_markup = Zend_Markup::factory('bbcode', 'html');
}
/**
* Tears down the fixture
* This method is called after a test is executed.
*
* @return void
*/
public function tearDown()
{
unset($this->_markup);
}
/**
* Test for basic tags
*
* @return void
*/
public function testBasicTags()
{
$this->assertEquals('foobar', $this->_markup->render('[b]foo[/b]bar'));
$this->assertEquals('foobarfooba[r',
$this->_markup->render('[b=test file="test"]foo[i hell=nice]bar[/i]foo[/b]ba[r'));
}
/**
* Test the behaviour of complicated tags
*
* @return void
*/
public function testComplicatedTags()
{
$this->assertEquals('http://framework.zend.com/',
$this->_markup->render('[url]http://framework.zend.com/[/url]'));
$this->assertEquals('foo',
$this->_markup->render('[url=http://framework.zend.com/]foo[/url]'));
$this->assertEquals('bar', $this->_markup->render('[url="javascript:alert(1)"]bar[/url]'));
$this->assertEquals('
',
$this->_markup->render('[img]http://framework.zend.com/images/logo.png[/img]'));
$this->assertEquals('',
$this->_markup->render('[img alt="Zend Framework"]http://framework.zend.com/images/logo.png[/img]'));
}
/**
* Test input exceptions
*
* @return void
*/
public function testExceptionParserWrongInputType()
{
$this->setExpectedException('Zend_Markup_Parser_Exception');
$this->_markup->getParser()->parse(array());
}
/**
* Test exception
*
* @return void
*/
public function testExceptionParserEmptyInput()
{
$this->setExpectedException('Zend_Markup_Parser_Exception');
$this->_markup->getParser()->parse('');
}
/**
* Test adding tags
*
* @return void
*/
public function testAddTags()
{
$this->_markup->getPluginLoader()->addPrefixPath(
'Zend_Markup_Test_Renderer_Html',
'Zend/Markup/Test/Renderer/Html'
);
$this->_markup->addMarkup('bar',
Zend_Markup_Renderer_RendererAbstract::TYPE_CALLBACK,
array('group' => 'inline'));
$this->_markup->addMarkup('suppp',
Zend_Markup_Renderer_RendererAbstract::TYPE_REPLACE,
array('start' => '', 'end' => '', 'group' => 'inline'));
$this->_markup->addMarkup('zend',
Zend_Markup_Renderer_RendererAbstract::TYPE_REPLACE,
array('replace' => 'Zend Framework', 'group' => 'inline', 'empty' => true));
$this->_markup->addMarkup('line', Zend_Markup_Renderer_RendererAbstract::TYPE_ALIAS,
array('name' => 'hr'));
$this->assertEquals('[foo=blaat]helltestblaat[/foo]',
$this->_markup->render('[bar="blaat"]hell[suppp]test[/suppp]blaat[/]'));
$this->assertEquals('Zend Framework', $this->_markup->render('[zend]'));
$this->assertEquals('
', $this->_markup->render('[line]'));
$this->assertEquals('test aaptest',
$this->_markup->render('[suppp]test aap[/suppp]test'));
}
public function testHtmlUrlTitleIsRenderedCorrectly()
{
$this->assertEquals(
'test',
$this->_markup->render('[url=http://exampl.com title=foo]test[/url]')
);
}
public function testValueLessAttributeDoesNotThrowNotice()
{
// Notice: Uninitialized string offset: 42
// in Zend/Markup/Parser/Bbcode.php on line 316
$expected = 'Example';
$value = '[url=http://example.com foo]Example[/url]';
$this->assertEquals($expected, $this->_markup->render($value));
}
public function testAttributeNotEndingValueDoesNotThrowNotice()
{
// Notice: Uninitialized string offset: 13
// in Zend/Markup/Parser/Bbcode.php on line 337
$this->_markup->render('[url=http://framework.zend.com/ title="');
