implemented JSON file conversion on purge and storage in PHP files for data leak protection
This commit is contained in:
El RIDO
@@ -16,13 +16,13 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
/* Setup Routine */
|
||||
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
|
||||
$this->_model = Filesystem::getInstance(array('dir' => $this->_path));
|
||||
ServerSalt::setPath($this->_path);
|
||||
$this->reset();
|
||||
}
|
||||
|
||||
public function tearDown()
|
||||
{
|
||||
/* Tear Down Routine */
|
||||
unlink(CONF);
|
||||
Helper::confRestore();
|
||||
Helper::rmDir($this->_path);
|
||||
}
|
||||
@@ -35,13 +35,13 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
if ($this->_model->exists(Helper::getPasteId())) {
|
||||
$this->_model->delete(Helper::getPasteId());
|
||||
}
|
||||
Helper::confRestore();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options = parse_ini_file(CONF_SAMPLE, true);
|
||||
$options['purge']['dir'] = $this->_path;
|
||||
$options['traffic']['dir'] = $this->_path;
|
||||
$options['model_options']['dir'] = $this->_path;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
ServerSalt::setPath($this->_path);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -49,7 +49,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testView()
|
||||
{
|
||||
$this->reset();
|
||||
ob_start();
|
||||
new PrivateBin;
|
||||
$content = ob_get_contents();
|
||||
@@ -71,10 +70,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testViewLanguageSelection()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['main']['languageselection'] = true;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_COOKIE['lang'] = 'de';
|
||||
ob_start();
|
||||
@@ -93,11 +90,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testViewForceLanguageDefault()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['main']['languageselection'] = false;
|
||||
$options['main']['languagedefault'] = 'fr';
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_COOKIE['lang'] = 'de';
|
||||
ob_start();
|
||||
@@ -117,10 +112,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
public function testViewUrlShortener()
|
||||
{
|
||||
$shortener = 'https://shortener.example.com/api?link=';
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['main']['urlshortener'] = $shortener;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_COOKIE['lang'] = 'de';
|
||||
ob_start();
|
||||
@@ -139,7 +132,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testHtaccess()
|
||||
{
|
||||
$this->reset();
|
||||
$dirs = array('cfg', 'lib');
|
||||
foreach ($dirs as $dir) {
|
||||
$file = PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess';
|
||||
@@ -163,8 +155,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testConf()
|
||||
{
|
||||
$this->reset();
|
||||
Helper::confBackup();
|
||||
file_put_contents(CONF, '');
|
||||
new PrivateBin;
|
||||
}
|
||||
@@ -174,10 +164,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreate()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPaste();
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
@@ -203,10 +191,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateInvalidTimelimit()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPaste(array('expire' => 25));
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
@@ -233,11 +219,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateInvalidSize()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['main']['sizelimit'] = 10;
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPaste();
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
@@ -257,10 +241,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateProxyHeader()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['header'] = 'X_FORWARDED_FOR';
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPaste();
|
||||
$_SERVER['HTTP_X_FORWARDED_FOR'] = '::2';
|
||||
@@ -287,10 +269,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateDuplicateId()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$_POST = Helper::getPaste();
|
||||
@@ -311,10 +291,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateValidExpire()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPaste();
|
||||
$_POST['expire'] = '5min';
|
||||
@@ -344,10 +322,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateValidExpireWithDiscussion()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPaste();
|
||||
$_POST['expire'] = '5min';
|
||||
@@ -378,10 +354,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateInvalidExpire()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPaste();
|
||||
$_POST['expire'] = 'foo';
|
||||
@@ -408,10 +382,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateInvalidBurn()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPaste();
|
||||
$_POST['burnafterreading'] = 'neither 1 nor 0';
|
||||
@@ -432,10 +404,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateInvalidOpenDiscussion()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPaste();
|
||||
$_POST['opendiscussion'] = 'neither 1 nor 0';
|
||||
@@ -456,11 +426,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateAttachment()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
$options['main']['fileupload'] = true;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPasteWithAttachment();
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
@@ -494,11 +462,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateBrokenAttachmentUpload()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
$options['main']['fileupload'] = true;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPasteWithAttachment();
|
||||
unset($_POST['attachment']);
|
||||
@@ -520,7 +486,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateTooSoon()
|
||||
{
|
||||
$this->reset();
|
||||
$_POST = Helper::getPaste();
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
