1 | <?php |
---|
2 | /** |
---|
3 | * The Strangecode Codebase - a general application development framework for PHP |
---|
4 | * For details visit the project site: <http://trac.strangecode.com/codebase/> |
---|
5 | * Copyright 2001-2010 Strangecode, LLC |
---|
6 | * |
---|
7 | * This file is part of The Strangecode Codebase. |
---|
8 | * |
---|
9 | * The Strangecode Codebase is free software: you can redistribute it and/or |
---|
10 | * modify it under the terms of the GNU General Public License as published by the |
---|
11 | * Free Software Foundation, either version 3 of the License, or (at your option) |
---|
12 | * any later version. |
---|
13 | * |
---|
14 | * The Strangecode Codebase is distributed in the hope that it will be useful, but |
---|
15 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
---|
16 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more |
---|
17 | * details. |
---|
18 | * |
---|
19 | * You should have received a copy of the GNU General Public License along with |
---|
20 | * The Strangecode Codebase. If not, see <http://www.gnu.org/licenses/>. |
---|
21 | */ |
---|
22 | |
---|
23 | /** |
---|
24 | * PHPUnit test case for codebase/lib/Auth_SQL.inc.php |
---|
25 | * |
---|
26 | * The method skeletons below need to be filled in with |
---|
27 | * real data so that the tests will run correctly. Replace |
---|
28 | * all EXPECTED_VAL and PARAM strings with real data. |
---|
29 | * |
---|
30 | * Created with PHPUnit_Skeleton on 2005-08-09 |
---|
31 | */ |
---|
32 | require_once 'PHPUnit.php'; |
---|
33 | class Auth_SQLTest extends PHPUnit_TestCase { |
---|
34 | |
---|
35 | var $Auth_SQL; |
---|
36 | |
---|
37 | function Auth_SQLTest($name) |
---|
38 | { |
---|
39 | $this->PHPUnit_TestCase($name); |
---|
40 | } |
---|
41 | |
---|
42 | function setUp() |
---|
43 | { |
---|
44 | require dirname(__FILE__) . '/_config.inc.php'; |
---|
45 | require_once '../lib/Auth_SQL.inc.php'; |
---|
46 | $this->Auth_SQL =& new Auth_SQL('testauth'); |
---|
47 | $this->Auth_SQL->setParam(array( |
---|
48 | 'db_table' => 'test_user_tbl', |
---|
49 | 'db_primary_key' => 'user_id', |
---|
50 | 'db_login_table' => 'test_login_tbl', |
---|
51 | 'login_url' => '/login.php', |
---|
52 | 'blocking' => true, |
---|
53 | 'encryption_type' => AUTH_ENCRYPT_MD5_HARDENED, |
---|
54 | )); |
---|
55 | |
---|
56 | // Use fresh user table. |
---|
57 | $this->Auth_SQL->initDB(true); |
---|
58 | |
---|
59 | // Insert test data. |
---|
60 | $db =& DB::getInstance(); |
---|
61 | $db->query(" |
---|
62 | INSERT INTO test_user_tbl ( |
---|
63 | username, |
---|
64 | userpass, |
---|
65 | first_name, |
---|
66 | last_name, |
---|
67 | email |
---|
68 | ) VALUES ( |
---|
69 | 'testuser', |
---|
70 | '" . $this->Auth_SQL->encryptPassword('testpass') . "', |
---|
71 | 'John', |
---|
72 | 'Doe', |
---|
73 | 'root@localhost' |
---|
74 | ) |
---|
75 | "); |
---|
76 | |
---|
77 | } |
---|
78 | |
---|
79 | function tearDown() |
---|
80 | { |
---|
81 | $db =& DB::getInstance(); |
---|
82 | |
---|
83 | unset($this->Auth_SQL); |
---|
84 | $db->query("DROP TABLE IF EXISTS test_user_tbl"); |
---|
85 | $db->query("DROP TABLE IF EXISTS test_login_tbl"); |
---|
86 | } |
---|
87 | |
---|
88 | function test_set() |
---|
89 | { |
---|
90 | $this->Auth_SQL->set('testuserkey', 'testuserval'); |
---|
91 | $this->assertEquals('testuserval', $_SESSION['_auth_sql'][$this->Auth_SQL->_ns]['user_data']['testuserkey']); |
---|
92 | } |
---|
93 | |
---|
94 | function test_get() |
---|
95 | { |
---|
96 | $_SESSION['_auth_sql'][$this->Auth_SQL->_ns]['user_data']['testuserkey'] = 'testuserval'; |
---|
97 | $val = $this->Auth_SQL->get('testuserkey'); |
---|
98 | $this->assertEquals('testuserval', $val); |
---|
99 | } |
---|
100 | |
---|
101 | function test_setparam() |
---|
102 | { |
---|
103 | $this->Auth_SQL->setParam(array( |
---|
104 | 'login_url' => 'testloginurl.php' |
