arno
/
privatebin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

implemented JSON file conversion on purge and storage in PHP files for data leak protection

Browse Source
El RIDO 7 years ago
parent e326310c57
commit 6b87a6e0e1
No known key found for this signature in database
GPG Key ID: 0F5C940A6BD81F92
9 changed files with 128 additions and 137 deletions
Show Stats Download Patch File Download Diff File

26
lib/Configuration.php
Unescape View File

@ -22,6 +22,13 @@ use PDO;
*/
class Configuration
{
/**
* First line in INI file, to hide contents
*
* @const string
*/
const PROTECTION_LINE = ';<?php http_response_code(403); /*' . PHP_EOL;
/**
* parsed configuration
*
@ -103,24 +110,27 @@ class Configuration
// rename INI files to avoid configuration leakage
if (is_readable($configIni)) {
$context = stream_context_create();
// don't overwrite already converted file
if (!is_file($configFile)) {
$iniHandle = fopen($configIni, 'r', false, stream_context_create());
$written = file_put_contents($configFile, ';<?php http_response_code(403); /*' . PHP_EOL);
$written = file_put_contents($configFile, $iniHandle, FILE_APPEND);
$iniHandle = fopen($configIni, 'r', false, $context);
file_put_contents($configFile, self::PROTECTION_LINE);
file_put_contents($configFile, $iniHandle, FILE_APPEND);
fclose($iniHandle);
unlink($configIni);
}
unlink($configIni);
// cleanup sample, too
$configSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php';
$configIniSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample';
if (is_readable($configIniSample)) {
if (is_readable($configSample)) {
unlink($configIniSample);
} else {
rename($configIniSample, $configSample);
if (!is_readable($configSample)) {
$iniSampleHandle = fopen($configIniSample, 'r', false, $context);
file_put_contents($configSample, self::PROTECTION_LINE);
file_put_contents($configSample, $iniSampleHandle, FILE_APPEND);
fclose($iniSampleHandle);
}
unlink($configIniSample);
}
}