@@ -543,10 +508,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateValidNick()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPaste();
|
||||
$_POST['nickname'] = Helper::getComment()['meta']['nickname'];
|
||||
@@ -573,10 +536,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateInvalidNick()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getCommentPost();
|
||||
$_POST['pasteid'] = Helper::getPasteId();
|
||||
@@ -600,10 +561,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateComment()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getCommentPost();
|
||||
$_POST['pasteid'] = Helper::getPasteId();
|
||||
@@ -626,10 +585,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateInvalidComment()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getCommentPost();
|
||||
$_POST['pasteid'] = Helper::getPasteId();
|
||||
@@ -652,10 +609,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateCommentDiscussionDisabled()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getCommentPost();
|
||||
$_POST['pasteid'] = Helper::getPasteId();
|
||||
@@ -679,10 +634,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateCommentInvalidPaste()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getCommentPost();
|
||||
$_POST['pasteid'] = Helper::getPasteId();
|
||||
@@ -704,10 +657,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testCreateDuplicateComment()
|
||||
{
|
||||
$this->reset();
|
||||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::confBackup();
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment());
|
||||
@@ -732,7 +683,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testRead()
|
||||
{
|
||||
$this->reset();
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
ob_start();
|
||||
@@ -753,7 +703,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testReadInvalidId()
|
||||
{
|
||||
$this->reset();
|
||||
$_SERVER['QUERY_STRING'] = 'foo';
|
||||
ob_start();
|
||||
new PrivateBin;
|
||||
@@ -771,7 +720,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testReadNonexisting()
|
||||
{
|
||||
$this->reset();
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
ob_start();
|
||||
new PrivateBin;
|
||||
@@ -789,7 +737,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testReadExpired()
|
||||
{
|
||||
$this->reset();
|
||||
$expiredPaste = Helper::getPaste(array('expire_date' => 1344803344));
|
||||
$this->_model->create(Helper::getPasteId(), $expiredPaste);
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
@@ -809,7 +756,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testReadBurn()
|
||||
{
|
||||
$this->reset();
|
||||
$burnPaste = Helper::getPaste(array('burnafterreading' => true));
|
||||
$this->_model->create(Helper::getPasteId(), $burnPaste);
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
@@ -832,7 +778,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testReadJson()
|
||||
{
|
||||
$this->reset();
|
||||
$paste = Helper::getPaste();
|
||||
$this->_model->create(Helper::getPasteId(), $paste);
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
@@ -858,7 +803,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testReadInvalidJson()
|
||||
{
|
||||
$this->reset();
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
ob_start();
|
||||
@@ -874,7 +818,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testReadOldSyntax()
|
||||
{
|
||||
$this->reset();
|
||||
$oldPaste = Helper::getPaste();
|
||||
$meta = array(
|
||||
'syntaxcoloring' => true,
|
||||
@@ -903,7 +846,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testReadOldFormat()
|
||||
{
|
||||
$this->reset();
|
||||
$oldPaste = Helper::getPaste();
|
||||
unset($oldPaste['meta']['formatter']);
|
||||
$this->_model->create(Helper::getPasteId(), $oldPaste);
|
||||
@@ -928,7 +870,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testDelete()
|
||||
{
|
||||
$this->reset();
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$paste = $this->_model->read(Helper::getPasteId());
|
||||
@@ -951,7 +892,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testDeleteInvalidId()
|
||||
{
|
||||
$this->reset();
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$_GET['pasteid'] = 'foo';
|
||||
$_GET['deletetoken'] = 'bar';
|
||||
@@ -972,7 +912,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testDeleteInexistantId()
|
||||
{
|
||||
$this->reset();
|
||||
$_GET['pasteid'] = Helper::getPasteId();
|
||||
$_GET['deletetoken'] = 'bar';
|
||||
ob_start();
|
||||
@@ -991,7 +930,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testDeleteInvalidToken()
|
||||
{
|
||||
$this->reset();
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$_GET['pasteid'] = Helper::getPasteId();
|
||||
$_GET['deletetoken'] = 'bar';
|
||||
@@ -1012,7 +950,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testDeleteBurnAfterReading()
|
||||
{
|
||||
$this->reset();
|
||||
$burnPaste = Helper::getPaste(array('burnafterreading' => true));
|
||||
$this->_model->create(Helper::getPasteId(), $burnPaste);
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
@@ -1034,7 +971,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testDeleteInvalidBurnAfterReading()
|
||||
{
|
||||
$this->reset();
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$_POST['deletetoken'] = 'burnafterreading';
|
||||
@@ -1055,7 +991,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testDeleteExpired()
|
||||
{
|
||||
$this->reset();
|
||||
$expiredPaste = Helper::getPaste(array('expire_date' => 1000));
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exist before being created');
|
||||
$this->_model->create(Helper::getPasteId(), $expiredPaste);
|
||||
@@ -1079,7 +1014,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function testDeleteMissingPerPasteSalt()
|
||||
{
|
||||
$this->reset();
|
||||
$paste = Helper::getPaste();
|
||||
unset($paste['meta']['salt']);
|
||||
$this->_model->create(Helper::getPasteId(), $paste);
|
||||
|
||||
Reference in New Issue
Block a user