diff --git a/.gitignore b/.gitignore index e0fc452..865915f 100755 --- a/.gitignore +++ b/.gitignore @@ -4,4 +4,5 @@ *.swp /lib/vendor *.lock -/vendor/ \ No newline at end of file +/vendor/ +/phpunit/coverage \ No newline at end of file diff --git a/composer.json b/composer.json index fbf2361..3cd49f7 100644 --- a/composer.json +++ b/composer.json @@ -12,5 +12,16 @@ "phpro/grumphp": "^0.11.5", "jakub-onderka/php-parallel-lint": "^0.9.2", "phpunit/phpunit": "^6.1" + }, + "autoload": { + "psr-4": { + "database\\": "build/database", + "api\\": "build/api", + "error\\": "build/error", + "orm\\": "build/orm", + "http\\": "build/http", + "router\\": "build/router", + "viewer\\": "build/viewer" + } } } diff --git a/phpunit/bootstrap.php b/phpunit/bootstrap.php old mode 100755 new mode 100644 index 5b88d3c..23aa452 --- a/phpunit/bootstrap.php +++ b/phpunit/bootstrap.php @@ -1,11 +1,69 @@ -\[..|{@#))', $depth=1){ + /* (1) On hash @depth fois + ---------------------------------------------------------*/ + $hash = $data; + $c = 0; + + for( $h = 0 ; $h < $depth ; $h++ ){ + $hash = hash('sha512', $salt.hash('sha512', $hash.'_)Q@#((%*_$%(@#') ); + $c++; + } + + + /* (2) On renvoie le résultat + ---------------------------------------------------------*/ + return $hash; + } diff --git a/phpunit/phpunit.xml b/phpunit/phpunit.xml index 81f7b57..df22e01 100755 --- a/phpunit/phpunit.xml +++ b/phpunit/phpunit.xml @@ -1,22 +1,20 @@ - + - - - ./tests/ - - - - ./tests/Error.php - - - - ./tests/sessionManager.php + + + ./tests + + + ../build/ + + + diff --git a/phpunit/tests/Database_check.php b/phpunit/tests/Database_check.php deleted file mode 100755 index a8b4d16..0000000 --- a/phpunit/tests/Database_check.php +++ /dev/null @@ -1,267 +0,0 @@ -assertTrue( \api\core\Checker::run('auto_increment_id', -2147483647) ); - } - public function testAutoIncrementSizeInfStringCorrect(){ - $this->assertTrue( \api\core\Checker::run('auto_increment_id', '-2147483647') ); - } - - - public function testAutoIncrementSizeSupCorrect(){ - $this->assertTrue( \api\core\Checker::run('auto_increment_id', 2147483647) ); - } - public function testAutoIncrementSizeSupStringCorrect(){ - $this->assertTrue( \api\core\Checker::run('auto_increment_id', '2147483647') ); - } - - - - public function testAutoIncrementSizeLtInfIncorrect(){ - $this->assertFalse( \api\core\Checker::run('auto_increment_id', -2147483647-1) ); - } - public function testAutoIncrementSizeLtInfStringIncorrect(){ - $this->assertFalse( \api\core\Checker::run('auto_increment_id', '-2147483648') ); - } - - - - public function testAutoIncrementSizeGtSupIncorrect(){ - $this->assertFalse( \api\core\Checker::run('auto_increment_id', 2147483647+1) ); - } - public function testAutoIncrementSizeGtSupStringIncorrect(){ - $this->assertFalse( \api\core\Checker::run('auto_increment_id', '2147483648') ); - } - - - /* [1] Code RFID - =========================================================*/ - public function testUserCodeSize4(){ - $this->assertTrue( \api\core\Checker::run('user.code', '01-23-AB-CD') ); - } - - public function testUserCodeSize6(){ - $this->assertTrue( \api\core\Checker::run('user.code', '01-23-45-67-89-AB') ); - } - - public function testUserCodeSize4WrongCharacter(){ - $this->assertFalse( \api\core\Checker::run('user.code', '01-23-AB-CG') ); - } - - public function testUserCodeSizeGreaterThan6(){ - $this->assertFalse( \api\core\Checker::run('user.code', '01-23-45-67-89-AB-CD') ); - } - - public function testUserCodeSize6WrongCharacter(){ - $this->assertFalse( \api\core\Checker::run('user.code', '01-23-45-67-89-AG') ); - } - - - - /* [2] user.username ; machine.name ; group.name - =========================================================*/ - /* (1) Type */ - public function testUsernameTypeStringCorrect(){ - $this->assertTrue( \api\core\Checker::run('user.username', '012') ); - } - - public function testUsernameTypeIntIncorrect(){ - $this->assertFalse( \api\core\Checker::run('user.username', 012) ); - } - - /* (2) Content */ - public function testUsernameContentCorrect(){ - $this->assertTrue( \api\core\Checker::run('user.username', '0123456789_-') ); - $this->assertTrue( \api\core\Checker::run('user.username', 'abcdefghijklmnopqrstuvwxyz') ); - $this->assertTrue( \api\core\Checker::run('user.username', 'ABCDEFGHIJKLMNOPQRSTUVWXYZ') ); - } - - public function testUsernameContentIncorrect(){ - $illegal_chars = '{}[]()=+.,\'\\"/:;|!@#$%^&* '; - - foreach(str_split($illegal_chars) as $char) // Teste les caracteres enonces plus haut - $this->assertFalse( \api\core\Checker::run('user.username', 'abc'.$char) ); - } - - /* (3) Size */ - public function testUsernameSize3Correct(){ - $this->assertEquals( 3, strlen('012') ); - $this->assertTrue( \api\core\Checker::run('user.username', '012') ); - } - - public function testUsernameSize30Correct(){ - $this->assertEquals( 30, strlen('0123456789abcdefghijklmno_-sda') ); - $this->assertTrue( \api\core\Checker::run('user.username', '0123456789abcdefghijklmno_-sda') ); - } - - public function testUsernameSizeLt3Incorrect(){ - $this->assertLessThan( 3, strlen('') ); - $this->assertFalse( \api\core\Checker::run('user.username', '') ); - } - - public function testUsernameSizeGt30Incorrect(){ - $this->assertGreaterThan( 30, strlen('0123456789abcdefghijklmno_-sdaa') ); - $this->assertFalse( \api\core\Checker::run('user.username', '0123456789abcdefghijklmno_-sdaa') ); - } - - /* [3] firstname / lastname - =========================================================*/ - /* (1) Type */ - public function testFirstnameTypeStringCorrect(){ - $this->assertTrue( \api\core\Checker::run('user.firstname', 'abc') ); - } - - public function testFirstnameTypeIntIncorrect(){ - $this->assertFalse( \api\core\Checker::run('user.firstname', 01932) ); - } - - /* (2) Content */ - public function testFirstnameContentCorrect(){ - $this->assertTrue( \api\core\Checker::run('user.firstname', 'abcdefghijklmnopqrstuvwxyz') ); - $this->assertTrue( \api\core\Checker::run('user.firstname', 'ABCDEFGHIJKLMNOPQRSTUVWXYZ') ); - } - - public function testFirstnameContentIncorrect(){ - $illegal_chars = '{}[]()=_+.,\'\\"/:;|!@#$%^&*0123456789'; - - foreach(str_split($illegal_chars) as $char) // Teste les caracteres enonces plus haut - $this->assertFalse( \api\core\Checker::run('user.firstname', 'abc'.$char) ); - } - - /* (3) Size */ - public function testFirstnameSize3Correct(){ - $this->assertEquals( 3, strlen('abc') ); - $this->assertTrue( \api\core\Checker::run('user.firstname', 'abc') ); - } - - public function testFirstnameSize30Correct(){ - $this->assertEquals( 30, strlen('abcdefghijklmnopqrstuvwxyz-k s') ); - $this->assertTrue( \api\core\Checker::run('user.firstname', 'abcdefghijklmnopqrstuvwxyz-k s') ); - } - - public function testFirstnameSizeLt3Incorrect(){ - $this->assertLessThan( 3, strlen('ab') ); - $this->assertFalse( \api\core\Checker::run('user.firstname', 'ab') ); - } - - public function testFirstnameSizeGt30Incorrect(){ - $this->assertGreaterThan( 30, strlen('abcdefghijklmnopqrstuvwxyz-k ss') ); - $this->assertFalse( \api\core\Checker::run('user.firstname', 'abcdefghijklmnopqrstuvwxyz-k