Projet

Général

Profil

Révision db2d93dd

Ajouté par Benjamin Luce il y a presque 9 ans

Update to 7.37

Voir les différences:

drupal7/modules/simpletest/tests/session.test
477 477 
    $this->assertResponse(200);
478 478 
  }
479 479 

  		




  
  480
  
    
  /**


  		




  
  481
  
    
   * Tests that empty session IDs do not cause unrelated sessions to load.


  		




  
  482
  
    
   */


  		




  
  483
  
    
  public function testEmptySessionId() {


  		




  
  484
  
    
    global $is_https;


  		




  
  485
  
    

  		




  
  486
  
    
    if ($is_https) {


  		




  
  487
  
    
      $secure_session_name = session_name();


  		




  
  488
  
    
    }


  		




  
  489
  
    
    else {


  		




  
  490
  
    
      $secure_session_name = 'S' . session_name();


  		




  
  491
  
    
    }


  		




  
  492
  
    

  		




  
  493
  
    
    // Enable mixed mode for HTTP and HTTPS.


  		




  
  494
  
    
    variable_set('https', TRUE);


  		




  
  495
  
    

  		




  
  496
  
    
    $admin_user = $this->drupalCreateUser(array('access administration pages'));


  		




  
  497
  
    
    $standard_user = $this->drupalCreateUser(array('access content'));


  		




  
  498
  
    

  		




  
  499
  
    
    // First log in as the admin user on HTTP.


  		




  
  500
  
    
    // We cannot use $this->drupalLogin() here because we need to use the


  		




  
  501
  
    
    // special http.php URLs.


  		




  
  502
  
    
    $edit = array(


  		




  
  503
  
    
      'name' => $admin_user->name,


  		




  
  504
  
    
      'pass' => $admin_user->pass_raw


  		




  
  505
  
    
    );


  		




  
  506
  
    
    $this->drupalGet('user');


  		




  
  507
  
    
    $form = $this->xpath('//form[@id="user-login"]');


  		




  
  508
  
    
    $form[0]['action'] = $this->httpUrl('user');


  		




  
  509
  
    
    $this->drupalPost(NULL, $edit, t('Log in'));


  		




  
  510
  
    

  		




  
  511
  
    
    $this->curlClose();


  		




  
  512
  
    

  		




  
  513
  
    
    // Now start a session for the standard user on HTTPS.


  		




  
  514
  
    
    $edit = array(


  		




  
  515
  
    
      'name' => $standard_user->name,


  		




  
  516
  
    
      'pass' => $standard_user->pass_raw


  		




  
  517
  
    
    );


  		




  
  518
  
    
    $this->drupalGet('user');


  		




  
  519
  
    
    $form = $this->xpath('//form[@id="user-login"]');


  		




  
  520
  
    
    $form[0]['action'] = $this->httpsUrl('user');


  		




  
  521
  
    
    $this->drupalPost(NULL, $edit, t('Log in'));


  		




  
  522
  
    

  		




  
  523
  
    
    // Make the secure session cookie blank.


  		




  
  524
  
    
    curl_setopt($this->curlHandle, CURLOPT_COOKIE, "$secure_session_name=");


  		




  
  525
  
    
    $this->drupalGet($this->httpsUrl('user'));


  		




  
  526
  
    
    $this->assertNoText($admin_user->name, 'User is not logged in as admin');


  		




  
  527
  
    
    $this->assertNoText($standard_user->name, "The user's own name is not displayed because the invalid session cookie has logged them out.");


  		




  
  528
  
    
  }


  		




  
  529
  
    

  		




  480
  530
  
    
  /**


  		




  481
  531
  
    
   * Test that there exists a session with two specific session IDs.


  		




  482
  532
  
    
   *


  		












Formats disponibles :  Unified diff