function RequestSanitizerTest::requestSanitizationTest

Tests RequestSanitizer class.

Parameters

\SanitizerTestRequest $request: The request to sanitize.

array $expected: An array of expected request parameters after sanitization.

array|null $expected_errors: An array of expected errors. If set to NULL then error logging is disabled.

array $whitelist: An array of keys to whitelist and not sanitize.

string $label: A descriptive name for each test / group of assertions.

Throws

\ReflectionException

1 call to RequestSanitizerTest::requestSanitizationTest()
RequestSanitizerTest::testRequestSanitization in modules/simpletest/tests/request_sanitizer.test
Iterate through all the RequestSanitizerTests.

File

modules/simpletest/tests/request_sanitizer.test, line 74

Class

RequestSanitizerTest
Tests DrupalRequestSanitizer class.

Code

public function requestSanitizationTest(SanitizerTestRequest $request, array $expected = array(), array $expected_errors = NULL, array $whitelist = array(), $label = NULL) {
    // Set up globals.
    $_GET = $request->getQuery();
    $_POST = $request->getRequest();
    $_COOKIE = $request->getCookies();
    $_REQUEST = array_merge($request->getQuery(), $request->getRequest());
    $GLOBALS['conf']['sanitize_input_whitelist'] = $whitelist;
    $GLOBALS['conf']['sanitize_input_logging'] = is_null($expected_errors) ? FALSE : TRUE;
    if ($label !== 'already sanitized request') {
        $reflection = new \ReflectionProperty('DrupalRequestSanitizer', 'sanitized');
        $reflection->setAccessible(TRUE);
        $reflection->setValue(NULL, FALSE);
    }
    DrupalRequestSanitizer::sanitize();
    if (isset($_GET['destination'])) {
        DrupalRequestSanitizer::cleanDestination();
    }
    // Normalise the expected data.
    $expected += array(
        'cookies' => array(),
        'query' => array(),
        'request' => array(),
    );
    // Test PHP globals.
    $this->assertEqualLabelled($expected['cookies'], $_COOKIE, NULL, 'Other', $label . ' (COOKIE)');
    $this->assertEqualLabelled($expected['query'], $_GET, NULL, 'Other', $label . ' (GET)');
    $this->assertEqualLabelled($expected['request'], $_POST, NULL, 'Other', $label . ' (POST)');
    $expected_request = array_merge($expected['query'], $expected['request']);
    $this->assertEqualLabelled($expected_request, $_REQUEST, NULL, 'Other', $label . ' (REQUEST)');
    // Ensure any expected errors have been triggered.
    if (!empty($expected_errors)) {
        foreach ($expected_errors as $expected_error) {
            $this->assertError($expected_error, E_USER_NOTICE, $label . ' (errors)');
        }
    }
    else {
        $this->assertEqualLabelled(array(), $this->errors, NULL, 'Other', $label . ' (errors)');
    }
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.