Passed
Pull Request — master (#1923)
by Struan
50:21 queued 14:35
created

CommentTest::testHTMLCleaningGetBody()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 3
Code Lines 2

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 1
eloc 2
nc 1
nop 0
dl 0
loc 3
rs 10
c 0
b 0
f 0
1
<?php
2
3
/**
4
 * Provides test methods for commenting functionality.
5
 */
6
class CommentTest extends TWFY_Database_TestCase {
7
    /**
8
     * Loads the comments testing fixture.
9
     */
10
    public function getDataSet() {
11
        return $this->createMySQLXMLDataSet(dirname(__FILE__) . '/_fixtures/comment.xml');
0 ignored issues
show
Bug introduced by
Are you sure the usage of $this->createMySQLXMLDat..._fixtures/comment.xml') targeting TWFY_Database_TestCase::createMySQLXMLDataSet() seems to always return null.

This check looks for function or method calls that always return null and whose return value is used.

class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {

The method getObject() can return nothing but null, so it makes no sense to use the return value.

The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.

Loading history...
12
    }
13
14
    /**
15
     * Ensures the database is prepared and the comment class is included for every test.
16
     */
17
    public function setUp(): void {
18
19
        parent::setUp();
20
21
        include_once('www/includes/easyparliament/comment.php');
22
    }
23
24
    /**
25
     * Makes sure the body of the test comment is returned correctly, testing HTML cleaning.
26
     */
27
    public function testHTMLCleaningGetBody() {
28
        $comment = new COMMENT(1);
29
        $this->assertEquals($comment->body(), "This is a test comment, including https://www.theyworkforyou.com <a href=\"https://www.theyworkforyou.com\">links</a>, email addresses like [email protected], <b>bold</b>, <i>italics</i>, and stray &lt; brackets to ensure they're rendered correctly.
30
31
It also spans multiple lines.");
32
    }
33
34
    /**
35
     * Makes sure a comment is correctly rendered, testing HTML cleaning.
36
     */
37
    public function testHTMLCleaningPrepareCommentForDisplay() {
38
        $comment = new COMMENT(1);
39
        $this->assertEquals(prepare_comment_for_display($comment->body()), "This is a test comment, including <a href=\"https://www.theyworkforyou.com\" rel=\"nofollow\">https://www.theyworkforyou.com</a> <a href=\"https://www.theyworkforyou.com\">links</a>, email addresses like <a href=\"mailto:[email protected]\">[email protected]</a>, <b>bold</b>, <i>italics</i>, and stray &lt; brackets to ensure they're rendered correctly.<br>
40
<br>
41
It also spans multiple lines.");
42
    }
43
44
    public function testCommentWithVeryLongLink() {
45
        $comment = new COMMENT(2);
46
        $this->assertEquals(
47
            prepare_comment_for_display($comment->body()),
48
            '<a href="https://www.theyworkforyou.example.org/this/is/a/coment/with/a/very/long/URL/that/contains/http://something/as/it/is/an/archive" rel="nofollow">https://www.theyworkforyou.example.org/this/is/a/coment/with...</a>'
49
        );
50
    }
51
52
    public function testAddCommentPermissions() {
53
54
        global $THEUSER;
55
56
        $THEUSER = new THEUSER();
57
58
        $THEUSER->init(2);
59
60
        $comment = new COMMENT();
61
62
        $data = [
63
            'epobject_id' => 1,
64
            'body' => "This is a test comment, including https://www.theyworkforyou.com <a href=\"https://www.theyworkforyou.com\">links</a>, <b>bold</b>, <i>italics</i>, and stray < brackets to ensure they're not stripped.
65
66
It also includes <script>alert('malicious!');</script> script tags, to ensure they are stripped correctly.
67
68
It also spans multiple lines.",
69
            'gid' => '',
70
        ];
71
72
        $commentId = $comment->create($data);
73
        $this->assertFalse($commentId);
74
    }
75
76
    /**
77
     * Tests adding a new comment, testing HTML cleaning.
78
     */
79
    public function testHTMLCleaningAddComment() {
80
81
        global $THEUSER;
82
83
        $THEUSER = new THEUSER();
84
85
        $THEUSER->init(1);
86
87
        $comment = new COMMENT();
88
89
        $data = [
90
            'epobject_id' => 1,
91
            'body' => "This is a test comment, including https://www.theyworkforyou.com <a href=\"https://www.theyworkforyou.com\">links</a>, <b>bold</b>, <i>italics</i>, and stray < brackets to ensure they're not stripped.
92
93
It also includes <script>alert('malicious!');</script> script tags, to ensure they are stripped correctly.
94
95
It also spans multiple lines.",
96
            'gid' => '',
97
        ];
98
99
        $commentId = $comment->create($data);
100
101
        // A correctly inserted comment returns an integer
102
        $this->assertIsInt($commentId);
103
104
        $comment = new COMMENT($commentId);
105
106
        $this->assertEquals("This is a test comment, including https://www.theyworkforyou.com <a href=\"https://www.theyworkforyou.com\">links</a>, <b>bold</b>, <i>italics</i>, and stray &lt; brackets to ensure they're not stripped.
107
108
It also includes alert('malicious!'); script tags, to ensure they are stripped correctly.
109
110
It also spans multiple lines.", $comment->body());
111
112
    }
113
114
    public function testHTMLCleaningOfAngleBrackets() {
115
        $text = 'Is 2 < 3?';
116
117
        $this->assertEquals('Is 2 &lt; 3?', filter_user_input($text, 'comment'));
118
    }
119
120
    public function testHTMLCleaningWithNonASCIIChars() {
121
        // this file is UTF-8 but odd comments are sent up looking like Windows-1252 so we need the
122
        // input text to be encoded thus otherwise the output is different
123
        $text = "This is a curly  ’ apostrophe. Is 2 &lt; 3 ø ø €  ’ « ö à";
124
125
        $this->assertEquals("This is a curly  &rsquo; apostrophe. Is 2 &lt; 3 &oslash; &oslash; &euro;  &rsquo; &laquo; &ouml; &agrave;", prepare_comment_for_display($text));
126
    }
127
128
}
129