You are here

public function RequestSanitizerTest::requestSanitizationTest in Drupal 7

Tests RequestSanitizer class.

Parameters

\SanitizerTestRequest $request: The request to sanitize.

array $expected: An array of expected request parameters after sanitization.

array|null $expected_errors: An array of expected errors. If set to NULL then error logging is disabled.

array $whitelist: An array of keys to whitelist and not sanitize.

string $label: A descriptive name for each test / group of assertions.

Throws

\ReflectionException

1 call to RequestSanitizerTest::requestSanitizationTest()
RequestSanitizerTest::testRequestSanitization in modules/simpletest/tests/request_sanitizer.test
Iterate through all the RequestSanitizerTests.

File

modules/simpletest/tests/request_sanitizer.test, line 74
Tests for the RequestSanitizer class.

Class

RequestSanitizerTest
Tests DrupalRequestSanitizer class.

Code

public function requestSanitizationTest(SanitizerTestRequest $request, array $expected = array(), array $expected_errors = NULL, array $whitelist = array(), $label = NULL) {

  // Set up globals.
  $_GET = $request
    ->getQuery();
  $_POST = $request
    ->getRequest();
  $_COOKIE = $request
    ->getCookies();
  $_REQUEST = array_merge($request
    ->getQuery(), $request
    ->getRequest());
  $GLOBALS['conf']['sanitize_input_whitelist'] = $whitelist;
  $GLOBALS['conf']['sanitize_input_logging'] = is_null($expected_errors) ? FALSE : TRUE;
  if ($label !== 'already sanitized request') {
    $reflection = new \ReflectionProperty('DrupalRequestSanitizer', 'sanitized');
    $reflection
      ->setAccessible(TRUE);
    $reflection
      ->setValue(NULL, FALSE);
  }
  DrupalRequestSanitizer::sanitize();
  if (isset($_GET['destination'])) {
    DrupalRequestSanitizer::cleanDestination();
  }

  // Normalise the expected data.
  $expected += array(
    'cookies' => array(),
    'query' => array(),
    'request' => array(),
  );

  // Test PHP globals.
  $this
    ->assertEqualLabelled($expected['cookies'], $_COOKIE, NULL, 'Other', $label . ' (COOKIE)');
  $this
    ->assertEqualLabelled($expected['query'], $_GET, NULL, 'Other', $label . ' (GET)');
  $this
    ->assertEqualLabelled($expected['request'], $_POST, NULL, 'Other', $label . ' (POST)');
  $expected_request = array_merge($expected['query'], $expected['request']);
  $this
    ->assertEqualLabelled($expected_request, $_REQUEST, NULL, 'Other', $label . ' (REQUEST)');

  // Ensure any expected errors have been triggered.
  if (!empty($expected_errors)) {
    foreach ($expected_errors as $expected_error) {
      $this
        ->assertError($expected_error, E_USER_NOTICE, $label . ' (errors)');
    }
  }
  else {
    $this
      ->assertEqualLabelled(array(), $this->errors, NULL, 'Other', $label . ' (errors)');
  }
}