mirror of
https://github.com/e107inc/e107.git
synced 2025-10-24 11:16:22 +02:00
Closes #5133 Admin-UI Search enhancements. Tests added.
This commit is contained in:
File diff suppressed because it is too large
Load Diff
@@ -5569,7 +5569,7 @@ class e107
|
||||
$queryString = $_SERVER['QUERY_STRING'] ;
|
||||
}
|
||||
|
||||
$inArray = array("'", '/**/', '/UNION/', '/SELECT/', 'AS ');
|
||||
$inArray = array(/*"'",*/ '/**/', '/UNION/', '/SELECT/', 'AS ');
|
||||
|
||||
foreach($inArray as $res)
|
||||
{
|
||||
@@ -5604,8 +5604,15 @@ class e107
|
||||
$e_QUERY = str_replace(array('{', '}', '%7B', '%7b', '%7D', '%7d'), '', rawurldecode($e_QUERY));
|
||||
}
|
||||
|
||||
$replacements = array(
|
||||
'\'' => '%27',
|
||||
'"' => '%22'
|
||||
);
|
||||
|
||||
$e_QUERY = str_replace(array_keys($replacements), $replacements, $e_QUERY); // don't encode quotes.
|
||||
$e_QUERY = htmlspecialchars(self::getParser()->post_toForm($e_QUERY));
|
||||
|
||||
|
||||
// e_QUERY SHOULD NOT BE DEFINED IF IN SNIGLE ENTRY MODE OR ALL URLS WILL BE BROKEN - it's defined later within the the router
|
||||
if(!deftrue("e_SINGLE_ENTRY"))
|
||||
{
|
||||
|
@@ -1995,16 +1995,20 @@ class e107Test extends \Codeception\Test\Unit
|
||||
public function testSet_request()
|
||||
{
|
||||
$tests = array(
|
||||
|
||||
'mode=main&action=create' => 'mode=main&action=create',
|
||||
'[debug=counts!]mode=pref_editor&type=vstore' => 'mode=pref_editor&type=vstore',
|
||||
'searchquery=šýá&mode=main' => 'searchquery=šýá&mode=main',
|
||||
'mode=main&action=custom&other[key]=1' => 'mode=main&action=custom&other[key]=1',
|
||||
'searchquery="two words"&mode=main' => 'searchquery=%22two words%22&mode=main',
|
||||
"searchquery='two words'&mode=main" => "searchquery=%27two words%27&mode=main",
|
||||
//
|
||||
);
|
||||
|
||||
foreach($tests as $input => $expected)
|
||||
{
|
||||
$result = $this->e107->set_request(true, $input);
|
||||
$this->assertSame($expected, $result);
|
||||
$this::assertSame($expected, $result);
|
||||
}
|
||||
|
||||
|
||||
|
@@ -24,9 +24,11 @@
|
||||
}
|
||||
catch(Exception $e)
|
||||
{
|
||||
$this->fail("Couldn't load e_admin_controller_ui object");
|
||||
$this::fail("Couldn't load e_admin_controller_ui object");
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
public function testJoinAlias()
|
||||
@@ -99,7 +101,58 @@
|
||||
|
||||
}
|
||||
|
||||
public function test_ModifyListQrySearch()
|
||||
{
|
||||
|
||||
$listQry = 'SELECT u.* FROM `#user` WHERE 1 ';
|
||||
$filterOptions = '';
|
||||
$tablePath = '`#user`.';
|
||||
$tableFrom = '`#user`';
|
||||
$primaryName = 'user_id';
|
||||
$raw = false;
|
||||
$orderField = null;
|
||||
$qryAsc = null;
|
||||
$forceFrom = false;
|
||||
$qryFrom = 0;
|
||||
$forceTo = false;
|
||||
$perPage = 10;
|
||||
$qryField = null;
|
||||
$isfilter = false;
|
||||
$handleAction = 'list';
|
||||
|
||||
$this->ui->setFields([
|
||||
'user_id' => array('title'=>'User ID', '__tableField' => 'u.user_id', 'type'=>'int', 'data'=>'int'),
|
||||
'user_name' => array('title' => 'Name', '__tableField' => 'u.user_name', 'type' => 'text', 'data'=>'safestr'), // Display name
|
||||
'user_login' => array('title' => 'Login','__tableField' => 'u.user_login', 'type' => 'text', 'data'=>'safestr'), // Real name (no real vetting)
|
||||
]);
|
||||
|
||||
// Test single word search term.
