php-phpbb/tests/request/request_test.php

<?php
/**
*
* @package testing
* @version $Id$
* @copyright (c) 2009 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/

class phpbb_request_test extends phpbb_test_case
{
	private $type_cast_helper;
	private $request;

	protected function setUp()
	{
		// populate super globals
		$_POST['test'] = 1;
		$_GET['test'] = 2;
		$_COOKIE['test'] = 3;
		$_REQUEST['test'] = 3;
		$_GET['unset'] = '';
		$_FILES['test'] = array(
			'name' => 'file',
			'tmp_name' => 'tmp',
			'size' => 256,
			'type' => 'application/octet-stream',
			'error' => UPLOAD_ERR_OK,
		);

		$_SERVER['HTTP_HOST'] = 'example.com';
		$_SERVER['HTTP_ACCEPT'] = 'application/json';
		$_SERVER['HTTP_SOMEVAR'] = '<value>';

		$this->type_cast_helper = $this->getMock('phpbb_request_type_cast_helper_interface');
		$this->request = new phpbb_request($this->type_cast_helper);
	}

	public function test_toggle_super_globals()
	{
		$this->assertTrue($this->request->super_globals_disabled(), 'Superglobals were not disabled');

		$this->request->enable_super_globals();

		$this->assertFalse($this->request->super_globals_disabled(), 'Superglobals were not enabled');

		$this->assertEquals(1, $_POST['test'], 'Checking $_POST after enable_super_globals');
		$this->assertEquals(2, $_GET['test'], 'Checking $_GET after enable_super_globals');
		$this->assertEquals(3, $_COOKIE['test'], 'Checking $_COOKIE after enable_super_globals');
		$this->assertEquals(3, $_REQUEST['test'], 'Checking $_REQUEST after enable_super_globals');
		$this->assertEquals(256, $_FILES['test']['size']);

		$_POST['x'] = 2;
		$this->assertEquals($_POST, $GLOBALS['_POST'], 'Checking whether $_POST can still be accessed via $GLOBALS[\'_POST\']');
	}

	public function test_server()
	{
		$this->assertEquals('example.com', $this->request->server('HTTP_HOST'));
	}

	public function test_server_escaping()
	{
		$this->type_cast_helper
			->expects($this->once())
			->method('recursive_set_var')
			->with(
				$this->anything(),
				'',
				true
			);

		$this->request->server('HTTP_SOMEVAR');
	}

	public function test_header()
	{
		$this->assertEquals('application/json', $this->request->header('Accept'));
	}

	public function test_header_escaping()
	{
		$this->type_cast_helper
			->expects($this->once())
			->method('recursive_set_var')
			->with(
				$this->anything(),
				'',
				true
			);

		$this->request->header('SOMEVAR');
	}

	public function test_file()
	{
		$file = $this->request->file('test');
		$this->assertEquals('file', $file['name']);
		$this->assertEquals('tmp', $file['tmp_name']);
		$this->assertEquals(256, $file['size']);
		$this->assertEquals('application/octet-stream', $file['type']);
		$this->assertEquals(UPLOAD_ERR_OK, $file['error']);
	}

	public function test_file_not_exists()
	{
		$file = $this->request->file('404');
		$this->assertTrue(is_array($file));
		$this->assertTrue(empty($file));
	}

	/**
	* Checks that directly accessing $_POST will trigger
	* an error.
	*/
	public function test_disable_post_super_global()
	{
		$this->setExpectedTriggerError(E_USER_ERROR);
		$_POST['test'] = 3;
	}

	public function test_is_set_post()
	{
		$this->assertTrue($this->request->is_set_post('test'));
		$this->assertFalse($this->request->is_set_post('unset'));
	}

	public function test_is_ajax_without_ajax()
	{
		$this->assertFalse($this->request->is_ajax());
	}

	public function test_is_ajax_with_ajax()
	{
		$this->request->enable_super_globals();
		$_SERVER['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest';
		$this->request = new phpbb_request($this->type_cast_helper);

		$this->assertTrue($this->request->is_ajax());
	}

	public function test_is_secure()
	{
		$this->assertFalse($this->request->is_secure());

