forked from ProcessMaker/processmaker
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSanitizeHelperTest.php
More file actions
51 lines (48 loc) · 2.77 KB
/
SanitizeHelperTest.php
File metadata and controls
51 lines (48 loc) · 2.77 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
<?php
namespace ProcessMaker;
use Tests\TestCase;
class SanitizeHelperTest extends TestCase
{
public function testSanitize()
{
$this->assertEquals('test', SanitizeHelper::strip_tags('<p>test</p>'));
$this->assertEquals('image:;', SanitizeHelper::strip_tags('image:<img src="https://example.com/image" />;'));
$this->assertEquals('br:;', SanitizeHelper::strip_tags('br:<br />;'));
$this->assertEquals('br:;', SanitizeHelper::strip_tags('br:<br/>;'));
$this->assertEquals('br:;', SanitizeHelper::strip_tags('br:<br>;'));
// This is not a valid html tag
$this->assertEquals('Monitor <90in', SanitizeHelper::strip_tags('Monitor <90in'));
// ADOA example
$equipment = <<<'EQUIPMENT'
Computer Serial # DE1013356
Monitor (s) CNK51105LD <AF3412-23
Keyboard (s) CNK51105LD <FF0012-23
EQUIPMENT;
$this->assertEquals($equipment, SanitizeHelper::strip_tags($equipment));
// strip_tags tests
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <? cool < blah ?> STUFF'));
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <? cool > blah ?> STUFF'));
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <!-- cool < blah --> STUFF'));
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <!-- cool > blah --> STUFF'));
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <? echo \"\\\"\"?> STUFF'));
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <? echo \'\\\'\'?> STUFF'));
$this->assertEquals('TESTS ?!!?!?!!!?!!', SanitizeHelper::strip_tags('TESTS ?!!?!?!!!?!!'));
// test including car returns
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <? cool
< blah ?> STUFF'));
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <? cool
> blah ?> STUFF'));
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <!-- cool
< blah --> STUFF'));
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <!--
cool > blah
--> STUFF'));
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <?
echo \"\\\"\"
?> STUFF'));
$this->assertEquals('NEAT STUFF', SanitizeHelper::strip_tags('NEAT <?
echo \'\\\'\'
?> STUFF'));
$this->assertEquals('Next is a php code with closing tag > <', SanitizeHelper::strip_tags('Next is a php code with closing tag <test of < character ' . "\n" . '<?php' . "\n" . ' class SanitizeHelper { > } ?>' . "\n" . ' < > > <'));
}
}