Web Test Summary

One, input box 1, Character type input box

(1) Character type input box: English full-width, English half-width, number, empty or space, special characters "~! @#￥%......&*? []{} "pay special attention to single quotes and & symbols. When you prevent direct input of special characters, use the Paste, copy function to try the input.

(2) Length check: Minimum length, maximum length, minimum length-1, Maximum length + 1, input extra long characters such as copy the entire article past.

(3) Blank check: There are spaces between the characters entered, there are spaces before the characters, there are spaces after the characters, and there are spaces before and after the characters.

(4) Multi-line text box input: Allow carriage return line, save and then display can save the input format, only enter the carriage return line, check whether the correct saving (if possible, check the saved results, if not, see if there is a normal prompt).

(5) Security check: Enter Special string (Null,null,,javascript,<script>,</script>,<title>,

2. Numeric input Box

(1) Boundary value: Max, MIN, max + 1, min-1

(2) Digits: Minimum, maximum, minimum-1 maximum digits + 1, input extra-long value, input whole number

(3) outliers, special characters: Enter blank (NULL), Space, or "[Email protected]#$%^&* () _+{}|[] \: "<>?;" ,./?; : '-= when characters that may cause system errors, prohibit direct input of special characters , try to use the paste copy to see if you can commit normally, special features in Word, copy to input box via clipboard, page break, section break, and so on, a special symbol of numeric value such as ∑,㏒,㏑,∏,+ ,-equal, input negative integers, negative decimals, fractions, input letters or Chinese characters, decimals (case of decimal 0, multiple decimal points), number of the first 0, such as 01, 02, scientific notation Support 1.0E2, full-width and half-width numbers, numbers and letters mixed, 16 binary, 8 binary values, Currency input (allows several digits after the decimal point),

(4) Security check: cannot be entered directly on copy

3. Date Type input Box

(1) Legality check: (Enter 0 days, 1st, 32 days), month input [1, 3, 5, 7, 8, 10, 12], daily input [31], month input [4, 6, 9, 11], daily input [30] [31], enter non-leap year, month input [2], date input [28, 29], enter leap year, month input [2], date input [29, 30], month input [0, 1, 12, 13]

(2) Outliers, special characters: input blank or NULL, input ~! @#￥%......&* () {}[] and other characters that may cause system errors

(3) Security check: Can not directly input, copy, whether the data test error

4. Duplication of information

In some need to name, and the name should be unique to enter a duplicate name or ID, to see if the system has been processed, will be error, the names include whether it is case-sensitive, and the input before and after the input space, the system to make the correct processing.

5, must fill in the examination

Should fill in the items are not filled out when the system has been processed, the required fields are prompted for information, such as the required fields before adding "*"; if the required fields are returned, the focus will be automatically positioned to the required fields.

6. String length Check

Enter content that exceeds the length of the string described by the requirement to see if the system checks the string length. Also check that the required string lengths are correct and sometimes appear, and that the required string length is too short to enter business data.

7. Character type check

Enter other types of content where the content of the specified type should be entered (such as entering other character types where you should enter an integer) to see if the system checks for character types.

8. Punctuation Check

The input includes various punctuation marks, especially spaces, various quotes, and enter. See if the system is working correctly. The common mistake is the system to the space processing, may add, when the space as a character, and when the query space is masked, resulting in the inability to query to add content.

9. Special character Check

Enter special symbols such as @, #, $,%,!, etc. to see if the system is working correctly. Common errors are appearing in% ' \ These several special characters

10, Chinese characters processing

In the system can input Chinese and English, to see whether there will be garbled or error.

Second, search function

If the query condition is an input box, refer to the test method of the corresponding type of the input box

1. Function Realization:

(1) If a fuzzy query is supported, search for any character in the name to find out

(2) Whether the long name can be found

(3) The condition that does not exist and matches in the input system

(4) When the user queries the operation, the general situation is not to clear the query conditions, unless the requirements of special instructions.

