Monday, March 27, 2017

What is a @dataProvider?

I'm asked about data providers almost every time I introduce a developer to PHPUnit. Once you understand them, they're quite clear, but on first pass they seem to give developers pause.

So what are they? Practically, a data provider is any static method that produces an array of arrays. The outer array defines the iterations of the test loop, while the inner arrays are the arguments to pass to each iteration. Let's look at an example. First, annotate a test method's docblock:

/**
 * @dataProvider provides_foo_and_bar
 */
public function test_frobnicator($foo, $bar) { /* ... */ }

Then define the data provider:

public static function provides_foo_and_bar() {
    return [
        [ 'FOO', 'BAR' ],
        [ 'BAZ', 'QUUX' ],
    ];
}

PHPUnit will call provides_foo_and_bar twice. The first time it will pass test_frobnicator with "FOO" and "BAR". The second time it will call test_frobnicator with "BAZ" and "QUUX". Note that the data provider is both public and static: PHPUnit requires that.

Pro-top: by default, phpunit runs all data sets. But, you can select specific data sets to run easily: phpunit FrobnicateModel.php test_frobnicate#1 runs only one loop, with the 1-index elements "BAZ" and "QUUX".

Thursday, December 15, 2016

Approximating GNU parted in Windows

I partition disks in Linux all the time. But, thanks to disk ghosting, I don't do much partitioning in Windows. When I do need to partition in Windows (like external drives), what do I use? Enter the Windows Disk Management Snap-in, diskmgmt.msc, first available in Windows 98.
If you're familiar with GNU parted, this Windows tool will make perfect sense. You see immediately your list of hard drives, their partitions, and can click on them to delete or resize. Click on free space to partition. There are some limitations, though. For example, you can't delete recovery partitions. For that, you can drop to the Windows command line and run diskpart. This tool is like Linux's fdisk.

Thursday, December 8, 2016

Identifying specific vulnerabilities in WordPress, by version

Exactly how vulnerable is your WordPress version? Ask the good folks over at the WordPress vulnerability database who have not only assembled a vulnerability list by version, but also provided a nice API for querying.

# WordPress 4.4.2 vulnerabilities, by type
$ curl -sS https://wpvulndb.com/api/v2/wordpresses/442 |\
  jq -r '.["4.4.2"]|.["vulnerabilities"]|.[].vuln_type' |\
  sort | uniq -c
      1 BYPASS
      1 CSRF
      1 LFI
      1 SSRF
      1 UNKNOWN
      5 XSS

Wednesday, November 30, 2016

Pasting a remote file into your local clipboard (* mouse not required)

So, I'm updating a configuration file on a remote server (using MobaXterm), and I need to copy the contents into some Trello documentation running in a browser on my local Windows machine.

The old fashioned way to do it is to select it with the mouse (which MobaXterm interprets as copying to my Windows clipboard), then Shift+Insert it into the browser. Well, turns out you can use the command line:

[Bishop@Cygwin]$ ssh user@host "< /path/to/file" | clip

On Windows, clip is a program to read from standard in and put into the Windows clipboard. On Mac OSX, replace clip with pbcopy for the same effect.

You could extend this approach: instead returning the whole file, return the result of a pipe line. Neat. Like magic, no more mouse needed.