box-o-sand/php-practice/web-cake/html/cake/tests/cases/libs/cake_session.test.php

478 lines
13 KiB
PHP

<?php
/**
* SessionTest file
*
* PHP versions 4 and 5
*
* CakePHP(tm) Tests <http://book.cakephp.org/view/1196/Testing>
* Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The Open Group Test Suite License
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://book.cakephp.org/view/1196/Testing CakePHP(tm) Tests
* @package cake
* @subpackage cake.tests.cases.libs
* @since CakePHP(tm) v 1.2.0.4206
* @license http://www.opensource.org/licenses/opengroup.php The Open Group Test Suite License
*/
if (!class_exists('CakeSession')) {
App::import('Core', 'CakeSession');
}
/**
* CakeSessionTest class
*
* @package cake
* @subpackage cake.tests.cases.libs
*/
class CakeSessionTest extends CakeTestCase {
/**
* Fixtures used in the SessionTest
*
* @var array
* @access public
*/
var $fixtures = array('core.session');
/**
* startCase method
*
* @access public
* @return void
*/
function startCase() {
// Make sure garbage colector will be called
$this->__gc_divisor = ini_get('session.gc_divisor');
ini_set('session.gc_divisor', '1');
}
/**
* endCase method
*
* @access public
* @return void
*/
function endCase() {
// Revert to the default setting
ini_set('session.gc_divisor', $this->__gc_divisor);
}
/**
* setUp method
*
* @access public
* @return void
*/
function setUp() {
$this->Session =& new CakeSession();
$this->Session->start();
$this->Session->_checkValid();
}
/**
* tearDown method
*
* @access public
* @return void
*/
function tearDown() {
unset($_SESSION);
session_destroy();
}
/**
* testSessionPath
*
* @access public
* @return void
*/
function testSessionPath() {
$Session = new CakeSession('/index.php');
$this->assertEqual('/', $Session->path);
$Session = new CakeSession('/sub_dir/index.php');
$this->assertEqual('/sub_dir/', $Session->path);
$Session = new CakeSession('');
$this->assertEqual('/', $Session->path, 'Session path is empty, with "" as $base needs to be / %s');
}
/**
* testCheck method
*
* @access public
* @return void
*/
function testCheck() {
$this->Session->write('SessionTestCase', 'value');
$this->assertTrue($this->Session->check('SessionTestCase'));
$this->assertFalse($this->Session->check('NotExistingSessionTestCase'), false);
}
/**
* testSimpleRead method
*
* @access public
* @return void
*/
function testSimpleRead() {
$this->Session->write('testing', '1,2,3');
$result = $this->Session->read('testing');
$this->assertEqual($result, '1,2,3');
$this->Session->write('testing', array('1' => 'one', '2' => 'two','3' => 'three'));
$result = $this->Session->read('testing.1');
$this->assertEqual($result, 'one');
$result = $this->Session->read('testing');
$this->assertEqual($result, array('1' => 'one', '2' => 'two', '3' => 'three'));
$result = $this->Session->read();
$this->assertTrue(isset($result['testing']));
$this->assertTrue(isset($result['Config']));
$this->assertTrue(isset($result['Config']['userAgent']));
$this->Session->write('This.is.a.deep.array.my.friend', 'value');
$result = $this->Session->read('This.is.a.deep.array.my.friend');
$this->assertEqual('value', $result);
}
/**
* testId method
*
* @access public
* @return void
*/
function testId() {
$expected = session_id();
$result = $this->Session->id();
$this->assertEqual($result, $expected);
$this->Session->id('MySessionId');
$result = $this->Session->id();
$this->assertEqual($result, 'MySessionId');
}
/**
* testStarted method
*
* @access public
* @return void
*/
function testStarted() {
$this->assertTrue($this->Session->started());
unset($_SESSION);
$_SESSION = null;
$this->assertFalse($this->Session->started());
$this->assertTrue($this->Session->start());
$session = new CakeSession(null, false);
$this->assertTrue($session->started());
unset($session);
}
/**
* testError method
*
* @access public
* @return void
*/
function testError() {
$this->Session->read('Does.not.exist');
$result = $this->Session->error();
$this->assertEqual($result, "Does.not.exist doesn't exist");
$this->Session->delete('Failing.delete');
$result = $this->Session->error();
$this->assertEqual($result, "Failing.delete doesn't exist");
