public function testXSSInsideFuncCall()
{
$taintDephense = new Taint();
$runResult = $taintDephense->run($this->program2->parseTree);
$this->assertEquals(1, count($runResult));
$taint = $this->getVariableTaint($this->program2->parseTree[2]->var);
$this->assertEquals(Taint\Annotation::TAINTED, $taint);
}
public function testSQLInjectionInFunctionCallSanitisation()
{
$taintDephense = new Taint();
$runResult = $taintDephense->run($this->program1->parseTree);
$this->assertEquals(0, count($runResult));
$taint = $this->getVariableTaint($this->program1->parseTree[2]->var);
$this->assertEquals(Taint\Annotation::TAINTED, $taint);
}
public function testIfElse()
{
$taintDephense = new Taint();
$taintDephense->run($this->program2->parseTree);
$taint1 = $this->getVariableTaint($this->program2->parseTree[2]->var);
$this->assertEquals(Taint\Annotation::SAFE, $taint1);
$taint2 = $this->getVariableTaint($this->program2->parseTree[4]->var);
$this->assertEquals(Taint\Annotation::TAINTED, $taint2);
}
