From 1a095fffe50437dbe7814c52886a58b6309ce8eb Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Thu, 28 May 2009 02:19:53 -0700
Subject: Prepend all code files we copy from Gallery2 and put into var with
 our code preamble for security.

Update File_Structure_Test::code_files_start_with_preamble_test to
check all the php files in var, too.
---
 modules/gallery/tests/File_Structure_Test.php | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

(limited to 'modules/gallery/tests')

diff --git a/modules/gallery/tests/File_Structure_Test.php b/modules/gallery/tests/File_Structure_Test.php
index 017b1950..c517bd72 100644
--- a/modules/gallery/tests/File_Structure_Test.php
+++ b/modules/gallery/tests/File_Structure_Test.php
@@ -91,6 +91,18 @@ class File_Structure_Test extends Unit_Test_Case {
       $fp = fopen($path, "r");
       $actual = array(fgets($fp));
       fclose($fp);
+    } else if (strpos($path, DOCROOT . "var/logs") === 0) {
+      // var/logs has the kohana one-liner preamble
+      $expected = array("<?php defined('SYSPATH') or die('No direct script access.'); ?>\n");
+      $fp = fopen($path, "r");
+      $actual = array(fgets($fp));
+      fclose($fp);
+    } else if (strpos($path, DOCROOT . "var") === 0) {
+      // Anything else under var has the Gallery one-liner
+      $expected = array("<?php defined(\"SYSPATH\") or die(\"No direct script access.\") ?>\n");
+      $fp = fopen($path, "r");
+      $actual = array(fgets($fp));
+      fclose($fp);
     } else {
       // Gallery: we care about the entire copyright
       $actual = $this->_get_preamble($path);
@@ -141,14 +153,12 @@ class File_Structure_Test extends Unit_Test_Case {
         // Front controllers
         break;
 
-      case DOCROOT . "index.local.php":
+      case DOCROOT . "local.php":
         // Special case optional file, not part of the codebase
         break;
 
       default:
-        if (strpos($path, DOCROOT . "var/logs") === 0) {
-          continue;
-        } else if (preg_match("/views/", $path)) {
+        if (preg_match("/views/", $path)) {
           $this->_check_view_preamble($path, $errors);
         } else {
           $this->_check_php_preamble($path, $errors);
@@ -207,8 +217,7 @@ class File_Structure_Test extends Unit_Test_Case {
 class PhpCodeFilterIterator extends FilterIterator {
   public function accept() {
     $path_name = $this->getInnerIterator()->getPathName();
-    return (substr($path_name, -4) == ".php" &&
-            !(strpos($path_name, VARPATH) === 0));
+    return substr($path_name, -4) == ".php";
   }
 }
 
-- 
cgit v1.2.3