User Account

All Pages

Implement all the features in a reasonable way

Assignment Help Web Project
Reference no: EM131137069

Create a prototype auction site like this one. As usual, you are free to copy the HTML generated by this program in building your own.

Features

Your program should have the features listed here. Feel free to run the example program to help figure out what I'm talking about. You are not required to use the same layout and screens as the example program, so long as you implement all the features in a reasonable way.

Maintain a list of user accounts.

Users may log on or log off, and many features are available only to users who are logged on.

Each user has a login name and a human name. The login name must contain only letters and digits. The user logs in by entering the login name.

Anyone may create an account. The creator must choose a login name and provide a human name. If the chosen login name contains illegal characters, or already exists, refuse to create the account and give reasonable feedback to the user.

Optionally, you may implement account passwords. If so, allow the user to set a password when the account is created, and to change it later. Require a correct password for login. (Obviously, a serious system would have this feature. Since there's already enough to do here, I am not requiring passwords.)

Maintain a list of items for bidding.

Each item is an auction. It has an owner, a closing date, and a (possibly empty) collection of bids.
Any logged-in user may add an item. Require the user to enter a description and closing date, and set the list of bids initially empty. As you may notice, the demo accepts entry of an auction length and computes the closing date from that.
Any logged-in user may delete any of his own items; an item may be deleted only by its owner.
Present a list of items currently available. For each one, show the owner, description, closing date, number of bids and high bid (if any).
Maintain a list of bids for each item in the item list.
Any logged-in user may bid on any item which has not closed.
The bid must be an integer amount and must exceed the current high bid, if there is one.
When a bid is submitted, you must check that it meets all requirements. If not, generate an appropriate message and do not record the bid.
Each allowed bid creates a record containing the bidder, the amount of the bid, and the date and time the bid was submitted.
Anyone may display the list of bids for any item. This listing shows the bidder, amount and date for each bid, in chronological order.
An item's list of bids is deleted when the item is deleted.
Any data entered by a user which is sent back in HTML, such as item descriptions, must be escaped so that it displays literally. This is both an appearance and a security issue.
Be sure that your program cannot be broken or compromised by mal-formed input data. Generally, you will need to check that input is what it should be (integers are integers), or at least be sure the consequences of bad data are minor.
Hints and AdviceThis section contains random hints and recommendations. In most cases, thedemo is implemented this way. Nothing in this section is a requirement.
The demo implements all functions in a single file. Based on the data (or lack of it) in the $_REQUEST variable, it can tell an initial load from a form post, or figure out how to respond to the form post. This is actually more convenient that it might seem, since most operations do many of the same things. If you do use multiple scripts, make sure to put as much common code as possible in an include file.
As you can deduce from looking at the HTML, the primary variable which specifies the operation is called action, which is the name of most submit buttons. Some values of action are sent by multiple forms, in which case the variable source is used to tell them apart. Source is defined as a hidden field in several of the forms.

My script has these general phases:

Process form submissions, such as log in, log out, item creation, new bids, etc. This section is a series of if tests to see if that's the kind of request we got, like:if (the user pushed the Sign In button from the login form) {
check the user name and update appropriate variables.
}
else if(the user pressed the Add Item from the add item menu) {
check the input and add the item to the list.
}
...It's no error if none of these tests match; it might just not be that kind of invocation. If one does match and the operation fails, I assign an error message to a variable. This phase updates variables and the data recorded on disk, but does not generate any HTML.
Generate the main menu form that appears at the top of the page. If the error message variable was set, it is output here.
A series of ifs to generate a correct form, like this:if (the user pushed the Sign In button from the main menu) {
generate the sign in form
}
else if(the user pressed the Add Item button from the main menu) {
generate the new item form
}
...
else {
generate the item list/bidding form.
}
The data is collected on disk using the dba functions as demonstrated in the survey system and documented here. Choose a location in your own home area for the data file or files. I used three files, one for users, one for items, and one for bids. It would probably be just as simple to keep everything in a single file. Each file contains pairs of strings, so you must represent your data that way. I assign a unique identifier for each item when it is created using the uniqid function. This creates long ugly strings as identifiers, but users never need to deal with them. You can see them in the source code of the item listing. These are the key values in my item file. The data value associated with each key is a string built from the owner, number of bids, closing date and description concatenated together with commas between the items. Use the explode function to split out the parts when you read the file. Putting the description last lets me allow commas in the description by using the limit parameter on explode.

An alternative to uniqid is to keep a simple count. Create an entry in your item file with the key nextkey (or any name that doesn't conflict with others) whose value is the counter. To create a new identifier, increment nextkey and use its value.

My bids file contains a separate entry for each bid. The key is formed from the item identifier and the bid number separated by a colon. The associated data is the bidder, amount, and time separated by commas.

As you know from the first assignment, PHP uses a Unix timestamp to represent times. It's just a big integer. You probably want to use this to record times within your database. Use one of the provided conversions, such as strftime, whenever you need to present a time to the user.