		$this->request->enable_super_globals();
		$_SERVER['HTTPS'] = 'on';
		$this->request = new phpbb_request($this->type_cast_helper);

		$this->assertTrue($this->request->is_secure());
	}

	public function test_variable_names()
	{
		$expected = array('test', 'unset');
		$result = $this->request->variable_names();
		$this->assertEquals($expected, $result);
	}

	/**
	* Makes sure super globals work properly after these tests
	*/
	protected function tearDown()
	{
		$this->request->enable_super_globals();
	}
}
[feature/request-class] Adding a request class based on ascraeus-experiment. The well known request_var function is now a wrapper that calls a method on a phpbb_request object. The class provides additional functionality. It can replace all super globals with special objects that throw errors when being accessed. They still allow isset operations to keep backward compatibility with isset($_POST['var']) checks. The phpbb_request class implements the phpbb_request_interface which is available for easy mocking of input in tests. PHPBB3-9716 2010-03-06 05:40:38 +01:00			`<?php`
			`/**`
			`*`
			`* @package testing`
			`* @version $Id$`
			`* @copyright (c) 2009 phpBB Group`
[ticket/9916] Updating license in non-distributed files PHPBB3-9916 2012-01-02 17:14:00 +00:00			`* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2`
[feature/request-class] Adding a request class based on ascraeus-experiment. The well known request_var function is now a wrapper that calls a method on a phpbb_request object. The class provides additional functionality. It can replace all super globals with special objects that throw errors when being accessed. They still allow isset operations to keep backward compatibility with isset($_POST['var']) checks. The phpbb_request class implements the phpbb_request_interface which is available for easy mocking of input in tests. PHPBB3-9716 2010-03-06 05:40:38 +01:00			`*`
			`*/`

			`class phpbb_request_test extends phpbb_test_case`
			`{`
[feature/request-class] Request class test now uses a type cast helper mock. Removed the dependency of the request class test on having an actual phpbb_type_cast_helper instance, by replacing it with an object mocking the phpbb_type_cast_helper_interface. PHPBB3-9716 2010-03-13 11:28:41 +01:00			`private $type_cast_helper;`
[feature/request-class] Adding a request class based on ascraeus-experiment. The well known request_var function is now a wrapper that calls a method on a phpbb_request object. The class provides additional functionality. It can replace all super globals with special objects that throw errors when being accessed. They still allow isset operations to keep backward compatibility with isset($_POST['var']) checks. The phpbb_request class implements the phpbb_request_interface which is available for easy mocking of input in tests. PHPBB3-9716 2010-03-06 05:40:38 +01:00			`private $request;`

			`protected function setUp()`
			`{`
			`// populate super globals`
			`$_POST['test'] = 1;`
			`$_GET['test'] = 2;`
			`$_COOKIE['test'] = 3;`
			`$_REQUEST['test'] = 3;`
			`$_GET['unset'] = '';`
[ticket/10939] Modified request test slightly to include $_FILES PHPBB3-10939 2012-08-15 14:20:40 +01:00			`$_FILES['test'] = array(`
			`'name' => 'file',`
			`'tmp_name' => 'tmp',`
			`'size' => 256,`
			`'type' => 'application/octet-stream',`
			`'error' => UPLOAD_ERR_OK,`
			`);`
[feature/request-class] Adding a request class based on ascraeus-experiment. The well known request_var function is now a wrapper that calls a method on a phpbb_request object. The class provides additional functionality. It can replace all super globals with special objects that throw errors when being accessed. They still allow isset operations to keep backward compatibility with isset($_POST['var']) checks. The phpbb_request class implements the phpbb_request_interface which is available for easy mocking of input in tests. PHPBB3-9716 2010-03-06 05:40:38 +01:00
[feature/request-class] Make server() use the $html_encode parameter $request->server() should not auto html-escape values. header() however should. Also introduce some tests for this behaviour. Thanks to nn- for catching this. PHPBB3-9716 2011-08-06 19:47:12 +02:00			`$_SERVER['HTTP_HOST'] = 'example.com';`
			`$_SERVER['HTTP_ACCEPT'] = 'application/json';`
			`$_SERVER['HTTP_SOMEVAR'] = '<value>';`

