diff --git a/lib/zerobin.php b/lib/zerobin.php index 51de2dee..9bef7c6d 100644 --- a/lib/zerobin.php +++ b/lib/zerobin.php @@ -103,7 +103,7 @@ class zerobin } // in case stupid admin has left magic_quotes enabled in php.ini - if (get_magic_quotes_gpc()) + if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) { $_POST = array_map('filter::stripslashes_deep', $_POST); $_GET = array_map('filter::stripslashes_deep', $_GET); diff --git a/tst/request.php b/tst/request.php new file mode 100644 index 00000000..6db43c33 --- /dev/null +++ b/tst/request.php @@ -0,0 +1,105 @@ +reset(); + $_SERVER['REQUEST_METHOD'] = 'GET'; + $request = new request; + $this->assertFalse($request->isJsonApiCall(), 'is HTML call'); + $this->assertEquals('view', $request->getOperation()); + } + + public function testRead() + { + $this->reset(); + $_SERVER['REQUEST_METHOD'] = 'GET'; + $_SERVER['QUERY_STRING'] = 'foo'; + $request = new request; + $this->assertFalse($request->isJsonApiCall(), 'is HTML call'); + $this->assertEquals('foo', $request->getParam('pasteid')); + $this->assertEquals('read', $request->getOperation()); + } + + public function testDelete() + { + $this->reset(); + $_SERVER['REQUEST_METHOD'] = 'GET'; + $_GET['pasteid'] = 'foo'; + $_GET['deletetoken'] = 'bar'; + $request = new request; + $this->assertFalse($request->isJsonApiCall(), 'is HTML call'); + $this->assertEquals('delete', $request->getOperation()); + $this->assertEquals('foo', $request->getParam('pasteid')); + $this->assertEquals('bar', $request->getParam('deletetoken')); + } + + public function testApiCreate() + { + $this->reset(); + $_SERVER['REQUEST_METHOD'] = 'PUT'; + $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; + $_POST['data'] = 'foo'; + $request = new request; + $this->assertTrue($request->isJsonApiCall(), 'is JSON Api call'); + $this->assertEquals('create', $request->getOperation()); + $this->assertEquals('foo', $request->getParam('data')); + } + + public function testApiCreateAlternative() + { + $this->reset(); + $_SERVER['REQUEST_METHOD'] = 'POST'; + $_SERVER['HTTP_ACCEPT'] = 'application/json, text/javascript, */*; q=0.01'; + $_POST['attachment'] = 'foo'; + $request = new request; + $this->assertTrue($request->isJsonApiCall(), 'is JSON Api call'); + $this->assertEquals('create', $request->getOperation()); + $this->assertEquals('foo', $request->getParam('attachment')); + } + + public function testApiRead() + { + $this->reset(); + $_SERVER['REQUEST_METHOD'] = 'GET'; + $_SERVER['HTTP_ACCEPT'] = 'application/json, text/javascript, */*; q=0.01'; + $_SERVER['QUERY_STRING'] = 'foo'; + $request = new request; + $this->assertTrue($request->isJsonApiCall(), 'is JSON Api call'); + $this->assertEquals('foo', $request->getParam('pasteid')); + $this->assertEquals('read', $request->getOperation()); + } + + public function testApiDelete() + { + $this->reset(); + $_SERVER['REQUEST_METHOD'] = 'DELETE'; + $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; + $_GET['pasteid'] = 'foo'; + $_GET['deletetoken'] = 'bar'; + $request = new request; + $this->assertTrue($request->isJsonApiCall(), 'is JSON Api call'); + $this->assertEquals('delete', $request->getOperation()); + $this->assertEquals('foo', $request->getParam('pasteid')); + $this->assertEquals('bar', $request->getParam('deletetoken')); + } +} \ No newline at end of file