diff options
author | Maurício Meneghini Fauth <mauricio@fauth.dev> | 2021-10-20 17:09:50 +0300 |
---|---|---|
committer | Maurício Meneghini Fauth <mauricio@fauth.dev> | 2022-01-10 18:19:44 +0300 |
commit | 0b575ff2e9fae33ff0d369cd95a04fc844a99168 (patch) | |
tree | 033cb87797dea78e8fe807afc1e16c9869d5ee91 /test | |
parent | 6f0d19f394905645e09c0244f7823b3c4add3125 (diff) |
Fix URL encryption for Util::linkOrButton method
Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
Diffstat (limited to 'test')
-rw-r--r-- | test/classes/Display/ResultsTest.php | 184 | ||||
-rw-r--r-- | test/classes/UtilTest.php | 10 |
2 files changed, 111 insertions, 83 deletions
diff --git a/test/classes/Display/ResultsTest.php b/test/classes/Display/ResultsTest.php index fdeed4c78a..6c79c816b2 100644 --- a/test/classes/Display/ResultsTest.php +++ b/test/classes/Display/ResultsTest.php @@ -431,10 +431,16 @@ class ResultsTest extends PmaTestCase { return array( array( - 'tbl_change.php?db=Data&table=customer&where_clause=%60' - . 'customer%60.%60id%60+%3D+1&clause_is_unique=1&sql_query=' - . 'SELECT+%2A+FROM+%60customer%60&goto=sql.php&default_' - . 'action=update', + 'tbl_change.php', + [ + 'db' => 'Data', + 'table' => 'customer', + 'where_clause' => '`customer`.`id` = 1', + 'clause_is_unique' => true, + 'sql_query' => 'SELECT * FROM `customer`', + 'goto' => 'sql.php', + 'default_action' => 'update', + ], 'klass edit_row_anchor', '<span class="nowrap"><img src="themes/dot.gif" title="Edit" alt=' . '"Edit" class="icon ic_b_edit" /> Edit</span>', @@ -445,7 +451,7 @@ class ResultsTest extends PmaTestCase . '<a href="tbl_change.php" data-post="db=Data&table=customer&where_' . 'clause=%60customer%60.%60id%60+%3D+1&clause_is_unique=1&' . 'sql_query=SELECT+%2A+FROM+%60customer%60&goto=sql.php&' - . 'default_action=update"' + . 'default_action=update&server=0&lang=en"' . '><span class="nowrap"><img src="themes/dot.gif" title="Edit" ' . 'alt="Edit" class="icon ic_b_edit" /> Edit</span></a>' . '<input type="hidden" class="where_clause" value ="%60customer' @@ -469,7 +475,7 @@ class ResultsTest extends PmaTestCase * @dataProvider dataProviderForGetEditLink */ public function testGetEditLink( - $edit_url, $class, $edit_str, $where_clause, $where_clause_html, $output + $edit_url, $urlParams, $class, $edit_str, $where_clause, $where_clause_html, $output ) { $GLOBALS['cfg']['ActionLinksMode'] = 'both'; $GLOBALS['cfg']['LinkLengthLimit'] = 1000; @@ -479,7 +485,7 @@ class ResultsTest extends PmaTestCase $this->_callPrivateFunction( '_getEditLink', array( - $edit_url, $class, $edit_str, $where_clause, $where_clause_html + $edit_url, $urlParams, $class, $edit_str, $where_clause, $where_clause_html ) ) ); @@ -494,10 +500,16 @@ class ResultsTest extends PmaTestCase { return array( array( - 'tbl_change.php?db=Data&table=customer&where_clause=%60cust' - . 'omer%60.%60id%60+%3D+1&clause_is_unique=1&sql_query=' - . 'SELECT+%2A+FROM+%60customer%60&goto=sql.php&default_' - . 'action=insert', + 'tbl_change.php', + [ + 'db' => 'Data', + 'table' => 'customer', + 'where_clause' => '`customer`.