As you will notice from viewing source, there's no rule that says you may have only one form in an HTML file. My item list actually has a form for every line of the table, and the main menu is a yet another form. Whatever is convenient.

When processing new bids, be careful to check that the auction has not closed. Even when you suppress generating a bid button for a closed auction, there's nothing to keep a user from submitting a bid from an out-of-date form. It is possible to create a form which will remove the bid button when the auction expires, if you use some Javascript or reloading tricks. It's fine if you do that, but you still need to check for expiration when you process a bid. There are a thousand reasons why your elegant trick may not work on some particular computer, either by some failure or a deliberate hack. The general rule is simple: Don't trust anything the browser tells you.

The requirements specify that user data placed on the page must be escaped to display literally. That means that if the data contains a , you should send < to the browser. The htmlspecialchars library function is good for this. One reason to do this is because a user might create an item description or something that contains or > characters that damage your layout. A non-technical user who does this by accident will simply be annoyed that your nice web-based service is broken. A sophisticated user who does it on purpose deserves to know he's not smarter than you. But the most important reason is the possibility of a hacker inserting Javascript that will run in the browser of another bidding system user and transmit private data back to himself. This is known as a cross-site scripting attack.

My implementation uses a session to keep the name of currently-logged-on user. I keep both the login name and the human name there. The session identifier is passed by the default method through a cookie. All other data is passed through the forms.

Reference no: EM131137069

Questions Cloud

Why is healthcare considered social problem : Why is healthcare considered a social problem? You may discuss this issue from a domestic or international perspective. Include in your answer the definition of a social problem in Chapter One and how healthcare does/does not relate. You can answer t..
To decide which of two bonds to purchase : 1. An investor in the top 28% tax bracket is trying to decide which of two bonds to purchase. One is a corporate bond carrying an 8% coupon and selling at par. The other is a municipal bond with a 5 1/2% coupon , and it, too, sells at par. Assumi..
Analyze the case study and answer the following questions : Do you agree with Catalyst Kitchena's leaders that it is not a social franthise? Why, or why not?- What are your thoughts on FareStart®'s approach to scaling? What are its advantages? Its limitations?
How they helped transform the american economy : Relate the most significant impact of one or more of these factors and how they helped transform the American economy as it approached the eve of the Civil War.
Implement all the features in a reasonable way : Create a prototype auction site like this one. As usual, you are free to copy the HTML generated by this program in building your own.
Purchased bright light industries common stock : George Wilson purchased Bright Light Industries common stock for $47.50 on January 31, 2010. The firm paid dividends of $1.10 during the last 12 months. George sold the stock today (January 30, 2011) for $54.00. What is George's holding period re..
Formulate the integer programming model : The Texas Consolidated Electronics Company is contemplating a research and development program encompassing eight research projects. The company is constrained from embarking on all projects by the number of available management scientists (40) an..
Internet rulings-laws and regulations : Internet Rulings, Laws, and Regulations... From this module’s Global Internet Law in a Nutshell readings choose three rulings, laws, or regulations that relate in some way to your use of the Internet. In a well-written paper, briefly summarize each c..
How has this course impacted the way you view science : Look back over the topics you explored on either the Discussion Board or in Seminar. Which scientific concepts seem to have the greatest impacts on your daily routine? Which have the least?

Reviews

Write a Review

Web Project Questions & Answers

  Explores the relationship between sound, place, and memory

Image Adaptation Project: For this project, you will be selecting an iconic image or logo that is associated with a particular place. Using Photoshop, you must create at least three different adaptations of this image or logo.

  Software development process

Discover a description of a software development process, preferably with a description on the website. There are several processes; some examples include the Rational Unified Process.

  Evolutionary algorithm in order to design a logo

This project will apply some form of evolutionary algorithm in order to design a logo. It is desirable that the software is integrated.

  Define the scope of the project.

Define the scope of the project. Create a detailed outline for each section of the paper. in 400 words

  What is css

Create a HTML page, answer the given questions - What is CSS

  How can we encourage users to follow particular links

How can we encourage users to follow particular links? What characteristics of the user does it depend upon (if any)?

  Implement the client for app using html5

Implement the client for app using HTML5, CSS and JQuery Mobile. The website should be based on a multi-page template structure - The Get button is used to search the mongolab mongdb database for all database entries that match the treatment number.

  Attributes of effective powerpoint presentation

Are there any sites that details the attributes of an effective PowerPoint presentation. Also what in your opinion would be one or two best practices that I should think about when preparing the PowerPoint presentation?

  Explain the value of web analytics and the measurable

Create a list of their names and Web sites. Explain the value of web analytics as well as the measurable business value for using conversion metrics.

  Compare a problem that children face

Compare a problem that children face that interests you (e.g., poverty, low self-esteem, poor peer relationships, poor academic achievement, poorly developed conscience). What have you learned in this course that could help you design an intervention..

  Identify potential security weaknesses

In this phase you will choose either Aircraft Solutions or Quality Web Design as the company you will work with. You will then identify potential security weaknesses

  Develop a project plan

Be sure to propose options and make decisions for these major security decisions and justify those decisions.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd