'
- + ''
- + '
';
- this.status.prepend(img);
- if (typeof this.replyStatus !== 'undefined') {
- this.replyStatus.prepend(img);
- }
- }
- if (typeof this.replyStatus !== 'undefined') {
- this.replyStatus.removeClass('errorMessage').text(message);
- }
- if (!message)
- {
- this.status.html(' ');
+ $editorTabs = $('#editorTabs');
+ $message = $('#message');
+
+ // bind events
+ $message.keydown(supportTabs);
+
+ // bind click events to tab switchers (a), but save parent of them
+ // (li)
+ $messageEdit = $('#messageedit').click(viewEditor).parent();
+ $messagePreview = $('#messagepreview').click(viewPreview).parent();
+ }
+
+ return me;
+ })();
+
+ /**
+ * (view) Parse and show paste.
+ *
+ * @name PasteViewer
+ * @class
+ */
+ var PasteViewer = (function () {
+ var me = {};
+
+ var $placeholder,
+ $prettyMessage,
+ $prettyPrint,
+ $plainText;
+
+ var text,
+ format = 'plaintext',
+ isDisplayed = false,
+ isChanged = true; // by default true as nothing was parsed yet
+
+ /**
+ * apply the set format on paste and displays it
+ *
+ * @name PasteViewer.parsePaste
+ * @private
+ * @function
+ */
+ function parsePaste()
+ {
+ // skip parsing if no text is given
+ if (text === '') {
return;
}
- if (message === '')
- {
- this.status.html(' ');
- return;
+
+ // set text
+ Helper.setElementText($plainText, text);
+ Helper.setElementText($prettyPrint, text);
+
+ switch (format) {
+ case 'markdown':
+ var converter = new showdown.Converter({
+ strikethrough: true,
+ tables: true,
+ tablesHeaderId: true
+ });
+ $plainText.html(
+ converter.makeHtml(text)
+ );
+ // add table classes from bootstrap css
+ $plainText.find('table').addClass('table-condensed table-bordered');
+ break;
+ case 'syntaxhighlighting':
+ // @TODO is this really needed or is "one" enough?
+ if (typeof prettyPrint === 'function')
+ {
+ prettyPrint();
+ }
+
+ $prettyPrint.html(
+ prettyPrintOne(
+ Helper.htmlEntities(text), null, true
+ )
+ );
+ // fall through, as the rest is the same
+ default: // = 'plaintext'
+ // convert URLs to clickable links
+ Helper.urls2links($plainText);
+ Helper.urls2links($prettyPrint);
+
+ $prettyPrint.css('white-space', 'pre-wrap');
+ $prettyPrint.css('word-break', 'normal');
+ $prettyPrint.removeClass('prettyprint');
}
- this.status.removeClass('errorMessage').text(message);
- },
+ }
/**
- * bind events to DOM elements
+ * displays the paste
*
- * @name controller.bindEvents
+ * @name PasteViewer.showPaste
+ * @private
* @function
*/
- bindEvents: function()
+ function showPaste()
{
- this.burnAfterReading.change($.proxy(this.changeBurnAfterReading, this));
- this.openDisc.change($.proxy(this.changeOpenDisc, this));
- this.sendButton.click($.proxy(this.sendData, this));
- this.cloneButton.click($.proxy(this.clonePaste, this));
- this.rawTextButton.click($.proxy(this.rawText, this));
- this.fileRemoveButton.click($.proxy(this.removeAttachment, this));
- $('.reloadlink').click($.proxy(this.reloadPage, this));
- this.message.keydown(this.supportTabs);
- this.messageEdit.click($.proxy(this.viewEditor, this));
- this.messagePreview.click($.proxy(this.viewPreview, this));
+ // instead of "nothing" better display a placeholder
+ if (text === '') {
+ $placeholder.removeClass('hidden')
+ return;
+ }
+ // otherwise hide the placeholder
+ $placeholder.addClass('hidden')
+
+ switch (format) {
+ case 'markdown':
+ $plainText.removeClass('hidden');
+ $prettyMessage.addClass('hidden');
+ break;
+ default:
+ $plainText.addClass('hidden');
+ $prettyMessage.removeClass('hidden');
+ break;
+ }
+ }
+
+ /**
+ * sets the format in which the text is shown
+ *
+ * @name PasteViewer.setFormat
+ * @function
+ * @param {string} newFormat the the new format
+ */
+ me.setFormat = function(newFormat)
+ {
+ // skip if there is no update
+ if (format === newFormat) {
+ return;
+ }
+
+ // needs to update display too, if from or to Markdown is switched
+ if (format === 'markdown' || newFormat === 'markdown') {
+ isDisplayed = false;
+ }
+
+ format = newFormat;
+ isChanged = true;
+ }
+
+ /**
+ * returns the current format
+ *
+ * @name PasteViewer.getFormat
+ * @function
