KF7013_2019_20_S1_asssignment_spec_Final_rev_2

Solution

Task Title: KF7013 Website Development and Deployment

Subject Code: KF7013

Objective: The main objective of this module is to design a fully functional secure web-design for providing Tourist Information for a particular location. The front end of the system must use HTML and CSS and the back-end of the system must use PHP for data access from the MySQL database. 

Overview: In this task, students must have complete knowledge of the contemporary web development paradigm. For the designing of the front end of the system, the student must use handwritten HTML and CSS codes (Rapid prototype designing tools are not allowed). For the implementation of the business logic, the domain must use PHP code. PHP code will provide a dynamic feature to the website by the pull and push data from the RDBMS server. Implementation special mechanism for the SQL injection prevention is one of the major security designing goals of this project.         

University: Northumbria University

Implementation Requirement:

  • User login system: login page that will allow users to log onto and use the web site. Users
    who cannot log in, or who have logged out should not be able to access any page
    except for the login page
  • Signup feature: Another page of the website should allow you to insert a new customer’s details into the customers table using an HTML5 form to gather the customer data and PHP to connect to the MySQL database and insert the values.
  • Booking Page: One page of your website should link to the activities table in your MySQL database using PHP and the contents of the activities table should be listed on the page in a suitable format. All customers should be able to book activities from this page.
  • Search Page: This page should allow a user to search for activity and display the results that match the search criteria. A basic search containing a single searchable field will
    achieve the pass mark for this section. More marks can be gained for more advanced
    searching such as combining two search fields together using AND/OR logic.
  • Index Page: A suitable index page or landing page is required to showcase the business perspective of the target organization.
  • All the web-page must be resilient against the SQL injection attack and there must be a proper test plan to check the SQL injection attack.

 

Technical Requirement

  • Apache web-server: Apache web-server software is required to implement the server environment in the local machine.
  • PHP 7: PHP 7 software support is required to execute PHP scripts in the server-side.
  • PHP Strom: This integrated Development Environment is required to manage PHP project resources. 
  • MySQL: MySQL is required to store data persistently in the server-side. It stores data using RDBMS principle.
  • IBM’s Visual Paradigm 15 community edition: This required for the implementation of the Entity Relationship Diagram.

 

Sample Output of the task from Past Years:

Figure 1: Registration form

 

 

 

 

 

 

Expert’s Comments: This type of project is very common for our academic experts as most of the institute assign the web-developing project to their students. Though all these assignments shares many common features but their exact requirements varies for the session to session. Students often face difficulties to solve this kind of lengthy project specification and opt for our technical support. Our 24x7 available expert team helps our student to find a unique solution for these types of tedious tasks.   

