Testing Report

Project Title:

Inventory Management System

Proposed By:

Fajar Saleem

Registration Number: 03-3-1-015-22

1. Role-Based Access Control (RBAC)

Test Case ID	Description	Input	Expected Output	Actual Output	Pass/Fail
TC1.1: Admin login	Admin logs in and accesses AdminProducts.aspx	Admin credentials	Redirect to AdminDashboard.aspxy	Success	Pass
TC1.2: Manager login	Manager logs in tries to access its functionalities	Manager credentials	Redirect to ManagerDashboard.aspx	Success	Pass
Viewer accessing admin pagen	Viewer accesses AdminDashboard.aspx	Login as Viewer, access Admin URL	Redirect to error or access denied	Access Denied	Pass

Test Case ID

Description

Input

Expected Output

Actual Output

Pass/Fail

TC1.1: Admin login

Admin logs in and accesses AdminProducts.aspx

Admin credentials

Redirect to AdminDashboard.aspxy

Success

Pass

TC1.2: Manager login

Manager logs in tries to access its functionalities

Manager credentials

Redirect to ManagerDashboard.aspx

Success

Pass

Viewer accessing admin pagen

Viewer accesses AdminDashboard.aspx

Redirect to error or access denied

Access Denied

Pass

2. Session Management

Test Case ID	Description	Input	Expected Output	Actual Output	Pass/Fail
TC_SESS_01	User logs in	Valid login	Session is created	Session("Username") set	Pass
TC_SESS_02	Access page after logout	No session	Redirect to login	Redirected	Pass
TC_SESS_03	Tamper session	Access URL of dashboard without logging in	Redirect or logout	Redirected	Pass

Test Case ID

Description

Input

Expected Output

Actual Output

Pass/Fail

TC_SESS_01

User logs in

Valid login

Session is created

Session("Username") set

Pass

TC_SESS_02

Access page after logout

No session

Redirect to login

Redirected

Pass

TC_SESS_03

Tamper session

Access URL of dashboard without logging in

Redirect or logout

Redirected

Pass

3. Input Validation

Test Case ID	Description	Input	Expected Output	Actual Output	Pass/Fail
TC_INVAL_01	Leave all fields blank	Empty fields	Show error	Validation error	Pass
TC_INVAL_02	Enter invalid email in form	wrong@email	Show format error	Format error shown	Pass
TC_INVAL_03	Use special characters in name	"F@j@r"	Show validation error	Validation blocked	Pass

Test Case ID

Description

Input

Expected Output

Actual Output

Pass/Fail

TC_INVAL_01

Leave all fields blank

Empty fields

Show error

Validation error

Pass

TC_INVAL_02

Enter invalid email in form

wrong@email

Show format error

Format error shown

Pass

TC_INVAL_03

Use special characters in name

"F@j@r"

Show validation error

Validation blocked

Pass

4. Parameterized SQL Queries

Test Case ID	Description	Input	Expected Output	Actual Output	Pass/Fail
TC_SQL_01	SQL injection attempt in username	' OR '1'='1	Login fails	Invalid credentials	Pass
TC_SQL_02	SQL injection attempt in password	'DROP TABLE Users--	Login fails	Invalid credentials	Pass

Test Case ID

Description

Input

Expected Output

Actual Output

Pass/Fail

TC_SQL_01

SQL injection attempt in username

' OR '1'='1

Invalid credentials

Pass

TC_SQL_02

SQL injection attempt in password

'DROP TABLE Users--

Invalid credentials

Pass

5. Authentication System

Test Case ID	Description	Input	Expected Output	Actual Output	Pass/Fail
TC_AUTH_01	Correct credentials	Valid user & pass	Login success	Redirected	Pass
TC_AUTH_02	Incorrect credentials	Invalid password	Show error	Error shown	Pass
TC_AUTH_03	Non-existent user	Fake username	Show error	Error shown	Pass

Test Case ID

Description

Input

Expected Output

Actual Output

Pass/Fail

TC_AUTH_01

Correct credentials

Valid user & pass

Redirected

Pass

TC_AUTH_02

Incorrect credentials

Invalid password

Show error

Error shown

Pass

TC_AUTH_03

Non-existent user

Fake username

Show error

Error shown

Pass

6. Secure Redirection and Page Access Check

Test Case ID	Description	Input	Expected Output	Actual Output	Pass/Fail
TC_REDIRECT_01	Access page via URL directly without login	No session	Redirect to login	Redirected	Pass
TC_REDIRECT_02	Access page with incorrect role	Viewer tries admin page	Redirect or error	Redirected	Pass

Test Case ID

Description

Input

Expected Output

Actual Output

Pass/Fail

TC_REDIRECT_01

Access page via URL directly without login

No session

Redirect to login

Redirected

Pass

TC_REDIRECT_02

Access page with incorrect role

Viewer tries admin page

Redirect or error

Redirected

Pass

7. CAPTCHA on Login Page

Test Case ID	Description	Input	Expected Output	Actual Output	Pass/Fail
TC_CAPTCHA_01	Submit correct CAPTCHA	Correct answer	Login processed	Success	Pass
TC_CAPTCHA_02	Submit incorrect CAPTCHA	Wrong answer	Show error	CAPTCHA error	Pass
TC_CAPTCHA_03	Leave CAPTCHA blank	No input	Show error	CAPTCHA error	Pass

Test Case ID

Description

Input

Expected Output

Actual Output

Pass/Fail

TC_CAPTCHA_01

Submit correct CAPTCHA

Correct answer

Success

Pass

TC_CAPTCHA_02

Submit incorrect CAPTCHA

Wrong answer

Show error

CAPTCHA error

Pass

TC_CAPTCHA_03

Leave CAPTCHA blank

No input

Show error

CAPTCHA error

Pass

Security Feature 7: Password Hashing (Optional/Future)

Test Case	Input	Expected Output	Result
TC7.1: Check database password storage	View DB	Passwords should be hashed, not plaintext	Fail / Plan to implement
TC7.2: Login with hashed password	Match hashed input with DB hash	Login successful if correct	Not implemented yet

Test Case

Input

Expected Output

Result

TC7.1: Check database password storage

View DB

Passwords should be hashed, not plaintext

Fail / Plan to implement

TC7.2: Login with hashed password

Match hashed input with DB hash

Not implemented yet

Problem 3 - Testing of Security Features

Project Title:

Proposed By:

1. Role-Based Access Control (RBAC)

2. Session Management

3. Input Validation

4. Parameterized SQL Queries

5. Authentication System

6. Secure Redirection and Page Access Check

7. CAPTCHA on Login Page

Security Feature 7: Password Hashing (Optional/Future)