+ * @return {string}
+ */
+ me.getFormat = function()
+ {
+ return format;
+ }
+
+ /**
+ * returns whether the current view is pretty printed
+ *
+ * @name PasteViewer.isPrettyPrinted
+ * @function
+ * @return {bool}
+ */
+ me.isPrettyPrinted = function()
+ {
+ return $prettyPrint.hasClass('prettyprinted');
+ }
+
+ /**
+ * sets the text to show
+ *
+ * @name PasteViewer.setText
+ * @function
+ * @param {string} newText the text to show
+ */
+ me.setText = function(newText)
+ {
+ if (text !== newText) {
+ text = newText;
+ isChanged = true;
+ }
+ }
+
+ /**
+ * gets the current cached text
+ *
+ * @name PasteViewer.getText
+ * @function
+ * @return {string}
+ */
+ me.getText = function()
+ {
+ return text;
+ }
+
+ /**
+ * show/update the parsed text (preview)
+ *
+ * @name PasteViewer.run
+ * @function
+ */
+ me.run = function()
+ {
+ if (isChanged) {
+ parsePaste();
+ isChanged = false;
+ }
+
+ if (!isDisplayed) {
+ showPaste();
+ isDisplayed = true;
+ }
+ }
+
+ /**
+ * hide parsed text (preview)
+ *
+ * @name PasteViewer.hide
+ * @function
+ */
+ me.hide = function()
+ {
+ if (!isDisplayed) {
+ console.warn('PasteViewer was called to hide the parsed view, but it is already hidden.');
+ }
+
+ $plainText.addClass('hidden');
+ $prettyMessage.addClass('hidden');
+ $placeholder.addClass('hidden');
+
+ isDisplayed = false;
+ }
+
+ /**
+ * init status manager
+ *
+ * preloads jQuery elements
+ *
+ * @name PasteViewer.init
+ * @function
+ */
+ me.init = function()
+ {
+ $placeholder = $('#placeholder');
+ $plainText = $('#plaintext');
+ $prettyMessage = $('#prettymessage');
+ $prettyPrint = $('#prettyprint');
+
+ // check requirements
+ if (typeof prettyPrintOne !== 'function') {
+ Alert.showError([
+ 'The library %s is not available. This may cause display errors.',
+ 'pretty print'
+ ]);
+ }
+ if (typeof showdown !== 'object') {
+ Alert.showError([
+ 'The library %s is not available. This may cause display errors.',
+ 'showdown'
+ ]);
+ }
+
+ // get default option from template/HTML or fall back to set value
+ format = Model.getFormatDefault() || format;
+ }
+
+ return me;
+ })();
+
+ /**
+ * (view) Show attachment and preview if possible
+ *
+ * @name AttachmentViewer
+ * @param {object} window
+ * @param {object} document
+ * @class
+ */
+ var AttachmentViewer = (function (window, document) {
+ var me = {};
+
+ var $attachmentLink,
+ $attachmentPreview,
+ $attachment;
+
+ var attachmentHasPreview = false;
+
+ /**
+ * sets the attachment but does not yet show it
+ *
+ * @name AttachmentViewer.setAttachment
+ * @function
+ * @param {string} attachmentData - base64-encoded data of file
+ * @param {string} fileName - optional, file name
+ */
+ me.setAttachment = function(attachmentData, fileName)
+ {
+ var imagePrefix = 'data:image/';
+
+ $attachmentLink.attr('href', attachmentData);
+ if (typeof fileName !== 'undefined') {
+ $attachmentLink.attr('download', fileName);
+ }
+
+ // if the attachment is an image, display it
+ if (attachmentData.substring(0, imagePrefix.length) === imagePrefix) {
+ $attachmentPreview.html(
+ $(document.createElement('img'))
+ .attr('src', attachmentData)
+ .attr('class', 'img-thumbnail')
+ );
+ attachmentHasPreview = true;
+ }
+ }
+
+ /**
+ * displays the attachment
+ *
+ * @name AttachmentViewer.showAttachment
+ * @function
+ */
+ me.showAttachment = function()
+ {
+ $attachment.removeClass('hidden');
+
+ if (attachmentHasPreview) {
+ $attachmentPreview.removeClass('hidden');
+ }
+ }
+
+ /**
+ * removes the attachment
+ *
+ * This automatically hides the attachment containers to, to
+ * prevent an inconsistent display.
+ *
+ * @name AttachmentViewer.removeAttachment
+ * @function
+ */
+ me.removeAttachment = function()
+ {
+ me.hideAttachment();
+ me.hideAttachmentPreview();
+ $attachmentLink.prop('href', '');
+ $attachmentLink.prop('download', '');
+ $attachmentPreview.html('');
+ }
+
+ /**
+ * hides the attachment
+ *
+ * This will not hide the preview (see AttachmentViewer.hideAttachmentPreview
+ * for that) nor will it hide the attachment link if it was moved somewhere
+ * else (see AttachmentViewer.moveAttachmentTo).