2. Combination test:

(1) Choose between different query criteria, whether there is a page error (Radio box and multi box is the most error prone)

(2) When testing multiple query conditions, we should pay attention to the combination test of the query conditions, possibly different combinations of tests will be error.

(3) If you can enter multiple search conditions, you can add reasonable and unreasonable conditions, to see if the system is handled correctly, when searching the same attention to special characters, some systems will enter special characters, the system will be all the information in the search.

Third, add, modify the function

1, Special key: (1) Whether the TAB key (2) supports the Enter

2, prompt information: Do not meet the requirements of the place there are error tips

3, Uniqueness: The field is unique, whether it can be added again, whether it can be modified to the existing field (the field includes case sensitivity and input before and after the input space, after saving, the data is really inserted into the database, note the correctness of the data after saving)

4. Data correctness:

(1) Edit each edit item of the editing page, click Save, whether it can be saved successfully, check whether the associated data is updated.

(2) to carry out the required fields check (that is, whether to give hints and prompts, whether the data is still stored in the database;

(3) Whether it can be added continuously (for special cases)

(4) When editing, note the length limit of the edit item, sometimes at the time of adding, but not when editing (note to add and modify the rule is consistent)

(5) For the image upload function of the edit box, if you do not upload pictures, see the editing page when the default image is displayed, if you upload a picture, see if it is displayed as uploading pictures

(6) After the modification to increase the data, pay particular attention to the query page data is updated, especially in the first page to pay attention to the updating of data.

(7) When submitting data, repeatedly click to see if the system will add several consecutive data or error.

(8) If there is no record in the result list or a record is selected, click the Modify button, the system will throw an exception.

(9) Check whether additions and modifications are consistent: Check that the requirements for adding and modifying information are consistent, such as adding required items, modifications should be required, adding items that are defined as integral types, and modifications must be integral.

Iv. Delete function

1, Special key: (1) Whether the TAB key (2) supports the Enter

2, Prompt information:

(1) Do not select any information, directly click the Delete button, whether there is a hint

(2) When deleting a message, there should be a confirmation prompt

3. Data realization:

(1) Whether multiple products can be deleted continuously

(2) If there is only one piece of data, can you delete the success

(3) Whether the same data can be added after deleting one piece of data

(4) If the system supports bulk deletion, note that the deleted information is correct

(5) If you have a full selection, notice whether to delete all the data

(6) When deleting data, be aware that the data of the corresponding query page is updated timely

(7) If the deleted data is associated with other business data, be aware of its relevance (such as deleting departmental information, departmental downstream staff, should be given a hint)

(8) If there is no record in the result list or no record selected, click the Delete button system will error

(9) If there are multiple pages, turn the page to see if the system is deleted correctly.

such as: A function module has the most basic additions and deletions to check the function, you need to conduct the following tests

Single function test (add, modify, query, delete)

Increase-and-increase (continuous increase test)

Add-on Delete

Add-on-delete (new additions consistent with deletions)

Added----delete

Modify-and-modify (continuous modification test)

Modified-Add (the new additions are consistent with the content before the change)

Modified--Delete

Modified--Delete--Add (new additions consistent with deletions)

Delete--delete (continuous delete test)

Five, registration, login module

1. Registration function:

(1) When registering, set the password to a special version number, check whether the login will be error

(2) After the registration is successful, the page should go to the homepage or the designated page by login status.

(3) Delete the information entered in the registration information and check if it is possible to register successfully.

2. Login function:

(1) Enter the correct user name and the correct password

(2) Enter the correct user name and the wrong password

(3) Enter the wrong user name and the correct password

(4) Enter the wrong user name and the wrong password

(5) Do not enter a user name and password (all spaces)

(6) Enter the user name only, the password is empty

(7) User name is empty, enter password only

(8) Enter the correct user name and password, but not case sensitive

(9) User name and password include special characters

(10) User name and password input extra Long value

(11) deleted user name and password

(12) When you log in, the verification code is updated when the page refreshes or re-enters the data.

