1 / 14

QR MARKS THE SPOT

QR MARKS THE SPOT. TEST CASE SCENARIOS. TEST CASE #1. In this project, Game Search Module is used in a variety of situtations. Every user need this module to find the game they wanted to play. Also in creation process, game creators may want to change or delete their games. TEST CASE #1.

wylie-avery
Download Presentation

QR MARKS THE SPOT

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. QR MARKS THE SPOT TEST CASE SCENARIOS

  2. TEST CASE #1 • In this project, Game Search Module is used in a variety of situtations. Every user need this module to find the game they wanted to play. • Also in creation process, game creators may want to change or delete their games.

  3. TEST CASE #1 • However, this Search and Find textboxes can be used to find other query irrelevant information from database. • As we know, this systems use SQL statements when finding the data from the storage.

  4. TEST CASE #1 • Sql Injections; is a code injection technique that exploits a security vulnurability in some computer software. • The vulnerability is present when user input is either incorrectly filtered for string literal escape charactersembeddedinSQL statements or user input is not strongly typed and unexpectedly executed.

  5. TEST CASE #1 Typical Query of SQL code; statement = "SELECT * FROM users WHERE name = '" + userName + "';"

  6. TEST CASE #1 If i can somehow search this query; Statement=SELECT* FROM users WHERE name = '' OR '1'='1'; THIS WILL ALWAYS BE TRUE!!! So, every data would fit into my query and set in front of me..

  7. TEST CASE #1 Some real world examples; • On November 1, 2005, a teenage hacker used SQL injection to break into the site of a Taiwanese information security magazine from the Tech Target group and steal customers' information. • On January 13, 2006, Russian computer criminals broke into a Rhode Island government web site and allegedly stole credit card data from individuals who have done business online with state agencies. • On March 29, 2006, a hacker discovered an SQL injection flaw in an official Indian government tourism site... (*) (*) http://en.wikipedia.org/wiki/SQL_injection

  8. TEST CASE #2

  9. TEST CASE #2

  10. TEST CASE #3 • The user may be trying to login into server when he or she was already logged in the game.

  11. TEST CASE #3

  12. TEST CASE #4 • User tries very huge or a negative number for the steps required to finish the game.

More Related