public function testCreateUserSuperadmin()
{
// ADMIN
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'petjo', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/kontrollpanel/brukeradmin/opprett/2');
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains("Opprett bruker")')->count());
$form = $crawler->selectButton('Opprett')->form();
// Change the value of a field
$form['createUser[firstName]'] = "fornavn1";
$form['createUser[lastName]'] = "etternavn1";
$form['createUser[gender]']->select(0);
$form['createUser[phone]'] = "66688666";
$form['createUser[user_name]'] = "fornavn1";
$form['createUser[password]'] = "1234";
$form['createUser[email]'] = "*****@*****.**";
$form['createUser[fieldOfStudy]']->select(3);
$form['createUser[role]']->select(0);
// submit the form
$crawler = $client->submit($form);
// Assert that the response is the correct redirect
$this->assertTrue($client->getResponse()->isRedirect('/kontrollpanel/brukeradmin'));
// Follow the redirect
$crawler = $client->followRedirect();
restoreDatabase();
}
public function testEdit()
{
// Team user
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'team', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/kontrollpanel/artikkeladmin/rediger/1');
// Assert that the page response status code is 200
$this->assertEquals(200, $client->getResponse()->getStatusCode());
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains("Endre artikkel")')->count());
// Fill in the form
$form = $crawler->selectButton('Publiser')->form();
$form['article[title]'] = 'Ny test tittel';
// submit the form
$crawler = $client->submit($form);
// Follow the redirect
$crawler = $client->followRedirect();
// Assert that we have the correct page with the new value
$this->assertContains('Endringene har blitt publisert.', $client->getResponse()->getContent());
$this->assertEquals(1, $crawler->filter('h1:contains("Ny test tittel")')->count());
// User
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'assistent', 'PHP_AUTH_PW' => '1234'));
$client->request('GET', '/kontrollpanel/artikkeladmin/rediger/1');
// Assert that the page response status code is 403 Access denied
$this->assertEquals(403, $client->getResponse()->getStatusCode());
restoreDatabase();
}
public function testUpdateSemester()
{
// ADMIN
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'petjo', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/kontrollpanel/semesteradmin/avdeling/1');
$this->assertEquals(2, $crawler->filter('a:contains("Rediger")')->count());
// Find a link and click it
$link = $crawler->selectLink('Rediger')->eq(1)->link();
$crawler = $client->click($link);
// Assert that we have the correct amount of data
$this->assertEquals(1, $crawler->filter('h1:contains("Endre semester Høst 2015")')->count());
$form = $crawler->selectButton('Endre')->form();
// Change the value of a field
$form['createSemester[admission_start_date]'] = '2015-08-04 10:30:00 ';
$form['createSemester[admission_end_date]'] = '2015-09-02 10:40:00 ';
// submit the form
$client->submit($form);
// Assert a specific 302 status code
$this->assertEquals(302, $client->getResponse()->getStatusCode());
// Assert that the response is the correct redirect
$this->assertTrue($client->getResponse()->isRedirect('/kontrollpanel/semesteradmin'));
// Follow the redirect
$crawler = $client->followRedirect();
// Assert a specific 200 status code
$this->assertEquals(200, $client->getResponse()->getStatusCode());
$this->assertEquals(1, $crawler->filter('h1:contains("Semester NTNU")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("2015-08-04")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("10:30:00")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("2015-09-02")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("10:40:00")')->count());
restoreDatabase();
}
public function testUpdateWorkHistory()
{
// ADMIN
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'petjo', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/kontrollpanel/teamadmin/team/1');
