public function testZeroIssue()
{
testpack("Zero issue");
$toolbox = R::getToolBox();
$redbean = $toolbox->getRedBean();
$adapter = $toolbox->getDatabaseAdapter();
$writer = $toolbox->getWriter();
$pdo = $adapter->getDatabase();
$pdo->Execute("DROP TABLE IF EXISTS `zero`");
$bean = $redbean->dispense("zero");
$bean->zero = FALSE;
$bean->title = "bla";
$redbean->store($bean);
asrt(count($redbean->find("zero", array(), " zero = 0 ")), 1);
R::store(R::dispense('hack'));
testpack("Test RedBean Security - bean interface ");
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
$bean = $redbean->load("page", "13; drop table hack");
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
try {
$bean = $redbean->load("page where 1; drop table hack", 1);
} catch (\Exception $e) {
}
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
$bean = $redbean->dispense("page");
$evil = "; drop table hack";
$bean->id = $evil;
try {
$redbean->store($bean);
} catch (\Exception $e) {
}
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
unset($bean->id);
$bean->name = "\"" . $evil;
try {
$redbean->store($bean);
} catch (\Exception $e) {
}
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
$bean->name = "'" . $evil;
try {
$redbean->store($bean);
} catch (\Exception $e) {
}
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
$bean->{$evil} = 1;
try {
$redbean->store($bean);
} catch (\Exception $e) {
}
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
unset($bean->{$evil});
$bean->id = 1;
$bean->name = "\"" . $evil;
try {
$redbean->store($bean);
} catch (\Exception $e) {
}
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
$bean->name = "'" . $evil;
try {
$redbean->store($bean);
} catch (\Exception $e) {
}
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
$bean->{$evil} = 1;
try {
$redbean->store($bean);
} catch (\Exception $e) {
}
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
try {
$redbean->trash($bean);
} catch (\Exception $e) {
}
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
try {
$redbean->find("::", array(), "");
} catch (\Exception $e) {
pass();
}
$adapter->exec("drop table if exists sometable");
testpack("Test RedBean Security - query writer");
try {
$writer->createTable("sometable` ( `id` INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT , PRIMARY KEY ( `id` ) ) ENGINE = InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci ; drop table hack; --");
} catch (\Exception $e) {
}
asrt(in_array("hack", $adapter->getCol("show tables")), TRUE);
testpack("Test ANSI92 issue in clearrelations");
$pdo->Execute("DROP TABLE IF EXISTS book_group");
$pdo->Execute("DROP TABLE IF EXISTS author_book");
$pdo->Execute("DROP TABLE IF EXISTS book");
$pdo->Execute("DROP TABLE IF EXISTS author");
$redbean = $toolbox->getRedBean();
$a = new AssociationManager($toolbox);
$book = $redbean->dispense("book");
$author1 = $redbean->dispense("author");
$author2 = $redbean->dispense("author");
$book->title = "My First Post";
$author1->name = "Derek";
$author2->name = "Whoever";
set1toNAssoc($a, $book, $author1);
set1toNAssoc($a, $book, $author2);
pass();
$pdo->Execute("DROP TABLE IF EXISTS book_group");
$pdo->Execute("DROP TABLE IF EXISTS book_author");
$pdo->Execute("DROP TABLE IF EXISTS author_book");
$pdo->Execute("DROP TABLE IF EXISTS book");
$pdo->Execute("DROP TABLE IF EXISTS author");
$redbean = $toolbox->getRedBean();
$a = new AssociationManager($toolbox);
$book = $redbean->dispense("book");
$author1 = $redbean->dispense("author");
$author2 = $redbean->dispense("author");
$book->title = "My First Post";
$author1->name = "Derek";
$author2->name = "Whoever";
$a->associate($book, $author1);
$a->associate($book, $author2);
pass();
testpack("Test Association Issue Group keyword (Issues 9 and 10)");
$pdo->Execute("DROP TABLE IF EXISTS `book_group`");
$pdo->Execute("DROP TABLE IF EXISTS `group`");
$group = $redbean->dispense("group");
$group->name = "mygroup";
$redbean->store($group);
try {
$a->associate($group, $book);
pass();
} catch (SQL $e) {
fail();
}
// Test issue SQL error 23000
try {
$a->associate($group, $book);
pass();
} catch (SQL $e) {
fail();
}
asrt((int) $adapter->getCell("select count(*) from book_group"), 1);
//just 1 rec!
$pdo->Execute("DROP TABLE IF EXISTS book_group");
$pdo->Execute("DROP TABLE IF EXISTS author_book");
$pdo->Execute("DROP TABLE IF EXISTS book");
$pdo->Execute("DROP TABLE IF EXISTS author");
$redbean = $toolbox->getRedBean();
$a = new AssociationManager($toolbox);
$book = $redbean->dispense("book");
$author1 = $redbean->dispense("author");
$author2 = $redbean->dispense("author");
$book->title = "My First Post";
$author1->name = "Derek";
$author2->name = "Whoever";
$a->unassociate($book, $author1);
$a->unassociate($book, $author2);
pass();
$redbean->trash($redbean->dispense("bla"));
pass();
$bean = $redbean->dispense("bla");
$bean->name = 1;
$bean->id = 2;
$redbean->trash($bean);
pass();
}