Dates and Mechanisms for Assessment Submission and Feedback COURSEWORK ASSESSMENT SPECIFICATION Module Title: Website Development and Deploymen t Module Number: KF70 13 Module Tutor Name(s): Jeremy Ellman , Web Design Course Team Academic Year: 2019 -2020 % Weighting (to overall module): 100%, Coursework Title: Website Development and Deploymen t Assessment S1 2019 -2020 Average Study Time Required by a Student who has followed all the module activities: 60 study hours Date of Handout to Students: Week Commencing 30th Septem ber 201 9 Mechanism for Handout to Students: Blackboard, the eLP. Date and Time of Submission by Student: 13 th January 2020 12:00 Mechanism for Submission of Work by Student: The working website must be made available on the deployment web server whose address will be posted on Blackboard. Date by which Work, Feedback and Marks will be returned to Students: 3rd February 201 2 12 :00 Mechanism for return of assignment work, feedback and marks to students: Students will receive marks and feedback electronically either using Blackboard gradebook , or via email . Individual feedback sessions will be available by prior appointment. KF7013 - Website Development and Deployment Assignment, Semester 1, 201 9-20 2 | P a g e Academic Integrity Statement: You must adhere to the university regulations on academic conduct. Formal inquiry proceedings will be instigated if there is any suspicion of plagiarism or any other form of misconduct in your work. Refer to the University’s Assessment Regulations for Nort humbria Awards if you are unclear as to the meaning of these terms. The latest copy is available on the University website.  Do NOT submit code from other people or web sources as your own, this is plagiarism .  Do NOT work with other students and submit id entical code, this is collusion.  Both plagiarism , and collusion are academic misconduct . Failure to submit: The University requires all students to submit assessed coursework by the deadline s tated in the assessment brief. Where coursework is submitted w ithout approval after the published hand -in deadline, penalties will be applied as defined in the University Policy on the Late Submission of Work. https://www.northumbria.ac.uk/about -us/university - services/academic -registry/quality -and -teaching -excellence/assessment/guidance -for - students/ Learning Outcomes tested in this a ssessment: The following learning outcomes will be assessed by this assignment : 1. Create a standards compliant web application that interacts with a database 2. Apply key web accessibility, security, and web design principles 3. Create an appropriate web design that meets specified user requirements Assignment Overview : The assignment is as follows: Practical Web Solution (10 0%) Individual work - development of a dynamic web solution using HTML 5, CSS, PHP and MySQL . This activity assesses module learning outcomes 1 , 2 , and 3 . Completely Anonymous Submission and procedure Anonymous assignment s ubmission is recommended by the Students Union. It ensures that staff are not “influenced by a student's previous performance, class participation, conflicts, race, gender, or perceived student aptitude. This practice can also contribute to the student - instructor relationship because students are assured that grading was unbiased ”1. 1 Blackboard LLC . The Web Site element constitutes 10 0% of the assessment for this module and is an individual piece of work. KF7013 - Website Development and Deployment Assignment, Semester 1, 201 9-20 3 | P a g e Anonymous grading is slightly complicated since KF7013 students submit individual travel websites whose location could identify their author. The procedure below addresses this as follows: 1. You (the student) will be given an account on the deployment web server. This will be used for in class lab exer cises . The IP address of that server will be placed on the assessment tab on blackboard. 2. This login will all ow the generation of a second set of credentials ( i.e. username/password) on the same deployment server. This is a one -time only operation. A record is kept THAT you have been given credentials, NOT what these are. Consequently there is no password reminder functionality. You MUST retain details. 3. Using your new login, you will select a tourism location from the given list. That location will be yours alone and will not be available to anyone else. A record will be kept THAT the destination is allocated, NOT to whom it has been allocated. You must choose one of the preselected locations to avoid violating confidentiality. 4. You MUST NOT include your own name, or university ID on any web page. Should you do so your assignment may not be marked until the summer referral period. 5. At the submission deadline, the deployment server will be taken off line. 6. The assignments will then be marked and feedback generated . 7. You will then be asked to upload your se cret ID to blackboard. In due course, you r mark and feedback will then be transferred to gradebook Travel Advisor Web Site 1. General description You will create a prototype ‘Tourist Information ’2 Style Web Site that will allow users to plan activities related to your tourist location . You should then complete the Practical Web Solution for your location. Practical Web Solution ( 100% , L earning Outcomes 1, 2, & 3) Static content Develop a website with at least 6 webpages (though you can create more if you think it will benefit the end -user) using HTML5 , PHP 7, and CSS. A site -wide style sheet (external CSS file) should be used to specify the styles for the web pages within the web site. The site must be organized into folders as taught to simplify maintenance and promote code re -use. The website should have an appropriate and professional looking interface . The primary focus should be on the end -user so the website must be developed according to best practice and legal compliance in accessibility , usability , and security . 