I've never done such a thing, but for lack of any other responses, you could try something like this:
Rewrite (i.e. use mod_rewrite) all requests to a "wrapper" script. In the script, "include" the originally-requested resource (this is a "call" to your old code.) Send that response to the client and save it to a uniquely-named file, then invoke "a call from the server to itself" using something like WGET. You will have to "tag" this request somehow -- perhaps with a custom request header, to prevent an infinite recursion.
You could in fact pass the old script's saved response filename in the custom HTTP request header, and use that "tag" for both purposes -- to indicate that the request is for the new code to handle, and to indicate to the invoked script that this is a "new-script" request whose output should be compared against the previously-stored "old script" response saved at the specified location.
The "wrapper" script must check this "tag" before invoking the WGET function -- It should detect this tag in the request, and if present, invoke the new code, saving the response and then comparing it with that of the old script, based on the previously-saved uniquely-named file. If the tag is not present, then that means the request is the "first one" that is coming from the actual client.
Once the comparison of old-script and new-script responses is accomplished, the 'saved' old-script response file should probably be deleted unless you have fairly low traffic and lots of disk space available.
Note that if needed, any HTTP request header can be checked by mod_rewrite using a RewriteCond with a construct like:
RewriteCond %{HTTP:[i]custom-header-name[/i]} ^[i]literal-header-value-or-pattern-to-match-the-value[/i]$
Also, a "check for blank" can be easily done with a pattern of ="" or ^$, while a "check for not blank" can be done with !="" or ^. or !^$
However, I suggest that you use the "wrapper script" for all complex functions, instead of splitting the control logic across both mod_rewrite code and this wrapper script.
Whether this will work or not is largely affected by what you want to test. If you are testing functions that depend largely on the nature of the client request, then you may need to 'copy' a lot of the client's original request headers into the WGET request. But you won't be able to 'spoof' the requesting IP address, except by passing it as a custom request header, and using that custom request headers value instead of the actual REMOTE_ADDR value if the 'tag' header is also set...
I hope this is clear -- It would likely be simpler to explain if I could draw a flowchart here... :)
Jim
