1 | <?php |
---|
2 | /* |
---|
3 | * This file is part of EC-CUBE |
---|
4 | * |
---|
5 | * Copyright(c) 2000-2014 LOCKON CO.,LTD. All Rights Reserved. |
---|
6 | * |
---|
7 | * http://www.lockon.co.jp/ |
---|
8 | * |
---|
9 | * This program is free software; you can redistribute it and/or |
---|
10 | * modify it under the terms of the GNU General Public License |
---|
11 | * as published by the Free Software Foundation; either version 2 |
---|
12 | * of the License, or (at your option) any later version. |
---|
13 | * |
---|
14 | * This program is distributed in the hope that it will be useful, |
---|
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
17 | * GNU General Public License for more details. |
---|
18 | * |
---|
19 | * You should have received a copy of the GNU General Public License |
---|
20 | * along with this program; if not, write to the Free Software |
---|
21 | * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
---|
22 | */ |
---|
23 | |
---|
24 | $HOME = realpath(dirname(__FILE__)) . "/../../.."; |
---|
25 | require_once($HOME . "/tests/class/Common_TestCase.php"); |
---|
26 | |
---|
27 | class SC_CheckError_HTML_TAG_CHECKTest extends Common_TestCase |
---|
28 | { |
---|
29 | |
---|
30 | protected function setUp() |
---|
31 | { |
---|
32 | parent::setUp(); |
---|
33 | $masterData = new SC_DB_MasterData_Ex(); |
---|
34 | $this->arrAllowedTag = $masterData->getMasterData('mtb_allowed_tag'); |
---|
35 | $this->target_func = 'HTML_TAG_CHECK'; |
---|
36 | } |
---|
37 | |
---|
38 | protected function tearDown() |
---|
39 | { |
---|
40 | parent::tearDown(); |
---|
41 | } |
---|
42 | |
---|
43 | ///////////////////////////////////////// |
---|
44 | |
---|
45 | public function testHTML_TAG_CHECK_許可されていないhtmlタグが含まれる場合_エラー() |
---|
46 | { |
---|
47 | $not_allowed_tag = 'script'; |
---|
48 | |
---|
49 | // 許可するタグリストに含まれていれば削除しておく |
---|
50 | if ($key = array_search($not_allowed_tag, $this->arrAllowedTag)) { |
---|
51 | unset($this->arrAllowedTag[$key]); |
---|
52 | } |
---|
53 | |
---|
54 | $disp_name = $this->target_func; |
---|
55 | $arrForm = array( |
---|
56 | 'form' => "<{$not_allowed_tag}>not allowed</{$not_allowed_tag}>", |
---|
57 | ); |
---|
58 | $objErr = new SC_CheckError_Ex($arrForm); |
---|
59 | $objErr->doFunc(array($disp_name, 'form', $this->arrAllowedTag), |
---|
60 | array($this->target_func)); |
---|
61 | |
---|
62 | $this->expected = sprintf( |
---|
63 | '※ %sに許可されていないタグ [%s], [%s] が含まれています。<br />', |
---|
64 | $disp_name, $not_allowed_tag, $not_allowed_tag); |
---|
65 | $this->actual = $objErr->arrErr['form']; |
---|
66 | $this->verify(''); |
---|
67 | } |
---|
68 | |
---|
69 | public function testHTML_TAG_CHECK_許可されているhtmlタグが含まれる場合_エラーではない() |
---|
70 | { |
---|
71 | $allowed_tag = 'p'; |
---|
72 | |
---|
73 | // 許可するタグリストに含まれていなければ追加しておく |
---|
74 | if (!in_array($allowed_tag, $this->arrAllowedTag)) { |
---|
75 | $this->arrAllowedTag[] = $allowed_tag; |
---|
76 | } |
---|
77 | |
---|
78 | $disp_name = $this->target_func; |
---|
79 | $arrForm = array( |
---|
80 | 'form' => "<{$allowed_tag}>allowed</{$allowed_tag}>", |
---|
81 | ); |
---|
82 | $objErr = new SC_CheckError_Ex($arrForm); |
---|
83 | $objErr->doFunc(array($disp_name, 'form', $this->arrAllowedTag), |
---|
84 | array($this->target_func)); |
---|
85 | |
---|
86 | $this->expected = ''; |
---|
87 | $this->actual = $objErr->arrErr['form']; |
---|
88 | $this->verify(''); |
---|
89 | } |
---|
90 | |
---|
91 | public function testHTML_TAG_CHECK_htmlタグが含まれない場合_エラーではない() |
---|
92 | { |
---|
93 | $disp_name = $this->target_func; |
---|
94 | $arrForm = array('form' => 'htmlタグを含まないテスト文章。'); |
---|
95 | $objErr = new SC_CheckError_Ex($arrForm); |
---|
96 | $objErr->doFunc(array($disp_name, 'form', $this->arrAllowedTag), |
---|
97 | array($this->target_func)); |
---|
98 | |
---|
99 | $this->expected = ''; |
---|
100 | $this->actual = $objErr->arrErr['form']; |
---|
101 | $this->verify(''); |
---|
102 | } |
---|
103 | } |
---|