2 Collins: “ an office that supplies information to people who are visiting an area for pleasure or interest, for example advice on things to see , accommodation , et c” KF7013 - Website Development and Deployment Assignment, Semester 1, 201 9-20 4 | P a g e Good design practice should be consi dered when creating the web pages, such as:  Relevant general design principles with regard to use of colour, layout, consistency of design, ease of use etc.  Ease of navigation  Accessibility  Security Standards and Validation All web pages produced for the assignment must use HTML5 as the Doctype. You should make use of CSS classes and IDs as well as HTML selectors. All pag es should validate without any html errors as reported by http://validator.w3.org/ for HTML 5 and http://jigsaw.w3.org/css -validator/ for CSS. Database -driven content An SQL script which creates three tables named activities , booked_activities and customers has been provided for you on Blackboard ( eLP ) under the Assessments tab. You should run this script on your MySQL database to create the tables. You should then manually enter appropriate tourism activity data into the activities table to suit your particular scenario’s location . You may also add some customer details manually to the customers table if you cannot do this using a web form. DO NOT make any changes to the structure of the tables, i.e. do not change the columns or the table name. Pages required 1. Provide one lo gin page that will allow users to log onto and use the web site. Users who cannot login, or who have logged out should not be able to access any page except the login page. 2. Another page of the website should allow you to insert a new customer’s details int o the customers table using an HTML5 form to gather the customer data and PHP to connect to the MySQL database and insert the values. 3. One page of your website should link to the activities table in your MySQL database using PHP and the contents of the ac tivities table should be listed on the page in a suitable format. All customers should be able to book activities from this page. 4. All customers should be able to see the ir booked_activities table . From the booked activities table customers should be able to navigate to activities to see activity details. 5. Another page should allow a user to search for an activity and display the results that match the search criteria. A basic search containing a single searchable field will achieve the pass mark for this section. More marks can be gained for more advanced searching such as combining two search fields together using AND/OR logic. 6. An appropriately designed homepage/index page. Credits page You should include a credits page which is used to list any sources you have made use of in the creation of your website. Also if you have used source material f rom anywhere (pictures, buttons , quotes, or anything which is not your own work) you should acknowledge the source using the Harvard method of referencing . Plea se credit ALL sources that you use for anything i.e. code, photos, graphics, logos, widgets, text etc. Do NOT credit yourself as that would break anonymity . Please note that we KF7013 - Website Development and Deployment Assignment, Semester 1, 201 9-20 5 | P a g e are aware that there are sites on the Internet that provide code. We realise th at the Internet coding community encourages sharing and re -use of code. The purpose of this assignment is to show us what YOU can do; not that you can copy somebody else's work . The web site must be compatible with Turnkey Lamp Server (version 14.2, as u sed in the module) not others. Your assignment must start in a sub -folder called KF7013 -19 20 . It must not start in the root folder of the web server. It is very useful if clear indications are given as to which source code file principally implements the r equired elements. This will be done by including a page ‘features.txt’ that lists (i.e. bullet point s!) the element, and the web page on which it is implemented. All data should be appropriately validated and protected against SQL Injection and stored cross -site scripting attacks. A SQL script file will be provided together with an ERD diagram, and sample queries for creating and popula ting the database tables on t he eLP (Blackboard) . Detailed Programming Requirements: Your code must comply with the following requirements:  Your assignment must be entirely your own work except where appropriately referenced.  The HTML 5 standard should be used on all web pages.  CSS should be used in order to separate style from content. Design oriented tags (e.g. , , etc) should not be used. T ables should only be used for tabular data not for page layout .  The server -side scripting language that must be used is PHP 7.  Web page content used should be dynamic (if the data is stored in the database, it should be ret rieved from there, not hard coded into the web page).  Your code should be structured in such a way as to promote code re -use (for example, place code that is used on more than one page in a separate file to be imported into all web pages that need it. You should use PHP functions where appropriate).  All images used on the web site must be stored in the single ./assets/images folder, whilst should be placed under stylesheets in the single ./assets/stylesheets and JavaScript in ./ assets/scripts/ directories . Site specific content (e.g. php and html files ) should in ./content/.  The database tables that are provided in the SQL script must be used. You are not permitted to alter the data structure in any way although you are expect ed to alter the data dynamically though your application.  The integrity of the data should be maintained at all times.  Security issues as discussed in the module MUST be addressed. That is, you must provide a secure login system, and your application should resist injection attacks and cross site -scripting .  The solution should be independent of the data, so that security data is retrieved from the database, and not hard coded into the web pages.  Any orphaned pages/scripts (any page/script that is not linked to in any way, except index.ht ml which is the starting point) will not be marked.  PHP sessions should be used to provide application security. It should not be possible to access restricted pages once the owner has logged out. KF7013 - Website Development and Deployment Assignment, Semester 1, 201 9-20 6 | P a g e  The use of HTML generation tools such as Adobe Dreamweaver, or other templates or files for either html or css not authored by you, is NOT PERMITTED. Anyone who is found to have done so will receive 0 marks for this part of the assignment. You have been warned. We e xpect you to generate your HTML/CSS by hand, e.g. using Notepad++, Sublime Text , PHPStorm etc  You should test your web page using several web browsers and at different screen resolutions to make sure that it displays correctly  You must not use any other libraries or code not authored by you, for html, javascript, php or css. You must not use .htaccess rewrite directives for this assignment. Bootstrap is not allowed.  You must keep a complete backup (zip) file of your submitted web site Marking Scheme The following marking scheme will be used for this assignment: Description Marks Practical Solution ( 100% ) Interface design of finished product, including incorporation of accessibility and usability features and a professional look -and -feel . 15 Secure Login and Logout 10 Website allows all activity listings to be displayed from the database as dynamic content using PHP 10 Website allows user to add a new customer and activity booking details to the database using PHP 10 Website uses embedded links to navigate from booked_activities to activities and vice versa. 10 Website allows an activity search (basic or advanced) to be carried out and results displayed from the database as dynamic content using PHP 15 Coding style, structure (i.e. use of functions and classes, code re - use, variable naming, i ndentation, commenting, use of HTML 5 & CSS standards including classes and IDs where appropriate ), and anonimity 10 Cross Site Scripting Prevention 10 SQL Injection prevention using prepared statements 10 Total Marks Available: 100 KF7013 - Website Development and Deployment Assignment, Semester 1, 201 9-20 7 | P a g e Marking Criteria Since the elements above are wide ranging, general criteria are given that are applied as a percentage to each component of the portfolio. In the following, ‘writing’ is understood to apply both to coding and English. Percentage General Criteria Fail (0 – 29%) A very poor contribution showing little awareness of subject area. Lack of clarity. Communication of knowledge is either inarticulate and or irrelevant. Website not dynamic, or not written using HTML 5, or does not use external stylesheets and scripts. Code fragments from the Internet may have replaced student written content to the extent that it is not possible to determine what the student has understood. (30 – 39%) Knowledge is limited or superficial. Some awareness of concepts and critical appreciation are apparent, but there are major omissions or misunderstandings. Writing is not clear or coding is unstructured and there is no argument o r significant errors. Web pages do not contain links proving they have been validated, or the site does not give correct solutions to any of the interface requirements (40 – 49%) Knowledge is barely adequate. Writing is fluent, and coding functional but mostly, description and or assertion are used rather than argument or logical reasoning. Program may be unstructured. A basic understanding of the key issues is demonstrated, but insufficient focus is evident in the work presented. Pass (50 – 59%) Knowledge base is up -to-date and relevant to an appropriate breadth and depth for level 7. The student has demonstrated the ability to apply theory and concepts, across domains and identify their interrelationship. A critical appreciation is demonstrated, which is supported by appropriate references. Writing and coding are clear and accessible if a little uneven. (60 – 69%) As above but there is clear evidence of independent thought and reasoned conclusions. Literature is fully supported by citation using appropriate references and there is development of a critical appreciation of opposing arguments. Presentation of work is fluent, focused and accurate. (70 – 100%) Exceptional scholarship is demonstrated. There is a sustained ability to confront the current limits of knowledge in a relevant area, or applied ‘real world’ contexts where demands of theory and practice may conflict. Argument is fluent, sustained, and convincing. Programming standards are professional and the site is well secured. Cle arly exceeds taught material .