Programming Exercise I: A simple online bookstore using LAMP

Programming Exercise I: A Simple Online Bookstore Using LAMP

(Industry-Level, Second-to-None Comprehensive Specifications)

Absolutely no copying others’ works
Development Requirements
When start developing the exercise, follow the requirements below:

Have to use LAMP (Linux, Apache, MySQL, and PHP) mainly.
The exercise has to be Internet-enabled (a trend of current IT systems).
The system entry page must be located at http://undcemcs02.und.edu/~user.id/457/1/ and all pages must be hosted by http://undcemcs02.und.edu/~user.id/ .
The systems have to be active even after being graded until the end of this semester. They will be re-checked for plagiarism from time to time.

Soft Due Date^† and Submission Methods
Due on or before Friday, February 16, 2024. Send an email to the instructor at wenchen@cs.und.edu including

the password for displaying the source code online (only one password for all exercises and interfaces),
the SQL create commands used, and
an appointment to demonstrate your exercise to the instructor individually, so misunderstanding would be minimized. The instructor will prepare a set of test data to be used by all students. The instructor’s Zoom ID is https://und.zoom.us/j/2489867333 .

^†The purpose of exercises is to make you practice what you have learned, so no penalty will be applied if submitted after the due dates. However, you may lag behind if you are not able to submit them by the due dates.

^‡Note that you are allowed to use any languages and tools for this exercise, but the exams will focus on LAMP technologies unless otherwise specified.

Objectives
Database-driven web sites are a must for companies nowadays. This exercise has students design and implement a simple database-driven online bookstore by using LAMP technologies from the ground up.

Requirements
The bookstore includes the following features:

The data of a book includes
- a unique ISBN (10 characters),
- a title, and
- a price.

The data of a customer includes
- a unique ID (assigned by the system automatically after signing up),
- a name,
- an account including
  - a list of purchased, unique books with an accumulative quantity each and
  - a total amount spent on the purchased books (one amount per customer).

(System reset: 05%) The system can be reset, which is to clear all data stored in the database and files, so the instructor can test the system by using only his own test data. That is the system has to include a button such as “Clear system” on the system entry page.

(System administrator: 10%)
The one (and only one) system administrator can enter books one by one.

(Customers: 45% total)
For each customer:
- (Customer signing up, in, and out: 15%)
  Customers can sign up, in, and out. The instructor will use multiple browsers, tabs, or computers to test your exercise at the same time.
- (Searching for books: 15%)
  List a book if its title includes any of the case-insensitive keywords in a query, where the keywords are separated by spaces. If the query is empty, list all books. The search results are a list of hyperlinked book titles, checkboxes, and input fields for quantities.
- (Purchasing books: 15%)
  After searching, purchase all checked books at the same time. The quantities and amount in the account are accumulative.

(Generic functions: 30% total)
For both administrator and customers:
- (Listing all data: 10%) Display all hyperlinked book titles and customer names. The system administrator can list all customers, but a customer can only list her/his hyperlinked name.
- (Listing book data: 10%) List all data of a specific book by clicking on its hyperlinked title (including an ISBN, a title, a price, and a quantity sold).
- (Listing customer data: 10%) List all data of a specific customer by clicking on her/his hyperlinked name (including an ID, a name, the titles of the purchased books, an accumulated quantity for each book, and the total amount spent).

(Instructor’s requirements: 10% total)
Other than the above system requirements, the instructor has the following requirements:

(User-friendliness: 05%) User-friendliness will be heavily considered when grading. In the past, some exercises were awkward, which made the grading or browsing difficult. For example, it is considered not user-friendly if the system repeatedly asks users to enter their names/IDs/passwords.

(Plagiarism checking: 05%) It is for the instructor to find any plagiarism. Each interface includes a button “Display source,” which is to list ALL the source code for implementing the functions of this interface. Only one password is for all exercises and interfaces. The system will be highly suspected if fail to implement this button. Use the following PHP script Check.php as a template to implement this button and the associated Help button:

Password: Interface:

~/public_html/course/457/exercise/1/Check.php

<?php

if ( $_POST['act'] == "Display source" ) {
  header( "Content-type: text/plain" );
  if ( strcmp( $_POST['password'], "passowrd" ) )
    if ( $_POST['interface'] == 1 ) {
      $file = fopen( "1.php", "r" ) or exit( "Unable to open file!" );
      while ( !feof( $file ) )  echo fgets( $file );
      fclose( $file );
    }
    elseif ( $_POST['interface'] == 2 ) {
      $file = fopen( "2.php", "r" ) or exit( "Unable to open file!" );
      while ( !feof( $file ) )  echo fgets( $file );
      fclose( $file );
    }
    elseif ( $_POST['interface'] == 3 ) {
      $file = fopen( "3.php", "r" ) or exit( "Unable to open file!" );
      while ( !feof( $file ) )  echo fgets( $file );
      fclose( $file );
    }
    else
      echo( "No such interface: " . $_POST['interface'] );
}
elseif ( $_POST['act'] == "Help" ) {
  header( "Content-type: text/html" );
  system( "cat Help.html" );
}
else {
  header( "Content-type: text/plain" );
  echo  ( "No such option: " . $_POST['act'] );
}

Modify the password in the Line 05 to the password you pick.

