Self Test Tips?

Question

Self Test Tips?

Basically, I wonder if anyone has any tips on ensuring that your code is well tested without any help from anyone else in a limited amount of time?

In the past, I could always find someone else to do testing on my code or had a dedicated quality assurance team to go around everything and find all the errors.

I’m usually very careful, but I always find things that I don’t have there, and when I test them, I just don’t see them.

However, in my current work, I was given two PHP web applications for recording in a very limited period of time, and I was told that I need all the testing myself, despite my feedback that this is not a good idea.

I was wondering if anyone else has this problem before and can offer some insight?

I thought it would be nice to write a quick test plan before coding each area, as well as double-check the requirements before testing.

+4

testing

Jai Sep 27 '09 at 10:48

source share

8 answers

There are always limits on how many tests you can do. Within the limitations, you obviously need to build tests. Obviously, you first want to conduct tests for the most important areas (security, possible corruption, data loss, functionality) first.

In addition to the functional specification, you are unlikely to get a lot of help that determines what to test. But you can get automatic help in the form of testing tools. These tools tell you which code you tested, and therefore which code you did NOT test. By checking untested code, you can determine if it is more or less critical and, therefore, more or less deserves the tests to be coded for it before release. Coverage testing tools also tell you about the ratio of test code to general code and its industry best practices to ensure that the ratio is 70% or higher. You can use this data to discuss more time with your boss using a simple tool: "We only have 15% coverage for testing ... will we release it?"

A testing tool that works with PHP can be found here: A semantic design testing tool for testing PHP features

+2

Ira Baxter Sep 28 '09 at 0:22

source share

I think TDD is exactly what you are looking for. Write the tests first, then write the code that passes the tests. You do not need anyone else but you (although some help with the tests may be recommended), and you will have a clearer idea of what this tool should do, even before it starts coding.

http://en.wikipedia.org/wiki/Test-driven_development

+1

Santi Sep 27 '09 at 10:51

source share

Your employer clearly does not consider testing important. You must go out and find a suitable job.

+1

alex tingle Sep 27 '09 at 23:05

source share

I'm sorry to say that, but I think Alex Tingle is right in your case. This is an impossible situation.

JacobM and Santi are loyal to mention unit testing, acceptance testing, and test-based development. I would add tools for code coverage and static analysis to this list.

But while testing a TDD or base unit usually pays off in reduced test time, lower defect rates and ease of maintenance, they won’t help you deliver data to deathmarch in a timely manner. This is especially true if you have not encountered while writing automated tests.

Politely formulated, your boss asks you to take on technical debt. Properly worded, he asks you to ignore professional ethics.

Smile, say yes, sir, do your best at the appointed time and update your resume.

+1

Truewill Sep 28 '09 at 12:08

source share

Keep in mind that there is a natural tendency for developers to test the “best way” for their code. In other words, you wrote it, so you know that you have to click on certain points, type in certain things, and therefore you check it. This, of course, is important.

There are some good suggestions here, but one that seems to miss most (but not all) is negative testing. Basically, you need to check the boundaries, and you need to test the malware. As noted, enter the script code in the fields, for example:

<script>alert('abc')</script>

It is clear that you could not correctly encode if you received a warning! Another thing:

 abc' or 'a' = 'a'

This can potentially cause problems with SQL injection in cases such as authentication. You can also test SQL injection with things like:

 abc'; drop table users; select * from dual where 'a' = '

If your desk just left, you have a problem! There are tons of examples, but at least you need to spend some time testing the top 10 OWASPs.

Other places where you want to test are things like very large numbers, especially if you expect integer input on a 32-bit platform, negative values, no values, etc. Basically, check that the required threads are working and then do everything you can to break it.

+1

John cavan Sep 28 '09 at 0:45

source share

I agree with the previous answer posted on the meaning and effectiveness of Driven Development and Unit Testing testing. If everything is done correctly, the TDD process in which you write your unit tests before writing production / delivery code will help you focus and help verify your design and interfaces. In addition, other developers will be able to have a clear and consistent way of working with how to properly use and consume your code. Just keep in mind that Unit Testing is not the same and does not replace full integration testing. In this approach, you still have to write a complete integration test plan.

I work primarliy in .NET and had nothing but good results when working with NUnit.

I have not worked in PHP before, but from what I saw, you can consider SimpleTest or PHPUnit.

0

Clockendndooner Sep 28 '09 at 0:19

source share

Given your boss's requirements, which you must respect while you work for him and until you can change your mind, you gave the correct answer in the question.

0

Alex brown Sep 28 '09 at 0:22

source share

Jacob Mattison · Accepted Answer · 2009-09-27T23:11:42+0000

Of course, unit testing, whether it is the first test or not, should be your first line of defense, ensuring that every part of your application works the way you think. However, the type of testing that you are talking about, where it can be useful for obtaining another pair of eyes, is more relevant to the field of acceptance tests - the application as a whole works as it should; It works for various strange scenarios or behaviors, etc.

One useful approach is to introduce the person: first check the application for yourself, but then try again, imagining that you are 85 years old, you cannot see terribly well and do not use the mouse so well. You can usually click on the brightest or biggest thing, suggesting that you should do what cannot be. Now imagine that you are 12 years old and in a hurry. You will not read the instructions. Is he still working?

For any given field, what are the extreme cases that a person can enter? What happens if you type only spaces? Only numbers in the text box? What happens if you type HTML? Javascript Something in the non-western alphabet? What if you type something really really long?

The key is not just to check the “happy path” when the user views the application in the way you did. Go through the application in a way that you will never need. Because ... they will be.

Another important part is to never ignore anything. It’s easy to get the weird screen up and say to yourself, “Oh, it's just an accident.” You yourself must notice and track everything that is not as it should be.

Self Test Tips?

More articles: