Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-07 16:41:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '13.0' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source 
Conflicts:
	htdocs/compta/facture/card.php
	htdocs/core/class/html.formmail.class.php
	htdocs/core/lib/product.lib.php
	htdocs/product/stock/productlot_card.php
	test/phpunit/SecurityTest.php
This commit is contained in:
Laurent Destailleur
2021-02-26 12:53:06 +01:00
parent 00d2d28d68 9ebf5c2be1
commit f5406d487b
13 changed files with 62 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
test/phpunit/SecurityTest.php
View File

@@ -315,6 +315,7 @@ class SecurityTest extends PHPUnit\Framework\TestCase
$_POST["param9"]='is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : \'objnotdefined\'';
$_POST["param10"]='is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : \'<abc>objnotdefined\'';
$_POST["param11"]=' Name <email@email.com> ';
$_POST["param12"]='<!DOCTYPE html><html>aaa</html>';
$result=GETPOST('id', 'int'); // Must return nothing
print __METHOD__." result=".$result."\n";
@@ -412,8 +413,12 @@ class SecurityTest extends PHPUnit\Framework\TestCase
print __METHOD__." result=".$result."\n";
$this->assertEquals(trim($_POST["param11"]), $result, 'Test an email string with alphawithlgt');
return $result;
}
$result=GETPOST("param12", 'restricthtml');
print __METHOD__." result=".$result."\n";
$this->assertEquals(trim($_POST["param12"]), $result, 'Test a string with DOCTYPE and restricthtml');
return $result;
}
/**
* testCheckLoginPassEntity