Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

[ticket/10941] Unit tests for filespec class #857

Merged
merged 30 commits into from

6 participants

@Fyorl

Ticket: http://tracker.phpbb.com/browse/PHPBB3-10941

Tests for current upload functionality and plupload functionality. To be merged prior to feature/attachment-improvements (#833).

tests/uploads/filespec_test.php
((55 lines not shown))
+ $this->init_filespec();
+ }
+
+ public static function additional_checks_variables()
+ {
+ $path = dirname(__FILE__) . '/../../phpBB/files/';
+ return array(
+ array($path . 'GIF', true),
+ array($path . 'JPG', false),
+ array($path . 'PNG', true),
+ array($path . 'TIF', false),
+ array($path . 'TXT', true),
+ );
+ }
+
+ public static function check_content_variables()

Using static for data providers is for phpunit < 3.3. As we expect 3.5 the static keyword should be dropped.
http://www.phpunit.de/manual/3.5/en/writing-tests-for-phpunit.html#writing-tests-for-phpunit.data-providers

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((7 lines not shown))
+ *
+ */
+
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions_upload.php';
+require_once dirname(__FILE__) . '/../mock/fileupload.php';
+
+class phpbb_filespec_test extends phpbb_test_case
+{
+ const TEST_COUNT = 100;
+ const PREFIX = 'phpbb_';
+ const MAX_STR_LEN = 50;
+
+ // Hexadecimal encoded images
+ public static $files = array(

static keyword can be dropped as the data providers shouldn't be static.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@travisbot

This pull request fails (merged b7eaf054 into ba21be8).

tests/uploads/filespec_test.php
((120 lines not shown))
+ protected function tearDown()
+ {
+ $path = dirname(__FILE__) . '/../../phpBB/files/';
+ unlink($path . 'TXT');
+ foreach (phpbb_filespec_test::$files as $type => $data)
+ {
+ unlink($path . $type);
+ }
+ }
+
+ /**
+ * @dataProvider additional_checks_variables
+ */
+ public function test_additional_checks($filename, $expected)
+ {
+ global $user;

No need for the global as you create a new instance of that object in the test.

@Fyorl
Fyorl added a note

This is here for the same reason as I mentioned about $config. One of the functions that is called by a method requires $user to be defined globally.

@p
p added a note

In this case a comment should be added detailing which function requires this. And consider rewriting said function to not use the global.

You should also clear the global when the test finishes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((19 lines not shown))
+ const MAX_STR_LEN = 50;
+
+ // Hexadecimal encoded images
+ public static $files = array(
+ 'GIF' => '47494638376101000100800000ffffffffffff2c00000000010001000002024401003b',
+ 'PNG' => '89504e470d0a1a0a0000000d4948445200000001000000010802000000907753de0000000c4944415408d763f8ffff3f0005fe02fedccc59e70000000049454e44ae426082',
+ 'TIF' => '49492a000c000000ffffff001000fe00040001000000000000000001030001000000010000000101030001000000010000000201030003000000d20000000301030001000000010000000601030001000000020000000d01020018000000d80000001101040001000000080000001201030001000000010000001501030001000000030000001601030001000000400000001701040001000000030000001a01050001000000f00000001b01050001000000f80000001c0103000100000001000000280103000100000002000000000000000800080008002f686f6d652f6b696d2f746d702f746966662e746966660000000048000000010000004800000001',
+ 'JPG' => 'ffd8ffe000104a46494600010101004800480000ffdb004300ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdb004301ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc20011080001000103012200021101031101ffc4001500010100000000000000000000000000000002ffc40014010100000000000000000000000000000000ffda000c03010002100310000001a07fffc40014100100000000000000000000000000000000ffda00080101000105027fffc40014110100000000000000000000000000000000ffda0008010301013f017fffc40014110100000000000000000000000000000000ffda0008010201013f017fffc40014100100000000000000000000000000000000ffda0008010100063f027fffc40014100100000000000000000000000000000000ffda0008010100013f217fffda000c0301000200030000001003ffc40014110100000000000000000000000000000000ffda0008010301013f107fffc40014110100000000000000000000000000000000ffda0008010201013f107fffc40014100100000000000000000000000000000000ffda0008010100013f107fffd9',
+ );
+
+ private $config;
+ private $filespec;
+
+ protected function setUp()
+ {
+ global $config;

Unneeded global, there is no global $config in the tests.

@Fyorl
Fyorl added a note

Functions like unique_id() use the $config variable so I was under the impression that I needed to declare it global here and modify it appropriately so that unique_id() and others would work as expected.

In that case you are correct, didn't see the unique_id() call.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
@@ -0,0 +1,215 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 20012 phpBB Group

20012 -> 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((32 lines not shown))
+ protected function setUp()
+ {
+ global $config;
+
+ if (!is_array($config))
+ {
+ $config = array();
+ }
+
+ $config['rand_seed'] = '';
+ $config['rand_seed_last_update'] = time() + 600;
+ $config['mime_triggers'] = 'body|head|html|img|plaintext|a href|pre|script|table|title';
+ $this->config = $config;
+
+ // Write some data to files
+ $path = dirname(__FILE__) . '/../../phpBB/files/';

Set $path as a class property so it can be reused. The value is the same everywhere and doesn't change so it doesn't really make sense to redefine it every time it is needed.

@naderman Owner

Also use DIR rather than dirname(FILE) as we require PHP 5.3 in 3.1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@travisbot

This pull request fails (merged 2f27d531 into ba21be8).

tests/uploads/filespec_test.php
((12 lines not shown))
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions_upload.php';
+require_once dirname(__FILE__) . '/../mock/fileupload.php';
+
+class phpbb_filespec_test extends phpbb_test_case
+{
+ const TEST_COUNT = 100;
+ const PREFIX = 'phpbb_';
+ const MAX_STR_LEN = 50;
+
+ // Hexadecimal encoded images
+ public static $files = array(
+ 'GIF' => '47494638376101000100800000ffffffffffff2c00000000010001000002024401003b',
+ 'PNG' => '89504e470d0a1a0a0000000d4948445200000001000000010802000000907753de0000000c4944415408d763f8ffff3f0005fe02fedccc59e70000000049454e44ae426082',
+ 'TIF' => '49492a000c000000ffffff001000fe00040001000000000000000001030001000000010000000101030001000000010000000201030003000000d20000000301030001000000010000000601030001000000020000000d01020018000000d80000001101040001000000080000001201030001000000010000001501030001000000030000001601030001000000400000001701040001000000030000001a01050001000000f00000001b01050001000000f80000001c0103000100000001000000280103000100000002000000000000000800080008002f686f6d652f6b696d2f746d702f746966662e746966660000000048000000010000004800000001',
+ 'JPG' => 'ffd8ffe000104a46494600010101004800480000ffdb004300ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdb004301ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc20011080001000103012200021101031101ffc4001500010100000000000000000000000000000002ffc40014010100000000000000000000000000000000ffda000c03010002100310000001a07fffc40014100100000000000000000000000000000000ffda00080101000105027fffc40014110100000000000000000000000000000000ffda0008010301013f017fffc40014110100000000000000000000000000000000ffda0008010201013f017fffc40014100100000000000000000000000000000000ffda0008010100063f027fffc40014100100000000000000000000000000000000ffda0008010100013f217fffda000c0301000200030000001003ffc40014110100000000000000000000000000000000ffda0008010301013f107fffc40014110100000000000000000000000000000000ffda0008010201013f107fffc40014100100000000000000000000000000000000ffda0008010100013f107fffd9',
+ );
@naderman Owner

Please store these as actual image files in a fixture/ directory within this test directory and just read them from those files.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@travisbot

This pull request passes (merged d1a75dba into ba21be8).

