You are required to implement a PHP Web Based front end system. This system will connect to the database back end which stores all the animal details. The SQL script to create all required tables is supplied. You must run this script from within phpMyAdmin to create the required databases and users.You are required to submit 6 core PHP files. 1. login.php 2. home.php 3. add.php 4. edit.php 5. delete.php 6. logout.php If you use other files in the completion of your assignment, you must supply these as well. You are required to submit 5 screenshots showing each of the above .php files, the pdf file is the specification and the zip file contains the required sql server.


COIT12207 Assignment 2 COIT12207 Assignment 2 Specification Problem A not-for-profit pet rescue organisation has come to you for help. They want to create a website they can use to show a list of pets available for adoption. The pets available for adoption will change often, and their details may need updating – therefore, they want a system in which they can easily upload animal details without having to do any coding. Animal detail entry and editing should be limited to only authorised persons. Anyone should be able to view a list of pets available for adoption. Requirements Your implementation should be developed on your computer using XAMPP. You are required to implement a PHP Web Based front end system. This system will connect to the database back end which stores all the animal details. The SQL script to create all required tables is supplied. You must run this script from within phpMyAdmin to create the required databases and users. When connecting to the database, you should use 'webauth' as the username and 'webauth' as the password. You set up this user in the Week 6 Hands-on Project. Since the organisation doesn’t just anyone to be able to manage animal details, the ability to add, edit, and delete on the web based front end must be protected with authentication. Currently, there will be a single person managing everything himself and therefore, only one user account will be required. The login id and (encrypted) password is already in the database. The login details are: Username Password sam password Everyone will initially connect to the ‘home.php’ page. The ‘home.php’ page should check if the user is already logged in. If the user is not logged in, a table of animals available for adoption should be shown (without the edit and delete options). If the user is logged in, they should be shown a table of animals available for adoption with edit and delete options shown. COIT12207 Assignment 2 Figure 1 - Home Page (Not Logged In) Figure 2 - Home Page (Logged In) The footer for people who are not logged in should contain two links: a link to login, and a link to Home. The footer for people who are logged in should show three links: a home page link, a link to add a new animal, and a link to logout. COIT12207 Assignment 2 The login link should take users to the page login.php. The login page should display a form for users to login. If a user accesses login.php when they are already logged in, they should be redirected to home.php. When a user successfully logs in, they should be redirected to home.php. Figure 3 - Login Form If a user is logged in when they are on the home page, at the top of this page, the message "Welcome, current_user" should be shown, with current_user replaced with the username of the currently logged in user (this should be queried from the database and not hardcoded). If a user is logged in, each animal in the list of animals should have an edit and delete button. The list should be presented in a table with the columns: Animal Name, Animal Type, Adoption Fee, Sex, Desexed?. Two unnamed columns should be included at the end to store the Edit and Delete buttons for each animal. Figure 4 - Home Page for Logged In User COIT12207 Assignment 2 The list should be sorted alphabetically by Animal Type, and then by Animal Name (this is done with your SQL query). Animal Types include Dog, Cat, and Bird only. When a logged in user clicks the edit option for an animal on the home.php page, they should be taken to the edit.php page. On this page, there should be a prepopulated form of input elements which a user can use to change details about the selected animal. There should be two buttons (NOT links): Update and Cancel. The Update button will save the new values to the database and display a message informing the user of a successful update. The Cancel button should return the user to home.php. Figure 5 - Edit Page When a user clicks the delete option for an animal on the home.php page, they should be taken to the delete.php page. On this page, there should be a listing of the information about the selected animal. There should be two buttons (NOT links): Delete and Cancel. Delete will remove the animal from the database and inform the user of a successful deletion. The Cancel button should return the user to home.php. Figure 6 - Delete Page