Example.com: Always Use It for Testing

Testing with example.comBackground

I was looking over some software tests today and they had different testing addresses such as test.com or test@test.com. This got me to thinking, isn’t there a standard site or address that we should use for testing? It didn’t take me long to find my answer; example.com. More on that in a bit.

Security Concerns

A couple of thoughts that came up while thinking about this; where is my information going while testing with made up sites and what kind of data am I sending? From a security standpoint, using unknown sites for testing may reveal flaws, sensitive data or PII to parties that may not have the best intentions in mind. Let me throw a hypothetical out there. Suppose I am a party that sees an opportunity to purchase the domain name tester.com. My reason for purchasing such a domain is not for legitimate reasons but rather as a honey pot. With that honey pot, I harvest the information by pulling in emails that come to that domain. Once that information is in hand, they could sell it on the dark web. Thankfully, my honor is paramount to me so I will not do such a thing.

Real Life Examples

A quick search on whois found the following: test.com has a private registration in the United States. We don’t know who owns this site. The question here is what are their intentions for the data they gather? Registration for somewhere.com is private in Panama. Nowhere.com redirects to a media outlet in Germany that looks like a simple front site. The last update for this site? 2012. I’m not saying that this one is, but its suspicious in the very least. A web advertising agency owns the site Test-site.com. There is a potential that the owner of test@test-site.com may add emails gleaned from tests to spam lists. How would your clients feel about a sudden influx of spam?

Other Concerns

A less evil, but realistic concern using random sites is that some of these sites could be real and legit. Take, for example a company named Pinacle Associates; I have no idea if such a company exists and please don’t bombard them with emails. Tes Thompson is an SVP for Public Relations for this company. For emails, this company decided on the naming scheme of first name last initial. In this case, Tes’s email would be test@pinacle-associates.com; again, I don’t know if this exists, so please be kind and don’t spam it. Imagine the amount of mail she must get if a test team decided to use her email address for testing?

The Solution: Example Domains

So what is the solution then? Set aside for the very purposes of testing and documentation are Example.com, example.net, example.org and example.edu. The Internet Corporation for Assigned Names and Numbers or ICANN owns and manages these domains. These are the folks that give out and manage domain names.

Conclusion

So the moral of the story here is that you should always use one of the example domains. Using a domain such as example.com when testing software will help prevent inadvertently leaking PII data. Your company or client values their data and wants it kept secure.

PHPUnit – Unit Testing with PHP

Unit Testing
Unit Testing

In modern software development, unit testing can no longer be an ignored activity, especially for object oriented programming (OOP). I have been coding in PHP for several years now. I thought I’d share my thoughts on unit testing in PHP with you.

Unit Testing in PHP

OOP has so many advantages over procedural programming and unit testing is one of them. I’m not saying that unit testing can’t be done with procedural styles, but it has a much better use case in OOP programming. I am not going to get into the nuts and bolts of setting up PHPUnit for your PHP project, but JetBrains, the folks behind my favorite IDE for PHP, have an excellent article about setting up PHPUnit for PhpStorm. It can be found here.

Once PHPUnit is set up, writing tests is easy. Just plug in what you want to send to a method and tell PHPUnit what you expect the results to be.

Skeleton Framework

Here is a basic skeleton framework for writing tests.

 

<?php
/**
 * Created by PhpStorm.
 * User: aaron
 * Date: 8/13/17
 * Time: 12:03 PM
 */

require '../lib/Utilities/Utilities.php';

class UtilitiesTest extends PHPUnit_Framework_TestCase {


/* ** Test Initialization ** */

private $utilities;

protected function setUp()
{
  $this->utilities = new Utilities();
}

protected function tearDown()
{
  $this->utilities = NULL;
}

/* ** Tests ** */


/* ** addTwoNumbers() Tests ** */

public function test_addTwoNumbers() {

  $number1 = 2;
  $number2 = 3;

  $result = $this->utilities->addTwoNumbers($number1, $number2);

  $this->assertEquals(5, $result);

}

/* ** subtractTwoNumbers() Tests ** */

public function test_subtractTwoNumbers() {

  $number1 = 2;
  $number2 = 6;

  $result = $this->utilities->subtractTwoNumbers($number1, $number2);

  $this->assertEquals(-4, $result);

}


}

PHP Assertions

There are a whole slew of assertions built into PHPUnit, assertEquals() is just one of them. Assertions such as assertNull(), assertNotNull(), assertContains() are some of the most common ones used. For a complete list, check out the assertions link of the PHPUnit documentation.

See, that really is pretty simple. Of course, when writing unit tests, there is a danger for the mind to wander and think of ‘what if’ scenarios, especially if you come from a quality background such as a QA Analyst. Unit tests should cover the functionality of the component being tested and nothing else; that is what QA is for; they will find the functional defects, you just need to make sure your code works as expected. That is where the unit tests shine.

The Purpose of Unit Testing

This can’t be stressed enough, the primary purpose of unit tests are not to find defects, they just make sure that the components of code work as they should. Even though the unit tests will find a defect in the above examples if it shows that 2 + 3 = 4, that is not the purpose of the test as this will be found during functional testing. The purpose is just to make sure that the method works correctly; calculator examples are also the easiest examples to demonstrate code.