+ *
+ * @name AttachmentViewer.hideAttachment
+ * @function
+ */
+ me.hideAttachment = function()
+ {
+ $attachment.addClass('hidden');
+ }
+
+ /**
+ * hides the attachment preview
+ *
+ * @name AttachmentViewer.hideAttachmentPreview
+ * @function
+ */
+ me.hideAttachmentPreview = function()
+ {
+ $attachmentPreview.addClass('hidden');
+ }
+
+ /**
+ * checks if there is an attachment
+ *
+ * @name AttachmentViewer.hasAttachment
+ * @function
+ */
+ me.hasAttachment = function()
+ {
+ return ($attachmentLink.prop('href') !== '')
+ }
+
+ /**
+ * return the attachment
+ *
+ * @name AttachmentViewer.getAttachment
+ * @function
+ * @returns {array}
+ */
+ me.getAttachment = function()
+ {
+ return [
+ $attachmentLink.prop('href'),
+ $attachmentLink.prop('download')
+ ];
+ }
+
+ /**
+ * moves the attachment link to another element
+ *
+ * It is advisable to hide the attachment afterwards (AttachmentViewer.hideAttachment)
+ *
+ * @name AttachmentViewer.moveAttachmentTo
+ * @function
+ * @param {jQuery} $element - the wrapper/container element where this should be moved to
+ * @param {string} label - the text to show (%s will be replaced with the file name), will automatically be translated
+ */
+ me.moveAttachmentTo = function($element, label)
+ {
+ // move elemement to new place
+ $attachmentLink.appendTo($element);
+
+ // update text
+ I18n._($attachmentLink, label, $attachmentLink.attr('download'));
+ }
+
+ /**
+ * initiate
+ *
+ * preloads jQuery elements
+ *
+ * @name AttachmentViewer.init
+ * @function
+ */
+ me.init = function()
+ {
+ $attachment = $('#attachment');
+ $attachmentLink = $('#attachment a');
+ $attachmentPreview = $('#attachmentPreview');
+ }
+
+ return me;
+ })(window, document);
+
+ /**
+ * (view) Shows discussion thread and handles replies
+ *
+ * @name DiscussionViewer
+ * @param {object} window
+ * @param {object} document
+ * @class
+ */
+ var DiscussionViewer = (function (window, document) {
+ var me = {};
+
+ var $commentTail,
+ $discussion,
+ $reply,
+ $replyMessage,
+ $replyNickname,
+ $replyStatus,
+ $commentContainer;
+
+ var replyCommentId;
+
+ /**
+ * initializes the templates
+ *
+ * @name DiscussionViewer.initTemplates
+ * @private
+ * @function
+ */
+ function initTemplates()
+ {
+ $reply = Model.getTemplate('reply');
+ $replyMessage = $reply.find('#replymessage');
+ $replyNickname = $reply.find('#nickname');
+ $replyStatus = $reply.find('#replystatus');
+
+ // cache jQuery elements
+ $commentTail = Model.getTemplate('commenttail');
+ }
+
+ /**
+ * open the comment entry when clicking the "Reply" button of a comment
+ *
+ * @name DiscussionViewer.openReply
+ * @private
+ * @function
+ * @param {Event} event
+ */
+ function openReply(event)
+ {
+ var $source = $(event.target);
+
+ // clear input
+ $replyMessage.val('');
+ $replyNickname.val('');
+
+ // get comment id from source element
+ replyCommentId = $source.parent().prop('id').split('_')[1];
+
+ // move to correct position
+ $source.after($reply);
+
+ // show
+ $reply.removeClass('hidden');
+ $replyMessage.focus();
+
+ event.preventDefault();
+ }
+
+ /**
+ * custom handler for displaying notifications in own status message area
+ *
+ * @name DiscussionViewer.handleNotification
+ * @function
+ * @param {string} alertType
+ * @param {jQuery} $element
+ * @param {string|array} args
+ * @param {string|null} icon
+ * @return {bool|jQuery}
+ */
+ me.handleNotification = function(alertType, $element, args, icon)
+ {
+ // ignore loading messages
+ if (alertType === 'loading') {
+ return false;
+ }
+
+ if (alertType === 'danger') {
+ $replyStatus.removeClass('alert-info');
+ $replyStatus.addClass('alert-danger');
+ $replyStatus.find(':first').removeClass('glyphicon-alert');
+ $replyStatus.find(':first').addClass('glyphicon-info-sign');
+ } else {
+ $replyStatus.removeClass('alert-danger');
+ $replyStatus.addClass('alert-info');
+ $replyStatus.find(':first').removeClass('glyphicon-info-sign');
+ $replyStatus.find(':first').addClass('glyphicon-alert');
+ }
+
+ return $replyStatus;
+ }
+
+ /**
+ * adds another comment
+ *
+ * @name DiscussionViewer.addComment
+ * @function
+ * @param {object} comment
+ * @param {string} commentText
+ * @param {jQuery} $place - optional, tries to find the best position otherwise
+ */
+ me.addComment = function(comment, commentText, nickname, $place)
+ {
+ if (typeof $place === 'undefined') {
+ // starting point (default value/fallback)
