From 4e217cb6cee94c5aaf69cd45a33ec2339be2eeb0 Mon Sep 17 00:00:00 2001
From: Sveneld <sveneld300@gmail.com>
Date: Sun, 24 Mar 2024 22:36:28 +0100
Subject: [PATCH] fix sms log

---
 src/Sms/SmsSender.php       |   1 +
 tests/Sms/SmsSenderTest.php | 130 ++++++++++++++++++++++++++----------
 2 files changed, 94 insertions(+), 37 deletions(-)

diff --git a/src/Sms/SmsSender.php b/src/Sms/SmsSender.php
index 626b1a1..c691840 100644
--- a/src/Sms/SmsSender.php
+++ b/src/Sms/SmsSender.php
@@ -43,6 +43,7 @@ public function send($number, $message)
 
     private function log($number, $message)
     {
+        $message = $this->db->escape($message);
         $this->db->query("INSERT INTO sent SET number='$number', text='$message'");
         $this->db->commit();
     }
diff --git a/tests/Sms/SmsSenderTest.php b/tests/Sms/SmsSenderTest.php
index f7d8817..e0db86b 100644
--- a/tests/Sms/SmsSenderTest.php
+++ b/tests/Sms/SmsSenderTest.php
@@ -25,52 +25,108 @@ protected function tearDown()
         );
     }
 
-    public function testSendShort()
-    {
-        $number = '123456789';
-        $message = 'Hello, World!';
+    /**
+     * @dataProvider sendDataProvider
+     */
+    public function testSend(
+        $number,
+        $message,
+        $smsConnectorCallParams,
+        $dbEscapeCallParams,
+        $dbEscapeCallResult,
+        $dbCallParams
+    ) {
         $this->smsConnector
-            ->expects($this->once())
+            ->expects($this->exactly(count($smsConnectorCallParams)))
             ->method('send')
-            ->with($number, $message);
+            ->withConsecutive(...$smsConnectorCallParams);
+        $this->db
+            ->expects($this->exactly(count($dbEscapeCallParams)))
+            ->method('escape')
+            ->withConsecutive(...$dbEscapeCallParams)
+            ->willReturnOnConsecutiveCalls(...$dbEscapeCallResult);
         $this->db
-            ->expects($this->once())
+            ->expects($this->exactly(count($dbCallParams)))
             ->method('query')
-            ->with("INSERT INTO sent SET number='$number', text='$message'");
+            ->withConsecutive(...$dbCallParams);
         $this->db
-            ->expects($this->once())
+            ->expects($this->exactly(count($dbCallParams)))
             ->method('commit');
+
         $this->smsSender->send($number, $message);
     }
 
