Added more PHPUnit test cases, small security fix to search form

fosils · May 23, 2011 · 339c1c8 · 339c1c8
1 parent 90b4468
commit 339c1c8
Show file tree

Hide file tree

Showing 63 changed files with 2,296 additions and 753 deletions.
diff --git a/lib/Lampcms/Answer.php b/lib/Lampcms/Answer.php
@@ -86,8 +86,7 @@ public function getResourceTypeId(){
 	 * @return object $this
 	 */
 	public function setAccepted(){
-		$this->offsetSet('accepted', true);
-		$this->touch();
+		parent::offsetSet('accepted', true);
 
 		return $this;
 	}
@@ -99,8 +98,7 @@ public function setAccepted(){
 	 * @return object $this
 	 */
 	public function unsetAccepted(){
-		$this->offsetSet('accepted', false);
-		$this->touch();
+		parent::offsetSet('accepted', false);
 
 		return $this;
 	}
@@ -150,8 +148,8 @@ public function getUsername(){
 	 */
 	public function setDeleted(User $user, $reason = null){
 		if(0 === $this->getDeletedTime()){
-			$this->offsetSet('i_del_ts', time());
-			$this->offsetSet('a_deleted',
+			parent::offsetSet('i_del_ts', time());
+			parent::offsetSet('a_deleted',
 			array(
 			'username' => $user->getDisplayName(),
 			'i_uid' => $user->getUid(),
@@ -160,8 +158,6 @@ public function setDeleted(User $user, $reason = null){
 			'hts' => date('F j, Y g:i a T')
 			)
 			);
-
-			$this->touch();
 		}
 
 		return $this;
@@ -191,9 +187,7 @@ public function setEdited(User $user, $reason = ''){
 			'reason' => $reason,
 			'hts' => date('F j, Y g:i a T'));
 
-		$this->offsetSet('a_edited', $aEdited);
-
-		$this->touch();
+		parent::offsetSet('a_edited', $aEdited);
 
 		return $this;
 	}
@@ -246,14 +240,14 @@ public function addUpVote($inc = 1){
 		$score = (int)$this->offsetGet('i_votes');
 		$total = ($score + $inc);
 
-		$this->offsetSet('i_up',  max(0, ($tmp + $inc)) );
-		$this->offsetSet('i_votes',  $total );
+		parent::offsetSet('i_up',  max(0, ($tmp + $inc)) );
+		parent::offsetSet('i_votes',  $total );
 
 		/**
 		 * Plural extension handling
 		 */
 		$v_s = (1 === abs($total) ) ? '' : 's';
-		$this->offsetSet('v_s', $v_s);
+		parent::offsetSet('v_s', $v_s);
 
 		return $this;
 	}
@@ -273,14 +267,14 @@ public function addDownVote($inc = 1){
 		$score = (int)$this->offsetGet('i_votes');
 		$total = ($score - $inc);
 
-		$this->offsetSet('i_down', max(0, ($tmp + $inc)) );
-		$this->offsetSet('i_votes',  $total);
+		parent::offsetSet('i_down', max(0, ($tmp + $inc)) );
+		parent::offsetSet('i_votes',  $total);
 
 		/**
 		 * Plural extension handling
 		 */
 		$v_s = (1 === abs($total) ) ? '' : 's';
-		$this->offsetSet('v_s', $v_s);
+		parent::offsetSet('v_s', $v_s);
 
 		return $this;
 	}
@@ -387,11 +381,11 @@ public function addComment(CommentParser $oComment){
 		 * because we don't need them here
 		 */
 		$aComment = $oComment->getArrayCopy();
-		$aComment = array_intersect_key($aComment, array_flip($aKeys));
+		$aComment = \array_intersect_key($aComment, array_flip($aKeys));
 
 		$aComments[] = $aComment;
 
-		$this->offsetSet('comments', $aComments);
+		$this->offsetSet('a_comments', $aComments);
 		$this->increaseCommentsCount();
 
 		return $this;
@@ -412,16 +406,29 @@ public function getCommentsCount(){
 
 	/**
 	 *
-	 * Enter description here ...
+	 * Increase value of i_comments by 1
+	 * The i_comments is a counter
+	 *
+	 * @return object $this
 	 */
-	public function increaseCommentsCount(){
+	public function increaseCommentsCount($count = 1){
+		if(!is_int($count)){
+			throw new \InvalidArgumentException('$count must be integer. was: '.gettype($count));
+		}
+
 		/**
 		 * Now increase comments count
 		 */
 		$commentsCount = $this->getCommentsCount();
 		d('$commentsCount '.$commentsCount);
 
