From 6b87a6e0e134b33d8f65525250dc0cabfb11dfde Mon Sep 17 00:00:00 2001 From: El RIDO Date: Sun, 8 Oct 2017 11:03:17 +0200 Subject: [PATCH] implemented JSON file conversion on purge and storage in PHP files for data leak protection --- lib/Configuration.php | 26 +++++++---- lib/Data/Filesystem.php | 88 ++++++++++++++++++++++++++++++------ tst/Bootstrap.php | 10 +++- tst/ConfigurationTest.php | 16 ++++--- tst/Data/FilesystemTest.php | 7 ++- tst/JsonApiTest.php | 35 ++++---------- tst/ModelTest.php | 7 +-- tst/PrivateBinTest.php | 72 ++--------------------------- tst/PrivateBinWithDbTest.php | 4 -- 9 files changed, 128 insertions(+), 137 deletions(-) diff --git a/lib/Configuration.php b/lib/Configuration.php index 65e3156..4215b06 100644 --- a/lib/Configuration.php +++ b/lib/Configuration.php @@ -22,6 +22,13 @@ use PDO; */ class Configuration { + /** + * First line in INI file, to hide contents + * + * @const string + */ + const PROTECTION_LINE = ';exists($pasteid)) { return false; } - $paste = json_decode( - file_get_contents(self::_dataid2path($pasteid) . $pasteid) - ); + $paste = self::_decodeFile(self::_dataid2path($pasteid) . $pasteid . '.php'); if (property_exists($paste->meta, 'attachment')) { $paste->attachment = $paste->meta->attachment; unset($paste->meta->attachment); @@ -115,8 +120,8 @@ class Filesystem extends AbstractData $pastedir = self::_dataid2path($pasteid); if (is_dir($pastedir)) { // Delete the paste itself. - if (is_file($pastedir . $pasteid)) { - unlink($pastedir . $pasteid); + if (is_file($pastedir . $pasteid . '.php')) { + unlink($pastedir . $pasteid . '.php'); } // Delete discussion if it exists. @@ -144,7 +149,41 @@ class Filesystem extends AbstractData */ public function exists($pasteid) { - return is_file(self::_dataid2path($pasteid) . $pasteid); + $basePath = self::_dataid2path($pasteid) . $pasteid; + $pastePath = $basePath . '.php'; + // convert to PHP protected files if needed + if (is_readable($basePath)) { + $context = stream_context_create(); + // don't overwrite already converted file + if (!is_file($pastePath)) { + $handle = fopen($basePath, 'r', false, $context); + file_put_contents($pastePath, self::PROTECTION_LINE); + file_put_contents($pastePath, $handle, FILE_APPEND); + fclose($handle); + } + unlink($basePath); + + // convert comments, too + $discdir = self::_dataid2discussionpath($pasteid); + if (is_dir($discdir)) { + $dir = dir($discdir); + while (false !== ($filename = $dir->read())) { + if (substr($filename, -4) !== '.php' && strlen($filename) >= 16) { + $commentFilename = $discdir . $filename . '.php'; + // don't overwrite already converted file + if (!is_file($commentFilename)) { + $handle = fopen($discdir . $filename, 'r', false, $context); + file_put_contents($commentFilename, self::PROTECTION_LINE); + file_put_contents($commentFilename, $handle, FILE_APPEND); + fclose($handle); + } + unlink($discdir . $filename); + } + } + $dir->close(); + } + } + return is_readable($pastePath); } /** @@ -161,14 +200,14 @@ class Filesystem extends AbstractData public function createComment($pasteid, $parentid, $commentid, $comment) { $storagedir = self::_dataid2discussionpath($pasteid); - $filename = $pasteid . '.' . $commentid . '.' . $parentid; + $filename = $pasteid . '.' . $commentid . '.' . $parentid . '.php'; if (is_file($storagedir . $filename)) { return false; } if (!is_dir($storagedir)) { mkdir($storagedir, 0700, true); } - return (bool) file_put_contents($storagedir . $filename, Json::encode($comment)); + return (bool) file_put_contents($storagedir . $filename, self::PROTECTION_LINE . Json::encode($comment)); } /** @@ -183,15 +222,14 @@ class Filesystem extends AbstractData $comments = array(); $discdir = self::_dataid2discussionpath($pasteid); if (is_dir($discdir)) { - // Delete all files in discussion directory $dir = dir($discdir); while (false !