`id` = 1', + 'clause_is_unique' => true, + 'sql_query' => 'SELECT * FROM `customer`', + 'goto' => 'sql.php', + 'default_action' => 'insert', + ], '<span class="nowrap"><img src="themes/dot.gif" title="Copy" alt' . '="Copy" class="icon ic_b_insrow" /> Copy</span>', '`customer`.`id` = 1', @@ -508,7 +520,7 @@ class ResultsTest extends PmaTestCase . '<a href="tbl_change.php" data-post="db=Data&table=customer&where_' . 'clause=%60customer%60.%60id%60+%3D+1&clause_is_unique=1&' . 'sql_query=SELECT+%2A+FROM+%60customer%60&goto=sql.php&' - . 'default_action=insert"' + . 'default_action=insert&server=0&lang=en"' . '><span class="nowrap"><img src="themes/dot.gif" title="Copy" ' . 'alt="Copy" class="icon ic_b_insrow" /> Copy</span></a>' . '<input type="hidden" class="where_clause" value="%60customer%60' @@ -532,7 +544,7 @@ class ResultsTest extends PmaTestCase * @dataProvider dataProviderForGetCopyLink */ public function testGetCopyLink( - $copy_url, $copy_str, $where_clause, $where_clause_html, $class, $output + $copy_url, $urlParams, $copy_str, $where_clause, $where_clause_html, $class, $output ) { $GLOBALS['cfg']['ActionLinksMode'] = 'both'; $GLOBALS['cfg']['LinkLengthLimit'] = 1000; @@ -542,7 +554,7 @@ class ResultsTest extends PmaTestCase $this->_callPrivateFunction( '_getCopyLink', array( - $copy_url, $copy_str, $where_clause, $where_clause_html, $class + $copy_url, $urlParams, $copy_str, $where_clause, $where_clause_html, $class ) ) ); @@ -557,12 +569,14 @@ class ResultsTest extends PmaTestCase { return array( array( - 'sql.php?db=Data&table=customer&sql_query=DELETE+FROM+%60' - . 'Data%60.%60customer%60+WHERE+%60customer%60.%60id%60+%3D+1&' - . 'message_to_show=The+row+has+been+deleted&goto=sql.php%3Fdb' - . '%3DData%26table%3Dcustomer%26sql_query%3DSELECT%2B%252A%2BFROM' - . '%2B%2560customer%2560%26message_to_show%3DThe%2Brow%2Bhas%2Bbeen' - . '%2Bdeleted%26goto%3Dtbl_structure.php', + 'sql.php', + [ + 'db' => 'Data', + 'table' => 'customer', + 'sql_query' => 'DELETE FROM `Data`.`customer` WHERE `customer`.`id` = 1', + 'message_to_show' => 'The row has been deleted.', + 'goto' => 'tbl_sql.php', + ], '<span class="nowrap"><img src="themes/dot.gif" title="Delete" ' . 'alt="Delete" class="icon ic_b_drop" /> Delete</span>', 'DELETE FROM `Data`.`customer` WHERE `customer`.`id` = 1', @@ -570,10 +584,8 @@ class ResultsTest extends PmaTestCase '<td class="klass center print_ignore" >' . '<a href="sql.php" data-post="db=Data&table=customer&sql_query=DELETE' . '+FROM+%60Data%60.%60customer%60+WHERE+%60customer%60.%60id%60+%3D' - . '+1&message_to_show=The+row+has+been+deleted&goto=sql.php' - . '%3Fdb%3DData%26table%3Dcustomer%26sql_query%3DSELECT%2B%252A%2B' - . 'FROM%2B%2560customer%2560%26message_to_show%3DThe%2Brow%2Bhas%2B' - . 'been%2Bdeleted%26goto%3Dtbl_structure.php" ' + . '+1&message_to_show=The+row+has+been+deleted.' + . '&goto=tbl_sql.php&server=0&lang=en" ' . 'class="delete_row requireConfirm"><span class="nowrap"><img src="themes/dot.' . 'gif" title="Delete" alt="Delete" class="icon ic_b_drop" /> ' . 