VI. Upload Picture test

1. Function Realization:

(1) file type correct, size appropriate

(2) file type is correct, size inappropriate

(3) file type error, size appropriate

(4) file type and size are appropriate, upload a picture in use

(5) file type size is appropriate, manually enter the existing image address to upload

(6) file type and size are appropriate, enter a non-existent image address to upload

(7) file type and size are appropriate, enter the image name to upload

(8) Do not select the file directly click Upload to see whether the prompt

(9) Select different files multiple times to see if the last selected file is uploaded

Vii. List of query results

(1) List, column width is reasonable

(2) The list data is too wide to provide horizontal scrolling

(3) The column name of the list does not correspond to the content

(4) Whether the column name of each column of the list is clearly described

(5) Whether the list shows unnecessary columns

(6) Click on a column to sort the error (click to see if each page is sorted correctly)

(7) Double clicking or clicking on a column of information will cause an error

Eight, special key Check 1, return key check

(1) A record that has been successfully submitted, returned and submitted, whether to do the processing

(2) Check the use of the return key multiple times, where there is a return key, return to the original page multiple times to see if there will be an error

(3) In the Web system, using the browser's return key to see how the system processing, will be error. For systems that require user authentication, after exiting the login, use the return key to see how the system handles it, use the return key multiple times, and use the forward key multiple times to see how the system is handled.

2. Enter check

After the input results, press ENTER directly to see how the system is handled, will be error

3. Refresh Key Check

In the web system, use the Refresh key to see how the system handles, whether it will error

Nine, URL link check

(1) In the web system, directly enter the URL address of each function page, see how the System processing, for the need for user authentication system is more important. If the system security design is not good, directly enter the function page URL address, it is likely to open the page normally.

(2) Each link has a corresponding page, and the page between the correct switch. You can use tools such as Linkbotpro, File-aidcs, HTML Link validater, Xenu, and more. Linkbotpro does not support Chinese, the characters are garbled; HTML link validater can only test Web links ending in html or HTM, Xenu does not need to be installed, support ASP, do, JSP and other end of the web, Xenu test links include internal chain and external links, you should be aware when using, and be able to generate HTML-formatted test reports. If the system is QTP, you can also use QTP's page checkpoint check and automated check.

X. Interface and ease of use testing

1. Harmony of style, style and color

2, the interface layout is neat, coordination (to ensure that all displayed, try not to use the scroll bar

3, the interface operation, the title description is appropriate (description is ambiguous, pay attention to whether there is a typo)

4, the operation is consistent with people's regular habits (there is no similar function of the control together, easy to operate)

5, the prompt interface whether to conform to the specification (should not display the English cancel, OK, should show Chinese determination, etc.)

6. Whether the controls in the interface are aligned

7. Whether the date control can be edited

8, the length of the date control is reasonable, in order to modify the time can be all displayed as a quasi-

9, the Query results list column width is reasonable, label description is reasonable

10. The query result list is too wide without horizontal scrolling hint

11, for long-message text, the text box has no automatic vertical scroll bar

12, data entry control is convenient

13, there is no Support tab key, the order of the keys to be organized, do not jump

14. There are no related hotkeys available

15, the control's prompt description is correct

16, the module call is unified, the same module is called the same interface

17. When you move a page with a scroll bar, the control of the page appears normal

18. The correct format for the date should be xxxx-xx-xx or xxxx-xx-xx XX:XX:XX

19. Are there any extra buttons or labels on the page?

20. Whether the window title or icon is consistent with the menu bar

21, the window to maximize, minimize whether the correct switch

22, for the normal function, the user can not read the user manual can be used

23, the implementation of risk operation, there is confirmation, deletion and other tips?

24, the operation sequence is reasonable

25, correctness check: Check the form on the page, button, table, header, footer, hint information, and other text spelling, sentence grammar and so on is correct.