}
public function testAttributeFollowingValueDoesNotThrowNotice()
{
// Notice: Uninitialized string offset: 38
// in Zend/Markup/Parser/Bbcode.php on line 337
$this->_markup->render('[url="http://framework.zend.com/"title');
}
public function testHrTagWorks()
{
$this->assertEquals('foo
bar', $this->_markup->render('foo[hr]bar'));
}
public function testFunkyCombos()
{
$expected = 'a[/b][hr]b'
. 'cd[/u]e';
$outcome = $this->_markup->render('[u]a[/b][hr]b[b]c[/u]d[/b][/u]e');
$this->assertEquals($expected, $outcome);
}
public function testImgSrcsConstraints()
{
$this->assertEquals('F/\!ZLrFz',$this->_markup->render('F[img]/\!ZLrFz[/img]'));
}
public function testColorConstraintsAndJs()
{
$input = " i think you mean? [color=\"onclick='foobar();'\"]your text[/color] DASPRiD";
$expected = "<kokx> i think you mean? your text DASPRiD";
$this->assertEquals($expected, $this->_markup->render($input));
}
public function testNeverEndingAttribute()
{
$input = "[color=\"green]your text[/color]";
$expected = 'your text';
$this->assertEquals($expected, $this->_markup->render($input));
}
public function testTreatmentNonTags()
{
$input = '[span][acronym][h1][h2][h3][h4][h5][h6][nothing]'
. '[/h6][/h5][/h4][/h3][/h2][/h1][/acronym][/span]';
$expected = '[nothing]'
. '
';
$this->assertEquals($expected, $this->_markup->render($input));
}
public function testListItems()
{
$input = "[list][*]Foo*bar (item 1)\n[*]Item 2\n[*]Trimmed (Item 3)\n[/list]";
$expected = "- Foo*bar (item 1)
- Item 2
- Trimmed (Item 3)
";
$this->assertEquals($expected, $this->_markup->render($input));
$this->assertEquals('', $this->_markup->render('[list][*]blaat[/*][/list]'));
}
public function testListDisallowingPlaintext()
{
$input = "[list]\ntest[*]Foo[/*]\n[/list]";
$expected = "";
$this->assertEquals($expected, $this->_markup->render($input));
}
public function testFailureAfterCodeTag()
{
$input = "[code][b][/code][list][*]Foo[/*][/list]";
$expected = "\n[b]\n";
$this->assertEquals($expected, $this->_markup->render($input));
}
public function testInvalidationAfterInvalidTag()
{
$input = "[b][list][*]Foo[/*][/list][/b]";
$expected = "[list][*]Foo[/*][/list]";
$this->assertEquals($expected, $this->_markup->render($input));
}
public function testListTypes()
{
$types = array(
'01' => 'decimal-leading-zero',
'1' => 'decimal',
'i' => 'lower-roman',
'I' => 'upper-roman',
'a' => 'lower-alpha',
'A' => 'upper-alpha',
'alpha' => 'lower-greek'
);
foreach ($types as $type => $style) {
$input = "[list={$type}][*]Foobar\n[*]Zend\n[/list]";
$expected = "- Foobar
- Zend
";
$this->assertEquals($expected, $this->_markup->render($input));
}
}
public function testHtmlTags()
{
$m = $this->_markup;
$this->assertEquals('foo', $m->render('[b]foo[/b]'));
$this->assertEquals('foo',
$m->render('[u]foo[/u]'));
$this->assertEquals('foo', $m->render('[i]foo[/i]'));
$this->assertEquals('foo', $m->render('[cite]foo[/cite]'));
$this->assertEquals('foo', $m->render('[del]foo[/del]'));
$this->assertEquals('foo', $m->render('[ins]foo[/ins]'));
$this->assertEquals('foo', $m->render('[sub]foo[/sub]'));
$this->assertEquals('foo', $m->render('[span]foo[/span]'));
$this->assertEquals('foo', $m->render('[acronym]foo[/acronym]'));
$this->assertEquals('F
', $m->render('[h1]F[/h1]'));
