mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-19 16:01:33 +01:00
QUAL Add phpunit test to avoid a bad code sequence
This commit is contained in:
Laurent Destailleur
@@ -999,7 +999,7 @@ if (empty($reshook)) {
|
|||||||
} elseif ($value == 'taux' || $value == 'localtax1') {
|
} elseif ($value == 'taux' || $value == 'localtax1') {
|
||||||
$_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z
|
$_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z
|
||||||
} elseif ($value == 'entity') {
|
} elseif ($value == 'entity') {
|
||||||
$_POST[$keycode] = getEntity($tablename);
|
$_POST[$keycode] = (int) getEntity($tablename, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($i) {
|
if ($i) {
|
||||||
@@ -1068,7 +1068,7 @@ if (empty($reshook)) {
|
|||||||
} elseif ($field == 'taux' || $field == 'localtax1') {
|
} elseif ($field == 'taux' || $field == 'localtax1') {
|
||||||
$_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z
|
$_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z
|
||||||
} elseif ($field == 'entity') {
|
} elseif ($field == 'entity') {
|
||||||
$_POST[$keycode] = getEntity($tablename);
|
$_POST[$keycode] = (int) getEntity($tablename, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($i) {
|
if ($i) {
|
||||||
@@ -1585,7 +1585,7 @@ if ($id > 0) {
|
|||||||
$tdsoffields = '<tr class="liste_titre">';
|
$tdsoffields = '<tr class="liste_titre">';
|
||||||
foreach ($fieldlist as $field => $value) {
|
foreach ($fieldlist as $field => $value) {
|
||||||
if ($value == 'entity') {
|
if ($value == 'entity') {
|
||||||
$withentity = getEntity($tabname[$id]);
|
$withentity = (int) getEntity($tabname[$id], 0);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1107,12 +1107,12 @@ class BonPrelevement extends CommonObject
|
|||||||
$error = 0;
|
$error = 0;
|
||||||
// Pre-store some values into variables to simplify following sql requests
|
// Pre-store some values into variables to simplify following sql requests
|
||||||
if ($sourcetype != 'salary') {
|
if ($sourcetype != 'salary') {
|
||||||
$entities = $type != 'bank-transfer' ? getEntity('invoice') : getEntity('supplier_invoice');
|
$entities = $type != 'bank-transfer' ? getEntity('invoice', 1) : getEntity('supplier_invoice', 1); // Return alist of entities
|
||||||
$sqlTable = $type != 'bank-transfer' ? "facture" : "facture_fourn";
|
$sqlTable = $type != 'bank-transfer' ? "facture" : "facture_fourn";
|
||||||
$socOrUser = 'fk_soc';
|
$socOrUser = 'fk_soc';
|
||||||
$societeOrUser = 'societe';
|
$societeOrUser = 'societe';
|
||||||
} else {
|
} else {
|
||||||
$entities = getEntity('salary');
|
$entities = getEntity('salary', 1); // Return a list of entities
|
||||||
$sqlTable = 'salary';
|
$sqlTable = 'salary';
|
||||||
$socOrUser = 'fk_user';
|
$socOrUser = 'fk_user';
|
||||||
$societeOrUser = 'user';
|
$societeOrUser = 'user';
|
||||||
|
|||||||
@@ -51,7 +51,7 @@ class Contracts extends DolibarrApi
|
|||||||
*/
|
*/
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
global $db, $conf;
|
global $db;
|
||||||
$this->db = $db;
|
$this->db = $db;
|
||||||
$this->contract = new Contrat($this->db);
|
$this->contract = new Contrat($this->db);
|
||||||
}
|
}
|
||||||
@@ -232,6 +232,8 @@ class Contracts extends DolibarrApi
|
|||||||
*/
|
*/
|
||||||
public function post($request_data = null)
|
public function post($request_data = null)
|
||||||
{
|
{
|
||||||
|
global $conf;
|
||||||
|
|
||||||
if (!DolibarrApiAccess::$user->hasRight('contrat', 'creer')) {
