diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php index 36f29685e29..4130426d806 100644 --- a/test/phpunit/SecurityTest.php +++ b/test/phpunit/SecurityTest.php @@ -187,28 +187,28 @@ class SecurityTest extends PHPUnit\Framework\TestCase print __METHOD__." result=".$result."\n"; $this->assertEquals($result, $_GET["param2"]); - $result=GETPOST("param3", 'alpha'); // Must return '' as there is a forbidden char " + $result=GETPOST("param3", 'alpha'); // Must return string sanitized from char " print __METHOD__." result=".$result."\n"; - $this->assertEquals($result, ''); + $this->assertEquals($result, 'a/b#e(pr)qq-rr\cc'); - $result=GETPOST("param4", 'alpha'); // Must return '' as there is a forbidden char ../ + $result=GETPOST("param4", 'alpha'); // Must return string sanitized from ../ print __METHOD__." result=".$result."\n"; - $this->assertEquals($result, ''); + $this->assertEquals($result, 'dir'); // Test aZ09 - $result=GETPOST("param1", 'aZ09'); // Must return '' as there is a forbidden char ../ + $result=GETPOST("param1", 'aZ09'); print __METHOD__." result=".$result."\n"; $this->assertEquals($result, $_GET["param1"]); - $result=GETPOST("param2", 'aZ09'); // Must return '' as there is a forbidden char ../ + $result=GETPOST("param2", 'aZ09'); // Must return '' as string contains car not in aZ09 definition print __METHOD__." result=".$result."\n"; $this->assertEquals($result, ''); - $result=GETPOST("param3", 'aZ09'); // Must return '' as there is a forbidden char ../ + $result=GETPOST("param3", 'aZ09'); // Must return '' as string contains car not in aZ09 definition print __METHOD__." result=".$result."\n"; $this->assertEquals($result, ''); - $result=GETPOST("param4", 'aZ09'); // Must return '' as there is a forbidden char ../ + $result=GETPOST("param4", 'aZ09'); // Must return '' as string contains car not in aZ09 definition print __METHOD__." result=".$result."\n"; $this->assertEquals($result, '');