adding travis and scrutinizer yaml configs

adding empty codeception tests

Author: delboy1978uk

.scrutinizer.yml

@@ -0,0 +1,9 @@
+tools:
+    external_code_coverage: true
+checks:
+    php:
+        code_rating: true
+        duplication: true
+filter:
+    paths:
+        - src/*

.travis.yml

@@ -0,0 +1,41 @@
+language: php
+
+php:
+  - 5.4
+  - 5.5
+  - 5.6
+  - hhvm
+
+matrix:
+  allow_failures:
+    - php: hhvm
+
+branches:
+  except:
+    - gh-pages
+
+
+
+install:
+  - wget http://selenium-release.storage.googleapis.com/2.42/selenium-server-standalone-2.42.2.jar
+  - composer global require "fxp/composer-asset-plugin:1.0.0-beta2"
+  - composer install
+
+
+before_script:
+  - sudo chmod 777 /etc/hosts
+  - echo 127.0.0.1 mining > /etc/hosts
+  - export DISPLAY=:99.0
+  - sh -e /etc/init.d/xvfb start
+  - sleep 5
+  - java -jar selenium-server-standalone-2.42.2.jar -port 4444 &
+  - "mysql -e 'create database mpos;'"
+  - echo "USE mysql;\nUPDATE user SET password=PASSWORD('mining') WHERE user='travis';\nFLUSH PRIVILEGES;\n" | mysql -u root
+  - nohup php -S bone:8000 public/index.php &
+
+script:
+  - php vendor/bin/codecept run  --coverage-xml --env travis
+
+after_script:
+  - wget https://scrutinizer-ci.com/ocular.phar
+  - php ocular.phar code-coverage:upload --format=php-clover tests/_output/coverage.xml

tests/unit/SecurityCSRFTokenTest.php

@@ -0,0 +1,58 @@
+<?php
+
+use Codeception\Util\Stub;
+
+class SecurityCSRFTokenTest extends \Codeception\TestCase\Test
+{
+    public function _before()
+    {
+
+    }
+
+    public function _after()
+    {
+
+    }
+
+
+    /**
+     * Tests if a CSRF token succeeds for a matching user and type
+     */
+    public function testCSRFToken_success() {
+//        global $config;
+//        global $user;
+//        global $csrftoken;
+//
+//        // no delay
+//        // TODO: simulate delay without a sleep ? test length
+//        $created_token = $csrftoken->getBasic($user->getCurrentIP(), 'test-token');
+//        $test_token = $csrftoken->checkBasic($user->getCurrentIP(), 'test-token', $created_token);
+//        $this->assertTrue($test_token);
+    }
+
+    /**
+     * Tests if a CSRF token correctly fails
+     */
+    public function testCSRFToken_fail() {
+//        global $config;
+//        global $user;
+//        global $csrftoken;
+//
+//        // differing user
+//        $created_token = $csrftoken->getBasic('not the same', 'test-token');
+//        $test_token = $csrftoken->checkBasic($user->getCurrentIP(), 'test-token', $created_token);
+//        $this->assertFalse($test_token);
+//
+//        // differing type
+//        $created_token2 = $csrftoken->getBasic($user->getCurrentIP(), 'not the same');
+//        $test_token2 = $csrftoken->checkBasic($user->getCurrentIP(), 'test-token', $created_token2);
+//        $this->assertFalse($test_token2);
+//
+//        // token slightly shortened
+//        $created_token3 = $csrftoken->getBasic($user->getCurrentIP(), 'test-token');
+//        $created_token3 = substr($created_token3, 0, (strlen($created_token3)-1));
+//        $test_token3 = $csrftoken->checkBasic($user->getCurrentIP(), 'test-token', $created_token3);
+//        $this->assertFalse($test_token3);
+    }
+}
+

tests/unit/SecuritySessionsTest.php

@@ -0,0 +1,32 @@
+<?php
+
+class Security_Sessions extends \Codeception\TestCase\Test
+{
+    /**
+     * Tests if our current session checking will throw errors or take a malformed id
+     */
+    public function testSessions_destruction_malformed_id()
+    {
+//        global $config;
+//
+//        $malformed_ids = array(
+//            "",
+//            "'",
+//            "9881o1ke7ia4k5*p1k28e6utg0"
+//        );
+//
+//        foreach ($malformed_ids as $mid) {
+//            session_set_cookie_params(time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);
+//            $session_start = @session_start();
+//            if (!$session_start) {
+//                session_destroy();
+//                session_regenerate_id(true);
+//                session_start();
+//            }
+//            @setcookie(session_name(), session_id(), time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);
+//            $this->assertNotEquals($mid, session_id());
+//        }
+    }
+}
+
+?>

tests/unit/SecurityTokensTest.php

@@ -0,0 +1,26 @@
+<?php
+
+class Security_Tokens extends \Codeception\TestCase\Test
+{
+    /**
+     * Tests tokens CRUD
+     */
+    public function testTokens_CRUD()
+    {
+//        global $config;
+//        global $mysqli;
+//        $mysqli = new DBConnection($config);
+//        global $tokentype;
+//        global $oToken;
+//        // grab token types first so we can test them all
+//        $token_types = $tokentype->getAll();
+//
+//        foreach ($token_types as $tt)
+//        {
+//            // create
+//            $create_token = $oToken->createToken($tt['name'], 1);
+//            $this->assertStringMatchesFormat('%x', $create_token);
+//            $this->assertGreaterThan(16, strlen($create_token));
+//        }
+    }
+}