Taiab's Blog

Writing Test Cases That Actually Catch Bugs

Md. Taiab

Md. Taiab

2024-07-15 ยท 2 mins read


After executing hundreds of test cases across e-commerce, EdTech, and SaaS platforms, I've noticed a pattern: most test cases test the happy path and almost nothing else.

The Problem with Standard Test Case Templates

A typical test case looks like this:

|-------|-------|
FieldValue
TC IDTC_LOGIN_001
TitleValid login
StepsEnter email โ†’ Enter password โ†’ Click Submit
ExpectedUser lands on dashboard

This catches nothing. If the system is broken in an obvious way, yes. But real bugs hide in the edges.

The 4 Layers I Always Test

1. Happy Path (obvious, but necessary)

Get the baseline working. If this fails, everything else is noise.

2. Boundary Values

For any input field, test:
  • Minimum allowed value
  • Maximum allowed value
  • One below minimum
  • One above maximum
  • A password field that accepts "minimum 8 characters" should be tested with 7, 8, 9, and 256+ character inputs.

    3. Negative / Invalid Inputs

  • Empty fields
  • Wrong data types (number in email field)
  • Special characters and Unicode
  • SQL injection: ' OR '1'='1
  • XSS:
  • 4. State-Based Tests

    What happens when the same action is performed twice?
  • Double-submitting a form
  • Refreshing after checkout
  • Going back after payment
  • Real Example: FK IT Solution Checkout

    On the FK IT Solution e-commerce project, I found a critical bug using boundary testing. The cart allowed a product quantity of 0 โ€” which then applied a 100% discount at checkout. This wasn't caught by any existing test because no one thought to test zero.

    Template I Actually Use

    TC_[MODULE]_[NUMBER]
    Title: [What scenario]
    Precondition: [System state before test]
    Steps: [Numbered, specific actions]
    Test Data: [Exact values used]
    Expected Result: [Specific, measurable outcome]
    Priority: [Critical/High/Medium/Low]
    Type: [Functional/Boundary/Negative/Security]
    

    The Type field forces you to think about why you're writing the test, not just what it covers.

    Md. Taiab

    Written by Md. Taiab

    Follow

    Md. Taiab is a Software QA Engineer and security enthusiast based in Dhaka, Bangladesh. He interned as a QA Engineer at Battery Low Interactive Ltd. and competes in CTFs and programming contests โ€” ranked Top 3% globally on TryHackMe and Champion of GUB Junior IDPC 2023.

    Comments disabled โ€” add your CommentBox.io project ID to .env.local as NEXT_PUBLIC_COMMENTBOX_ID