function CoderReviewSecurityTest::testSecurityPregReplaceEval in Coder 7
Same name and namespace in other branches
- 7.2 coder_review/tests/coder_review_security.test \CoderReviewSecurityTest::testSecurityPregReplaceEval()
File
- coder_review/
tests/ coder_review_security.test, line 203
Class
Code
function testSecurityPregReplaceEval() {
$this
->assertCoderReviewPass(' $txt = preg_replace("@(<a href=(.\\S+?)[^>]*>(.+?)</a>)@mi", "myfunction("\\2", "\\3")", $txt);');
$this
->assertCoderReviewFail(' $txt = preg_replace("@(<a href=(.\\S+?)[^>]*>(.+?)</a>)@emi", "myfunction("\\2", "\\3")", $txt);');
$this
->assertCoderReviewPass(' $txt = preg_replace("/(<link[^>]+href=?|<object[^>]+codebase=?|@import |src=?)?/mis", "myfunction($foo)", $txt);');
$this
->assertCoderReviewFail(' $txt = preg_replace("/(<link[^>]+href=?|<object[^>]+codebase=?|@import |src=?)?/emis", "myfunction($foo)", $txt);');
$this
->assertCoderReviewPass(' $text=preg_replace("/^((> ?)+)([^>])/m", "EMAILDIV". ($oldest - substr_count("$1",">")).":$3", $text);');
$this
->assertCoderReviewFail(' $text=preg_replace("/^((> ?)+)([^>])/me", "EMAILDIV". ($oldest - substr_count("$1",">")).":$3", $text);');
}