|
||||
$result = $this->ui->_modifyListQrySearch($listQry, 'admin', $filterOptions, $tablePath, $tableFrom, $primaryName, $raw, $orderField, $qryAsc, $forceFrom, $qryFrom, $forceTo, $perPage, $qryField, $isfilter, $handleAction);
|
||||
$expected = "SELECT u.* FROM `#user` WHERE 1 AND ( u.user_name LIKE '%admin%' OR u.user_login LIKE '%admin%' ) LIMIT 0, 10";
|
||||
$this::assertSame($expected, $result);
|
||||
|
||||
// Test multiple word search term.
|
||||
$result = $this->ui->_modifyListQrySearch($listQry, 'firstname lastname', $filterOptions, $tablePath, $tableFrom, $primaryName, $raw, $orderField, $qryAsc, $forceFrom, $qryFrom, $forceTo, $perPage, $qryField, $isfilter, $handleAction);
|
||||
$expected = "SELECT u.* FROM `#user` WHERE 1 AND (u.user_name LIKE '%firstname%' OR u.user_login LIKE '%firstname%') AND (u.user_name LIKE '%lastname%' OR u.user_login LIKE '%lastname%') LIMIT 0, 10";
|
||||
$this::assertSame($expected, $result);
|
||||
|
||||
// Search term in quotes.
|
||||
$expected = "SELECT u.* FROM `#user` WHERE 1 AND ( u.user_name LIKE '%firstname lastname%' OR u.user_login LIKE '%firstname lastname%' ) LIMIT 0, 10";
|
||||
|
||||
// Double-quotes.
|
||||
$result = $this->ui->_modifyListQrySearch($listQry, '"firstname lastname"', $filterOptions, $tablePath, $tableFrom, $primaryName, $raw, $orderField, $qryAsc, $forceFrom, $qryFrom, $forceTo, $perPage, $qryField, $isfilter, $handleAction);
|
||||
$this::assertSame($expected, $result);
|
||||
|
||||
// Single-quotes.
|
||||
$result = $this->ui->_modifyListQrySearch($listQry, "'firstname lastname'", $filterOptions, $tablePath, $tableFrom, $primaryName, $raw, $orderField, $qryAsc, $forceFrom, $qryFrom, $forceTo, $perPage, $qryField, $isfilter, $handleAction);
|
||||
$this::assertSame($expected, $result);
|
||||
|
||||
// Single quote as apostophie.
