cakephp2-php8/cake/tests/cases/libs/session.test.php
phpnut 11d295eb0c Fixes #3507 Session Security.level "high", session destroyed on media 404.
Added ability to turn off HTTP_USER_AGENT check in a Controller::beforeFilter(),
Added id() to Session helper and component to return current Session id, the component accepts a $id parameter to force setting the Session id which must be called in a Controller::beforeFilter().
Sessions id are not longer renewed if a request is from Ajax, or from requestAction();
When Security.level (1.2) or CAKE_SECURITY (1.1) is set the 'high' renewing of Session id only happens if request is 2 seconds after the last request.
Added $_Session[Config][timeout] which forces renewing Session if request are within the 2 second limit and over 10 request.
If an application is expected to make multiple request (more than 10) to the server in a single proccess, Configure::write('Security.level', 'medium'); (1.2) or $this->Session->security = 'medium'; (1.1) should be used in a beforeFilter for the specific methods.
1.2 Sessions allow using CacheEngines to store Sessions, be aware that using memory caching as the only storage of Sessions is not reliable. Further work will be done to allow using the CacheEngines with database Sessions, etc.

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5982 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-11-12 01:36:20 +00:00

111 lines
No EOL
3.5 KiB
PHP

<?php
/* SVN FILE: $Id$ */
/**
* Short description for file.
*
* Long description for file
*
* PHP versions 4 and 5
*
* CakePHP(tm) Tests <https://trac.cakephp.org/wiki/Developement/TestSuite>
* Copyright 2005-2007, Cake Software Foundation, Inc.
* 1785 E. Sahara Avenue, Suite 490-204
* Las Vegas, Nevada 89104
*
* Licensed under The Open Group Test Suite License
* Redistributions of files must retain the above copyright notice.
*
* @filesource
* @copyright Copyright 2005-2007, Cake Software Foundation, Inc.
* @link https://trac.cakephp.org/wiki/Developement/TestSuite CakePHP(tm) Tests
* @package cake.tests
* @subpackage cake.tests.cases.libs
* @since CakePHP(tm) v 1.2.0.4206
* @version $Revision$
* @modifiedby $LastChangedBy$
* @lastmodified $Date$
* @license http://www.opensource.org/licenses/opengroup.php The Open Group Test Suite License
*/
uses('session');
/**
* Short description for class.
*
* @package cake.tests
* @subpackage cake.tests.cases.libs
*/
class SessionTest extends UnitTestCase {
function setUp() {
restore_error_handler();
@$this->Session =& new CakeSession();
$this->Session->start();
$this->Session->_checkValid();
set_error_handler('simpleTestErrorHandler');
}
function testCheck() {
$this->Session->write('SessionTestCase', 'value');
$this->assertTrue($this->Session->check('SessionTestCase'));
$this->assertFalse($this->Session->check('NotExistingSessionTestCase'), false);
}
function testCheckingSavedEmpty() {
$this->assertTrue($this->Session->write('SessionTestCase', 0));
$this->assertTrue($this->Session->check('SessionTestCase'));
$this->assertTrue($this->Session->write('SessionTestCase', '0'));
$this->assertTrue($this->Session->check('SessionTestCase'));
$this->assertTrue($this->Session->write('SessionTestCase', false));
$this->assertTrue($this->Session->check('SessionTestCase'));
$this->assertTrue($this->Session->write('SessionTestCase', null));
$this->assertFalse($this->Session->check('SessionTestCase'));
}
function testCheckKeyWithSpaces() {
$this->assertTrue($this->Session->write('Session Test', "test"));
$this->assertEqual($this->Session->check('Session Test'), 'test');
$this->Session->del('Session Test');
$this->assertTrue($this->Session->write('Session Test.Test Case', "test"));
$this->assertTrue($this->Session->check('Session Test.Test Case'));
}
function testReadingSavedEmpty() {
$this->Session->write('SessionTestCase', 0);
$this->assertEqual($this->Session->read('SessionTestCase'), 0);
$this->Session->write('SessionTestCase', '0');
$this->assertEqual($this->Session->read('SessionTestCase'), '0');
$this->assertFalse($this->Session->read('SessionTestCase') === 0);
$this->Session->write('SessionTestCase', false);
$this->assertFalse($this->Session->read('SessionTestCase'));
$this->Session->write('SessionTestCase', null);
$this->assertEqual($this->Session->read('SessionTestCase'), null);
}
function testCheckUserAgentFalse() {
Configure::write('Session.checkAgent', false);
$this->Session->_userAgent = md5('http://randomdomainname.com' . Configure::read('Security.salt'));
$this->assertTrue($this->Session->valid());
}
function testCheckUserAgentTrue() {
Configure::write('Session.checkAgent', true);
$this->Session->_userAgent = md5('http://randomdomainname.com' . Configure::read('Security.salt'));
$this->assertFalse($this->Session->valid());
}
function tearDown() {
$this->Session->del('SessionTestCase');
unset($this->Session);
}
}
?>