diff options
author | diosmosis <diosmosis@users.noreply.github.com> | 2018-10-07 22:46:00 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-07 22:46:00 +0300 |
commit | 5470c4f46cbc00ee704ffee6bfae965412771ad3 (patch) | |
tree | f81ed7e5e3c0b2e46b706585b3d7ada7b26e4c36 /tests/PHPUnit/Integration/DbHelperTest.php | |
parent | 475022f41635ae0e42226f58ff9b346597d23f2e (diff) |
Quote db name in certain queries. (#13529)
Diffstat (limited to 'tests/PHPUnit/Integration/DbHelperTest.php')
-rw-r--r-- | tests/PHPUnit/Integration/DbHelperTest.php | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/tests/PHPUnit/Integration/DbHelperTest.php b/tests/PHPUnit/Integration/DbHelperTest.php new file mode 100644 index 0000000000..f8268f451c --- /dev/null +++ b/tests/PHPUnit/Integration/DbHelperTest.php @@ -0,0 +1,62 @@ +<?php +/** + * Piwik - free/libre analytics platform + * + * @link http://piwik.org + * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later + */ + +namespace Piwik\Tests\Integration; + +use Piwik\Db; +use Piwik\DbHelper; +use Piwik\Tests\Framework\TestCase\IntegrationTestCase; + +class DbHelperTest extends IntegrationTestCase +{ + public function setUp() + { + parent::setUp(); + + DbHelper::dropDatabase('newdb; create database anotherdb;'); + DbHelper::dropDatabase('testdb'); + } + + public function test_createDatabase_escapesInputProperly() + { + $dbName = 'newdb`; create database anotherdb;`'; + DbHelper::createDatabase($dbName); + + $this->assertDbExists($dbName); + $this->assertDbNotExists('anotherdb'); + } + + public function test_dropDatabase_escapesInputProperly() + { + DbHelper::createDatabase("testdb"); + $this->assertDbExists('testdb'); + + DbHelper::dropDatabase('testdb`; create database anotherdb;`'); + $this->assertDbExists('testdb'); + $this->assertDbNotExists('anotherdb'); + } + + private function assertDbExists($dbName) + { + $dbs = Db::fetchAll("SHOW DATABASES"); + $dbs = array_column($dbs, 'Database'); + $this->assertContains($this->cleanName($dbName), $dbs); + } + + private function assertDbNotExists($dbName) + { + $dbs = Db::fetchAll("SHOW DATABASES"); + $dbs = array_column($dbs, 'Database'); + $this->assertNotContains($this->cleanName($dbName), $dbs); + } + + private function cleanName($dbName) + { + return str_replace('`', '', $dbName); + } +} |