switching to full JSON API without POST array use, ensure all JSON operations are done with error detection
This commit is contained in:
parent
be1e7babc0
commit
cc1c55129f
|
@ -3712,27 +3712,22 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||
{
|
||||
let isPost = Object.keys(data).length > 0,
|
||||
ajaxParams = {
|
||||
type: isPost ? 'POST' : 'GET',
|
||||
url: url,
|
||||
headers: ajaxHeaders,
|
||||
success: function(result) {
|
||||
if (result.status === 0) {
|
||||
success(0, result);
|
||||
} else if (result.status === 1) {
|
||||
fail(1, result);
|
||||
} else {
|
||||
fail(2, result);
|
||||
type: isPost ? 'POST' : 'GET',
|
||||
url: url,
|
||||
headers: ajaxHeaders,
|
||||
dataType: 'json',
|
||||
success: function(result) {
|
||||
if (result.status === 0) {
|
||||
success(0, result);
|
||||
} else if (result.status === 1) {
|
||||
fail(1, result);
|
||||
} else {
|
||||
fail(2, result);
|
||||
}
|
||||
}
|
||||
}
|
||||
};
|
||||
};
|
||||
if (isPost) {
|
||||
ajaxParams.data = data;
|
||||
['adata', 'meta'].map(function (key) {
|
||||
if (data.hasOwnProperty(key)) {
|
||||
ajaxParams.data[key] = JSON.stringify(data[key]);
|
||||
}
|
||||
});
|
||||
ajaxParams.dataType = 'json';
|
||||
ajaxParams.data = JSON.stringify(data);
|
||||
}
|
||||
$.ajax(ajaxParams).fail(function(jqXHR, textStatus, errorThrown) {
|
||||
console.error(textStatus, errorThrown);
|
||||
|
|
|
@ -154,6 +154,7 @@ class Controller
|
|||
* initialize PrivateBin
|
||||
*
|
||||
* @access private
|
||||
* @throws Exception
|
||||
*/
|
||||
private function _init()
|
||||
{
|
||||
|
@ -206,7 +207,6 @@ class Controller
|
|||
);
|
||||
}
|
||||
|
||||
// Ensure content is not too big.
|
||||
$data = $this->_request->getData();
|
||||
$isComment = array_key_exists('pasteid', $data) &&
|
||||
!empty($data['pasteid']) &&
|
||||
|
@ -216,6 +216,7 @@ class Controller
|
|||
return $this->_return_message(1, 'Invalid data.');
|
||||
}
|
||||
$sizelimit = $this->_conf->getKey('sizelimit');
|
||||
// Ensure content is not too big.
|
||||
if (strlen($data['ct']) > $sizelimit) {
|
||||
return $this->_return_message(
|
||||
1,
|
||||
|
@ -432,6 +433,6 @@ class Controller
|
|||
$result['url'] = $this->_urlBase . '?' . $message;
|
||||
}
|
||||
$result += $other;
|
||||
$this->_json = json_encode($result);
|
||||
$this->_json = Json::encode($result);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -16,6 +16,7 @@ use Exception;
|
|||
use PDO;
|
||||
use PDOException;
|
||||
use PrivateBin\Controller;
|
||||
use PrivateBin\Json;
|
||||
|
||||
/**
|
||||
* Database
|
||||
|
@ -204,12 +205,12 @@ class Database extends AbstractData
|
|||
' VALUES(?,?,?,?,?,?,?,?,?)',
|
||||
array(
|
||||
$pasteid,
|
||||
$isVersion1 ? $paste['data'] : json_encode($paste),
|
||||
$isVersion1 ? $paste['data'] : Json::encode($paste),
|
||||
$created,
|
||||
$expire_date,
|
||||
(int) $opendiscussion,
|
||||
(int) $burnafterreading,
|
||||
json_encode($meta),
|
||||
Json::encode($meta),
|
||||
$attachment,
|
||||
$attachmentname,
|
||||
)
|
||||
|
@ -239,7 +240,7 @@ class Database extends AbstractData
|
|||
return false;
|
||||
}
|
||||
// create array
|
||||
$data = json_decode($paste['data'], true);
|
||||
$data = Json::decode($paste['data']);
|
||||
$isVersion2 = array_key_exists('v', $data) && $data['v'] >= 2;
|
||||
if ($isVersion2) {
|
||||
self::$_cache[$pasteid] = $data;
|
||||
|
@ -249,7 +250,7 @@ class Database extends AbstractData
|
|||
list($createdKey) = self::_getVersionedKeys(1);
|
||||
}
|
||||
|
||||
$paste['meta'] = json_decode($paste['meta'], true);
|
||||
$paste['meta'] = Json::decode($paste['meta']);
|
||||
if (!is_array($paste['meta'])) {
|
||||
$paste['meta'] = array();
|
||||
}
|
||||
|
@ -338,7 +339,7 @@ class Database extends AbstractData
|
|||
$data = $comment['data'];
|
||||
} else {
|
||||
$version = 2;
|
||||
$data = json_encode($comment);
|
||||
