Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Merge branch '15.0' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source 
Conflicts:
	htdocs/comm/propal/card.php
This commit is contained in:
Laurent Destailleur
2022-06-29 16:46:27 +02:00
parent 09449ece26 cbaa8b4304
commit 046fa77a5a
3 changed files with 77 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
test/phpunit/SecurityTest.php
View File

@@ -217,9 +217,17 @@ class SecurityTest extends PHPUnit\Framework\TestCase
$result=testSqlAndScriptInject($test, 1);
$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL1b. Should find an attack on GET param and did not.');
$test = '... update ... set ... =';
$result=testSqlAndScriptInject($test, 1);
$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL2a. Should find an attack on GET param and did not.');
$test = 'action=update& ... set ... =';
$result=testSqlAndScriptInject($test, 1);
$this->assertEquals(0, $result, 'Error on testSqlAndScriptInject for SQL2b. Should not find an attack on GET param and did.');
$test = '... union ... selection ';
$result=testSqlAndScriptInject($test, 1);
$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL2. Should find an attack on GET param and did not.');
$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for SQL2c. Should find an attack on GET param and did not.');
$test = 'javascript:';
$result=testSqlAndScriptInject($test, 0);