COMP284 Scripting Languages (2023-24) -- Assignment 1: PHP


COMP284 Scripting Languages (2023-24) -- Assignment 1: PHP

Your task for this assignment consists of two parts:

1. Develop a web application using PHP and MySQL that provides the functionality stated in the Requirements section below.

2. Make the application that you have created accessible and usable via the URL

https://student.csc.liv.ac.uk/~/courses.php

taking care of the requirements set out in Submission and Setup section below.

Requirements

A community college is offering a variety of adult evening courses and would like to introduce a web application that allows people to book a place on these courses. Each course is typically offered more than once during a week, on different days of the week and different times of the day. In the following we simply use time to denote the combination of a day of week and and a time of day at which a course is offered. Every time a course is run it can only accommodate a certain number of participants called the capacity of the course. Initially, the number of places on the course at a specific time is equal to the capacity and is then reduced by one for each participant who books the course at that time. Once the number of places reaches zero, the course if full at that time and no further user can book it. We keep the range and capacity of courses small. To further simplify things, we assume that people do not have to create accounts with the application but instead enter a few personal details when they book a course.

In more detail, the college offers the following courses at the indicated times and all with the indicated capacity independent of the time at which the course is offered:

Course Title

Times

Capacity

Creative Cupcakes

Monday, 19:00; Wednesday, 20:00; Friday, 18:00

2

Digital Photography

Tuesday, 19:00; Thursday, 20:00

4

Family History for Beginners

Monday, 19:00; Tuesday, 19:00

3

Fundamentals of Acrylic Painting

Wednesday, 20:00; Friday, 18:00

2

Holiday French

Thursday, 20:00

2

That is, in total there are 5 different courses, offered between once and three times a week, and each with a capacity for only two to four participants every time the course runs. For instance, two people can take the course on Fundamentals of Acrylic Painting on Wednesday at 20:00 and another two can take the course on Fundamentals of Acrylic Painting on Friday at 18:00.

The web application should allow a user to

1. select a course title via a drop-down/pop-up list or selection menu;

2. select a time at which that particular course is offered via a separate drop-down/pop-up list or selection menu;

3. enter their name via a text field;

4. enter their phone/mobile number via a second text field (in case the course is cancelled at short notice and participants need to be notified);

5. submit a booking request by pressing a `Submit' button, after selecting/entering the data above.

Ideally, the user of the application is able to enter all this data via a single web page (not a sequence of two or more pages). However, a sequence of web page can be used if this is the only way that you are able to realise this system.

The menus should be populated with data from the database.

On submission of a booking request, the user should be shown a confirmation whether the booking request has been successful or unsuccessful. In addition to an indication whether the booking request has been successful or not, the application should output a table with all the successful bookings by any user up to and including the booking request that has just been processed. This table should show the name, phone number, course title and time of each booking. This is subject to the following conditions:

· The application should ensure that the string entered as a name satisfies the following constraints: A name only consist of letters (a-z and A-Z), hyphens, apostrophes and spaces; contains no sequence of two or more of the characters hyphen and apostrophe; and starts with a letter. If these constraints are satisfied, then we call the name valid. If these constraints are not satisfied, then the application should display an error message and the booking request must be unsuccessful. This must be realised using PHP (not HTML5 nor JavaScript).

· The application should ensure that the string entered as a phone or mobile number satisfies the following constraints: A phone or mobile number only consists of digits and spaces; contains either nine or ten digits (note: this is non-standard); and starts with the digit 0. If these constraints are satisfied, then we call the phone number valid. If these constraints are not satisfied, then the application should display an error message and the booking request must be unsuccessful. This must be realised using PHP (not HTML5 nor JavaScript).

· If name and phone number are valid, then a booking request must be successful if the selected course at the selected time still has at least a place left. On success, the number of places on the selected course at the selected time is reduced by one and a record of the booking will be kept in the database in such a way that course title, time, name, and phone number are retrievable.

· A booking request must be unsuccessful if there are no places left on the selected course at the selected time.

Underlying the application must be a MySQL database. Initially, the database must contain information on the course titles, times at which each course runs and number of places available, exactly as shown in the table above. The database should then keep track of the number of places remaining after each successful booking requests and also keep records of each successful booking, including all the data that the user has provided. The PHP Data Objects (PDO) extension of PHP must be used to implement the interactions between the application and the database.

Additional requirements and comments:

· The description of the application above suggests that a user goes through a sequence of five steps in order to submit a booking request. However, if you use a single page design for your application, then there is little that prevents a user from skipping a step or skipping all steps before clicking on the `Submit' button. Your web application should make sure that a request is only processed once the `Submit' button has been pressed and should produce appropriate error messages if the request does not contain all the necessary data. But no error messages should be shown before clicking on the `Submit' button.

· The application should help the user by only listing in the first menu the titles of those courses which have places left at one of the times it runs and, once the user has selected a particular course title in that menu, in the second menu only list the times at which the selected course still has places left.

· It is also helpful to the user if entries in the two menus are listed in a `sensible' order, that is, course titles should be ordered alphabetically and the times chronologically. Also, each course title should only occur at most once in the first menu and each time at most once in the second menu.

