Thursday, July 31, 2008

Tips for Designing User Friendly Application

  1. Design the application around the Critical Task
  2. Do not use too many features, forms etc
  3. In a page, fields should be Group into categories
  4. Navigation should be in one place
  5. Button location should be in one place
  6. Use clear, obvious language
  7. Error, Warning message should be Comprehend and understandable
  8. Important Information should be prominently displayed
  9. Use Words instead of Icons
  10. Back ground page should be well suited with the Page content
Posted by at No comments:

Tuesday, July 15, 2008

Locks in SQL Server 2005

When multi user access database simultaneously or we can say that when two or more user wants to change a piece of information at the same time. Locks are a mechanism for preventing a process from performing an action on an object those conflicts with something already being done on that object. For example user one tries to read date while other user making changing information on the same data. Then guess which data user one see, Changed or unchanged? Data may be logically Incorrect. So dealing with data concurrency in database is a process called locking. SQL Server lock manager do this locking.

Lockable Resources

  • Table
  • Page
  • Key
  • Row


Lock Escalation and lock effects on performance
Escalation is all about recognizing that maintaining a finer level of gratuity (means a row lock instead of page lock), when the number of item being locked is small. Escalation is based on the number of locks rather then the number of user in a single time.
Lock Modes: means what level of resources you are locking or what lock mode your query is going to acquire.
1) Shared Lock: is used when you only need to read the data that is you don’t want to change. It prevents user from dirty reads.
2) Exclusive Locks: these are not compatible with any other lock or we can say that we can’t implement this if any other lock exists or vice versa. This is used to preventing from updating, deleting or doing whatever at the same time.
3) Update Lock: are hybrid between shared locks and exclusive locks. It is a special kind of placeholder. This means that until you go to make a physical updates you need a shared lock. At the time of physical update, you will need an exclusive lock.
4) Intents Locks: is a true placeholder and is meant to deal with the object hierarchies. For example when you have a lock established on a row. But some one wants to establish a lock on a page, or extent or modify a table. You would not want another transaction to go around yours by going higher up the hierarchy. Without indent lock the higher level object would not even know that you had the lock at the lower level.
5) Schema Locks: This lock have two main forms:

· Schema Modification Lock (Sch-M):When you have this lock then no query or other create, alter or drop statements can be run against this object for the duration of Sch-M locks.

· Schema stability lock (Sch-s): This is very similar to a shared lock. The purpose of this lock is to prevent a Sch-M since there are already locks for other queries (create, alter, drop statements) active on the object. This is compatible with all other lock types.


6) Bulk Update Lock: is used to allow parallel loading of data that is locked from
any other normal T-Sql statement activities. But multiple bulk insert or BCP operations can be performed at the same time.


7) Serializable/HOLDLOCK: Once a lock is held by a statement in a transaction that lock is not released until the transaction is ended (via rollback or commit). Any insert are also prevented if the inserted record would match the criteria in the where clause in the query that maintain the lock (No Phantoms). This is the highest isolation level and guarantees absolute consistency of data.
8) READUNCOMMITTED/NOLOCK: means no lock or does not honor any other lock. But while a very fast option. It can generate dirty read.

Deadlock
It is not a type of lock in itself where it is a situation when a paradox comes or we can say that when a transaction want a resources and that resources hold by other transaction and both are locked in own side. Means no any transection works.

· By using transaction and lock we can minimize deadlocks and improve the overall performance of our system.

Posted by at 2 comments:

ACID model of Database

The ACID model is one of the oldest and most important concepts of database theory. It sets forward four goals that every database management system must strive to achieve: atomicity, consistency, isolation and durability. No database that fails to meet any of these four goals can be considered reliable.

Let’s take a moment to examine each one of these characteristics in detail:

Atomicity states that database modifications must follow an “all or nothing” rule. Each transaction is said to be “atomic.” If one part of the transaction fails, the entire transaction fails. It is critical that the database management system maintain the atomic nature of transactions in spite of any DBMS, operating system or hardware failure.

Consistency states that only valid data will be written to the database.If, for some reason, a transaction is executed that violates the database’s consistency rules, the entire transaction will be rolled back and the database will be restored to a state consistent with those rules. On the other hand, if a transaction successfully executes, it will take the database from one state that is consistent with the rules to another state that is also consistent with the rules.

Isolation requires that multiple transactions occurring at the same time not impact each other’s execution. For example, if Joe issues a transaction against a database at the same time that Mary issues a different transaction, both transactions should operate on the database in an isolated manner. The database should either perform Joe’s entire transaction before executing Mary’s or vice-versa. This prevents Joe’s transaction from reading intermediate data produced as a side effect of part of Mary’s transaction that will not eventually be committed to the database. Note that the isolation property does not ensure which transaction will execute first, merely that they will not interfere with each other.

Durability ensures that any transaction committed to the database will not be lost. Durability is ensured through the use of database backups and transaction logs that facilitate the restoration of committed transactions in spite of any subsequent software or hardware failures.

Posted by at 1 comment:

Website Cookie Testing

We will first focus on what exactly cookies are and how they work. It would be easy for you to understand the test cases for testing cookies when you have clear understanding of how cookies work? How cookies stored on hard drive? And how can we edit cookie settings?

What is Cookie?
Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve information from that machine. Generally cookie contains personalized user data or information that is used to communicate between different web pages.

Why Cookies are used?
Cookies are nothing but the user’s identity and used to track where the user navigated throughout the web site pages. The communication between web browser and web server is stateless.

For example if you are accessing domain http://www.example.com/1.html then web browser will simply query to example.com web server for the page 1.html. Next time if you type page as http://www.example.com/2.html then new request is send to example.com web server for sending 2.html page and web server don’t know anything about to whom the previous page 1.html served.

What if you want the previous history of this user communication with the web server? You need to maintain the user state and interaction between web browser and web server somewhere. This is where cookie comes into picture. Cookies serve the purpose of maintaining the user interactions with web server.

How cookies work?
The HTTP protocol used to exchange information files on the web is used to maintain the cookies. There are two types of HTTP protocol. Stateless HTTP and Stateful HTTP protocol. Stateless HTTP protocol does not keep any record of previously accessed web page history. While Stateful HTTP protocol do keep some history of previous web browser and web server interactions and this protocol is used by cookies to maintain the user interactions.

Whenever user visits the site or page that is using cookie, small code inside that HTML page (Generally a call to some language script to write the cookie like cookies in JAVAScript, PHP, Perl) writes a text file on users machine called cookie.

When user visits the same page or domain later time this cookie is read from disk and used to identify the second visit of the same user on that domain. Expiration time is set while writing the cookie. This time is decided by the application that is going to use the cookie.

Generally two types of cookies are written on user machine.

1) Session cookies: This cookie is active till the browser that invoked the cookie is open. When we close the browser this session cookie gets deleted. Some time session of say 20 minutes can be set to expire the cookie.
2) Persistent cookies: The cookies that are written permanently on user machine and lasts for months or years.

Applications where cookies can be used:

1) To implement shopping cart:
Cookies are used for maintaining online ordering system. Cookies remember what user wants to buy. What if user adds some products in their shopping cart and if due to some reason user don’t want to buy those products this time and closes the browser window? When next time same user visits the purchase page he can see all the products he added in shopping cart in his last visit.

2) Personalized sites:
When user visits certain pages they are asked which pages they don’t want to visit or display. User options are get stored in cookie and till the user is online, those pages are not shown to him.

3) User tracking:
To track number of unique visitors online at particular time.

4) Marketing:
Some companies use cookies to display advertisements on user machines. Cookies control these advertisements. When and which advertisement should be shown? What is the interest of the user? Which keywords he searches on the site? All these things can be maintained using cookies.

5) User sessions:
Cookies can track user sessions to particular domain using user ID and password.

Drawbacks of cookies:

1) Even writing Cookie is a great way to maintain user interaction, if user has set browser options to warn before writing any cookie or disabled the cookies completely then site containing cookie will be completely disabled and can not perform any operation resulting in loss of site traffic.

2) Too many Cookies:
If you are writing too many cookies on every page navigation and if user has turned on option to warn before writing cookie, this could turn away user from your site.

3) Security issues:
Some times users personal information is stored in cookies and if someone hack the cookie then hacker can get access to your personal information. Even corrupted cookies can be read by different domains and lead to security issues.

4) Sensitive information:
Some sites may write and store your sensitive information in cookies, which should not be allowed due to privacy concerns.

This should be enough to know what cookies are. If you want more cookie info see Cookie Central page. The first obvious test case is to test if your application is writing cookies properly on disk. You can use the Cookie Tester application also if you don’t have any web application to test but you want to understand the cookie concept for testing.

Some Major Test cases for web application cookie testing:

The first obvious test case is to test if your application is writing cookies properly on disk. You can use the Cookie Tester application also if you don’t have any web application to test but you want to understand the cookie concept for testing.

Test cases:

1) As a Cookie privacy policy make sure from your design documents that no personal or sensitive data is stored in the cookie.

2) If you have no option than saving sensitive data in cookie make sure data stored in cookie is stored in encrypted format.

3) Make sure that there is no overuse of cookies on your site under test. Overuse of cookies will annoy users if browser is prompting for cookies more often and this could result in loss of site traffic and eventually loss of business.