---|
105 | )); |
---|
106 | $this->assertEquals('testloginurl.php', $this->Auth_SQL->_params['login_url']); |
---|
107 | } |
---|
108 | |
---|
109 | function test_getparam() |
---|
110 | { |
---|
111 | $this->Auth_SQL->_params['login_url'] = 'testloginurl.php'; |
---|
112 | $param = $this->Auth_SQL->getParam('login_url'); |
---|
113 | $this->assertEquals('testloginurl.php', $param); |
---|
114 | } |
---|
115 | |
---|
116 | function test_clear() |
---|
117 | { |
---|
118 | $login = $this->Auth_SQL->login('testuser', 'testpass'); |
---|
119 | $this->assertTrue($login, 'User login failed, but should have succeeded.'); |
---|
120 | $before_logged_in = $this->Auth_SQL->isloggedin(); |
---|
121 | $this->assertTrue($before_logged_in, 'User is not logged in, but should be.'); |
---|
122 | $this->Auth_SQL->clear(); |
---|
123 | $after_logged_in = $this->Auth_SQL->isloggedin(); |
---|
124 | $this->assertFalse($after_logged_in, 'User is still logged in but should not be.'); |
---|
125 | } |
---|
126 | |
---|
127 | function test_authenticate() |
---|
128 | { |
---|
129 | $true = $this->Auth_SQL->authenticate('testuser', 'testpass'); |
---|
130 | $this->assertTrue($true, 'User login failed, but should have succeeded.'); |
---|
131 | |
---|
132 | // Testing wrong password. |
---|
133 | $false = $this->Auth_SQL->authenticate('testuser', 'wrongpass'); |
---|
134 | |
---|
135 | $this->assertfalse($false, 'User login succeeded, but should have failed.'); |
---|
136 | } |
---|
137 | |
---|
138 | function test_login_and_isLoggedIn() |
---|
139 | { |
---|
140 | $login = $this->Auth_SQL->login('testuser', 'testpass'); |
---|
141 | $this->assertTrue($login, '1. User login failed, but should have succeeded.'); |
---|
142 | $before_logged_in = $this->Auth_SQL->isloggedin(); |
---|
143 | $this->assertTrue($before_logged_in, '2. User is not logged in, but should be.'); |
---|
144 | $this->Auth_SQL->clear(); |
---|
145 | $after_logged_in = $this->Auth_SQL->isloggedin(); |
---|
146 | $this->assertFalse($after_logged_in, '3. User is still logged in but should not be.'); |
---|
147 | |
---|
148 | // Testing wrong password. |
---|
149 | $login2 = $this->Auth_SQL->login('testuser', 'wrongpass'); |
---|
150 | $this->assertFalse($login2, '4. User login succeeded, but should have failed.'); |
---|
151 | $before_logged_in2 = $this->Auth_SQL->isloggedin(); |
---|
152 | $this->assertFalse($before_logged_in2, '5. User is logged in, but should not be.'); |
---|
153 | $this->Auth_SQL->clear(); |
---|
154 | $after_logged_in2 = $this->Auth_SQL->isloggedin(); |
---|
155 | $this->assertFalse($after_logged_in2, '6. Wrong user is still logged in but should not be.'); |
---|
156 | } |
---|
157 | |
---|
158 | function test_requirelogin() |
---|
159 | { |
---|
160 | // $this->Auth_SQL->requirelogin('Login is required!'); |
---|
161 | } |
---|
162 | |
---|
163 | function test_blockaccount() |
---|
164 | { |
---|
165 | $db =& DB::getInstance(); |
---|
166 | |
---|
167 | $this->Auth_SQL->login('testuser', 'testpass'); |
---|
168 | $this->Auth_SQL->blockaccount(null, 'blocktestuser'); |
---|
169 | $qid = $db->query(" |
---|
170 | SELECT blocked_reason |
---|
171 | FROM test_user_tbl |
---|
172 | "); |
---|
173 | list($reason) = mysql_fetch_row($qid); |
---|
174 | $this->assertEquals('blocktestuser', $reason, "Block not found in DB record."); |
---|
175 | } |
---|
176 | |
---|
177 | function test_unblockaccount() |
---|
178 | { |
---|
179 | $db =& DB::getInstance(); |
---|
180 | |
---|
181 | $db->query(" |
---|
182 | UPDATE test_user_tbl SET blocked_reason = 'blocktestuser' |
---|
183 | "); |
---|
184 | $this->Auth_SQL->unblockaccount(); |
---|
185 | |
---|
186 | $qid = $db->query(" |
---|
187 | SELECT blocked_reason |
---|
188 | FROM test_user_tbl |
---|
189 | "); |
---|
190 | list($reason) = mysql_fetch_row($qid); |
---|
191 | $this->assertTrue('' == $reason, "Block not removed from DB record."); |
