50 lines
2.0 KiB
PHP
50 lines
2.0 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; under version 2
|
|
* of the License (non-upgradable).
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
*
|
|
* Copyright (c) 2008-2010 (original work) Deutsche Institut für Internationale Pädagogische Forschung (under the project TAO-TRANSFER);
|
|
* 2009-2012 (update and modification) Public Research Centre Henri Tudor (under the project TAO-SUSTAIN & TAO-DEV);
|
|
* 2017 (update and modification) Open Assessment Technologies SA (under the project TAO-PRODUCT);
|
|
*/
|
|
|
|
use oat\generis\model\GenerisRdf;
|
|
use oat\generis\model\OntologyRdfs;
|
|
use oat\generis\test\GenerisPhpUnitTestRunner;
|
|
use Doctrine\DBAL\DBALException;
|
|
|
|
class SqlInjectionTestCase extends GenerisPhpUnitTestRunner
|
|
{
|
|
|
|
public function testInject()
|
|
{
|
|
$generisClass = new core_kernel_classes_Class(GenerisRdf::CLASS_GENERIS_RESOURCE);
|
|
$testClass = $generisClass->createSubClass();
|
|
try {
|
|
$testInstance = $testClass->createInstanceWithProperties([
|
|
OntologyRdfs::RDFS_LABEL => '"hi"'
|
|
]);
|
|
$testInstance->setPropertiesValues([
|
|
OntologyRdfs::RDFS_COMMENT => '"hi"'
|
|
]);
|
|
$this->assertEquals($testInstance->getUniquePropertyValue(new core_kernel_classes_Property(OntologyRdfs::RDFS_LABEL)), "\"hi\"");
|
|
} catch (DBALException $e) {
|
|
$this->fail('SQL Error: ' . $e->getMessage());
|
|
}
|
|
$testInstance->delete();
|
|
$generisClass->delete();
|
|
}
|
|
}
|