4) Disable the cookies from your browser settings: If you are using cookies on your site, your sites major functionality will not work by disabling the cookies. Then try to access the web site under test. Navigate through the site. See if appropriate messages are displayed to user like “For smooth functioning of this site make sure that cookies are enabled on your browser”. There should not be any page crash due to disabling the cookies. (Please make sure that you close all browsers, delete all previously written cookies before performing this test)

5) Accepts/Reject some cookies: The best way to check web site functionality is, not to accept all cookies. If you are writing 10 cookies in your web application then randomly accept some cookies say accept 5 and reject 5 cookies. For executing this test case you can set browser options to prompt whenever cookie is being written to disk. On this prompt window you can either accept or reject cookie. Try to access major functionality of web site. See if pages are getting crashed or data is getting corrupted.

6) Delete cookie: Allow site to write the cookies and then close all browsers and manually delete all cookies for web site under test. Access the web pages and check the behavior of the pages.

7) Corrupt the cookies: Corrupting cookie is easy. You know where cookies are stored. Manually edit the cookie in notepad and change the parameters to some vague values. Like alter the cookie content, Name of the cookie or expiry date of the cookie and see the site functionality. In some cases corrupted cookies allow to read the data inside it for any other domain. This should not happen in case of your web site cookies. Note that the cookies written by one domain say rediff.com can’t be accessed by other domain say yahoo.com unless and until the cookies are corrupted and someone trying to hack the cookie data.

8 ) Checking the deletion of cookies from your web application page: Some times cookie written by domain say rediff.com may be deleted by same domain but by different page under that domain. This is the general case if you are testing some ‘action tracking’ web portal. Action tracking or purchase tracking pixel is placed on the action web page and when any action or purchase occurs by user the cookie written on disk get deleted to avoid multiple action logging from same cookie. Check if reaching to your action or purchase page deletes the cookie properly and no more invalid actions or purchase get logged from same user.

9) Cookie Testing on Multiple browsers: This is the important case to check if your web application page is writing the cookies properly on different browsers as intended and site works properly using these cookies. You can test your web application on Major used browsers like Internet explorer (Various versions), Mozilla Firefox, Netscape, Opera etc.

10) If your web application is using cookies to maintain the logging state of any user then log in to your web application using some username and password. In many cases you can see the logged in user ID parameter directly in browser address bar. Change this parameter to different value say if previous user ID is 100 then make it 101 and press enter. The proper access message should be displayed to user and user should not be able to see other users account.

These are some Major test cases to be considered while testing website cookies. You can write multiple test cases from these test cases by performing various combinations. If you have some different application scenario, you can mention your test cases in comments below

Posted by at No comments:

Thursday, July 10, 2008

Quality management standards

The ISO 9001:2000 standard

ISO 9001:2000 is the key internationally agreed standard for quality management systems. More than 60,000 UK businesses of all sizes already have ISO 9001 certification.

The ISO 9001 standard has four elements:

  • management responsibility - ensuring top level management shows commitment to the quality system and develops it according to customers' needs and the business' objectives
  • resource management - ensuring the people, infrastructure and work environment needed to implement and improve quality systems are in place
  • product realisation - delivering what customers want, looking at areas such as sales processes, design and development, purchasing, production or service activities
  • measurement, analysis and improvement - checking whether you've satisfied customers by carrying out other measurements of your system's effectiveness

The advantages of ISO 9001:2000 for your business can include:

  • greater efficiency and less waste
  • consistent control of major business processes
  • regulation of successful working practices
  • risk management
  • increased customer satisfaction
  • greater consistency in the quality of products and services through better control of processes
  • differentiation of your business from its competitors
  • increased profits
  • exploitation of new markets, both in the UK and overseas

However, you should also be aware of some of the disadvantages to implementing the standard. These can include:

  • the cost of getting and keeping the certification
  • the time involved
  • overcoming opposition to implementing change from within the business

The standard is adaptable to your business' needs and resources, though you may need the help of a consultant.

ISO 9001:2000 can also be used in conjunction with ISO 9004:2000 to improve your organisational efficiency

The ISO 9004:2000 standard

ISO 9004:2000 goes beyond ISO 9001:2000 and provides guidance on how you can continually improve your business' quality management system. This can benefit not only your customers but also:

  • employees
  • owners
  • suppliers
  • society in general

By measuring these groups' satisfaction with your business, you'll be able to assess whether you're continuing to improve.

Purchase guidelines about ISO 9004:2000 at the British Standards Institution (BSI) website - Opens in a new window.

