You are here

function CoderReviewSecurityTest::testSecurityConfirmForm in Coder 7

Same name and namespace in other branches
  1. 7.2 coder_review/tests/coder_review_security.test \CoderReviewSecurityTest::testSecurityConfirmForm()

File

coder_review/tests/coder_review_security.test, line 155

Class

CoderReviewSecurityTest

Code

function testSecurityConfirmForm() {
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some safe_question"), $path);');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some @safe_question", array("@safe_question" => $tainted_question), $path);');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some %safe_question", array("%safe_question" => $tainted_question), $path);');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some @safe_question", $safe_question_array), $path);');
  $this
    ->assertCoderReviewPass('  confirm_form($form, check_plain($tainted_question), $path);');
  $this
    ->assertCoderReviewPass('  confirm_form($form, filter_xss_admin($tainted_question), $path);');
  $this
    ->assertCoderReviewPass('  confirm_form($form, format_plural($tainted_count, "1 item", "@count items"), $path);');
  $this
    ->assertCoderReviewPass('  confirm_form($form, check_markup($tainted_question), $path);');
  $this
    ->assertCoderReviewPass("  function abc() {\n \$tainted_question = check_plain('mystring');\n  confirm_form(\$form, \$tainted_question, \$path);\n}");
  $this
    ->assertCoderReviewFail("  function abc() {\n confirm_form(\$form, \$tainted_question, \$path);\n}");
  $this
    ->assertCoderReviewFail('  confirm_form($form, t($tainted_question), $path);');
  $this
    ->assertCoderReviewFail('  confirm_form($form, "Here is some ". $tainted_question, $path);');
  $this
    ->assertCoderReviewFail('  confirm_form($form, "Here is some $tainted_question", $path);');
  $this
    ->assertCoderReviewFail('  confirm_form($form, t("Here is some ". $tainted_question), $path);');
  $this
    ->assertCoderReviewFail('  confirm_form($form, t("Here is some !tainted_question", array("!tainted_question" => $tainted_question), $path);');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some safe_question"), $path, t("safe_description"));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some safe_question"), $path, t("some @safe_desc", array("@safe_desc" => $tainted_desc)));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some safe_question"), $path, t("safe_description"), t("safe_yes"));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some safe_question"), $path, t("some @safe_desc", array("@safe_desc" => $tainted_desc)), t("safe_yes"));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some safe_question"), $path, t("safe_description"), t("safe_yes"), t("safe_no"));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some safe_question"), $path, t("some @safe_desc", array("@safe_desc" => $tainted_desc)), t("safe_yes"), t("safe_no"));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some safe_question"), $path, check_plain($tainted_desc"));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some safe_question"), $path, t("safe_description"), check_plain($tainted_yes));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, t("Here is some safe_question"), $path, t("safe_description"), t("safe_yes"), check_plain($tainted_no));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, check_plain($tainted_question), $path, check_plain($tainted_desc), check_plain($tainted_yes), check_plain($tainted_no));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, check_plain($tainted_question), $path, filter_xss_admin($tainted_desc));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, check_plain($tainted_question), $path, check_markup($tainted_desc));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, check_plain($tainted_question), $path, format_plural($tainted_count, "1 item", "@count items"));');
  $this
    ->assertCoderReviewPass('  confirm_form($form, format_plural($tainted_count, "1 item", "@count items"), $path, format_plural($tainted_desc, "1 item", "@count items"));');
  $this
    ->assertCoderReviewPass("  function abc() {\n \$tainted_q = check_plain('abc');\n  \$tainted_desc = check_plain('string');\n  confirm_form(\$form, \$tainted_q, \$path, \$tainted_desc);\n}");
  $this
    ->assertCoderReviewPass("  function abc() {\n \$tainted_desc = check_plain('mystring');\n  confirm_form(\$form, check_plain(\$tainted_question), \$path, \$tainted_desc);\n}");
  $this
    ->assertCoderReviewFail("  function abc() {\n confirm_form(\$form, check_plain(\$tainted_question), \$path, \$tainted_desc);\n}");
  $this
    ->assertCoderReviewFail("  function abc() {\n confirm_form(\$form, check_plain(\$tainted_question), \$path, t(\$tainted_desc));\n}");
  $this
    ->assertCoderReviewFail("  function abc() {\n confirm_form(\$form, check_plain(\$tainted_question), \$path, check_plain(\$tainted_desc), t(\$yes));\n}");
  $this
    ->assertCoderReviewFail('  confirm_form($form, check_plain($tainted_question), $path, check_plain($tainted_desc), $yes);');
  $this
    ->assertCoderReviewFail('  confirm_form($form, check_plain($tainted_question), $path, check_plain($tainted_desc), check_plain($yes), $no);');
  $this
    ->assertCoderReviewFail('  confirm_form($form, check_plain($tainted_question), $path, "Here is some ". $tainted_desc);');
  $this
    ->assertCoderReviewFail('  confirm_form($form, check_plain($tainted_question), $path, "Here is some $tainted_desc");');
  $this
    ->assertCoderReviewFail('  confirm_form($form, check_plain($tainted_question), $path, check_plain($tainted_desc), "Tainted " . $yes);');
  $this
    ->assertCoderReviewFail('  confirm_form($form, check_plain($tainted_question), $path, check_plain($tainted_desc), "Tainted $yes");');
  $this
    ->assertCoderReviewFail('  confirm_form($form, check_plain($tainted_question), $path, t("Here is some ". $tainted_desc));');
  $this
    ->assertCoderReviewFail('  confirm_form($form, check_plain($tainted_question), $path, t("Here is some !tainted_desc", array("!tainted_desc" =>  $tainted_desc)));');
}