@travisbot

This pull request passes (merged 187f7361 into ba21be8).

@travisbot

This pull request fails (merged 987e0393 into ba21be8).

@travisbot

This pull request passes (merged 6ee75282 into ba21be8).

@travisbot

This pull request passes (merged d3e570f0 into ba21be8).

@travisbot

This pull request passes (merged d8474a46 into ba21be8).

tests/uploads/filespec_test.php
((164 lines not shown))
+ $disallowed_content = explode('|', $this->config['mime_triggers']);
+ $this->init_filespec(array('tmp_name' => $this->path . $filename));
+ $this->assertEquals($expected, $this->filespec->check_content($disallowed_content));
+ }
+
+ public function test_clean_filename_real()
+ {
+ $available_chars = str_split('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ\'\\" /:*?<>|[];(){},#+=-_`');
+ $bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|');
+ for ($tests = 0; $tests < self::TEST_COUNT; $tests++)
+ {
+ $len = mt_rand(1, self::MAX_STR_LEN);
+ $str = '';
+ for ($j = 0; $j < $len; $j++)
+ {
+ $index = mt_rand(0, sizeof($available_chars) - 1);
@p
p added a note

Tests should be deterministic. Use a fixed set of usernames with the required chars. If a certain combination is required, there is no guarantee that it will be tested on any particular run.

@p
p added a note

This should also be done via the data provider interface, probably.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/fileupload_test.php
((45 lines not shown))
+ }
+
+ public function test_common_checks()
+ {
+ // Test 1: Valid file
+ $upload = new fileupload('', array('jpg'), 1000);
+ $file = $this->gen_valid_filespec();
+ $upload->common_checks($file);
+ $this->assertEquals(0, sizeof($file->error));
+
+ // Test 2: File too large
+ $upload = new fileupload('', array('jpg'), 100);
+ $file = $this->gen_valid_filespec();
+ $file->filesize = 1000;
+ $upload->common_checks($file);
+ $this->assertEquals(1, sizeof($file->error));
@p
p added a note

You should check that the error is what you expect. The assertions are the same in this and two subsequent tests. If this cannot be done for whatever reason a comment should be added explaining the reason.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@p
p commented

Lowercase fixture file names please. And I'm assuming they should gain appropriate extensions.

@travisbot

This pull request passes (merged af29ad88 into ba21be8).

tests/uploads/filespec_test.php
((133 lines not shown))
+ return array(
+ array('gif_copy', 'gif_moved', 'image/gif', 'gif', false, true),
+ array('non_existant', 'still_non_existant', 'text/plain', 'txt', true, false),
+ array('txt_copy', 'txt_as_img', 'image/jpg', 'txt', true, true),
+ array('txt_copy_2', 'txt_moved', 'text/plain', 'txt', false, true),
+ array('jpg_copy', 'jpg_moved', 'image/png', 'jpg', false, true),
+ array('png_copy', 'png_moved', 'image/png', 'jpg', true, true),
+ );
+ }
+
+ protected function tearDown()
+ {
+ $it = new DirectoryIterator($this->path);
+ foreach ($it as $fileinfo)
+ {
+ if (strlen($fileinfo->getFilename()) > 3)
@bantu Owner
bantu added a note

I would prefer an explicit list of files here instead of just deleting everything with a filename longer than 3 characters.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((180 lines not shown))
+ foreach ($bad_chars as $char)
+ {
+ $this->assertFalse(strpos($name, $char));
+ }
+ }
+
+ public function test_clean_filename_unique()
+ {
+ $filenames = array();
+ for ($tests = 0; $tests < self::TEST_COUNT; $tests++)
+ {
+ $this->init_filespec();
+ $this->filespec->clean_filename('unique', self::PREFIX);
+ $name = $this->filespec->realname;
+
+ $this->assertTrue(strlen($name) === 32 + strlen(self::PREFIX));
@bantu Owner
bantu added a note

assertSame

@p
p added a note

For integer comparisons assertequal should probably be used.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@travisbot

This pull request fails (merged eba10c49 into ba21be8).

@travisbot

This pull request fails (merged 68a46456 into ba21be8).

@travisbot

This pull request fails (merged c3f0a466 into ba21be8).

tests/functional/fileupload_test.php
((66 lines not shown))
+
+ if (!is_array($config))
+ {
+ $config = array();
+ }
+
+ $config['rand_seed'] = '';
+ $config['rand_seed_last_update'] = time() + 600;
+
+ $user = new phpbb_mock_user();
+ $user->lang = new phpbb_mock_lang();
+
+ // Test 1: Invalid extension
+ $upload = new fileupload('', array('jpg'), 100);
+ $file = $upload->remote_upload('http://example.com/image.gif');
+ $this->assertEquals('URL_INVALID',$file->error[0]);
@bantu Owner
bantu added a note

space after comma

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((121 lines not shown))
+ }
+
+ /**
+ * @dataProvider additional_checks_variables
+ */
+ public function test_additional_checks($filename, $expected)
+ {
+ $upload = new phpbb_mock_fileupload();
+ $this->init_filespec(array('tmp_name', $this->path . $filename));
+ $this->filespec->upload = $upload;
+ $this->filespec->file_moved = true;
+ $this->filespec->filesize = $this->filespec->get_filesize($this->path . $filename);
+
+ $this->assertEquals($expected, $this->filespec->additional_checks());
+
+ $user = null;
@bantu Owner
bantu added a note

?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((63 lines not shown))
+ }
+ }
+ }
+
+ private function init_filespec($override = array())
+ {
+ // Initialise a blank filespec object for use with trivial methods
+ $upload_ary = array(
+ 'name' => '',
+ 'type' => '',
+ 'size' => '',
+ 'tmp_name' => '',
+ 'error' => '',
+ );
+
+ $this->filespec = new filespec(array_merge($upload_ary, $override), null);
@bantu Owner
bantu added a note

This method should probably return an instance of filespec instead of assigning it as a property of the test. It should therefore probably also be called get_filespec instead.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((70 lines not shown))
+ $upload_ary = array(
+ 'name' => '',
+ 'type' => '',
+ 'size' => '',
+ 'tmp_name' => '',
+ 'error' => '',
+ );
+
+ $this->filespec = new filespec(array_merge($upload_ary, $override), null);
+ }
+
+ protected function tearDown()
+ {
+ global $user;
+
+ $files = array(
@bantu Owner
bantu added a note

I thought this list could be generated by the data providers, but apparently it is not that easy.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((85 lines not shown))
+ $files = array(
+ 'gif_copy' => 1,
+ 'jpg_copy' => 1,
+ 'png_copy' => 1,
+ 'txt_copy' => 1,
+ 'txt_copy_2' => 1,
+ 'tif_copy' => 1,
+ 'gif_moved' => 1,
+ 'jpg_moved' => 1,
+ 'png_moved' => 1,
+ 'txt_as_img' => 1,
+ 'txt_moved' => 1,
+ );
+
+ $iterator = new DirectoryIterator($this->path);
+ foreach ($iterator as $fileinfo)
@bantu Owner
bantu added a note

You don't need to traverse the filesystem here, you can use $files and file_exists() instead now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@travisbot

This pull request fails (merged 8f4b7a75 into ba21be8).

@travisbot

This pull request fails (merged 0c50f05c into ba21be8).

@travisbot

This pull request fails (merged e23ba6ac into ba21be8).

@travisbot

This pull request passes (merged 9e042b16 into ba21be8).

@travisbot

This pull request fails (merged 3ebba7ac into ba21be8).

tests/functional/fileupload_test.php
((6 lines not shown))
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+/**
+ * @group functional
+ */
+class phpbb_functional_fileupload_test extends phpbb_functional_test_case
+{
+ public function test_form_upload()
+ {
+ // This test is marked as incomplete due to an apparent bug in the
+ // symfony framework which causes it to lose the mimetype of any file
+ // uploaded. Since filespec::is_image() relies on the mimetype, all
+ // image uploads fail. filespec::is_image() is fixed in:
+ // https://github.com/phpbb/phpbb3/pull/833
@bantu Owner
bantu added a note

The is_image change has been merged into develop. So this should be reflected in this pull request. I.e. it should not be marked incomplete anymore.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/functional/fileupload_test.php
((13 lines not shown))
+class phpbb_functional_fileupload_test extends phpbb_functional_test_case
+{
+ public function test_form_upload()
+ {
+ // This test is marked as incomplete due to an apparent bug in the
+ // symfony framework which causes it to lose the mimetype of any file
+ // uploaded. Since filespec::is_image() relies on the mimetype, all
+ // image uploads fail. filespec::is_image() is fixed in:
+ // https://github.com/phpbb/phpbb3/pull/833
+ $this->markTestIncomplete();
+
+ $path = __DIR__ . '/fixtures/files/';
+ $this->add_lang('posting');
+ $this->login();
+
+ // Test 1: Invalid extension
@bantu Owner
bantu added a note

Can these tests be (easily) moved into their own methods?

@bantu Owner
bantu added a note

The two existing methods should probably be classes instead. The requirements could then be setup in the constructor and you could have one method per test.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/fileupload_test.php
((45 lines not shown))
+ $filespec->height = 2;
+
+ return $filespec;
+ }
+
+ protected function tearDown()
+ {
+ // Clear globals
+ global $config, $user;
+ $config = array();
+ $user = null;
+ }
+
+ public function test_common_checks()
+ {
+ // Test 1: Valid file
@bantu Owner
bantu added a note

Here, tests can be trivially put into their own method. You can use the method name to describe what the test does, e.g. test_common_checks_valid_file

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/mock/fileupload.php
((9 lines not shown))
+
+/**
+ * Mock fileupload class with some basic values to help with testing the
+ * filespec class
+ */
+class phpbb_mock_fileupload
+{
+ public $max_filesize = 100;
+ public $error_prefix = '';
+
+ public function valid_dimensions($filespec)
+ {
+ return true;
+ }
+
+ public function image_types()
@p
p added a note

Add a comment explaining what this function is for/what it does.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
@@ -0,0 +1,278 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2012 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once __DIR__ . '/../../phpBB/includes/functions.php';
+require_once __DIR__ . '/../../phpBB/includes/utf/utf_tools.php';
+require_once __DIR__ . '/../../phpBB/includes/functions_upload.php';
+require_once __DIR__ . '/../mock/fileupload.php';
+require_once __DIR__ . '/../mock/request.php';
@p
p added a note

Autoloading?

@Fyorl
Fyorl added a note

They are not autoloaded, removing these lines results in a fatal error.

@bantu Owner
bantu added a note

Indeed. I also thought mocks could be autoloaded. But that is not the case.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((25 lines not shown))
+
+ protected function setUp()
+ {
+ // Global $config required by unique_id
+ // Global $user required by filespec::additional_checks and
+ // filespec::move_file
+ global $config, $user;
+
+ if (!is_array($config))
+ {
+ $config = array();
+ }
+
+ $config['rand_seed'] = '';
+ $config['rand_seed_last_update'] = time() + 600;
+ $config['mime_triggers'] = 'body|head|html|img|plaintext|a href|pre|script|table|title';
@p
p added a note

Add a comment explaining the choice of these tags. Is this everything that phpbb supports/uses? Minimum needed for the test to work? Specific values need for testing something? Etc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((84 lines not shown))
+
+ $files = array(
+ 'gif_copy',
+ 'jpg_copy',
+ 'png_copy',
+ 'txt_copy',
+ 'txt_copy_2',
+ 'tif_copy',
+ 'gif_moved',
+ 'jpg_moved',
+ 'png_moved',
+ 'txt_as_img',
+ 'txt_moved',
+ );
+
+ foreach ($files as $file)
@p
p added a note

Write all files in a subdirectory and nuke everything in that subdirectory.

@Fyorl
Fyorl added a note

bantu, I think, asked for an explicit list of files to be removed. He may have meant it for some other issue that no longer exists now. A subdirectory sounds reasonable though.

@p
p added a note

If this list changes then the test will stop deleting files and old files will stick around forever.

At the same time you don't want to accidentally delete files not created by this test, which is why I said to put everything into a subdirectory that nothing else should use.

@bantu Owner
bantu added a note

A subdirectory seems okay to me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((66 lines not shown))
+ {
+ // Initialise a blank filespec object for use with trivial methods
+ $upload_ary = array(
+ 'name' => '',
+ 'type' => '',
+ 'size' => '',
+ 'tmp_name' => '',
+ 'error' => '',
+ );
+
+ return new filespec(array_merge($upload_ary, $override), null);
+ }
+
+ protected function tearDown()
+ {
+ global $user;
@p
p added a note

Never used in this function.

@Fyorl
Fyorl added a note

In a previous comment on this PR you asked for all globals to be cleared after use. So $user is being cleared here.

@p
p added a note

Right, I overlooked the clearing.

@p
p added a note

But you should add a comment explaining this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/filespec_test.php
((93 lines not shown))
+ 'jpg_moved',
+ 'png_moved',
+ 'txt_as_img',
+ 'txt_moved',
+ );
+
+ foreach ($files as $file)
+ {
+ @unlink($this->path . $file);
+ }
+ }
+
+ public function additional_checks_variables()
+ {
+ return array(
+ array('gif', true),
@p
p added a note

Add a comment explaining what true/false mean.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tests/uploads/fixture/txt
@@ -0,0 +1 @@
+<HTML>mime trigger</HTML>
@p
p added a note

html tags should be lowercase.

@Fyorl
Fyorl added a note

These are uppercase to test whether the checks for disallowed content are properly case-insensitive.

@p
p added a note

Is there an assertion that will fail should someone lowercase these tags?

@naderman Owner
naderman added a note

Can you explain that? Are you now suggesting we test our tests to check that they test correctly? That seems a bit over the top.

@p
p added a note

Either assertion or a comment. Currently there is no indication in the tree that those particular tags should remain uppercased.

@naderman Owner
naderman added a note

Yeah I suppose a comment would make sense.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@travisbot

This pull request fails (merged 4cfacf1b into b6a364b).

@travisbot

This pull request fails (merged b323fd24 into b6a364b).

@travisbot

This pull request passes (merged 8f997f1a into b6a364b).

@bantu
Owner

I think the uploads folder should maybe be called upload.

@bantu
Owner

Please explain why the common.php file is required here.

@Fyorl

I thought it was required for phpbb_chmod to work but I think it manages to locate the correct common.php in the phpBB directory so I have removed the common.php here.

@travisbot

This pull request fails (merged 73f2a449 into b6a364b).

tests/upload/filespec_test.php
@@ -0,0 +1,272 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2012 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once __DIR__ . '/../../phpBB/includes/functions.php';
+require_once __DIR__ . '/../../phpBB/includes/utf/utf_tools.php';
+require_once __DIR__ . '/../../phpBB/includes/functions_upload.php';
+require_once __DIR__ . '/../mock/fileupload.php';
@bantu Owner
bantu added a note

Autoloading for mocks is now available in develop. http://tracker.phpbb.com/browse/PHPBB3-10973

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Fyorl added some commits
@Fyorl Fyorl [ticket/10941] Unit tests for filespec class
PHPBB3-10941
33a1300
@Fyorl Fyorl [ticket/10941] Minor adjustments as per PR comments
Switched from dirname(__FILE__) to just __DIR__.
Removed static definition from data provider methods.

PHPBB3-10941
d6bd892
@Fyorl Fyorl [ticket/10941] Finished filespec tests
PHPBB3-10941
fe4056c
@Fyorl Fyorl [ticket/10941] Unit tests for fileupload class added
PHPBB3-10941
dfef80f
@travisbot

This pull request fails (merged de0376f6 into 9f0259c).

tests/functional/fileupload_test_form.php
((32 lines not shown))
+
+ public function test_invalid_extension()
+ {
+ $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid);
+ $form = $crawler->selectButton('add_file')->form();
+ $form['fileupload']->upload($this->path . 'illegal-extension.bif');
+ $crawler = $this->client->submit($form);
+ $this->assertEquals('The extension bif is not allowed.', $crawler->filter('p.error')->text());
+ }
+
+ public function test_too_large()
+ {
+ $this->markTestIncomplete('Functional tests use an admin account which ignores maximum upload size.');
+ $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid);
+ $form = $crawler->selectButton('add_file')->form();
+ $form['fileupload']->upload($path . 'too-large.png');
@bantu Owner
bantu added a note

Should be $this->path instead of $path

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@travisbot

This pull request fails (merged 47d45d19 into 9f0259c).

tests/functional/fileupload_test_form.php
((34 lines not shown))
+ {
+ $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid);
+ $form = $crawler->selectButton('add_file')->form();
+ $form['fileupload']->upload($this->path . 'illegal-extension.bif');
+ $crawler = $this->client->submit($form);
+ $this->assertEquals('The extension bif is not allowed.', $crawler->filter('p.error')->text());
+ }
+
+ public function test_too_large()
+ {
+ $this->markTestIncomplete('Functional tests use an admin account which ignores maximum upload size.');
+ $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid);
+ $form = $crawler->selectButton('add_file')->form();
+ $form['fileupload']->upload($path . 'too-large.png');
+ $crawler = $this->client->submit($form);
+ $this->assertEquals(1, $crawler->filter('div#message')->count());
@bantu Owner
bantu added a note

You should also check for the actual message here, although this test is marked incomplete.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@travisbot

This pull request fails (merged f60f0e45 into 9f0259c).

@travisbot

This pull request fails (merged f57d1733 into 9f0259c).

@travisbot

This pull request fails (merged 90c6a811 into 9f0259c).

@travisbot

This pull request passes (merged c8576327 into 9f0259c).

@travisbot

This pull request fails (merged 81259e75 into 9f0259c).

@travisbot

This pull request fails (merged b3fb5e5b into 9f0259c).

@travisbot

This pull request passes (merged 8e1f35a0 into 9f0259c).

Fyorl added some commits
@Fyorl Fyorl [ticket/10941] Added functional tests for the fileupload class
NOTE: test_form_upload() is broken. Uploading files via Symfony fails to
retain $_FILES['fileupload']['type'] even if it set explicitely. This appears
to be a bug in Symfony. Since the current version of filespec::is_image()
relies on the mimetype, these tests will __fail__. filespec::is_image() has
been fixed in phpbb#833 however.

PHPBB3-10941
5693036
@Fyorl Fyorl [ticket/10941] Marked broken test as incomplete
PHPBB3-10941
1233544
@Fyorl Fyorl [ticket/10941] Minor adjustments as per PR comments
Added some comments clarifying globals and lowercased fixture filenames

PHPBB3-10941
82ca2c8
@Fyorl Fyorl [ticket/10941] tearDown() now uses explicit file list
Instances of $it also renamed for clarity.

PHPBB3-10941
f2bbbda
@Fyorl Fyorl [ticket/10941] Added a comment explaining the incomplete test
PHPBB3-10941
59a7b10
@Fyorl Fyorl [ticket/10941] Re-arranged dataProvidor methods to be near their callers
PHPBB3-10941
943af95
@Fyorl Fyorl [ticket/10941] Now actually checks for the value of errors.
Uses phpbb_mock_lang to return the key used when setting errors to
allow that key to be checked for during tests rather than just checking
if any error was set.

PHPBB3-10941
19405a7
@Fyorl Fyorl [ticket/10941] Changed assertTrue to assertEquals
PHPBB3-10941
1bb64ab
@Fyorl Fyorl [ticket/10941] Minor typo fixes
Removed superfluous $user = null; that was left over from refactoring.

PHPBB3-10941
61d7400
@Fyorl Fyorl [ticket/10941] Refactored init_filespec to return new object.
Removed $filespec as a property of the filespec test and instead
just instantiate new objects.

PHPBB3-10941
ff7e5d7
@Fyorl Fyorl [ticket/10941] Refactored tearDown to stop iterating over the directory.
PHPBB3-10941
682757c
@Fyorl Fyorl [ticket/10941] Removed the incomplete mark as is_image is fixed
Had to remove one of the tests due to a small limitation with the
functional testing framework. May mark the test as incomplete again
pending further comments.

PHPBB3-10941
a4717ef
@Fyorl Fyorl [ticket/10941] Rearranged tests into their own classes or methods
PHPBB3-10941
b65f08d
@Fyorl Fyorl [ticket/10941] Fixed a failing test
Since the is_image change, the filespec class no longer trusts the
browser's reported mimetype and instead checks the file itself. Thus
pretending a text file had the mimetype of an image will no longer
fail, the file will simply not be treated as an image.

PHPBB3-10941
af8020b
@Fyorl Fyorl [ticket/10941] Added some comments for clarification
PHPBB3-10941
d89af53
@Fyorl Fyorl [ticket/10941] Added subdirectory for file operations
Also removed common.php as it was unnecessary.

PHPBB3-10941
580cec6
@Fyorl Fyorl [ticket/10941] Removed manual includes of mock classes
Also marked a test as incomplete even though this appears to be
ignored when actually running the tests.

PHPBB3-10941
9f3a02d
@Fyorl Fyorl [ticket/10941] Moved comment into markTestIncomplete parameter
PHPBB3-10941
6a1c686
@Fyorl Fyorl [ticket/10941] Renamed classes and filenames so that tests run
Also fixed some minor issues that weren't flagged before because
the tests were being ignored.

PHPBB3-10941
e0b63df
@Fyorl Fyorl [ticket/10941] Replaced use of English with language system
PHPBB3-10941
8d43a6e
@Fyorl Fyorl [ticket/10941] Fixed form test test_too_large
PHPBB3-10941
c8059cf
@Fyorl Fyorl [ticket/10941] Added tests/upload/fixture/copies to tracking
PHPBB3-10941
ae9b642
@Fyorl Fyorl [ticket/10941] Modified tearDown to use DirectoryIterator instead of …
…glob

PHPBB3-10941
f470eee
@Fyorl Fyorl [ticket/10941] Added a comment to ensure tags stay uppercase
PHPBB3-10941
1b3589a
@Fyorl Fyorl [ticket/10941] File 'txt' now too big so changed tests to reflect that
PHPBB3-10941
d046b25
@Fyorl Fyorl [ticket/10941] Removed superfluous array
PHPBB3-10941
65d7aae
@bantu bantu merged commit 65d7aae into phpbb:develop
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jul 8, 2012
  1. @Fyorl

    [ticket/10941] Unit tests for filespec class

    Fyorl authored
    PHPBB3-10941
  2. @Fyorl

    [ticket/10941] Minor adjustments as per PR comments

    Fyorl authored
    Switched from dirname(__FILE__) to just __DIR__.
    Removed static definition from data provider methods.
    
    PHPBB3-10941
  3. @Fyorl

    [ticket/10941] Finished filespec tests

    Fyorl authored
    PHPBB3-10941
  4. @Fyorl
Commits on Jul 9, 2012
  1. @Fyorl

    [ticket/10941] Added functional tests for the fileupload class

    Fyorl authored
    NOTE: test_form_upload() is broken. Uploading files via Symfony fails to
    retain $_FILES['fileupload']['type'] even if it set explicitely. This appears
    to be a bug in Symfony. Since the current version of filespec::is_image()
    relies on the mimetype, these tests will __fail__. filespec::is_image() has
    been fixed in phpbb#833 however.
    
    PHPBB3-10941
  2. @Fyorl

    [ticket/10941] Marked broken test as incomplete

    Fyorl authored
    PHPBB3-10941
  3. @Fyorl

    [ticket/10941] Minor adjustments as per PR comments

    Fyorl authored
    Added some comments clarifying globals and lowercased fixture filenames
    
    PHPBB3-10941
  4. @Fyorl

    [ticket/10941] tearDown() now uses explicit file list

    Fyorl authored
    Instances of $it also renamed for clarity.
    
    PHPBB3-10941
  5. @Fyorl
  6. @Fyorl
  7. @Fyorl

    [ticket/10941] Now actually checks for the value of errors.

    Fyorl authored
    Uses phpbb_mock_lang to return the key used when setting errors to
    allow that key to be checked for during tests rather than just checking
    if any error was set.
    
    PHPBB3-10941
  8. @Fyorl

    [ticket/10941] Changed assertTrue to assertEquals

    Fyorl authored
    PHPBB3-10941
  9. @Fyorl

    [ticket/10941] Minor typo fixes

    Fyorl authored
    Removed superfluous $user = null; that was left over from refactoring.
    
    PHPBB3-10941
  10. @Fyorl

    [ticket/10941] Refactored init_filespec to return new object.

    Fyorl authored
    Removed $filespec as a property of the filespec test and instead
    just instantiate new objects.
    
    PHPBB3-10941
  11. @Fyorl
  12. @Fyorl

    [ticket/10941] Removed the incomplete mark as is_image is fixed

    Fyorl authored
    Had to remove one of the tests due to a small limitation with the
    functional testing framework. May mark the test as incomplete again
    pending further comments.
    
    PHPBB3-10941
  13. @Fyorl
  14. @Fyorl

    [ticket/10941] Fixed a failing test

    Fyorl authored
    Since the is_image change, the filespec class no longer trusts the
    browser's reported mimetype and instead checks the file itself. Thus
    pretending a text file had the mimetype of an image will no longer
    fail, the file will simply not be treated as an image.
    
    PHPBB3-10941
  15. @Fyorl
  16. @Fyorl

    [ticket/10941] Added subdirectory for file operations

    Fyorl authored
    Also removed common.php as it was unnecessary.
    
    PHPBB3-10941
  17. @Fyorl

    [ticket/10941] Removed manual includes of mock classes

    Fyorl authored
    Also marked a test as incomplete even though this appears to be
    ignored when actually running the tests.
    