// Find a link and click it
$link = $crawler->selectLink('Rediger')->eq(1)->link();
$crawler = $client->click($link);
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains("Opprett arbeidshistorie")')->count());
$form = $crawler->selectButton('Opprett')->form();
// Change the value of a field
$form['createWorkHistory[user]']->select(36);
$form['createWorkHistory[position]']->select(1);
$form['createWorkHistory[startSemester]']->select(5);
// submit the form
$crawler = $client->submit($form);
// Follow the redirect
$crawler = $client->followRedirect();
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains("Hovedstyret")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("Vår 2016")')->count());
$this->assertEquals(0, $crawler->filter('td:contains("Petter")')->count());
$this->assertEquals(0, $crawler->filter('td:contains("Johansen")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("Høst 2015")')->count());
restoreDatabase();
}
public function testUpdateDepartment()
{
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'petjo', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/kontrollpanel/avdelingadmin');
$this->assertEquals(200, $client->getResponse()->getStatusCode());
// Find a link and click it
$link = $crawler->selectLink('Rediger')->first()->link();
$crawler = $client->click($link);
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains("Opprett avdeling")')->count());
$form = $crawler->selectButton('Opprett')->form();
// Change the value of a field
$form['createDepartment[name]'] = 'Norges teknisk-naturvitenskapelige universitet2';
$form['createDepartment[short_name]'] = 'NTNU2';
$form['createDepartment[email]'] = 'NTNU@mail.com2';
$form['createDepartment[address]'] = 'Storgata 1';
// submit the form
$crawler = $client->submit($form);
// Assert a specific 302 status code
$this->assertEquals(302, $client->getResponse()->getStatusCode());
// Assert that the response is the correct redirect
$this->assertTrue($client->getResponse()->isRedirect('/kontrollpanel/avdelingadmin'));
// Follow the redirect
$crawler = $client->followRedirect();
// Assert that we created a new entity
$this->assertContains('Norges teknisk-naturvitenskapelige universitet2', $client->getResponse()->getContent());
$this->assertContains('NTNU2', $client->getResponse()->getContent());
$this->assertContains('NTNU@mail.com2', $client->getResponse()->getContent());
// Check the count for the different variables
$this->assertEquals(1, $crawler->filter('a:contains("Norges teknisk-naturvitenskapelige universitet2")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("NTNU2")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("NTNU@mail.com2")')->count());
// Assert a specific 200 status code
$this->assertEquals(200, $client->getResponse()->getStatusCode());
restoreDatabase();
}
public function testEdit()
{
// Admin user
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'admin', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/kontrollpanel/vikar/rediger/1');
// Assert that the page response status code is 200
$this->assertEquals(200, $client->getResponse()->getStatusCode());
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains("Endre vikarinformasjon")')->count());
// Find the form
$form = $crawler->selectButton('Lagre')->form();
// Fill in the form
$form['substitute[phone]'] = "95999999";
// Submit the form
$client->submit($form);
// Follow the redirect
$crawler = $client->followRedirect();
// Assert that we have the correct page with the correct info (from the submitted form)
$this->assertEquals(1, $crawler->filter('h1:contains("Vikarer")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("95999999")')->count());
// Team user
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'team', 'PHP_AUTH_PW' => '1234'));
$client->request('GET', '/kontrollpanel/vikar/rediger/1');
// Assert that the page response status code is 403 access denied
$this->assertEquals(403, $client->getResponse()->getStatusCode());
restoreDatabase();
}