The ISO 9000 series, which includes 9001 and 9004, is based around eight quality management principles that your senior managers should use as a framework for improvements to the business:

  • Customer focus - they must understand and fulfil customer needs.
  • Leadership - they should demonstrate strong leadership skills to increase employee motivation.
  • Involvement of people - all levels of staff should be aware of their responsibilities within the business and the importance of providing what the customer requires.
  • Process approach - identifying your essential business activities and considering each one as part of a process.
  • System approach to management - managing your processes together as a system, leading to greater efficiency and focus. You could think of each process as a cog in a machine, helping it to run smoothly.
  • Continual improvement - this should be a permanent business objective.
  • Factual approach to decision-making - senior staff should base decisions on thorough analysis of data and information.
  • Mutually beneficial supplier relationships - managers should recognise that your business and its suppliers depend on each other.
Posted by at No comments:

How to Build a User Friendly Application Interface


Why Using Regular Statement String (RSS)

By Liu Rui
Jan.18 2004
As a ten years experienced developer, I am still puzzled by one question essential to software productivity. The question is "how to build a user friendly application interface". In fact, there are two kinds of friendly application interface: one is "human user friendly" ; and the other is "computer friendly". The latter is used for non creative, complicated, and automated development work, which is not discussed in this article. So what is a human user friendly application interface? As I know, it should be an application interface which is easy to learn, to develop, and to maintain. It will greatly ease the burden of developers and users. Here I am trying to give some new, interesting, and maybe unconventional guidelines to show a possible way to build user friendly application interfaces, and sell my idea of Regular Statement String (RSS) solution as well.

One thing I should consider is the makeup of the application interface. I will give three suggestions for it.

Several days before on a plane to Shanghai, I met a US woman of Chinese origin, who can speak very fluent Chinese (much better than my English). Once I saw the air hostress asked her to "open Zhe-Yang-Ban", and said two times, the woman was still confused. So I told her just to open the cover on her side window. "Zhe-Yang-Ban" is a proper name in Chinese which she does not understand, and therefore got confused at all. Similarly, if we use too many macros, nested structures, diverse types, and large number of positioned parameters to construct application interface, I am sure it will confuse most developers. So my first suggestion is: It's better to eliminate unnecessary rules and conceptions from the application interface. With RSS solution, we only use few conceptions such as key, value, and array with very simple syntax.

Some most headache things are resource management and error control. Sometimes I found a half of program source code is doing these things. It is really very boring. So my second suggestion is: Try to let the service program to take the most responsibility of resource management and error control. With RSS solution, there's no need to construct and destruct objects, and the internal return code does a lot of work of error controls. Using Java is also a good choice. Java is very good at object lifecycle management, and developers do not need to write code to destruct garbage objects.

A thinner schoolbook is usually easier. But if that book only includes outlines and summaries, it will not be so easy to learn and understand. The same is as in software development, so my third suggestion is: Make sure to let your code more expressive. Using a lot of comments is a good idea. RSS solution uses free style, runtime binding named parameters with the weakness of some performance issues.

The other thing I should consider is the platform or infrastructure of the application interface. I will give another three suggestions for it.

From a developer's view, OOP is a very good method. However, it's only a myth that at every time OOP is the best method. So my fourth suggestion is: Find out whether to use OOP method or not. A rookie will get lost to face thousands of object class or interface definitions with thousands of properties and methods inside it. But if you show him a step by step way, he or she will be able to get to the destination. A hierarchical API manual system is also very helpful. Process oriented programming interface is usually easier than object oriented programming interface to build reliable application. However, object oriented programming interface is better at resource management and producing high performance code.

Only a few APIs such as JDBC, SPEC1170, and SOCKS can be used in different platforms and systems. These APIs are proved to be high valuable. So my fifth suggestion is: A reusable and portable API is much valuable. After all, few APIs can be accepted by most system vendors. SPEC1170 is accepted by most UNIX vendors but not Microsoft. There are too much difference in SOCKS between UNIX and WINDOWS, and it is not exactly the same between different brands of UNIX. Why it is so difficult, I think one major reason is implementation. It is very difficult for other vendors to accept all syntax, types, and structures defined by the original author, when they make a new implementation. With RSS solution, there are not such syntax, types, and structures. The service code and client application code are decoupled using a runtime binding mechanism. So it's much easier to build reusable and portable applications.

There are so many languages in the world such as Chinese, English, French, Spanish, Russian, and so on. Similarly, there are also tremendous languages in the computer world, such as Java, C, C++, C#, Basic, Java Script, COBOL, PERL, PHP, PASCAL, and so on. And there are also a lot of useful special languages such as SQL, HTML, XML, EDI, and so on. There will not be only one language in the world or computer world. So my sixth suggestion is: A language neutral API is welcomed by more developers. This is one of the strong points of RSS solution. The same manual can be shared by developers using different programming languages.

I hope the six suggestions may be useful to your development work. We can argue over it.

Posted by at 1 comment:
sss
Posted by at No comments:
Subscribe to: Posts (Atom)