public function testArea()
{
$areas = array('create', 'credits', 'dashboard', 'edit', 'manage', 'media', 'settings');
foreach ($areas as $area) {
$this->assertTrue(ae_Security::isValidArea($area));
}
$this->assertFalse(ae_Security::isValidArea('created'));
$this->assertFalse(ae_Security::isValidArea(''));
$this->assertFalse(ae_Security::isValidArea(TRUE));
$this->assertFalse(ae_Security::isValidArea(NULL));
$subAreasManage = array('category', 'comment', 'media', 'page', 'post', 'user');
foreach ($subAreasManage as $area) {
$this->assertTrue(ae_Security::isValidSubArea('manage', $area));
}
$this->assertFalse(ae_Security::isValidSubArea('manage', 'created'));
$this->assertFalse(ae_Security::isValidSubArea('media', 'created'));
$this->assertFalse(ae_Security::isValidSubArea('media', ''));
$this->assertFalse(ae_Security::isValidSubArea('media', TRUE));
$this->assertFalse(ae_Security::isValidSubArea('media', NULL));
}
<?php
require_once '../../core/autoload.php';
require_once '../../core/config.php';
if (!ae_Security::isLoggedIn()) {
header('Location: ../index.php?error=not_logged_in');
exit;
}
if (!isset($_POST['area']) || !ae_Security::isValidSubArea('create', $_POST['area'])) {
header('Location: ../admin.php?error=unknown_create_area');
exit;
}
if (isset($_POST['edit-id']) && !ae_Validate::id($_POST['edit-id'])) {
header('Location: ../admin.php?area=manage&' . $_POST['area'] . '&error=invalid_edit_id');
exit;
}
/**
* Create the category.
* @return {int} ID of the new category.
*/
function createCategory()
{
if (!isset($_POST['category-title'], $_POST['category-parent'], $_POST['category-permalink'])) {
header('Location: ../admin.php?error=missing_data_for_category');
exit;
}
$permalink = trim($_POST['category-permalink']);
$category = new ae_CategoryModel();
if (isset($_POST['edit-id'])) {
$category->setId($_POST['edit-id']);
}