public function testDelegateSchoolToUser()
{
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'petjo', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/kontrollpanel/skoleadmin/brukere/avdeling/1');
// Assert that we have the correct amount of data
$this->assertEquals(1, $crawler->filter('h1:contains("Tildel skole")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("Reidun")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("Persdatter Ødegaard")')->count());
// Find a link and click it
$link = $crawler->selectLink('Tildel skole')->eq(1)->link();
$crawler = $client->click($link);
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains("Opprett assistent historie")')->count());
$form = $crawler->selectButton('Opprett')->form();
// Change the value of a field
$form['createAssistantHistory[Semester]']->select(1);
$form['createAssistantHistory[workdays]']->select("4");
$form['createAssistantHistory[School]']->select(2);
$form['createAssistantHistory[bolk]']->select("Bolk 2");
$form['createAssistantHistory[day]']->select("Onsdag");
// submit the form
$client->submit($form);
// Assert a specific 302 status code
$this->assertEquals(302, $client->getResponse()->getStatusCode());
// Assert that the response is the correct redirect
$this->assertTrue($client->getResponse()->isRedirect('/kontrollpanel/skoleadmin/brukere/avdeling/1'));
// Follow the redirect
$client->followRedirect();
// Assert a specific 200 status code
$this->assertEquals(200, $client->getResponse()->getStatusCode());
// ADMIN
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'admin', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/kontrollpanel/skoleadmin/brukere/avdeling/1');
// Assert that we have the correct amount of data
$this->assertEquals(1, $crawler->filter('h1:contains("Tildel skole")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("Reidun")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("Persdatter Ødegaard")')->count());
// Find a link and click it
$link = $crawler->selectLink('Tildel skole')->eq(1)->link();
$crawler = $client->click($link);
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains("Opprett assistent historie")')->count());
$form = $crawler->selectButton('Opprett')->form();
// Change the value of a field
$form['createAssistantHistory[Semester]']->select(1);
$form['createAssistantHistory[workdays]']->select("4");
$form['createAssistantHistory[School]']->select(2);
$form['createAssistantHistory[bolk]']->select("Bolk 2");
$form['createAssistantHistory[day]']->select("Onsdag");
// submit the form
$client->submit($form);
// Assert a specific 302 status code
$this->assertEquals(302, $client->getResponse()->getStatusCode());
// Assert that the response is the correct redirect
$this->assertTrue($client->getResponse()->isRedirect('/kontrollpanel/skoleadmin/brukere/avdeling/1'));
// Follow the redirect
$client->followRedirect();
// Assert a specific 200 status code
$this->assertEquals(200, $client->getResponse()->getStatusCode());
// USER
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'assistent', 'PHP_AUTH_PW' => '1234'));
$client->request('GET', '/kontrollpanel/skoleadmin/brukere/avdeling/1');
// Assert that the response is a redirect to /
$this->assertEquals(403, $client->getResponse()->getStatusCode());
restoreDatabase();
}
function installIfNeeded()
{
global $SETTINGS, $APP, $TABLE_PREFIX;
if (isInstalled()) {
return;
}
// skip if already installed
// rename default files
renameOrRemoveDefaultFiles();
// error checking
if ($SETTINGS['uploadDir'] && !is_dir($SETTINGS['uploadDir'])) {
print "Upload directory doesn't exist, please update 'uploadDir' in /data/" . SETTINGS_FILENAME . "<br/>\n";
print "Current uploadDir value: " . htmlencode($SETTINGS['uploadDir']) . "<br/>\n";
print "Suggested uploadDir value: uploads/ or ../uploads/<br/>\n";
exit;
}
// error checking
checkFilePermissions();
// display license
if (@$_REQUEST['menu'] == 'license') {
showInterface('license.php');
}
// save
if (@$_REQUEST['save']) {
// error checking
