mirror/fenom
1
0
Fork 0
mirror of https://github.com/fenom-template/fenom.git synced 2023-08-10 21:13:07 +03:00
Code Issues Projects Releases Wiki Activity

Add tests for auto escaping

Browse Source
This commit is contained in:
bzick 2013-07-07 01:34:19 +04:00
parent 42b71ed644
commit 968671d8a7
3 changed files with 65 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
tests/TestCase.php
View File

@ -26,6 +26,8 @@ class TestCase extends \PHPUnit_Framework_TestCase {
$this->fenom = Fenom::factory(FENOM_RESOURCES.'/template', FENOM_RESOURCES.'/compile');
$this->fenom->addModifier('dots', __CLASS__.'::dots');
$this->fenom->addModifier('concat', __CLASS__.'::concat');
$this->fenom->addFunction('test_function', __CLASS__.'::inlineFunction');
$this->fenom->addBlockFunction('test_block_function', __CLASS__.'::blockFunction');
}
public static function dots($value) {
@ -36,6 +38,14 @@ class TestCase extends \PHPUnit_Framework_TestCase {
return call_user_func_array('var_export', func_get_args());
}
public static function inlineFunction($params) {
return isset($params["text"]) ? $params["text"] : "";
}
public static function blockFunction($params, $text) {
return $text;
}
public static function setUpBeforeClass() {
if(!file_exists(FENOM_RESOURCES.'/template')) {
mkdir(FENOM_RESOURCES.'/template', 0777, true);

55
tests/cases/Fenom/AutoEscapeTest.php Normal file
View File

@ -0,0 +1,55 @@
<?php
namespace Fenom;
class AutoEscapeTest extends TestCase {
public static function providerHTML() {
$html = "<script>alert('injection');</script>";
$escaped = htmlspecialchars($html, ENT_COMPAT, 'UTF-8');
$vars = array(
"html" => $html
);
return array(
// variable
array('{$html}', $html, $vars, 0),
array('{$html}', $escaped, $vars, \Fenom::AUTO_ESCAPE),
array('{raw $html}', $html, $vars, \Fenom::AUTO_ESCAPE),
array('{raw "{$html|up}"}', strtoupper($html), $vars, \Fenom::AUTO_ESCAPE),
array('{autoescape true}{$html}{/autoescape}, {$html}', "$escaped, $html", $vars, 0),
array('{autoescape false}{$html}{/autoescape}, {$html}', "$html, $escaped", $vars, \Fenom::AUTO_ESCAPE),
array('{autoescape true}{$html}{/autoescape}, {$html}', "$escaped, $escaped", $vars, \Fenom::AUTO_ESCAPE),
array('{autoescape false}{$html}{/autoescape}, {$html}', "$html, $html", $vars, 0),
// inline function
array('{test_function text=$html}', $html, $vars, 0),
array('{test_function text=$html}', $escaped, $vars, \Fenom::AUTO_ESCAPE),
array('{raw:test_function text=$html}', $html, $vars, \Fenom::AUTO_ESCAPE),
array('{raw:test_function text="{$html|up}"}', strtoupper($html), $vars, \Fenom::AUTO_ESCAPE),
array('{autoescape true}{test_function text=$html}{/autoescape}, {test_function text=$html}', "$escaped, $html", $vars, 0),
array('{autoescape false}{test_function text=$html}{/autoescape}, {test_function text=$html}', "$html, $escaped", $vars, \Fenom::AUTO_ESCAPE),
array('{autoescape true}{test_function text=$html}{/autoescape}, {test_function text=$html}', "$escaped, $escaped", $vars, \Fenom::AUTO_ESCAPE),
array('{autoescape false}{test_function text=$html}{/autoescape}, {test_function text=$html}', "$html, $html", $vars, 0),
// block function
array('{test_block_function}{$html}{/test_block_function}', $html, $vars, 0),
array('{test_block_function}{$html}{/test_block_function}', $escaped, $vars, \Fenom::AUTO_ESCAPE),
array('{raw:test_block_function}{$html}{/test_block_function}', $html, $vars, \Fenom::AUTO_ESCAPE),
array('{raw:test_block_function}{"{$html|up}"}{/test_block_function}', strtoupper($html), $vars, \Fenom::AUTO_ESCAPE),
array('{autoescape true}{test_block_function}{$html}{/test_block_function}{/autoescape}, {test_block_function}{$html}{/test_block_function}', "$escaped, $html", $vars, 0),
array('{autoescape false}{test_block_function}{$html}{/test_block_function}{/autoescape}, {test_block_function}{$html}{/test_block_function}', "$html, $escaped", $vars, \Fenom::AUTO_ESCAPE),
array('{autoescape true}{test_block_function}{$html}{/test_block_function}{/autoescape}, {test_block_function}{$html}{/test_block_function}', "$escaped, $escaped", $vars, \Fenom::AUTO_ESCAPE),
array('{autoescape false}{test_block_function}{$html}{/test_block_function}{/autoescape}, {test_block_function}{$html}{/test_block_function}', "$html, $html", $vars, 0),
);
}
/**
* @dataProvider providerHTML
*/
public function testEscaping($tpl, $result, $vars, $options) {
$this->values = $vars;
$this->fenom->setOptions($options);
$this->assertRender($tpl, $result);
}
}

0
tests/cases/CytroTest.php → tests/cases/FenomTest.php
View File