$data = Json::encode($comment);
|
||||
}
|
||||
list($createdKey, $iconKey) = self::_getVersionedKeys($version);
|
||||
$meta = $comment['meta'];
|
||||
|
@ -382,7 +383,7 @@ class Database extends AbstractData
|
|||
if (count($rows)) {
|
||||
foreach ($rows as $row) {
|
||||
$i = $this->getOpenSlot($comments, (int) $row['postdate']);
|
||||
$data = json_decode($row['data'], true);
|
||||
$data = Json::decode($row['data']);
|
||||
if (array_key_exists('v', $data) && $data['v'] >= 2) {
|
||||
$version = 2;
|
||||
$comments[$i] = $data;
|
||||
|
|
|
@ -156,9 +156,8 @@ class I18n
|
|||
|
||||
// load translations
|
||||
self::$_language = $match;
|
||||
self::$_translations = ($match == 'en') ? array() : json_decode(
|
||||
file_get_contents(self::_getPath($match . '.json')),
|
||||
true
|
||||
self::$_translations = ($match == 'en') ? array() : Json::decode(
|
||||
file_get_contents(self::_getPath($match . '.json'))
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -244,7 +243,7 @@ class I18n
|
|||
{
|
||||
$file = self::_getPath('languages.json');
|
||||
if (count(self::$_languageLabels) == 0 && is_readable($file)) {
|
||||
self::$_languageLabels = json_decode(file_get_contents($file), true);
|
||||
self::$_languageLabels = Json::decode(file_get_contents($file));
|
||||
}
|
||||
if (count($languages) == 0) {
|
||||
return self::$_languageLabels;
|
||||
|
|
32
lib/Json.php
32
lib/Json.php
|
@ -33,9 +33,39 @@ class Json
|
|||
public static function encode($input)
|
||||
{
|
||||
$jsonString = json_encode($input);
|
||||
self::_detectError();
|
||||
return $jsonString;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an array with the contents as described in the given JSON input
|
||||
*
|
||||
* @access public
|
||||
* @static
|
||||
* @param string $input
|
||||
* @throws Exception
|
||||
* @return array
|
||||
*/
|
||||
public static function decode($input)
|
||||
{
|
||||
$array = json_decode($input, true);
|
||||
self::_detectError();
|
||||
return $array;
|
||||
}
|
||||
|
||||
/**
|
||||
* Detects JSON errors and raises an exception if one is found
|
||||
*
|
||||
* @access private
|
||||
* @static
|
||||
* @throws Exception
|
||||
* @return void
|
||||
*/
|
||||
private static function _detectError()
|
||||
{
|
||||
$errorCode = json_last_error();
|
||||
if ($errorCode === JSON_ERROR_NONE) {
|
||||
return $jsonString;
|
||||
return;
|
||||
}
|
||||
|
||||
$message = 'A JSON error occurred';
|
||||
|
|
|
@ -98,7 +98,7 @@ class Paste extends AbstractModel
|
|||
if (
|
||||
$this->_store->create(
|
||||
$this->getId(),
|
||||
json_decode(json_encode($this->_data), true)
|
||||
$this->_data
|
||||
) === false
|
||||
) {
|
||||
throw new Exception('Error saving paste. Sorry.', 76);
|
||||
|
|
|
@ -45,7 +45,10 @@ class DataStore extends AbstractPersistence
|
|||
$filename = substr($filename, strlen($path));
|
||||
}
|
||||
try {
|
||||
self::_store($filename, self::PROTECTION_LINE . PHP_EOL . Json::encode($data));
|
||||
self::_store(
|
||||
$filename,
|
||||
self::PROTECTION_LINE . PHP_EOL . Json::encode($data)
|
||||
);
|
||||
return true;
|
||||
} catch (Exception $e) {
|
||||
return false;
|
||||
|
@ -62,7 +65,12 @@ class DataStore extends AbstractPersistence
|
|||
*/
|
||||
public static function get($filename)
|
||||
{
|
||||
return json_decode(substr(file_get_contents($filename), strlen(self::PROTECTION_LINE . PHP_EOL)), true);
|
||||
return Json::decode(
|
||||
substr(
|
||||
file_get_contents($filename),
|
||||
strlen(self::PROTECTION_LINE . PHP_EOL)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -107,10 +107,10 @@ class Request
|
|||
switch (array_key_exists('REQUEST_METHOD', $_SERVER) ? $_SERVER['REQUEST_METHOD'] : 'GET') {
|
||||
case 'DELETE':
|
||||
case 'PUT':
|
||||
parse_str(file_get_contents(self::$_inputStream), $this->_params);
|
||||
break;
|
||||
case 'POST':
|
||||
$this->_params = $_POST;
|
||||
