You are here

Home » API reference » Coder 6.2 » coder_security.test » CoderSecurityTest

function CoderSecurityTest::testSecurityDrupalSetMessage in Coder 6.2

File

tests/coder_security.test, line 56

Class

CoderSecurityTest

Code

function testSecurityDrupalSetMessage() {
  $this
    ->assertCoderPass('  drupal_set_message(t("Here is some safe_data"));');
  $this
    ->assertCoderPass('  drupal_set_message(t("Here is some @safe_data", array("@safe_data" => $tainted_data));');
  $this
    ->assertCoderPass('  drupal_set_message(t("Here is some %safe_data", array("%safe_data" => $tainted_data));');
  $this
    ->assertCoderPass('  drupal_set_message(t("Here is some @safe_data", $safe_data_array));');
  $this
    ->assertCoderPass('  drupal_set_message(check_plain($tainted_data));');
  $this
    ->assertCoderPass('  drupal_set_message(filter_xss_admin($tainted_data));');
  $this
    ->assertCoderPass('  drupal_set_message(format_plural($tainted_count, "1 item", "@count items"));');
  $this
    ->assertCoderPass('  drupal_set_message(check_markup($tainted_data));');
  $this
    ->assertCoderPass("  function abc() {\n \$tainted_data = check_plain('mystring');\n  drupal_set_message(\$tainted_data);\n}");
  $this
    ->assertCoderFail("  function abc() {\n drupal_set_message(\$tainted_data);\n}");
  $this
    ->assertCoderFail('  drupal_set_message(t($tainted_data));');
  $this
    ->assertCoderFail('  drupal_set_message("Here is some ". $tainted_data);');
  $this
    ->assertCoderFail('  drupal_set_message("Here is some $tainted_data");');
  $this
    ->assertCoderFail('  drupal_set_message(t("Here is some ". $tainted_data));');
  $this
    ->assertCoderFail('  drupal_set_message(t("Here is some !tainted_data", array("!tainted_data" => $tainted_data)));');
}