CS 242 Spring 2012 : Assignment 2.2
CS 242 Spring 2012 : Assignment 2.2
This page last changed on Mar 12, 2012 by cemeyer2.
For the last 4 weeks of the semester, each of you will complete your own final project. The project can cover any domain using any language, toolkit, or framework, but you cannot have your final project for this course be part of a project or assignment for another course you are currently taking. See the Final Project Details page for more firm details on the final project. Before you can begin your final project, you must first write up a formal proposal and submit it to your section leader for approval. The proposal must contain:
Expect your proposal to be at least 2 pages in length.
We expect you to spend the same amount of time each week on the final project that you spend on each of the other assignments so far this semester, so plan out each week accordingly. Your TA or moderator might ask you to revise your proposal after submitting it if he thinks that you are trying to do to much or too little. Submit your proposal as a pdf via email to your section leader by 4:00PM on Monday, March 26th 2012. This gives us time to review your proposals so you will still have a full week to work on the first week of your final project. You cannot start on your final project until you get approval from your section leader, so the earlier you submit it and get approval the earlier you can begin working. Lastly, please submit your proposals in PDF format to eliminate chances of any problems when trying to read them.
Take a look at the example proposal done by a former student for a rough guide of what a proposal from the past looked like. The requirements for the proposal have slightly changed since this proposal was written, so just use this one as a guide for how much detail we are expecting.
For this week’s assignment, you will be using a combination of PHP and SQL to create an interactive threaded comments discussion board for your portfolio.
Instructions on what services are available on cPanel as well as how to access them are located at https://wiki.engr.illinois.edu/display/engineeringit/Web+Hosting+for+Student+Projects. That page also has basic information on how to execute SQL queries against the MySQL database on the cPanel server.
There are three main functional requirements this week:
The first step you will need to do is figure out how you want to store your data in the database. Think about what table(s) you need and what columns each of those tables needs to have. Hint: Think about the discussion board for each of your projects as a multi-level tree, where the root is the project, and interior nodes and leaves are each comments left on the project. The parent of any comment node in the tree is the comment that it is replying to or if the parent is the project, then it is a top level comment. How can you store this in a relational database? Feel free to use the PHPMyAdmin that is built into cPanel to construct your tables and play around with your design, but remember to include the statement(s) that generated your schema in your README.
If you are unfamiliar with SQL, we suggest you go through this SQL tutorial.
The second step this week is to create some basic forms and display pages to show your comments. You will need to add to your XSLT document generated last week to add the information to your main portfolio page to allow it to interface with your comments PHP. Note that you should not put any PHP code in your XSLT document, as it will not be evaluated by the parser before being echoed back out to the client. Use CSS to style these pages and make them look presentable. How can you indicate that a comment is in reply to another? How do you place the tree of comments on a single page. Take a look at the comment pages on sites like Slashdot and Reddit for inspiration.
Using the proper techniques such as prepared statements and other ideas as discussed in lecture, secure your code at minimum against SQL Injection Attacks. Add defense against Cross-site Scripting Attacks as well. Use the internet to find resources about how to accomplish these goals with PHP.
For the last step, you will need to implement a basic content filtering system. You will need to compile a list of “red flag” words/phrases and acceptable replacement words/phrases. This list must have at least 8 entries, but feel free to add as many as you would like. When a user enters a comment with a “red flag” word or phrase, it should be automatically replaced with the corresponding replacement word. This should be done using regular expressions. See the tutorials from last week and this week for examples with regular expressions. Store your “red flag” words/phrases and their corresponding replacements in the database. Do your substitution via the new relations you store. Also add an “administrator form” where an admin can add/remove from this table.
For this week, we require basic integration testing. That is, you should have some test code that creates comments, replies to comments, checks for proper filtering, checks for proper SQL injection attack prevention, etc. Your tests should work by invoking the scripts you wrote to post comments, then verify they are properly placed in the database. Feel free to use one of the many PHP test runners out there, but do not feel obligated to. If you choose to not use a PHP testing suite, you will need to write your own custom test harness/runner to run your tests and report results.
|Document generated by Confluence on Mar 29, 2012 02:55|