Bug report

Bugs Bugs Bugs!!!

What are bugs exactly? 

A bug is the common term used to describe an error, flaw, mistake, failure, or fault in a computer program or system that produces an incorrect or unexpected result, or causes it to behave in unintended ways. 

A bug report

Bug reports exist only to inform people about software defects. They are not for notes, for tracking work done or for planning. There are better systems for this. The best bug reports will have as much appropriate information as possible to help asses get kicked as fast and effectively as possible.

Including the correct information in a bug report will help the problem to be discovered, diagnosed and solved in a timely manner - without this information, more questions will be needed before an attempt can be made at trying to fix whatever went wrong.

Minimum things to include are:

• Include steps to reproduce the problem as reliably as possible
• Include what you expected to happen
• Include what actually happened

There are plenty of other helpful things to include like:

• What OS and version of the OS you’re running (especially if the program is cross-platform or you’re using an unreleased version of the OS)
• What versions of other related software you have installed
• Your software environment (like your PATH environment variable, how much RAM you have, is your system low on disk space)
• Generally, almost any information you provide could help. So if you have time, provide more. It can only help your chances of getting your bug fixed before someone else’s. But let’s go back to the minimums 

Test a user login page manually

 The process for testing a log-in page:

How to test a login page or user login page ???

Positive:
1) Give Username in alphanumeric characters

2) Give Username is Length of 5 alphanumeric characters

3) Give Username is Length of 10 alphanumeric characters

Negative:
4) Make Username field empty 

5) Entering Username in characters

6) Entering Username in Numeric

7) Entering Username in special characters

8) Make Username is Length of less than 5 alphanumeric characters

9) Make Username is Length of less greater than 10++ alphanumeric character.

Functional testing

1) Check if the page is loaded 

2) Check if password entered is masked 

3) If login is remembered, check if closing the browser and relogging doesnt take to login page 

4) If login is not remembered check if cookies helps to remember the session within the period 

5) Check if user id and password is authenticated 

6) If there is two step authentication check if it works 

7) If javascript is disabled check if 'sign on' submit triggers the process 

8) Check if sign-on page is reloaded after 'signing out'

9) Check if error-message is displayed when entered with incorrect input ie invalid user id or password  

10) Check if error-message is displayed when password or user id is not entered 

11) Check if after login, it doesn't take back to the login page when the website is opened in a new tab 

12) Check if password restrictions are applied when entering password ie integer 0-9, characters and special characters etc.

13) signon attempts limit

Usability testing

1) Availability of user id and password tab

 2) Check if user id and password form field is long enough 

3) If there is captcha, check if characters are visible and readable 

4) If there is 'remember me' option, check if its a tick box 

5) Check if 'sign on' button is available and clickable

6) Check if 'sign out' button is available and clickable 

7) Check if the messages displayed ie 'Invalid user-id and password' are visible, clear and is not truncated

Compatibility:

1) Check if everything works in different browsers

Integration:

1) If cookie or history is cleaned, the sign-on page should be re-loaded 

2) If browser is closed after sign-on check if the sign-on is not re-loaded on opening again 

3) Check if sign-on page works in browser incognito mode. 

4) Check if browser stores passwords in cookie during a session 

5) Check if browser stores passwords in local desk when 'remember me' option is checked

Performance:

1) sign-on to the application with multiple user accounts at the same time and capture latency of authentication

Appearance:

1) Check if images and favicon is loaded when the page is requested 2) Check if window is re-sized when browser size is changed

Security :

1) Check if the password is sent hashed or encrypted

2) and not (also) in plain text.

3) Check if it works without Javascript

4) Check that the underlying queries are sql injection safe. You don't want hackers to drop your tables using injection.

5) Verify https in url for login page.  S with Http mean secure http. If login is associated with http in url means you information to login in to application is not secure and anyone can access your information just by doing small effort. While HTTPS ensure encryption of information that is being sent to server from client end.

6) Verify ID in url while processing your request.  keep track on ID associated with your request url and ID associated with request url should be dynamic not static otherwise this may help some hacker to nab your information.

7) Check SQL injection. most devastating vulnerabilities to  impact a business, as it can lead to exposure of all of the sensitive information stored in an application’s database, including handy information such as usernames, passwords, names, addresses, phone numbers, and credit card details.