if (!$_REQUEST['licenseCompanyName']) {
alert("Please enter your 'Company Name'<br/>\n");
}
if (!$_REQUEST['licenseDomainName']) {
alert("Please enter your 'Domain Name'<br/>\n");
}
if (!$_REQUEST['licenseProductId']) {
alert("Please enter your 'Product Id'<br/>\n");
} else {
if (!isValidProductId($_REQUEST['licenseProductId'])) {
alert("Invalid Product Id!<br/>\n");
}
}
if (!$_REQUEST['agreeToOneInstall']) {
alert("Please check 'I agree not to use this 'Product Id' for multiple installs'<br/>\n");
}
if (!$_REQUEST['understandTermination']) {
alert("Please check 'I understand doing so may cause be to lose my right to use this software'<br/>\n");
}
if (!$_REQUEST['agreeToLicense']) {
alert("Please check 'I accept the terms of the License Agreement'<br/>\n");
}
if (!$_REQUEST['mysqlHostname']) {
alert("Please enter your 'MySQL Hostname'<br/>\n");
}
if (!$_REQUEST['mysqlDatabase']) {
alert("Please enter your 'MySQL Database'<br/>\n");
}
if (!$_REQUEST['mysqlUsername']) {
alert("Please enter your 'MySQL Username'<br/>\n");
}
if (!$_REQUEST['mysqlTablePrefix']) {
alert("Please enter your 'MySQL Table Prefix'<br/>\n");
} elseif (preg_match("/[A-Z]/", $_REQUEST['mysqlTablePrefix'])) {
alert("Value for 'MySQL Table Prefix' must be lowercase.<br/>\n");
} elseif (!preg_match("/^[a-z]/i", $_REQUEST['mysqlTablePrefix'])) {
alert("Value for 'MySQL Table Prefix' must start with a letter.<br/>\n");
} elseif (!preg_match("/_\$/", $_REQUEST['mysqlTablePrefix'])) {
alert("Value for 'MySQL Table Prefix' must end in underscore.<br/>\n");
}
// New Installation
if (!@$_REQUEST['restoreFromBackup']) {
if (!$_REQUEST['adminFullname']) {
alert("Please enter 'Admin Full Name'<br/>\n");
}
if (!$_REQUEST['adminEmail']) {
alert("Please enter 'Admin Email'<br/>\n");
} elseif (!isValidEmail($_REQUEST['adminEmail'])) {
alert("Please enter a valid email for 'Admin Email' (Example: user@example.com)<br/>\n");
}
if (!$_REQUEST['adminUsername']) {
alert("Please enter 'Admin Username'<br/>\n");
}
$passwordErrors = getNewPasswordErrors($_REQUEST['adminPassword1'], $_REQUEST['adminPassword2'], $_REQUEST['adminUsername']);
// v2.52
if ($passwordErrors) {
alert(nl2br(htmlencode($passwordErrors)));
}
}
// Restore from Backup
if (@$_REQUEST['restoreFromBackup']) {
if (!$_REQUEST['restore']) {
alert("Please select a backup file to restore<br/>\n");
}
}
// Advanced - v2.53
if (!@$_REQUEST['useCustomSettingsFile']) {
if (is_file(SETTINGS_DEV_FILEPATH)) {
alert(t("You must select 'Use Custom Settings File' since a custom settings file for this domain already exists!") . "<br/>\n");
} elseif (isDevServer()) {
alert("This is a development server, you must select 'Use Custom Settings File'." . "<br/>\n");
}
}
if (@$_REQUEST['webPrefixUrl'] != '') {
if (!preg_match("|^(\\w+:/)?/|", $_REQUEST['webPrefixUrl'])) {
alert(t("Website Prefix URL must start with /") . "<br/>\n");
}
if (preg_match("|/\$|", $_REQUEST['webPrefixUrl'])) {
alert(t("Website Prefix URL cannot end with /") . "<br/>\n");
}
}
// update settings (not saved unless there are no errors)
$SETTINGS['cookiePrefix'] = substr(md5(mt_rand()), 0, 5) . '_';
//v2.51 shortened prefix so it's easy to see full cookie names in browser cookie list
$SETTINGS['adminEmail'] = @$SETTINGS['adminEmail'] ? $SETTINGS['adminEmail'] : $_REQUEST['adminEmail'];
$SETTINGS['licenseCompanyName'] = $_REQUEST['licenseCompanyName'];
$SETTINGS['licenseDomainName'] = $_REQUEST['licenseDomainName'];
$SETTINGS['licenseProductId'] = $_REQUEST['licenseProductId'];
$SETTINGS['webRootDir'] = @$SETTINGS['webRootDir'] ? $SETTINGS['webRootDir'] : @$_SERVER['DOCUMENT_ROOT'];
$SETTINGS['mysql']['hostname'] = $_REQUEST['mysqlHostname'];
$SETTINGS['mysql']['database'] = $_REQUEST['mysqlDatabase'];
$SETTINGS['mysql']['username'] = $_REQUEST['mysqlUsername'];
$SETTINGS['mysql']['password'] = $_REQUEST['mysqlPassword'];
$SETTINGS['mysql']['tablePrefix'] = $_REQUEST['mysqlTablePrefix'];
$TABLE_PREFIX = $_REQUEST['mysqlTablePrefix'];
// update TABLE_PREFIX global as well.