$this->assertEquals('R
', $m->render('[h2]R[/h2]'));
$this->assertEquals('E
', $m->render('[h3]E[/h3]'));
$this->assertEquals('E
', $m->render('[h4]E[/h4]'));
$this->assertEquals('A
', $m->render('[h5]A[/h5]'));
$this->assertEquals('Q
', $m->render('[h6]Q[/h6]'));
$this->assertEquals('foo', $m->render('[color=red]foo[/color]'));
$this->assertEquals('foo', $m->render('[color=#00FF00]foo[/color]'));
$expected = '' . "\n"
. '<?php
'
. "exit;\n\n";
$this->assertEquals($expected, $m->render("[code]assertEquals('I
', $m->render('[p]I[/p]'));
$this->assertEquals('N',
$m->render('[ignore]N[/ignore]'));
$this->assertEquals('M
', $m->render('[quote]M[/quote]'));
$this->assertEquals('
foo
bar[/hr]', $m->render('[hr]foo[hr]bar[/hr]'));
}
public function testWrongNesting()
{
$this->assertEquals('foobar',
$this->_markup->render('[b]foo[i]bar[/b][/i]'));
$this->assertEquals('foobarkokx',
$this->_markup->render('[b]foo[i]bar[/b]kokx[/i]'));
}
public function testHtmlAliases()
{
$m = $this->_markup;
$this->assertEquals($m->render('[b]F[/b]'), $m->render('[bold]F[/bold]'));
$this->assertEquals($m->render('[bold]R[/bold]'), $m->render('[strong]R[/strong]'));
$this->assertEquals($m->render('[i]E[/i]'), $m->render('[i]E[/i]'));
$this->assertEquals($m->render('[i]E[/i]'), $m->render('[italic]E[/italic]'));
$this->assertEquals($m->render('[i]A[/i]'), $m->render('[emphasized]A[/emphasized]'));
$this->assertEquals($m->render('[i]Q[/i]'), $m->render('[em]Q[/em]'));
$this->assertEquals($m->render('[u]I[/u]'), $m->render('[underline]I[/underline]'));
$this->assertEquals($m->render('[cite]N[/cite]'), $m->render('[citation]N[/citation]'));
$this->assertEquals($m->render('[del]G[/del]'), $m->render('[deleted]G[/deleted]'));
$this->assertEquals($m->render('[ins]M[/ins]'), $m->render('[insert]M[/insert]'));
$this->assertEquals($m->render('[s]E[/s]'),$m->render('[strike]E[/strike]'));
$this->assertEquals($m->render('[sub]-[/sub]'), $m->render('[subscript]-[/subscript]'));
$this->assertEquals($m->render('[sup]D[/sup]'), $m->render('[superscript]D[/superscript]'));
$this->assertEquals($m->render('[url]google.com[/url]'), $m->render('[a]google.com[/a]'));
$this->assertEquals($m->render('[img]http://google.com/favicon.ico[/img]'),
$m->render('[image]http://google.com/favicon.ico[/image]'));
}
public function testEmptyTagName()
{
$this->assertEquals('[]', $this->_markup->render('[]'));
}
public function testStyleAlignCombination()
{
$m = $this->_markup;
$this->assertEquals('Foobar
',
$m->render('[h1 style="color: green" align=left]Foobar[/h1]'));
$this->assertEquals('Foobar
',
$m->render('[h1 style="color: green;" align=center]Foobar[/h1]'));
}
public function testXssInAttributeValues()
{
$m = $this->_markup;
$this->assertEquals('foobar',
$m->render('[b class=\'">xss\']foobar[/b]'));
}
public function testWrongNestedLists()
{
$m = $this->_markup;
// thanks to PadraicB for finding this
$input = <<render($input);
}
public function testAttributeWithoutValue()
{
$m = $this->_markup;
$this->assertEquals('foobar', $m->render('[b=]foobar[/b]'));
}
public function testRemoveTag()
{
$this->_markup->removeMarkup('b');
$this->assertEquals('[b]bar[/b]', $this->_markup->render('[b]bar[/b]'));
}
public function testClearTags()
{
$this->_markup->clearMarkups();
