You are here

function CoderReviewSecurityTest::testSecurityFAPIMarkupValue in Coder 7

Same name and namespace in other branches
  1. 7.2 coder_review/tests/coder_review_security.test \CoderReviewSecurityTest::testSecurityFAPIMarkupValue()

File

coder_review/tests/coder_review_security.test, line 274

Class

CoderReviewSecurityTest

Code

function testSecurityFAPIMarkupValue() {
  $this
    ->assertCoderReviewPass("  function mymodule_function() {\n  \$field = array(\n '#value' => \$value,\n  );\n}");
  $this
    ->assertCoderReviewPass("  function mymodule_form() {\n  \$field = array(\n '#value' => check_plain(\$value),\n  );\n}");
  $this
    ->assertCoderReviewPass("  function mymodule_form() {\n  \$field = array(\n '#value' => \$value,\n  '#type' => 'textfield',\n  );\n}");
  $this
    ->assertCoderReviewPass("  function mymodule_form() {\n  \$value = check_plain(\$value);\n  \$field = array(\n '#value' => \$value,\n  );\n}");
  $this
    ->assertCoderReviewPass("  function mymodule_form() {\n  \$field = array(\n '#value' => t('%value', array('%value' => \$value)),\n  );\n}");
  $this
    ->assertCoderReviewPass("  function mymodule_form() {\n  \$value = check_plain(\$value);\n  \$field = array(\n '#value' => t('!value', array('!value' => \$value)),\n  );\n}");
  $this
    ->assertCoderReviewFail("  function mymodule_form() {\n  \$field = array(\n '#value' => \$value,\n  );\n}");
  $this
    ->assertCoderReviewFail("  function mymodule_form_alter() {\n  \$field = array(\n '#value' => \$value,\n  );\n}");
  $this
    ->assertCoderReviewFail("  function mymodule_form() {\n  \$field = array(\n '#value' => \$value,\n  '#type' => 'markup',\n  );\n}");
  $this
    ->assertCoderReviewFail("  function mymodule_form() {\n  \$field = array(\n '#type' => 'markup',\n  '#value' => \$value,\n  );\n}");
  $this
    ->assertCoderReviewFail("  function mymodule_form() {\n  \$field = array(\n '#value' => t('!value', array('!value' => \$value)),\n  );\n}");
}