Browse Source

Protect IPs in public moderation logs.

As reported, IPv6 addresses were not properly hidden in the public
facing moderation logs. This commit filters both IPv4 and IPv6
addresses.

We broke out into a separate function so that it can be tested with
the test suite.

A rudimentary test has been added to test the newly added
protect_ip($entry) function.
pull/40/head
Dedushka 2 years ago
parent
commit
6d43a7f62b
No known key found for this signature in database GPG Key ID: DC969A6BA7657A70
  1. 1182
      inc/mod/pages.php
  2. 32
      tests/ProtectIPTest.php

1182
inc/mod/pages.php

File diff suppressed because it is too large

32
tests/ProtectIPTest.php

@ -0,0 +1,32 @@
<?php
use PHPUnit\Framework\TestCase;
ob_start();
define('TINYBOARD', true);
require_once "inc/mod/pages.php";
ob_end_clean();
// This is probably best done with property testing library, but let's
// wait add another dependency
final class ProtectIPTest extends TestCase
{
public function testProtectsIpv4Address(){
$expected = 'Some ban message: xxxx';
// Random IP, hope it's not yours
$input = 'Some ban message: <a href="?/IP/33.57.252.246">33.57.252.246</a>';
$output = protect_ip($input);
$this->assertEquals($output, $expected);
}
public function testProtectsIpv6Address(){
$expected = 'Some ban message: xxxx';
// Random IP, hope it's not yours
$input = 'Some ban message: <a href="?/IP/5e85:f252:9baf:2131:8984:6ab2:3db0:fa48">5e85:f252:9baf:2131:8984:6ab2:3db0:fa48</a>';
$output = protect_ip($input);
$this->assertEquals($output, $expected);
}
}
Loading…
Cancel
Save