So I would suggest including this test cases if you are going to test some banking and insurance related application. Most common SQL injection that is used  or ‘1’=’1, if this got executed then be ready for the loss of your important information. If means hacker can login without any problem to system or application.

(The SQL Injection attack allows external users to read details from the database. In a well designed system this will only include data that is available to the public anyway. In a poorly designed system this may allow external users to discover other users' passwords.)

You an also try some security test with XSS. (There are many free tools are available for xss testing)

8) Verify account lock out, I would like to include this test case with priority, if user is using 3 or some specific number of time a wrong password then his/her account should be locked out and access should be allowed after certain assurance form filling or by calling customer care. This may help user from hackers hand.

9) Try some hit and trial username and password, before deploying application, username and password like Admin:Admin , Guest:Guest, some username :password, author:author  should be use to test but should be denied when application is deployed.
These all test not covering all types but also test the security of the application and other-thing of the application.
 But I am not saying that these test  are enough to test of application. Because security, privacy and some other important testing is the part of testing that does not have any relation with requirement document so more and more effort is needed if we are talking about the security of an application.

WHAT AND WHY Software Testing?

Software Testing:

There is an entire phase in the SDLC dedicated to software testing. Traditionally, it’s done after the developers have finished building the software – it’s handed over to the testing team to perform tests on it. This is, in my opinion, the most important part of the SDLC process.

Even the most carefully planned and designed software, cannot possibly be free of defects. Your goal as a quality engineer is to find these defects. This requires creating and executing many tests.

In order for software testing to be successful, you should start the Software Testing process as soon as possible. Each new version must be tested in order to ensure that "improvements" do not generate new defects.

If you begin Software Testing only shortly before an application is scheduled for release, you will not have time to detect and repair many serious defects. Thus by Software Testing ahead of time, you can prevent problems for your users and avoid costly delays.

The importance of software testing is that it is the major factor in getting good quality software. Developing software that works and works well is the ultimate aim of a project, and the testing stage is where this is done.

Software testing is very important because of the following reasons:

1. Software testing is really required to point out the defects and errors that were made during the development phases.
2. It’s essential since it makes sure of the Customer’s reliability and their satisfaction in the application.
3. It is very important to ensure the Quality of the product.  Quality product delivered to the customers helps in gaining their confidence.
4. Testing is necessary in order to provide the facilities to the customers like the delivery of high quality product or software application which requires lower maintenance cost and hence results into more accurate, consistent and reliable results.
5. Testing is required for an effective performance of software application or product.
6. It’s important to ensure that the application should not result into any failures because it can be very expensive in the future or in the later stages of the development.
7. It’s required to stay in the business.

A simple Test Case Writing

A test case is a detailed procedure that fully tests a feature of the software application or an aspect of a feature, depending on the complexity of the application..this describes the various permutation and combination of steps to be carried out to test a feature.




To design a test case, we need to identify certain things:

• 1. Identify the test case and explicitly associating it with a feature to be tested.
• 2.Mapping test cases with requirements by using requirement traceability matrix.
• 3. Purpose of the test.
• 4.Creating a list of specified criteria for which the test should be tested.
• 5.Creating a list of tests that should be exercised as a consequence of the test.
• 6.Assembling of expected results occurs, when test is executed
• 7.Creative scenario, or conditions in which tests are executed.
• 8.Assimilate all information that adds value to understand the test.Since test case designing is time-consuming. However, if this activity is done extensively then it enables the tester to find the goal of testing with in time.

A test case also includes certain things that is very important in a sucessful testing.

• 1. Purpose of testing.
• 2. Hardware and software environment required.
• 3. Special configuration requirement like making war room.
• 4.Detail of the testing processes.
• 5.Expected results or success criteria of the test.

''Test cases should be written by a team member who understands the function or technology being tested, and each test case should be submitted for peer review.''

Most organizations prefer detailed test cases because determining pass or fail criteria is usually easier with this type of case. In addition, detailed test cases are reproducible and are easier to automate than descriptive test cases. This is particularly important if you plan to compare the results of tests over time, such as when you are optimizing configurations. 

• Detailed test cases are more time-consuming to develop and maintain. 

• On the other hand, test cases that are open to interpretation are not repeatable 

• and can require debugging, consuming time that would be better spent on testing.