public function test_absolutePathAttack()
{
clearstatcache();
$extractDir = PIWIK_USER_PATH . '/tmp/latest/';
$test = 'zaabs';
$filename = dirname(__FILE__) . '/Unzip/' . $test . '.zip';
if (class_exists('ZipArchive', false)) {
$unzip = new Piwik_Unzip_ZipArchive($filename);
$res = $unzip->extract($extractDir);
$this->assertEqual($res, 0);
$this->assertFalse(file_exists($extractDir . $test . '.txt'));
$this->assertFalse(file_exists(dirname(__FILE__) . '/' . $test . '.txt'));
}
$unzip = new Piwik_Unzip_PclZip($filename);
$res = $unzip->extract($extractDir);
$this->assertEqual($res, 0);
$this->assertFalse(file_exists($extractDir . $test . '.txt'));
$this->assertFalse(file_exists(dirname(__FILE__) . '/' . $test . '.txt'));
}
/**
* @group Core
* @group Unzip
*/
public function testUnzipInvalidFile2()
{
clearstatcache();
$extractDir = PIWIK_USER_PATH . '/tmp/latest/';
$filename = dirname(__FILE__) . '/Unzip/NotExisting.zip';
$unzip = new Piwik_Unzip_PclZip($filename);
$res = $unzip->extract($extractDir);
$this->assertEquals(0, $res);
$this->assertContains('PCLZIP_ERR_MISSING_FILE', $unzip->errorInfo());
}