}
/**
* testDel method
*
* @access public
* @return void
*/
function testDelete() {
$this->assertTrue($this->Session->write('Delete.me', 'Clearing out'));
$this->assertTrue($this->Session->delete('Delete.me'));
$this->assertFalse($this->Session->check('Delete.me'));
$this->assertTrue($this->Session->check('Delete'));
$this->assertTrue($this->Session->write('Clearing.sale', 'everything must go'));
$this->assertTrue($this->Session->delete('Clearing'));
$this->assertFalse($this->Session->check('Clearing.sale'));
$this->assertFalse($this->Session->check('Clearing'));
}
/**
* testWatchVar method
*
* @access public
* @return void
*/
function testWatchVar() {
$this->assertFalse($this->Session->watch(null));
$this->Session->write('Watching', "I'm watching you");
$this->Session->watch('Watching');
$this->expectError('Writing session key {Watching}: "They found us!"');
$this->Session->write('Watching', 'They found us!');
$this->expectError('Deleting session key {Watching}');
$this->Session->delete('Watching');
$this->assertFalse($this->Session->watch('Invalid.key'));
}
/**
* testIgnore method
*
* @access public
* @return void
*/
function testIgnore() {
$this->Session->write('Watching', "I'm watching you");
$this->Session->watch('Watching');
$this->Session->ignore('Watching');
$this->assertTrue($this->Session->write('Watching', 'They found us!'));
}
/**
* testDestroy method
*
* @access public
* @return void
*/
function testDestroy() {
$this->Session->write('bulletProof', 'invicible');
$id = $this->Session->id();
$this->Session->destroy();
$this->assertFalse($this->Session->check('bulletProof'));
$this->assertNotEqual($id, $this->Session->id());
$this->assertTrue($this->Session->started());
$this->Session->cookieLifeTime = 'test';
$this->Session->destroy();
$this->assertNotEqual('test', $this->Session->cookieLifeTime);
}
/**
* testCheckingSavedEmpty method
*
* @access public
* @return void
*/
function testCheckingSavedEmpty() {
$this->assertTrue($this->Session->write('SessionTestCase', 0));
$this->assertTrue($this->Session->check('SessionTestCase'));
$this->assertTrue($this->Session->write('SessionTestCase', '0'));
$this->assertTrue($this->Session->check('SessionTestCase'));
$this->assertTrue($this->Session->write('SessionTestCase', false));
$this->assertTrue($this->Session->check('SessionTestCase'));
$this->assertTrue($this->Session->write('SessionTestCase', null));
$this->assertFalse($this->Session->check('SessionTestCase'));
}
/**
* testCheckKeyWithSpaces method
*
* @access public
* @return void
*/
function testCheckKeyWithSpaces() {
$this->assertTrue($this->Session->write('Session Test', "test"));
$this->assertEqual($this->Session->check('Session Test'), 'test');
$this->Session->delete('Session Test');
$this->assertTrue($this->Session->write('Session Test.Test Case', "test"));
$this->assertTrue($this->Session->check('Session Test.Test Case'));
}
/**
* test key exploitation
*
* @return void
*/
function testKeyExploit() {
$key = "a'] = 1; phpinfo(); \$_SESSION['a";
$result = $this->Session->write($key, 'haxored');
$this->assertTrue($result);
$result = $this->Session->read($key);
$this->assertEqual($result, 'haxored');
}
/**
* testReadingSavedEmpty method
*
* @access public
* @return void
*/
function testReadingSavedEmpty() {
$this->Session->write('SessionTestCase', 0);
$this->assertEqual($this->Session->read('SessionTestCase'), 0);
$this->Session->write('SessionTestCase', '0');
$this->assertEqual($this->Session->read('SessionTestCase'), '0');
$this->assertFalse($this->Session->read('SessionTestCase') === 0);
$this->Session->write('SessionTestCase', false);
$this->assertFalse($this->Session->read('SessionTestCase'));
$this->Session->write('SessionTestCase', null);
$this->assertEqual($this->Session->read('SessionTestCase'), null);
}
/**
* testCheckUserAgentFalse method
*
* @access public
* @return void
*/
function testCheckUserAgentFalse() {
Configure::write('Session.checkAgent', false);
$this->Session->_userAgent = md5('http://randomdomainname.com' . Configure::read('Security.salt'));
$this->assertTrue($this->Session->valid());
}
/**
* testCheckUserAgentTrue method
*
* @access public
* @return void
*/
function testCheckUserAgentTrue() {
Configure::write('Session.checkAgent', true);
$this->Session->_userAgent = md5('http://randomdomainname.com' . Configure::read('Security.salt'));
$this->assertFalse($this->Session->valid());
}
/**
* testReadAndWriteWithDatabaseStorage method
*
* @access public
* @return void
*/
function testReadAndWriteWithCakeStorage() {
unset($_SESSION);
session_destroy();
ini_set('session.save_handler', 'files');
Configure::write('Session.save', 'cake');
$this->setUp();
$this->Session->write('SessionTestCase', 0);
$this->assertEqual($this->Session->read('SessionTestCase'), 0);
$this->Session->write('SessionTestCase', '0');
$this->assertEqual($this->Session->read('SessionTestCase'), '0');
$this->assertFalse($this->Session->read('SessionTestCase') === 0);
$this->Session->write('SessionTestCase', false);
$this->assertFalse($this->Session->read('SessionTestCase'));
$this->Session->write('SessionTestCase', null);
$this->assertEqual($this->Session->read('SessionTestCase'), null);
$this->Session->write('SessionTestCase', 'This is a Test');
$this->assertEqual($this->Session->read('SessionTestCase'), 'This is a Test');
$this->Session->write('SessionTestCase', 'This is a Test');
$this->Session->write('SessionTestCase', 'This was updated');
$this->assertEqual($this->Session->read('SessionTestCase'), 'This was updated');
$this->Session->destroy();
$this->assertFalse($this->Session->read('SessionTestCase'));
}
/**
* testReadAndWriteWithDatabaseStorage method
*
* @access public
* @return void
*/
function testReadAndWriteWithCacheStorage() {
unset($_SESSION);
session_destroy();
ini_set('session.save_handler', 'files');
Configure::write('Session.save', 'cache');
$this->setUp();
$this->Session->write('SessionTestCase', 0);
$this->assertEqual($this->Session->read('SessionTestCase'), 0);
$this->Session->write('SessionTestCase', '0');
$this->assertEqual($this->Session->read('SessionTestCase'), '0');
$this->assertFalse($this->Session->read('SessionTestCase') === 0);
$this->Session->write('SessionTestCase', false);
$this->assertFalse($this->Session->read('SessionTestCase'));
$this->Session->write('SessionTestCase', null);
$this->assertEqual($this->Session->read('SessionTestCase'), null);
$this->Session->write('SessionTestCase', 'This is a Test');
$this->assertEqual($this->Session->read('SessionTestCase'), 'This is a Test');
$this->Session->write('SessionTestCase', 'This is a Test');
$this->Session->write('SessionTestCase', 'This was updated');
$this->assertEqual($this->Session->read('SessionTestCase'), 'This was updated');
$this->Session->destroy();
$this->assertFalse($this->Session->read('SessionTestCase'));
}
/**
* testReadAndWriteWithDatabaseStorage method
*
* @access public
* @return void
*/
function testReadAndWriteWithDatabaseStorage() {
unset($_SESSION);
session_destroy();
Configure::write('Session.table', 'sessions');
Configure::write('Session.model', 'Session');
Configure::write('Session.database', 'test_suite');
Configure::write('Session.save', 'database');
$this->setUp();
$this->Session->write('SessionTestCase', 0);
$this->assertEqual($this->Session->read('SessionTestCase'), 0);
$this->Session->write('SessionTestCase', '0');
$this->assertEqual($this->Session->read('SessionTestCase'), '0');
$this->assertFalse($this->Session->read('SessionTestCase') === 0);
$this->Session->write('SessionTestCase', false);
$this->assertFalse($this->Session->read('SessionTestCase'));
$this->Session->write('SessionTestCase', null);
$this->assertEqual($this->Session->read('SessionTestCase'), null);
$this->Session->write('SessionTestCase', 'This is a Test');
$this->assertEqual($this->Session->read('SessionTestCase'), 'This is a Test');
$this->Session->write('SessionTestCase', 'Some additional data');
$this->assertEqual($this->Session->read('SessionTestCase'), 'Some additional data');
$this->Session->destroy();
$this->assertFalse($this->Session->read('SessionTestCase'));
session_write_close();
unset($_SESSION);
ini_set('session.save_handler', 'files');
Configure::write('Session.save', 'php');
$this->setUp();
}
}