[feature/request-class] Refactor request classes to use autoloading All class names have been adjusted to use a phpbb_request prefix, allowing them to be autoloaded. Also introduces some improvements to autoloading in general. PHPBB3-9716 2010-08-31 21:26:50 +02:00			`$this->type_cast_helper = $this->getMock('phpbb_request_type_cast_helper_interface');`
[feature/request-class] Request class test now uses a type cast helper mock. Removed the dependency of the request class test on having an actual phpbb_type_cast_helper instance, by replacing it with an object mocking the phpbb_type_cast_helper_interface. PHPBB3-9716 2010-03-13 11:28:41 +01:00			`$this->request = new phpbb_request($this->type_cast_helper);`
[feature/request-class] Adding a request class based on ascraeus-experiment. The well known request_var function is now a wrapper that calls a method on a phpbb_request object. The class provides additional functionality. It can replace all super globals with special objects that throw errors when being accessed. They still allow isset operations to keep backward compatibility with isset($_POST['var']) checks. The phpbb_request class implements the phpbb_request_interface which is available for easy mocking of input in tests. PHPBB3-9716 2010-03-06 05:40:38 +01:00			`}`

			`public function test_toggle_super_globals()`
			`{`
			`$this->assertTrue($this->request->super_globals_disabled(), 'Superglobals were not disabled');`

			`$this->request->enable_super_globals();`

			`$this->assertFalse($this->request->super_globals_disabled(), 'Superglobals were not enabled');`

			`$this->assertEquals(1, $_POST['test'], 'Checking $_POST after enable_super_globals');`
			`$this->assertEquals(2, $_GET['test'], 'Checking $_GET after enable_super_globals');`
			`$this->assertEquals(3, $_COOKIE['test'], 'Checking $_COOKIE after enable_super_globals');`
			`$this->assertEquals(3, $_REQUEST['test'], 'Checking $_REQUEST after enable_super_globals');`
[ticket/10939] Modified request test slightly to include $_FILES PHPBB3-10939 2012-08-15 14:20:40 +01:00			`$this->assertEquals(256, $_FILES['test']['size']);`
[feature/request-class] Adding a request class based on ascraeus-experiment. The well known request_var function is now a wrapper that calls a method on a phpbb_request object. The class provides additional functionality. It can replace all super globals with special objects that throw errors when being accessed. They still allow isset operations to keep backward compatibility with isset($_POST['var']) checks. The phpbb_request class implements the phpbb_request_interface which is available for easy mocking of input in tests. PHPBB3-9716 2010-03-06 05:40:38 +01:00
			`$_POST['x'] = 2;`
			`$this->assertEquals($_POST, $GLOBALS['_POST'], 'Checking whether $_POST can still be accessed via $GLOBALS[\'_POST\']');`
			`}`

[feature/request-class] Make server() use the $html_encode parameter $request->server() should not auto html-escape values. header() however should. Also introduce some tests for this behaviour. Thanks to nn- for catching this. PHPBB3-9716 2011-08-06 19:47:12 +02:00			`public function test_server()`
			`{`
			`$this->assertEquals('example.com', $this->request->server('HTTP_HOST'));`
			`}`

			`public function test_server_escaping()`
			`{`
			`$this->type_cast_helper`
			`->expects($this->once())`
			`->method('recursive_set_var')`
			`->with(`
			`$this->anything(),`
			`'',`
[feature/request-class] Remove $html_encode arg, force manual decoding PHPBB3-9716 2011-08-18 23:19:48 +02:00			`true`
[feature/request-class] Make server() use the $html_encode parameter $request->server() should not auto html-escape values. header() however should. Also introduce some tests for this behaviour. Thanks to nn- for catching this. PHPBB3-9716 2011-08-06 19:47:12 +02:00			`);`

			`$this->request->server('HTTP_SOMEVAR');`
			`}`

			`public function test_header()`
			`{`
			`$this->assertEquals('application/json', $this->request->header('Accept'));`
			`}`

