3

I've got a PHP project to test. I've already (almost) finished coding the project and I didn't have any testing plan at the start. Being new to PHP, I thought I'd finish the coding and start testing afterwards. As unit testing needs to be done as you go along, what is my other alternative for a test? I want something like a complete system test rather than unit by unit.

I've got around 30 PHP script files, 5 of which are class scripts.

NB It needs to be a formal way of testing, rather than trying to hack it.

mavili
  • 3,385
  • 4
  • 30
  • 46
  • 1
    Try to hack your site, if you can't then... it is probably good enough :) – samayo Apr 23 '13 at 17:54
  • 1
    well, considering the fact that I'm new to PHP myself, then my hack methods won't be that great :) – mavili Apr 23 '13 at 17:55
  • 1
    Ask your comrades to test your website if possible. Also if you know someone good with hacking that would be nice. – HamZa Apr 23 '13 at 17:56
  • I have to say that it has to be formal, it's for my final year report :P – mavili Apr 23 '13 at 17:57
  • 1
    @mavili Well other than testing functionality by functionality there isn't other good methods to debug the system. Ask family members ? Friends ? or hire a professional but that would be lame. Join the [PHP chat room](http://chat.stackoverflow.com/rooms/11/php) if you want to reveal your website :-) – HamZa Apr 23 '13 at 18:00
  • @mavili "hacking" doesn't mean destroy the website :-) – HamZa Apr 23 '13 at 18:05
  • @php NoOb actually, if he's not good enough to secure his site, he won't be good enough to crack it either. Irrelevant test. – Virus721 Apr 23 '13 at 18:23

4 Answers4

4

I believe your aim behind the test is more "academic" than practical. So testing by friends doesn't really help much. Having said that you have already completed coding the project so if you wanted to unit test using PHPUnit or SimpleTest you will have to go back and start coding the unit test cases.

I think the best option here would be to create a "formal" test document. There are tons of resources out there for how to do this. Basically it will have:

  1. Url
  2. Action
  3. Expected Result
  4. Observed Result

If your expected and observed results match, then that test case is passed.

You can create as many test cases as you want for your project based on these basic guidelines.

raidenace
  • 12,789
  • 1
  • 32
  • 35
1

Testing has it's different role in SDLC. There are various aspect on which testing could be done. Like:

  1. Smoke Testing

  2. Functionality Testing

  3. System Testing

  4. Retesting

  5. Regration Testing

  6. Preformance Testing

and many more testing technique are there for testing a web application.

Naveen Chhaniwal
  • 704
  • 3
  • 6
  • 24
0

Just upload the project and ask someone to test it.You have to test it or get it tested.There is no other way

You can also run a simple scanner(like burp or acunetix) to test whether website can be hacked or not.

Sudo Reboot
  • 220
  • 2
  • 11
0

You can use a web app scanner,

There are some F/OSS out there such as;

List of web app security scanners - commercial and free

dr. evil
  • 26,944
  • 33
  • 131
  • 201