'Delete</span></a>' @@ -597,7 +609,7 @@ class ResultsTest extends PmaTestCase * @dataProvider dataProviderForGetDeleteLink */ public function testGetDeleteLink( - $del_url, $del_str, $js_conf, $class, $output + $del_url, $delUrlParams, $del_str, $js_conf, $class, $output ) { $GLOBALS['cfg']['ActionLinksMode'] = 'both'; $GLOBALS['cfg']['LinkLengthLimit'] = 1000; @@ -607,7 +619,7 @@ class ResultsTest extends PmaTestCase $this->_callPrivateFunction( '_getDeleteLink', array( - $del_url, $del_str, $js_conf, $class + $del_url, $delUrlParams, $del_str, $js_conf, $class ) ) ); @@ -623,12 +635,7 @@ class ResultsTest extends PmaTestCase return array( array( DisplayResults::POSITION_LEFT, - 'sql.php?db=data&table=new&sql_query=DELETE+FROM+%60data' - . '%60.%60new%60+WHERE+%60new%60.%60id%60+%3D+1&message_to_show=' - . 'The+row+has+been+deleted&goto=sql.php%3Fdb%3Ddata%26table%3D' - . 'new%26sql_query%3DSELECT%2B%252A%2BFROM%2B%2560new%2560%26' - . 'message_to_show%3DThe%2Brow%2Bhas%2Bbeen%2Bdeleted%26goto%3D' - . 'tbl_structure.php', + 'sql.php', array( 'edit_lnk' => 'ur', 'del_lnk' => 'dr', @@ -644,12 +651,8 @@ class ResultsTest extends PmaTestCase array( '`new`.`id`' => '= 1', ), - 'tbl_change.php?db=data&table=new&where_clause=%60new%60.' - . '%60id%60+%3D+1&clause_is_unique=1&sql_query=SELECT+%2A+' - . 'FROM+%60new%60&goto=sql.php&default_action=update', - 'tbl_change.php?db=data&table=new&where_clause=%60new%60.' - . '%60id%60+%3D+1&clause_is_unique=1&sql_query=SELECT+%2A+' - . 'FROM+%60new%60&goto=sql.php&default_action=insert', + 'tbl_change.php', + 'tbl_change.php', 'edit_row_anchor', '<span class="nowrap"><img src="themes/dot.gif" title="Edit" ' . 'alt="Edit" class="icon ic_b_edit" /> Edit</span>', @@ -658,6 +661,21 @@ class ResultsTest extends PmaTestCase '<span class="nowrap"><img src="themes/dot.gif" title="Delete" ' . 'alt="Delete" class="icon ic_b_drop" /> Delete</span>', 'DELETE FROM `data`.`new` WHERE `new`.`id` = 1', + [ + 'db' => 'data', + 'table' => 'new', + 'where_clause' => '`new`.`id` = 1', + 'clause_is_unique' => true, + 'sql_query' => 'SELECT * FROM `new`', + 'goto' => 'sql.php', + ], + [ + 'db' => 'data', + 'table' => 'new', + 'sql_query' => 'DELETE FROM `data`.`new` WHERE `new`.`id` = 1', + 'message_to_show' => 'The row has been deleted.', + 'goto' => 'tbl_sql.php', + ], '<td class="center print_ignore"><input type="checkbox" id="id_rows_to_delete0_' . 'left" name="rows_to_delete[0]" class="multi_checkbox checkall" ' . 'value="%60new%60.%60id%60+%3D+1" /><input type="hidden" class=' @@ -667,7 +685,7 @@ class ResultsTest extends PmaTestCase . '<a href="tbl_change.php" data-post="db=data&table=new&where_' . 'clause=%60new%60.%60id%60+%3D+1&clause_is_unique=1&' . 'sql_query=SELECT+%2A+FROM+%60new%60&goto=sql.php&default' - . '_action=update">' + . '_action=update&server=0&lang=en">' . '<span class="nowrap"><img src="themes/dot.gif" title="Edit" ' . 'alt="Edit" class="icon ic_b_edit" /> Edit</span></a>' . '<input type="hidden" class="where_clause" value ="%60new%60.%60' @@ -676,17 +694,15 @@ class ResultsTest extends PmaTestCase . '<a href="tbl_change.php" data-post="db=data&table=new&where_clause' . '=%60new%60.