function BotchaSessionReuseAttackTestCase::testBotchaSessionReuseAttackDetectionOnNodeForm in BOTCHA Spam Prevention 6
Same name and namespace in other branches
- 7 botcha.test \BotchaSessionReuseAttackTestCase::testBotchaSessionReuseAttackDetectionOnNodeForm()
File
- ./
botcha.test, line 932 - Tests for BOTCHA module.
Class
Code
function testBotchaSessionReuseAttackDetectionOnNodeForm() {
// Set BOTCHA on page form.
botcha_set_form_id_setting('page_node_form', 'test');
// Log in as normal user.
$this
->drupalLogin($this->normal_user);
// Go to node add form.
$this
->drupalGet('node/add/page');
$this
->assertBotchaPresence(TRUE);
// Get form_build_id.
$form_build_id = $this
->getFormBuildIdFromForm();
// Page settings to post, with correct BOTCHA answer.
$edit = $this
->setNodeFormValues();
// Preview the node
$this
->drupalPost(NULL, $edit, t('Preview'));
// Answer should be accepted.
$this
->assertBotchaResponseAccepted();
$this
->assertBotchaPresence(TRUE);
// Post a new node, reusing the previous BOTCHA session.
$edit = $this
->setNodeFormValues();
$edit['form_build_id'] = $form_build_id;
$this
->drupalPost('node/add/page', $edit, t('Preview'));
// BOTCHA session reuse attack should be detected.
$this
->assertBotchaSessionIdReuseAttackDetection();
// There should be a BOTCHA.
$this
->assertBotchaPresence(TRUE);
}