ss') ); - } - - /* [4] Adresse mail - =========================================================*/ - /* (1) Size */ - public function testMailSizeEqCorrect(){ - $this->assertLessThanOrEqual( 50, 'nom-prenom.mot@domaine-d.gouv' ); - $this->assertTrue( \api\core\Checker::run('user.mail', 'nom-prenom.mot@domaine-d.gouv') ); - } - - public function testMailSizeSupCorrect(){ - $this->assertGreaterThan( 50, strlen('ab12345678901234567890nom-prenom.mot@domaine-d.gouv') ); - $this->assertFalse( \api\core\Checker::run('user.mail', 'ab12345678901234567890nom-prenom.mot@domaine-d.gouv') ); - } - - /* (2) Content */ - public function testMailContentCorrect(){ - $this->assertTrue( \api\core\Checker::run('user.mail', '0nom-prenom.mot@domaine-d.gouv') ); - } - - public function testMailContentIncorrect1(){ - $this->assertFalse( \api\core\Checker::run('user.mail', '0nom-prenom.mot@domaine-d.gouve') ); - } - - public function testMailContentIncorrect2(){ - $this->assertFalse( \api\core\Checker::run('user.mail', '0nom-prenom.mot@domaine-d.g') ); - } - - - - /* [5] Mot de passe - =========================================================*/ - public function testPasswordSizeEqCorrect(){ - $password_hash = \manager\sessionManager::secure_hash('monmotdepasse'); - - $this->assertEquals( 40, strlen($password_hash) ); - $this->assertTrue( \api\core\Checker::run('user.password', $password_hash) ); - } - - public function testPasswordSizeInfIncorrect(){ - $password_hash = 'a'; - - $this->assertLessThan( 40, strlen($password_hash) ); - $this->assertFalse( \api\core\Checker::run('user.password', $password_hash) ); - } - - public function testPasswordSizeSupIncorrect(){ - $password_hash = \manager\sessionManager::secure_hash('monmotdepasse').'a'; - - $this->assertGreaterThan( 40, strlen($password_hash) ); - $this->assertFalse( \api\core\Checker::run('user.password', $password_hash) ); - } - - - public function testPasswordContentCorrect(){ - $this->assertTrue( \api\core\Checker::run('user.password', 'dd629d39c4576731a2bef003c72ff89d6fc2a99a') ); - } - - public function testPasswordContentIncorrect(){ - $this->assertContains( 'g', 'dd629d39c4576731a2bef003c72ff89d6fc2a9g' ); - $this->assertFalse( \api\core\Checker::run('user.password', 'dd629d39c4576731a2bef003c72ff89d6fc2a9g') ); - } - - - - /* [6] Status de l'utilisateur - =========================================================*/ - /* (1) Type */ - public function testStatusTypeIntCorrect(){ - $this->assertTrue( \api\core\Checker::run('user.status', 1) ); - } - - public function testStatusTypeStringCorrect(){ - $this->assertTrue( \api\core\Checker::run('user.status', '1') ); - } - - public function testStatusTypeIntIncorrect(){ - $this->assertFalse( \api\core\Checker::run('user.status', 1.03) ); - } - - public function testStatusTypeStringIncorrect(){ - $this->assertFalse( \api\core\Checker::run('user.status', '1.03') ); - } - - - /* (2) Size */ - public function testStatusSizeInfCorrect(){ - $this->assertGreaterThanOrEqual( 0, 0 ); - $this->assertTrue( \api\core\Checker::run('user.status', 0) ); - } - - public function testStatusSizeSupCorrect(){ - $this->assertLessThanOrEqual( 100, 100 ); - $this->assertTrue( \api\core\Checker::run('user.status', 100) ); - } - - - public function testStatusSizeInfIncorrect(){ - $this->assertLessThan( 0, -1 ); - $this->assertFalse( \api\core\Checker::run('user.status', -1) ); - } - - public function testStatusSizeSupIncorrect(){ - $this->assertGreaterThan( 100, 101 ); - $this->assertFalse( \api\core\Checker::run('user.status', 101) ); - } - - - - - } - -?