--- /dev/null
+<?php
+
+/**
+* InputTest
+*
+* @author Blue Static
+* @copyright Copyright (c)2002 - [#]year[#], Blue Static
+* @version $Revision$
+* @package ISSO Tests
+*
+*/
+class InputTest extends UnitTestCase
+{
+ private $fixture;
+
+ public function setUp()
+ {
+ $_GET = array(
+ '1' => 'moo',
+ '0' => 'foobar',
+ 'abc' => '-1',
+ 'ab"c"' => '2.0',
+ 'ab"c"2' => 'k"lm"',
+ 'ab\'c\'' => 'nop',
+ "ab\'c\'2" => "qr\'s\'"
+ );
+ $_COOKIE = array(
+ 'somecookie' => '"a var"',
+ 'another"value"' => "isn't it cool"
+ );
+ $_POST = array(
+ 'nest' => array(
+ 'foobar' => '"test"',
+ '"hi"' => 'test\'ing'
+ )
+ );
+
+ // simulate magic quotes GPC
+ /*foreach (array($_GET, $_COOKIE) AS $array)
+ {
+ foreach ($array AS $var => $value)
+ {
+ $array["$var"] = addslashes($value);
+ }
+ }*/
+
+ $this->fixture = BSRegister::LoadModule('Input');
+ }
+
+ public function testSanitizeInputData()
+ {
+ $this->assertEqual(10, sizeof($this->fixture->in));
+ $this->assertEqual(2, sizeof($this->fixture->in['nest']));
+ $this->assertEqual('"a var"', $this->fixture->in['somecookie']);
+ $this->assertEqual('test\'ing', $this->fixture->in['nest']['"hi"']);
+ }
+
+ public function testEntityEncode()
+ {
+ $this->assertEqual('<a href="http://www.something.com/test.php?do=run&moo=foo">', $this->fixture->entityEncode('<a href="http://www.something.com/test.php?do=run&moo=foo">'));
+ }
+
+ public function testUnsanitize()
+ {
+ $this->assertEqual('<script type="text/javascript"> alert("XSS is fun!"); </script>', $this->fixture->unsanitize('<script type="text/javascript"> alert("XSS is fun!"); </script>'));
+ $this->assertEqual('<script type="text/javascript"> alert("XSS is fun!"); </script>', $this->fixture->unsanitize('<script type="text/javascript"> alert("XSS is fun!"); </script>'));
+ $this->assertEqual('<script type="text/javascript"> alert("XSS is fun!"); </script>', $this->fixture->unsanitize($this->fixture->sanitize('<script type="text/javascript"> alert("XSS is fun!"); </script>')));
+ }
+
+ public function testClean()
+ {
+ $this->assertEqual(0, $this->fixture->clean('abc', TYPE_INT));
+ $this->assertEqual(-1, $this->fixture->clean('-1', TYPE_INT));
+ $this->assertEqual(4, $this->fixture->clean('4def', TYPE_INT));
+
+ $this->assertEqual(0, $this->fixture->clean('abc', TYPE_UINT));
+ $this->assertEqual(0, $this->fixture->clean(-100, TYPE_UINT));
+ $this->assertEqual(40, $this->fixture->clean('40.965', TYPE_UINT));
+
+ $this->assertEqual(0, $this->fixture->clean('0.0', TYPE_FLOAT));
+ $this->assertNotEqual(0, $this->fixture->clean('0.032', TYPE_FLOAT));
+
+ $this->assertEqual(true, $this->fixture->clean('aafsdfa', TYPE_BOOL));
+ $this->assertEqual(false, $this->fixture->clean('', TYPE_BOOL));
+ $this->assertEqual(false, $this->fixture->clean('0', TYPE_BOOL));
+ $this->assertEqual(true, $this->fixture->clean('0.0', TYPE_BOOL));
+
+ $this->assertEqual('<abc "def" gih>', $this->fixture->clean('<abc "def" gih>', TYPE_STR));
+
+ $this->assertEqual('<abc "def" gih>', $this->fixture->clean('<abc "def" gih>', TYPE_STRUN));
+ $this->assertEqual('<abc "def" gih>', $this->fixture->clean($this->fixture->sanitize('<abc "def" gih>'), TYPE_STRUN));
+
+ $this->assertEqual('<abc "def" gih>', $this->fixture->clean('<abc "def" gih>', TYPE_NONE));
+
+ $this->assertEqual('åß∂ƒ©˙∆˚¬…æΩ≈ç√∫≤≥÷œ∑®†¥øπ“‘’”', $this->fixture->clean('åß∂ƒ©˙∆˚¬…æΩ≈ç√∫≤≥÷œ∑®†¥øπ“‘’”', TYPE_BIN));
+
+ $this->fixture->clean('asdfa', TYPE_THIS_DOES_NOT_EXIST);
+ $this->assertError();
+ }
+
+ public function testCleanArray()
+ {
+ $array = array(
+ 'a' => '1',
+ 'b' => '2.7',
+ 'c' => 'adfasdf',
+ 'd' => '-12'
+ );
+
+ $newarray = $this->fixture->clean($array, TYPE_UINT);
+
+ $this->assertEqual(4, sizeof($newarray));
+ $this->assertEqual(1, $newarray['a']);
+ $this->assertEqual(2, $newarray['b']);
+ $this->assertEqual(0, $newarray['c']);
+ $this->assertEqual(0, $newarray['d']);
+ }
+
+ public function testInputClean()
+ {
+ $this->assertEqual(-1.0, $this->fixture->inputClean('abc', TYPE_FLOAT));
+ $this->assertEqual(-1.0, $this->fixture->in['abc']);
+
+ $this->assertEqual('', $this->fixture->inputClean(':does:not:exist', TYPE_STR));
+ }
+
+ public function testInputCleanArray()
+ {
+ $this->setUp();
+ $this->fixture->inputCleanArray(array(
+ 'abc' => TYPE_FLOAT,
+ 'ab"c"' => TYPE_INT
+ ));
+
+ $this->assertEqual(-1.0, $this->fixture->in['abc']);
+ $this->assertEqual(2, $this->fixture->in['ab"c"']);
+ }
+
+ public function testEscape()
+ {
+ $this->assertEqual("this isn\'t a test", $this->fixture->escape("this isn't a test", true));
+ }
+
+ public function testInputEscape()
+ {
+ $this->assertEqual("isn\'t it cool", $this->fixture->inputEscape('another"value"'));
+ $this->assertEqual('', $this->fixture->inputEscape(':will:never:exist'));
+ }
+
+ public function testPostCheck()
+ {
+ define('ISSO_CHECK_POST_REFERER', true);
+ $this->setUp();
+ }
+}
+
+?>
\ No newline at end of file