Assignment overview

The web application assignment will cover web page/site design with HTML5 and CSS, client-side programming with JavaScript, and server-side programming with PHP.

In this assignment, you will implement multiple PHP files to create an intranet application that enables staff of Totally Wonderful Awnings to easily access their customer order database. This intranet application will be referred to in this document as TWACO (Totally Wonderful Awnings Customer Orders). The intranet application that you create will be used by staff to search for existing customer records and their orders, and place new orders for existing customers: the functional requirements of the application are detailed in section B, the MySQL database that supports the functionality is named AWNINGS and is described in Appendix 1, database connection details are given in Appendix 2, and staff login credentials are given in Appendix 3 (outlined in section D).

You need to design and create the PHP web pages for this assignment.

You will need to use the following files to complete this assignment:

  • awnings.sql – used to create the MySQL database tables and data.
  • allTables.php – referred to in spec for viewing the content of the database and allow to the 

Assignment requirements

You will need to design web pages for this assignment that demonstrate the ease of navigation and operation, attractiveness and accessibility in mind. All styling and page layout must be achieved using CSS. The use of Bootstrap or other frameworks is not permitted. jQuery or similar are not permitted. Images other than those that are provided in the assignment zip file may also be used in this assignment. 

Your code must guard against SQL injection and Cross-Site Scripting attacks. That is, you must sanitise user input.

All assignment files are to be uploaded in the project folder as follows:

  • PHP and HTML files in the project folder
  • CSS files in the project/css folder
  • images in the project/images folder
  • Javascript in the project/javascript folder.

Note that compressed archive files (e.g., zip, tar etc.) are not acceptable and will not count towards submission requirements.

You must reference all sources that you use for inspiration of your solution as per section D. You must ensure that your web application renders correctly in Chrome.

Functional requirements

The intranet application you create must:

  • be coded using HTML5, CSS, JavaScript and PHP as necessary. Note all files described in the section must be PHP files to achieve the server-side functionality.
  • provide easy-to-use navigation for the user as described in the following tabs.
  • provide the following page content and functionality for each page as described in the following tabs.

Select each of the following taps to step through the functional page requirements you will need to achieve to complete your web application project.

  1. Find Customer Page (findcustomer.php)

Page purpose/description:

Employees of Totally Wonderful Awnings use this PHP page to search for customer records in the AWNINGS database by entering key information about a customer in the search form. The user is then able to choose a specific customer record to view from the search results. This page must only be accessible to logged-in employees.

Page content and functionality:

The page must have the following content and supporting functionality:

  1. Navigation to the other pages of TWACO as appropriate including a Log Off link (logoff.php is described below).
  2. Current server date
  3. Logged-in employee name
  4. postback form (the search form) which contains:
  • a text box for the Customer Surname (mandatory field: validate that a value has been entered using client-side JavaScript)
    • a text box for the Customer First name
    • a text box for the Customer Suburb
    • a text box for the Customer Phone number
    • a submit button.

As indicated above the only field that is mandatory in the search form is the Customer Surname. That is, a search may be performed based on the surname of the customer only. However, this may result in many matches from the database, so any of the other fields may also be entered by the employee to reduce the number of matches to assist the employee find the customer record more quickly.

Any error messages must be displayed inline (ie, no alert boxes are to be used).

Sanitise all user inputs to guard against SQL injection and XSS.

  • A search results (Customer List) section that lists customer record(s) that match details from the form.

Search the AWNINGS database for customer records that match details provided by the employee in the search form. The search may find zero, one or more matches depending upon the search terms entered by the employee. The output from the search depends on the number of matches found:

  • One or more records found: generate a list of matching customer records underneath the search form. The employee will be able to choose the record they want to view more detail from the list (see below). The list provides the following details:
  • Surname
    • First name
    • Full address
    • Phone number
    • Email address
    • Note: the surname and first name of each customer in the list to be a hypertext link. When clicked, the hypertext link should send the customer_id of the customer to the Customer Record (customerrecord.php) page. The Customer Record page will then display the full details of the chosen customer record (see Customer Record page details).
  • Zero records found: display an appropriate message underneath the search form instead of a list of results and provide a link to the Add New Customer page (addcustomer.php). This link must only be displayed if no matches are found by the search.