$this->_params = Json::decode(
|
||||
file_get_contents(self::$_inputStream)
|
||||
);
|
||||
break;
|
||||
default:
|
||||
$this->_params = $_GET;
|
||||
|
@ -161,15 +161,15 @@ class Request
|
|||
public function getData()
|
||||
{
|
||||
$data = array(
|
||||
'adata' => json_decode($this->getParam('adata', '[]'), true),
|
||||
'adata' => $this->getParam('adata', array()),
|
||||
);
|
||||
$required_keys = array('v', 'ct');
|
||||
$meta = $this->getParam('meta');
|
||||
$meta = $this->getParam('meta', array());
|
||||
if (empty($meta)) {
|
||||
$required_keys[] = 'pasteid';
|
||||
$required_keys[] = 'parentid';
|
||||
} else {
|
||||
$data['meta'] = json_decode($meta, true);
|
||||
$data['meta'] = $meta;
|
||||
}
|
||||
foreach ($required_keys as $key) {
|
||||
$data[$key] = $this->getParam($key);
|
||||
|
|
|
@ -71,7 +71,7 @@ if ($MARKDOWN):
|
|||
endif;
|
||||
?>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-vFGSFJnVh1RWRo5e1F4ig6UBs3QnPfM8hZ9CnnTN9QTWtLY/urdVWSJFZYAqzU3zADw0LvqS/GxJnkkza0tTzQ==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-YCn+cUn5IWzAnD+URrUMfDVZ9SjPtPw//qVIYf7ZIMxmh+oODCN/NbZq30K/8ldA1Al0udP5RQg4PyE6j6wdBQ==" crossorigin="anonymous"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
|
|
@ -49,7 +49,7 @@ if ($MARKDOWN):
|
|||
endif;
|
||||
?>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-vFGSFJnVh1RWRo5e1F4ig6UBs3QnPfM8hZ9CnnTN9QTWtLY/urdVWSJFZYAqzU3zADw0LvqS/GxJnkkza0tTzQ==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-YCn+cUn5IWzAnD+URrUMfDVZ9SjPtPw//qVIYf7ZIMxmh+oODCN/NbZq30K/8ldA1Al0udP5RQg4PyE6j6wdBQ==" crossorigin="anonymous"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
|
|
@ -166,12 +166,9 @@ class Helper
|
|||
* @param array $meta
|
||||
* @return array
|
||||
*/
|
||||
public static function getPastePostJson($version = 2, array $meta = array())
|
||||
public static function getPasteJson($version = 2, array $meta = array())
|
||||
{
|
||||
$example = self::getPastePost($version, $meta);
|
||||
$example['adata'] = json_encode($example['adata']);
|
||||
$example['meta'] = json_encode($example['meta']);
|
||||
return $example;
|
||||
return json_encode(self::getPastePost($version, $meta));
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -223,11 +220,9 @@ class Helper
|
|||
* @param int $version
|
||||
* @return array
|
||||
*/
|
||||
public static function getCommentPostJson()
|
||||
public static function getCommentJson()
|
||||
{
|
||||
$example = self::getCommentPost();
|
||||
$example['adata'] = json_encode($example['adata']);
|
||||
return $example;
|
||||
return json_encode(self::getCommentPost());
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -4,6 +4,7 @@ use PrivateBin\Controller;
|
|||
use PrivateBin\Data\Filesystem;
|
||||
use PrivateBin\Persistence\ServerSalt;
|
||||
use PrivateBin\Persistence\TrafficLimiter;
|
||||
use PrivateBin\Request;
|
||||
|
||||
class ControllerTest extends PHPUnit_Framework_TestCase
|
||||
{
|
||||
|
@ -131,10 +132,13 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
*/
|
||||
public function testHtaccess()
|
||||
{
|
||||
$file = $this->_path . DIRECTORY_SEPARATOR . '.htaccess';
|
||||
@unlink($file);
|
||||
$htaccess = $this->_path . DIRECTORY_SEPARATOR . '.htaccess';
|
||||
@unlink($htaccess);
|
||||
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -142,7 +146,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
new Controller;
|
||||
ob_end_clean();
|
||||
|
||||
$this->assertFileExists($file, 'htaccess recreated');
|
||||
$this->assertFileExists($htaccess, 'htaccess recreated');
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -163,7 +167,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -190,7 +197,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPastePostJson(2, array('expire' => 25));
|
||||
$paste = Helper::getPasteJson(2, array('expire' => 25));