+ $place = $commentContainer;
+
+ // if parent comment exists
+ var $parentComment = $('#comment_' + comment.parentid);
+ if ($parentComment.length) {
+ // use parent as position for noew comment, so it shifted
+ // to the right
+ $place = $parentComment;
+ }
+ }
+ if (commentText === '') {
+ commentText = 'comment decryption failed';
+ }
+
+ // create new comment based on template
+ var $commentEntry = Model.getTemplate('comment');
+ $commentEntry.prop('id', 'comment_' + comment.id);
+ var $commentEntryData = $commentEntry.find('div.commentdata');
+
+ // set & parse text
+ Helper.setElementText($commentEntryData, commentText);
+ Helper.urls2links($commentEntryData);
+
+ // set nickname
+ if (nickname.length > 0) {
+ $commentEntry.find('span.nickname').text(nickname);
+ } else {
+ $commentEntry.find('span.nickname').html('');
+ I18n._($commentEntry.find('span.nickname i'), 'Anonymous');
+ }
+
+ // set date
+ $commentEntry.find('span.commentdate')
+ .text(' (' + (new Date(comment.meta.postdate * 1000).toLocaleString()) + ')')
+ .attr('title', 'CommentID: ' + comment.id);
+
+ // if an avatar is available, display it
+ if (comment.meta.vizhash) {
+ $commentEntry.find('span.nickname')
+ .before(
+ '
-
-
+
+
+
+
-
-
-
+
+
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
- ]*id="errormessage"[^>]*>.*Invalid paste ID\.#s',
$content,
'outputs delete error correctly'
);
@@ -980,7 +977,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
$content = ob_get_contents();
ob_end_clean();
$this->assertRegExp(
- '#]*id="errormessage"[^>]*>.*Paste does not exist[^<]*
#',
+ '#
-
+
+
+
+
+
+
+
+
+
+
-
- ]*id="status"[^>]*>.*Paste was properly deleted\.#s',
$content,
'outputs deleted status correctly'
);
@@ -960,7 +957,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
$content = ob_get_contents();
ob_end_clean();
$this->assertRegExp(
- '#]*id="errormessage"[^>]*>.*Invalid paste ID\.
#',
+ '#
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+
]*id="errormessage"[^>]*>.*Paste does not exist, has expired or has been deleted\.#s',
$content,
'outputs error correctly'
);
@@ -818,10 +815,10 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
$content = ob_get_contents();
ob_end_clean();
unset($burnPaste['meta']['salt']);
- $this->assertContains(
- ']*id="status"[^>]*>.*Paste was properly deleted[^<]*
#s',
+ '#
+
+
+ this FAQ for information to troubleshoot.'); ?> +
+ + this FAQ for information to troubleshoot.'); ?> +
+
+
+
-
-
-
+
+
diff --git a/tpl/page.php b/tpl/page.php
index 3bd4b530..18d60e32 100644
--- a/tpl/page.php
+++ b/tpl/page.php
@@ -47,7 +47,7 @@ if ($MARKDOWN):
-
+
@@ -79,12 +79,12 @@ endif;
+
+
-
- name0000-00-00
c
-
- this FAQ for information to troubleshoot.'); ?> -
- - this FAQ for information to troubleshoot.'); ?> -
@@ -125,7 +125,7 @@ endif;
- ]*id="errormessage"[^>]*>.*Paste does not exist, has expired or has been deleted\.#s',
$content,
'outputs error correctly'
);
@@ -798,7 +795,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
$content = ob_get_contents();
ob_end_clean();
$this->assertRegExp(
- '#]*id="errormessage"[^>]*>.*Paste does not exist[^<]*
#',
+ '#
+
-
+
diff --git a/tst/.gitignore b/tst/.gitignore deleted file mode 100644 index 39ef6b92..00000000 --- a/tst/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/ConfigurationCombinationsTest.php diff --git a/tst/.htaccess b/tst/.htaccess deleted file mode 100644 index b584d98c..00000000 --- a/tst/.htaccess +++ /dev/null @@ -1,2 +0,0 @@ -Allow from none -Deny from all diff --git a/tst/Bootstrap.php b/tst/Bootstrap.php index 1b423b29..dfae0edc 100644 --- a/tst/Bootstrap.php +++ b/tst/Bootstrap.php @@ -172,22 +172,24 @@ class Helper */ public static function rmDir($path) { - $path .= DIRECTORY_SEPARATOR; - $dir = dir($path); - while (false !== ($file = $dir->read())) { - if ($file != '.' && $file != '..') { - if (is_dir($path . $file)) { - self::rmDir($path . $file); - } elseif (is_file($path . $file)) { - if (!unlink($path . $file)) { - throw new Exception('Error deleting file "' . $path . $file . '".'); + if (is_dir($path)) { + $path .= DIRECTORY_SEPARATOR; + $dir = dir($path); + while (false !