> \ No newline at end of file diff --git a/phpunit/tests/Database_construct.php b/phpunit/tests/Database_construct.php deleted file mode 100755 index 76b7307..0000000 --- a/phpunit/tests/Database_construct.php +++ /dev/null @@ -1,63 +0,0 @@ -assertEquals( 'localhost', $instance->getConfig()['host'] ); - } - - public function testGetInstanceWithSERVERLocal(){ - // Pour regenerer une instance, on definit une erreur - \database\core\DatabaseDriver::$error = \error\core\Error::PDOConnection; - - - $instance = \database\core\DatabaseDriver::get(); - - $this->assertEquals( 'localhost', $instance->getConfig()['host'] ); - } - - - - /* [2] Verification du singleton (getInstance) - =========================================================*/ - public function testInstancePersistence(){ - \database\core\DatabaseDriver::$error = \error\core\Error::PDOConnection; - - $instance_construct = \database\core\DatabaseDriver::get(); - $instance_nextuse = \database\core\DatabaseDriver::get(); - - $this->assertSame( $instance_construct, $instance_nextuse ); - } - - public function testInstancePersistenceRefutation(){ - \database\core\DatabaseDriver::$error = \error\core\Error::PDOConnection; - $instance_construct = \database\core\DatabaseDriver::get(); - - \database\core\DatabaseDriver::$error = \error\core\Error::PDOConnection; - $instance_nextuse = \database\core\DatabaseDriver::get(); - - $this->assertNotSame( $instance_construct, $instance_nextuse ); - } - - - - /* [3] Verification de l'objet PDO - =========================================================*/ - public function testPDO(){ - $pdo = \database\core\DatabaseDriver::getPDO(); - - $this->assertGreaterThan( 10, count($pdo->query('SELECT * FROM user')->fetchAll()), '[!] Moins de 10 utilisateurs trouves.'); - } - - - - - - - } - -?> \ No newline at end of file diff --git a/phpunit/tests/Database_delNumeric.php b/phpunit/tests/Database_delNumeric.php deleted file mode 100755 index 1422640..0000000 --- a/phpunit/tests/Database_delNumeric.php +++ /dev/null @@ -1,116 +0,0 @@ -assertEquals( [], \database\core\DatabaseDriver::delNumeric(10) ); - } - - public function testTypeString(){ - $this->assertEquals( [], \database\core\DatabaseDriver::delNumeric('notarray') ); - } - - /* [1] Verification pour 2 dimensions - =========================================================*/ - /* (1) Global */ - public function testGlobal2Dim(){ - $fetchData = [[ - 'id' => '000001', - 0 => '000001', - 'nom' => 'Jean Dupont', - 1 => 'Jean Dupont', - ]]; - - $computed_array = \database\core\DatabaseDriver::delNumeric( $fetchData ); - - $this->assertArrayHasKey( 'id', $computed_array[0] ); - $this->assertArrayHasKey( 'nom', $computed_array[0] ); - $this->assertArrayNotHasKey( 0, $computed_array[0] ); - $this->assertArrayNotHasKey( 1, $computed_array[0] ); - } - - /* (2) Verification d'indices numeriques dans les donnees */ - public function testGlobal2DimWithNumericIndexes(){ - $fetchData = [[ - 'id' => '000001', - 0 => '000001', - 'nom' => 'Jean Dupont', - 1 => 'Jean Dupont', - 2 => 'Bla', - 3 => 'Bla', - 4 => 'Bla', - 5 => 'Bla', - 6 => 'Bla', - 7 => 'Bla' - ]]; - - $computed_array = \database\core\DatabaseDriver::delNumeric( $fetchData ); - - $this->assertArrayHasKey( 'id', $computed_array[0] ); - $this->assertArrayHasKey( 'nom', $computed_array[0] ); - $this->assertArrayNotHasKey( 0, $computed_array[0] ); - $this->assertArrayNotHasKey( 1, $computed_array[0] ); - - $this->assertArrayHasKey( 2, $computed_array[0] ); - $this->assertArrayHasKey( 3, $computed_array[0] ); - $this->assertArrayHasKey( 