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -219,7 +229,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options['main']['sizelimit'] = 10;
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -240,7 +253,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['header'] = 'X_FORWARDED_FOR';
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_FORWARDED_FOR'] = '::2';
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
|
@ -269,7 +285,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -290,9 +309,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$_POST['expire'] = '5min';
|
||||
$_POST['formatter'] = 'foo';
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -321,9 +341,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$_POST['expire'] = '5min';
|
||||
$_POST['opendiscussion'] = '1';
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -353,8 +374,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$_POST['expire'] = 'foo';
|
||||
$paste = Helper::getPasteJson(2, array('expire' => 'foo'));
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -381,10 +404,11 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$adata = Helper::getPaste()['adata'];
|
||||
$adata[3] = 'neither 1 nor 0';
|
||||
$_POST['adata'] = json_encode($adata);
|
||||
$paste = Helper::getPastePost();
|
||||
$paste['adata'][3] = 'neither 1 nor 0';
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, json_encode($paste));
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -405,10 +429,11 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$adata = Helper::getPaste()['adata'];
|
||||
$adata[2] = 'neither 1 nor 0';
|
||||
$_POST['adata'] = json_encode($adata);
|
||||
$paste = Helper::getPastePost();
|
||||
$paste['adata'][2] = 'neither 1 nor 0';
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, json_encode($paste));
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -426,21 +451,20 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
* silently removed, check that this case is handled
|
||||
*
|
||||
* @runInSeparateProcess
|
||||
* @expectedException Exception
|
||||
* @expectedExceptionCode 90
|
||||
*/
|
||||
public function testCreateBrokenUpload()
|
||||
{
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$paste = substr(Helper::getPasteJson(), 0, -10);
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
$_POST['ct'] = ' ';
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exists before posting data');
|
||||
ob_start();
|
||||
new Controller;
|
||||
$content = ob_get_contents();
|
||||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs error status');
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
|
@ -449,7 +473,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
*/
|
||||
public function testCreateTooSoon()
|
||||
{
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -474,7 +501,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getCommentPostJson();
|
||||
$comment = Helper::getCommentJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $comment);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -496,8 +526,11 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getCommentPostJson();
|
||||
$_POST['parentid'] = 'foo';
|
||||
$comment = Helper::getCommentPost();
|
||||
$comment['parentid'] = 'foo';
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, json_encode($comment));
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -519,7 +552,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getCommentPostJson();
|
||||
$comment = Helper::getCommentJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $comment);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -543,7 +579,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getCommentPostJson();
|
||||
$comment = Helper::getCommentJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $comment);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -567,7 +606,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId(), Helper::getComment());