== ($filename = $dir->read())) { - // Filename is in the form pasteid.commentid.parentid: + // Filename is in the form pasteid.commentid.parentid.php: // - pasteid is the paste this reply belongs to. // - commentid is the comment identifier itself. // - parentid is the comment this comment replies to (It can be pasteid) if (is_file($discdir . $filename)) { - $comment = json_decode(file_get_contents($discdir . $filename)); + $comment = self::_decodeFile($discdir . $filename); $items = explode('.', $filename); // Add some meta information not contained in file. $comment->id = $items[1]; @@ -223,7 +261,7 @@ class Filesystem extends AbstractData { return is_file( self::_dataid2discussionpath($pasteid) . - $pasteid . '.' . $commentid . '.' . $parentid + $pasteid . '.' . $commentid . '.' . $parentid . '.php' ); } @@ -263,7 +301,14 @@ class Filesystem extends AbstractData continue; } $thirdLevel = array_filter( - scandir($path), + array_map( + function($filename) { + return strlen($filename) >= 20 ? + substr($filename, 0, -4) : + $filename; + }, + scandir($path) + ), 'PrivateBin\\Model\\Paste::isValidId' ); if (count($thirdLevel) == 0) { @@ -378,4 +423,17 @@ class Filesystem extends AbstractData { return (bool) preg_match('/^[a-f0-9]{2}$/', $element); } + + /** + * Decodes a paste or comment file. + * + * @access private + * @static + * @param string $file + * @return array + */ + private static function _decodeFile($file) + { + return json_decode(substr(file_get_contents($file), strlen(self::PROTECTION_LINE))); + } } diff --git a/tst/Bootstrap.php b/tst/Bootstrap.php index 85e2558..e144247 100644 --- a/tst/Bootstrap.php +++ b/tst/Bootstrap.php @@ -14,8 +14,8 @@ if (!defined('PATH')) { if (!defined('CONF')) { define('CONF', PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.php'); } -if (!is_file(CONF)) { - copy(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php', CONF); +if (!defined('CONF_SAMPLE')) { + define('CONF_SAMPLE', PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php'); } require PATH . 'vendor/autoload.php'; @@ -201,6 +201,9 @@ class Helper if (!is_file(CONF . '.bak') && is_file(CONF)) { rename(CONF, CONF . '.bak'); } + if (!is_file(CONF_SAMPLE . '.bak') && is_file(CONF_SAMPLE)) { + copy(CONF_SAMPLE, CONF_SAMPLE . '.bak'); + } } /** @@ -213,6 +216,9 @@ class Helper if (is_file(CONF . '.bak')) { rename(CONF . '.bak', CONF); } + if (is_file(CONF_SAMPLE . '.bak')) { + rename(CONF_SAMPLE . '.bak', CONF_SAMPLE); + } } /** diff --git a/tst/ConfigurationTest.php b/tst/ConfigurationTest.php index 55d8288..66acece 100644 --- a/tst/ConfigurationTest.php +++ b/tst/ConfigurationTest.php @@ -22,12 +22,14 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase public function tearDown() { /* Tear Down Routine */ + if (is_file(CONF)) { + unlink(CONF); + } Helper::confRestore(); } public function testDefaultConfigFile() { - $this->assertTrue(copy(CONF . '.bak', CONF), 'copy default configuration file'); $conf = new Configuration; $this->assertEquals($this->_options, $conf->get(), 'default configuration is correct'); } @@ -41,7 +43,9 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase public function testHandleMissingConfigFile() { - @unlink(CONF); + if (is_file(CONF)) { + unlink(CONF); + } $conf = new Configuration; $this->assertEquals($this->_options, $conf->get(), 'returns correct defaults on missing file'); } @@ -161,16 +165,16 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase public function testRenameIniSample() { $iniSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample'; - $phpSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php'; Helper::createIniFile(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', $this->_options); if (is_file(CONF)) { - chmod(CONF, 0600); unlink(CONF); } - rename($phpSample, $iniSample); + rename(CONF_SAMPLE, $iniSample); new Configuration; $this->assertFileNotExists($iniSample, 'old sample file gets removed'); - $this->assertFileExists($phpSample, 'new sample file gets created'); + $this->assertFileExists(CONF_SAMPLE, 'new sample file gets created'); + $this->assertFileExists(CONF, 'old configuration file gets converted'); + $this->assertFileNotExists(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', 'old configuration file gets removed'); } } diff --git a/tst/Data/FilesystemTest.php b/tst/Data/FilesystemTest.php index 4b6d7bd..d232e76 100644 --- a/tst/Data/FilesystemTest.php +++ b/tst/Data/FilesystemTest.php @@ -160,13 +160,16 @@ class FilesystemTest extends PHPUnit_Framework_TestCase $this->assertFileExists($storagedir . $dataid . '.php', "paste $dataid exists in new format"); $this->assertFileNotExists($storagedir . $dataid, "old format paste $dataid got removed"); $this->assertTrue($this->_model->exists($dataid), "paste $dataid exists"); - $this->assertEquals($this->_model->read($dataid), $paste, "paste $dataid wasn't modified in the conversion"); + $this->assertEquals($this->_model->read($dataid), json_decode(json_encode($paste)), "paste $dataid wasn't modified in the conversion"); $storagedir .