blob: effd3ec0289ecfcfd3df42d542e123f7d060415e [file] [log] [blame]
Alex Bilbie0f5b3062012-10-16 18:19:40 +01001<?php
2
3class Security_helper_tests extends CI_TestCase {
4
5 function setUp()
6 {
7 $this->helper('security');
8 $obj = new stdClass;
9 $obj->security = new Mock_Core_Security();
10 $this->ci_instance($obj);
11 }
12
13 function test_xss_clean()
14 {
15 $this->assertEquals('foo', xss_clean('foo'));
16
17 $this->assertEquals("Hello, i try to [removed]alert&#40;'Hack'&#41;;[removed] your site", xss_clean("Hello, i try to <script>alert('Hack');</script> your site"));
18 }
19
20 function test_sanitize_filename()
21 {
22 $this->assertEquals('hello.doc', sanitize_filename('hello.doc'));
23
24 $filename = './<!--foo-->';
25 $this->assertEquals('foo', sanitize_filename($filename));
26 }
27
28 function test_do_hash()
29 {
30 $md5 = md5('foo');
31 $sha1 = sha1('foo');
32
33 $algos = hash_algos();
34 $algo_results = array();
35 foreach ($algos as $k => $v)
36 {
37 $algo_results[$v] = hash($v, 'foo');
38 }
39
40 $this->assertEquals($sha1, do_hash('foo'));
41 $this->assertEquals($sha1, do_hash('foo', 'sha1'));
42 $this->assertEquals($md5, do_hash('foo', 'md5'));
43 $this->assertEquals($md5, do_hash('foo', 'foobar'));
44
45 // Test each algorithm available to PHP
46 foreach ($algo_results as $algo => $result)
47 {
48 $this->assertEquals($result, do_hash('foo', $algo));
49 }
50 }
51
52 function test_strip_image_tags()
53 {
54 $this->assertEquals('http://example.com/spacer.gif', strip_image_tags('http://example.com/spacer.gif'));
55
56 $this->assertEquals('http://example.com/spacer.gif', strip_image_tags('<img src="http://example.com/spacer.gif" alt="Who needs CSS when you have a spacer.gif?" />'));
57 }
58
59 function test_encode_php_tags()
60 {
61 $this->assertEquals('&lt;? echo $foo; ?&gt;', encode_php_tags('<? echo $foo; ?>'));
62 }
63
64}