logauth
/
SMMP
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

- [x] [Database::check] Suite de l'implementation ajout de "user.status" 

- [x] [phpunit/tests/Database_check] Tests associes
This commit is contained in:
xdrm-brackets 2016-02-12 23:22:14 +01:00
parent 24e52aa781
commit f2a9b3e026
9 changed files with 77 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
automate.php
View File

@ -282,4 +282,5 @@
}//testDatabaseChecker(); }//testDatabaseChecker();
?> ?>

1
index.php
View File

@ -1,4 +1,5 @@
<?php define('__ROOT__', dirname(__FILE__) ); <?php define('__ROOT__', dirname(__FILE__) );
// \manager\session_start();
require_once __ROOT__.'/manager/autoloader.php'; require_once __ROOT__.'/manager/autoloader.php';
/*******************************************/ /*******************************************/

4
manager/Database.php
View File

@ -212,6 +212,10 @@
return $checker && is_string($value) && preg_match('/^[\da-f]{40}$/i', $value); return $checker && is_string($value) && preg_match('/^[\da-f]{40}$/i', $value);
break; break;
case 'user.status':
return $checker && is_numeric($value) && floor($value) == $value && $value >= 0 && $value <= 100;
break;
} }
return $checker; return $checker;

20
manager/autoloader.php
View File

@ -1,5 +1,10 @@
<?php define('__ROOT__', dirname(dirname(__FILE__)) ); <?php define('__ROOT__', dirname(dirname(__FILE__)) );
/* ACTIVE LE DEBUGGAGE (WARNING + EXCEPTION)
*
*/
function debug(){ function debug(){
ini_set('display_errors',1); ini_set('display_errors',1);
ini_set('display_startup_errors',1); ini_set('display_startup_errors',1);
@ -8,9 +13,11 @@
/* AUTOLOADER
*
* @className<String> Nom de la classe appelee
*
*/
function autoloader($className){ function autoloader($className){
$path = ''; $path = '';
@ -29,4 +36,11 @@
spl_autoload_register('autoloader', false, true); spl_autoload_register('autoloader', false, true);
/* On demarre la session securisee PHP
=========================================================*/
// Condition ajoutee pour PHPUNIT
if( isset($_SERVER['REMOTE_ADDR']) )
\manager\sessionManager::session_start();
?> ?>

5
manager/module/userDefault.php
View File

@ -37,14 +37,15 @@
public static function create($code, $username, $firstname, $lastname, $mail, $password, $status){ public static function create($code, $username, $firstname, $lastname, $mail, $password, $status){
/* [1] Normalisation + verification des donnees /* [1] Normalisation + verification des donnees
=========================================================*/ =========================================================*/
$password_hash = sha1($password); $password_hash = \manager\sessionManager::secure_sha1($password);
$correct_param = \manager\Database::check('user.code', $code); $correct_param = \manager\Database::check('user.code', $code);
$correct_param = $correct_param && \manager\Database::check('user.username', $username); $correct_param = $correct_param && \manager\Database::check('user.username', $username);
$correct_param = $correct_param && \manager\Database::check('user.firstname', $firstname); $correct_param = $correct_param && \manager\Database::check('user.firstname', $firstname);
$correct_param = $correct_param && \manager\Database::check('user.lastname', $lastname); $correct_param = $correct_param && \manager\Database::check('user.lastname', $lastname);
$correct_param = $correct_param && \manager\Database::check('user.mail', $mail); $correct_param = $correct_param && \manager\Database::check('user.mail', $mail);
$correct_param = $correct_param && \manager\Database::check('user.password', $password); $correct_param = $correct_param && \manager\Database::check('user.password', $password_hash);
$correct_param = $correct_param && \manager\Database::check('user.status', $status);
$request = new \manager\Repo('user/create', array($code, $username, $firstname, $lastname, $mail, $password, $status) ); $request = new \manager\Repo('user/create', array($code, $username, $firstname, $lastname, $mail, $password, $status) );

11
manager/sessionManager.php
View File

@ -11,7 +11,7 @@
/*************************/ /*************************/
/* SECURE SHA1 ALGORITHM */ /* SECURE SHA1 ALGORITHM */
/*************************/ /*************************/
private static function secure_sha1($data){ public static function secure_sha1($data){
return sha1( '">\[..|{@#))'.sha1($data.'_)Q@#((%*_$%(@#') ); return sha1( '">\[..|{@#))'.sha1($data.'_)Q@#((%*_$%(@#') );
} }
@ -94,7 +94,7 @@
// On verifie que le token est valide // On verifie que le token est valide
$valid_token = $session_token != null; // verification de l'existence du cookie $valid_token = $session_token != null; // verification de l'existence du cookie
$valid_token = $valid_token && strpos($session_token, self::$prefix) === 0; // verification des donnes personnelles $valid_token = $valid_token && strpos($session_token, self::$prefix) === 0; // verification des donnes personnelles
$valid_token = $valid_token && isset($_SESSION['session_token']); // verification que la variable session associee existe $valid_token = $valid_token && isset($_SESSION['session_token']); // verification que la variable session associee existe
$valid_token = $valid_token && $_SESSION['session_token'] == $_COOKIE['session_token']; // verification que la session est coherente $valid_token = $valid_token && $_SESSION['session_token'] == $_COOKIE['session_token']; // verification que la session est coherente
/* [4] Si token inexistant /* [4] Si token inexistant
@ -111,11 +111,4 @@
} }
// Override du namespace
function session_start(){
sessionManager::session_start();
}
?> ?>

