From 7b4ddb9269a230e2dd07c6a8d3211c9a88f4f09f Mon Sep 17 00:00:00 2001 From: Carlos Garcia Gomez Date: Mon, 6 Jun 2022 11:56:23 +0200 Subject: [PATCH] =?UTF-8?q?Escaped=20the=20html=20of=20the=20balance=20fie?= =?UTF-8?q?lds=20before=20any=20other=20tests.=20Also=20added=20the=20corr?= =?UTF-8?q?esponding=20unit=20test.=20------=20Escapado=20el=20html=20de?= =?UTF-8?q?=20los=20campos=20del=20balance=20antes=20de=20cualquier=20otro?= =?UTF-8?q?=20test.=20A=C3=B1adido=20tambi=C3=A9n=20el=20correspondiente?= =?UTF-8?q?=20test=20unitario.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Core/Model/Balance.php | 18 +++-- Test/Core/Model/BalanceTest.php | 73 +++++++++++++++++++++ Test/Core/Model/IdentificadorFiscalTest.php | 2 +- 3 files changed, 85 insertions(+), 8 deletions(-) create mode 100644 Test/Core/Model/BalanceTest.php diff --git a/Core/Model/Balance.php b/Core/Model/Balance.php index 820e53d9e0..d84578430b 100644 --- a/Core/Model/Balance.php +++ b/Core/Model/Balance.php @@ -125,7 +125,17 @@ public static function tableName(): string public function test(): bool { - if (1 !== preg_match('/^[A-Z0-9_\+\.\-]{1,15}$/i', $this->codbalance)) { + // escapamos el html + $this->codbalance = self::toolBox()::utils()::noHtml($this->codbalance); + $this->descripcion1 = self::toolBox()::utils()::noHtml($this->descripcion1); + $this->descripcion2 = self::toolBox()::utils()::noHtml($this->descripcion2); + $this->descripcion3 = self::toolBox()::utils()::noHtml($this->descripcion3); + $this->descripcion4 = self::toolBox()::utils()::noHtml($this->descripcion4); + $this->descripcion4ba = self::toolBox()::utils()::noHtml($this->descripcion4ba); + $this->naturaleza = self::toolBox()::utils()::noHtml($this->naturaleza); + + // comprobamos que tenga un código válido + if (empty($this->codbalance) || 1 !== preg_match('/^[A-Z0-9_\+\.\-]{1,15}$/i', $this->codbalance)) { $this->toolBox()->i18nLog()->error( 'invalid-alphanumeric-code', ['%value%' => $this->codbalance, '%column%' => 'codbalance', '%min%' => '1', '%max%' => '15'] @@ -133,12 +143,6 @@ public function test(): bool return false; } - $utils = $this->toolBox()->utils(); - $this->descripcion1 = $utils->noHtml($this->descripcion1); - $this->descripcion2 = $utils->noHtml($this->descripcion2); - $this->descripcion3 = $utils->noHtml($this->descripcion3); - $this->descripcion4 = $utils->noHtml($this->descripcion4); - $this->descripcion4ba = $utils->noHtml($this->descripcion4ba); return parent::test(); } diff --git a/Test/Core/Model/BalanceTest.php b/Test/Core/Model/BalanceTest.php new file mode 100644 index 0000000000..d9950aae46 --- /dev/null +++ b/Test/Core/Model/BalanceTest.php @@ -0,0 +1,73 @@ + + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program. If not, see . + */ + +namespace FacturaScripts\Test\Core\Model; + +use FacturaScripts\Core\Model\Balance; +use PHPUnit\Framework\TestCase; + +final class BalanceTest extends TestCase +{ + public function testCreate() + { + // creamos un balance + $balance = new Balance(); + $balance->codbalance = 'test'; + $balance->descripcion1 = 'test'; + $balance->naturaleza = 'A'; + $this->assertTrue($balance->save(), 'cant-save-balance'); + + // eliminamos + $this->assertTrue($balance->delete(), 'cant-delete-balance'); + } + + public function testCantCreateEmpty() + { + $balance = new Balance(); + $this->assertFalse($balance->save(), 'cant-save-balance'); + } + + public function testHtmlOnFields() + { + $balance = new Balance(); + $balance->codbalance = ''; + $balance->descripcion1 = ''; + $balance->descripcion2 = ''; + $balance->descripcion3 = ''; + $balance->descripcion4 = ''; + $balance->descripcion4ba = ''; + $balance->naturaleza = ''; + $this->assertFalse($balance->save(), 'cant-save-balance-with-html'); + + // cambiamos el codigo a un codigo válido + $balance->codbalance = 'test'; + $this->assertTrue($balance->save(), 'cant-save-balance-2'); + + // comprobamos que el html se ha escapado + $this->assertEquals('<test>', $balance->descripcion1); + $this->assertEquals('<test>', $balance->descripcion2); + $this->assertEquals('<test>', $balance->descripcion3); + $this->assertEquals('<test>', $balance->descripcion4); + $this->assertEquals('<test>', $balance->descripcion4ba); + $this->assertEquals('<test>', $balance->naturaleza); + + // eliminamos + $this->assertTrue($balance->delete(), 'cant-delete-balance'); + } +} diff --git a/Test/Core/Model/IdentificadorFiscalTest.php b/Test/Core/Model/IdentificadorFiscalTest.php index d37203fcc6..f7cfff130e 100644 --- a/Test/Core/Model/IdentificadorFiscalTest.php +++ b/Test/Core/Model/IdentificadorFiscalTest.php @@ -23,7 +23,7 @@ use FacturaScripts\Test\Core\LogErrorsTrait; use PHPUnit\Framework\TestCase; -class IdentificadorFiscalTest extends TestCase +final class IdentificadorFiscalTest extends TestCase { use LogErrorsTrait;