summaryrefslogtreecommitdiffstats
path: root/modules/php/php.test
blob: 84ddb6c554c6f8e58c794aa7d79e0eee0206ddc8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<?php
// $Id$

/**
 * Base PHP test case class.
 */
class PHPTestCase extends DrupalWebTestCase {
  function setUp() {
    parent::setUp('php');

    // Create and login admin user.
    $admin_user = $this->drupalCreateUser(array('administer filters'));
    $this->drupalLogin($admin_user);

    // Confirm that the PHP filter is #3.
    $this->drupalGet('admin/settings/filter/3');
    $this->assertText('PHP code', t('On PHP code filter page.'));
  }

  /**
   * Create a test node with PHP code in the body.
   *
   * @param stdObject User object to create node for.
   * @return stdObject Node object.
   */
  function createNodeWithCode($user) {
    $node = $this->drupalCreateNode(array('uid' => $user->uid));
    $edit = array();
    $edit['body'] = '<?php print "SimpleTest PHP was executed!"; ?>';
    $this->drupalPost('node/' . $node->nid . '/edit', $edit, t('Save'));
    $this->assertRaw(t('Page %title has been updated.', array('%title' => $node->title)), t('PHP code inserted into node.'));
    return $node;
  }
}

/**
 * Tests to make sure the PHP filter actually evaluates PHP code when used.
 */
class PHPFilterTestCase extends PHPTestCase {
  function getInfo() {
    return array(
      'name' => t('PHP filter functionality'),
      'description' => t('Make sure that PHP filter properly evaluates PHP code when enabled.'),
      'group' => t('PHP'),
    );
  }

  /**
   * Make sure that the PHP filter evaluates PHP code when used.
   */
  function testPHPFilter() {
    // Setup PHP filter.
    $edit = array();
    $edit['roles[2]'] = TRUE; // Set authenticated users to have permission to use filter.
    $this->drupalPost(NULL, $edit, 'Save configuration');
    $this->assertText(t('The text format settings have been updated.'), t('PHP format available to authenticated users.'));

    // Create node with PHP filter enabled.
    $web_user = $this->drupalCreateUser(array('access content', 'create page content', 'edit own page content'));
    $this->drupalLogin($web_user);

    $node = $this->createNodeWithCode($web_user);

    // Make sure that the PHP code shows up as text.
    $this->assertText('print', t('PHP code is displayed.'));

    // Change filter to PHP filter and see that PHP code is evaluated.
    $edit = array();
    $edit['body_format'] = 3;
    $this->drupalPost('node/' . $node->nid . '/edit', $edit, t('Save'));
    $this->assertRaw(t('Page %title has been updated.', array('%title' => $node->title)), t('PHP code filter turned on.'));

    // Make sure that the PHP code shows up as text.
    $this->assertNoText('print', t('PHP code isn\'t displayed.'));
    $this->assertText('SimpleTest PHP was executed!', t('PHP code has been evaluated.'));
  }
}

/**
 * Tests to make sure access to the PHP filter is properly restricted.
 */
class PHPAccessTestCase extends PHPTestCase {
  function getInfo() {
    return array(
      'name' => t('PHP filter access check'),
      'description' => t('Make sure that users who don\'t have access to the PHP filter can\'t see it.'),
      'group' => t('PHP'),
    );
  }

  /**
   * Make sure that user can't use the PHP filter when not given access.
   */
  function testNoPrivileges() {
    // Create node with PHP filter enabled.
    $web_user = $this->drupalCreateUser(array('access content', 'create page content', 'edit own page content'));
    $this->drupalLogin($web_user);

    $node = $this->createNodeWithCode($web_user);

    // Make sure that the PHP code shows up as text.
    $this->assertText('print', t('PHP code is displayed.'));

    // Make sure that user doesn't have access to filter.
    $this->drupalGet('node/' . $node->nid . '/edit');
    $this->assertNoFieldByName('body_format', '3', t('Format not available.'));
  }
}