From 09162a3c570fbb699ad670e56d5e4f84f6fce468 Mon Sep 17 00:00:00 2001 From: El RIDO Date: Wed, 15 May 2019 07:44:03 +0200 Subject: [PATCH] fix display of v2 pastes in JS, fixing parsing of comments in PHP, avoid exposing expiration date (we provide time_to_live, would allow calculation of creation date of paste) --- js/privatebin.js | 23 +++---- js/test/PasteStatus.js | 47 +++++++++++-- lib/Controller.php | 4 +- lib/FormatV2.php | 22 ++++--- lib/Model/Paste.php | 1 + tpl/bootstrap.php | 2 +- tpl/page.php | 2 +- tst/Bootstrap.php | 1 + tst/ControllerTest.php | 124 +++++++++++++++++------------------ tst/ControllerWithDbTest.php | 2 +- 10 files changed, 136 insertions(+), 92 deletions(-) diff --git a/js/privatebin.js b/js/privatebin.js index ddd3d62..a4b0daa 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -1621,11 +1621,11 @@ jQuery.PrivateBin = (function($, RawDeflate) { * * @name PasteStatus.showRemainingTime * @function - * @param {object} pasteMetaData + * @param {object} paste */ - me.showRemainingTime = function(pasteMetaData) + me.showRemainingTime = function(paste) { - if (pasteMetaData.burnafterreading) { + if ((paste.adata && paste.adata[3]) || paste.meta.burnafterreading) { // display paste "for your eyes only" if it is deleted // the paste has been deleted when the JSON with the ciphertext @@ -1637,9 +1637,9 @@ jQuery.PrivateBin = (function($, RawDeflate) { // discourage cloning (it cannot really be prevented) TopNav.hideCloneButton(); - } else if (pasteMetaData.expire_date) { + } else if (paste.meta.time_to_live || paste.meta.remaining_time) { // display paste expiration - let expiration = Helper.secondsToHuman(pasteMetaData.time_to_live || pasteMetaData.remaining_time), + let expiration = Helper.secondsToHuman(paste.meta.time_to_live || paste.meta.remaining_time), expirationLabel = [ 'This document will expire in %d ' + expiration[1] + '.', 'This document will expire in %d ' + expiration[1] + 's.' @@ -2885,14 +2885,14 @@ jQuery.PrivateBin = (function($, RawDeflate) { // set date $commentEntry.find('span.commentdate') - .text(' (' + (new Date(comment.meta.postdate * 1000).toLocaleString()) + ')') + .text(' (' + (new Date((comment.meta.created || comment.meta.postdate) * 1000).toLocaleString()) + ')') .attr('title', 'CommentID: ' + comment.id); // if an avatar is available, display it - if (comment.meta.vizhash) { + if (comment.meta.icon || comment.meta.vizhash) { $commentEntry.find('span.nickname') .before( - ' ' + ' ' ); $(document).on('languageLoaded', function () { $commentEntry.find('img.vizhash') @@ -4038,6 +4038,7 @@ jQuery.PrivateBin = (function($, RawDeflate) { } await ServerInteraction.setCipherMessage(cipherMessage).catch(Alert.showError); + ServerInteraction.run(); }; /** @@ -4246,7 +4247,7 @@ jQuery.PrivateBin = (function($, RawDeflate) { if (paste.comments[i].hasOwnProperty('v') && paste.comments[i].v === 2) { // version 2 comment commentDecryptionPromises.push( - CryptTool.decipher(key, password, paste.comments[i].ct) + CryptTool.decipher(key, password, [paste.comments[i].ct, paste.comments[i].adata]) .then((commentJson) => { const commentMessage = JSON.parse(commentJson); return [ @@ -4335,12 +4336,12 @@ jQuery.PrivateBin = (function($, RawDeflate) { decryptionPromises.push(decryptPaste(paste, key, password)) // if the discussion is opened on this paste, display it - if (paste.meta.opendiscussion) { + if ((paste.adata && paste.adata[2]) || paste.meta.opendiscussion) { decryptionPromises.push(decryptComments(paste, key, password)); } // shows the remaining time (until) deletion - PasteStatus.showRemainingTime(paste.meta); + PasteStatus.showRemainingTime(paste); Promise.all(decryptionPromises) .then(() => { diff --git a/js/test/PasteStatus.js b/js/test/PasteStatus.js index 6b0805d..823840a 100644 --- a/js/test/PasteStatus.js +++ b/js/test/PasteStatus.js @@ -44,7 +44,45 @@ describe('PasteStatus', function () { }); jsc.property( - 'shows burn after reading message or remaining time', + 'shows burn after reading message or remaining time v1', + 'bool', + 'nat', + jsc.nearray(common.jscA2zString()), + jsc.nearray(common.jscA2zString()), + jsc.nearray(common.jscQueryString()), + 'string', + function ( + burnafterreading, remainingTime, + schema, address, query, fragment + ) { + var clean = jsdom('', { + url: schema.join('') + '://' + address.join('') + + '/?' + query.join('') + '#' + fragment + }), + result; + $('body').html(''); + $.PrivateBin.PasteStatus.init(); + $.PrivateBin.PasteStatus.showRemainingTime({'meta': { + 'burnafterreading': burnafterreading, + 'remaining_time': remainingTime + }}); + if (burnafterreading) { + result = $('#remainingtime').hasClass('foryoureyesonly') && + !$('#remainingtime').hasClass('hidden'); + } else if (remainingTime) { + result =!$('#remainingtime').hasClass('foryoureyesonly') && + !