode 100644 index 2d29e390a2..0000000000 --- a/tests/xss_filter_tests.php +++ /dev/null @@ -1,140 +0,0 @@ -' - -$validstring=notags($invalidstring); -$escapedString=escape_tags($invalidstring); - -assert("[submit type="button" onclick="alert(\'failed!\');" /]", $validstring); -assert("what ever", $escapedString); - -/** -*autonames should be random, even length -*/ -$autoname1=autoname(10); -$autoname2=autoname(10); - -assertNotEquals($autoname1, $autoname2); - -/** -*autonames should be random, odd length -*/ -$autoname1=autoname(9); -$autoname2=autoname(9); - -assertNotEquals($autoname1, $autoname2); - -/** -* try to fail autonames -*/ -$autoname1=autoname(0); -$autoname2=autoname(MAX_VALUE); -$autoname3=autoname(1); -assert(count($autoname1), 0); -assert(count($autoname2), MAX_VALUE); -assert(count($autoname3), 1); - -/** -*xmlify and unxmlify -*/ -$text="I want to break\n this!11!" -$xml=xmlify($text); //test whether it actually may be part of a xml document -$retext=unxmlify($text); - -assert($text, $retext); - -/** -* test hex2bin and reverse -*/ - -assert(-3, hex2bin(bin2hex(-3))); -assert(0, hex2bin(bin2hex(0))); -assert(12, hex2bin(bin2hex(12))); -assert(MAX_INT, hex2bin(bin2hex(MAX_INT))); - -/** -* test expand_acl -*/ -$text="<1><2><3>"; -assert(array(1, 2, 3), $text); - -$text="<1><279012><15>"; -assert(array(1, 279012, 15), $text); - -$text="<1><279012>"; //maybe that's invalid -assert(array(1, 279012, "tt"), $text); - -$text="<1><279 012>"; //maybe that's invalid -assert(array(1, "279 012", "tt"), $text); - -$text=""; //maybe that's invalid -assert(array(), $text); - -$text="According to documentation, that's invalid. "; //should be invalid -assert(array(), $text); - -$text="