General page notes

  • The design of this page is open to your creativity, but it must appropriately display all required information in a clearly readable, well organised, and usable format, and include appropriate instructions for the staff member.
  • This page must only be accessible by a logged-in user. If a user tries to access this page and they are not logged in they must be automatically redirected to the logoff.php page (which redirects to the login page) and then display an appropriate error message on the login page indicating that the error has occurred.
  • Customer Record page (customerrecord.php)

Page purpose/description:

The purpose of this page is to display to the user the content of the chosen customer record (the choice occurs on the Find Customer page as previously described) and a summary of their past and present orders. This page must only be accessible to logged-in employees.

Page content and functionality:

The page must have the following content and supporting functionality:

  1. Navigation to the other pages of the system as appropriate including a Log Off link (logoff.php is described below).
  2. Current server date
  3. Logged-in employee name
  4. For the chosen customer:
    1. Customer Personal information: Surname, First name, Address, email, phone number
    1. Past and Present Orders: order Number, order date, order status for each past and present order for the customer. each record in the list will have a hypertext link to the Show Order Details page (details.php) so that the details of the chosen order can be displayed.

The data in these points are obtained from the AWNINGS database. This information cannot be modified by the user. Tip: It is likely that separate SQL queries will be required to obtain data from the database for these. That is, you should not try to obtain the data using one SQL query.

  • A hypertext link or button to create a new Order. This will open the New Order page (order.php) for the chosen customer to be able to place a new order.

General page notes

  • The design of this page is open to your creativity, but it must appropriately display all required information in a clearly readable, well organised, and usable format, and include appropriate instructions for the staff member.
  • This page must only be accessible by a logged-in user. If a user tries to access this page and they are not logged in they must be automatically redirected to the logoff.php page (which redirects to the login page) and then display an appropriate error message on the login page indicating that the error has occurred
  • New Order Page (order.php)

Page purpose/description:

The purpose of this page is to create and submit a new order for an existing customer. This page must only be accessible to logged-in employees.

Page content and functionality:

The page must have the following content and supporting functionality:

  1. Navigation to the other pages of the system as appropriate including a Log Off link (logoff.php is described below).
  2. Current server date
  3. Logged-in employee name
  4. postback form to capture the order details for the customer. The following fields will be in the form:
  • Customer Personal information: Surname, First name, Address, email, phone number.
    • Date of order (automatically set as the current server date)
    • Quoted by: (automatically set as the employee id of logged-in employee — it should default to the logged-in employee but can be changed to other staff from the AWNINGS database)
    • Production Description: This is a large test field where the employee lists/describes all the items being ordered by the customer. It may include information such as product ID, Product Name/Description, quantities, prices and any other relevant information.
    • Installation notes: This is a large text field where the employee lists/describes any relevant notes for the installer
    • Requested Installation date (must be at least 7 days after the current date)
    • Order Total (positive numeric value only)
    • Deposit Paid (zero and positive numbers only, cannot exceed Order Total)
    • Owing (calculated automatically as Order Total less Deposit Paid)

The above-stated validation requirements must be implemented in both client-side JavaScript and server-side PHP. Any error message must be displayed inline (i.e. no alert boxes are to be used).

Sanitise all user inputs to guard against SQL injection and XSS.

The AWNINGS database should not be updated if there is an error with the user input.

When the order form data passes validation, the details entered in the form will need to be inserted into the AWNINGS database in the relevant table(s).

General page notes

  • The design of this page is open to your creativity, but it must appropriately display all required information in a clearly readable, well organised, and usable format, and include appropriate instructions for the staff member.
  • This page must only be accessible by a logged-in user. If a user tries to access this page and they are not logged in they must be automatically redirected to the logoff.php page (which redirects to the login page) and then display an appropriate error message on the login page indicating that the error has occurred. 
  • Employee Login page (login.php)

Page purpose/description:

The purpose of this page is to provide a login facility for employees of Totally Wonderful Awnings that need to use TWACO. No other pages within TWACO will be accessible unless the employee has successfully logged in first.