4
phpunit/phpunit.xml
View File

@ -2,9 +2,7 @@
<testsuites> <testsuites>
<testsuite name="\manager\Database"> <testsuite name="\manager\Database">
<file>tests/Database_check.php</file> <directory suffix=".php">./tests/</directory>
<file>tests/Database_delNumeric.php</file>
<file>tests/Database_construct.php</file>
</testsuite> </testsuite>
</testsuites> </testsuites>

48
phpunit/tests/Database_check.php
View File

@ -185,7 +185,7 @@
/* [5] Mot de passe /* [5] Mot de passe
=========================================================*/ =========================================================*/
public function testPasswordSizeEqCorrect(){ public function testPasswordSizeEqCorrect(){
$password_hash = sha1('monmotdepasse'); $password_hash = \manager\sessionManager::secure_sha1('monmotdepasse');
$this->assertEquals( 40, strlen($password_hash) ); $this->assertEquals( 40, strlen($password_hash) );
$this->assertTrue( \manager\Database::check('user.password', $password_hash) ); $this->assertTrue( \manager\Database::check('user.password', $password_hash) );
@ -199,7 +199,7 @@
} }
public function testPasswordSizeSupIncorrect(){ public function testPasswordSizeSupIncorrect(){
$password_hash = sha1('monmotdepasse').'a'; $password_hash = \manager\sessionManager::secure_sha1('monmotdepasse').'a';
$this->assertGreaterThan( 40, strlen($password_hash) ); $this->assertGreaterThan( 40, strlen($password_hash) );
$this->assertFalse( \manager\Database::check('user.password', $password_hash) ); $this->assertFalse( \manager\Database::check('user.password', $password_hash) );
@ -217,6 +217,50 @@
/* [6] Status de l'utilisateur
=========================================================*/
/* (1) Type */
public function testStatusTypeIntCorrect(){
$this->assertTrue( \manager\Database::check('user.status', 1) );
}
public function testStatusTypeStringCorrect(){
$this->assertTrue( \manager\Database::check('user.status', '1') );
}
public function testStatusTypeIntIncorrect(){
$this->assertFalse( \manager\Database::check('user.status', 1.03) );
}
public function testStatusTypeStringIncorrect(){
$this->assertFalse( \manager\Database::check('user.status', '1.03') );
}
/* (2) Size */
public function testStatusSizeInfCorrect(){
$this->assertGreaterThanOrEqual( 0, 0 );
$this->assertTrue( \manager\Database::check('user.status', 0) );
}
public function testStatusSizeSupCorrect(){
$this->assertLessThanOrEqual( 100, 100 );
$this->assertTrue( \manager\Database::check('user.status', 100) );
}
public function testStatusSizeInfIncorrect(){
$this->assertLessThan( 0, -1 );
$this->assertFalse( \manager\Database::check('user.status', -1) );
}
public function testStatusSizeSupIncorrect(){
$this->assertGreaterThan( 100, 101 );
$this->assertFalse( \manager\Database::check('user.status', 101) );
}
} }

2
todo.md
View File

@ -42,6 +42,8 @@
- [x] [sessionManager] Import de sessionManager - [x] [sessionManager] Import de sessionManager
- [x] [phpunit/tests/Database_*] Tests unitaire de delNumeric() - [x] [phpunit/tests/Database_*] Tests unitaire de delNumeric()
- [x] [Database] Mise a jour des methodes de Database - [x] [Database] Mise a jour des methodes de Database
- [x] [Database::check] Suite de l'implementation ajout de "user.status"
- [x] [phpunit/tests/Database_check] Tests associes
- [x] [Database::construct] Gestion du singleton et de la config - [x] [Database::construct] Gestion du singleton et de la config
- [x] [Database::check] Suite de l'implementation (couverture des types de la BDD actuelle: 100%) - [x] [Database::check] Suite de l'implementation (couverture des types de la BDD actuelle: 100%)
- [x] [Database::delNumeric] Prevention si oubli @oneDimension + ne supprime plus les indices numeriques associees a aucun indice textuel - [x] [Database::delNumeric] Prevention si oubli @oneDimension + ne supprime plus les indices numeriques associees a aucun indice textuel