-
-    public function testSendBig()
+    public function sendDataProvider()
     {
-        $number = '123456789';
-        // @codingStandardsIgnoreStart
-        $message = 'Hello, World! Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nulla nec purus euismod mi fermentum sollicitudin. Vivamus euismod, tellus ac euismod       ultricies, justo risus luctus ipsum, quis condimentum orci lacus id tellus. Sed ut ultrices mi. Nullam id orci ut mauris tincidunt tincidunt. ';
-        // @codingStandardsIgnoreEnd
-        $this->smsConnector
-            ->expects($this->exactly(2))
-            ->method('send')
-            ->withConsecutive(
-                // @codingStandardsIgnoreStart
-                [$number, 'Hello, World! Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nulla nec purus euismod mi fermentum sollicitudin. Vivamus euismod, tellus ac euismod'],
-                [$number, 'ultricies, justo risus luctus ipsum, quis condimentum orci lacus id tellus. Sed ut ultrices mi. Nullam id orci ut mauris tincidunt tincidunt.']
-                // @codingStandardsIgnoreEnd
-            );
-        $this->db
-            ->expects($this->exactly(2))
-            ->method('query')
-            ->withConsecutive(
-                // @codingStandardsIgnoreStart
-                ["INSERT INTO sent SET number='$number', text='Hello, World! Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nulla nec purus euismod mi fermentum sollicitudin. Vivamus euismod, tellus ac euismod'"],
-                ["INSERT INTO sent SET number='$number', text='ultricies, justo risus luctus ipsum, quis condimentum orci lacus id tellus. Sed ut ultrices mi. Nullam id orci ut mauris tincidunt tincidunt.'"]
-                // @codingStandardsIgnoreEnd
-            );
-        $this->db
-            ->expects($this->exactly(2))
-            ->method('commit');
-        $this->smsSender->send($number, $message);
+        yield 'short message' => [
+            'number' => '123456789',
+            'message' => 'Hello, World!',
+            'smsConnectorCallParams' => [
+                ['123456789', 'Hello, World!']
+            ],
+            'dbEscapeCallParams' => [['Hello, World!']],
+            'dbEscapeCallResult' => ['Hello, World!'],
+            'dbCallParams' => [
+                ["INSERT INTO sent SET number='123456789', text='Hello, World!'"]
+            ]
+        ];
+        yield 'encoded message' => [
+            'number' => '123456789',
+            'message' => 'Hello, "World"!',
+            'smsConnectorCallParams' => [
+                ['123456789', 'Hello, "World"!']
+            ],
+            'dbEscapeCallParams' => [['Hello, "World"!']],
+            'dbEscapeCallResult' => ['Hello, \"World\"!'],
+            'dbCallParams' => [
+                ["INSERT INTO sent SET number='123456789', text='Hello, \\\"World\\\"!'"]
+            ]
+        ];
+        yield 'long message' => [
+            'number' => '123456789',
+            'message' => 'Hello, World! Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nulla nec purus '
+                . 'euismod mi fermentum sollicitudin. Vivamus euismod, tellus ac euismod       ultricies, justo risus '
+                . 'luctus ipsum, quis condimentum orci lacus id tellus. Sed ut ultrices mi. Nullam id orci ut '
+                . 'mauris tincidunt tincidunt. ',
+            'smsConnectorCallParams' => [
+                [
+                    '123456789',
+                    'Hello, World! Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nulla nec purus '
+                    . 'euismod mi fermentum sollicitudin. Vivamus euismod, tellus ac euismod'
+                ],
+                [
+                    '123456789',
+                    'ultricies, justo risus luctus ipsum, quis condimentum orci lacus id tellus. Sed ut ultrices mi. '
+                    . 'Nullam id orci ut mauris tincidunt tincidunt.'
+                ]
+            ],
+            'dbEscapeCallParams' => [
+                [
+                    'Hello, World! Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nulla nec purus '
+                    . 'euismod mi fermentum sollicitudin. Vivamus euismod, tellus ac euismod'
+                ],
+                [
+                    'ultricies, justo risus luctus ipsum, quis condimentum orci lacus id tellus. Sed ut ultrices mi. '
+                    . 'Nullam id orci ut mauris tincidunt tincidunt.'
+                ]
+            ],
+            'dbEscapeCallResult' => [
+                'Hello, World! Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nulla nec purus '
+                . 'euismod mi fermentum sollicitudin. Vivamus euismod, tellus ac euismod',
+                'ultricies, justo risus luctus ipsum, quis condimentum orci lacus id tellus. Sed ut ultrices mi. '
+                . 'Nullam id orci ut mauris tincidunt tincidunt.'
+            ],
+            'dbCallParams' => [
+                [
+                    "INSERT INTO sent SET number='123456789', text='Hello, World! Lorem ipsum dolor sit amet, "
+                    . "consectetur adipiscing elit. Nulla nec purus euismod mi fermentum sollicitudin. "
+                    . "Vivamus euismod, tellus ac euismod'"],
+                [
+                    "INSERT INTO sent SET number='123456789', text='ultricies, justo risus luctus ipsum, quis "
+                    . "condimentum orci lacus id tellus. Sed ut ultrices mi. Nullam id orci ut mauris "
+                    . "tincidunt tincidunt.'"
+                ]
+            ]
+        ];
     }
 }