1 / 14

Assignment 2

Assignment 2. Salim Malakouti. Ticketing Website. User submits tickets Admins answer tickets or take appropriate actions. Demo. Posting tickets. Enter info: Name Email Brief description of problem

niles
Download Presentation

Assignment 2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Assignment 2 Salim Malakouti

  2. Ticketing Website • User submits tickets • Admins answer tickets or take appropriate actions

  3. Demo

  4. Posting tickets • Enter info: • Name • Email • Brief description of problem • NOTE: All info are required and should be checked at server side. (Client side using JS is extra credit) User submits the ticket

  5. How to handle a ticket submission • When a ticket is submitted: • A confirmation is returned to the user in a Web page • An email confirmation is sent to the user (using the email address submitted • The request is added to the technical support database • An email is sent to all tech administrators • Admins are predefined in the system • You have their records in the database • No need for any user interface • Admins need to login • Their info should be in DB

  6. Login Requirement: • Show error for invalid user and pass • RESET Password: • Send a link to user’s email • Link should contain a random token • Token should be stored in DB • This way no one can fake the URL

  7. Admin’s view • Table in project description • Make sure to have a nice design and use tables for it. • Description of the Admin Table features

  8. Ticket’s Page • Ticket info and body • Close / reopen the ticket • You will need to keep a flag in DB check for something that would have the min waste of storage • Assign / Remove self to the ticket • You will need to update the information in DB • Email the submitter • You have done examples in lectures • Delete the ticket • We did something similar in class • Find all other tickets from the same submitter person that submitted the ticket in question • Send a query to database • Find all similar tickets • Tickets having at least • Go back to the main administrator page

  9. Security • Common bug: • User is not logged in as Admin • Goes to admin.php • ERROR: Access denied • So he tries to go to ticket.php?id=293 • We are not checking it there because we were assuming that everyone will start from admin.php (Cheaters and Hackers)

  10. How to handle it? • A simple and clean way to handle it: • Create a auth.php which has to contians the code for authentication and access management • Use “Include “auth.php” on the first line of each file • Sample

  11. Database • You choose your schema • You will at least need • Admin: A table to keep admins’ info • Ticket: Keep ticket info (Two or more) • It will need and ID as Primary Key similar to our Movie database • Why?

  12. Requirements • Use classes effectively • I will check this

  13. How to start the project • Start with creating the token page • Design DB • Submission of Ticket • Checkout your DB using PHPMyAdmin to CMI toolsto check if it works • Check for possible bugs and hacks and miss uses of your system • Move to Next • Take care of the admin table • Take care of Ticket’s Page • Make sure you design, code and implement one by one. Don’t forget checking for possible misuses after each part is finished and after the whole project is finished

  14. IMPORTANT • START EARLY • START EARLY • START EARLY • START EARLY • START EARLY • START EARLY • START EARLY • START EARLY

More Related