$SETTINGS['webPrefixUrl'] = $_REQUEST['webPrefixUrl'];
// display errors
if (alert()) {
require "lib/menus/install.php";
exit;
}
// connect to mysql
$errors = connectToMySQL('returnErrors');
if ($errors) {
alert($errors);
require "lib/menus/install.php";
exit;
} else {
connectToMySQL();
}
// create schema tables
createMissingSchemaTablesAndFields();
clearAlertsAndNotices();
// don't show "created table/field" alerts
// New Installation: check if admin user already exists
if (!@$_REQUEST['restoreFromBackup']) {
$passwordHash = getPasswordDigest($_REQUEST['adminPassword1']);
$identicalUserExists = mysql_count('accounts', array('username' => $_REQUEST['adminUsername'], 'password' => $passwordHash, 'isAdmin' => '1'));
if (!$identicalUserExists) {
// if the don't exist, check if a user with the same username exists and show an error if they do
$count = mysql_count('accounts', array('username' => $_REQUEST['adminUsername']));
if (!$identicalUserExists && $count > 0) {
alert("Admin username already exists, please choose another.<br/>\n");
}
}
// create admin user
if (!$identicalUserExists && !alert()) {
mysqlStrictMode(false);
// disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later)
mysql_query("INSERT INTO `{$TABLE_PREFIX}accounts` SET\n createdDate = NOW(),\n createdByUserNum = '0',\n updatedDate = NOW(),\n updatedByUserNum = '0',\n fullname = '" . mysql_escape($_REQUEST['adminFullname']) . "', email = '" . mysql_escape($_REQUEST['adminEmail']) . "',\n username = '******'adminUsername']) . "', password = '******',\n disabled = '0',\n isAdmin = '1',\n expiresDate = '0000-00-00 00:00:00',\n neverExpires = '1'") or alert("MySQL Error Creating Admin User:<br/>\n" . htmlencode(mysql_error()) . "\n");
// create accesslist entry
mysql_query("INSERT INTO `{$TABLE_PREFIX}_accesslist` (userNum, tableName, accessLevel, maxRecords, randomSaveId)\n VALUES (LAST_INSERT_ID(), 'all', '9', NULL, '1234567890')") or alert("MySQL Error Creating Admin Access List:<br/>\n" . htmlencode(mysql_error()) . "\n");
}
}
// Restore from Backup: Restore backup file
if (@$_REQUEST['restoreFromBackup']) {
$userCount = mysql_count('accounts');
if ($userCount) {
$userTable = $TABLE_PREFIX . 'accounts';
$errorMessage = sprintf("Can't restore from backup because it would overwrite the %s existing user accounts in the specified database location.<br/>\n", $userCount);
$errorMessage .= sprintf("Try changing the MySQL Database or Table Prefix to restore to a different location, or remove existing users from '%s'.<br/>\n", $userTable);
alert($errorMessage);
} else {
// restore database
$filename = @$_REQUEST['restore'];
mysqlStrictMode(false);
// disable Mysql strict errors
restoreDatabase(DATA_DIR . '/backups/' . $filename);
notice("Restored backup file /data/backups/{$filename}");
makeAllUploadRecordsRelative();
}
}
// save settings
if (!alert()) {
saveSettings(@$_REQUEST['useCustomSettingsFile']);
isInstalled(true);
// save installed status
redirectBrowserToURL('?menu=home', true);
// refresh page
exitl;
}
}
// set defaults
if (!array_key_exists('licenseDomainName', $_REQUEST)) {
$_REQUEST['licenseDomainName'] = $_SERVER['HTTP_HOST'];
}
if (!array_key_exists('mysqlHostname', $_REQUEST)) {
$_REQUEST['mysqlHostname'] = $SETTINGS['mysql']['hostname'];
}
if (!array_key_exists('mysqlDatabase', $_REQUEST)) {
$_REQUEST['mysqlDatabase'] = $SETTINGS['mysql']['database'];
}
if (!array_key_exists('mysqlUsername', $_REQUEST)) {
$_REQUEST['mysqlUsername'] = $SETTINGS['mysql']['username'];
}
if (!array_key_exists('mysqlTablePrefix', $_REQUEST)) {