|
if (!DolibarrApiAccess::$user->hasRight('contrat', 'creer')) {
|
||||||
throw new RestException(403, "Insufficient rights");
|
throw new RestException(403, "Insufficient rights");
|
||||||
}
|
}
|
||||||
@@ -247,7 +249,7 @@ class Contracts extends DolibarrApi
|
|||||||
if ($field == 'id') {
|
if ($field == 'id') {
|
||||||
throw new RestException(400, 'Creating with id field is forbidden');
|
throw new RestException(400, 'Creating with id field is forbidden');
|
||||||
}
|
}
|
||||||
if ($field == 'entity' && $value != getEntity('contrat')) {
|
if ($field == 'entity' && $value != $conf->entity) {
|
||||||
throw new RestException(403, 'Creating entity not the same as your API user is forbidden');
|
throw new RestException(403, 'Creating entity not the same as your API user is forbidden');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -154,6 +154,8 @@ class Dolresource extends CommonObject
|
|||||||
*/
|
*/
|
||||||
public function create(User $user, int $no_trigger = 0)
|
public function create(User $user, int $no_trigger = 0)
|
||||||
{
|
{
|
||||||
|
global $conf;
|
||||||
|
|
||||||
$error = 0;
|
$error = 0;
|
||||||
$this->date_creation = dol_now();
|
$this->date_creation = dol_now();
|
||||||
|
|
||||||
@@ -200,7 +202,7 @@ class Dolresource extends CommonObject
|
|||||||
$sql .= "datec, ";
|
$sql .= "datec, ";
|
||||||
$sql .= "fk_user_author ";
|
$sql .= "fk_user_author ";
|
||||||
$sql .= ") VALUES (";
|
$sql .= ") VALUES (";
|
||||||
$sql .= getEntity('resource') . ", ";
|
$sql .= (int) (empty($this->entity) ? $conf->entity : $this->entity) . ", ";
|
||||||
foreach ($new_resource_values as $value) {
|
foreach ($new_resource_values as $value) {
|
||||||
$sql .= " " . (!empty($value) ? "'" . $this->db->escape($value) . "'" : 'NULL') . ",";
|
$sql .= " " . (!empty($value) ? "'" . $this->db->escape($value) . "'" : 'NULL') . ",";
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -260,7 +260,7 @@ class CodingPhpTest extends CommonClassTest
|
|||||||
//exit;
|
//exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check for unauthorised vardumps
|
// Check for unauthorised var_dumps
|
||||||
if (!preg_match('/test\/phpunit/', $file['fullname'])) {
|
if (!preg_match('/test\/phpunit/', $file['fullname'])) {
|
||||||
$this->verifyNoActiveVardump($filecontent, $report_filepath);
|
$this->verifyNoActiveVardump($filecontent, $report_filepath);
|
||||||
}
|
}
|
||||||
@@ -632,6 +632,15 @@ class CodingPhpTest extends CommonClassTest
|
|||||||
}
|
}
|
||||||
$this->assertTrue($ok, 'Found a preg_grep with a param that is a $var but without preg_quote in file '.$file['relativename'].'.');
|
$this->assertTrue($ok, 'Found a preg_grep with a param that is a $var but without preg_quote in file '.$file['relativename'].'.');
|
||||||
|
|
||||||
|
// Test we don't have preg_grep with a param without preg_quote
|
||||||
|
$ok = true;
|
||||||
|
$matches = array();
|
||||||
|
preg_match_all('/= getEntity\(["\'a-z]*\)/', $filecontent, $matches, PREG_SET_ORDER);
|
||||||
|
foreach ($matches as $key => $val) {
|
||||||
|
$ok = false;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
$this->assertTrue($ok, 'Found a sequence "= getEntity(\'...\')" that is not allowed. We should have IN getEntity or = conf->entity in file '.$file['relativename'].'.');
|
||||||
|
|
||||||
// Test we don't have "if ($resql >"
|
// Test we don't have "if ($resql >"
|
||||||
$ok = true;
|
$ok = true;
|
||||||
|
|||||||
Reference in New Issue
Block a user