|
||||
$result = $this->ui->_modifyListQrySearch($listQry, "burt's", $filterOptions, $tablePath, $tableFrom, $primaryName, $raw, $orderField, $qryAsc, $forceFrom, $qryFrom, $forceTo, $perPage, $qryField, $isfilter, $handleAction);
|
||||
$expected = "SELECT u.* FROM `#user` WHERE 1 AND ( u.user_name LIKE '%burt's%' OR u.user_login LIKE '%burt's%' ) LIMIT 0, 10";
|
||||
$this::assertSame($expected, $result);
|
||||
|
||||
}
|
||||
/*
|
||||
public function testGetSortParent()
|
||||
{
|
||||
|
107
e107_tests/tests/unit/e_admin_requestTest.php
Normal file
107
e107_tests/tests/unit/e_admin_requestTest.php
Normal file
@@ -0,0 +1,107 @@
|
||||
<?php
|
||||
|
||||
class e_admin_requestTest extends \Codeception\Test\Unit
|
||||
{
|
||||
/**
|
||||
* @var \e_admin_request
|
||||
*/
|
||||
protected $eAdminRequest;
|
||||
|
||||
protected function _before()
|
||||
{
|
||||
// Instantiate the class e_admin_request
|
||||
$this->eAdminRequest = new e_admin_request('testQry1=myQry&searchquery="myQuoted"');
|
||||
}
|
||||
|
||||
public function test__construct()
|
||||
{
|
||||
$this::assertEquals('main', $this->eAdminRequest->getMode());
|
||||
$this::assertEquals('index', $this->eAdminRequest->getAction());
|
||||
$this::assertEquals(0, $this->eAdminRequest->getId());
|
||||
}
|
||||
|
||||
public function testGetQuery()
|
||||
{
|
||||
$this::assertNull($this->eAdminRequest->getQuery('some_key'));
|
||||
|
||||
$this::assertSame('myQry',$this->eAdminRequest->getQuery('testQry1'));
|
||||
|
||||
$this::assertSame('"myQuoted"', $this->eAdminRequest->getQuery('searchquery'));
|
||||
|
||||
|
||||
}
|
||||
|
||||
public function testSetQuery()
|
||||
{
|
||||
$this->eAdminRequest->setQuery('test', 'value');
|
||||
$this::assertEquals('value', $this->eAdminRequest->getQuery('test'));
|
||||
}
|
||||
|
||||
public function testGetPosted()
|
||||
{
|
||||
$_POST['test_post'] = 'value';
|
||||
$this::assertEquals('value', $this->eAdminRequest->getPosted('test_post'));
|
||||
}
|
||||
|
||||
public function testSetPosted()
|
||||
{
|
||||
$this->eAdminRequest->setPosted('test_post', 'new_value');
|
||||
$this::assertEquals('new_value', $this->eAdminRequest->getPosted('test_post'));
|
||||
}
|
||||
|
||||
public function testGetMode()
|
||||
{
|
||||
$this::assertEquals('main', $this->eAdminRequest->getMode());
|
||||
}
|
||||
|
||||
public function testSetMode()
|
||||
{
|
||||
$this->eAdminRequest->setMode('new_mode');
|
||||
$this::assertEquals('new_mode', $this->eAdminRequest->getMode());
|
||||
}
|
||||
|
||||
public function testGetAction()
|
||||
{
|
||||
$this::assertEquals('index', $this->eAdminRequest->getAction());
|
||||
}
|
||||
|
||||
public function testSetAction()
|
||||
{
|
||||
$this->eAdminRequest->setAction('new_action');
|
||||
$this::assertEquals('new_action', $this->eAdminRequest->getAction());
|
||||
}
|
||||
|
||||
public function testGetId()
|
||||
{
|
||||
$this::assertEquals(0, $this->eAdminRequest->getId());
|
||||
}
|
||||
|
||||
public function testSetId()
|
||||
{
|
||||
$this->eAdminRequest->setId(5);
|
||||
$this::assertEquals(5, $this->eAdminRequest->getId());
|
||||
}
|
||||
|
||||
public function testBuildQueryString()
|
||||
{
|
||||
$array = [
|
||||
'mode' => 'default',
|
||||
'action' => 'edit',
|
||||
'custom_key' => 'custom_value',
|
||||
];
|
||||
|
||||
$expected_result = "testQry1=myQry&searchquery=%22myQuoted%22&mode=default&action=edit&custom_key=custom_value";
|
||||
|
||||
$this::assertEquals($expected_result, $this->eAdminRequest->buildQueryString($array));
|
||||
}
|
||||
|
||||
public function testCamelize()
|
||||
{
|
||||
$testString = 'test_-string';
|
||||
$expected = 'TestString';
|
||||
|
||||
$this::assertEquals($expected, $this->eAdminRequest->camelize($testString));
|
||||
|
||||
|
||||
}
|
||||
}
|
Reference in New Issue
Block a user