-		$this->offsetSet('i_comments', ($commentsCount + 1) );
+		/**
+		 * Must use parent::offsetSet because
+		 * $this->offsetSet will point back to this
+		 * method and enter infinite loop untill
+		 * we run out of memory
+		 */
+		parent::offsetSet('i_comments', ($commentsCount + $count) );
 
 		return $this;
 	}
@@ -439,30 +446,30 @@ public function increaseCommentsCount(){
 	 */
 	public function deleteComment($id){
 
-		if(!$this->checkOffset('comments')){
+		if(0 === $this->getCommentsCount()){
 			e('This question does not have any comments');
 
 			return $this;
 		}
 
-		$aComments = $this->offsetGet('comments');
+		$aComments = $this->offsetGet('a_comments');
 
 		for($i = 0; $i<count($aComments); $i+=1){
 			if($id == $aComments[$i]['_id']){
 				d('unsetting comment: '.$i);
-				array_splice($aComments, $i, 1);
+				\array_splice($aComments, $i, 1);
 				break;
 			}
 		}
 
 		$newCount = count($aComments);
 		if( 0 === $newCount){
-			$this->offsetUnset('comments');
+			$this->offsetUnset('a_comments');
 		} else {
-			$this->offsetSet('comments', $aComments);
+			$this->offsetSet('a_comments', $aComments);
 		}
 
-		$this->offsetSet('i_comments', $newCount );
+		$this->increaseCommentsCount(-1);
 
 		return $this;
 	}
@@ -475,7 +482,8 @@ public function deleteComment($id){
 	 *
 	 */
 	public function getComments(){
-		return $this->getFallback('comments', array());
+
+		return $this->offsetGet('a_comments');
 	}
 
 
@@ -502,4 +510,42 @@ public function getQuestionOwnerId(){
 		return (int)$this->offsetGet('i_quid');
 	}
 
+
+	/**
+	 * This method prevents setting some
+	 * values directly
+	 *
+	 * (non-PHPdoc)
+	 * @see ArrayObject::offsetSet()
+	 */
+	public function offsetSet($index, $newval){
+		switch($index){
+			case 'accepted':
+				throw new DevException('value of accepted cannot be set directly. Use setAccepted() or unsetAccepted() methods');
+				break;
+
+			case 'i_comments':
+				throw new DevException('value of i_comments cannot be set directly. Use increaseCommentsCount() method');
+				break;
+
+			case 'i_down':
+			case 'i_up':
+			case 'i_votes':
+				throw new DevException('value of '.$index.' keys cannot be set directly. Use addDownVote or addUpVote to add votes');
+				break;
+
+			case 'a_deleted':
+			case 'i_del_ts':
+				throw new DevException('value of '.$index.' cannot be set directly. Must use setDeleted() method for that');
+				break;
+
+			case 'a_edited':
+				throw new DevException('value of a_edited cannot be set directly. Must use setEdited() method for that');
+				break;
+
+			default:
+				parent::offsetSet($index, $newval);
+		}
+	}
+
 }
diff --git a/lib/Lampcms/AnswerParser.php b/lib/Lampcms/AnswerParser.php
@@ -193,7 +193,7 @@ protected function makeAnswer(){
 		$uid = $this->oSubmittedAnswer->getUserObject()->getUid();
 		$qid = $this->oSubmittedAnswer->getQid();
 
-		$hash = hash('md5', strtolower($htmlBody.$qid));
+		$hash = hash('md5', \mb_strtolower($htmlBody.$qid));
 
 		/**
 		 * 
@@ -364,7 +364,8 @@ protected function updateQuestion(){
 
 		$this->oQuestion->updateAnswerCount()
 		->addContributor($oUser)
-		->setLastAnswerer($oUser);
+		->setLatestAnswer($oUser, $this->oAnswer)
+		->touch();
 
 		return $this;
 	}
@@ -377,8 +378,6 @@ protected function updateQuestion(){
 	 * @return object $this
 	 */
 	protected function followQuestion(){
-		d('cp');
-
 		$oFollowManager = new FollowManager($this->oRegistry);
 		$oFollowManager->followQuestion($this->oRegistry->Viewer, $this->oQuestion);
 

diff --git a/lib/Lampcms/CacheHeaders.php b/lib/Lampcms/CacheHeaders.php
@@ -122,7 +122,7 @@ public static function processCacheHeaders($etag = null, $lastModified = null, $
 		 * may be notified
 		 *
 		 */
-		if(headers_sent($file, $line)){
+		if(\headers_sent($file, $line)){
 			e('LampcmsError Headers have already been sent in file '.$file. ' on line '.$line);
 
 			return true;

diff --git a/lib/Lampcms/Controllers/Answer.php b/lib/Lampcms/Controllers/Answer.php
@@ -112,8 +112,8 @@ protected function process(){
 		$oAdapter = new AnswerParser($this->oRegistry);
 		try{
 			$oAnswer = $oAdapter->parse(new SubmittedAnswerWWW($this->oRegistry, $formVals));
-			d('cp created new question');
-			d('ans id: '.$oAnswer->_id);
+			d('cp created new question: '.print_r($oAnswer->getArrayCopy(), 1));
+			d('ans id: '.$oAnswer->getResourceId());
 