			`public function test_header_escaping()`
			`{`
			`$this->type_cast_helper`
			`->expects($this->once())`
			`->method('recursive_set_var')`
			`->with(`
			`$this->anything(),`
			`'',`
			`true`
			`);`

			`$this->request->header('SOMEVAR');`
			`}`

[ticket/10939] Added tests for phpbb_request::file PHPBB3-10939 2012-08-20 21:40:53 +01:00			`public function test_file()`
			`{`
			`$file = $this->request->file('test');`
			`$this->assertEquals('file', $file['name']);`
			`$this->assertEquals('tmp', $file['tmp_name']);`
			`$this->assertEquals(256, $file['size']);`
			`$this->assertEquals('application/octet-stream', $file['type']);`
			`$this->assertEquals(UPLOAD_ERR_OK, $file['error']);`
			`}`

			`public function test_file_not_exists()`
			`{`
			`$file = $this->request->file('404');`
			`$this->assertTrue(is_array($file));`
			`$this->assertTrue(empty($file));`
			`}`

[feature/request-class] Adding a request class based on ascraeus-experiment. The well known request_var function is now a wrapper that calls a method on a phpbb_request object. The class provides additional functionality. It can replace all super globals with special objects that throw errors when being accessed. They still allow isset operations to keep backward compatibility with isset($_POST['var']) checks. The phpbb_request class implements the phpbb_request_interface which is available for easy mocking of input in tests. PHPBB3-9716 2010-03-06 05:40:38 +01:00			`/**`
			`* Checks that directly accessing $_POST will trigger`
			`* an error.`
			`*/`
			`public function test_disable_post_super_global()`
			`{`
			`$this->setExpectedTriggerError(E_USER_ERROR);`
			`$_POST['test'] = 3;`
			`}`

			`public function test_is_set_post()`
			`{`
			`$this->assertTrue($this->request->is_set_post('test'));`
			`$this->assertFalse($this->request->is_set_post('unset'));`
			`}`

[feature/request-class] Add server(), header() and is_ajax() to request Extend the request class with helpers for reading server vars (server()) and HTTP request headers (header()). Refactor the existing code base to make use of these helpers, make $_SERVER a deactivated super global. Also introduce an is_ajax() method, which checks the X-Requested-With header for the value 'XMLHttpRequest', which is sent by JavaScript libraries, such as jQuery. PHPBB3-9716 2011-07-13 19:20:16 +02:00			`public function test_is_ajax_without_ajax()`
			`{`
			`$this->assertFalse($this->request->is_ajax());`
			`}`

			`public function test_is_ajax_with_ajax()`
			`{`
			`$this->request->enable_super_globals();`
			`$_SERVER['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest';`
			`$this->request = new phpbb_request($this->type_cast_helper);`

			`$this->assertTrue($this->request->is_ajax());`
			`}`

[feature/request-class] Add is_secure method to request for HTTPS PHPBB3-9716 2011-08-18 22:21:50 +02:00			`public function test_is_secure()`
			`{`
			`$this->assertFalse($this->request->is_secure());`

			`$this->request->enable_super_globals();`
			`$_SERVER['HTTPS'] = 'on';`
			`$this->request = new phpbb_request($this->type_cast_helper);`

			`$this->assertTrue($this->request->is_secure());`
			`}`

[feature/request-class] Adding a request class based on ascraeus-experiment. The well known request_var function is now a wrapper that calls a method on a phpbb_request object. The class provides additional functionality. It can replace all super globals with special objects that throw errors when being accessed. They still allow isset operations to keep backward compatibility with isset($_POST['var']) checks. The phpbb_request class implements the phpbb_request_interface which is available for easy mocking of input in tests. PHPBB3-9716 2010-03-06 05:40:38 +01:00			`public function test_variable_names()`
			`{`
			`$expected = array('test', 'unset');`
			`$result = $this->request->variable_names();`
			`$this->assertEquals($expected, $result);`
			`}`

			`/**`
			`* Makes sure super globals work properly after these tests`
			`*/`
			`protected function tearDown()`
			`{`
			`$this->request->enable_super_globals();`
			`}`
			`}`