$_REQUEST['mysqlTablePrefix'] = $SETTINGS['mysql']['tablePrefix'];
}
// show form
require "lib/menus/install.php";
exit;
}
public function testSchedule()
{
// Admin user
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'admin', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/kontrollpanel/intervju/settopp/6');
// Assert that the page response status code is 200
$this->assertEquals(200, $client->getResponse()->getStatusCode());
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h3:contains("Sett opp intervju")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("Assistent")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("Johansen")')->count());
// Find the form
$form = $crawler->selectButton('Lagre tidspunkt')->form();
// Fill in the form
$form['scheduleInterview[datetime]'] = "2015-08-10 15:00:00";
// Submit the form
$client->submit($form);
// Follow the redirect
$crawler = $client->followRedirect();
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains("Opptak")')->count());
// Team user who is assigned the interview
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'idaan', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/kontrollpanel/intervju/settopp/6');
// Assert that the page response status code is 200
$this->assertEquals(200, $client->getResponse()->getStatusCode());
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h3:contains("Sett opp intervju")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("Assistent")')->count());
$this->assertEquals(1, $crawler->filter('td:contains("Johansen")')->count());
// Find the form
$form = $crawler->selectButton('Lagre tidspunkt')->form();
// Fill in the form
$form['scheduleInterview[datetime]'] = "2015-08-10 15:00:00";
// Submit the form
$client->submit($form);
// Follow the redirect
$crawler = $client->followRedirect();
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains("Opptak")')->count());
// Team user who is not assigned the interview
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'team', 'PHP_AUTH_PW' => '1234'));
$client->request('GET', '/kontrollpanel/intervju/settopp/6');
// Assert that the page response status code is 403 access denied
$this->assertEquals(403, $client->getResponse()->getStatusCode());
// Assistant user
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'assistent', 'PHP_AUTH_PW' => '1234'));
$client->request('GET', '/kontrollpanel/intervju/settopp/6');
// Assert that the page response status code is 403 access denied
$this->assertEquals(403, $client->getResponse()->getStatusCode());
restoreDatabase();
}
function admin_dispatchAction($action)
{
if ($action == 'general') {
showInterface('admin/general.php');
} elseif ($action == 'adminSave') {
admin_saveSettings('admin/general.php');
} elseif ($action == 'vendor') {
showInterface('admin/vendor.php');
} elseif ($action == 'vendorSave') {
admin_saveSettings('admin/vendor.php');
} elseif ($action == 'phpinfo') {
disableInDemoMode('', 'admin/general.php');
phpinfo();
print "<h2>get_loaded_extensions()</h2>\n" . implode("<br/>\n", get_loaded_extensions()) . "\n";
if (function_exists('apache_get_modules')) {
print "<h2>apache_get_modules()</h2>\n" . implode("<br/>\n", apache_get_modules()) . "\n";
}
print "<h2>get_defined_constants()</h2>\n<xmp>" . print_r(get_defined_constants(), true) . "</xmp>\n";
//
$mbInfo = mb_get_info();
ksort($mbInfo);
print "<h2>mb_get_info()</h2>\n<xmp>" . print_r($mbInfo, true) . "</xmp>\n";
exit;
} elseif ($action == 'ulimit') {
disableInDemoMode('', 'admin/general.php');