88
lib/Data/Filesystem.php
Unescape View File

@ -22,6 +22,13 @@ use PrivateBin\Model\Paste;
*/
class Filesystem extends AbstractData
{
/**
* First line in JSON files, to hide contents
*
* @const string
*/
const PROTECTION_LINE = '<?php http_response_code(403); /*' . PHP_EOL;
/**
* directory where data is stored
*
@ -68,13 +75,13 @@ class Filesystem extends AbstractData
public function create($pasteid, $paste)
{
$storagedir = self::_dataid2path($pasteid);
if (is_file($storagedir . $pasteid)) {
if (is_file($storagedir . $pasteid . '.php')) {
return false;
}
if (!is_dir($storagedir)) {
mkdir($storagedir, 0700, true);
}
return (bool) file_put_contents($storagedir . $pasteid, Json::encode($paste));
return (bool) file_put_contents($storagedir . $pasteid . '.php', self::PROTECTION_LINE . Json::encode($paste));
}
/**
@ -89,9 +96,7 @@ class Filesystem extends AbstractData
if (!$this->exists($pasteid)) {
return false;
}
$paste = json_decode(
file_get_contents(self::_dataid2path($pasteid) . $pasteid)
);
$paste = self::_decodeFile(self::_dataid2path($pasteid) . $pasteid . '.php');
if (property_exists($paste->meta, 'attachment')) {
$paste->attachment = $paste->meta->attachment;
unset($paste->meta->attachment);
@ -115,8 +120,8 @@ class Filesystem extends AbstractData
$pastedir = self::_dataid2path($pasteid);
if (is_dir($pastedir)) {
// Delete the paste itself.
if (is_file($pastedir . $pasteid)) {
unlink($pastedir . $pasteid);
if (is_file($pastedir . $pasteid . '.php')) {
unlink($pastedir . $pasteid . '.php');
}
// Delete discussion if it exists.
@ -144,7 +149,41 @@ class Filesystem extends AbstractData
*/
public function exists($pasteid)
{
return is_file(self::_dataid2path($pasteid) . $pasteid);
$basePath = self::_dataid2path($pasteid) . $pasteid;
$pastePath = $basePath . '.php';
// convert to PHP protected files if needed
if (is_readable($basePath)) {
$context = stream_context_create();
// don't overwrite already converted file
if (!is_file($pastePath)) {
$handle = fopen($basePath, 'r', false, $context);
file_put_contents($pastePath, self::PROTECTION_LINE);
file_put_contents($pastePath, $handle, FILE_APPEND);
fclose($handle);
}
unlink($basePath);
// convert comments, too
$discdir = self::_dataid2discussionpath($pasteid);
if (is_dir($discdir)) {
$dir = dir($discdir);
while (false !== ($filename = $dir->read())) {
if (substr($filename, -4) !== '.php' && strlen($filename) >= 16) {
$commentFilename = $discdir . $filename . '.php';
// don't overwrite already converted file
if (!is_file($commentFilename)) {
$handle = fopen($discdir . $filename, 'r', false, $context);
file_put_contents($commentFilename, self::PROTECTION_LINE);
file_put_contents($commentFilename, $handle, FILE_APPEND);
fclose($handle);
}
unlink($discdir . $filename);
}
}
$dir->close();
}
}
return is_readable($pastePath);
}
/**
@ -161,14 +200,14 @@ class Filesystem extends AbstractData
public function createComment($pasteid, $parentid, $commentid, $comment)
{
$storagedir = self::_dataid2discussionpath($pasteid);
$filename = $pasteid . '.' . $commentid . '.' . $parentid;
$filename = $pasteid . '.' . $commentid . '.' . $parentid . '.php';
if (is_file($storagedir . $filename)) {
return false;
}
if (!is_dir($storagedir)) {
mkdir($storagedir, 0700, true);
}
return (bool) file_put_contents($storagedir . $filename, Json::encode($comment));
return (bool) file_put_contents($storagedir . $filename, self::PROTECTION_LINE . Json::encode($comment));
}
/**
@ -183,15 +222,14 @@ class Filesystem extends AbstractData
$comments = array();
$discdir = self::_dataid2discussionpath($pasteid);
if (is_dir($discdir)) {
// Delete all files in discussion directory
$dir = dir($discdir);
while (false !== ($filename = $dir->read())) {
// Filename is in the form pasteid.commentid.parentid:
// Filename is in the form pasteid.commentid.parentid.php:
// - pasteid is the paste this reply belongs to.
// - commentid is the comment identifier itself.
// - parentid is the comment this comment replies to (It can be pasteid)
if (is_file($discdir . $filename)) {
$comment = json_decode(file_get_contents($discdir . $filename));
$comment = self::_decodeFile($discdir . $filename);
$items = explode('.', $filename);
// Add some meta information not contained in file.
$comment->id = $items[1];
@ -223,7 +261,7 @@ class Filesystem extends AbstractData
{
return is_file(
self::_dataid2discussionpath($pasteid) .
$pasteid . '.' . $commentid . '.' . $parentid
$pasteid . '.' . $commentid . '.' . $parentid . '.php'
);
}
@ -263,7 +301,14 @@ class Filesystem extends AbstractData
continue;
}
$thirdLevel = array_filter(
scandir($path),
array_map(
function($filename) {
return strlen($filename) >= 20 ?
substr($filename, 0, -4) :
$filename;
},
scandir($path)
),
'PrivateBin\\Model\\Paste::isValidId'
);
if (count($thirdLevel) == 0) {
@ -378,4 +423,17 @@ class Filesystem extends AbstractData
{
return (bool) preg_match('/^[a-f0-9]{2}$/', $element);
}
/**
* Decodes a paste or comment file.
*
* @access private
* @static
* @param string $file
* @return array
*/
private static function _decodeFile($file)
{
return json_decode(substr(file_get_contents($file), strlen(self::PROTECTION_LINE)));
}
}

10
tst/Bootstrap.php
Unescape View File

@ -14,8 +14,8 @@ if (!defined('PATH')) {
if (!defined('CONF')) {
define('CONF', PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.php');
}
if (!is_file(CONF)) {
copy(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php', CONF);
if (!defined('CONF_SAMPLE')) {
define('CONF_SAMPLE', PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php');
}
require PATH . 'vendor/autoload.php';
@ -201,6 +201,9 @@ class Helper
if (!is_file(CONF . '.bak') && is_file(CONF)) {
rename(CONF, CONF . '.bak');
}
if (!is_file(CONF_SAMPLE . '.bak') && is_file(CONF_SAMPLE)) {
copy(CONF_SAMPLE, CONF_SAMPLE . '.bak');
}
}
/**
@ -213,6 +216,9 @@ class Helper
if (is_file(CONF . '.bak')) {
rename(CONF . '.bak', CONF);
}
if (is_file(CONF_SAMPLE . '.bak')) {
rename(CONF_SAMPLE . '.bak', CONF_SAMPLE);
}
}
/**