= $dataid . '.discussion' . DIRECTORY_SEPARATOR; $this->assertFileExists($storagedir . $dataid . '.' . $commentid . '.' . $dataid . '.php', "comment of $dataid exists in new format"); $this->assertFileNotExists($storagedir . $dataid . '.' . $commentid . '.' . $dataid, "old format comment of $dataid got removed"); $this->assertTrue($this->_model->existsComment($dataid, $dataid, $commentid), "comment in paste $dataid exists"); - $this->assertEquals($this->_model->readComment($dataid, $dataid, $commentid), $comment, "comment of $dataid wasn't modified in the conversion"); + $comment = json_decode(json_encode($comment)); + $comment->id = $commentid; + $comment->parentid = $dataid; + $this->assertEquals($this->_model->readComments($dataid), array($comment->meta->postdate => $comment), "comment of $dataid wasn't modified in the conversion"); } } } diff --git a/tst/JsonApiTest.php b/tst/JsonApiTest.php index 8f50cc7..b3caacf 100644 --- a/tst/JsonApiTest.php +++ b/tst/JsonApiTest.php @@ -14,30 +14,17 @@ class JsonApiTest extends PHPUnit_Framework_TestCase public function setUp() { /* Setup Routine */ - Helper::confBackup(); $this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data'; $this->_model = Filesystem::getInstance(array('dir' => $this->_path)); ServerSalt::setPath($this->_path); - $this->reset(); - } - - public function tearDown() - { - /* Tear Down Routine */ - Helper::confRestore(); - Helper::rmDir($this->_path); - } - public function reset() - { $_POST = array(); $_GET = array(); $_SERVER = array(); if ($this->_model->exists(Helper::getPasteId())) { $this->_model->delete(Helper::getPasteId()); } - Helper::confRestore(); - $options = parse_ini_file(CONF, true); + $options = parse_ini_file(CONF_SAMPLE, true); $options['purge']['dir'] = $this->_path; $options['traffic']['dir'] = $this->_path; $options['model_options']['dir'] = $this->_path; @@ -45,15 +32,21 @@ class JsonApiTest extends PHPUnit_Framework_TestCase Helper::createIniFile(CONF, $options); } + public function tearDown() + { + /* Tear Down Routine */ + unlink(CONF); + Helper::confRestore(); + Helper::rmDir($this->_path); + } + /** * @runInSeparateProcess */ public function testCreate() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -80,10 +73,8 @@ class JsonApiTest extends PHPUnit_Framework_TestCase */ public function testPut() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $paste = Helper::getPaste(); unset($paste['meta']); @@ -116,7 +107,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase */ public function testDelete() { - $this->reset(); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); $paste = $this->_model->read(Helper::getPasteId()); @@ -142,7 +132,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase */ public function testDeleteWithPost() { - $this->reset(); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); $paste = $this->_model->read(Helper::getPasteId()); @@ -167,7 +156,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase */ public function testRead() { - $this->reset(); $paste = Helper::getPasteWithAttachment(); $paste['meta']['attachment'] = $paste['attachment']; $paste['meta']['attachmentname'] = $paste['attachmentname']; @@ -199,7 +187,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase */ public function testJsonLdPaste() { - $this->reset(); $paste = Helper::getPasteWithAttachment(); $this->_model->create(Helper::getPasteId(), $paste); $_GET['jsonld'] = 'paste'; @@ -219,7 +206,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase */ public function testJsonLdComment() { - $this->reset(); $paste = Helper::getPasteWithAttachment(); $this->_model->create(Helper::getPasteId(), $paste); $_GET['jsonld'] = 'comment'; @@ -239,7 +225,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase */ public function testJsonLdPasteMeta() { - $this->reset(); $paste = Helper::getPasteWithAttachment(); $this->_model->create(Helper::getPasteId(), $paste); $_GET['jsonld'] = 'pastemeta'; @@ -259,7 +244,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase */ public function testJsonLdCommentMeta() { - $this->reset(); $paste = Helper::getPasteWithAttachment(); $this->_model->create(Helper::getPasteId(), $paste); $_GET['jsonld'] = 'commentmeta'; @@ -279,7 +263,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase */ public function