Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-25 10:51:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix #yogosha15157

Browse Source
This commit is contained in:
Laurent Destailleur
2023-02-25 19:48:33 +01:00
parent ed9db6c9dd
commit cbb6ca071a
58 changed files with 321 additions and 345 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
test/phpunit/FunctionsLibTest.php
View File

@@ -167,6 +167,34 @@ class FunctionsLibTest extends PHPUnit\Framework\TestCase
print __METHOD__."\n";
}
/**
* testDolForgeCriteriaCallback
*
* @return boolean
*/
public function testDolForgeCriteriaCallback()
{
global $conf, $langs;
// An attempt for SQL injection
$filter='if(now()=sysdate()%2Csleep(6)%2C0)';
$sql = forgeSQLFromUniversalSearchCriteria($filter);
$this->assertEquals($sql, '1 = 3');
// A real search string
$filter='(((statut:=:1) or (entity:in:__AAA__)) and (abc:<:2.0) and (abc:!=:1.23))';
$sql = forgeSQLFromUniversalSearchCriteria($filter);
$this->assertEquals($sql, ' AND (((statut = 1 or entity IN (__AAA__)) and abc < 2 and abc = 1.23))');
$filter="(t.ref:like:'SO-%') or (t.date_creation:<:'20160101') or (t.date_creation:<:'2016-01-01 12:30:00') or (t.nature:is:NULL)";
$sql = forgeSQLFromUniversalSearchCriteria($filter);
$this->assertEquals($sql, " AND (t.ref LIKE 'SO-%' or t.date_creation < '20160101' or t.date_creation < 0 or t.nature IS NULL)");
return true;
}
/**
* testDolClone
*