Macronimous Web Blog

Doing Unit testing is helps a team to produce quality application with in time by allowing the developer to test the code as soon as they write it. By developing a test document, developers are forced to do rigorous testing before it reaches to QA team. This way the span of life cycle is reduced by avoiding it going back and forth between the developer and the tester. The following few Frameworks help teams to do unit testing efficiently. This way unit testing could become a fun to your developers too.

Four Frameworks to perform unit testing in PHP are

1. SimpleTest

2. PHPUnit

3. phpt

4. SnapTest

SimpleTest:

It’s a Open souce unit test framework created by Marcus Baker for PHP. The test structure in SimpleTest is similar to the Junit and PHPUnit.  It contains all of the typical functions in Junit and PHPunit and also includes Mock objects. Simplte Test helps to automate the web application’s regression testing. Regression testing on web applications can be done by parsing the HTML page by using scrpitable HTTP client for simulations like Form submission and clicking on Hyperlinks. Some of the JWebUnit functionalities like web page navigation, cookie testing and form submission are also incorporated in this.

Download and test your version of Simple test.

PHPUnit:

PHP Unit is a part of xUnit family, which has testing frameworks in it. It provides a framework that helps in creating the test scripts easily and also the functionality to execute the tests and then analyze the results. The tests are arranged into cases in PHPUnit, which is very similar to Simple Test. A case is essentially a class in which public methods are singular independent tests.  A test name starts with “test” if the test is a public method. Any test, which is not, a public method will not be taken into account unless interpreted as a test under PHPUnit.  Helper methods are very useful for recurring tasks. If used Helper methods to set up a test, the test will be considered as a separate test by the framework. Refrence to assert methods are present inside each and every test. An assertion is mainly taking an expected value and then comparing it with an actual value. If the expected value does not match the actual value, then the test fails. Mock Objects are hugely important component in maintaining a unit test’s segregation from all other classes and resources except the one under test.

The following link will assist you to get more idea on PHPUnit.

PHPT:

A phpt test is a small script, which used by the php internal and quality assurance teams for testing PHP’s functionalities. Writing phpt tests helps to make PHP more stable. For writing up a phpt test, we need a basic knowledge on PHP language, a text editor and a method to get the results of the code.  Phpt test is used in following scenario: The run-tests.php scripts call the test and it takes different parts of phpt file to name and to create a .php file. The newly created .php file is executed and the output of the same is compared with different sections of a phpt file. The Test pass only when the output of the script “matches” with the output provided in the phpt script.  Phpt test will do the following: It tries and breaks the PHP functions. PHPT test check the functions normal parameters as well as edge cases.

More on Phpt

SnapTest:

The most powerful unit-testing framework for PHP 5+ is SnapTest.  PHP’s runtime language is the only one of its kind that can be used to make the unit test process simpler without sacrificing the agility tests. The philosophy on which the Snap Test was build: Unit testing should be transparent in Snap Test. Complexity of test harness and coding out stub files should be avoided in Snap Test. The obstacle in writing tests should be very less so that it becomes easier to write the tests than writing the code.

Features of the SnapTest are:

• JUnit Compliant Test Harness

• TAP Compliant Test Output

• Runnable from Command Line via .sh or .php scripts

• Full support for mock objects at runtime (minimum parallel structures) as actors and critics

• Extensible add-on system for adapting SnapTest to just about any developer environment

Here you go for:  SnapTest

Let me know if you are familiar with other frameworks.

Day-to-Day we see lot of SEO tools in web and many people would have missed useful SEO tools that are not marketed well. Here are four SEO tools that you would have missed and you would be interested to use.

Keyword frequency analysis (single words, two and three words)

The tool helps to pick top 10 keywords in-group of single, double and three word keyword phrases from title, Meta description, Meta keyword and ALT-attributes. This tool can be used to find competitors on-page optimization work related to keyword phrases tags.

http://oyoy.eu/page/keywords/

Search engine SPAM detector

The tool analysis and finds whether a webpage has followed keyword stuffing, doorway farms, hidden text through JavaScript or by CSS. This tool can be used to find web page aspects that search engines could consider as spam.

http://tool.motoricerca.info/spam-detector/

Backlinks Checker Tool – Backlinks Watch

The tool helps for the best to find everything related to inbound links and covers anchor text, backlinks quality plus limitations with nofollow tag and inbound links Page rank.

http://www.backlinkwatch.com/

Keyword mapping tool

The Keyword Map tool shows the relation between search terms / keywords in graphic with good interface for easier understanding on choosing the right combination of keywords.

http://www.kwmap.com/

1. Ajax powered Wordpress Themes:

Alisha provides a list of Ajax powered Wordpress themes. You may want to try one or more.Some of them are good, Some are limted with one or two features like search. Some not found. But worth a look if you plan to use Ajax in your templates.

http://www.softtechreviews.com/web-design/ajax-enabled-wordpress-themes/

2. Ajaxed Wordpress

This is a Wordpress plugin which adds power, usability and the beauty of AJAX to Wordpress based blogs and WordPress based websites. The plugin improves the user experience, the administration capabilities and the design potential or the blog/site.

http://ajaxedwp.com/#awp::

3. Ajax for Wordpress plugin developers

So how about writing your own Wordpress plugins with Ajax? Wordpress codex helps you to begin: http://codex.wordpress.org/AJAX_in_Plugins

4. Four Ajax Wordpress plugins

Finally, here are four plugins discussed. http://www.linuxjournal.com/article/9574 This should help you to get more ideas to start.

