Alex Bilbie | 0f5b306 | 2012-10-16 18:19:40 +0100 | [diff] [blame] | 1 | <?php |
| 2 | |
| 3 | class Security_helper_tests extends CI_TestCase { |
| 4 | |
| 5 | function setUp() |
| 6 | { |
| 7 | $this->helper('security'); |
| 8 | $obj = new stdClass; |
| 9 | $obj->security = new Mock_Core_Security(); |
| 10 | $this->ci_instance($obj); |
| 11 | } |
| 12 | |
| 13 | function test_xss_clean() |
| 14 | { |
| 15 | $this->assertEquals('foo', xss_clean('foo')); |
| 16 | |
| 17 | $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", xss_clean("Hello, i try to <script>alert('Hack');</script> your site")); |
| 18 | } |
| 19 | |
| 20 | function test_sanitize_filename() |
| 21 | { |
| 22 | $this->assertEquals('hello.doc', sanitize_filename('hello.doc')); |
| 23 | |
| 24 | $filename = './<!--foo-->'; |
| 25 | $this->assertEquals('foo', sanitize_filename($filename)); |
| 26 | } |
| 27 | |
| 28 | function test_do_hash() |
| 29 | { |
| 30 | $md5 = md5('foo'); |
| 31 | $sha1 = sha1('foo'); |
| 32 | |
| 33 | $algos = hash_algos(); |
| 34 | $algo_results = array(); |
| 35 | foreach ($algos as $k => $v) |
| 36 | { |
| 37 | $algo_results[$v] = hash($v, 'foo'); |
| 38 | } |
| 39 | |
| 40 | $this->assertEquals($sha1, do_hash('foo')); |
| 41 | $this->assertEquals($sha1, do_hash('foo', 'sha1')); |
| 42 | $this->assertEquals($md5, do_hash('foo', 'md5')); |
| 43 | $this->assertEquals($md5, do_hash('foo', 'foobar')); |
| 44 | |
| 45 | // Test each algorithm available to PHP |
| 46 | foreach ($algo_results as $algo => $result) |
| 47 | { |
| 48 | $this->assertEquals($result, do_hash('foo', $algo)); |
| 49 | } |
| 50 | } |
| 51 | |
| 52 | function test_strip_image_tags() |
| 53 | { |
| 54 | $this->assertEquals('http://example.com/spacer.gif', strip_image_tags('http://example.com/spacer.gif')); |
| 55 | |
| 56 | $this->assertEquals('http://example.com/spacer.gif', strip_image_tags('<img src="http://example.com/spacer.gif" alt="Who needs CSS when you have a spacer.gif?" />')); |
| 57 | } |
| 58 | |
| 59 | function test_encode_php_tags() |
| 60 | { |
| 61 | $this->assertEquals('<? echo $foo; ?>', encode_php_tags('<? echo $foo; ?>')); |
| 62 | } |
| 63 | |
| 64 | } |