makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-21 10:48:59 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'develop-ascraeus' into develop

Browse source 
* develop-ascraeus:
  [ticket/10851] Request index instead of logging in and out in tests
  [ticket/10851] Add unit and functional tests for checking attachments
  [ticket/10851] Set disallowed content to empty array if checking is disabled
This commit is contained in:
Joas Schilling 2014-04-05 10:06:29 +02:00
commit 0e56ca42a8
4 changed files with 38 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
phpBB/includes/functions_posting.php
View file

@ -415,6 +415,10 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
{ {
$upload->set_disallowed_content(explode('|', $config['mime_triggers'])); $upload->set_disallowed_content(explode('|', $config['mime_triggers']));
} }
else if (!$config['check_attachment_content'])
{
$upload->set_disallowed_content(array());
}
$filedata['post_attach'] = $local || $upload->is_valid($form_name); $filedata['post_attach'] = $local || $upload->is_valid($form_name);

32
tests/functional/fileupload_form_test.php
View file

@ -76,6 +76,38 @@ class phpbb_functional_fileupload_form_test extends phpbb_functional_test_case
$this->assertEquals($this->lang('DISALLOWED_EXTENSION', 'bif'), $crawler->filter('p.error')->text()); $this->assertEquals($this->lang('DISALLOWED_EXTENSION', 'bif'), $crawler->filter('p.error')->text());
} }
public function test_disallowed_content()
{
$this->login();
$crawler = $this->upload_file('disallowed.jpg', 'image/jpeg');
$this->assertEquals($this->lang('DISALLOWED_CONTENT'), $crawler->filter('p.error')->text());
}
public function test_disallowed_content_no_check()
{
$this->login();
$this->admin_login();
$this->add_lang('ucp');
$crawler = self::request('GET', 'adm/index.php?sid=' . $this->sid . '&i=acp_attachments&mode=attach');
$form = $crawler->selectButton('Submit')->form();
$values = $form->getValues();
$values["config[check_attachment_content]"] = 0;
$form->setValues($values);
$crawler = self::submit($form);
// Request index for correct URL
$crawler = self::request('GET', 'index.php?sid=' . $this->sid);
$crawler = $this->upload_file('disallowed.jpg', 'image/jpeg');
// Hitting the UNABLE_GET_IMAGE_SIZE error means we passed the
// DISALLOWED_CONTENT check
$this->assertEquals($this->lang('UNABLE_GET_IMAGE_SIZE'), $crawler->filter('p.error')->text());
}
public function test_too_large() public function test_too_large()
{ {
$this->create_user('fileupload'); $this->create_user('fileupload');

BIN
tests/functional/fixtures/files/disallowed.jpg Normal file
View file

Binary file not shown.

2
tests/upload/filespec_test.php
View file

@ -143,6 +143,8 @@ class phpbb_filespec_test extends phpbb_test_case
$disallowed_content = explode('|', $this->config['mime_triggers']); $disallowed_content = explode('|', $this->config['mime_triggers']);
$filespec = $this->get_filespec(array('tmp_name' => $this->path . $filename)); $filespec = $this->get_filespec(array('tmp_name' => $this->path . $filename));
$this->assertEquals($expected, $filespec->check_content($disallowed_content)); $this->assertEquals($expected, $filespec->check_content($disallowed_content));
// All files should pass if $disallowed_content is empty
$this->assertEquals(true, $filespec->check_content(array()));
} }
public function clean_filename_variables() public function clean_filename_variables()