BCPR294 Final Presentation Semester 2 2019 50 marks – worth 50% of the final grade for the course Friday 6 December 9:00am POWERPOINT – 50-60+ slides Use a server side scripting language (PHP) to program data base connection solutions and web to database interconnections; programme dynamic page generation for applications such as product displays, shopping carts, client management, order management and other online applications; and program a user-friendly client interface for a web service. • Design and implement and test small systems that require server side scripting • Use supplied classes for functionality such as PDF creation, database connection and query etc. COMPLETE 20 marks A demonstration of the ‘completed’ web site. 100% of must-have ‘features’ with all scenarios working = 10/20 Configurable for two different communities = 5/20 Has technical features 5/20 • Makes a database of 2-3 tables AT FIRST • Gets data and inserts data • Modify existing data • Simple (select * or a few fields query) and display • Complex subset query and display Work through a MoSoCoW list. Show features working in a demo. Make sure a Minimum Usable SubseT is demoed. https://en.wikipedia.org/wiki/MoSCoW_method Show the MUST-have features working for BOTH a Suduko on-line community and a Hindi Language learning on-line community. Show how your system can be easily reconfigured for the two communities. Support Kiwispeak and Hindi. https://lingohub.com/blog/2013/06/php- internationalization-i18n-mechanisms-tutorial/ Show the code working and/or show tests passing Analyse issues in server side programming with respect to best practice, and issues that exist in a server-side programming environment. SECURE 5 marks MUST have a secure login process and NOT “store passwords in plain text” [2 marks] A summary of the defences implemented against A1:2017- Injection [1 mark] A2: 2017-Broken Authentication and Session Management [1 mark] A3:2017- Sensitive Data Exposure [1 mark] See https://www.owasp.org/index.php/Category:Attack and https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf For each of the three attacks • explain the attack • identify where the attack could be used against your site • demo how the attack being used against an unsecured version of your site • display code in conforming to OWASP guidelines that protects against the attack • demo the attack failing against a secured version of your site GOOD 20 marks Can (should?) have more than 2-3 tables. An analysis of and reflection on Programming values (SOLID) Select FOUR different modules of code YOU have written (15+ lines each) and explain the good principles behind the code. 4 good/valid examples of each of 5 things (S O L I D) = 20 marks LESSONS LEARNED 5 marks At the end of the course, you should reflect on your experience in the course. You should write a short essay of approximately 600 words on your experience with developing a PHP application. Marked using the SOLO Taxonomy. http://www.mbms.org.uk/faculties/science/assets/SOLO/solo-taxonomy-explained-full.jpg