|
||||
$this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'comment exists before posting data');
|
||||
$_POST = Helper::getCommentPostJson();
|
||||
$comment = Helper::getCommentJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $comment);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -829,7 +871,11 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
{
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$_POST['deletetoken'] = 'burnafterreading';
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, json_encode(array(
|
||||
'deletetoken' => 'burnafterreading',
|
||||
)));
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
$_GET[Helper::getPasteId()] = '';
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
|
|
|
@ -48,7 +48,10 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$_POST = Helper::getPastePostJson();
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
|
@ -77,9 +80,9 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$paste = Helper::getPastePostJson();
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, http_build_query($paste));
|
||||
file_put_contents($file, $paste);
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
$_GET[Helper::getPasteId()] = '';
|
||||
|
@ -113,7 +116,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
|
|||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$paste = $this->_model->read(Helper::getPasteId());
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, http_build_query(array(
|
||||
file_put_contents($file, json_encode(array(
|
||||
'deletetoken' => hash_hmac('sha256', Helper::getPasteId(), $paste['meta']['salt']),
|
||||
)));
|
||||
Request::setInputStream($file);
|
||||
|
@ -139,10 +142,12 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
|
|||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$paste = $this->_model->read(Helper::getPasteId());
|
||||
$_POST = array(
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, json_encode(array(
|
||||
'pasteid' => Helper::getPasteId(),
|
||||
'deletetoken' => hash_hmac('sha256', Helper::getPasteId(), $paste['meta']['salt']),
|
||||
);
|
||||
)));
|
||||
Request::setInputStream($file);
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
ob_start();
|
||||
|
|
|
@ -93,7 +93,7 @@ class RequestTest extends PHPUnit_Framework_TestCase
|
|||
$_SERVER['REQUEST_METHOD'] = 'PUT';
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, 'ct=foo');
|
||||
file_put_contents($file, '{"ct":"foo"}');
|
||||
Request::setInputStream($file);
|
||||
$request = new Request;
|
||||
unlink($file);
|
||||
|
@ -107,8 +107,10 @@ class RequestTest extends PHPUnit_Framework_TestCase
|
|||
$this->reset();
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['HTTP_ACCEPT'] = 'application/json, text/javascript, */*; q=0.01';
|
||||
$_POST['ct'] = 'foo';
|
||||
$request = new Request;
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, '{"ct":"foo"}');
|
||||
Request::setInputStream($file);
|
||||
$request = new Request;
|
||||
$this->assertTrue($request->isJsonApiCall(), 'is JSON Api call');
|
||||
$this->assertEquals('create', $request->getOperation());
|
||||
$this->assertEquals('foo', $request->getParam('ct'));
|
||||
|
@ -136,8 +138,10 @@ class RequestTest extends PHPUnit_Framework_TestCase
|
|||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['QUERY_STRING'] = $id;
|
||||
$_GET = array($id => '');
|
||||
$_POST['deletetoken'] = 'bar';
|
||||
$request = new Request;
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, '{"deletetoken":"bar"}');
|
||||
Request::setInputStream($file);
|
||||
$request = new Request;
|
||||
$this->assertTrue($request->isJsonApiCall(), 'is JSON Api call');
|
||||
$this->assertEquals('delete', $request->getOperation());
|
||||
$this->assertEquals($id, $request->getParam('pasteid'));
|
||||
|
|
Loading…
Reference in New Issue