From a31c230f229c9e28438c221a6e585e7b8bf1cda6 Mon Sep 17 00:00:00 2001
From: Bernhard Posselt <nukeawhale@gmail.com>
Date: Mon, 29 Oct 2012 21:22:25 +0100
Subject: [PATCH] added tests for p and print_unescaped

---
 tests/lib/template.php | 67 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 tests/lib/template.php

diff --git a/tests/lib/template.php b/tests/lib/template.php
new file mode 100644
index 0000000000..27feec13d0
--- /dev/null
+++ b/tests/lib/template.php
@@ -0,0 +1,67 @@
+<?php
+/**
+* ownCloud
+*
+* @author Bernhard Posselt
+* @copyright 2012 Bernhard Posselt nukeawhale@gmail.com
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Affero General Public
+* License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+require_once("lib/template.php");
+
+class Test_TemplateFunctions extends UnitTestCase {
+
+	public function testP(){
+		// FIXME: do we need more testcases?
+		$htmlString = "<script>alert('xss');</script>";
+		ob_start();
+		p($htmlString);
+		$result = ob_get_clean();
+
+		$this->assertEqual($result, "&lt;script&gt;alert(&#039;xss&#039;);&lt;/script&gt;");
+
+		ob_end_clean();
+		$normalString = "This is a good string!";
+		ob_start();
+		p($normalString);
+		$result = ob_get_clean();
+
+		$this->assertEqual($result, "This is a good string!");
+
+	}
+
+
+	public function testPrintUnescaped(){
+		$htmlString = "<script>alert('xss');</script>";
+
+		ob_start();
+		print_unescaped($htmlString);
+		$result = ob_get_clean();
+
+		$this->assertEqual($result, $htmlString);
+
+		ob_end_clean();
+		$normalString = "This is a good string!";
+		ob_start();
+		p($normalString);
+		$result = ob_get_clean();
+
+		$this->assertEqual($result, "This is a good string!");
+
+	}
+
+
+}
\ No newline at end of file