%60id%60+%3D+1&clause_is_unique=1&sql_query=' . 'SELECT+%2A+FROM+%60new%60&goto=sql.php&default_action=' - . 'insert"><span class' + . 'insert&server=0&lang=en"><span class' . '="nowrap"><img src="themes/dot.gif" title="Copy" alt="Copy" ' . 'class="icon ic_b_insrow" /> Copy</span></a>' . '<input type="hidden" class="where_clause" value="%60new%60.%60id' . '%60+%3D+1" /></span></td><td class="center print_ignore" >' . '<a href="sql.php" data-post="db=data&table=new&sql_query=DELETE+' . 'FROM+%60data%60.%60new%60+WHERE+%60new%60.%60id%60+%3D+1&' - . 'message_to_show=The+row+has+been+deleted&goto=sql.php%3F' - . 'db%3Ddata%26table%3Dnew%26sql_query%3DSELECT%2B%252A%2BFROM%2B' - . '%2560new%2560%26message_to_show%3DThe%2Brow%2Bhas%2Bbeen%2B' - . 'deleted%26goto%3Dtbl_structure.php" ' + . 'message_to_show=The+row+has+been+deleted.' + . '&goto=tbl_sql.php&server=0&lang=en" ' . 'class="delete_row requireConfirm"><span class="nowrap"><img src="themes/dot.' . 'gif" title="Delete" alt="Delete" class="icon ic_b_drop" /> ' . 'Delete</span></a>' @@ -695,12 +711,7 @@ class ResultsTest extends PmaTestCase ), array( DisplayResults::POSITION_RIGHT, - 'sql.php?db=data&table=new&sql_query=DELETE+FROM+%60data%60' - . '.%60new%60+WHERE+%60new%60.%60id%60+%3D+1&message_to_show=' - . 'The+row+has+been+deleted&goto=sql.php%3Fdb%3Ddata%26table%3D' - . 'new%26sql_query%3DSELECT%2B%252A%2BFROM%2B%2560new%2560%26message' - . '_to_show%3DThe%2Brow%2Bhas%2Bbeen%2Bdeleted%26goto%3Dtbl_' - . 'structure.php', + 'sql.php', array( 'edit_lnk' => 'ur', 'del_lnk' => 'dr', @@ -716,12 +727,8 @@ class ResultsTest extends PmaTestCase array( '`new`.`id`' => '= 1', ), - 'tbl_change.php?db=data&table=new&where_clause=%60new%60.' - . '%60id%60+%3D+1&clause_is_unique=1&sql_query=SELECT+%2A+' - . 'FROM+%60new%60&goto=sql.php&default_action=update', - 'tbl_change.php?db=data&table=new&where_clause=%60new%60.' - . '%60id%60+%3D+1&clause_is_unique=1&sql_query=SELECT+%2A+' - . 'FROM+%60new%60&goto=sql.php&default_action=insert', + 'tbl_change.php', + 'tbl_change.php', 'edit_row_anchor', '<span class="nowrap"><img src="themes/dot.gif" title="Edit" ' . 'alt="Edit" class="icon ic_b_edit" /> Edit</span>', @@ -730,13 +737,26 @@ class ResultsTest extends PmaTestCase '<span class="nowrap"><img src="themes/dot.gif" title="Delete" ' . 'alt="Delete" class="icon ic_b_drop" /> Delete</span>', 'DELETE FROM `data`.`new` WHERE `new`.`id` = 1', + [ + 'db' => 'data', + 'table' => 'new', + 'where_clause' => '`new`.`id` = 1', + 'clause_is_unique' => true, + 'sql_query' => 'SELECT * FROM `new`', + 'goto' => 'sql.php', + ], + [ + 'db' => 'data', + 'table' => 'new', + 'sql_query' => 'DELETE FROM `data`.`new` WHERE `new`.`id` = 1', + 'message_to_show' => 'The row has been deleted.', + 'goto' => 'tbl_sql.php', + ], '<td class="center print_ignore" >' . '<a href="sql.php" data-post="db=data&table=new&sql_query=DELETE+' . 'FROM+%60data%60.%60new%60+WHERE+%60new%60.%60id%60+%3D+1&' - . 