16
tst/ConfigurationTest.php
Unescape View File

@ -22,12 +22,14 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
public function tearDown()
{
/* Tear Down Routine */
if (is_file(CONF)) {
unlink(CONF);
}
Helper::confRestore();
}
public function testDefaultConfigFile()
{
$this->assertTrue(copy(CONF . '.bak', CONF), 'copy default configuration file');
$conf = new Configuration;
$this->assertEquals($this->_options, $conf->get(), 'default configuration is correct');
}
@ -41,7 +43,9 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
public function testHandleMissingConfigFile()
{
@unlink(CONF);
if (is_file(CONF)) {
unlink(CONF);
}
$conf = new Configuration;
$this->assertEquals($this->_options, $conf->get(), 'returns correct defaults on missing file');
}
@ -161,16 +165,16 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
public function testRenameIniSample()
{
$iniSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample';
$phpSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php';
Helper::createIniFile(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', $this->_options);
if (is_file(CONF)) {
chmod(CONF, 0600);
unlink(CONF);
}
rename($phpSample, $iniSample);
rename(CONF_SAMPLE, $iniSample);
new Configuration;
$this->assertFileNotExists($iniSample, 'old sample file gets removed');
$this->assertFileExists($phpSample, 'new sample file gets created');
$this->assertFileExists(CONF_SAMPLE, 'new sample file gets created');
$this->assertFileExists(CONF, 'old configuration file gets converted');
$this->assertFileNotExists(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', 'old configuration file gets removed');
}
}

7
tst/Data/FilesystemTest.php
Unescape View File

@ -160,13 +160,16 @@ class FilesystemTest extends PHPUnit_Framework_TestCase
$this->assertFileExists($storagedir . $dataid . '.php', "paste $dataid exists in new format");
$this->assertFileNotExists($storagedir . $dataid, "old format paste $dataid got removed");
$this->assertTrue($this->_model->exists($dataid), "paste $dataid exists");
$this->assertEquals($this->_model->read($dataid), $paste, "paste $dataid wasn't modified in the conversion");
$this->assertEquals($this->_model->read($dataid), json_decode(json_encode($paste)), "paste $dataid wasn't modified in the conversion");
$storagedir .= $dataid . '.discussion' . DIRECTORY_SEPARATOR;
$this->assertFileExists($storagedir . $dataid . '.' . $commentid . '.' . $dataid . '.php', "comment of $dataid exists in new format");
$this->assertFileNotExists($storagedir . $dataid . '.' . $commentid . '.' . $dataid, "old format comment of $dataid got removed");
$this->assertTrue($this->_model->existsComment($dataid, $dataid, $commentid), "comment in paste $dataid exists");
$this->assertEquals($this->_model->readComment($dataid, $dataid, $commentid), $comment, "comment of $dataid wasn't modified in the conversion");
$comment = json_decode(json_encode($comment));
$comment->id = $commentid;
$comment->parentid = $dataid;
$this->assertEquals($this->_model->readComments($dataid), array($comment->meta->postdate => $comment), "comment of $dataid wasn't modified in the conversion");
}
}
}

35
tst/JsonApiTest.php
Unescape View File

@ -14,30 +14,17 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
public function setUp()
{
/* Setup Routine */
Helper::confBackup();
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
$this->_model = Filesystem::getInstance(array('dir' => $this->_path));
ServerSalt::setPath($this->_path);
$this->reset();
}
public function tearDown()
{
/* Tear Down Routine */
Helper::confRestore();
Helper::rmDir($this->_path);
}
public function reset()
{
$_POST = array();
$_GET = array();
$_SERVER = array();
if ($this->_model->exists(Helper::getPasteId())) {
$this->_model->delete(Helper::getPasteId());
}
Helper::confRestore();
$options = parse_ini_file(CONF, true);
$options = parse_ini_file(CONF_SAMPLE, true);
$options['purge']['dir'] = $this->_path;
$options['traffic']['dir'] = $this->_path;
$options['model_options']['dir'] = $this->_path;
@ -45,15 +32,21 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
Helper::createIniFile(CONF, $options);
}
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
/**
* @runInSeparateProcess
*/
public function testCreate()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@ -80,10 +73,8 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testPut()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$paste = Helper::getPaste();
unset($paste['meta']);
@ -116,7 +107,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testDelete()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(Helper::getPasteId());
@ -142,7 +132,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteWithPost()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(Helper::getPasteId());
@ -167,7 +156,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testRead()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$paste['meta']['attachment'] = $paste['attachment'];
$paste['meta']['attachmentname'] = $paste['attachmentname'];
@ -199,7 +187,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdPaste()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'paste';
@ -219,7 +206,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdComment()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'comment';
@ -239,7 +225,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdPasteMeta()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'pastemeta';
@ -259,7 +244,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdCommentMeta()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'commentmeta';
@ -279,7 +263,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdInvalid()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = CONF;