Most of the performance issues occur because of high stress in server.  You should perform load testing to know how many concurrent visitors your site can serve perfectly. It is difficult to arrange without the help of a set of actual user. It is the proper way of using advanced automatic load and stress testing tools.

Load Runner
Load runner is the contribution of Hewlett-Packard to the software testing industry for analyzing the conduct and concert of the system by giving actual load to the system. Load runner can make the application feel the load of hundreds or thousands of real-time users and mean while can repossess information from web server’s database servers etc.
When working with Load Runner we work with three different tools Virtual User Generator (VuGen) and Controller and Analysis, which are inevitable part of the tool.

The VuGen helps a user to record and replay the required actions against the applications under test. The required actions will be recorded in the form of scripts. The user can make modifications in the scripts. When the script is ready , the same is executed through the controller and finally analysis will give the scenario results in the form of graphs for the user to view and analyse.

QEngine 
Advent Net Qengine is a tool that supports both load testing and functional testing for web based applications. The tool mainly helps to spot the bottlenecks in the application code and eradicate the same then and there. This tool helps your ‘N’ Tier endeavor applications can meet heavy user loads during peak hours and have high uptime in production. This testing will provide supple user scenarios and reasonable load types for the application during load test. The tool can create real time user actions and perform load tests load with hundreds or even thousands of simultaneous users under active load conditions. The load testing features are:

• Load Test Recording
• Flexible User Scenarios and Dynamic Data Generation
• Real-world Load Simulation
• Distributed Load Testing
• Load Test Reports

SilkPerformer
Borland silk performer is a enterprise-class tool for delivering automated software load, stress and performance testing in an open and sharable model. We can create prevailing, realistic load tests for thousands of users running production scenarios across a broad range of endeavor application environments to identify bottlenecks, and then apply powerful diagnostics to resolve performance issues with help of Silk Performer. Adaptable visual scenario modeling enables any load scenario to be tested and compared – whether it involves a single, massive flood of requests to a website or the expected behavior of an enterprise application under daily heavy load. Any bottlenecks are identified, then spontaneous diagnostic and analysis capabilities help resolve the issue quickly, reducing test-and-fix cycles, accelerating time-to-market, and supporting critical release decisions related to application performance. Test creation, root-cause analysis wizards and Java & .NET deep diagnostics build it amazingly simple and efficient to use, removing the cost and complexity associated.

Few Performance & Load Testing  Capabilities in Silk Performer:
• Virtual user “types” enable shared, reusable access to load testing across all major application environments
• No license requirement for “controllers” or individual “protocols” means greater access to test creation and execution for more team members across the organization
• Discover ease of use with the built-in step-by-step workflow wizards
• Create tests and executions with Silk Performer’s intuitive interface, or leverage the Eclipse IDE
• Test a wide range of enterprise environments with versatile, sharable, multi-protocol virtual-user types
• Easily customize tests with random user data—without programming a single line of code
• Reuse test cases in different environments and scenarios without changing test scripts

WAPT(Web Application testing)
WAPT is a load and stress-testing tool for web sites, web servers, and intranet applications with web interfaces. WAPT provides easy-to-use ways for accurate load simulation and Run-time test data generation. We can test and analyze the performance characteristics in various load circumstances to find bottleneck of your web applications. WAPT can simulate multiple users for each scenario, custom implement delays between requests and dynamically generate test data parameters. The values of request parameters and URIs can be calculated in a number of ways and even be determined by the server response to the previous request.  The features of WAPT are to test web sites with dynamic content and protected HTTPS pages. It provides useful test results through descriptive graphs and reports. Additional features included in WAPT: support for secure sites and user authorization, simultaneous testing and batch operation.

The Problem with all the codes is that the value is not sanitized before it will be sent as a query. All we need to make sure is that we passing the secure data into database. We can send secure data and prevent the data hacking by following the four prime SQL injection methods

Function mysql_real_escape_string() :

In php, we have a function to deal with strings in MYSQL. (Modified Content)

Function:
mysql_real_escape_string()

Above function seize the string that will be used in the MYSQL query and return the same string with all SQL Injection attempts securely escaped. Above functions will assist to replace each troublesome quotes in SQL Injection query with “backslash \”

Magic Quotes:

Magic quotes will helps to escape from risky form data that is used in SQL Injection. It will automatically include “backslash \” for each special characters in SQL Injection query submitted.

Function to check whether Magic quotes are enabled on server is
“get_magic_quotes_gpc function”

Example:
After adding magic quotes
The   \  becomes  \\
The   ‘  becomes  \’
The   “  becomes  \”

HTML Entities:

HTML Entities function translates all applicable characters to HTML Entities and returns the encoded string.

Function used to translate is,

string htmlentities ( string $string [, int $quote_style=ENT_COMPAT [, string $charset [, bool $double_encode=true ]]] )

Example: 

 <?php $str = “A ‘quote’ is <b>bold</b>”;

// Outputs: A ‘quote’ is &lt;b&gt;bold&lt;/b&gt;
echo htmlentities($str);

Validation:

Length Validation: Hamper of all the input fields in the application to the absolute minimum (7 to 15 characters). This will helps to block long queries input.
Input Validation: Validate the data entered in the input field. For eg. Age field should accept only number and only 2 digits are allowed.
User Privileges:  Create “Admin user” for each database and provide “create, drop and edit ” tables privileges only to the “admin user “