Cheer up!

----------------------- Borrowed OR rather clashed thoughts ----------------------

Don't cry because it's over. Smile because it happened.

Don't wait for the Last Judgment. It happens every day.

Remember, if you’re headed in the wrong direction, God allows U-turns!

If you don't like how things are, change it! You're not a tree.

Now that it's all over, what did you really do yesterday that's worth mentioning?

Too many people overvalue what they are not and undervalue what they are.

One day at a time--this is enough. Do not look back and grieve over the past for it is gone; and do not be troubled about the future, for it has not yet come. Live in the present, and make it so beautiful it will be worth remembering.

Never give up on something that you can't go a day without thinking about.

Watch your thoughts; they become words.
Watch your words; they become actions.
Watch your actions; they become habits.
Watch your habits; they become character.
Watch your character; it becomes your destiny.

Never regret. If it's good, it's wonderful. If it's bad, it's experience.

A journey of a thousand miles begins with a single step.

If you don't like something change it; if you can't change it, change the way you think about it.

To wish you were someone else is to waste the person you are.

Whatever you are doing, love yourself for doing it. Whatever you are feeling, love yourself for feeling it.

It is better to fail in originality than to succeed in imitation.

Don't be afraid to give up the good for the great.

Stop acting as if life is a rehearsal. Live this day as if it were your last. The past is over and gone. The future is not guaranteed.

Test F-connect login integration with site

Test F-connect login integration with site

High level scenarios:

(CASE I). User uses same Email ID for creating account and F-connect login.
a. System must allow the user to do so.
b. Also, since the email ID is same, single account must be maintained for both F-connect and site login.

(CASE II). User uses different Email ID for creating account and F-connect.
a. Two separate account's must be created and maintained.

Low level scenarios:

(CASE I). User uses same Email ID for creating account and F-connect login.
1. User first creates site account. Uses F-connect to login at later point of time and _places order without updating his site account.
> This case, all details provided by user while creating account must be pre-populated on checkout page.
> User must be able to edit the same. Edited details except First name, Last name and Email ID, everything else must be updated in user's table and as well in order's table.

2. User first creates site account, updates the same on "My account" page and then places order.
> > This case, all the details provided by user on "My Account" page must be pre-populated on checkout page. Any updation must update only the order related table(no updation on user table).

3. User could first login using F-connect and then create account to place order.
> > This case, Checkout page must pre-populate Email ID, First name and Last name. And user must be forced to add other details - Password, Billing address, Shipping address, Credit card info in order to place order. This updation must update both user table and as well order related table.

(CASE II). User uses different Email ID for creating account and F-connect.
1. This case, user must be treated as two separate user. Thus, account and order must be maintained separately.

Test pre-authorization of credit card using pay pal.

Knowing what pre-authorization is the key. So, understand what is it if it's new word.
1. Login to pay-pal sand box account > click on "Test Account" and make a note of the total balance amount.
2. Login to the site and place an order. Check pay-pal > Initial amount must be retained. And confirm the amount on hold(Under review status).
3. On site, place enough quantity of items to trigger the release of pre-authorization.
Then check paypal > all of the order amount must be summed up to the initial balance.

For now, this is it.
Will describe in depth when I find sufficient time.

Test Hours of Operation

1. Check open, close time as 12am to 12pm and break time within this.
(Hint for developers - It doesn't work fine unless 12 is zeroed.)

2. Check by adding only minutes - 0:55 am; 0:00pm.. It must not accept this input.

3. Check if it allows to add two different work hours for same week day. It must not allow.

4. Check if the added work hours are showing in an order, and not like last in - first display.

5. Edit mode - break hours check-box must be checked(if break hours already is added while adding work hours).

6. Open time = Close time = Break open time = Break close time must not be accepted.
Valid input:
Open time < Close time.
Open time > Break open time.
Close time > Break close time.

7. Only one HOP section must be open at once. No action must open more than one HOP section.

8. Delete HOP must ask for confirmation - if user really wants to delete?

9. Add/edit must work as Insert/Update respectively.

10. "Select All" check-box is needed for selecting weekdays is implemented using check-box.

11. Error messages:
a. Close time should be greater than the Open time
b. Please select Open time
c. Please select Close time
d. Close time should not be equal to Open time
e. Please select Break End time
f. Please select Break Start time
g. Hours of operation for Sun, Mon, Tue, Wed, Thu, Fri, Sat are already added. Please use "Edit" link to update it
h. Break Start time should be greater than the Open time
i. Break Start time should be lesser than the Close time
J. Please select working day(s)

Test CAPTCHA

CAPTCHA(Completely Automated Public Turing Test to tell the Computers from Human Apart)

1. Must not allow user to copy/paste it.
2. It must not have dictionary words(so that it is difficult for hacker make computer guess)
3. It must not have offensive words(normally won't be, just in case.)
4. It must be random. It must display new image once invalid one is submitted.(AJAX implementation will be user friendly, so that it doesn't wait for user to refresh the page manually).
5. It must be case sensitive(based on rqts.)
6. Must provide audio to help visually impaired people.