    PHPBB3-10941
  18. @Fyorl
  19. @Fyorl

    [ticket/10941] Renamed classes and filenames so that tests run

    Fyorl authored
    Also fixed some minor issues that weren't flagged before because
    the tests were being ignored.
    
    PHPBB3-10941
  20. @Fyorl
  21. @Fyorl

    [ticket/10941] Fixed form test test_too_large

    Fyorl authored
    PHPBB3-10941
  22. @Fyorl
  23. @Fyorl
  24. @Fyorl
  25. @Fyorl
  26. @Fyorl

    [ticket/10941] Removed superfluous array

    Fyorl authored
    PHPBB3-10941
This page is out of date. Refresh to see the latest.
View
62 tests/functional/fileupload_form_test.php
@@ -0,0 +1,62 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2012 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+/**
+ * @group functional
+ */
+class phpbb_functional_fileupload_form_test extends phpbb_functional_test_case
+{
+ private $path;
+
+ public function setUp()
+ {
+ parent::setUp();
+ $this->path = __DIR__ . '/fixtures/files/';
+ $this->add_lang('posting');
+ $this->login();
+ }
+
+ public function test_empty_file()
+ {
+ $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid);
+ $form = $crawler->selectButton('add_file')->form();
+ $form['fileupload']->upload($this->path . 'empty.png');
+ $crawler = $this->client->submit($form);
+ $this->assertEquals($this->lang('ATTACHED_IMAGE_NOT_IMAGE'), $crawler->filter('div#message p')->text());
+ }
+
+ public function test_invalid_extension()
+ {
+ $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid);
+ $form = $crawler->selectButton('add_file')->form();
+ $form['fileupload']->upload($this->path . 'illegal-extension.bif');
+ $crawler = $this->client->submit($form);
+ $this->assertEquals($this->lang('DISALLOWED_EXTENSION', 'bif'), $crawler->filter('p.error')->text());
+ }
+
+ public function test_too_large()
+ {
+ $this->markTestIncomplete('Functional tests use an admin account which ignores maximum upload size.');
+ $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid);
+ $form = $crawler->selectButton('add_file')->form();
+ $form['fileupload']->upload($this->path . 'too-large.png');
+ $crawler = $this->client->submit($form);
+ $this->assertEquals($this->lang('WRONG_FILESIZE', '256', 'KiB'), $crawler->filter('p.error')->text());
+ }
+
+ public function test_valid_file()
+ {
+ $crawler = $this->request('GET', 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid);
+ $form = $crawler->selectButton('add_file')->form();
+ $form['fileupload']->upload($this->path . 'valid.jpg');
+ $crawler = $this->client->submit($form);
+ $this->assertEquals(0, $crawler->filter('p.error')->count());
+ $this->assertContains($this->lang('POSTED_ATTACHMENTS'), $crawler->filter('#postform h3')->eq(1)->text());
+ }
+}
View
72 tests/functional/fileupload_remote_test.php
@@ -0,0 +1,72 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2012 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+/**
+ * @group functional
+ */
+class phpbb_functional_fileupload_remote_test extends phpbb_functional_test_case
+{
+ public function setUp()
+ {
+ parent::setUp();
+ // Only doing this within the functional framework because we need a
+ // URL
+
+ // Global $config required by unique_id
+ // Global $user required by fileupload::remote_upload
+ global $config, $user;
+
+ if (!is_array($config))
+ {
+ $config = array();
+ }
+
+ $config['rand_seed'] = '';
+ $config['rand_seed_last_update'] = time() + 600;
+
+ $user = new phpbb_mock_user();
+ $user->lang = new phpbb_mock_lang();
+ }
+
+ public function tearDown()
+ {
+ global $config, $user;
+ $user = null;
+ $config = array();
+ }
+
+ public function test_invalid_extension()
+ {
+ $upload = new fileupload('', array('jpg'), 100);
+ $file = $upload->remote_upload('http://example.com/image.gif');
+ $this->assertEquals('URL_INVALID', $file->error[0]);
+ }
+
+ public function test_non_existant()
+ {
+ $upload = new fileupload('', array('jpg'), 100);
+ $file = $upload->remote_upload('http://example.com/image.jpg');
+ $this->assertEquals('EMPTY_REMOTE_DATA', $file->error[0]);
+ }
+
+ public function test_successful_upload()
+ {
+ $upload = new fileupload('', array('gif'), 1000);
+ $file = $upload->remote_upload($this->root_url . 'styles/prosilver/theme/images/forum_read.gif');
+ $this->assertEquals(0, sizeof($file->error));
+ $this->assertTrue(file_exists($file->filename));
+ }
+
+ public function test_too_large()
+ {
+ $upload = new fileupload('', array('gif'), 100);
+ $file = $upload->remote_upload($this->root_url . 'styles/prosilver/theme/images/forum_read.gif');
+ $this->assertEquals('WRONG_FILESIZE', $file->error[0]);
+ }
+}
View
0  tests/functional/fixtures/files/empty.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
BIN  tests/functional/fixtures/files/illegal-extension.bif
Binary file not shown
View
BIN  tests/functional/fixtures/files/too-large.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
BIN  tests/functional/fixtures/files/valid.jpg
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
32 tests/mock/filespec.php
@@ -0,0 +1,32 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2012 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+/**
+ * Mock filespec class with some basic values to help with testing the
+ * fileupload class
+ */
+class phpbb_mock_filespec
+{
+ public $filesize;
+ public $realname;
+ public $extension;
+ public $width;
+ public $height;
+ public $error = array();
+
+ public function check_content($disallowed_content)
+ {
+ return true;
+ }
+
+ public function get($property)
+ {
+ return $this->$property;
+ }
+}
View
52 tests/mock/fileupload.php
@@ -0,0 +1,52 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2012 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+/**
+ * Mock fileupload class with some basic values to help with testing the
+ * filespec class
+ */
+class phpbb_mock_fileupload
+{
+ public $max_filesize = 100;
+ public $error_prefix = '';
+
+ public function valid_dimensions($filespec)
+ {
+ return true;
+ }
+
+ /**