26, the system should be the user to perform the wrong operation before the warning, prompt information.

27, the page resolution check, in a variety of resolution browsing system Check system interface-friendly.

28, the Reasonableness check: do delete, update, add, Cancel, back and other operations, check the information back to the page is reasonable.

29, check whether localization through: English version should not have Chinese information, English translation accurate, professional.

XI. compatibility test

Compatibility testing does not just mean that the interface is compatible under different operating systems or browsers, and that some functional aspects of testing are also considered compatibility,

Includes operating system compatibility and application software compatibility, and may also include hardware compatibility

For example, the Ajax, jquery, JavaScript and other technologies, have to take into account the compatibility of different browsers.

1. Navigation test

Navigation describes how a user operates within a page, between different user interface controls, such as buttons, dialogs, lists, Windows, and so on, or between different connection pages. You can decide whether a Web application is easy to navigate by considering the following questions: is navigation intuitive? Is the main part of the Web system accessible through the home page? Does the web system require a sitemap, search engine, or other navigational aids?

Putting too much information on a page tends to have the opposite effect as expected. Users of Web applications tend to drive the goal and quickly scan a Web application to see if they have the information they need, and if not, they leave quickly. Few users are willing to take the time to familiarize themselves with the structure of the Web application system, so the Web application navigation Help is as accurate as possible.

Another important aspect of navigation is the consistency of the Web application's page structure, navigation, menus, and connection styles. Make sure the user intuitively knows if there is content in the Web application and where the content is.

Once the hierarchy of Web application system is decided, it is necessary to test the user navigation function, let the end user participate in this kind of test, the effect will be more obvious.

2. Graphic test

In the Web application system, the appropriate picture and animation can play the role of advertising, but also to beautify the function of the page. A Web application's graphics can include pictures, animations, borders, colors, fonts, backgrounds, buttons, and so on. The contents of the graphic test are:

(1) To ensure that the graphics have a clear purpose, the picture or animation do not randomly stacked together, so as not to waste transmission time. Web application system picture size to be as small as possible, and to be able to clearly describe something, usually linked to a specific page.

(2) Verify that all page font styles are consistent.

(3) The background color should match the font color and foreground color.

(4) The size and quality of the picture is also a very important factor, generally using JPG or GIF compression, it is best to reduce the size of the picture to less than 30k

(5) Finally, you need to verify that the text wrapping is correct. If the description text points to the picture to the right, make sure the picture appears on the right. Don't use pictures to make windows and paragraphs appear odd or orphan.

Generally speaking, using a little or not using the background is a good choice. If you want to use the background, then it is best to use monochrome, along with the navigation bar on the left side of the page. In addition, patterns and pictures may distract the user.

12. Safety Test

(1) SQL injection (e.g. landing page)

Data injection is mainly to the database injection, by entering some special characters, such as "'", "/", "-" and so on or character combination, to complete the destruction of SQL statements, resulting in system query, insert, delete operations of SQL because of these characters and change the original intent. such as SELECT * FROM table where id = ' and name = ', by entering "12 '-" In the ID input box, causes the query statement to comment out the name condition, and only query id=12 records. Similarly, the operation of update and delete may result in accidental deletion of data. Of course, there are some other SQL injection methods, specific to the SQL application advanced SQL injection. doc, many programs are based on the page to control the input characters, you can try to skip the interface directly to the database to insert data, such as using JMeter, to complete the data injection check.

(2) XSS cross-site scripting attacks: The program or database does not filter or process some special characters, resulting in some of the user input of some destructive script statements can be directly written into the database, the browser will directly execute these script statements, the normal display of the Web site, or the user's information is stolen, construct script statements, To ensure the integrity of the script.

document.write ("abc")

<script>alter ("abc") </script>

(3) After the URL address, enter some symbols, and try to be dynamic parameters back

(4) Verification Code update problem

(5) The current Web application system basically uses the first registration, after landing. Therefore, you must test the valid and invalid user name and password, to notice whether the case is sensitive, how many times you can try the limit, whether you can browse a page without landing and so on.

