public function testIfWillFailSanitization() { $code = file_get_contents(__DIR__ . '/layout.php'); // For dev help $t = new Tokenizer($code); $tokens = $t->getTokens(); $funcs = $t->getFunctions(); // Actual test $r = Whitelist::fly()->check($code); $this->assertFalse($r); }
public function check($code) { $list = ['ucfirst' => true, 'lcfirst' => true]; $t = new Tokenizer($code); foreach ($t->getFunctions() as $token) { if (isset($list[$token->value])) { continue; } return false; } return true; }
public function testIfWillProperlyGetVariableNameFunctionCalls() { $code = <<<'CODE' <?php $var(); $_GET['ssss']['wsss'](); $_GET['ssss'][$var](); CODE; $funcs = ['$var', "\$_GET['ssss']['wsss']", "\$_GET['ssss'][\$var]"]; $result = []; $t = new Tokenizer($code); $tokens = $t->getTokens(); foreach ($t->getFunctions() as $token) { $result[] = $token->val(); } sort($funcs); sort($result); $this->assertSame($funcs, $result); }
public function testIfWillFindNextDoubleColonWhiteSpaced() { $code = <<<'CODE' <?php ClassName :: method(); CODE; $t = new Tokenizer($code); $tokens = $t->getTokens(); foreach ($tokens as $token) { if ($token->is(T_DOUBLE_COLON)) { $token = $token->prev(); break; } } $this->assertSame($token->val(), 'ClassName'); // Should be normal token $this->assertInstanceOf(Token::class, $token->next()); $this->assertSame($token->next()->type, T_DOUBLE_COLON); $this->assertTrue($token->next()->is(T_DOUBLE_COLON)); }