+ * Copied verbatim from phpBB/includes/functions_upload.php's fileupload
+ * class to ensure the correct behaviour of filespec::move_file.
+ *
+ * Maps file extensions to the constant in second index of the array
+ * returned by getimagesize()
+ */
+ public function image_types()
+ {
+ return array(
+ IMAGETYPE_GIF => array('gif'),
+ IMAGETYPE_JPEG => array('jpg', 'jpeg'),
+ IMAGETYPE_PNG => array('png'),
+ IMAGETYPE_SWF => array('swf'),
+ IMAGETYPE_PSD => array('psd'),
+ IMAGETYPE_BMP => array('bmp'),
+ IMAGETYPE_TIFF_II => array('tif', 'tiff'),
+ IMAGETYPE_TIFF_MM => array('tif', 'tiff'),
+ IMAGETYPE_JPC => array('jpg', 'jpeg'),
+ IMAGETYPE_JP2 => array('jpg', 'jpeg'),
+ IMAGETYPE_JPX => array('jpg', 'jpeg'),
+ IMAGETYPE_JB2 => array('jpg', 'jpeg'),
+ IMAGETYPE_SWC => array('swc'),
+ IMAGETYPE_IFF => array('iff'),
+ IMAGETYPE_WBMP => array('wbmp'),
+ IMAGETYPE_XBM => array('xbm'),
+ );
+ }
+}
View
275 tests/upload/filespec_test.php
@@ -0,0 +1,275 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2012 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once __DIR__ . '/../../phpBB/includes/functions.php';
+require_once __DIR__ . '/../../phpBB/includes/utf/utf_tools.php';
+require_once __DIR__ . '/../../phpBB/includes/functions_upload.php';
+
+class phpbb_filespec_test extends phpbb_test_case
+{
+ const TEST_COUNT = 100;
+ const PREFIX = 'phpbb_';
+ const MAX_STR_LEN = 50;
+ const UPLOAD_MAX_FILESIZE = 1000;
+
+ private $config;
+ public $path;
+
+ protected function setUp()
+ {
+ // Global $config required by unique_id
+ // Global $user required by filespec::additional_checks and
+ // filespec::move_file
+ global $config, $user;
+
+ if (!is_array($config))
+ {
+ $config = array();
+ }
+
+ $config['rand_seed'] = '';
+ $config['rand_seed_last_update'] = time() + 600;
+ // This config value is normally pulled from the database which is set
+ // to this value at install time.
+ // See: phpBB/install/schemas/schema_data.sql
+ $config['mime_triggers'] = 'body|head|html|img|plaintext|a href|pre|script|table|title';
+
+ $user = new phpbb_mock_user();
+ $user->lang = new phpbb_mock_lang();
+
+ $this->config = &$config;
+ $this->path = __DIR__ . '/fixture/';
+
+ // Create copies of the files for use in testing move_file
+ $iterator = new DirectoryIterator($this->path);
+ foreach ($iterator as $fileinfo)
+ {
+ if ($fileinfo->isDot() || $fileinfo->isDir())
+ {
+ continue;
+ }
+
+ copy($fileinfo->getPathname(), $this->path . 'copies/' . $fileinfo->getFilename() . '_copy');
+ if ($fileinfo->getFilename() === 'txt')
+ {
+ copy($fileinfo->getPathname(), $this->path . 'copies/' . $fileinfo->getFilename() . '_copy_2');
+ }
+ }
+ }
+
+ private function get_filespec($override = array())
+ {
+ // Initialise a blank filespec object for use with trivial methods
+ $upload_ary = array(
+ 'name' => '',
+ 'type' => '',
+ 'size' => '',
+ 'tmp_name' => '',
+ 'error' => '',
+ );
+
+ return new filespec(array_merge($upload_ary, $override), null);
+ }
+
+ protected function tearDown()
+ {
+ global $user;
+ $this->config = array();
+ $user = null;
+
+ $iterator = new DirectoryIterator($this->path . 'copies');
+ foreach ($iterator as $fileinfo)
+ {
+ $name = $fileinfo->getFilename();
+ if ($name[0] !== '.')
+ {
+ unlink($fileinfo->getPathname());
+ }
+ }
+ }
+
+ public function additional_checks_variables()
+ {
+ // False here just indicates the file is too large and fails the
+ // filespec::additional_checks method because of it. All other code
+ // paths in that method are covered elsewhere.
+ return array(
+ array('gif', true),
+ array('jpg', false),
+ array('png', true),
+ array('tif', false),
+ array('txt', false),
+ );
+ }
+
+ /**
+ * @dataProvider additional_checks_variables
+ */
+ public function test_additional_checks($filename, $expected)
+ {
+ $upload = new phpbb_mock_fileupload();
+ $filespec = $this->get_filespec();
+ $filespec->upload = $upload;
+ $filespec->file_moved = true;
+ $filespec->filesize = $filespec->get_filesize($this->path . $filename);
+
+ $this->assertEquals($expected, $filespec->additional_checks());
+ }
+
+ public function check_content_variables()
+ {
+ // False here indicates that a file is non-binary and contains
+ // disallowed content that makes IE report the mimetype incorrectly.
+ return array(
+ array('gif', true),
+ array('jpg', true),
+ array('png', true),
+ array('tif', true),
+ array('txt', false),
+ );
+ }
+
+ /**
+ * @dataProvider check_content_variables
+ */
+ public function test_check_content($filename, $expected)
+ {
+ $disallowed_content = explode('|', $this->config['mime_triggers']);
+ $filespec = $this->get_filespec(array('tmp_name' => $this->path . $filename));
+ $this->assertEquals($expected, $filespec->check_content($disallowed_content));
+ }
+
+ public function clean_filename_variables()
+ {
+ $chunks = str_split('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ\'\\" /:*?<>|[];(){},#+=-_`', 8);
+ return array(
+ array($chunks[0] . $chunks[7]),
+ array($chunks[1] . $chunks[8]),
+ array($chunks[2] . $chunks[9]),
+ array($chunks[3] . $chunks[4]),
+ array($chunks[5] . $chunks[6]),
+ );
+ }
+
+ /**
+ * @dataProvider clean_filename_variables
+ */
+ public function test_clean_filename_real($filename)
+ {
+ $bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|');
+ $filespec = $this->get_filespec(array('name' => $filename));
+ $filespec->clean_filename('real', self::PREFIX);
+ $name = $filespec->realname;
+
+ $this->assertEquals(0, preg_match('/%(\w{2})/', $name));
+ foreach ($bad_chars as $char)
+ {
+ $this->assertFalse(strpos($name, $char));
+ }
+ }
+
+ public function test_clean_filename_unique()
+ {
+ $filenames = array();
+ for ($tests = 0; $tests < self::TEST_COUNT; $tests++)
+ {
+ $filespec = $this->get_filespec();
+ $filespec->clean_filename('unique', self::PREFIX);
+ $name = $filespec->realname;
+
+ $this->assertEquals(strlen($name), 32 + strlen(self::PREFIX));
+ $this->assertRegExp('#^[A-Za-z0-9]+$#', substr($name, strlen(self::PREFIX)));
