makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-29 06:38:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/13138] Fix the session key tests

Browse source 
PHPBB3-13138
This commit is contained in:
Joas Schilling 2014-10-17 14:50:14 +02:00
parent 55b97ffc27
commit f847a1a567
1 changed files with 13 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
tests/session/session_key_test.php
View file

@ -11,6 +11,7 @@
*
*/
require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';
class phpbb_session_login_keys_test extends phpbb_session_test_case
@ -28,13 +29,14 @@ class phpbb_session_login_keys_test extends phpbb_session_test_case
// With AutoLogin setup
$this->session_factory->merge_config_data(array('allow_autologin' => true));
$session = $this->session_factory->get_session($this->db);
// Using a user_id and key that is already in the database
$session->cookie_data['u'] = $this->user_id;
$session->cookie_data['k'] = $this->key_id;
// Try to access session
$session->session_create($this->user_id, false, $this->user_id);
$this->assertEquals($this->user_id, $session->data['user_id'], "session should automatically login");
// Try to access session with the session key
$session->session_create(false, false, false);
$this->assertEquals($this->user_id, $session->data['user_id'], 'User should be logged in by the session key');
}
public function test_reset_keys()
@ -42,14 +44,19 @@ class phpbb_session_login_keys_test extends phpbb_session_test_case
// With AutoLogin setup
$this->session_factory->merge_config_data(array('allow_autologin' => true));
$session = $this->session_factory->get_session($this->db);
// Reset of the keys for this user
$session->reset_login_keys($this->user_id);
// Using a user_id and key that was in the database (before reset)
$session->cookie_data['u'] = $this->user_id;
$session->cookie_data['k'] = $this->key_id;
// Try to access session
$session->session_create($this->user_id, false, $this->user_id);
$this->assertNotEquals($this->user_id, $session->data['user_id'], "session should be cleared");
// Try to access session with the session key
$session->session_create(false, false, $this->user_id);
$this->assertNotEquals($this->user_id, $session->data['user_id'], 'User is not logged in because the session key is invalid');
$session->session_create($this->user_id, false, false);
$this->assertEquals($this->user_id, $session->data['user_id'], 'User should be logged in because we create a new session');
}
}