makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-10 13:28:55 +00:00
Code Issues Projects Releases Packages Wiki Activity
phpbb/tests/security/trailing_path_test.php
Marc Alexander 7495055907 [ticket/13549] Do not exit when ORIG_PATH_INFO just contains SCRIPT_NAME. 
The ORIG_PATH_INFO on IIS also contains the script name. Only use that
for killing the script after removing the script name from ORIG_PATH_INFO.

PHPBB3-13549
2015-01-28 22:07:16 +01:00

60 lines
2.2 KiB
PHP
Raw Blame History

<?php
/**
*
* @package testing
* @copyright (c) 2011 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/
require_once dirname(__FILE__) . '/../../phpBB/includes/startup.php';
class phpbb_security_trailing_path_test extends phpbb_test_case
{
public function data_has_trailing_path()
{
return array(
array(false, '', '', ''),
array(true, '/', '', ''),
array(true, '/foo', '', ''),
array(true, '', '/foo', ''),
array(true, '/foo', '/foo', ''),
array(false, '', '', '/'),
array(false, '', '', '/?/x.php/'),
array(false, '', '', '/index.php'),
array(false, '', '', '/dir.phpisfunny/foo.php'),
array(true, '', '', '/index.php/foo.php'),
array(false, '', '', '/phpBB/viewtopic.php?f=3&amp;t=5'),
array(false, '', '', '/phpBB/viewtopic.php?f=3&amp;t=5/'),
array(false, '', '', '/phpBB/viewtopic.php?f=3&amp;t=5/foo'),
array(true, '/foo', '/foo', '/phpBB/viewtopic.php?f=3&amp;t=5/foo'),
array(false, '', '', '/projects/php.bb/phpBB/viewtopic.php?f=3&amp;t=5/'),
array(false, '', '', '/projects/php.bb/phpBB/viewtopic.php?f=3&amp;t=5'),
array(false, '', '', '/projects/php.bb/phpBB/viewtopic.php?f=3&amp;t=5/foo.php/'),
array(false, '', '', '/projects/php.bb/phpBB/index.php'),
array(true, '', '', '/projects/php.bb/phpBB/index.php/'),
array(true, '', '', '/phpBB/index.php/?foo/a'),
array(true, '', '', '/projects/php.bb/phpBB/index.php/?a=5'),
array(false, '', '', '/projects/php.bb/phpBB/index.php?/a=5'),
array(false, '', '/phpBB/index.php', '/phpBB/index.php', '/phpBB/index.php'),
array(true, '', '/phpBB/index.php', '/phpBB/index.php'),
array(true, '', '/phpBB/index.php/', '/phpBB/index.php/', '/phpBB/index.php'),
array(true, '', '/phpBB/index.php/', '/phpBB/index.php/'),
);
}
/**
* @dataProvider data_has_trailing_path
*/
public function test_has_trailing_path($expected, $path_info, $orig_path_info, $request_uri, $script_name = '')
{
global $phpEx;
$_SERVER['PATH_INFO'] = $path_info;
$_SERVER['ORIG_PATH_INFO'] = $orig_path_info;
$_SERVER['REQUEST_URI'] = $request_uri;
$_SERVER['SCRIPT_NAME'] = $script_name;
$this->assertSame($expected, phpbb_has_trailing_path($phpEx));
}
}
Reference in a new issue View git blame Copy permalink