public function testIfWillFailSanitization()
{
$code = file_get_contents(__DIR__ . '/layout.php');
// For dev help
$t = new Tokenizer($code);
$tokens = $t->getTokens();
$funcs = $t->getFunctions();
// Actual test
$r = Whitelist::fly()->check($code);
$this->assertFalse($r);
}
public function check($code)
{
$list = ['ucfirst' => true, 'lcfirst' => true];
$t = new Tokenizer($code);
foreach ($t->getFunctions() as $token) {
if (isset($list[$token->value])) {
continue;
}
return false;
}
return true;
}
public function testIfWillProperlyGetVariableNameFunctionCalls()
{
$code = <<<'CODE'
<?php
$var();
$_GET['ssss']['wsss']();
$_GET['ssss'][$var]();
CODE;
$funcs = ['$var', "\$_GET['ssss']['wsss']", "\$_GET['ssss'][\$var]"];
$result = [];
$t = new Tokenizer($code);
$tokens = $t->getTokens();
foreach ($t->getFunctions() as $token) {
$result[] = $token->val();
}
sort($funcs);
sort($result);
$this->assertSame($funcs, $result);
}
public function testIfWillFindNextDoubleColonWhiteSpaced()
{
$code = <<<'CODE'
<?php
ClassName
::
method();
CODE;
$t = new Tokenizer($code);
$tokens = $t->getTokens();
foreach ($tokens as $token) {
if ($token->is(T_DOUBLE_COLON)) {
$token = $token->prev();
break;
}
}
$this->assertSame($token->val(), 'ClassName');
// Should be normal token
$this->assertInstanceOf(Token::class, $token->next());
$this->assertSame($token->next()->type, T_DOUBLE_COLON);
$this->assertTrue($token->next()->is(T_DOUBLE_COLON));
}
