Chad Whitacre 864b1de015 Close potential security hole ...

This used to read User.query.filter_by(session_token=token), but that
generates "session_token is NULL" when token is None, and we need
"session_token = NULL", or else we will match arbitrary users(!).
This is a bit of WTF from SQLAlchemy here, IMO: it dangerously opts for
idiomatic Python over idiomatic SQL. We fell prey, at least. :-/

2013-02-22 07:12:51 -05:00

..

test_billing_payday.py

Correct imports

2013-02-07 22:46:50 -06:00

test_billing.py

Correct imports

2013-02-07 22:46:50 -06:00

test_elsewhere_github.py

Convert tests/test_elsewhere_github.py to use Harness & TestClient.

2013-02-07 22:39:21 -06:00

test_elsewhere_twitter.py

Convert tests/test_elsewhere_twitter.py to use Harness & TestClient.

2013-02-07 22:39:21 -06:00

test_elsewhere.py

Rather than testing the length of the id, check that it hasn't changed

2013-01-29 19:44:19 -06:00

test_is_suspicious.py

Trim & convert tests/test_is_suspicious.py to use Harness & TestClient.

2013-02-07 22:39:21 -06:00

test_pages.py

Replace ’ with '; #624

2013-02-12 06:50:34 -05:00

test_participant_id_json.py

Add test suite for participant_id.json; #482

2013-01-25 20:54:51 -05:00

test_participant_model.py

Make initial signin friendlier; #634

2013-02-12 07:14:55 -05:00

test_participant.py

Convert tests/test_participant.py to use Harness.

2013-02-07 22:42:33 -06:00

test_public_json.py

Add tests for goal key in public.json

2013-02-01 10:46:19 -05:00

test_stats.py

Convert tests/test_stats.py to use Harness & TestClient.

2013-02-07 22:44:10 -06:00

test_suite_intro.py

Note test_suite_intro.py in README (#335)

2012-10-17 10:41:07 -04:00

test_tip_json.py

Convert test_tip_json.py to Harness

2013-01-27 02:29:29 -05:00

test_user.py

Close potential security hole

2013-02-22 07:12:51 -05:00