function SessionTestCase::testHashedSessionIdsOptOut

Test opt-out of hashing of session ids in the database.

File

modules/simpletest/tests/session.test, line 282

Provides SimpleTests for core session handling functionality.

Class

SessionTestCase

@file Provides SimpleTests for core session handling functionality.

Code

function testHashedSessionIdsOptOut() {
  variable_set('do_not_hash_session_ids', TRUE);
  $user = $this
    ->drupalCreateUser(array(
    'access content',
  ));
  $this
    ->drupalLogin($user);
  $this
    ->drupalGet('session-test/is-logged-in');
  $this
    ->assertResponse(200, 'User is logged in.');
  $this
    ->drupalGet('session-test/id');
  $matches = array();
  preg_match('/\\s*session_id:(.*)\\n/', $this
    ->drupalGetContent(), $matches);
  $this
    ->assertTrue(!empty($matches[1]), 'Found session ID after logging in.');
  $session_id = $matches[1];
  $this
    ->drupalGet('session-test/id-from-cookie');
  $matches = array();
  preg_match('/\\s*session_id:(.*)\\n/', $this
    ->drupalGetContent(), $matches);
  $this
    ->assertTrue(!empty($matches[1]), 'Found session ID from cookie.');
  $cookie_session_id = $matches[1];
  $this
    ->assertEqual($session_id, $cookie_session_id, 'Session id and cookie session id are the same.');
  $sql = 'SELECT s.sid FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE u.uid = :uid';
  $db_session = db_query($sql, array(
    ':uid' => $user->uid,
  ))
    ->fetchObject();
  $this
    ->assertEqual($db_session->sid, $cookie_session_id, 'Session id in the database is the same as in the session cookie.');
  $this
    ->assertNotEqual($db_session->sid, drupal_hash_base64($cookie_session_id), 'Session id in the database is not the cookie session id hashed.');
}