· One should expect that all `inputs' to the application, even those that are intended to come from a menu, will be used by malicious users to inject code that causes your web application to malfunction or reveal the contents of the database. You should program the web application in a way that safeguards against such attacks.

· It is possible that a user leaves a long time between consecutive steps of the booking process and between starting a booking process and submitting a booking request. In the meantime, the courses or times the user is interested in can fill up. You should program the web application in a way that reacts appropriately to that.

· It is also possible that two users nearly simultaneously try to book the last remaining place on a course at a particular time. Depending on how you implement the interaction with the database, this could lead to a situation in which your web application determines for both users that there is still a place remaining and then records for both users that he/she has successfully booked that place. This is obviously an incorrect behaviour by the application and needs to be avoided. The booking request of exactly one of the two users must be successful and the booking request of the other has to be unsuccessful.

· There could be more users than the combined capacity of all the courses. If someone tries to use the web application once all places on the courses have already been booked, then the application should produce a message indicating that all courses are full instead of showing the various menus and text fields. The same should also happen if this situation occurs when a user re-enters the web application after an unsuccessful booking request.

· As this is an assignment on PHP, the use of other scripting languages should be kept to a minimum. In particular, the use of JavaScript must be restricted to the existing submit() function. User-defined JavaScript functions are not allowed. More precisely, you should expect that any requirements that are even remotely connected to any use of JavaScript beyond that described here will receive a mark of zero.

· The checks whether name and phone number are valid and the generation of booking confirmations must be realised solely using PHP. Neither HTML5 nor JavaScript should be used to restrict the inputs of a user in any way or check whether they are valid.

· Use of the PHP superglobal $_GLOBALS is poor programming practice and its use will results in a lower mark.

· Your code should follow the COMP284 Coding Standard

Actions

· . This includes pointing out which parts of your code have been developed with the help of on-line sources or textbooks and references for these sources. You must also provide references for any language constructs or functions that you have used that were not covered in the lectures.

Each of these requirements is linked to one of more of the assessment criteria for this assignment. Therefore, the more requirements an application satisfies, the higher the mark.

Submission and Setup

Set up the database on the departmental MySQL server, put courses.php in your public_html directory,  make sure that courses.php is accessible via the prescribed URL, and correctly connect the database with your script, so that a working version of your application is available at the prescribed URL. This working version of your application must remain available and working from the time of submission until the end of July 2024.

Permissions of the files in your filestore must be such that no other user can view their contents in the filestore. The permissions on your public_html directory must be such that any user can obtain a listing of its content.

From the files on the departmental servers, create a single zip-file called COMP284-1.zip containing your HTML/PHP file and your MySQL database dump (but no directories) and submit the zip-file via the departmental submission system at https://sam.csc.liv.ac.uk/COMP/Submissions.pl?module=comp284 (COMP284-1: PHP).

The files submitted must be identical to those set up on the departmental web server. Furthermore, no alterations are allowed to the latter after files have been submitted. If a submitted file and the corresponding file on the departmental web server have different timestamps, then the later timestamp will be used to determine lateness. This applies even if the earlier file is used for marking.

Deadline

The deadline for this assignment is

Thursday, 21 March 2024, 17:00

Earlier submission is possible, but any submission after the deadline attracts the standard lateness penalties. Please remember that a strict interpretation of `lateness' is applied by the Department, that is, a submission a minute after the deadline is considered to be a day late (analogously for submissions that are delayed further). Also remember that late resubmissions are not allowed.

Assessment

This assignment addresses the following learning outcome of the module:

· Develop server-side web-based applications using an appropriate scripting language, with emphasis on concurrent use of such applications.

This assignment contributes 50% to the overall mark of COMP284. Failure on this assignment may be compensated by higher marks on other assignments for this module.

Marks will be awarded according to the following scheme:

· Submission, Setup, Error-freeness: 10

· Input/Output handling: 45

· Database and database transactions: 24

· Correctness of processing booking requests: 9

· Code layout, Comments, References, Quality of code: 12

In more detail, the requirements above translate into about 35 criteria that your application and its underlying code / database must satisfy. Marks are given according to the extent to which the system is observed to behave in the expected way and produces correct results, and, to a lesser extent, how well the code is written. Code that has no observable effect will typically receive no marks.

The mark for a submission that is not set up correctly on the departmental web server and MySQL server will be capped at 22. That is, only the first and the last item of the marking scheme will be assessed.

As stated above, the University policy on late submissions applies to this assignment, as do the University policy on coursework submission (available at https://www.liverpool.ac.uk/media/livacuk/tqsd/code-of-practice-on-assessment/appendix_Q_cop_assess.pdf) and the University policy on academic integrity (available at http://www.liv.ac.uk/student-administration/student-administration-centre/policies-procedures/academic-integrity/). You should follow the COMP284 Lab Rules

Actions

to ensure that you do not breach the latter policy.

Feedback

You can expect individual feedback for this assignment about three weeks after the deadline. Generic feedback will be provided 5 days after the deadline. No work can be submitted after generic feedback has been provided.






发表评论

电子邮件地址不会被公开。 必填项已用*标注