diff options
| author | William Desportes <williamdes@wdes.fr> | 2019-06-12 14:31:24 +0300 |
|---|---|---|
| committer | William Desportes <williamdes@wdes.fr> | 2019-06-12 14:31:24 +0300 |
| commit | b61d878ac4fbc74a669dfcfa081e62e6ad88b1ec (patch) | |
| tree | 6884d025f74b3d7058f9c9fcd9212ad94293047f /test | |
| parent | 4bf8bfcaa16dd90d7b36c2c3f5e2d36c7b249bd2 (diff) | |
Add unit tests
Signed-off-by: William Desportes <williamdes@wdes.fr>
Diffstat (limited to 'test')
| -rw-r--r-- | test/classes/CoreTest.php | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/test/classes/CoreTest.php b/test/classes/CoreTest.php index ddda7b7010..43a504094c 100644 --- a/test/classes/CoreTest.php +++ b/test/classes/CoreTest.php @@ -1121,4 +1121,70 @@ class CoreTest extends PmaTestCase $this->assertGreaterThan(0, mb_strpos($printed, $warn)); } + + /** + * Test for Core::signSqlQuery + * + * @return void + */ + function testSignSqlQuery() + { + $_SESSION[' PMA_token '] = hash('sha1', 'test'); + $sqlQuery = 'SELECT * FROM `test`.`db` WHERE 1;'; + $signature = Core::signSqlQuery($sqlQuery); + $hmac = '33371e8680a640dc05944a2a24e6e630d3e9e3dba24464135f2fb954c3a4ffe2'; + $this->assertSame($hmac, $signature, 'The signature must match the computed one'); + } + + /** + * Test for Core::checkSqlQuerySignature + * + * @return void + */ + function testCheckSqlQuerySignature() + { + $_SESSION[' PMA_token '] = hash('sha1', 'test'); + $sqlQuery = 'SELECT * FROM `test`.`db` WHERE 1;'; + $hmac = '33371e8680a640dc05944a2a24e6e630d3e9e3dba24464135f2fb954c3a4ffe2'; + $this->assertTrue(Core::checkSqlQuerySignature($sqlQuery, $hmac)); + } + + /** + * Test for Core::checkSqlQuerySignature + * + * @return void + */ + function testCheckSqlQuerySignatureFails() + { + $_SESSION[' PMA_token '] = hash('sha1', '132654987gguieunofz'); + $sqlQuery = 'SELECT * FROM `test`.`db` WHERE 1;'; + $hmac = '33371e8680a640dc05944a2a24e6e630d3e9e3dba24464135f2fb954c3a4ffe2'; + $this->assertFalse(Core::checkSqlQuerySignature($sqlQuery, $hmac)); + } + + /** + * Test for Core::checkSqlQuerySignature + * + * @return void + */ + function testCheckSqlQuerySignatureFailsBadHash() + { + $_SESSION[' PMA_token '] = hash('sha1', 'test'); + $sqlQuery = 'SELECT * FROM `test`.`db` WHERE 1;'; + $hmac = '3333333380a640dc05944a2a24e6e630d3e9e3dba24464135f2fb954c3eeeeee'; + $this->assertFalse(Core::checkSqlQuerySignature($sqlQuery, $hmac)); + } + + /** + * Test for Core::checkSqlQuerySignature + * + * @return void + */ + function testCheckSqlQuerySignatureFailsNoSession() + { + $_SESSION[' PMA_token '] = null; + $sqlQuery = 'SELECT * FROM `test`.`db` WHERE 1;'; + $hmac = '3333333380a640dc05944a2a24e6e630d3e9e3dba24464135f2fb954c3eeeeee'; + $this->assertFalse(Core::checkSqlQuerySignature($sqlQuery, $hmac)); + } } |