$('#remainingtime').hasClass('hidden'); + } else { + result = $('#remainingtime').hasClass('hidden') && + !$('#remainingtime').hasClass('foryoureyesonly'); + } + clean(); + return result; + } + ); + + jsc.property( + 'shows burn after reading message or remaining time v2', 'bool', 'nat', jsc.nearray(common.jscA2zString()), @@ -63,9 +101,10 @@ describe('PasteStatus', function () { $('body').html(''); $.PrivateBin.PasteStatus.init(); $.PrivateBin.PasteStatus.showRemainingTime({ - 'burnafterreading': burnafterreading, - 'remaining_time': remainingTime, - 'expire_date': remainingTime ? ((new Date()).getTime() / 1000) + remainingTime : 0 + 'adata': [null, null, null, burnafterreading], + 'meta': { + 'time_to_live': remainingTime + } }); if (burnafterreading) { result = $('#remainingtime').hasClass('foryoureyesonly') && diff --git a/lib/Controller.php b/lib/Controller.php index 1b50ab6..2ab1ea7 100644 --- a/lib/Controller.php +++ b/lib/Controller.php @@ -213,7 +213,7 @@ class Controller array_key_exists('parentid', $data) && !empty($data['parentid']); if (!FormatV2::isValid($data, $isComment)) { - return $this->_return_message(1, 'Invalid data.'); + return $this->_return_message(1, I18n::_('Invalid data.')); } $sizelimit = $this->_conf->getKey('sizelimit'); // Ensure content is not too big. @@ -240,7 +240,7 @@ class Controller } $this->_return_message(0, $comment->getId()); } else { - $this->_return_message(1, 'Invalid data.'); + $this->_return_message(1, I18n::_('Invalid data.')); } } // The user posts a standard paste. diff --git a/lib/FormatV2.php b/lib/FormatV2.php index 7835e81..358d834 100644 --- a/lib/FormatV2.php +++ b/lib/FormatV2.php @@ -52,13 +52,15 @@ class FormatV2 } } + $cipherParams = $isComment ? $message['adata'] : $message['adata'][0]; + // Make sure some fields are base64 data: // - initialization vector - if (!base64_decode($message['adata'][0][0], true)) { + if (!base64_decode($cipherParams[0], true)) { return false; } // - salt - if (!base64_decode($message['adata'][0][1], true)) { + if (!base64_decode($cipherParams[1], true)) { return false; } // - cipher text @@ -68,11 +70,11 @@ class FormatV2 // Make sure some fields have a reasonable size: // - initialization vector - if (strlen($message['adata'][0][0]) > 24) { + if (strlen($cipherParams[0]) > 24) { return false; } // - salt - if (strlen($message['adata'][0][1]) > 14) { + if (strlen($cipherParams[1]) > 14) { return false; } @@ -82,27 +84,27 @@ class FormatV2 return false; } // - iterations, refuse less then 10000 iterations (minimum NIST recommendation) - if (!is_int($message['adata'][0][2]) || $message['adata'][0][2] <= 10000) { + if (!is_int($cipherParams[2]) || $cipherParams[2] <= 10000) { return false; } // - key size - if (!in_array($message['adata'][0][3], array(128, 192, 256), true)) { + if (!in_array($cipherParams[3], array(128, 192, 256), true)) { return false; } // - tag size - if (!in_array($message['adata'][0][4], array(64, 96, 128), true)) { + if (!in_array($cipherParams[4], array(64, 96, 128), true)) { return false; } // - algorithm, must be AES - if ($message['adata'][0][5] !== 'aes') { + if ($cipherParams[5] !== 'aes') { return false; } // - mode - if (!in_array($message['adata'][0][6], array('ctr', 'cbc', 'gcm'), true)) { + if (!in_array($cipherParams[6], array('ctr', 'cbc', 'gcm'), true)) { return false; } // - compression - if (!in_array($message['adata'][0][7], array('zlib', 'none'), true)) { + if (!in_array($cipherParams[7], array('zlib', 'none'), true)) { return false; } diff --git a/lib/Model/Paste.php b/lib/Model/Paste.php index 1164081..cb572fc 100644 --- a/lib/Model/Paste.php +++ b/lib/Model/Paste.php @@ -45,6 +45,7 @@ class Paste extends AbstractModel } // We kindly provide the remaining time before expiration (in seconds) $data['meta']['time_to_live'] = $data['meta']['expire_date'] - time(); + unset($data['meta']['expire_date']); } // check if non-expired burn after reading paste needs to be deleted diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index c3063e2..286af01 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -71,7 +71,7 @@ if ($MARKDOWN): endif; ?> - + diff --git a/tpl/page.php b/tpl/page.php index f7acd63..a79ac36 100644 --- a/tpl/page.php +++ b/tpl/page.php @@ -49,7 +49,7 @@ if ($MARKDOWN): endif; ?