== ($file = $dir->read())) { + if ($file != '.' && $file != '..') { + if (is_dir($path . $file)) { + self::rmDir($path . $file); + } elseif (is_file($path . $file)) { + if (!unlink($path . $file)) { + throw new Exception('Error deleting file "' . $path . $file . '".'); + } } } } - } - $dir->close(); - if (!rmdir($path)) { - throw new Exception('Error deleting directory "' . $path . '".'); + $dir->close(); + if (!rmdir($path)) { + throw new Exception('Error deleting directory "' . $path . '".'); + } } } diff --git a/tst/Data/FilesystemTest.php b/tst/Data/FilesystemTest.php index 95029217..e7e6dc82 100644 --- a/tst/Data/FilesystemTest.php +++ b/tst/Data/FilesystemTest.php @@ -8,16 +8,26 @@ class FilesystemTest extends PHPUnit_Framework_TestCase private $_path; + private $_invalidPath; + public function setUp() { /* Setup Routine */ - $this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data'; - $this->_model = Filesystem::getInstance(array('dir' => $this->_path)); + $this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data'; + $this->_invalidPath = $this->_path . DIRECTORY_SEPARATOR . 'bar'; + $this->_model = Filesystem::getInstance(array('dir' => $this->_path)); + if (!is_dir($this->_path)) { + mkdir($this->_path); + } + if (!is_dir($this->_invalidPath)) { + mkdir($this->_invalidPath); + } } public function tearDown() { /* Tear Down Routine */ + chmod($this->_invalidPath, 0700); Helper::rmDir($this->_path); } @@ -37,6 +47,7 @@ class FilesystemTest extends PHPUnit_Framework_TestCase $this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'comment does not yet exist'); $this->assertTrue($this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment()), 'store comment'); $this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'comment exists after storing it'); + $this->assertFalse($this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment()), 'unable to store the same comment twice'); $comment = json_decode(json_encode(Helper::getComment())); $comment->id = Helper::getCommentId(); $comment->parentid = Helper::getPasteId(); @@ -99,10 +110,6 @@ class FilesystemTest extends PHPUnit_Framework_TestCase } } - /** - * @expectedException Exception - * @expectedExceptionCode 90 - */ public function testErrorDetection() { $this->_model->delete(Helper::getPasteId()); @@ -112,10 +119,6 @@ class FilesystemTest extends PHPUnit_Framework_TestCase $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does still not exist'); } - /** - * @expectedException Exception - * @expectedExceptionCode 90 - */ public function testCommentErrorDetection() { $this->_model->delete(Helper::getPasteId()); diff --git a/tst/FilterTest.php b/tst/FilterTest.php index 63cc8f89..96097a02 100644 --- a/tst/FilterTest.php +++ b/tst/FilterTest.php @@ -4,14 +4,6 @@ use PrivateBin\Filter; class FilterTest extends PHPUnit_Framework_TestCase { - public function testFilterStripsSlashesDeeply() - { - $this->assertEquals( - array("f'oo", "b'ar", array("fo'o", "b'ar")), - Filter::stripslashesDeep(array("f\\'oo", "b\\'ar", array("fo\\'o", "b\\'ar"))) - ); - } - public function testFilterMakesTimesHumanlyReadable() { $this->assertEquals('5 minutes', Filter::formatHumanReadableTime('5min')); diff --git a/tst/JsonApiTest.php b/tst/JsonApiTest.php index 8579f013..a5928893 100644 --- a/tst/JsonApiTest.php +++ b/tst/JsonApiTest.php @@ -98,6 +98,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase new PrivateBin; $content = ob_get_contents(); ob_end_clean(); + unlink($file); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); $this->assertEquals(Helper::getPasteId(), $response['id'], 'outputted paste ID matches input'); @@ -132,6 +133,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase new PrivateBin; $content = ob_get_contents(); ob_end_clean(); + unlink($file); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted'); @@ -147,10 +149,9 @@ class JsonApiTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); $paste = $this->_model->read(Helper::getPasteId()); $_POST = array( - 'action' => 'delete', + 'pasteid' => Helper::getPasteId(), 'deletetoken' => hash_hmac('sha256', Helper::getPasteId(), $paste->meta->salt), ); - $_SERVER['QUERY_STRING'] = Helper::getPasteId(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; ob_start(); diff --git a/tst/ModelTest.php b/tst/ModelTest.php index 8f7a40b0..4d314f78 100644 --- a/tst/ModelTest.php +++ b/tst/ModelTest.php @@ -82,6 +82,7 @@ class ModelTest extends PHPUnit_Framework_TestCase $comment = $paste->getComment(Helper::getPasteId()); $comment->setData($commentData['data']); $comment->setNickname($commentData['meta']['nickname']); + $comment->getParentId(); $comment->store(); $comment = $paste->getComment(Helper::getPasteId(), Helper::getCommentId()); @@ -189,6 +190,27 @@ class ModelTest extends PHPUnit_Framework_TestCase $this->assertFalse(Paste::isValidId('../bar/baz'), 'path attack'); } + /** + * @expectedException Exception + * @expectedExceptionCode 64 + */ + public function testInvalidPaste() + { + $this->_model->getPaste(Helper::getPasteId())->delete(); + $paste = $this->_model->getPaste(Helper::getPasteId()); + $paste->get(); + } + + /** + * @expectedException Exception + * @expectedExceptionCode 61 + */ + public function testInvalidData() + { + $paste = $this->_model->getPaste(); + $paste->setData(''); + } + /** * @expectedException Exception * @expectedExceptionCode 62 @@ -199,6 +221,37 @@ class ModelTest extends PHPUnit_Framework_TestCase $paste->getComment(Helper::getPasteId()); } + /** + * @expectedException Exception + * @expectedExceptionCode 67 + */ + public function testInvalidCommentDeletedPaste() + { + $pasteData = Helper::getPaste(); + $paste = $this->_model->getPaste(Helper::getPasteId()); + $paste->setData($pasteData['data']); + $paste->store(); + + $comment = $paste->getComment(Helper::getPasteId()); + $paste->delete(); + $comment->store(); + } + + /** + * @expectedException Exception + * @expectedExceptionCode 68 + */ + public function testInvalidCommentData() + { + $pasteData = Helper::getPaste(); + $paste = $this->_model->getPaste(Helper::getPasteId()); + $paste->setData($pasteData['data']); + $paste->store(); + + $comment = $paste->getComment(Helper::getPasteId()); + $comment->store(); + } + public function testExpiration() { $pasteData = Helper::getPaste(); diff --git a/tst/PrivateBinTest.php b/tst/PrivateBinTest.php index 355b3f9d..a8aad11a 100644 --- a/tst/PrivateBinTest.php +++ b/tst/PrivateBinTest.php @@ -140,21 +140,18 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase public function testHtaccess() { $this->reset(); - $dirs = array('cfg', 'lib'); - foreach ($dirs as $dir) { - $file = PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess'; - @unlink($file); - } + $file = $this->_path . DIRECTORY_SEPARATOR . '.htaccess'; + @unlink($file); + + $_POST = Helper::getPaste(); + $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; + $_SERVER['REQUEST_METHOD'] = 'POST'; + $_SERVER['REMOTE_ADDR'] = '::1'; ob_start(); new PrivateBin; ob_end_clean(); - foreach ($dirs as $dir) { - $file = PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess'; - $this->assertFileExists( - $file, - "$dir htaccess recreated" - ); - } + + $this->assertFileExists($file, 'htaccess recreated'); } /** @@ -739,10 +736,10 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase new PrivateBin; $content = ob_get_contents(); ob_end_clean(); - $this->assertContains( - ']*id="errormessage"[^>]*>.*Invalid paste ID\. #',
+ '#]*id="errormessage"[^>]*>.*Invalid paste ID\.#s',
$content,
'outputs error correctly'
);
@@ -778,7 +775,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
$content = ob_get_contents();
ob_end_clean();
$this->assertRegExp(
- '#]*id="errormessage"[^>]*>.*Paste does not exist[^<]*
#',
+ '#
checked="checked"
-
+
-
+
+
+
+
+
+
+
+
+ name0000-00-00
c
diff --git a/tst/.gitignore b/tst/.gitignore deleted file mode 100644 index 39ef6b92..00000000 --- a/tst/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/ConfigurationCombinationsTest.php diff --git a/tst/.htaccess b/tst/.htaccess deleted file mode 100644 index b584d98c..00000000 --- a/tst/.htaccess +++ /dev/null @@ -1,2 +0,0 @@ -Allow from none -Deny from all diff --git a/tst/Bootstrap.php b/tst/Bootstrap.php index 1b423b29..dfae0edc 100644 --- a/tst/Bootstrap.php +++ b/tst/Bootstrap.php @@ -172,22 +172,24 @@ class Helper */ public static function rmDir($path) { - $path .= DIRECTORY_SEPARATOR; - $dir = dir($path); - while (false !== ($file = $dir->read())) { - if ($file != '.' && $file != '..') { - if (is_dir($path . $file)) { - self::rmDir($path . $file); - } elseif (is_file($path . $file)) { - if (!unlink($path . $file)) { - throw new Exception('Error deleting file "' . $path . $file . '".'); + if (is_dir($path)) { + $path .= DIRECTORY_SEPARATOR; + $dir = dir($path); + while (false !