+ $this->assertFalse(isset($filenames[$name]));
+ $filenames[$name] = true;
+ }
+ }
+
+ public function get_extension_variables()
+ {
+ return array(
+ array('file.png', 'png'),
+ array('file.phpbb.gif', 'gif'),
+ array('file..', ''),
+ array('.file..jpg.webp', 'webp'),
+ );
+ }
+
+ /**
+ * @dataProvider get_extension_variables
+ */
+ public function test_get_extension($filename, $expected)
+ {
+ $filespec = $this->get_filespec();
+ $this->assertEquals($expected, $filespec->get_extension($filename));
+ }
+
+ public function is_image_variables()
+ {
+ return array(
+ array('gif', 'image/gif', true),
+ array('jpg', 'image/jpg', true),
+ array('png', 'image/png', true),
+ array('tif', 'image/tif', true),
+ array('txt', 'text/plain', false),
+ );
+ }
+
+ /**
+ * @dataProvider is_image_variables
+ */
+ public function test_is_image($filename, $mimetype, $expected)
+ {
+ $filespec = $this->get_filespec(array('tmp_name' => $this->path . $filename, 'type' => $mimetype));
+ $this->assertEquals($expected, $filespec->is_image());
+ }
+
+ public function move_file_variables()
+ {
+ return array(
+ array('gif_copy', 'gif_moved', 'image/gif', 'gif', false, true),
+ array('non_existant', 'still_non_existant', 'text/plain', 'txt', 'GENERAL_UPLOAD_ERROR', false),
+ array('txt_copy', 'txt_as_img', 'image/jpg', 'txt', false, true),
+ array('txt_copy_2', 'txt_moved', 'text/plain', 'txt', false, true),
+ array('jpg_copy', 'jpg_moved', 'image/png', 'jpg', false, true),
+ array('png_copy', 'png_moved', 'image/png', 'jpg', 'IMAGE_FILETYPE_MISMATCH', true),
+ );
+ }
+
+ /**
+ * @dataProvider move_file_variables
+ */
+ public function test_move_file($tmp_name, $realname, $mime_type, $extension, $error, $expected)
+ {
+ // Global $phpbb_root_path and $phpEx are required by phpbb_chmod
+ global $phpbb_root_path, $phpEx;
+ $phpbb_root_path = '';
+ $phpEx = 'php';
+
+ $upload = new phpbb_mock_fileupload();
+ $upload->max_filesize = self::UPLOAD_MAX_FILESIZE;
+
+ $filespec = $this->get_filespec(array(
+ 'tmp_name' => $this->path . 'copies/' . $tmp_name,
+ 'name' => $realname,
+ 'type' => $mime_type,
+ ));
+ $filespec->extension = $extension;
+ $filespec->upload = $upload;
+ $filespec->local = true;
+
+ $this->assertEquals($expected, $filespec->move_file($this->path . 'copies'));
+ $this->assertEquals($filespec->file_moved, file_exists($this->path . 'copies/' . $realname));
+ if ($error)
+ {
+ $this->assertEquals($error, $filespec->error[0]);
+ }
+
+ $phpEx = '';
+ }
+}
View
115 tests/upload/fileupload_test.php
@@ -0,0 +1,115 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2012 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once __DIR__ . '/../../phpBB/includes/functions.php';
+require_once __DIR__ . '/../../phpBB/includes/utf/utf_tools.php';
+require_once __DIR__ . '/../../phpBB/includes/functions_upload.php';
+
+class phpbb_fileupload_test extends phpbb_test_case
+{
+ private $path;
+
+ protected function setUp()
+ {
+ // Global $config required by unique_id
+ // Global $user required by several functions dealing with translations
+ global $config, $user;
+
+ if (!is_array($config))
+ {
+ $config = array();
+ }
+
+ $config['rand_seed'] = '';
+ $config['rand_seed_last_update'] = time() + 600;
+
+ $user = new phpbb_mock_user();
+ $user->lang = new phpbb_mock_lang();
+ $this->path = __DIR__ . '/fixture/';
+ }
+
+ private function gen_valid_filespec()
+ {
+ $filespec = new phpbb_mock_filespec();
+ $filespec->filesize = 1;
+ $filespec->extension = 'jpg';
+ $filespec->realname = 'valid';
+ $filespec->width = 2;
+ $filespec->height = 2;
+
+ return $filespec;
+ }
+
+ protected function tearDown()
+ {
+ // Clear globals
+ global $config, $user;
+ $config = array();
+ $user = null;
+ }
+
+ public function test_common_checks_invalid_extension()
+ {
+ $upload = new fileupload('', array('png'), 100);
+ $file = $this->gen_valid_filespec();
+ $upload->common_checks($file);
+ $this->assertEquals('DISALLOWED_EXTENSION', $file->error[0]);
+ }
+
+ public function test_common_checks_invalid_filename()
+ {
+ $upload = new fileupload('', array('jpg'), 100);
+ $file = $this->gen_valid_filespec();
+ $file->realname = 'invalid?';
+ $upload->common_checks($file);
+ $this->assertEquals('INVALID_FILENAME', $file->error[0]);
+ }
+
+ public function test_common_checks_too_large()
+ {
+ $upload = new fileupload('', array('jpg'), 100);
+ $file = $this->gen_valid_filespec();
+ $file->filesize = 1000;
+ $upload->common_checks($file);
+ $this->assertEquals('WRONG_FILESIZE', $file->error[0]);
+ }
+
+ public function test_common_checks_valid_file()
+ {
+ $upload = new fileupload('', array('jpg'), 1000);
+ $file = $this->gen_valid_filespec();
+ $upload->common_checks($file);
+ $this->assertEquals(0, sizeof($file->error));
+ }
+
+ public function test_local_upload()
+ {
+ $upload = new fileupload('', array('jpg'), 1000);
+
+ copy($this->path . 'jpg', $this->path . 'jpg.jpg');
+ $file = $upload->local_upload($this->path . 'jpg.jpg');
+ $this->assertEquals(0, sizeof($file->error));
+ unlink($this->path . 'jpg.jpg');
+ }
+
+ public function test_valid_dimensions()
+ {
+ $upload = new fileupload('', false, false, 1, 1, 100, 100);
+
+ $file1 = $this->gen_valid_filespec();
+ $file2 = $this->gen_valid_filespec();
+ $file2->height = 101;
+ $file3 = $this->gen_valid_filespec();
+ $file3->width = 0;
+
+ $this->assertTrue($upload->valid_dimensions($file1));
+ $this->assertFalse($upload->valid_dimensions($file2));
+ $this->assertFalse($upload->valid_dimensions($file3));
+ }
+}
View
0  tests/upload/fixture/copies/.gitkeep
No changes.
View
BIN  tests/upload/fixture/gif
Binary file not shown
View
BIN  tests/upload/fixture/jpg
Binary file not shown
View
BIN  tests/upload/fixture/png
Binary file not shown
View
BIN  tests/upload/fixture/tif
Binary file not shown
View
2  tests/upload/fixture/txt
@@ -0,0 +1,2 @@
+<HTML>mime trigger</HTML>
+The HTML tags should remain uppercase so that case-insensitivity can be checked.
Something went wrong with that request. Please try again.