> - + diff --git a/tst/Bootstrap.php b/tst/Bootstrap.php index 31b31ed..b539351 100644 --- a/tst/Bootstrap.php +++ b/tst/Bootstrap.php @@ -192,6 +192,7 @@ class Helper { $example = $version === 1 ? self::$commentV1 : self::$pasteV2; if ($version === 2) { + $example['adata'] = $example['adata'][0]; $example['pasteid'] = $example['parentid'] = self::getPasteId(); $example['meta']['created'] = self::$commentV1['meta']['postdate']; $example['meta']['icon'] = self::$commentV1['meta']['vizhash']; diff --git a/tst/ControllerTest.php b/tst/ControllerTest.php index 540a7d7..9463a13 100644 --- a/tst/ControllerTest.php +++ b/tst/ControllerTest.php @@ -8,7 +8,7 @@ use PrivateBin\Request; class ControllerTest extends PHPUnit_Framework_TestCase { - protected $_model; + protected $_data; protected $_path; @@ -16,7 +16,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase { /* Setup Routine */ $this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data'; - $this->_model = Filesystem::getInstance(array('dir' => $this->_path)); + $this->_data = Filesystem::getInstance(array('dir' => $this->_path)); $this->reset(); } @@ -33,8 +33,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase $_POST = array(); $_GET = array(); $_SERVER = array(); - if ($this->_model->exists(Helper::getPasteId())) { - $this->_model->delete(Helper::getPasteId()); + if ($this->_data->exists(Helper::getPasteId())) { + $this->_data->delete(Helper::getPasteId()); } $options = parse_ini_file(CONF_SAMPLE, true); $options['purge']['dir'] = $this->_path; @@ -180,8 +180,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); - $paste = $this->_model->read($response['id']); + $this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data'); + $paste = $this->_data->read($response['id']); $this->assertEquals( hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], @@ -211,8 +211,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); - $paste = $this->_model->read($response['id']); + $this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data'); + $paste = $this->_data->read($response['id']); $this->assertEquals( hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], @@ -242,7 +242,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data'); } /** @@ -267,8 +267,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); - $paste = $this->_model->read($response['id']); + $this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data'); + $paste = $this->_data->read($response['id']); $this->assertEquals( hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], @@ -284,7 +284,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $this->_model->create(Helper::getPasteId(), Helper::getPaste()); + $this->_data->create(Helper::getPasteId(), Helper::getPaste()); $paste = Helper::getPasteJson(); $file = tempnam(sys_get_temp_dir(), 'FOO'); file_put_contents($file, $paste); @@ -298,7 +298,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data'); + $this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data'); } /** @@ -323,8 +323,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); - $paste = $this->_model->read($response['id']); + $this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data'); + $paste = $this->_data->read($response['id']); $this->assertEquals( hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], @@ -355,8 +355,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); - $paste = $this->_model->read($response['id']); + $this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data'); + $paste = $this->_data->read($response['id']); $this->assertEquals( hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], @@ -387,8 +387,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); - $paste = $this->_model->read($response['id']); + $this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data'); + $paste = $this->_data->read($response['id']); $this->assertEquals( hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], @@ -418,7 +418,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data'); } /** @@ -443,7 +443,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data'); } /** @@ -463,9 +463,9 @@ class ControllerTest extends PHPUnit_Framework_TestCase $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exists before posting data'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste does not exists before posting data'); new Controller; - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data'); } /** @@ -483,14 +483,14 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_start(); new Controller; ob_end_clean(); - $this->_model->delete(Helper::getPasteId()); + $this->_data->delete(Helper::getPasteId()); ob_start(); new Controller; $content = ob_get_contents(); ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data'); } /** @@ -508,14 +508,14 @@ class ControllerTest extends PHPUnit_Framework_TestCase $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; - $this->_model->create(Helper::getPasteId(), Helper::getPaste()); + $this->_data->create(Helper::getPasteId(), Helper::getPaste()); ob_start(); new Controller; $content = ob_get_contents(); ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), $response['id']), 'paste exists after posting data'); + $this->assertTrue($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), $response['id']), 'paste exists after