Database Testing

What is Database Testing?
   
Database testing involves the tests to check the exact values which have been retrieved from the database by the web or desktop application. It basically includes the following:

• Data integrity testing
• Data validity testing
• Database performance related testing
• Testing of procedures, triggers, functions etc

Data should be matched correctly as per the records are stored in the database. Testers should check all the functionality which is happening on every action performed in the application. Actions can include deletion, addition or save options. Below is the discussed point that how to test database:

• First of all, tester should make sure that he understands all the application totally and which database is being used with the testing application.
• Figure out all the tables which exist for the application and try to write all the database queries for the tables to execute. This is the best process for the testers to perform the DB testing.

Database testing commands:

DDL

Data Definition Language (DDL) statements are used to define the database structure or schema and descriptions of how the data should reside in the database. It is used to create and modify the structure of database objects in database.

• CREATE - to create objects in the database
• ALTER - alters the structure of the database
• DROP - delete objects from the database
• TRUNCATE - remove all records from a table, including all spaces allocated for the records are removed
• COMMENT - add comments to the data dictionary
• RENAME - rename an object

DML

Data Manipulation Language (DML) statements are used for managing data. It mainly deals with data manipulation

• SELECT - retrieve data from the a database
• INSERT - insert data into a table
• UPDATE - updates existing data within a table
• DELETE - deletes all records from a table, the space for the records remain
• MERGE - UPSERT operation (insert or update)
• CALL - call a PL/SQL or Java subprogram
• EXPLAIN PLAN - explain access path to data
• LOCK TABLE - control concurrency

DCL

Data Control Language includes commands such as GRANT, and mostly concerns with rights, permissions and other controls of the database system. It is used to create rights, permissions, and referential integrity as well it is used to control access to database by securing it.

• GRANT - gives user's access privileges to database
• REVOKE - withdraw access privileges given with the GRANT command

TCL

Transaction Control (TCL) statements are used to manage the changes made by DML statements. It allows statements to be grouped together into logical transactions.

• COMMIT - save work done
• SAVEPOINT - identify a point in a transaction to which you can later roll back
• ROLLBACK - restore database to original since the last COMMIT
• SET TRANSACTION - Change transaction options like isolation level and what rollback segment to use

Sessions-Cookies-Cache-Bookmark

Session is used to store per-user information for the current Web session on the server. It supports using a database server as the back-end store.

                   Session["name"] = TextBox1.Text;

                   string welcomeString = "Hello " + Session["name"];

Cookies are small files saved on client's disc used to store data concerning a concrete user. Cookies are simply bits of software placed on your computer when you browse websites. Websites use cookies so they can track what you are viewing. The website will recognize your computer when you come back to visit again. Cache files help your browser go faster since it caches the files to be used. These are also left behind on your pc and includes everything, including pictures, sound files, video files, and text that you have browsed. If you share your pc in any way, you probably want to keep these cleaned when you get done browsing

It can for example contain some preferences that user have chosen before so later the same preferences can be applied instantly.

Websites send small text files known as cookies to your web browser in order to store information about your connection to their server, including authentication information, details about your online session, and any preferences you may have saved. Cookies are particularly useful when you want a website to auto-sign you into a web service, but like the cache, they could be used to compromise your privacy if someone gained access to your computer.

             HttpCookie cookie = new HttpCookie("user");

             cookie["name"] = "John";  

             Response.Cookies.Add(cookie);

Cache object is shared between users in a single application. Its primary purpose is to cache data from a data store and should not be used as a primary storage. It supports automatic invalidation features. If data requested by client actually is in cache then it's called a cache hit. The more cache hits the better because then your application simply works faster. The number of cache hits depends of course on the size of the memory and the implementation of caching.

Browser Cache: In order to speed up web browsing, browsers are designed to download web pages and store them on your computer in an area called the cache (pronounced cash). When you visit the same page for a second time, the browser speeds up the display time by loading the pages locally from the cache instead of downloading everything again.  

It can also include login IDs, passwords, banking information, and other sensitive information. Clearing your cache can significantly improve the speed and performance of your browser and ensures that anyone who uses the same computer and browser after you (particularly on public computers) will not see your private information. It's a good habit to clear your cache from time to time.

Caching Server

A caching server performs functions similar to those of a browser cache, only on a much larger scale. Where a browser cache is responsible for storing web objects for a single browser application on a single machine, a cache server stores web objects for a larger number of clients or perhaps even an entire network. With a cache server, all web requests from a network are passed through caching server, which then will serve the requested files to the client. The cache server can deliver content either directly from its own cache of objects, or by retrieving objects from the internet and then serving them to clients. 

Cache servers are a more efficient than browser caches as this network-level caching process makes the object available to all users of the network once it has been retrieved. With a browser cache, each user and, in fact, each browser application on a specific client must maintain a unique cache of files that is not shared with other clients or applications.

Also, cache servers use additional information provided by the web server in the headers sent along with each web request. Browser caches simply re-validate content with each request, confirming that the content has not been modified since it was last requested.

In ASP.NET there are three types of caching:

• Page Level Caching - it's simply caching whole HTML code of generated page:
  <%@ OutputCache Duration="30" VaryByParam="*" %>
• Fragment Caching - caching small fragments of your website like for example user controls:
  <%@ OutputCache Duration="60" VaryByParam="none" VaryByControl="CategoryDropDownList" %>
• Caching Data Objects - allows you to cache objects from your application such as a table for instance :
  You can also save data to cache simply by using cache object, it's working like the standard dictionary with key-pairs value. It's best to show this on an example.Cache["name"] = "Steve";Retrieving data is equally simple:
if (Cache["name"] != null)
{ 
Label1.Text = Cache["name"].ToString(); 
} 
Please note that firstly we have to check if data stored in cache still exists, it could have been deleted by client's browser.