Test local search engine

Search must work for all inputs. There is no invalid data for search. System should perform search for all input provided by user and show respective result(found/not found).

1. Try XSS injection - Enter the following script in search field and hit enter button

It should not execute the script. It should show a message saying no match found for your search.

2. Try to search keyword with special characters in it (!, @, #, $, %,^, &, *,(,_, -, +, =, `,~).
URL encoding must be done and hence should not result in bad URL request error.

3. Try to search keyword with space besides the keyword on right and left.
It must trim the spaces, fetch the matching records, and show it as results.

4. Check the max and minimum keyword size that can be searched. Depends on requirement.

5. Search without entering any keyword. System must instruct user to enter keyword and then search.

6. Perform search and bookmark the results page.
This page must be accessible anytime later.

7. Manipulate the bookmarked URL with new search.
Search should work and show corresponding result.

8. If wild card search is allowed, then nearest matching result must show up first and then follow with least matching result.

9. Pagination if any must be checked. Alpha pagination if any - starting letters in result set only must be highlighted in the pagination.
Numerical pagination count must be correct. Showing X1-X5 of XX must be verified.
On 2nd page, this pagination message must be X6-X10 of XX.

10. Search field must be focused if there is no other field on the page.

11. Search must work without depending on mouse also. Must support Enter key.

12. Disable javascript. Search must support and work without javascript also.
Check error scenarios with javascript disabled.

13. Try search with mixed case - "SeArCh" It must work.

14. Search keyword with apostrophe. "/" must not appear in search result.

15. Search keyword must be retained in search field anytime a search is performed.

16. Try to search keyword with maximum and minimum limit. It must work.

17. Try to search keyword with less than minimum and more than max limit. It must show error message.

18. Search keyword must be shown on page title, URL also - to enhance SEO.

19. If look ahead completion is provided for search, then it must work be case in-sensitive and also must work for keyboard keys also(up, down arrows; enter key)

20. Pagination using AJAX is not SEO friendly as of today. So, avoid AJAX pagination.
Google search engine doesn't recognize AJAX calls, and hence doesn't index the paginated AJAX links.

21. Bookmark the 2nd page of search result which is implemented without AJAX. Clear cache, cookies, session and open the bookmarked link. It must support "Next" and "Previous" links.
Also, the search keyword used while bookmarking must show in the keyword search field.

22. View the site with a text browser ( Eg: http://www.delorie.com/web/lynxview.html). This is nearest to search engine's view of the site.

Note: Will update the above list as I explore.

Test Login form

1. Try submitting blank input for both user name and password.
2. Try submitting valid Email ID, invalid password
3. Try submitting invalid Email Id, valid password
4. Mouse cursor must be focused in user name field.
5. Login using valid data and click on "Back" button of browser.
It should show page expired message.
6. Login using valid data and then copy paste the URL on another browser.
It should redirect to Login page URL.
7. Enter email ID in caps and respective password. It must work.
8. Check uniqueness of email ID. "ajishaek@gmail.com ; aJISHaek@gmail.com; AJISHAEK@GMAIL.COM" all must be treated as same.
9. Password must be case sensitive.
10. Form must work without depending on mouse. Must support tab and enter key.
11. Check max and minimum length of user name and password field. Check the respective data type constraint in DB, sign up with more than max limit. Try the same ID for login.
12. Sign up using special characters and use the same while logging in.
13. Try SQL injection - Submit the form by entering "anything' OR 'x'='x" in user name field and password field. It shouldn't accept.
14. Watch http response(firebug), user ID and password must be transmitted using POST Method only. Password must not be visible in plain text. It must be encrypted.
15. Login and then clear cache. Login must be still retained.
16. Login and clear session. Login must not be retained.
17. Login and clear cookie. Login must not be retained.
18. Click on "Remember Me" option while logging in. Close and re-open browser. It must not log out the user. It must retain the user login.
19. Only one user must be logged in at any time. If any user is already logged in, then system should not allow any other user to login.
20. Use same password for different Email ID - both must be treated unique.
21. Manipulate the ID if the user ID is passed in URL after login. It must not allow to access other user's details.

Note: Will update the above list eventually as I explore.