Page content and functionality:

The page will have the following content and supporting functionality:

  1. the following text:

Totally Wonderful Awnings Customer Orders Intranet


Note: This Intranet Application is for the use of employees of Totally Wonderful Awnings only. Customer and Order information accessed via this system is private and confidential. Staff logging into this system is reminded of their legal responsibility to always maintain customer confidentiality. Information stored within this system may not be shared with external entities without the consent of Totally Wonderful Awnings management. By logging into this system, I agree to be bound by this requirement.

  1. postback login form which contains
  • a textbox to capture the employee ID
    • a password box to capture the employee’s password
    • a submit button.

Authenticate the employee credentials (employee id and Password) as supplied by the employee in the login form against the records in the staff table of the AWNINGS database.

Allow or deny access to the subsequent pages of TWACO depending on the result of authentication as follows:

  • Successful login attempt: Successful authentication should automatically redirect the employee to the Find Customer (findcustomer.php) page.
  • Failed login attempt: Unsuccessful authentication should automatically redirect to the login page so that the employee may try to log in again. An appropriate error message must be displayed to the employee if the login attempt fails or if the employee tries to access any of the protected pages of TWACO.  The message display must be implemented using appropriate PHP server-side code; it is not to be a JavaScript alert (or any other browser-side component). The message should be displayed in an appropriate location on the login page in a suitable colour. The message must appropriately indicate the problem that caused it to occur.

Note on Employee Login Credentials:

The passwords that are stored in the staff table of the AWNINGS database are encrypted using the sha256 algorithm. A list of employee ids and (decrypted/plain text) passwords can be found in Appendix 3 of this document.

Site Navigation:

The login page will have no direct hypertext links to any other pages of the system. Access to TWACO is only possible after successful login.

  • Logoff page (logoff.php)

The purpose of this page is to log the employee off the system and automatically return them to the login page. The page must not display anything to the user. The page should remove all session variables and end the session (if sessions were used). It should then redirect to the login page. This page can be accessed from any of the pages as detailed above.

  • Show Details page (details.php)

This page does not need to exist in this version of TWACO. In a more complete version of TWACO, the purpose of this page would be to display to the user the full details of the order that was chosen on the Customer Record Page. 

  • Add New Customer page (addCustomer.php)

This page does not need to exist in this version of TWACO. In a more complete version of TWACO, the purpose of this page would be to capture customer personal information and insert them into the Awnings database.

Appendices and referencing

Appendices

The AWNINGS database consists of 3 appendix tables. Each table is described in Assignment 3 Appendices (DOCX). You will need to download the document so as all students have access to the same centralised copy of the Awnings database. A description of how to connect to the database is provided in Appendix 2.

Referencing

When coding practical exercises is it understood that you may sometimes use segments of code from other sources as inspiration for your work. These sources may include lecture notes and practical exercises, the textbook or tutorial sites from the web. In these cases, you must make sure that the work is not copyright and that full acknowledgment of the source of the original work is given in the submitted assessment item. These sources cannot be another student’s work (past or present) and must not be directly pertaining to this assignment. Students in this subject are not permitted to submit assignment questions or sections of code from Internet coding forums, repositories, or the like.

Where inspiration is found in a resource as previously described, the appropriate acknowledgment of the source must be included in your submission. For coded functions, this acknowledgment will take the form of a code comment in the line immediately preceding the code segment and another code comment in the line immediately after the last line of the code segment.  If the source is a resource available on the Internet, then it should detail sufficient information such that your OLA can directly view the original source without having to delve through a series of links or search of their own to locate it. If the source is from a textbook or similar, then insert a code comment that uses the APA 7 referencing style.

Example of correct referencing style:

Example of incorrect referencing style

Graphical user interface, text, application, email  Description automatically generated

Example of correct reference style for a segment of code

All papers are written by ENL (US, UK, AUSTRALIA) writers with vast experience in the field. We perform a quality assessment on all orders before submitting them.

Do you have an urgent order?  We have more than enough writers who will ensure that your order is delivered on time. 

We provide plagiarism reports for all our custom written papers. All papers are written from scratch.

24/7 Customer Support

Contact us anytime, any day, via any means if you need any help. You can use the Live Chat, email, or our provided phone number anytime.

We will not disclose the nature of our services or any information you provide to a third party.

Assignment Help Services
Money-Back Guarantee

Get your money back if your paper is not delivered on time or if your instructions are not followed.

We Guarantee the Best Grades
Assignment Help Services