/** * Includes the Testsuite Header * * @return void * @access public */ function CakePHPTestHeader() { switch (CAKE_TEST_OUTPUT) { case CAKE_TEST_OUTPUT_HTML: ob_start(); if (!class_exists('dispatcher')) { require CAKE . 'dispatcher.php'; } $dispatch = new Dispatcher(); $dispatch->baseUrl(); define('BASE', $dispatch->webroot); $baseUrl = BASE; $characterSet = 'charset=utf-8'; include CAKE_TESTS_LIB . 'header.php'; break; case CAKE_TEST_OUTPUT_TEXT: default: header('content-type: text/plain'); break; } }
/** * Tests that invalid characters cannot be injected into the application base path. * * @return void * @access public */ function testBasePathInjection() { $self = $_SERVER['PHP_SELF']; $_SERVER['PHP_SELF'] = urldecode("/index.php/%22%3E%3Ch1%20onclick=%22alert('xss');%22%3Eheya%3C/h1%3E"); $dispatcher = new Dispatcher(); $result = $dispatcher->baseUrl(); $expected = '/index.php/h1 onclick=alert(xss);heya'; $this->assertEqual($result, $expected); }
function validate($opt, $vmsg = "") { //return ""; switch ($opt) { case "username": return "{required:true, minlength:6, remote: '" . Dispatcher::baseUrl() . "/common_ajax_request/isUniqueUser/', messages:{required:'" . V_USERNAME . "', minlength:'" . V_USERNAME_LENGTH . "', remote: '" . V_USERNAME_ALREDY_EXISTS . "' }}"; case "Password": return "{required:true, minlength:6, messages:{required:'" . V_PASSWORD . "', minlength:'" . V_PASSWORD_LENGTH . "'}}"; case "Office": return "{required:true, messages:{required:'" . V_OFFICE . "'}}"; case "Required": return "{required:true, messages:{required:'This field is required'}}"; case "noMSG": return "{required:true, messages:{required:''}}"; case "Price": return "{required:true, messages:{required:'" . V_PRICE . "'}}"; case "maxLength": return "{maxlength:true, messages:{required:''}}"; case "enddate": return "{enddate:true}"; # COMMON USED # COMMON USED case "Client": return "{required:true, messages:{required:'Client Name is required'}}"; case "Title": return "{required:true, messages:{required:'" . V_TITLE . "'}}"; case "Description": return "{required:true, messages:{required:'Description is required'}}"; case "Client": return "{required:true, messages:{required:'Client is required'}}"; case "Phone": return "{required:true, messages:{required:'Phone number is required'}}"; case "Status": return "{required:true, messages:{required:'" . V_STATUS . "'}}"; case "Name": return "{required:true, messages:{required:'Name is required'}}"; case "FirstName": return "{required:true, messages:{required:'" . V_FIRSTNAME . "'}}"; case "LasttName": return "{required:true, messages:{required:'" . V_LASTNAME . "'}}"; case "Role": return "{required:true, messages:{required:'" . V_ROLE . "'}}"; case "Status": return "{required:true, messages:{required:'" . V_STATUS . "'}}"; case "Rmail": return "{required:true, email:true, messages:{required:'Email is required'}}"; case "OnlyEmail": return "{email:true, messages:{email: '" . EMAIL_VALID . "'}}"; case "Address": return "{required:true, messages:{required:'Address is required'}}"; case "City": return "{required:true, messages:{required:'City is required'}}"; case "Province": return "{required:true, messages:{required:'Province is required'}}"; case "Country": return "{required:true, messages:{required:'Country is required'}}"; case "Sex": return "{required:true, messages:{required:'Sex is required'}}"; case "Type": return "{required:true, messages:{required:'" . V_TYPE . "'}}"; case "Manager": return "{required:true, messages:{required:'Manager is required'}}"; case "Code": return "{required:true, messages:{required:'Code is required'}}"; case "Date": return "{required:true, messages:{required:'" . V_DATE . "'}}"; case "DigitOnly": return "{number: true, messages:{number: '" . V_ONLY_NUMBER . "' }}"; case "OnlyDigit": return "{number: true, messages:{number: '" . V_ONLY_NUMBER . "' }}"; case "URL": return "{url: true, messages:{url: '" . V_URL . "' }}"; case "Image": return "{accept:'jpg|jpeg|png|bmp|gif', messages:{accept:'" . V_IMG_FORMAT . "'}}"; case "SEO_URL": return "{SEO_URL: true, messages:{SEO_URL: '" . V_SEO_URL . "' }}"; case "Broker": return "{required: true, messages:{number: '" . V_BROKER . "' }}"; default: return "{required:true, messages:{required:'" . V_COMMON . "'}}"; } }
/** * Renders a view with information about what caused this Exception. $info['type'] is used to determine what * view inside of views/exceptions/ is used. The default is 'unknown.ctp'. * * @return void * @access public */ function render() { $info = am($this->where(), $this->info); $Controller = new AppController(); $Controller->viewPath = 'exceptions'; $Controller->layout = 'exception'; $Dispatcher = new Dispatcher(); $Controller->base = $Dispatcher->baseUrl(); $Controller->webroot = $Dispatcher->webroot; $isException = true; $Controller->set(compact('info', 'isException')); $Controller->beforeRender(); $View = new View($Controller); $view = @$info['type']; if (!file_exists(VIEWS . 'exceptions' . DS . $view . '.ctp')) { $view = 'unknown'; } header("HTTP/1.0 500 Internal Server Error"); echo $View->render($view); return; }