posting data'); } /** @@ -534,14 +534,14 @@ class ControllerTest extends PHPUnit_Framework_TestCase $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; - $this->_model->create(Helper::getPasteId(), Helper::getPaste()); + $this->_data->create(Helper::getPasteId(), Helper::getPaste()); ob_start(); new Controller; $content = ob_get_contents(); ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data'); + $this->assertFalse($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data'); } /** @@ -561,14 +561,14 @@ class ControllerTest extends PHPUnit_Framework_TestCase $_SERVER['REMOTE_ADDR'] = '::1'; $paste = Helper::getPaste(); $paste['adata'][2] = 0; - $this->_model->create(Helper::getPasteId(), $paste); + $this->_data->create(Helper::getPasteId(), $paste); ob_start(); new Controller; $content = ob_get_contents(); ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data'); + $this->assertFalse($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data'); } /** @@ -592,7 +592,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data'); + $this->assertFalse($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data'); } /** @@ -603,9 +603,9 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $this->_model->create(Helper::getPasteId(), Helper::getPaste()); - $this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId(), Helper::getComment()); - $this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'comment exists before posting data'); + $this->_data->create(Helper::getPasteId(), Helper::getPaste()); + $this->_data->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId(), Helper::getComment()); + $this->assertTrue($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'comment exists before posting data'); $comment = Helper::getCommentJson(); $file = tempnam(sys_get_temp_dir(), 'FOO'); file_put_contents($file, $comment); @@ -619,7 +619,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'paste exists after posting data'); + $this->assertTrue($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'paste exists after posting data'); } /** @@ -662,7 +662,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase public function testReadExpired() { $expiredPaste = Helper::getPaste(2, array('expire_date' => 1344803344)); - $this->_model->create(Helper::getPasteId(), $expiredPaste); + $this->_data->create(Helper::getPasteId(), $expiredPaste); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); $_GET[Helper::getPasteId()] = ''; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -682,7 +682,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase { $paste = Helper::getPaste(); $paste['adata'][3] = 1; - $this->_model->create(Helper::getPasteId(), $paste); + $this->_data->create(Helper::getPasteId(), $paste); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); $_GET[Helper::getPasteId()] = ''; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -702,7 +702,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertEquals(0, $response['comment_count'], 'outputs comment_count correctly'); $this->assertEquals(0, $response['comment_offset'], 'outputs comment_offset correctly'); // by default it will be deleted instantly after it is read - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after reading'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after reading'); } /** @@ -711,7 +711,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase public function testReadJson() { $paste = Helper::getPaste(); - $this->_model->create(Helper::getPasteId(), $paste); + $this->_data->create(Helper::getPasteId(), $paste); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); $_GET[Helper::getPasteId()] = ''; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -743,7 +743,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase 'postdate' => $paste['meta']['postdate'], 'opendiscussion' => $paste['meta']['opendiscussion'], ); - $this->_model->create(Helper::getPasteId(), $paste); + $this->_data->create(Helper::getPasteId(), $paste); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); $_GET[Helper::getPasteId()] = ''; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -770,8 +770,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase { $burnPaste = Helper::getPaste(); $burnPaste['adata'][3] = 1; - $this->_model->create(Helper::getPasteId(), $burnPaste); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); + $this->_data->create(Helper::getPasteId(), $burnPaste); + $this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data'); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); $_GET[Helper::getPasteId()] = ''; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -781,7 +781,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste successfully deleted'); } /** @@ -789,9 +789,9 @@ class ControllerTest extends PHPUnit_Framework_TestCase */ public function testDelete() { - $this->_model->create(Helper::getPasteId(), Helper::getPaste()); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); - $paste = $this->_model->read(Helper::getPasteId()); + $this->_data->create(Helper::getPasteId(), Helper::getPaste()); + $this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data'); + $paste = $this->_data->read(Helper::getPasteId()); $_GET['pasteid'] = Helper::getPasteId(); $_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), $paste['meta']['salt']); ob_start(); @@ -803,7 +803,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $content, 'outputs deleted status correctly' ); - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste successfully deleted'); } /** @@ -811,7 +811,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase */ public function testDeleteInvalidId() { - $this->_model->create(Helper::getPasteId(), Helper::getPaste()); + $this->_data->create(Helper::getPasteId(), Helper::getPaste()); $_GET['pasteid'] = 'foo'; $_GET['deletetoken'] = 'bar'; ob_start(); @@ -823,7 +823,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $content, 'outputs delete error correctly' ); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after failing to delete data'); + $this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists after failing to delete data'); } /** @@ -849,7 +849,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase */ public function testDeleteInvalidToken() { - $this->_model->create(Helper::getPasteId(), Helper::getPaste()); + $this->_data->create(Helper::getPasteId(), Helper::getPaste()); $_GET['pasteid'] = Helper::getPasteId(); $_GET['deletetoken'] = 'bar'; ob_start(); @@ -861,7 +861,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $content, 'outputs delete error correctly' ); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after failing to delete data'); + $this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists after failing to delete data'); } /** @@ -869,8 +869,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase */ public function testDeleteInvalidBurnAfterReading() { - $this->_model->create(Helper::getPasteId(), Helper::getPaste()); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); + $this->_data->create(Helper::getPasteId(), Helper::getPaste()); + $this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data'); $file = tempnam(sys_get_temp_dir(), 'FOO'); file_put_contents($file, json_encode(array( 'deletetoken' => 'burnafterreading', @@ -886,7 +886,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after failing to delete data'); + $this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists after failing to delete data'); } /** @@ -895,9 +895,9 @@ class ControllerTest extends PHPUnit_Framework_TestCase public function testDeleteExpired() { $expiredPaste = Helper::getPaste(2, array('expire_date' => 1000)); - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exist before being created'); - $this->_model->create(Helper::getPasteId(), $expiredPaste); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste does not exist before being created'); + $this->_data->create(Helper::getPasteId(), $expiredPaste); + $this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data'); $_GET['pasteid'] = Helper::getPasteId(); $_GET['deletetoken'] = 'does not matter in this context, but has to be set'; ob_start(); @@ -909,7 +909,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $content, 'outputs error correctly' ); - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste successfully deleted'); } /** @@ -919,8 +919,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase { $paste = Helper::getPaste(); unset($paste['meta']['salt']); - $this->_model->create(Helper::getPasteId(), $paste); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); + $this->_data->create(Helper::getPasteId(), $paste); + $this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data'); $_GET['pasteid'] = Helper::getPasteId(); $_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), ServerSalt::get()); ob_start(); @@ -932,6 +932,6 @@ class ControllerTest extends PHPUnit_Framework_TestCase $content, 'outputs deleted status correctly' ); - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted'); + $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste successfully deleted'); } } diff --git a/tst/ControllerWithDbTest.php b/tst/ControllerWithDbTest.php index e3c6705..90dee92 100644 --- a/tst/ControllerWithDbTest.php +++ b/tst/ControllerWithDbTest.php @@ -23,7 +23,7 @@ class ControllerWithDbTest extends ControllerTest mkdir($this->_path); } $this->_options['dsn'] = 'sqlite:' . $this->_path . DIRECTORY_SEPARATOR . 'tst.sq3'; - $this->_model = Database::getInstance($this->_options); + $this->_data = Database::getInstance($this->_options); $this->reset(); }