4, $computed_array[0] ); - $this->assertArrayHasKey( 5, $computed_array[0] ); - $this->assertArrayHasKey( 6, $computed_array[0] ); - $this->assertArrayHasKey( 7, $computed_array[0] ); - } - - - /* [2] Verification pour 1 dimensions - =========================================================*/ - /* (1) Global */ - public function testGlobal1Dim(){ - $fetchData = [ - 'id' => '000001', - 0 => '000001', - 'nom' => 'Jean Dupont', - 1 => 'Jean Dupont' - ]; - - $computed_array = \database\core\DatabaseDriver::delNumeric( $fetchData ); - - $this->assertArrayHasKey( 'id', $computed_array ); - $this->assertArrayHasKey( 'nom', $computed_array ); - $this->assertArrayNotHasKey( 0, $computed_array ); - $this->assertArrayNotHasKey( 1, $computed_array ); - } - - /* (2) Verification d'indices numeriques dans les donnees */ - public function testGlobal1DimWithNumericIndexes(){ - $fetchData = [ - 'id' => '000001', - 0 => '000001', - 'nom' => 'Jean Dupont', - 1 => 'Jean Dupont', - 2 => 'Bla', - 3 => 'Bla', - 4 => 'Bla', - 5 => 'Bla', - 6 => 'Bla', - 7 => 'Bla' - ]; - - $computed_array = \database\core\DatabaseDriver::delNumeric( $fetchData ); - - $this->assertArrayHasKey( 'id', $computed_array ); - $this->assertArrayHasKey( 'nom', $computed_array ); - $this->assertArrayNotHasKey( 0, $computed_array ); - $this->assertArrayNotHasKey( 1, $computed_array ); - - $this->assertArrayHasKey( 2, $computed_array ); - $this->assertArrayHasKey( 3, $computed_array ); - $this->assertArrayHasKey( 4, $computed_array ); - $this->assertArrayHasKey( 5, $computed_array ); - $this->assertArrayHasKey( 6, $computed_array ); - $this->assertArrayHasKey( 7, $computed_array ); - } - - } - -?> diff --git a/phpunit/tests/ManagerError.php b/phpunit/tests/ManagerError.php deleted file mode 100755 index eda3860..0000000 --- a/phpunit/tests/ManagerError.php +++ /dev/null @@ -1,107 +0,0 @@ -assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorParsingFailed(){ - $error = \error\core\Error::ParsingFailed; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorInvalidFlags(){ - $error = \error\core\Error::InvalidFlags; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorUnreachableResource(){ - $error = \error\core\Error::UnreachableResource; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorMissingPath(){ - $error = \error\core\Error::MissingPath; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorWrongPathModule(){ - $error = \error\core\Error::WrongPathModule; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorUnknownModule(){ - $error = \error\core\Error::UnknownModule; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorUnknownMethod(){ - $error = \error\core\Error::UnknownMethod; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorUncallableMethod(){ - $error = \error\core\Error::UncallableMethod; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorParamError(){ - $error = \error\core\Error::ParamError; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorModuleError(){ - $error = \error\core\Error::ModuleError; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorWrongPathRepo(){ - $error = \error\core\Error::WrongPathRepo; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorUnknownRepo(){ - $error = \error\core\Error::UnknownRepo; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorRepoError(){ - $error = \error\core\Error::RepoError; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - public function testErrorPDOConnection(){ - $error = \error\core\Error::PDOConnection; - - $this->assertNotNull( \error\core\Error::explicit($error) ); - } - - - public function testErrorNotKnown(){ - $error = 1239; - - $this->assertNull( \error\core\Error::explicit($error) ); - } - - } - - -?