One of my goals for this year is to write more secure code and make my current code more secure. Secure is a very broad concept so let’s start with getting up to speed and reach Evaluation Assurance Level 1 where the code needs to be functionally tested. And this in essence means that functions need to produce certain results under set conditions. Unit testing is a method for this and while it has it’s limitations like only able to test classes, it also has it’s potentials as running time after time in the background or during a nightly batch job. One of the requirements for Evaluation Assurance Level 2.
As first project I chosen a PHP-project to be rewritten from being functional to an object oriented setup to make it more extendable and maintainable, but also easier to test with PHPUnit. After writing a basic PHP-class I started to experiment with PHPUnit and after a few hours experimenting I got 9 checks and after a while 8 where successful.
$ phpunit phpunit PHPUnit 3.6.10 by Sebastian Bergmann. I........ Time: 1 second, Memory: 3.00Mb OK, but incomplete or skipped tests! Tests: 9, Assertions: 8, Incomplete: 1.
While these are the very basics for now I will be posting examples to coming weeks and also how to setup PHPUnit for other projects. Hopefully will this series also inspire others to join and make their code more secure and future proof.