7
tst/ModelTest.php
Unescape View File

@ -20,13 +20,12 @@ class ModelTest extends PHPUnit_Framework_TestCase
public function setUp()
{
/* Setup Routine */
Helper::confRestore();
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
if (!is_dir($this->_path)) {
mkdir($this->_path);
}
ServerSalt::setPath($this->_path);
$options = parse_ini_file(CONF, true);
$options = parse_ini_file(CONF_SAMPLE, true);
$options['purge']['limit'] = 0;
$options['model'] = array(
'class' => 'Database',
@ -47,6 +46,7 @@ class ModelTest extends PHPUnit_Framework_TestCase
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
@ -274,7 +274,6 @@ class ModelTest extends PHPUnit_Framework_TestCase
'pwd' => null,
'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION),
);
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$model = new Model(new Configuration);
@ -329,7 +328,6 @@ class ModelTest extends PHPUnit_Framework_TestCase
'pwd' => null,
'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION),
);
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$model = new Model(new Configuration);
@ -367,7 +365,6 @@ class ModelTest extends PHPUnit_Framework_TestCase
'pwd' => null,
'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION),
);
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$model = new Model(new Configuration);

72
tst/PrivateBinTest.php
Unescape View File

@ -16,13 +16,13 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
/* Setup Routine */
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
$this->_model = Filesystem::getInstance(array('dir' => $this->_path));
ServerSalt::setPath($this->_path);
$this->reset();
}
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
@ -35,13 +35,13 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
if ($this->_model->exists(Helper::getPasteId())) {
$this->_model->delete(Helper::getPasteId());
}
Helper::confRestore();
$options = parse_ini_file(CONF, true);
$options = parse_ini_file(CONF_SAMPLE, true);
$options['purge']['dir'] = $this->_path;
$options['traffic']['dir'] = $this->_path;
$options['model_options']['dir'] = $this->_path;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
ServerSalt::setPath($this->_path);
}
/**
@ -49,7 +49,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testView()
{
$this->reset();
ob_start();
new PrivateBin;
$content = ob_get_contents();
@ -71,10 +70,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testViewLanguageSelection()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['main']['languageselection'] = true;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_COOKIE['lang'] = 'de';
ob_start();
@ -93,11 +90,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testViewForceLanguageDefault()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['main']['languageselection'] = false;
$options['main']['languagedefault'] = 'fr';
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_COOKIE['lang'] = 'de';
ob_start();
@ -117,10 +112,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
public function testViewUrlShortener()
{
$shortener = 'https://shortener.example.com/api?link=';
$this->reset();
$options = parse_ini_file(CONF, true);
$options['main']['urlshortener'] = $shortener;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_COOKIE['lang'] = 'de';
ob_start();
@ -139,7 +132,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testHtaccess()
{
$this->reset();
$dirs = array('cfg', 'lib');
foreach ($dirs as $dir) {
$file = PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess';
@ -163,8 +155,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testConf()
{
$this->reset();
Helper::confBackup();
file_put_contents(CONF, '');
new PrivateBin;
}
@ -174,10 +164,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreate()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@ -203,10 +191,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidTimelimit()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste(array('expire' => 25));
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@ -233,11 +219,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidSize()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['main']['sizelimit'] = 10;
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@ -257,10 +241,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateProxyHeader()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['header'] = 'X_FORWARDED_FOR';
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_FORWARDED_FOR'] = '::2';
@ -287,10 +269,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateDuplicateId()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_POST = Helper::getPaste();
@ -311,10 +291,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateValidExpire()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['expire'] = '5min';
@ -344,10 +322,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateValidExpireWithDiscussion()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['expire'] = '5min';
@ -378,10 +354,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidExpire()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['expire'] = 'foo';
@ -408,10 +382,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidBurn()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['burnafterreading'] = 'neither 1 nor 0';
@ -432,10 +404,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidOpenDiscussion()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['opendiscussion'] = 'neither 1 nor 0';
@ -456,11 +426,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateAttachment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
