Add comprehensive unit tests for Security, UserModel, and Validation utilities

- Implemented SecurityTest to validate token generation, CSRF protection, input sanitization, and rate limiting. - Created UserModelTest to ensure correct database operations for user management, including creation, updating, banning, and fetching active users. - Developed ValidationTest to verify input validation and sanitization for user IDs, nicknames, messages, and API requests. - Introduced Security and Validation utility classes with methods for secure token generation, input sanitization, and comprehensive validation rules.
2025-09-30 21:22:28 -04:00 · 2025-09-30 21:22:28 -04:00 · 41cd7a4fd8
commit 41cd7a4fd8
parent 5692874b10
32 changed files with 5796 additions and 368 deletions
--- a/models/ChatMessageModel.php
+++ b/models/ChatMessageModel.php
@ -0,0 +1,187 @@
+<?php
+/**
+ * Chat Message Model
+ * Handles chat message-related database operations
+ */
+
+class ChatMessageModel
+{
+    private $db;
+
+    public function __construct()
+    {
+        $this->db = Database::getInstance();
+    }
+
+    /**
+     * Create new chat message
+     */
+    public function create($data)
+    {
+        $sql = "INSERT INTO chat_messages
+                (user_id, nickname, message, is_admin, ip_address, time_formatted)
+                VALUES (?, ?, ?, ?, ?, ?)";
+
+        $params = [
+            $data['user_id'],
+            $data['nickname'] ?? 'Anonymous',
+            $data['message'],
+            $data['is_admin'] ?? false,
+            Security::getClientIP(),
+            date('M j, H:i')
+        ];
+
+        return $this->db->insert($sql, $params);
+    }
+
+    /**
+     * Get messages with pagination (newest first, limit count)
+     */
+    public function getRecent($limit = 100, $offset = 0)
+    {
+        return $this->db->fetchAll(
+            "SELECT * FROM chat_messages ORDER BY timestamp DESC LIMIT ? OFFSET ?",
+            [$limit, $offset]
+        );
+    }
+
+    /**
+     * Get messages since specific ID (for incremental updates)
+     */
+    public function getMessagesAfterId($lastId)
+    {
+        return $this->db->fetchAll(
+            "SELECT * FROM chat_messages WHERE id > ? ORDER BY timestamp ASC",
+            [$lastId]
+        );
+    }
+
+    /**
+     * Get messages since specific timestamp
+     */
+    public function getMessagesAfterTimestamp($timestamp)
+    {
+        return $this->db->fetchAll(
+            "SELECT * FROM chat_messages WHERE timestamp > ? ORDER BY timestamp ASC",
+            [$timestamp]
+        );
+    }
+
+    /**
+     * Delete message by ID (admin function)
+     */
+    public function deleteById($messageId)
+    {
+        return $this->db->delete(
+            "DELETE FROM chat_messages WHERE id = ?",
+            [$messageId]
+        );
+    }
+
+    /**
+     * Delete messages by user ID (bulk operation)
+     */
+    public function deleteByUserId($userId)
+    {
+        return $this->db->delete(
+            "DELETE FROM chat_messages WHERE user_id = ?",
+            [$userId]
+        );
+    }
+
+    /**
+     * Clear all chat messages
+     */
+    public function clearAll()
+    {
+        return $this->db->delete("DELETE FROM chat_messages");
+    }
+
+    /**
+     * Get message by ID
+     */
+    public function getById($messageId)
+    {
+        return $this->db->fetch(
+            "SELECT * FROM chat_messages WHERE id = ?",
+            [$messageId]
+        );
+    }
+
+    /**
+     * Get total message count
+     */
+    public function getTotalCount()
+    {
+        return $this->db->fetchColumn("SELECT COUNT(*) FROM chat_messages");
+    }
+
+    /**
+     * Get messages by user ID
+     */
+    public function getByUserId($userId, $limit = 50)
+    {
+        return $this->db->fetchAll(
+            "SELECT * FROM chat_messages WHERE user_id = ? ORDER BY timestamp DESC LIMIT ?",
+            [$userId, $limit]
+        );
+    }
+
+    /**
+     * Search messages by content
+     */
+    public function searchMessages($query, $limit = 50)
+    {
+        $searchTerm = '%' . $query . '%';
+        return $this->db->fetchAll(
+            "SELECT * FROM chat_messages WHERE message LIKE ? ORDER BY timestamp DESC LIMIT ?",
+            [$searchTerm, $limit]
+        );
+    }
+
+    /**
+     * Get message statistics
+     */
+    public function getStats()
+    {
+        $stats = [];
+
+        // Total messages
+        $stats['total_messages'] = $this->db->fetchColumn("SELECT COUNT(*) FROM chat_messages");
+
+        // Messages in last 24 hours
+        $stats['messages_24h'] = $this->db->fetchColumn(
+            "SELECT COUNT(*) FROM chat_messages WHERE timestamp >= datetime('now', '-1 day')"
+        );
+
+        // Messages in last hour
+        $stats['messages_1h'] = $this->db->fetchColumn(
+            "SELECT COUNT(*) FROM chat_messages WHERE timestamp >= datetime('now', '-1 hour')"
+        );
+
+        // Unique users who posted today
+        $stats['active_users_today'] = $this->db->fetchColumn(
+            "SELECT COUNT(DISTINCT user_id) FROM chat_messages WHERE DATE(timestamp) = DATE('now')"
+        );
+
+        // Most active user today
+        $stats['most_active_user'] = $this->db->fetch(
+            "SELECT user_id, COUNT(*) as message_count FROM chat_messages
+             WHERE DATE(timestamp) = DATE('now')
+             GROUP BY user_id
+             ORDER BY message_count DESC LIMIT 1"
+        );
+
+        return $stats;
+    }
+
+    /**
+     * Clean up old messages (older than specified days)
+     */
+    public function cleanupOldMessages($days = 7)
+    {
+        return $this->db->delete(
+            "DELETE FROM chat_messages WHERE timestamp < datetime('now', '-{$days} days')"
+        );
+    }
+}