print "<h2>Soft Resource Limits (ulimit -a -S)</h2>\n";
list($maxCpuSeconds, $memoryLimitKbytes, $maxProcessLimit, $ulimitOutput) = getUlimitValues('soft');
showme($ulimitOutput);
print "<h2>Hard Resource Limits (ulimit -a -H)</h2>\n";
list($maxCpuSeconds, $memoryLimitKbytes, $maxProcessLimit, $ulimitOutput) = getUlimitValues('soft');
showme($ulimitOutput);
exit;
} elseif ($action == 'updateDate') {
getAjaxDate();
} elseif ($action == 'getUploadPathPreview') {
getUploadPathPreview(@$_REQUEST['dirOrUrl'], @$_REQUEST['inputValue'], @$_REQUEST['isCustomField'], true);
} elseif ($action == 'plugins') {
// allow disabling plugins
if (file_exists("{$GLOBALS['PROGRAM_DIR']}/plugins/_disable_all_plugins.txt")) {
alert('Development Mode: Plugins are disabled. Remove or rename /plugins/_disable_all_plugins.txt to enable.<br/>');
} else {
}
showInterface('admin/plugins.php');
} elseif ($action == 'pluginHooks') {
showInterface('admin/pluginHooks.php');
} elseif ($action == 'deactivatePlugin') {
security_dieUnlessPostForm();
security_dieUnlessInternalReferer();
security_dieOnInvalidCsrfToken();
disableInDemoMode('plugins', 'admin/plugins.php');
deactivatePlugin(@$_REQUEST['file']);
redirectBrowserToURL('?menu=admin&action=plugins', true);
exit;
} elseif ($action == 'activatePlugin') {
security_dieUnlessPostForm();
security_dieUnlessInternalReferer();
security_dieOnInvalidCsrfToken();
disableInDemoMode('plugins', 'admin/plugins.php');
activatePlugin(@$_REQUEST['file']);
redirectBrowserToURL('?menu=admin&action=plugins', true);
exit;
} elseif ($action == 'backup') {
security_dieUnlessPostForm();
security_dieUnlessInternalReferer();
security_dieOnInvalidCsrfToken();
disableInDemoMode('', 'admin/general.php');
$filename = backupDatabase(null, @$_REQUEST['backupTable']);
notice(sprintf(t('Created backup file %1$s (%2$s seconds)'), $filename, showExecuteSeconds(true)));
showInterface('admin/general.php');
exit;
} elseif ($action == 'restore') {
security_dieUnlessPostForm();
security_dieUnlessInternalReferer();
security_dieOnInvalidCsrfToken();
disableInDemoMode('', 'admin/general.php');
$filename = @$_REQUEST['file'];
restoreDatabase(DATA_DIR . '/backups/' . $filename);
notice("Restored backup file /data/backups/{$filename}");
makeAllUploadRecordsRelative();
showInterface('admin/general.php');
exit;
} elseif ($action == 'bgtasksLogsClear') {
security_dieUnlessPostForm();
security_dieUnlessInternalReferer();
security_dieOnInvalidCsrfToken();
disableInDemoMode('', 'admin/general.php');
mysql_delete('_cron_log', null, 'true');
notice(t("Background Task logs have been cleared."));
showInterface('admin/general.php');
exit;
} else {
showInterface('admin/general.php');
}
}
public function testEditProfileInformation()
{
$client = static::createClient(array(), array('PHP_AUTH_USER' => 'petjo', 'PHP_AUTH_PW' => '1234'));
$crawler = $client->request('GET', '/profil/rediger');
// Assert that we have the correct page
$this->assertEquals(1, $crawler->filter('h1:contains(" Redigerer profil ")')->count());
// Assert that we have the correct user
$this->assertEquals(1, $crawler->filter('p:contains("Petter Johansen")')->count());
$form = $crawler->selectButton('Lagre')->form();
// Change the value of a field
$form['editUser[firstName]'] = 'Petter';
$form['editUser[lastName]'] = 'Johansen';
$form['editUser[phone]'] = '22211133';
$form['editUser[email]'] = '*****@*****.**';
$form['editUser[fieldOfStudy]']->select(2);
// submit the form
$crawler = $client->submit($form);
// Assert a specific 302 status code