COIT12207 Assignment 2 When a user clicks the Add New Animal link, they should be taken to the add.php page. This page should have a number of input elements corresponding to the database fields for animal information. There should be two buttons at the bottom: Add and Cancel. The Add button will save the information about the animal to a new record in the database. The Cancel button should return the user to the home.php page. Figure 7 - Add Page There should be a logout.php page which will allow a user to logout. Figure 8 - Logout Page Users should not be permitted access to the add, edit, and delete pages unless they are logged in. Users should not have the options to edit and delete on the home page unless they are logged in. Sessions should be implemented so users only need to log in once to access all the pages. Your code should be free from error, and be appropriately indented and spaced. The first step in starting your assignment is to login to phpMyAdmin and run the supplied CreateDatabase.sql script. This will create the ‘adoption’ database and add the two tables: ‘animal’ and ‘authroized_users’. It also grants the user webauth SELECT, UPDATE, INSERT, and DELETE privileges. COIT12207 Assignment 2 You will require a number of SQL statements in your PHP coding. These have been supplied in RequiredStatements.txt. They have not been formatted for PHP code; this is left for you to complete. YOU SHOULD NOT HAVE TO CHANGE ANY SQL. What you must submit You are required to submit 6 core PHP files. 1. login.php 2. home.php 3. add.php 4. edit.php 5. delete.php 6. logout.php If you use other files in the completion of your assignment, you must supply these as well. You are required to submit 5 screenshots showing each of the above .php files (excluding logout.php) running in your web browser. Paste each screenshot into a single Word document. Your database does not need to be submitted. You should ensure your completed PHP pages function correctly using the supplied database without any edits to the database data. You must submit all your files in a single .zip archive named ‘ass2.zip’. COIT12207 Assignment 2 Marking Criteria Item Marks (out of 100) Authentication and Session Control  Authentication is implemented correctly (5 marks)  Session control is implemented correctly (3 marks)  Users are logged out correctly (2 marks)  Login form correct and displayed only if user is not logged in (3 marks)  User's username displayed in welcome message (2 marks) 15 Query and display data  All animals successfully displayed (5 marks)  Each animal has an Edit and Delete button which work correctly (5 marks)  All specified columns are shown in the table of animals (5 marks) 15 Update records in the database  Animal details are saved on update (5 marks)  Animal details are preloaded into form (3 marks)  Update and Cancel buttons have correct functionality (3 marks)  Accessing edit.php directly is handled correctly, without error messages (2 marks)  Form matches example provided in specification (2 marks) 15 Delete data from the database  Animal details are removed on deletion (5 marks)  Animal details are not editable and displayed correctly before deletion (3 marks)  Delete and Cancel buttons have correct functionality (3 marks)  Accessing delete.php directly is handled correctly, without error messages (2 marks)  Page matches example provided in specification (2 marks) 15 Add records the database  New animal details are saved (4 marks)  Add and Cancel buttons have correct functionality (4 marks)  Form matches example provided in specification (2 marks) 10 Secure code  Secure coding techniques used (10 marks) o Secure coding techniques include the use of prepared statements where appropriate, limiting input text areas to a maximum length, and separating database connection logic into its own file. o No marks will be awarded if no secure coding techniques are used. o Half marks will be awarded if some secure coding techniques are used on some pages, or secure coding techniques have been used incorrectly. o Full marks will be awarded if all secure coding techniques are used correctly on all pages. 10 Code Reuse  Correct use of include() and require() functions to prevent code duplication (5 marks) o You must use at least on include() or require() function to get full marks  Correct use of user defined functions where appropriate (5 marks) o You must correctly use at least one user defined function to get full marks o Half marks will be given if a user defined function is attempted but does not work correctly. o No marks will be given if there is no user defined function, or there is 10 COIT12207 Assignment 2 minimal attempt (e.g. function stub only). Presentation  Six core PHP files submitted with correct names (2 marks)  Indentation and spacing used in code (2 marks)  Files submitted in .zip archive (1 mark) 5 Screenshots show site functioning  Supplied and appropriate (1 mark per screenshot) o If a supplied screenshot does not match your submitted