---|
192 | } |
---|
193 | |
---|
194 | function test_usernameexists() |
---|
195 | { |
---|
196 | $result = $this->Auth_SQL->usernameexists('testuser'); |
---|
197 | $this->assertTrue($result); |
---|
198 | } |
---|
199 | |
---|
200 | function test_getusername() |
---|
201 | { |
---|
202 | $result = $this->Auth_SQL->getusername(1); |
---|
203 | $this->assertEquals('testuser', $result); |
---|
204 | } |
---|
205 | |
---|
206 | function test_generatepassword() |
---|
207 | { |
---|
208 | $result = $this->Auth_SQL->generatepassword('xCVcvd'); |
---|
209 | $this->assertRegExp('/[bcdfghjklmnprstvwxzBCDFGHJKLMNPRSTVWXZaeiouyAEIOUY0123456789][bcdfghjklmnprstvwxzBCDFGHJKLMNPRSTVWXZ][aeiouyAEIOUY][bcdfghjklmnprstvwxz][aeiouy][0123456789]/', $result, 'Generated password does not match intended pattern'); |
---|
210 | } |
---|
211 | |
---|
212 | function test_encryptpassword() |
---|
213 | { |
---|
214 | $this->Auth_SQL->setParam(array('encryption_type' => AUTH_ENCRYPT_MD5)); |
---|
215 | $result = $this->Auth_SQL->encryptpassword('123'); |
---|
216 | $this->assertEquals('202cb962ac59075b964b07152d234b70', $result); |
---|
217 | |
---|
218 | $this->Auth_SQL->setParam(array('encryption_type' => AUTH_ENCRYPT_MD5_HARDENED)); |
---|
219 | $result = $this->Auth_SQL->encryptpassword('123'); |
---|
220 | $this->assertEquals('c55e4ac608a8768ecd758fab971b0646', $result); |
---|
221 | |
---|
222 | $this->Auth_SQL->setParam(array('encryption_type' => AUTH_ENCRYPT_SHA1)); |
---|
223 | $result = $this->Auth_SQL->encryptpassword('123'); |
---|
224 | $this->assertEquals('40bd001563085fc35165329ea1ff5c5ecbdbbeef', $result); |
---|
225 | |
---|
226 | $this->Auth_SQL->setParam(array('encryption_type' => AUTH_ENCRYPT_SHA1_HARDENED)); |
---|
227 | $result = $this->Auth_SQL->encryptpassword('123'); |
---|
228 | $this->assertEquals('33d90af96a5928ac93cbd41fc436e8c55d2768c2', $result); |
---|
229 | |
---|
230 | $this->Auth_SQL->setParam(array('encryption_type' => AUTH_ENCRYPT_PLAINTEXT)); |
---|
231 | $result = $this->Auth_SQL->encryptpassword('123'); |
---|
232 | $this->assertEquals('123', $result); |
---|
233 | |
---|
234 | $this->Auth_SQL->setParam(array('encryption_type' => AUTH_ENCRYPT_CRYPT)); |
---|
235 | $result = $this->Auth_SQL->encryptpassword('123', 'saltstring'); |
---|
236 | $this->assertEquals('saEZ6MlWYV9nQ', $result); |
---|
237 | } |
---|
238 | |
---|
239 | function test_setpassword() |
---|
240 | { |
---|
241 | $db =& DB::getInstance(); |
---|
242 | |
---|
243 | $this->Auth_SQL->setParam(array('encryption_type' => AUTH_ENCRYPT_SHA1_HARDENED)); |
---|
244 | $this->Auth_SQL->setpassword(null, '123'); |
---|
245 | $qid = $db->query(" |
---|
246 | SELECT userpass |
---|
247 | FROM test_user_tbl |
---|
248 | "); |
---|
249 | list($pass) = mysql_fetch_row($qid); |
---|
250 | $this->assertEquals('33d90af96a5928ac93cbd41fc436e8c55d2768c2', $pass); |
---|
251 | } |
---|
252 | |
---|
253 | function test_resetpassword() |
---|
254 | { |
---|
255 | $result = $this->Auth_SQL->resetpassword(1, 'Because this is a test.'); |
---|
256 | $this->assertType('array', $result); |
---|
257 | } |
---|
258 | |
---|
259 | // function test_inclearancezone() |
---|
260 | // { |
---|
261 | // $result = $this->Auth_SQL->inclearancezone(PARAM); |
---|
262 | // $expected = EXPECTED_VAL; |
---|
263 | // $this->assertEquals($expected, $result); |
---|
264 | // } |
---|
265 | // |
---|
266 | // function test_requireaccessclearance() |
---|
267 | // { |
---|
268 | // $result = $this->Auth_SQL->requireaccessclearance(PARAM); |
---|
269 | // $expected = EXPECTED_VAL; |
---|
270 | // $this->assertEquals($expected, $result); |
---|
271 | // } |
---|
272 | |
---|
273 | } |
---|
274 | // Running the test. |
---|
275 | $suite = new PHPUnit_TestSuite('Auth_SQLTest'); |
---|
276 | $result = PHPUnit::run($suite); |
---|
277 | echo $result->toString(); |
---|
278 | ?> |
---|