Saturday, November 21, 2009

Test Ideas for Database

Disclaimer

I, Santhosh Shivanand Tuppad as an author of this document hold all copyrights. No individual is allowed to copy this and host it anywhere else on this earth. However, you can use it for your testing activity & re-distribute this by retaining the credits to the author.

Below are few test ideas that you can use in your testing activity with respect to database.

1. Check for the database type. Example: Flat file or MySQL/Oracle/DB2 et cetera.
2. Check the strength of credentials for phpMYadmin (Depends on the type of Control Panel you are using)
3. Check if any database details are not commented in the code.
4. Check for SQL injection vulnerability – If you are not so good with my SQL injection use tools like TestersDesk.com or try cheat sheet
5. Check if the database is of flat file type then how is it secured? – What are the consequences if it is not secured?
6. Check if forms validation is done on backend
7. Check if you can process your own query through forms (It can be MySQL or Oracle or any database query you would like)
8. Check if there is any data backup for specific intervals (This is important because your competitor might be looking at harming your business)
9. Check the compatibility of database backup with other control panels
10. Check how easily can one database type be converted to another database type? Example: mSQL to MySQL or vice-versa

Frequently Asked Questions

1. I am testing registration form with text fields and other input fields. How do I check if the validation of maximum size is also done server side?
I will explain this using a scenario so that it would give you more clarity about the solution.

Suppose the registration form says, “You can’t have 30 characters for your username” which means the maximum size is equal to 30 characters. But you can see if this validation is done on server side in the database also?

Now, you need to go to the “source code” and copy it in the notepad or any text editor & find for the maximum size = 30. Try changing it to 99 or any other value or remove that attribute. Then save the file on your machine. Now, open it in Internet Explorer or Mozilla Firefox and try entering more than 30 characters and submit the form.

Now you need to check whether did it process or give an error that only 30 characters can be entered. If it gives an error message then it means validation is done on backend also.

The above one is just an example but you can try many more strategies.

2. What is phpMYadmin?
In simple words, it is control panel for your database from where you can submit query, alter query and view the tables of your database. Google it – for more explanation

3. I want to contribute to this document. How do I?
Simple – write an e-mail to me at Santhosh.Tuppad@gmail.com

[ Download the PDF Version ]

“God has given you a brain to think – Don’t waste it by not utilizing it”
                                                                                             - Santhosh Shivanand Tuppad

Written by at
Tags ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)