From 529636f95f825ccb2ace2c0798688c4f83df3d5a Mon Sep 17 00:00:00 2001
From: SATO Kentaro <kentaro@ranvis.com>
Date: Sat, 17 Mar 2012 16:04:33 +0900
Subject: [PATCH] #517 Fix rule parameter sub-pattern check.

---
 CHANGELOG                               |  1 +
 framework/web/CUrlManager.php           |  2 +-
 tests/TestHttpRequest.php               | 29 +++++++++
 tests/framework/web/CUrlManagerTest.php | 28 ---------
 tests/framework/web/CUrlRuleTest.php    | 80 +++++++++++++++++++++++++
 5 files changed, 111 insertions(+), 29 deletions(-)
 create mode 100644 tests/TestHttpRequest.php
 create mode 100644 tests/framework/web/CUrlRuleTest.php

diff --git a/CHANGELOG b/CHANGELOG
index 92254eb73..efa0b2b0e 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -11,6 +11,7 @@ Version 1.1.11 work in progress
 - Bug #417: CAttributeCollections::mergeWith() does not take into account the caseSensitive (dmtrs)
 - Bug #433: Fixed the bug that Gii model name input autocomplete was not working sometimes (mdomba)
 - Bug #454: Removed translation on CDbConnection exception as it was creating an endless loop if the application used CDbCache (mdomba)
+- Bug #517: Rule parameter sub-patterns are not checked correctly (ranvis)
 - Enh #136: Added ability to select database connection in Gii model generator (samdark)
 - Enh #165: Allow CCacheDependency to be reusable across multiple cache calls (phpnode)
 - Enh #171: Added support for PUT and DELETE request tunneled through POST via parameter named _method in POST body (musterknabe)
diff --git a/framework/web/CUrlManager.php b/framework/web/CUrlManager.php
index 4c28ff841..0b05f06d3 100644
--- a/framework/web/CUrlManager.php
+++ b/framework/web/CUrlManager.php
@@ -750,7 +750,7 @@ class CUrlRule extends CBaseUrlRule
 		{
 			foreach($this->params as $key=>$value)
 			{
-				if(!preg_match('/'.$value.'/'.$case,$params[$key]))
+				if(!preg_match('/\A'.$value.'\z/'.$case,$params[$key]))
 					return false;
 			}
 		}
diff --git a/tests/TestHttpRequest.php b/tests/TestHttpRequest.php
new file mode 100644
index 000000000..054448ff5
--- /dev/null
+++ b/tests/TestHttpRequest.php
@@ -0,0 +1,29 @@
+<?php
+
+Yii::import('system.web.CHttpRequest');
+
+class TestHttpRequest extends CHttpRequest
+{
+	private $myPathInfo;
+	private $myScriptUrl;
+
+	public function getScriptUrl()
+	{
+		return $this->myScriptUrl;
+	}
+
+	public function setScriptUrl($value)
+	{
+		$this->myScriptUrl=$value;
+	}
+
+	public function getPathInfo()
+	{
+		return $this->myPathInfo;
+	}
+
+	public function setPathInfo($value)
+	{
+		$this->myPathInfo=$value;
+	}
+}
diff --git a/tests/framework/web/CUrlManagerTest.php b/tests/framework/web/CUrlManagerTest.php
index 42f8cb3a4..5bb52189a 100644
--- a/tests/framework/web/CUrlManagerTest.php
+++ b/tests/framework/web/CUrlManagerTest.php
@@ -1,34 +1,6 @@
 <?php
 
 Yii::import('system.web.CUrlManager');
-Yii::import('system.web.CHttpRequest');
-
-class TestHttpRequest extends CHttpRequest
-{
-	private $myPathInfo;
-	private $myScriptUrl;
-
-	public function getScriptUrl()
-	{
-		return $this->myScriptUrl;
-	}
-
-	public function setScriptUrl($value)
-	{
-		$this->myScriptUrl=$value;
-	}
-
-	public function getPathInfo()
-	{
-		return $this->myPathInfo;
-	}
-
-	public function setPathInfo($value)
-	{
-		$this->myPathInfo=$value;
-	}
-}
-
 
 class CUrlManagerTest extends CTestCase
 {
diff --git a/tests/framework/web/CUrlRuleTest.php b/tests/framework/web/CUrlRuleTest.php
new file mode 100644
index 000000000..b4bd8fb50
--- /dev/null
+++ b/tests/framework/web/CUrlRuleTest.php
@@ -0,0 +1,80 @@
+<?php
+
+Yii::import('system.web.CUrlManager');
+
+class CUrlRuleTest extends CTestCase
+{
+	private $app;
+
+	public function setUp()
+	{
+		$config=array(
+			'basePath'=>dirname(__FILE__),
+			'components'=>array(
+				'request'=>array(
+					'class'=>'TestHttpRequest',
+				),
+			),
+		);
+		$_SERVER['HTTP_HOST']='user.example.com';
+		$this->app=new TestApplication($config);
+	}
+
+	public function testParseUrlMatchValue()
+	{
+		$rules=array(
+			array(
+				'route'=>'article/read',
+				'pattern'=>'article/<id:\d+>',
+				'scriptUrl'=>'/apps/index.php',
+				'entries'=>array(
+					array(
+						'route'=>'article/read',
+						'params'=>array(
+							'id'=>'123',
+							'name1'=>'value1',
+						),
+						'url'=>'article/123?name1=value1',
+					),
+					array(
+						'route'=>'article/read',
+						'params'=>array(
+							'id'=>'abc',
+							'name1'=>'value1',
+						),
+						'url'=>false,
+					),
+					array(
+						'route'=>'article/read',
+						'params'=>array(
+							'id'=>"123\n",
+							'name1'=>'value1',
+						),
+						'url'=>false,
+					),
+					array(
+						'route'=>'article/read',
+						'params'=>array(
+							'id'=>'0x1',
+							'name1'=>'value1',
+						),
+						'url'=>false,
+					),
+				),
+			),
+		);
+		$um=new CUrlManager;
+		foreach($rules as $rule)
+		{
+			$this->app->request->baseUrl=null; // reset so that it can be determined based on scriptUrl
+			$this->app->request->scriptUrl=$rule['scriptUrl'];
+			$ur=new CUrlRule($rule['route'],$rule['pattern']);
+			$ur->matchValue=true;
+			foreach($rule['entries'] as $entry)
+			{
+				$url=$ur->createUrl($um,$entry['route'],$entry['params'],'&');
+				$this->assertEquals($entry['url'],$url);
+			}
+		}
+	}
+}