(6) Whether the Web application system has a timeout limit, that is, the user login after a certain period of time (for example, 15 minutes) did not click on any page, whether the need to re-login to normal use.

(7) In order to ensure the security of Web application system, log files are very important. You need to test whether the relevant information is written into the log file and is traceable.

(8) when an ann * * socket is used, it is also necessary to test whether the encryption is correct and to check the integrity of the information.

(9) server-side scripts often constitute security vulnerabilities that are often exploited by hackers. Therefore, you also want to test the problem of not being authorized to place and edit scripts on the server side.

13. Performance Testing

1. Connection Speed Test

The speed at which users connect to Web applications varies depending on how they surf the internet, and they may be telephone dialing or broadband access. When downloading a program, the user can wait a long time, but if you only visit a page it will not. If the response time of the web system is too long (for example, more than 5 seconds), the user will leave without patience.

In addition, some pages have a timeout limit, if the response is too slow, the user may not have time to browse the content, you need to re-login. Moreover, the connection speed is too slow, may also cause the data loss, causes the user to get the real page.

2. Load test

Load tests are designed to measure the performance of a web system at a certain load level to ensure that the web system functions properly within the requirements range. The load level can be the number of users who have access to the Web system at any one time, or the amount of online data processing. For example: How many users can a Web application be allowed to be online at the same time? What happens if this quantity is exceeded? Can web applications handle a large number of users ' requests for the same page?

3. Pressure test

The load test should be scheduled to be tested in the actual network environment after the web system is published. Because a company's internal staff, especially the project team, is always limited, and a web system can process the number of requests at the same time far beyond this limit, so only on the Internet, accept load testing, the results are correct and trustworthy.

Stress testing refers to the actual destruction of a Web application system, the test system reflects. Stress testing is the ability to test system limitations and resiliency, which means that testing Web applications will crash and under what circumstances. Hackers often provide incorrect data loads until the Web application crashes and then gain access when the system restarts.

Areas of stress testing include forms, landing, and other information transfer pages.

14. Other conditions that should be noted in the test

1, in the test, network-related steps or modules must take into account the situation of network disconnection

2, each page has the corresponding title, cannot be empty, or display "Untitled page"

3, in the test to consider when the page scroll bar, scroll bar scroll up and down, the page is normal

4, the URL is not case-sensitive, case-insensitive

5, for e-commerce sites, when the user concurrent purchase quantity is greater than the quantity of inventory, the system how to deal with

6, test data to avoid the simple input "123", "ABC" and so on, so that the test data as close to the actual

7, when testing, try not to use the Super Administrator to test, with the new user to test. Testers should try not to use the same user for testing

8. Prompt information: Whether the information is complete, correct, detailed

9, Help information: whether to provide help information, to help the presentation of information (page text, prompt information, help files), help information is correct, detailed

10, scalability: whether there is room for upgrade, whether to retain the interface

11, Stability: The hardware and software configuration required for operation, resource utilization, fault tolerance, data protection

12, the speed of operation: running slow, bandwidth occupancy

XV, Supplementary notes

1. Correlation check:

Functional dependencies: deleting/Adding an item will have an impact on other items, and if so, whether the effect is correct or not, the common case is that after a data record is added, if the data records a field with a longer content, it may distort the data list when queried.

Data dependencies: down list default check, down list value check, if a list of data items depend on the data in other modules, also need to check, for example, if a data is disabled, it may not be visible in the list referencing the data item.

2, check the function of the button is correct: such as new, edit, delete, close, return, save, import, previous page, next page, page jump, reset and other functions are correct. Common errors appear on the reset button, which is performed as a function failure.

3. Check the integrity of the information: when viewing the information and updating the information, check that the information is not all updated, update information and add the information is consistent. Note that each field should be checked when checking, and sometimes some fields are updated and the individual fields are not updated.