 			/**
 			 * In case of ajax we need to send out a

diff --git a/lib/Lampcms/Controllers/Delete.php b/lib/Lampcms/Controllers/Delete.php
@@ -215,17 +215,15 @@ protected function updateQuestion(){
 
 			$oQuestion = new \Lampcms\Question($this->oRegistry);
 			$oQuestion->by_id($this->oResource['i_qid']);
-			$oQuestion->updateAnswerCount(-1);
+			$oQuestion->removeAnswer($this->oResource);
 
 			if((true === $this->oResource['accepted'])){
 				d('this was an accepted answer');
 
-				$this->oResource['accepted'] = false;
-				$oQuestion->offsetUnset('i_sel_ans');
+				$this->oResource->unsetAccepted();
 			}
 
-			$oQuestion->removeContributor($this->oResource['i_uid'])
-			->touch()->save();
+			$oQuestion->touch()->save();
 		}
 
 		return $this;
@@ -313,7 +311,8 @@ protected function setDeleted(){
 		 */
 		$this->updateTags();
 		$this->removeFromIndex();
-		$this->oResource->setDeleted($this->oRegistry->Viewer, $this->oRequest['note']);
+		$this->oResource->setDeleted($this->oRegistry->Viewer, $this->oRequest['note'])
+		->touch();
 
 		d('new resource data: '.print_r($this->oResource->getArrayCopy(), 1));
 
@@ -360,7 +359,7 @@ protected function updateTags(){
 				}
 			} else {
 				$oQuestion = new \Lampcms\Question($this->oRegistry);
-				$oQuestion->by_id($this->oResource['i_qid']);
+				$oQuestion->by_id($this->oResource->getQuestionId());
 				d('tags: ' . print_r($oQuestion['a_tags'], 1));
 			}
 

diff --git a/lib/Lampcms/Controllers/Editor.php b/lib/Lampcms/Controllers/Editor.php
@@ -148,7 +148,7 @@ protected function process(){
 		}
 
 		$this->oResource->setEdited($this->oRegistry->Viewer, \strip_tags($formVals['reason']));
-		$this->oResource->save();
+		$this->oResource->touch()->save();
 
 		$this->oRegistry->Dispatcher->post($this->oResource, 'onEdit');
 

diff --git a/lib/Lampcms/Controllers/Retag.php b/lib/Lampcms/Controllers/Retag.php
@@ -292,7 +292,8 @@ protected function addNewTags(){
 	 */
 	protected function updateQuestion(){
 
-		$this->oQuestion->retag($this->oRegistry->Viewer, $this->aSubmitted)->save();
+		$this->oQuestion->retag($this->oRegistry->Viewer, $this->aSubmitted)
+		->save();
 
 		return $this;
 	}

diff --git a/lib/Lampcms/Controllers/Search.php b/lib/Lampcms/Controllers/Search.php
@@ -75,6 +75,8 @@ class Search extends WebPage
 	 * @var bool
 	 */
 	protected $notAjaxPaginatable = true;
+
+	//protected $bRequirePost = true;
 
 	/**
 	 * (non-PHPdoc)
@@ -87,23 +89,23 @@ protected function main(){
 		 *  $_GET as underlying array, and php
 		 *  already decodes $_GET or $_POST vars
 		 */
-		$this->term = $this->oRequest['q'];
+		$this->term = $this->oRegistry->Request->getUTF8('q')->stripTags();
 		$this->aPageVars['qheader'] = '<h1>Search results for: '.$this->term.'</h1>';
 
 		$this->aPageVars['title'] = 'Questions matching &#39;'.$this->term.'&#39;';
 		d('$this->term: '.$this->term);
 
 
 		$this->oSearch = SearchFactory::factory($this->oRegistry);
-		$this->oSearch->search();
+		$this->oSearch->search($this->term);
 
 		$this->makeTopTabs()
 		->makeInfo()
 		->makeBody();
 	}
 
 	protected function makeTopTabs(){
-		d('cp');
+
 		$tabs = Urhere::factory($this->oRegistry)->get('tplToptabs', 'questions');
 		$this->aPageVars['topTabs'] = $tabs;