mirror of
https://github.com/phpbb/phpbb.git
synced 2025-08-06 16:56:44 +02:00
Merge pull request #2025 from marc1706/ticket/12183
[ticket/12183] Update user_newpasswd column in users table for passwords manager
This commit is contained in:
Nathan Guse
@@ -41,4 +41,17 @@ class phpbb_functional_forgot_password_test extends phpbb_functional_test_case
|
||||
|
||||
}
|
||||
|
||||
public function tearDown()
|
||||
{
|
||||
$this->login();
|
||||
$this->admin_login();
|
||||
|
||||
$crawler = self::request('GET', 'adm/index.php?sid=' . $this->sid . '&i=acp_board&mode=security');
|
||||
|
||||
// Enable allow_password_reset again after test
|
||||
$form = $crawler->selectButton('Submit')->form(array(
|
||||
'config[allow_password_reset]' => 1,
|
||||
));
|
||||
$crawler = self::submit($form);
|
||||
}
|
||||
}
|
||||
|
||||
122
tests/functional/user_password_reset_test.php
Normal file
122
tests/functional/user_password_reset_test.php
Normal file
@@ -0,0 +1,122 @@
|
||||
<?php
|
||||
/**
|
||||
*
|
||||
* @package testing
|
||||
* @copyright (c) 2014 phpBB Group
|
||||
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
|
||||
*
|
||||
*/
|
||||
|
||||
/**
|
||||
* @group functional
|
||||
*/
|
||||
class phpbb_functional_user_password_reset_test extends phpbb_functional_test_case
|
||||
{
|
||||
protected $user_data;
|
||||
|
||||
public function test_password_reset()
|
||||
{
|
||||
$this->add_lang('ucp');
|
||||
$user_id = $this->create_user('reset-password-test-user');
|
||||
|
||||
$crawler = self::request('GET', "ucp.php?mode=sendpassword&sid={$this->sid}");
|
||||
$form = $crawler->selectButton('submit')->form(array(
|
||||
'username' => 'reset-password-test-user',
|
||||
));
|
||||
$crawler = self::submit($form);
|
||||
$this->assertContainsLang('NO_EMAIL_USER', $crawler->text());
|
||||
|
||||
$crawler = self::request('GET', "ucp.php?mode=sendpassword&sid={$this->sid}");
|
||||
$form = $crawler->selectButton('submit')->form(array(
|
||||
'username' => 'reset-password-test-user',
|
||||
'email' => 'nobody@example.com',
|
||||
));
|
||||
$crawler = self::submit($form);
|
||||
$this->assertContainsLang('PASSWORD_UPDATED', $crawler->text());
|
||||
|
||||
// Check if columns in database were updated for password reset
|
||||
$this->get_user_data();
|
||||
$this->assertNotNull($this->user_data['user_actkey']);
|
||||
$this->assertNotNull($this->user_data['user_newpasswd']);
|
||||
|
||||
// Make sure we know the password
|
||||
$db = $this->get_db();
|
||||
$this->passwords_manager = $this->get_passwords_manager();
|
||||
$sql = 'UPDATE ' . USERS_TABLE . "
|
||||
SET user_newpasswd = '" . $db->sql_escape($this->passwords_manager->hash('reset-password-test-user')) . "'
|
||||
WHERE user_id = " . $user_id;
|
||||
$db->sql_query($sql);
|
||||
}
|
||||
|
||||
public function test_login_after_reset()
|
||||
{
|
||||
$this->login('reset-password-test-user');
|
||||
}
|
||||
|
||||
public function data_activate_new_password()
|
||||
{
|
||||
return array(
|
||||
array('WRONG_ACTIVATION', false, 'FOOBAR'),
|
||||
array('ALREADY_ACTIVATED', 2, 'FOOBAR'),
|
||||
array('PASSWORD_ACTIVATED', false, false),
|
||||
array('ALREADY_ACTIVATED', false, false),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider data_activate_new_password
|
||||
*/
|
||||
public function test_activate_new_password($expected, $user_id, $act_key)
|
||||
{
|
||||
$this->add_lang('ucp');
|
||||
$this->get_user_data();
|
||||
$user_id = (!$user_id) ? $this->user_data['user_id'] : $user_id;
|
||||
$act_key = (!$act_key) ? $this->user_data['user_actkey'] : $act_key;
|
||||
|
||||
$crawler = self::request('GET', "ucp.php?mode=activate&u=$user_id&k=$act_key&sid={$this->sid}");
|
||||
$this->assertContainsLang($expected, $crawler->text());
|
||||
}
|
||||
|
||||
public function test_login()
|
||||
{
|
||||
$this->add_lang('ucp');
|
||||
$crawler = self::request('GET', 'ucp.php');
|
||||
$this->assertContains($this->lang('LOGIN_EXPLAIN_UCP'), $crawler->filter('html')->text());
|
||||
|
||||
$form = $crawler->selectButton($this->lang('LOGIN'))->form();
|
||||
$crawler = self::submit($form, array('username' => 'reset-password-test-user', 'password' => 'reset-password-test-user'));
|
||||
$this->assertNotContains($this->lang('LOGIN'), $crawler->filter('.navbar')->text());
|
||||
|
||||
$cookies = self::$cookieJar->all();
|
||||
|
||||
// The session id is stored in a cookie that ends with _sid - we assume there is only one such cookie
|
||||
foreach ($cookies as $cookie);
|
||||
{
|
||||
if (substr($cookie->getName(), -4) == '_sid')
|
||||
{
|
||||
$this->sid = $cookie->getValue();
|
||||
}
|
||||
}
|
||||
|
||||
$this->logout();
|
||||
|
||||
$crawler = self::request('GET', 'ucp.php');
|
||||
$this->assertContains($this->lang('LOGIN_EXPLAIN_UCP'), $crawler->filter('html')->text());
|
||||
|
||||
$form = $crawler->selectButton($this->lang('LOGIN'))->form();
|
||||
// Try logging in with the old password
|
||||
$crawler = self::submit($form, array('username' => 'reset-password-test-user', 'password' => 'reset-password-test-userreset-password-test-user'));
|
||||
$this->assertContains($this->lang('LOGIN_ERROR_PASSWORD', '', ''), $crawler->filter('html')->text());
|
||||
}
|
||||
|
||||
protected function get_user_data()
|
||||
{
|
||||
$db = $this->get_db();
|
||||
$sql = 'SELECT user_id, username, user_type, user_email, user_newpasswd, user_lang, user_notify_type, user_actkey, user_inactive_reason
|
||||
FROM ' . USERS_TABLE . "
|
||||
WHERE username = 'reset-password-test-user'";
|
||||
$result = $db->sql_query($sql);
|
||||
$this->user_data = $db->sql_fetchrow($result);
|
||||
$db->sql_freeresult($result);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user