> \ No newline at end of file diff --git a/phpunit/tests/apiconfig.php b/phpunit/tests/apiconfig.php new file mode 100644 index 0000000..218ffba --- /dev/null +++ b/phpunit/tests/apiconfig.php @@ -0,0 +1,24 @@ +assertFileExists($path); + + /* (2) Checks json */ + $config = json_decode( file_get_contents($path), true ); + $this->assertNotNull($config); + + } + + + } + +?> \ No newline at end of file diff --git a/phpunit/tests/sessionManager.php b/phpunit/tests/sessionManager.php deleted file mode 100755 index d334311..0000000 --- a/phpunit/tests/sessionManager.php +++ /dev/null @@ -1,251 +0,0 @@ -assertEquals(40, strlen($hash) ); - $this->assertNotContains( $plain, $hash ); - } - - /* [2] Test de l'unicite et du prefix - =========================================================*/ - public function testIdSessionUniq(){ - // Premiere session - session_destroy(); - @\manager\sessionManager::session_start(); - $id_first = session_id(); - - // Seconde session - session_destroy(); - @\manager\sessionManager::session_start(); - $id_second = session_id(); - - $this->assertNotEquals( $id_first, $id_second ); - } - - - public function testIdenticalPrefix(){ - // Premiere session - session_destroy(); - @\manager\sessionManager::session_start(); - $first_prefix = substr(session_id(), 0, 5); - - // Seconde session - session_destroy(); - @\manager\sessionManager::session_start(); - $second_prefix = substr(session_id(), 0, 5); - - $this->assertEquals( $first_prefix, $second_prefix ); - } - - - public function testCookieUniq(){ - // Premiere session - session_destroy(); - @\manager\sessionManager::session_start(); - $token_first = $_COOKIE['session_token']; - - // Seconde session - session_destroy(); - @\manager\sessionManager::session_start(); - $token_second = $_COOKIE['session_token']; - - $this->assertNotEquals( $token_first, $token_second ); - } - - /* [3] REMOTE_ADDR different - =========================================================*/ - public function testSessionIdTheftWithWrongIp(){ - $default_remote_addr = $_SERVER['REMOTE_ADDR']; - - // Hote n.1 - $_SERVER['REMOTE_ADDR'] = 'a'; - session_destroy(); - @\manager\sessionManager::session_start(); - $first_prefix = substr(session_id(), 0, 5); - - // Hote n.2 - $_SERVER['REMOTE_ADDR'] = 'b'; - session_destroy(); - @\manager\sessionManager::session_start(); - $second_prefix = substr(session_id(), 0, 5); - - - $this->assertNotEquals( $first_prefix, $second_prefix ); - - $_SERVER['REMOTE_ADDR'] = $default_remote_addr; - } - - public function testSessionTokenTheftWithWrongIp(){ - $default_remote_addr = $_SERVER['REMOTE_ADDR']; - - // Hote n.1 - $_SERVER['REMOTE_ADDR'] = 'a'; - session_destroy(); - @\manager\sessionManager::session_start(); - $first_prefix = substr($_COOKIE['session_token'], 0, 5); - - // Hote n.2 - $_SERVER['REMOTE_ADDR'] = 'b'; - session_destroy(); - @\manager\sessionManager::session_start(); - $second_prefix = substr($_COOKIE['session_token'], 0, 5); - - - $this->assertNotEquals( $first_prefix, $second_prefix ); - - $_SERVER['REMOTE_ADDR'] = $default_remote_addr; - } - - - - public function testSessionTokenTheftWithWrongIpThenWell(){ - $default_remote_addr = $_SERVER['REMOTE_ADDR']; - - // Hote n.1 - $_SERVER['REMOTE_ADDR'] = 'a'; - session_destroy(); - @\manager\sessionManager::session_start(); - $first_prefix = substr($_COOKIE['session_token'], 0, 40); - - // Hote n.2 - $_SERVER['REMOTE_ADDR'] = 