$this->assertEquals('[i]foo[/i]', $this->_markup->render('[i]foo[/i]'));
}
public function testAddFilters()
{
$m = $this->_markup;
$m->addDefaultFilter(new Zend_Filter_StringToUpper());
$this->assertEquals('HELLO', $m->render('[b]hello[/b]'));
}
public function testProvideFilterChainToTag()
{
$m = $this->_markup;
$filter = new Zend_Filter_HtmlEntities();
$this->_markup->addMarkup('suppp',
Zend_Markup_Renderer_RendererAbstract::TYPE_REPLACE,
array('start' => '', 'end' => '', 'group' => 'inline', 'filter' => $filter));
$this->assertEquals("filter
\nfilter\n&\nfilter",
$m->render("filter\n[suppp]filter\n&\nfilter[/suppp]"));
}
public function testSetFilterForExistingMarkup()
{
$m = $this->_markup;
$filter = new Zend_Filter_StringToUpper();
$m->setFilter($filter, 'strong');
$this->assertEquals('FOO&BARbaz', $m->render('[b]foo&bar[/b]baz'));
}
public function testAddFilterForExistingMarkup()
{
$m = $this->_markup;
$filter = new Zend_Filter_StringToUpper();
$m->addFilter($filter, 'i', Zend_Filter::CHAIN_PREPEND);
$this->assertEquals('FOO&BARbaz', $m->render('[i]foo&bar[/i]baz'));
}
public function testValidUri()
{
$this->assertTrue(Zend_Markup_Renderer_Html::isValidUri("http://www.example.com"));
$this->assertTrue(!Zend_Markup_Renderer_Html::isValidUri("www.example.com"));
$this->assertTrue(!Zend_Markup_Renderer_Html::isValidUri("http:///test"));
$this->assertTrue(Zend_Markup_Renderer_Html::isValidUri("https://www.example.com"));
$this->assertTrue(Zend_Markup_Renderer_Html::isValidUri("magnet:?xt=urn:bitprint:XZBS763P4HBFYVEMU5OXQ44XK32OMLIN.HGX3CO3BVF5AG2G34MVO3OHQLRSUF4VJXQNLQ7A &xt=urn:ed2khash:aa52fb210465bddd679d6853b491ccce&"));
$this->assertTrue(!Zend_Markup_Renderer_Html::isValidUri("javascript:alert(1)"));
}
public function testXssInImgAndUrl()
{
$this->assertEquals('...',
$this->_markup->render('[url=\'http://google.com/"\']...[/url]'));
$this->assertEquals('![/script>](http://google.com/"<script>alert(1)</script>)
',
$this->_markup->render('[img]http://google.com/"[/img]'));
}
public function testAddGroup()
{
$m = $this->_markup;
$m->addGroup('table', array('block'));
$m->addGroup('table-row', array('table'));
$m->addGroup('table-cell', array('table-row'), array('inline', 'inline-empty'));
$m->addMarkup(
'table',
Zend_Markup_Renderer_RendererAbstract::TYPE_REPLACE,
array(
'tag' => 'table',
'group' => 'table'
)
);
$m->addMarkup(
'tr',
Zend_Markup_Renderer_RendererAbstract::TYPE_REPLACE,
array(
'tag' => 'tr',
'group' => 'table-row'
)
);
$m->addMarkup(
'td',
Zend_Markup_Renderer_RendererAbstract::TYPE_REPLACE,
array(
'tag' => 'td',
'group' => 'table-cell'
)
);
$this->assertEquals('',
$m->render('[table][tr][td]test[/td][/tr][/table]'));
}
/**
* Test for ZF-9220
*/
public function testUrlMatchCorrectly()
{
$m = $this->_markup;
$this->assertEquals('testtest',
$m->render('[url="http://framework.zend.com/"]test[/url][url="http://framework.zend.com/"]test[/url]'));
}
/**
* Test for ZF-9463
*/
public function testNoXssInH()
{
$m = $this->_markup;
$this->assertEquals('<script>alert("hi");</script>
',
$m->render('[h1][/h1]'));
}
}
// Call Zend_Markup_BbcodeAndHtmlTest::main()
// if this source file is executed directly.
if (PHPUnit_MAIN_METHOD == "Zend_Markup_BbcodeAndHtmlTest::main") {
Zend_Markup_BbcodeAndHtmlTest::main();
}