An Example of Web Page Display
Note that this example is not related to this exercise. It is only to show how to display web interfaces.

Evaluations
The following features will be considered when grading:

Specifications:
- The instructor (or your assumed client) has given the exercise specifications as many details as he possibly can. If you are confused about the specifications, you should ask in advance. Study the specifications very carefully. No excuses for misunderstanding or missing parts of the specifications after grading.
- The specifications are not possible to cover every detail. You are free to implement the issues not mentioned in the specification, but the implementations should make sense. Implemented functions lacking of common sense may cause the instructor to grade your exercise mistakenly, and thus lower your grade.
- The exercise must meet the specifications. However, exercises with functions exceeding the specifications will not receive extra credits.
Grading:
- This exercise will not be graded if the submission methods are not met. Students take full responsibility if the web site is not working.
- A set of test data will be used by all students. The grades are primarily based on the results of testing. Other factors such as performance, programming styles, algorithms, and data structures will be only considered minimally.
- Before submitting the exercise, test it comprehensively. Absolutely no extra points will be given after grading.
- The total weight of exercises is 40% of the final grade, 13% for this exercise (e-commerce system), 14% for Exercise II (m-commerce system), and 13% for Exercise III (AJAX).
- Multiple browser tabs, browsers, or computers will be used to test the systems at the same time to make sure the multi-processing is working well.
- If not specified, no error checking is required; i.e., you may assume the input is always correct for that case. For example, the ISBN entered will always be a unique key of 10 characters.
- Feel free to design your own interfaces; user-friendliness will be heavily considered; each function/button will be tested extensively; and from the source code submitted, the programs will be examined.
- The newest Firefox browser will be used to grade exercises. Note that Internet Explorer, Edge, Chrome, and Firefox are not compatible. That is your exercises may work on the IE, Edge, or Chrome but not Firefox.
- The instructor will inform you the exercise evaluations by emails after grading.

Databases:
- A database has to be used and try to perform the tasks by using SQL as much as possible because SQL, a non-procedural language, can save you a great deal of programming efforts.
- The SQL DDL commands such as “create” have to be submitted, where SQL is Structured Query Language and DDL is Data Definition Language.
- From the source code submitted, the database design and programs will be examined. Poor database design or uses will result in a lower grade.
- (-05%) if the database design is NOT optimal.
- (-05%) if the SQL create commands of database implementation is NOT submitted.
- There are many advantages of using databases. If database is not used, the problems caused by not-using-transaction must be considered. For example, if two customers are enrolled at the same time, an ID may be assigned to different customers if databases are not used.

Comments:
- Make the exercise work first. Do not include extra features, such as user passwords, in the beginning. By the way, you will not receive credits for the extra features.
- Time management is critical for software development. If you are not able to complete the exercise, display whatever you have accomplished, so the instructor can give partial credit to your exercise.
- One way to build a complex web system from scratch is to design the user interfaces first and then implement the system button by button. By doing this way, it could simplify the construction. The recommended construction steps are
  1. Examining the specifications very carefully,
  2. Designing the databases (E-R modeling or normalization),
  3. Implementing the databases (SQL),
  4. Building the interfaces (HTML, CSS, and JavaScript),
  5. Implementing the system button by button (PHP embedded with SQL commands), and
  6. Testing the exercise thoroughly.
- A good IT developer is not limited by specific languages. Use the languages when they are most appropriate for the need; for example, Perl is good at string processing, PHP is designed for web processing, and shell scripts are powerful.
- According to a study, students in computer courses learn much more by building large-scale exercises instead of many small-scale test programs, which give fragmented knowledge contrary to solid understanding of the system.
- Web user interface is a trend for software systems compared to native user interface.
- Web, mobile, and database programming is a must for IT developers, and the only effective way to learn software development is practicing, instead of studying concepts or writing some testing programs.
  No pain, no gain 😂
- Remote work is a trend for IT workers. This course also allows you to learn how to do it by using the VPN (virtual private networks) to connect to our Linux server undcemcs02.und.edu, and having the exercises set up at the server and be accessed from the clients.
- Many times, simplicity is the same as user-friendliness.
- The function of automatically sending emails or text messages is important for e/m-commerce systems, but will not be used here since companies complained our students sending out numerous mails or text messages because of faulty programs.
- Security is critical for all websites. However, small or medium -size businesses do not usually implement their own secure payment schemes. Instead they use a third-party payment system such as PayPal or purchase software from company like Global Payments Integrated and integrate it with their websites. For an encryption introduction, check Public-key cryptography.