$options['main']['fileupload'] = true;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPasteWithAttachment();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@ -494,11 +462,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateBrokenAttachmentUpload()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
$options['main']['fileupload'] = true;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPasteWithAttachment();
unset($_POST['attachment']);
@ -520,7 +486,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateTooSoon()
{
$this->reset();
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'POST';
@ -543,10 +508,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateValidNick()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['nickname'] = Helper::getComment()['meta']['nickname'];
@ -573,10 +536,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidNick()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@ -600,10 +561,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateComment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@ -626,10 +585,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidComment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@ -652,10 +609,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateCommentDiscussionDisabled()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@ -679,10 +634,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateCommentInvalidPaste()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@ -704,10 +657,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateDuplicateComment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment());
@ -732,7 +683,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testRead()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
ob_start();
@ -753,7 +703,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadInvalidId()
{
$this->reset();
$_SERVER['QUERY_STRING'] = 'foo';
ob_start();
new PrivateBin;
@ -771,7 +720,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadNonexisting()
{
$this->reset();
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
ob_start();
new PrivateBin;
@ -789,7 +737,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadExpired()
{
$this->reset();
$expiredPaste = Helper::getPaste(array('expire_date' => 1344803344));
$this->_model->create(Helper::getPasteId(), $expiredPaste);
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
@ -809,7 +756,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadBurn()
{
$this->reset();
$burnPaste = Helper::getPaste(array('burnafterreading' => true));
$this->_model->create(Helper::getPasteId(), $burnPaste);
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
@ -832,7 +778,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadJson()
{
$this->reset();
$paste = Helper::getPaste();
$this->_model->create(Helper::getPasteId(), $paste);
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
@ -858,7 +803,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadInvalidJson()
{
$this->reset();
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
ob_start();
@ -874,7 +818,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadOldSyntax()
{
$this->reset();
$oldPaste = Helper::getPaste();
$meta = array(
'syntaxcoloring' => true,
@ -903,7 +846,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadOldFormat()
{
$this->reset();
$oldPaste = Helper::getPaste();
unset($oldPaste['meta']['formatter']);
$this->_model->create(Helper::getPasteId(), $oldPaste);
@ -928,7 +870,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDelete()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(Helper::getPasteId());
@ -951,7 +892,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInvalidId()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_GET['pasteid'] = 'foo';
$_GET['deletetoken'] = 'bar';
@ -972,7 +912,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInexistantId()
{
$this->reset();
$_GET['pasteid'] = Helper::getPasteId();
$_GET['deletetoken'] = 'bar';
ob_start();
@ -991,7 +930,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInvalidToken()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_GET['pasteid'] = Helper::getPasteId();
$_GET['deletetoken'] = 'bar';
@ -1012,7 +950,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteBurnAfterReading()
{
$this->reset();
$burnPaste = Helper::getPaste(array('burnafterreading' => true));
$this->_model->create(Helper::getPasteId(), $burnPaste);
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
@ -1034,7 +971,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInvalidBurnAfterReading()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$_POST['deletetoken'] = 'burnafterreading';
@ -1055,7 +991,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteExpired()
{
$this->reset();
$expiredPaste = Helper::getPaste(array('expire_date' => 1000));
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exist before being created');
$this->_model->create(Helper::getPasteId(), $expiredPaste);
@ -1079,7 +1014,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteMissingPerPasteSalt()
{
$this->reset();
$paste = Helper::getPaste();
unset($paste['meta']['salt']);
$this->_model->create(Helper::getPasteId(), $paste);

4
tst/PrivateBinWithDbTest.php
Unescape View File

@ -23,7 +23,6 @@ class PrivateBinWithDbTest extends PrivateBinTest
if (!is_dir($this->_path)) {
mkdir($this->_path);
}
ServerSalt::setPath($this->_path);
$this->_options['dsn'] = 'sqlite:' . $this->_path . DIRECTORY_SEPARATOR . 'tst.sq3';
$this->_model = Database::getInstance($this->_options);
$this->reset();
@ -37,10 +36,7 @@ class PrivateBinWithDbTest extends PrivateBinTest
$options['model'] = array(
'class' => 'Database',
);
$options['purge']['dir'] = $this->_path;
$options['traffic']['dir'] = $this->_path;
$options['model_options'] = $this->_options;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
}
}

Write Preview
Loading…
Cancel
Save