4. Enter the information location: note the cursor and the information entered will be skipped elsewhere when entering information where the cursor is resting.

5, upload the function of the download file is implemented, whether the upload file can be opened. What is the format of the uploaded file, whether the system has the explanation information, and check whether the system can do it. The download file can be opened or saved, whether the downloaded file has formatting requirements, such as the need for special tools to open and so on. Upload the file test should also be tested, if you can not upload the file suffix is modified to upload the file suffix, to see if it can be uploaded successfully, and, after uploading the file, re-modify to see if the uploaded file exists.

6, the shortcut key check: whether to support common shortcut keys, such as CTRL + C, CTRL + V, BACKSPACE, etc., for some fields that do not allow the input of information, such as the selection of the date on the shortcut is also limited.

7, password check: Some of the system's encryption method uses the character ASCII code shift way, the processing password encryption is relatively simple, and the security is high, for the local area network system, this kind of method can play the Encrypt function completely, but at the same time, will cause some problems, That is, more than 128 of the ASCII corresponding characters can not be resolved when decrypting, try to use "uvwxyz" and some other large code value as a password, while the password as long as possible, such as 17-bit password, etc., resulting in the encrypted password after the unresolved characters.

8, the user check: Any one system, has a variety of different users, also has one or more administrator users, check whether each administrator can manage each other, edit, delete administrator users. At the same time, for the average user, try to delete and rebuild the user with the same name to check whether other information for that user is reproduced. Similarly, a system that provides logoff functionality, when this user is registered again, is used as a new user. And also check the user's valid date, the user who is past the effective date cannot log on to the system. An error prone situation is a non-super administrator who may be able to manage permissions on the user, and can modify the privileges of the Super Administrator.

9, System data check: This is the most important function test, if the system data calculation is not correct, then the functional testing is certainly not a pass. The data check is based on different systems and different methods. For business management platforms, data is maintained correctly as business processes and state changes, and cannot be caused by a process that has garbage data or a process that loses data.

10, System recoverability check: In various ways to the system paralysis, test system can be normal and rapid recovery.

11, confirm the prompt check: The system of updates, delete operations, whether prompted to confirm the update or delete, whether the operation can be rolled back (that is, whether you can choose to cancel the operation), the information is accurate. Before or after the prompt, for update or delete operation, require advance prompt.

Dfgdf

12, Refresh check: WebForm control in the web system real-time refresh function, in the application of the advantages and disadvantages, to the system's performance has a greater impact. Detects the impact of the refresh function on the system or application during testing (white screen), checks whether the control returns to the default initial value, and checks to see if it has a significant impact on the performance of the system (such as connecting database queries every time the refresh is connected).

13. Transaction check: For transactional operations, disconnect the network or shut down the program to interrupt the operation, and the transaction is rolled back.

14, Time and date check: time, date verification is required for each system, such as 2006-2-29, 2006-6-31 and other error dates, at the same time, for the management, financial class system, January and the previous year of December (similarly, the 1th quarter of each year and the 4th quarter of the previous year). In addition, for date, time format validation, such as February 28, 2006, 2006-2-28, 20060228 and so on. Date Check Also check whether the date range is in line with the actual business, whether the system will be prompted or restricted for dates that do not meet the time business

15, installation test: For the C/s architecture of the system, the installation program testing is an important aspect of the installation program automation, installation options and settings (to verify that all scenarios are installed properly), installation process interruption testing, installation sequencing test (distributed system), repair installation and uninstall test.

16. Please let my machine run: In some projects, there is a morbid problem: there is no problem with the system, it can be passed on my machine. This shows that there are environment-related bugs. "Has everything been managed by the version control tool?" "," is the native development environment the same as the server environment? "," Is there a real bug here, just a random occurrence in another machine? ”。 All tests must be run on all system-required machines, otherwise the code may have problems.

Web Test Summary