From 93a2b97d697b5ccbbe41e4600b81a3cfa9f41160 Mon Sep 17 00:00:00 2001 From: El RIDO Date: Wed, 23 Oct 2024 08:17:13 +0200 Subject: [PATCH] add failing test case, dedup code --- tst/Bootstrap.php | 11 +++++++++ tst/Data/FilesystemTest.php | 4 +--- tst/RequestTest.php | 48 +++++++++++++++++++++---------------- 3 files changed, 39 insertions(+), 24 deletions(-) diff --git a/tst/Bootstrap.php b/tst/Bootstrap.php index 28b56422..8d8e61c6 100644 --- a/tst/Bootstrap.php +++ b/tst/Bootstrap.php @@ -238,6 +238,17 @@ class Helper return json_encode(self::getCommentPost()); } + /** + * Returns 16 random hexadecimal characters. + * + * @return string + */ + public static function getRandomId() + { + // 8 binary bytes are 16 characters long in hex + return bin2hex(random_bytes(8)); + } + /** * delete directory and all its contents recursively * diff --git a/tst/Data/FilesystemTest.php b/tst/Data/FilesystemTest.php index 390cb66d..1e4f2b93 100644 --- a/tst/Data/FilesystemTest.php +++ b/tst/Data/FilesystemTest.php @@ -141,9 +141,7 @@ class FilesystemTest extends TestCase $commentid = Helper::getCommentId(); $ids = array(); for ($i = 0, $max = 10; $i < $max; ++$i) { - // PHPs mt_rand only supports 32 bit or up 0x7fffffff on 64 bit systems to be precise :-/ - $dataid = str_pad(dechex(mt_rand(0, mt_getrandmax())), 8, '0', STR_PAD_LEFT) . - str_pad(dechex(mt_rand(0, mt_getrandmax())), 8, '0', STR_PAD_LEFT); + $dataid = Helper::getRandomId(); $storagedir = $this->_path . DIRECTORY_SEPARATOR . substr($dataid, 0, 2) . DIRECTORY_SEPARATOR . substr($dataid, 2, 2) . DIRECTORY_SEPARATOR; $ids[$dataid] = $storagedir; diff --git a/tst/RequestTest.php b/tst/RequestTest.php index 2207fa7e..eb22655f 100644 --- a/tst/RequestTest.php +++ b/tst/RequestTest.php @@ -12,18 +12,6 @@ class RequestTest extends TestCase $_POST = array(); } - /** - * Returns 16 random hexadecimal characters. - * - * @access public - * @return string - */ - public function getRandomId() - { - // 8 binary bytes are 16 characters long in hex - return bin2hex(random_bytes(8)); - } - /** * Returns random query safe characters. * @@ -54,7 +42,25 @@ class RequestTest extends TestCase public function testRead() { $this->reset(); - $id = $this->getRandomId(); + $id = Helper::getRandomId(); + $_SERVER['REQUEST_METHOD'] = 'GET'; + $_SERVER['QUERY_STRING'] = $id; + $_GET[$id] = ''; + $request = new Request; + $this->assertFalse($request->isJsonApiCall(), 'is HTML call'); + $this->assertEquals($id, $request->getParam('pasteid')); + $this->assertEquals('read', $request->getOperation()); + } + + /** + * paste IDs are 8 bytes hex encoded strings, if unlucky, this turns into + * a numeric string that PHP will cast to an int, for example in array keys + * @see https://www.php.net/manual/en/language.types.array.php + */ + public function testReadNumeric() + { + $this->reset(); + $id = '1234567812345678'; $_SERVER['REQUEST_METHOD'] = 'GET'; $_SERVER['QUERY_STRING'] = $id; $_GET[$id] = ''; @@ -67,7 +73,7 @@ class RequestTest extends TestCase public function testDelete() { $this->reset(); - $id = $this->getRandomId(); + $id = Helper::getRandomId(); $_SERVER['REQUEST_METHOD'] = 'GET'; $_GET['pasteid'] = $id; $_GET['deletetoken'] = 'bar'; @@ -110,7 +116,7 @@ class RequestTest extends TestCase public function testApiRead() { $this->reset(); - $id = $this->getRandomId(); + $id = Helper::getRandomId(); $_SERVER['REQUEST_METHOD'] = 'GET'; $_SERVER['HTTP_ACCEPT'] = 'application/json, text/javascript, */*; q=0.01'; $_SERVER['QUERY_STRING'] = $id; @@ -124,7 +130,7 @@ class RequestTest extends TestCase public function testApiDelete() { $this->reset(); - $id = $this->getRandomId(); + $id = Helper::getRandomId(); $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['QUERY_STRING'] = $id; @@ -155,7 +161,7 @@ class RequestTest extends TestCase public function testReadWithNegotiation() { $this->reset(); - $id = $this->getRandomId(); + $id = Helper::getRandomId(); $_SERVER['REQUEST_METHOD'] = 'GET'; $_SERVER['HTTP_ACCEPT'] = 'text/html,text/html; charset=UTF-8,application/xhtml+xml, application/xml;q=0.9,*/*;q=0.8, text/csv,application/json'; $_SERVER['QUERY_STRING'] = $id; @@ -169,7 +175,7 @@ class RequestTest extends TestCase public function testReadWithXhtmlNegotiation() { $this->reset(); - $id = $this->getRandomId(); + $id = Helper::getRandomId(); $_SERVER['REQUEST_METHOD'] = 'GET'; $_SERVER['HTTP_ACCEPT'] = 'application/xhtml+xml,text/html,text/html; charset=UTF-8, application/xml;q=0.9,*/*;q=0.8, text/csv,application/json'; $_SERVER['QUERY_STRING'] = $id; @@ -183,7 +189,7 @@ class RequestTest extends TestCase public function testApiReadWithNegotiation() { $this->reset(); - $id = $this->getRandomId(); + $id = Helper::getRandomId(); $_SERVER['REQUEST_METHOD'] = 'GET'; $_SERVER['HTTP_ACCEPT'] = 'text/plain,text/csv, application/xml;q=0.9, application/json, text/html,text/html; charset=UTF-8,application/xhtml+xml, */*;q=0.8'; $_SERVER['QUERY_STRING'] = $id; @@ -197,7 +203,7 @@ class RequestTest extends TestCase public function testReadWithFailedNegotiation() { $this->reset(); - $id = $this->getRandomId(); + $id = Helper::getRandomId(); $_SERVER['REQUEST_METHOD'] = 'GET'; $_SERVER['HTTP_ACCEPT'] = 'text/plain,text/csv, application/xml;q=0.9, */*;q=0.8'; $_SERVER['QUERY_STRING'] = $id; @@ -211,7 +217,7 @@ class RequestTest extends TestCase public function testPasteIdExtraction() { $this->reset(); - $id = $this->getRandomId(); + $id = Helper::getRandomId(); $queryParams = array($id); $queryParamCount = random_int(1, 5); for ($i = 0; $i < $queryParamCount; ++$i) {