'b'; - session_destroy(); - @\manager\sessionManager::session_start(); - $second_prefix = substr($_COOKIE['session_token'], 0, 40); - - // Hote n.1 - $_SERVER['REMOTE_ADDR'] = 'a'; - session_destroy(); - @\manager\sessionManager::session_start(); - $third_prefix = substr($_COOKIE['session_token'], 0, 40); - - - $this->assertEquals( $first_prefix, $third_prefix ); - $this->assertNotEquals( $first_prefix, $second_prefix ); - - $_SERVER['REMOTE_ADDR'] = $default_remote_addr; - } - - /* [4] HTTP_USER_AGENT different - =========================================================*/ - public function testSessionIdTheftWithWrongUserAgent(){ - $default_http_user_agent = $_SERVER['HTTP_USER_AGENT']; - - // Hote n.1 - $_SERVER['HTTP_USER_AGENT'] = 'a'; - session_destroy(); - @\manager\sessionManager::session_start(); - $first_prefix = substr(session_id(), 0, 5); - - // Hote n.2 - $_SERVER['HTTP_USER_AGENT'] = 'b'; - session_destroy(); - @\manager\sessionManager::session_start(); - $second_prefix = substr(session_id(), 0, 5); - - - $this->assertNotEquals( $first_prefix, $second_prefix ); - - $_SERVER['HTTP_USER_AGENT'] = $default_http_user_agent; - } - - public function testSessionTokenTheftWithWrongUserAgent(){ - $default_http_user_agent = $_SERVER['HTTP_USER_AGENT']; - - // Hote n.1 - $_SERVER['HTTP_USER_AGENT'] = 'a'; - session_destroy(); - @\manager\sessionManager::session_start(); - $first_prefix = substr($_COOKIE['session_token'], 0, 40); - - // Hote n.2 - $_SERVER['HTTP_USER_AGENT'] = 'b'; - session_destroy(); - @\manager\sessionManager::session_start(); - $second_prefix = substr($_COOKIE['session_token'], 0, 40); - - - $this->assertNotEquals( $first_prefix, $second_prefix ); - - $_SERVER['HTTP_USER_AGENT'] = $default_http_user_agent; - } - - - - public function testSessionTokenTheftWithWrongUserAgentThenWell(){ - $default_http_user_agent = $_SERVER['HTTP_USER_AGENT']; - - // Hote n.1 - $_SERVER['HTTP_USER_AGENT'] = 'a'; - session_destroy(); - @\manager\sessionManager::session_start(); - $first_prefix = substr($_COOKIE['session_token'], 0, 40); - - // Hote n.2 - $_SERVER['HTTP_USER_AGENT'] = 'b'; - session_destroy(); - @\manager\sessionManager::session_start(); - $second_prefix = substr($_COOKIE['session_token'], 0, 40); - - // Hote n.1 - $_SERVER['HTTP_USER_AGENT'] = 'a'; - session_destroy(); - @\manager\sessionManager::session_start(); - $third_prefix = substr($_COOKIE['session_token'], 0, 40); - - - $this->assertEquals( $first_prefix, $third_prefix ); - $this->assertNotEquals( $first_prefix, $second_prefix ); - - $_SERVER['HTTP_USER_AGENT'] = $default_http_user_agent; - } - - - - /* [5] Regeneration du cookie 'session_token' - =========================================================*/ - public function testRegeneratedToken(){ - - // Connection 1 - session_destroy(); - @\manager\sessionManager::session_start(); - $first_token = $_COOKIE['session_token']; - - // Connection 2 - session_destroy(); - @\manager\sessionManager::session_start(); - $second_token = $_COOKIE['session_token']; - - - $this->assertNotEquals( $first_token, $second_token ); - } - - public function testSamePrefixToken(){ - - // Connection 1 - session_destroy(); - @\manager\sessionManager::session_start(); - $first_token_prefix = substr($_COOKIE['session_token'], 0, 40); - - // Connection 2 - session_destroy(); - @\manager\sessionManager::session_start(); - $second_token_prefix = substr($_COOKIE['session_token'], 0, 40); - - $this->assertEquals( $first_token_prefix, $second_token_prefix ); - } - - - - } - - -?> \ No newline at end of file