testJsonLdInvalid() { - $this->reset(); $paste = Helper::getPasteWithAttachment(); $this->_model->create(Helper::getPasteId(), $paste); $_GET['jsonld'] = CONF; diff --git a/tst/ModelTest.php b/tst/ModelTest.php index 8f7a40b..f2a99d2 100644 --- a/tst/ModelTest.php +++ b/tst/ModelTest.php @@ -20,13 +20,12 @@ class ModelTest extends PHPUnit_Framework_TestCase public function setUp() { /* Setup Routine */ - Helper::confRestore(); $this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data'; if (!is_dir($this->_path)) { mkdir($this->_path); } ServerSalt::setPath($this->_path); - $options = parse_ini_file(CONF, true); + $options = parse_ini_file(CONF_SAMPLE, true); $options['purge']['limit'] = 0; $options['model'] = array( 'class' => 'Database', @@ -47,6 +46,7 @@ class ModelTest extends PHPUnit_Framework_TestCase public function tearDown() { /* Tear Down Routine */ + unlink(CONF); Helper::confRestore(); Helper::rmDir($this->_path); } @@ -274,7 +274,6 @@ class ModelTest extends PHPUnit_Framework_TestCase 'pwd' => null, 'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION), ); - Helper::confBackup(); Helper::createIniFile(CONF, $options); $model = new Model(new Configuration); @@ -329,7 +328,6 @@ class ModelTest extends PHPUnit_Framework_TestCase 'pwd' => null, 'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION), ); - Helper::confBackup(); Helper::createIniFile(CONF, $options); $model = new Model(new Configuration); @@ -367,7 +365,6 @@ class ModelTest extends PHPUnit_Framework_TestCase 'pwd' => null, 'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION), ); - Helper::confBackup(); Helper::createIniFile(CONF, $options); $model = new Model(new Configuration); diff --git a/tst/PrivateBinTest.php b/tst/PrivateBinTest.php index 355b3f9..d2772de 100644 --- a/tst/PrivateBinTest.php +++ b/tst/PrivateBinTest.php @@ -16,13 +16,13 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase /* Setup Routine */ $this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data'; $this->_model = Filesystem::getInstance(array('dir' => $this->_path)); - ServerSalt::setPath($this->_path); $this->reset(); } public function tearDown() { /* Tear Down Routine */ + unlink(CONF); Helper::confRestore(); Helper::rmDir($this->_path); } @@ -35,13 +35,13 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase if ($this->_model->exists(Helper::getPasteId())) { $this->_model->delete(Helper::getPasteId()); } - Helper::confRestore(); - $options = parse_ini_file(CONF, true); + $options = parse_ini_file(CONF_SAMPLE, true); $options['purge']['dir'] = $this->_path; $options['traffic']['dir'] = $this->_path; $options['model_options']['dir'] = $this->_path; Helper::confBackup(); Helper::createIniFile(CONF, $options); + ServerSalt::setPath($this->_path); } /** @@ -49,7 +49,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testView() { - $this->reset(); ob_start(); new PrivateBin; $content = ob_get_contents(); @@ -71,10 +70,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testViewLanguageSelection() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['main']['languageselection'] = true; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_COOKIE['lang'] = 'de'; ob_start(); @@ -93,11 +90,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testViewForceLanguageDefault() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['main']['languageselection'] = false; $options['main']['languagedefault'] = 'fr'; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_COOKIE['lang'] = 'de'; ob_start(); @@ -117,10 +112,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase public function testViewUrlShortener() { $shortener = 'https://shortener.example.com/api?link='; - $this->reset(); $options = parse_ini_file(CONF, true); $options['main']['urlshortener'] = $shortener; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_COOKIE['lang'] = 'de'; ob_start(); @@ -139,7 +132,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testHtaccess() { - $this->reset(); $dirs = array('cfg', 'lib'); foreach ($dirs as $dir) { $file = PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess'; @@ -163,8 +155,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testConf() { - $this->reset(); - Helper::confBackup(); file_put_contents(CONF, ''); new PrivateBin; } @@ -174,10 +164,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreate() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -203,10 +191,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateInvalidTimelimit() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(array('expire' => 25)); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -233,11 +219,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateInvalidSize() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['main']['sizelimit'] = 10; $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -257,10 +241,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateProxyHeader() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['header'] = 'X_FORWARDED_FOR'; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(); $_SERVER['HTTP_X_FORWARDED_FOR'] = '::2'; @@ -287,10 +269,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateDuplicateId() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); $_POST = Helper::getPaste(); @@ -311,10 +291,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateValidExpire() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(); $_POST['expire'] = '5min'; @@ -344,10 +322,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateValidExpireWithDiscussion() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(); $_POST['expire'] = '5min'; @@ -378,10 +354,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateInvalidExpire() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(); $_POST['expire'] = 'foo'; @@ -408,10 +382,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateInvalidBurn() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(); $_POST['burnafterreading'] = 'neither 1 nor 0'; @@ -432,10 +404,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateInvalidOpenDiscussion() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(); $_POST['opendiscussion'] = 'neither 1 nor 0'; @@ -456,11 +426,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateAttachment() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; $options['main']['fileupload'] = true; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPasteWithAttachment(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -494,11 +462,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateBrokenAttachmentUpload() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; $options['main']['fileupload'] = true; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPasteWithAttachment(); unset($_POST['attachment']); @@ -520,7 +486,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateTooSoon() { - $this->reset(); $_POST = Helper::getPaste(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; @@ -543,10 +508,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateValidNick() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getPaste(); $_POST['nickname'] = Helper::getComment()['meta']['nickname']; @@ -573,10 +536,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateInvalidNick() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getCommentPost(); $_POST['pasteid'] = Helper::getPasteId(); @@ -600,10 +561,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateComment() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getCommentPost(); $_POST['pasteid'] = Helper::getPasteId(); @@ -626,10 +585,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateInvalidComment() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getCommentPost(); $_POST['pasteid'] = Helper::getPasteId(); @@ -652,10 +609,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateCommentDiscussionDisabled() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getCommentPost(); $_POST['pasteid'] = Helper::getPasteId(); @@ -679,10 +634,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateCommentInvalidPaste() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $_POST = Helper::getCommentPost(); $_POST['pasteid'] = Helper::getPasteId(); @@ -704,10 +657,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testCreateDuplicateComment() { - $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; - Helper::confBackup(); Helper::createIniFile(CONF, $options); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); $this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment()); @@ -732,7 +683,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testRead() { - $this->reset(); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); ob_start(); @@ -753,7 +703,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testReadInvalidId() { - $this->reset(); $_SERVER['QUERY_STRING'] = 