diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2009-05-28 02:19:53 -0700 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2009-05-28 02:19:53 -0700 |
| commit | 1a095fffe50437dbe7814c52886a58b6309ce8eb (patch) | |
| tree | ecbe0c63ccd93aeb515bb32036c24f1f3f64e81d /modules/gallery/tests/File_Structure_Test.php | |
| parent | c8aa9ed440f698bc725b21b2808af88001aaacee (diff) | |
Prepend all code files we copy from Gallery2 and put into var with our
code preamble for security.
Update File_Structure_Test::code_files_start_with_preamble_test to
check all the php files in var, too.
Diffstat (limited to 'modules/gallery/tests/File_Structure_Test.php')
| -rw-r--r-- | modules/gallery/tests/File_Structure_Test.php | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/modules/gallery/tests/File_Structure_Test.php b/modules/gallery/tests/File_Structure_Test.php index 017b1950..c517bd72 100644 --- a/modules/gallery/tests/File_Structure_Test.php +++ b/modules/gallery/tests/File_Structure_Test.php @@ -91,6 +91,18 @@ class File_Structure_Test extends Unit_Test_Case { $fp = fopen($path, "r"); $actual = array(fgets($fp)); fclose($fp); + } else if (strpos($path, DOCROOT . "var/logs") === 0) { + // var/logs has the kohana one-liner preamble + $expected = array("<?php defined('SYSPATH') or die('No direct script access.'); ?>\n"); + $fp = fopen($path, "r"); + $actual = array(fgets($fp)); + fclose($fp); + } else if (strpos($path, DOCROOT . "var") === 0) { + // Anything else under var has the Gallery one-liner + $expected = array("<?php defined(\"SYSPATH\") or die(\"No direct script access.\") ?>\n"); + $fp = fopen($path, "r"); + $actual = array(fgets($fp)); + fclose($fp); } else { // Gallery: we care about the entire copyright $actual = $this->_get_preamble($path); @@ -141,14 +153,12 @@ class File_Structure_Test extends Unit_Test_Case { // Front controllers break; - case DOCROOT . "index.local.php": + case DOCROOT . "local.php": // Special case optional file, not part of the codebase break; default: - if (strpos($path, DOCROOT . "var/logs") === 0) { - continue; - } else if (preg_match("/views/", $path)) { + if (preg_match("/views/", $path)) { $this->_check_view_preamble($path, $errors); } else { $this->_check_php_preamble($path, $errors); @@ -207,8 +217,7 @@ class File_Structure_Test extends Unit_Test_Case { class PhpCodeFilterIterator extends FilterIterator { public function accept() { $path_name = $this->getInnerIterator()->getPathName(); - return (substr($path_name, -4) == ".php" && - !(strpos($path_name, VARPATH) === 0)); + return substr($path_name, -4) == ".php"; } } |