CSCI 2170: Introduction to Server-Side Scripting Winter 2023
XXXXXXXXXXASSIGNMENT 4
Due date. Sunday, March 26 (11:00pm)
Purpose: This is the fourth in a set of assignments that will lead you to develop a lightweight Content Management System (CMS) created using Bootstrap that will feature a site for community artists who want to display their work (Art by You). The purpose of this assignment is to build on the codebase you created in the last assignments to work with a database and sessions. Remember - all assignments are to be your own work.
In this assignment, you will do the following:
1. Create an additional table in your database with sigin information
2. Your signin.php page should now have functionality and allow users to create accounts:
a. Add functionality to the signin.php page in your website which will use sessions
. Add a button to the signin page so that user can sign-up/create account page
c. Create a new page (createAccount.php) for users to create an account that will allow them to add their user information (name, art type, about description, and image file name) and setup their login information (username and password).
d. Add sign out functionality on the menu which is available on all pages in the site. After a user has signed out, the next time they try to open the post page it will direct them to the sign in page.
3. Use sessions to keep information alive during a session and between sessions (e.g., if a user hasn't signed out, and they return to the site, the site will remember the user without them needing to sign in again).
4. Update post.php: it will allow the cu
ent user (one signed in) to add new art – it also doesn't need to ask for their name because it knows who is signed in with sessions. If a user isn't signed in, this page should take them to the signin page.
5. Ensure that you add functionality noted as missing in Assignment 3 (the markers will list items that were missing in the last assignment and these need to be addressed in this assignment and noted in the assignment documentation, e.g. the framework file).
Image and content considerations:
I have supplied a variety of images that you can use for this assignment that are stock images available from Microsoft PowerPoint (make sure to note that all images used in the assignment are stock images available from Microsoft PowerPoint 2023 in your framework).
Assignment Information:
Grades. This assignment will be graded out of 60 marks and then scaled to 10 points.
Submission. All deliverables must be submitted on Brightspace: https:
dal.
ightspace.com MAKE SURE YOUR ZIPPED FOLDER IS CORRECT!! This is your responsibility.
Late submission policy. There is a two-day late policy (10% deduction for one day late and 10% for day two late – 20% max.). No assignments will be accepted after the late deadline.
Academic Integrity. Dalhousie academic integrity policy applies to all submissions in this course. You are expected to submit your own work. Please refer to and understand the academic integrity policy, available at: https:
www.dal.ca/academicintegrity
Content for the website. Use the provided images and the Lorem Ipsum generator to produce sentences/ paragraphs of dummy text: http:
www.lipsum.com (the images are Stock Images available from Microsoft PowerPoint).
Deliverables. Follow instructions of this document to submit all deliverables of this assignment.
General Instructions
1. Create a folder named A4.
2. Copy all your scripts, images, folders and other files from your A3 submission and paste them into A4. Make sure updated and additional files are also included (including extra files you downloaded for the templates from Bootstrap).
3. For this assignment, you will need to use MySQL.
Note: if you are using a local stack that come with MariaDB or another DBMS which is not MySQL it is your responsibility to ensure/verify that your PHP-MySQL scripts work with MySQL as well. We will be using MySQL for marking. [MariaDB is refe
ed to as a “drop-in” replacement to MySQL and therefore it should work as a direct replacement. It should work with the same queries that you had used for MySQL – but you should still make sure it works]
4. Start working on this assignment by updating the signin.php template and creating the new template createAccount.php (from Lab 4)
Database
Note: you will submit a “database dump” along with your submission. BUT you must also create the table structure exactly as specified in this section, because we will be using a database with the specified structure to verify your code. You can use the data from the files to fill the database. IF YOUR SYSTEM WON'T ALLOW YOU TO USE CAPITAL LETTERS IN YOUR DATABASE, MAKE SURE TO ADD A MESSAGE WHEN YOU SUBMIT YOUR ASSIGNMENT ON BRIGHTSPACE. THIS WILL HELP US GRADE YOUR ASSIGNMENT.
Remember: In your DB setup, you must set the username to be root and password to be root.
New Table: Signin
Create a table named Signin. This table will contain users’ signin credentials (username and password) and a foreign key to ArtistID in the Artists table. For security purposes, it is better to create different tables for user information and user login credentials (for this assignment you can store your passwords as plain text). It must have the following columns:
UserID
· Type: integer (11)
· Set up as the primary key
· Must be set to auto increment starting at 1
· Must not be null
ArtistID
· Type: integer (11)
· Set up as foreign key - links to ArtistID in Artists Table. Index the attribute and then you can add the foreign key (if using PHPMyAdmin)
· Must not be null
Username
· Must be VARCHAR (255).
· Must not be null.
Password
· Must be VARCHAR (255).
· Must not be null.
Table 1 – setup for Signin Table
Figure 1. Set up of the Signin Table (PHPMyAdmim) and sample input in the table
UPDATES TO TEMPLATES
Functionality/Additional Functionality for Assignment 4
Because we are using localhost and testing using localhost, you will only store the image filename in the database, the files will still be stored in your own directory (like Assignment 2 and 3). Make sure you use relative pathways (e.g. files/wate
water1.jpg).