'foo'; ob_start(); new PrivateBin; @@ -771,7 +720,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testReadNonexisting() { - $this->reset(); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); ob_start(); new PrivateBin; @@ -789,7 +737,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testReadExpired() { - $this->reset(); $expiredPaste = Helper::getPaste(array('expire_date' => 1344803344)); $this->_model->create(Helper::getPasteId(), $expiredPaste); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); @@ -809,7 +756,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testReadBurn() { - $this->reset(); $burnPaste = Helper::getPaste(array('burnafterreading' => true)); $this->_model->create(Helper::getPasteId(), $burnPaste); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); @@ -832,7 +778,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testReadJson() { - $this->reset(); $paste = Helper::getPaste(); $this->_model->create(Helper::getPasteId(), $paste); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); @@ -858,7 +803,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testReadInvalidJson() { - $this->reset(); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; ob_start(); @@ -874,7 +818,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testReadOldSyntax() { - $this->reset(); $oldPaste = Helper::getPaste(); $meta = array( 'syntaxcoloring' => true, @@ -903,7 +846,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testReadOldFormat() { - $this->reset(); $oldPaste = Helper::getPaste(); unset($oldPaste['meta']['formatter']); $this->_model->create(Helper::getPasteId(), $oldPaste); @@ -928,7 +870,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testDelete() { - $this->reset(); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); $paste = $this->_model->read(Helper::getPasteId()); @@ -951,7 +892,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testDeleteInvalidId() { - $this->reset(); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); $_GET['pasteid'] = 'foo'; $_GET['deletetoken'] = 'bar'; @@ -972,7 +912,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testDeleteInexistantId() { - $this->reset(); $_GET['pasteid'] = Helper::getPasteId(); $_GET['deletetoken'] = 'bar'; ob_start(); @@ -991,7 +930,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testDeleteInvalidToken() { - $this->reset(); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); $_GET['pasteid'] = Helper::getPasteId(); $_GET['deletetoken'] = 'bar'; @@ -1012,7 +950,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testDeleteBurnAfterReading() { - $this->reset(); $burnPaste = Helper::getPaste(array('burnafterreading' => true)); $this->_model->create(Helper::getPasteId(), $burnPaste); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); @@ -1034,7 +971,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testDeleteInvalidBurnAfterReading() { - $this->reset(); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); $_POST['deletetoken'] = 'burnafterreading'; @@ -1055,7 +991,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testDeleteExpired() { - $this->reset(); $expiredPaste = Helper::getPaste(array('expire_date' => 1000)); $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exist before being created'); $this->_model->create(Helper::getPasteId(), $expiredPaste); @@ -1079,7 +1014,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase */ public function testDeleteMissingPerPasteSalt() { - $this->reset(); $paste = Helper::getPaste(); unset($paste['meta']['salt']); $this->_model->create(Helper::getPasteId(), $paste); diff --git a/tst/PrivateBinWithDbTest.php b/tst/PrivateBinWithDbTest.php index 2ed3846..a6ec2e0 100644 --- a/tst/PrivateBinWithDbTest.php +++ b/tst/PrivateBinWithDbTest.php @@ -23,7 +23,6 @@ class PrivateBinWithDbTest extends PrivateBinTest if (!is_dir($this->_path)) { mkdir($this->_path); } - ServerSalt::setPath($this->_path); $this->_options['dsn'] = 'sqlite:' . $this->_path . DIRECTORY_SEPARATOR . 'tst.sq3'; $this->_model = Database::getInstance($this->_options); $this->reset(); @@ -37,10 +36,7 @@ class PrivateBinWithDbTest extends PrivateBinTest $options['model'] = array( 'class' => 'Database', ); - $options['purge']['dir'] = $this->_path; - $options['traffic']['dir'] = $this->_path; $options['model_options'] = $this->_options; - Helper::confBackup(); Helper::createIniFile(CONF, $options); } }