More and more developers understand that their applications need to have quality and businesses are investing in improving quality of their web applications. Testing is by far the best way to ensure that web applications are doing what’s being expected of them. Applying coding standards, preventing complex coding structures and eliminating duplicated code are necessary the code base is easy maintainable.
As stated above, testing is the first and foremost way to ensure a piece of code is doing exactly what’s being expected of it. This is often called “Unit Testing” and will validate the smallest piece of logic. Unit testing is a straight-forward approach to test a piece of executable code is resulting in an expected result.
Sometimes you need to have end-to-end tests to ensure that the overall functionality is guaranteed, even when your unit tests cover most of your requirements. This is where automated acceptance tests will have a benificial advantage. These tests will process the application from an end-user’s perspective, starting at point A and processes the complete flow until point Z is reached. These automated acceptance tests will report a success or failure on the complete expected functionality, but they don’t give you any insights on performance.
Using benchmark tools you can push your architecture to its limits and see what the performance limitations are of your web application. You can approach them as a group of users targetting a single page simultaniously or a group of pages randomly. You can even put your database queries on the grill and benchmark their impact on the system. A perfect way to validate your refactoring efforts have made a significant change in performance or not.
Security is also something that requires proper testing, preferrably straight from the start of your project. Chris Cornutt recently told the audience at PHPBenelux Conference 2015 #phpbnl15: “Security can’t be an aftertought”. He’s right, security is something you need to implement directly at the beginning of the project and you should test your protection is working.
For years Michelangelo has been talking about testing web applications and was showing how people could test clean code examples. Unfortunately most developers are not starting with a clean project and have to deal with nasty spaghetti code from the past. Therefor he’s going to talk about “testing legacy php applications” at SunshinePHP in Miami, FL. He will take an example PHP project from GitHub and starts testing it. By using the “fail-first” approach, he will use code coverage to validate he’s covered the cyclomatic complexity of code and will give you examples on how to test private methods and properties.
Be sure to participate in his workshop “Improving quality assurance on PHP projects” at SunshinePHP where he will give you hands-on examples on how to test, secure and clean up your applications. After this workshop you will be able to improve the quality of your own applications.