Sign in, Signout and Create New Account
Signin (and setting up sessions)
1. Update the signin.php. On this page, the user will sign in or create a new account.
· For this assignment, the password will have no rules (e.g., no rules on length or using special characters); although when the user types in their password it shows up as *** (use input type password).
· The system will check with the database first to make sure that the username exists and then will check that the password is co
ect (otherwise it prints an e
or message).
2. Add a new button (and message) to create a new Account. If the user clicks "Create Account" they will be sent to createAccount.php (see below for instructions on this page).
3. Once the user successfully signs in, you will use the signin information to know which user the account belongs to. Set the signin session variable to true and set the UserID session variable and ArtistID session variable (from the Signin table). The user will also be directed to post (post.php) page once the sign in is complete and verified.
4. Once you have set up sessions on your site, if a user isn't signed in and they try to open post page, they will be directed to the signin page (i.e., they can't make any posts without being signed in). Once the user is signed in, they shouldn't be able to go back to the sign in page until they sign out.
Updated signin.php page.
Adds message that username is wrong – will have to enter again
Sign in with wrong username
If password is wrong, give a message and user will have to enter again
Create Account (createAccount.php page)
1. Create a new page (createAccount.php) to let new users sign up for a new account. This page will not show up on the main toolbar. Users will be directed to this page if they press the "Create Account" button on the signin.php page.
2. The form (can adapt the post.php or signin.php page) asks for a name, an artist type, a profile description ("tell us about you"), and a name of file to use as their artist image.
3. As well, the user will set up their signin information (select a username and password).
· The system will first check with the Signin table to see if the username already exists. If it exists, tell the user that the username already exists, and to try again.
· If the username is okay, insert the information first to the Artists table and then insert into the Signin table because of how the foreign key (ArtisitID) is set up in the Login table. (Hint: look at how mysqli_insert_id works – it will return back the newly created ArtistID from the Artists table after you insert a new Artist that you can then use to insert into the Signin table). Updates should show on pages.
· The password input should show up as *** like the sign in page.
4. Once the account has been setup. Set the signin session variable to true and set the UserID and ArtistID session variables. The user will then be directed to post (post.php) once the account set up is complete.
The createAccount.php Page
Create a new artist profile (don't forget to give a message similar to signin if the username already exists.
Update the Signin and Artists Table with the new artist.
Update: Sign out
In order for someone to sign out of the session, we will need to add an additional Navigation Bar item "Sign out". This will be added as a drop-down item from the Sign In menu item. You can reuse this menu item from the original navigation bar item called " Portfolio" (you'll need to go back and look at the original html code to reuse this code – or set it up yourself).
Once someone has signed in, the session will continue until the user signs out of their account. Add this signout functionality on all the relevant templates (add to index.php, artists.php, aboutArtist.php, collection_T.php themes.php, about.php)
If the user presses "signin", change the session variable login to false, clear the session and direct them to the signin page. One note, one way to do this is to set up a querystring when the user selects 'Sign Out' that directs the user to the signin page and the signin page deals with closing the session (knows to deal with it by checking the GET global a
ay). There are other ways of doing this as well though.
The dropdown Signout should be added to all pages' Navigation Bar.
Add drop-down menu for the Sign In menu item
When select 'Sign Out' direct user back to Sign In Page
Updates to Pages
Update the Post Page
1. When an artist signs in or makes a new account, they are automatically directed to this page (the sample screen shot is for the artist Carl Palmer who is signed in).
2. Use the session information (ArtistID) to add the name of the artist in the title and because you have this session information, you no longer ask the artist for their name. Again, like assignment 3 assume that the artist will only add artwork to an existing theme.
· Update the Artwork Table in the database.
· And ensure that the artwork is displayed both on the AboutArtist page and the appropriate Theme page.
After an artist's posts new art, update the Artwork table in the database and ensure the aboutArtist and theme pages are updated
All other pages will use a combination of querylinks, sessions, and the database to update information (e.g., artists.php, aboutArtists.php, collections_T.php and themes.php).
Sessions
· You need to use session variables for this assignment to keep track of which user is cu
ently signed in. In particular, when you start a session, you should keep track of whether a user is logged in (true/false) and ArtistID. Use this information to update the pages in the application (e.g., can use it for artists who post new artwork).
· As soon as a user logs in set the signin session variable to true and set the ArtistID session variable. The user will also be directed to post (post.php) once their signin is complete and verified.
· Once you have set up sessions on your site, if a user isn't signed jn, and they try to go to the Post page (on the navigation bar), they will be directed to the signin page (i.e., they can't make posts without being signed in).
· Once the user is signed in, they shouldn't be able to go back to the signin page until they sign out. You can also use the session information to get artist's name's, their artwork's, add new artwork, etc.
· When a user signs out, it will end the session (e.g., remove the cu
ent user) and direct them to the sign in page.
Additional Information