[ticket/security/244] Add missing form parameters to tests

SECURITY-244
2025-06-07 20:08:53 +00:00 · 2019-07-21 16:03:19 +02:00 · 2019-07-21 16:03:19 +02:00 · 59f489c01f
commit 59f489c01f
parent 6c8d006336
3 changed files with 55 additions and 19 deletions
--- a/tests/functional/fileupload_form_test.php
+++ b/tests/functional/fileupload_form_test.php
@ -46,6 +46,13 @@ class phpbb_functional_fileupload_form_test extends phpbb_functional_test_case

 	private function upload_file($filename, $mimetype)
 	{
+		$crawler = self::$client->request(
+			'GET',
+			'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid
+		);
+
+		$file_form_data = array_merge(['add_file' => $this->lang('ADD_FILE')], $this->get_hidden_fields($crawler, 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid));
+
 		$file = array(
 			'tmp_name' => $this->path . $filename,
 			'name' => $filename,
@ -57,7 +64,7 @@ class phpbb_functional_fileupload_form_test extends phpbb_functional_test_case
 		$crawler = self::$client->request(
 			'POST',
 			'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid,
-			array('add_file' => $this->lang('ADD_FILE')),
+			$file_form_data,
 			array('fileupload' => $file)
 		);

--- a/tests/functional/plupload_test.php
+++ b/tests/functional/plupload_test.php
@ -76,6 +76,10 @@ class phpbb_functional_plupload_test extends phpbb_functional_test_case
 		$chunk_size = ceil(filesize($this->path . 'valid.jpg') / self::CHUNKS);
 		$handle = fopen($this->path . 'valid.jpg', 'rb');

+		$crawler = self::$client->request('POST', $url . '&sid=' . $this->sid);
+
+		$file_form_data = $this->get_hidden_fields($crawler, $url);
+
 		for ($i = 0; $i < self::CHUNKS; $i++)
 		{
 			$chunk = fread($handle, $chunk_size);
@ -94,13 +98,13 @@ class phpbb_functional_plupload_test extends phpbb_functional_test_case
 			$crawler = self::$client->request(
 				'POST',
 				$url . '&sid=' . $this->sid,
-				array(
+				array_merge(array(
 					'chunk' => $i,
 					'chunks' => self::CHUNKS,
 					'name' => md5('valid') . '.jpg',
 					'real_filename' => 'valid.jpg',
 					'add_file' => $this->lang('ADD_FILE'),
-				),
+				), $file_form_data),
 				array('fileupload' => $file),
 				array('X-PHPBB-USING-PLUPLOAD' => '1')
 			);
@ -134,17 +138,19 @@ class phpbb_functional_plupload_test extends phpbb_functional_test_case
 			'error' => UPLOAD_ERR_OK,
 		);

+		$file_form_data = $this->get_hidden_fields(null, $url);
+
 		self::$client->setServerParameter('HTTP_X_PHPBB_USING_PLUPLOAD', '1');
 		self::$client->request(
 			'POST',
 			$url . '&sid=' . $this->sid,
-			array(
+			array_merge(array(
 				'chunk' => '0',
 				'chunks' => '1',
 				'name' => md5('valid') . '.jpg',
 				'real_filename' => 'valid.jpg',
 				'add_file' => $this->lang('ADD_FILE'),
-			),
+			), $file_form_data),
 			array('fileupload' => $file)
 		);

--- a/tests/test_framework/phpbb_functional_test_case.php
+++ b/tests/test_framework/phpbb_functional_test_case.php
@ -1166,24 +1166,14 @@ class phpbb_functional_test_case extends phpbb_test_case
 					'error'		=> UPLOAD_ERR_OK,
 				);

-				$crawler = self::$client->request('POST', $posting_url, array('add_file' => $this->lang('ADD_FILE')), array('fileupload' => $file));
+				$file_form_data = array_merge(['add_file' => $this->lang('ADD_FILE')], $this->get_hidden_fields($crawler, $posting_url));
+
+				$crawler = self::$client->request('POST', $posting_url, $file_form_data, array('fileupload' => $file));
 			}
 			unset($form_data['upload_files']);
 		}

-		$hidden_fields = array(
-			$crawler->filter('[type="hidden"]')->each(function ($node, $i) {
-				return array('name' => $node->attr('name'), 'value' => $node->attr('value'));
-			}),
-		);
-
-		foreach ($hidden_fields as $fields)
-		{
-			foreach($fields as $field)
-			{
-				$form_data[$field['name']] = $field['value'];
-			}
-		}
+		$form_data = array_merge($form_data, $this->get_hidden_fields($crawler, $posting_url));

 		// I use a request because the form submission method does not allow you to send data that is not
 		// contained in one of the actual form fields that the browser sees (i.e. it ignores "hidden" inputs)
@ -1314,4 +1304,37 @@ class phpbb_functional_test_case extends phpbb_test_case

 		return self::request('GET', substr($link, strpos($link, 'mcp.')));
 	}
+
+	/**
+	 * Get hidden fields for URL
+	 *
+	 * @param Symfony\Component\DomCrawler\Crawler|null $crawler Crawler instance or null
+	 * @param string $url Request URL
+	 *
+	 * @return array Hidden form fields array
+	 */
+	protected function get_hidden_fields($crawler, $url)
+	{
+		if (!$crawler)
+		{
+			$crawler = self::$client->request('GET', $url);
+		}
+		$hidden_fields = [
+			$crawler->filter('[type="hidden"]')->each(function ($node, $i) {
+				return ['name' => $node->attr('name'), 'value' => $node->attr('value')];
+			}),
+		];
+
+		$file_form_data = [];
+
+		foreach ($hidden_fields as $fields)
+		{
+			foreach($fields as $field)
+			{
+				$file_form_data[$field['name']] = $field['value'];
+			}
+		}
+
+		return $file_form_data;
+	}
 }