== ($file = $dir->read())) { + if ($file != '.' && $file != '..') { + if (is_dir($path . $file)) { + self::rmDir($path . $file); + } elseif (is_file($path . $file)) { + if (!unlink($path . $file)) { + throw new Exception('Error deleting file "' . $path . $file . '".'); + } } } } - } - $dir->close(); - if (!rmdir($path)) { - throw new Exception('Error deleting directory "' . $path . '".'); + $dir->close(); + if (!rmdir($path)) { + throw new Exception('Error deleting directory "' . $path . '".'); + } } } diff --git a/tst/Data/FilesystemTest.php b/tst/Data/FilesystemTest.php index 95029217..e7e6dc82 100644 --- a/tst/Data/FilesystemTest.php +++ b/tst/Data/FilesystemTest.php @@ -8,16 +8,26 @@ class FilesystemTest extends PHPUnit_Framework_TestCase private $_path; + private $_invalidPath; + public function setUp() { /* Setup Routine */ - $this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data'; - $this->_model = Filesystem::getInstance(array('dir' => $this->_path)); + $this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data'; + $this->_invalidPath = $this->_path . DIRECTORY_SEPARATOR . 'bar'; + $this->_model = Filesystem::getInstance(array('dir' => $this->_path)); + if (!is_dir($this->_path)) { + mkdir($this->_path); + } + if (!is_dir($this->_invalidPath)) { + mkdir($this->_invalidPath); + } } public function tearDown() { /* Tear Down Routine */ + chmod($this->_invalidPath, 0700); Helper::rmDir($this->_path); } @@ -37,6 +47,7 @@ class FilesystemTest extends PHPUnit_Framework_TestCase $this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'comment does not yet exist'); $this->assertTrue($this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment()), 'store comment'); $this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'comment exists after storing it'); + $this->assertFalse($this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment()), 'unable to store the same comment twice'); $comment = json_decode(json_encode(Helper::getComment())); $comment->id = Helper::getCommentId(); $comment->parentid = Helper::getPasteId(); @@ -99,10 +110,6 @@ class FilesystemTest extends PHPUnit_Framework_TestCase } } - /** - * @expectedException Exception - * @expectedExceptionCode 90 - */ public function testErrorDetection() { $this->_model->delete(Helper::getPasteId()); @@ -112,10 +119,6 @@ class FilesystemTest extends PHPUnit_Framework_TestCase $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does still not exist'); } - /** - * @expectedException Exception - * @expectedExceptionCode 90 - */ public function testCommentErrorDetection() { $this->_model->delete(Helper::getPasteId()); diff --git a/tst/FilterTest.php b/tst/FilterTest.php index 63cc8f89..96097a02 100644 --- a/tst/FilterTest.php +++ b/tst/FilterTest.php @@ -4,14 +4,6 @@ use PrivateBin\Filter; class FilterTest extends PHPUnit_Framework_TestCase { - public function testFilterStripsSlashesDeeply() - { - $this->assertEquals( - array("f'oo", "b'ar", array("fo'o", "b'ar")), - Filter::stripslashesDeep(array("f\\'oo", "b\\'ar", array("fo\\'o", "b\\'ar"))) - ); - } - public function testFilterMakesTimesHumanlyReadable() { $this->assertEquals('5 minutes', Filter::formatHumanReadableTime('5min')); diff --git a/tst/JsonApiTest.php b/tst/JsonApiTest.php index 8579f013..a5928893 100644 --- a/tst/JsonApiTest.php +++ b/tst/JsonApiTest.php @@ -98,6 +98,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase new PrivateBin; $content = ob_get_contents(); ob_end_clean(); + unlink($file); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); $this->assertEquals(Helper::getPasteId(), $response['id'], 'outputted paste ID matches input'); @@ -132,6 +133,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase new PrivateBin; $content = ob_get_contents(); ob_end_clean(); + unlink($file); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted'); @@ -147,10 +149,9 @@ class JsonApiTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); $paste = $this->_model->read(Helper::getPasteId()); $_POST = array( - 'action' => 'delete', + 'pasteid' => Helper::getPasteId(), 'deletetoken' => hash_hmac('sha256', Helper::getPasteId(), $paste->meta->salt), ); - $_SERVER['QUERY_STRING'] = Helper::getPasteId(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; ob_start(); diff --git a/tst/ModelTest.php b/tst/ModelTest.php index 8f7a40b0..4d314f78 100644 --- a/tst/ModelTest.php +++ b/tst/ModelTest.php @@ -82,6 +82,7 @@ class ModelTest extends PHPUnit_Framework_TestCase $comment = $paste->getComment(Helper::getPasteId()); $comment->setData($commentData['data']); $comment->setNickname($commentData['meta']['nickname']); + $comment->getParentId(); $comment->store(); $comment = $paste->getComment(Helper::getPasteId(), Helper::getCommentId()); @@ -189,6 +190,27 @@ class ModelTest extends PHPUnit_Framework_TestCase $this->assertFalse(Paste::isValidId('../bar/baz'), 'path attack'); } + /** + * @expectedException Exception + * @expectedExceptionCode 64 + */ + public function testInvalidPaste() + { + $this->_model->getPaste(Helper::getPasteId())->delete(); + $paste = $this->_model->getPaste(Helper::getPasteId()); + $paste->get(); + } + + /** + * @expectedException Exception + * @expectedExceptionCode 61 + */ + public function testInvalidData() + { + $paste = $this->_model->getPaste(); + $paste->setData(''); + } + /** * @expectedException Exception * @expectedExceptionCode 62 @@ -199,6 +221,37 @@ class ModelTest extends PHPUnit_Framework_TestCase $paste->getComment(Helper::getPasteId()); } + /** + * @expectedException Exception + * @expectedExceptionCode 67 + */ + public function testInvalidCommentDeletedPaste() + { + $pasteData = Helper::getPaste(); + $paste = $this->_model->getPaste(Helper::getPasteId()); + $paste->setData($pasteData['data']); + $paste->store(); + + $comment = $paste->getComment(Helper::getPasteId()); + $paste->delete(); + $comment->store(); + } + + /** + * @expectedException Exception + * @expectedExceptionCode 68 + */ + public function testInvalidCommentData() + { + $pasteData = Helper::getPaste(); + $paste = $this->_model->getPaste(Helper::getPasteId()); + $paste->setData($pasteData['data']); + $paste->store(); + + $comment = $paste->getComment(Helper::getPasteId()); + $comment->store(); + } + public function testExpiration() { $pasteData = Helper::getPaste(); diff --git a/tst/PrivateBinTest.php b/tst/PrivateBinTest.php index 355b3f9d..a8aad11a 100644 --- a/tst/PrivateBinTest.php +++ b/tst/PrivateBinTest.php @@ -140,21 +140,18 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase public function testHtaccess() { $this->reset(); - $dirs = array('cfg', 'lib'); - foreach ($dirs as $dir) { - $file = PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess'; - @unlink($file); - } + $file = $this->_path . DIRECTORY_SEPARATOR . '.htaccess'; + @unlink($file); + + $_POST = Helper::getPaste(); + $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; + $_SERVER['REQUEST_METHOD'] = 'POST'; + $_SERVER['REMOTE_ADDR'] = '::1'; ob_start(); new PrivateBin; ob_end_clean(); - foreach ($dirs as $dir) { - $file = PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess'; - $this->assertFileExists( - $file, - "$dir htaccess recreated" - ); - } + + $this->assertFileExists($file, 'htaccess recreated'); } /** @@ -739,10 +736,10 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase new PrivateBin; $content = ob_get_contents(); ob_end_clean(); - $this->assertContains( - '
' .
- htmlspecialchars(Helper::getPasteAsJson(), ENT_NOQUOTES) .
- '
',
+ $this->assertRegExp(
+ '#]*>' .
+ preg_quote(htmlspecialchars(Helper::getPasteAsJson(), ENT_NOQUOTES)) .
+ '
#',
$content,
'outputs data correctly'
);
@@ -760,7 +757,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
$content = ob_get_contents();
ob_end_clean();
$this->assertRegExp(
- '#' .
- htmlspecialchars(Helper::getPasteAsJson($burnPaste['meta']), ENT_NOQUOTES) .
- '
',
+ $this->assertRegExp(
+ '#]*>' .
+ preg_quote(htmlspecialchars(Helper::getPasteAsJson($burnPaste['meta']), ENT_NOQUOTES)) .
+ '
#',
$content,
'outputs data correctly'
);
@@ -889,10 +886,10 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
$content = ob_get_contents();
ob_end_clean();
$meta['formatter'] = 'syntaxhighlighting';
- $this->assertContains(
- '' .
- htmlspecialchars(Helper::getPasteAsJson($meta), ENT_NOQUOTES) .
- '
',
+ $this->assertRegExp(
+ '#]*>' .
+ preg_quote(htmlspecialchars(Helper::getPasteAsJson($meta), ENT_NOQUOTES)) .
+ '
#',
$content,
'outputs data correctly'
);
@@ -914,10 +911,10 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
ob_end_clean();
$oldPaste['meta']['formatter'] = 'plaintext';
unset($oldPaste['meta']['salt']);
- $this->assertContains(
- '' .
- htmlspecialchars(Helper::getPasteAsJson($oldPaste['meta']), ENT_NOQUOTES) .
- '
',
+ $this->assertRegExp(
+ '#]*>' .
+ preg_quote(htmlspecialchars(Helper::getPasteAsJson($oldPaste['meta']), ENT_NOQUOTES)) .
+ '
#',
$content,
'outputs data correctly'
);
@@ -939,7 +936,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
$content = ob_get_contents();
ob_end_clean();
$this->assertRegExp(
- '#