'message_to_show=The+row+has+been+deleted&goto=sql.php%3Fdb' - . '%3Ddata%26table%3Dnew%26sql_query%3DSELECT%2B%252A%2BFROM%2B%25' - . '60new%2560%26message_to_show%3DThe%2Brow%2Bhas%2Bbeen%2Bdeleted' - . '%26goto%3Dtbl_structure.php" class="delete' + . 'message_to_show=The+row+has+been+deleted.&goto=tbl_sql.php' + . '&server=0&lang=en" class="delete' . '_row requireConfirm"><span class="nowrap"><img src="themes/dot.gif" title=' . '"Delete" alt="Delete" class="icon ic_b_drop" /> Delete</span></a>' . '<div class="hide">DELETE FROM `data`.`new` WHERE `new`.' @@ -744,7 +764,7 @@ class ResultsTest extends PmaTestCase . '<a href="tbl_change.php" data-post="db=data&table=new&where_' . 'clause=%60new%60.%60id%60+%3D+1&clause_is_unique=1&sql_' . 'query=SELECT+%2A+FROM+%60new%60&goto=sql.php&default_' - . 'action=insert"><span ' + . 'action=insert&server=0&lang=en"><span ' . 'class="nowrap"><img src="themes/dot.gif" title="Copy" alt="Copy" ' . 'class="icon ic_b_insrow" /> Copy</span></a>' . '<input type="hidden" class="where_clause" value="%60new%60.%60id' @@ -753,7 +773,7 @@ class ResultsTest extends PmaTestCase . '<a href="tbl_change.php" data-post="db=data&table=new&where_clause' . '=%60new%60.%60id%60+%3D+1&clause_is_unique=1&sql_query=' . 'SELECT+%2A+FROM+%60new%60&goto=sql.php&default_action=' - . 'update"><span class=' + . 'update&server=0&lang=en"><span class=' . '"nowrap"><img src="themes/dot.gif" title="Edit" alt="Edit" class' . '="icon ic_b_edit" /> Edit</span></a>' . '<input type="hidden" class="where_clause" value ="%60new%60.%60' @@ -765,12 +785,7 @@ class ResultsTest extends PmaTestCase ), array( DisplayResults::POSITION_NONE, - 'sql.php?db=data&table=new&sql_query=DELETE+FROM+%60data%60.' - . '%60new%60+WHERE+%60new%60.%60id%60+%3D+1&message_to_show=The+' - . 'row+has+been+deleted&goto=sql.php%3Fdb%3Ddata%26table%3Dnew' - . '%26sql_query%3DSELECT%2B%252A%2BFROM%2B%2560new%2560%26message_' - . 'to_show%3DThe%2Brow%2Bhas%2Bbeen%2Bdeleted%26goto%3Dtbl_structure' - . '.php', + 'sql.php', array( 'edit_lnk' => 'ur', 'del_lnk' => 'dr', @@ -786,12 +801,8 @@ class ResultsTest extends PmaTestCase array( '`new`.`id`' => '= 1', ), - 'tbl_change.php?db=data&table=new&where_clause=%60new%60.%60' - . 'id%60+%3D+1&clause_is_unique=1&sql_query=SELECT+%2A+FROM+' - . '%60new%60&goto=sql.php&default_action=update', - 'tbl_change.php?db=data&table=new&where_clause=%60new%60.%60' - . 'id%60+%3D+1&clause_is_unique=1&sql_query=SELECT+%2A+FROM+' - . '%60new%60&goto=sql.php&default_action=insert', + 'tbl_change.php', + 'tbl_change.php', 'edit_row_anchor', '<span class="nowrap"><img src="themes/dot.gif" title="Edit" ' . 'alt="Edit" class="icon ic_b_edit" /> Edit</span>', @@ -800,6 +811,21 @@ class ResultsTest extends PmaTestCase '<span class="nowrap"><img src="themes/dot.gif" title="Delete" ' . 'alt="Delete" class="icon ic_b_drop" /> Delete</span>', 'DELETE FROM `data`.`new` WHERE `new`.`id` = 1', + [ + 'db' => 'data', + 'table' => 'new', + 'where_clause' => '`new`.`id` = 1', + 'clause_is_unique' => true, + 'sql_query' => 'SELECT * FROM `new`', + 'goto' => 'sql.php', + ], + [ + 'db' => 'data', + 'table' => 'new', + 'sql_query' => 'DELETE FROM `data`.`new` WHERE `new`.`id` = 1', + 'message_to_show' => 'The row has been deleted.', + 'goto' => 'tbl_sql.php', + ], '<td class="center print_ignore"><input type="checkbox" id="id_rows_to_' . 'delete0_left" name="rows_to_delete[0]" class="multi_checkbox ' . 'checkall" value="%60new%60.%60id%60+%3D+1" /><input type=' @@ -836,7 +862,7 @@ class ResultsTest extends PmaTestCase public function testGetCheckboxAndLinks( $position, $del_url, $displayParts, $row_no, $where_clause, $where_clause_html, $condition_array, $edit_url, - $copy_url, $class, $edit_str, $copy_str, $del_str, $js_conf, $output + $copy_url, $class, $edit_str, $copy_str, $del_str, $js_conf, $editCopyUrlParams, $delUrlParams, $output ) { $this->assertEquals( $output, @@ -846,7 +872,7 @@ class ResultsTest extends PmaTestCase $position, $del_url, $displayParts, $row_no, $where_clause, $where_clause_html, $condition_array, $edit_url, $copy_url, $class, $edit_str, - $copy_str, $del_str, $js_conf + $copy_str, $del_str, $js_conf, $editCopyUrlParams, $delUrlParams ) ) ); @@ -897,6 +923,8 @@ class ResultsTest extends PmaTestCase '<span class="nowrap"><img src="themes/dot.gif" title="Delete" ' . 'alt="Delete" class="icon ic_b_drop" /> Delete</span>', null, + [], + [], '<td class="center print_ignore"><input type="checkbox" id="id_rows_to_' . 'delete0_left" name="rows_to_delete[0]" class="multi_checkbox ' . 'checkall" value="%60new%60.%60id%60+%3D+1" /><input type=' @@ -932,7 +960,7 @@ class ResultsTest extends PmaTestCase public function testGetPlacedLinks( $dir, $del_url, $displayParts, $row_no, $where_clause, $where_clause_html, $condition_array, $edit_url, $copy_url, - $edit_anchor_class, $edit_str, $copy_str, $del_str, $js_conf, $output + $edit_anchor_class, $edit_str, $copy_str, $del_str, $js_conf, $editCopyUrlParams, $delUrlParams, $output ) { $this->assertEquals( $output, @@ -942,7 +970,7 @@ class ResultsTest extends PmaTestCase $dir, $del_url, $displayParts, $row_no, $where_clause, $where_clause_html, $condition_array, $edit_url, $copy_url, $edit_anchor_class, - $edit_str, $copy_str, $del_str, $js_conf + $edit_str, $copy_str, $del_str, $js_conf, $editCopyUrlParams, $delUrlParams ) ) ); diff --git a/test/classes/UtilTest.php b/test/classes/UtilTest.php index 047f2b1753..ce687f42a0 100644 --- a/test/classes/UtilTest.php +++ b/test/classes/UtilTest.php @@ -2107,22 +2107,22 @@ class UtilTest extends PmaTestCase { return [ [ - ['index.php', 'text'], + ['index.php', null, 'text'], 1000, '<a href="index.php" >text</a>' ], [ - ['index.php?some=parameter', 'text'], + ['index.php', ['some' => 'parameter'], 'text'], 20, - '<a href="index.php" data-post="some=parameter">text</a>', + '<a href="index.php" data-post="some=parameter&lang=en">text</a>', ], [ - ['index.php', 'text', [], 'target'], + ['index.php', null, 'text', [], 'target'], 1000, '<a href="index.php" target="target">text</a>', ], [ - ['url.php?url=http://phpmyadmin.net/', 'text', [], '_blank'], + ['url.php?url=http://phpmyadmin.net/', null, 'text', [], '_blank'], 1000, '<a href="url.php?url=http://phpmyadmin.net/" target="_blank" rel="noopener noreferrer">text</a>', ], |