/** * Tests to ensure that the auto escape option is obeyed. */ public function testAutoEscape() { $str = 'I\'m a string and it\'s got characters that could be escaped! <lalalala>'; // First auto escape off. Database::setAutoEscape(false); $result = DatabaseTools::replaceVariables('{string:str}', array('str' => $str)); $this->assertEquals('\'' . addcslashes($str, "'") . '\'', $result); // Now on! Database::setAutoEscape(true); $result = DatabaseTools::replaceVariables('{string:str}', array('str' => $str)); $this->assertEquals('\'' . addcslashes(htmlspecialchars($str, ENT_QUOTES, 'UTF-8'), "'") . '\'', $result); Database::setAutoEscape(false); }
/** * Tests to ensure setting the auto escape option works. */ public function testSetAutoEscape() { Database::setAutoEscape(true); $this->assertTrue(Database::getAutoEscape()); // Set it back to the default. Database::setAutoEscape(false); }