A bookmark in a Web browser is essentially the same thing as a bookmark in a book.
It saves the page URL/location, allowing you to come back to it whenever you may need to.
It saves the user from remembering their exact path to finding a certain website or page.

Difference between GET & POST

Features	GET method	POST method
Fundamental Difference is probably the Visibility	GET request is sent via the URL string (appended to the URI with a question-mark as separator), which is visible.	POST request is encapsulated in the body of the HTTP request and can't be seen.
Length	Since, GET request goes via URL, so it has a limitation for its length. It can't be more than 255 characters long.	No such maximum length limitation holds for the POST request for the obvious reason that it becomes a part of the body of the HTTP request where there is no size limitation.
Performance	GET request is comparatively faster as it's relatively simpler to create a GET request.	Much time spent in the encapsulation of the POST request in the HTTP body .
Type of Data	GET request is sent via URL string and as we all know that URL can be text-only, so GET can carry only text data.	POST has no such restriction and it can carry both text as well as binary data.
Caching/Bookmarking	It can be cached as well as Bookmarked because GET request is nothing but an URL.	No such luxuries with a POST request.
FORM Default	GET is the default method of the HTML FORM element.	To submit a FORM using POST method, we need to specify the method attribute and give it the value "POST".
Data Set	GET requests are restricted to use ASCII characters only.	POST requests can use the 'enctype' attribute with a value "multipart/form-data" to use the Universal Multiple-Octet Coded Character Set (UCS).

What is HTTPS?

Hyper Text Transfer Protocol Secure (HTTPS - or HyperText Transfer Protocol with Secure Sockets Layer) is a secure version of the Hyper Text Transfer Protocol (http). HTTPS is a protocol to transfer encrypted data over the Web. HTTPS allows secure ecommerce transactions, such as online banking.

Web browsers such as Internet Explorer and Firefox display a padlock icon to indicate that the website is secure. It also displays https:// in the address bar.

When a user connects to a website via HTTPS, the website encrypts the session with a digital certificate.

SSL provides secure, transport-level security. Nobody between client and server should be able to read the information. When a SSL Digital Certificate is installed on a web site, users can see a padlock icon at the bottom area of the navigator. When an Extended Validation Certificates is installed on a web site, users with the latest versions of Firefox, Internet Explorer or Opera will see the green address bar at the URL area of the navigator.

Why Is A SSL Certificate Required?

With booming Internet trends and fraud, most will not submit their private details on the web unless they know that the information they provide is securely transmitted and not accessible for anyone to view.

Below things are needed:

1. A Web server such as Apache that supports SSL encryption.
2. A Unique IP address
3. An SSL Certificate from an SSL certificate provider

Some tips for using HTTPS:

• Point to all Web forms on the https:// server
• Use relative paths to images on secured pages
• Secure only the pages that request and collect data

SMART IDENTIFICATION

The Smart Identification mechanism uses two types of properties:

· Base Filter Properties—The most fundamental properties of a particular test object class; those whose values cannot be changed without changing the essence of the original object. For example, if a Web link's tag was changed from {A} to any other value, you could no longer call it the same object.

· Optional Filter Properties—Other properties that can help identify objects of a particular class. These properties are unlikely to change on a regular basis, but can be ignored if they are no longer applicable.

Understanding the Smart Identification Process

If QuickTest activates the Smart Identification mechanism during a run session (because it was unable to identify an object based on its learned description), it follows the following process to identify the object:

1. QuickTest "forgets" the learned test object description and creates a new object candidate list containing the objects (within the object's parent object) that match all of the properties defined in the Base Filter Properties list.
2. QuickTest filters out any object in the object candidate list that does not match the first property listed in the Optional Filter Properties list. The remaining objects become the new object candidate list.
3. QuickTest evaluates the new object candidate list:

o If the new object candidate list still has more than one object, QuickTest uses the new (smaller) object candidate list to repeat step 2 for the next optional filter property in the list.
o If the new object candidate list is empty, QuickTest ignores this optional filter property, returns to the previous object candidate list, and repeats step 2 for the next optional filter property in the list.
o If the object candidate list contains exactly one object, then QuickTest concludes that it has identified the object and performs the statement containing the object.
4. QuickTest continues the process described in steps 2 and 3 until it either identifies one object, or runs out of optional filter properties to use.
If, after completing the Smart Identification elimination process, QuickTest still cannot identify the object, then QuickTest uses the learned description plus the ordinal identifier to identify the object. If the combined learned description and ordinal identifier are not sufficient to identify the object, then QuickTest stops the run session and displays a Run Error message.

Reviewing Smart Identification Information in the Test Results

If the learned description does not enable QuickTest to identify a specified object in a step, and a Smart Identification definition is defined (and enabled) for the object, then QuickTest tries to identify the object using the Smart Identification mechanism.
If QuickTest successfully uses Smart Identification to find an object after no object matches the learned description, the Test Results receive a warning status and indicate that the Smart Identification mechanism was used.
If the Smart Identification mechanism cannot successfully identify the object, QuickTest uses the learned description plus the ordinal identifier to identify the object. If the object is still not identified, the test or component fails and a normal failed step is displayed in the results.