$this->assertEquals(302, $client->getResponse()->getStatusCode());
// Follow the redirect
$crawler = $client->followRedirect();
// Assert that we have the correct profile user
$this->assertContains('Petter Johansen', $client->getResponse()->getContent());
$this->assertContains('*****@*****.**', $client->getResponse()->getContent());
// Assert that we have the correct user level, department, and field of study
$this->assertContains('NTNU', $client->getResponse()->getContent());
$this->assertContains('MIDT', $client->getResponse()->getContent());
// Check the count for the different parameters
$this->assertEquals(1, $crawler->filter('html:contains("MIDT")')->count());
$this->assertEquals(1, $crawler->filter('html:contains("*****@*****.**")')->count());
// Assert a specific 200 status code
$this->assertEquals(200, $client->getResponse()->getStatusCode());
restoreDatabase();
}
function createMissingSchemaTablesAndFields()
{
global $APP, $TABLE_PREFIX;
$schemaTables = getSchemaTables();
$mysqlTables = getMysqlTablesWithPrefix();
// create missing schema tables in mysql
foreach ($schemaTables as $tableName) {
// create mysql table
$mysqlTableName = $TABLE_PREFIX . $tableName;
if (!in_array($mysqlTableName, $mysqlTables)) {
notice(t("Creating MySQL table for schema table: ") . $tableName . "<br/>\n");
$result = mysql_query("CREATE TABLE `" . mysql_escape($mysqlTableName) . "` (num int(10) unsigned NOT NULL auto_increment, PRIMARY KEY (num)) ENGINE=MyISAM DEFAULT CHARSET=utf8;");
if (!$result) {
alert(sprintf("Error creating MySQL table: %s<br/>\\MySQL error was: ", $mysqlTableName) . htmlencode(mysql_error()) . "\n");
}
if (is_resource($result)) {
mysql_free_result($result);
}
// run defaultSqlData if applicable
$defaultSqlFile = DATA_DIR . "/schema/{$tableName}.defaultSqlData.php";
if (file_exists($defaultSqlFile)) {
restoreDatabase($defaultSqlFile, $tableName);
notice(t("Importing default data for schema table: ") . $tableName . "<br/>\n");
}
}
// get schema fieldnames
$schemaFieldnames = array();
$tableSchema = loadSchema($tableName);
foreach ($tableSchema as $name => $valueOrArray) {
if (is_array($valueOrArray)) {
array_push($schemaFieldnames, $name);
}
// only fields has arrays as values
}
// get mysql fieldnames
$mysqlFieldnames = array();
$result = mysql_query("SHOW COLUMNS FROM `" . mysql_escape($mysqlTableName) . "`") or die("MySQL Error: " . htmlencode(mysql_error()) . "\n");
while ($row = mysql_fetch_assoc($result)) {
array_push($mysqlFieldnames, strtolower($row['Field']));
}
if (is_resource($result)) {
mysql_free_result($result);
}
// add missing fieldnames to mysql
$addFieldSQL = '';
foreach ($schemaFieldnames as $fieldname) {
if (!in_array(strtolower($fieldname), $mysqlFieldnames)) {
$columnType = getColumnTypeFor($fieldname, @$tableSchema[$fieldname]['type'], @$tableSchema[$fieldname]['customColumnType']);
if (!$columnType) {
continue;
}
if ($addFieldSQL) {
$addFieldSQL .= ", ";
}
$addFieldSQL .= " ADD COLUMN `" . mysql_escape($fieldname) . "` {$columnType}";
// add index?
if (@$tableSchema[$fieldname]['indexed']) {
list($indexName, $indexColList) = getIndexNameAndColumnListForField($fieldname, $columnType);
$addFieldSQL .= ", ADD INDEX `{$indexName}` {$indexColList}";
}
}
}
if ($addFieldSQL) {
mysql_query("ALTER TABLE `" . mysql_escape($mysqlTableName) . "` {$addFieldSQL}") or die("Error adding fields to '{$mysqlTableName}', the error was:\n\n" . htmlencode(mysql_error()));
notice(t("Adding MySQL fields for schema table:") . " {$tableName}<br/>\n");
}
}
}
