140 likes | 308 Views
QR MARKS THE SPOT. TEST CASE SCENARIOS. TEST CASE #1. In this project, Game Search Module is used in a variety of situtations. Every user need this module to find the game they wanted to play. Also in creation process, game creators may want to change or delete their games. TEST CASE #1.
E N D
QR MARKS THE SPOT TEST CASE SCENARIOS
TEST CASE #1 • In this project, Game Search Module is used in a variety of situtations. Every user need this module to find the game they wanted to play. • Also in creation process, game creators may want to change or delete their games.
TEST CASE #1 • However, this Search and Find textboxes can be used to find other query irrelevant information from database. • As we know, this systems use SQL statements when finding the data from the storage.
TEST CASE #1 • Sql Injections; is a code injection technique that exploits a security vulnurability in some computer software. • The vulnerability is present when user input is either incorrectly filtered for string literal escape charactersembeddedinSQL statements or user input is not strongly typed and unexpectedly executed.
TEST CASE #1 Typical Query of SQL code; statement = "SELECT * FROM users WHERE name = '" + userName + "';"
TEST CASE #1 If i can somehow search this query; Statement=SELECT* FROM users WHERE name = '' OR '1'='1'; THIS WILL ALWAYS BE TRUE!!! So, every data would fit into my query and set in front of me..
TEST CASE #1 Some real world examples; • On November 1, 2005, a teenage hacker used SQL injection to break into the site of a Taiwanese information security magazine from the Tech Target group and steal customers' information. • On January 13, 2006, Russian computer criminals broke into a Rhode Island government web site and allegedly stole credit card data from individuals who have done business online with state agencies. • On March 29, 2006, a hacker discovered an SQL injection flaw in an official Indian government tourism site... (*) (*) http://en.wikipedia.org/wiki/SQL_injection
TEST CASE #3 • The user may be trying to login into server when he or she was already logged in the game.
TEST CASE #4 • User tries very huge or a negative number for the steps required to finish the game.