A11: Authenticating Users

On This Page Overview Specifications Extra Credit Grading Criteria (20) What to Turn In Overview During this assignment, you will: Develop a form that allows visitors to register Develop a form that allows visitors to login Develop a protected (login required) page that requires visitors to login Develop functions for database-driven login authentication ^ top Specifications Implement a registration and login system for your project that includes the following. Note: Do NOT use a database wrapper like PEAR DB or ADODB for this course. These are fine products but the instructor does NOT have them installed and your code will fail the tests if you use them and you will get a low score. Write a single-page form named register.php that allows users to register a username and password on your web site. Using the specified name makes grading easier. After you turn in the assignment, you can change the name of the page for your final project. Also note that you should NOT secure your register.php page for this assignment. Again, you can change this after the assignment if you do not want to allow self-registration. Write a single-page form named login.php that allows users to login to your web site. Using the specified name makes grading easier. After you turn in the assignment, you can change the name of the page for your final project. Write a page that requires visitors to login before they can access the page. Please identify the name of the page in your README.txt file. I will run the page to verify your code. It must run without warnings, errors or notices for full credit. Export your database as SQL statements to a dbname.sql file. Name the file after your database and add the extension .sql to the name. Make sure your tables are in a loadable order. You may need to arrange your table order manually, so test your dbname.sql file before submitting it. Make sure of the following about your dbname.sql file: Does not contain a SQL 'USE' or 'CREATE DATABASE' statement Includes DROP TABLE IF EXISTS statements for all tables Is compatiable with MySQL version 4.0.X Note that phpMyAdmin supports all these behaviors if you check the correct checkboxes. Create a PHP comment at the top of all PHP pages formatted like the following: /** * CIS-165PH Asn 10 * form.php * Purpose: data-entry form * * @author Ed Parrish * @version 1.0 4/24/04 */ In your README.txt file provide instructions on using this assignment. For example, if a password is required, please include a password. If any values are required for a form, please provide the values. Place at least the following files in the web-application root directory: README.txt file login.php file register.php file Your login-protected web page dbname.sql file Your PHP code must use the included file includes/dbconvars.php for all database connection arguments. Even though you do not need to submit your dbconvars.php file, the instructor will use a version of it to test your work. If you do not use dbconvars.php, you will receive a poor grade. Zip your project and all files and subdirectories you plan to submit using a zip utility such as WinZip or the Linux zip utility. The zip file must extract into a directory that the instructor chooses. Do NOT use absolute (full) paths. Failure to comply with this instruction may result in a special grade of one point for the assignment. ^ top Extra Credit The following are worth extra credit points: Add a logout page named logout.php that destroys any cookies and session variables you may have created in your login and registration processes. (1 point) Allow users to choose whether or not to save their login name in a cookie. If you implement this feature, make sure the default is to save the information. (1 point) Provide a page named preferences.php that lets the user change their password and other personal information in your database. (2 points) Make certain that your README.txt file lists any extra credit attempted and the names of the pages containing a sample of the work. ^ top Grading Criteria The instructor will evaluate your assignment using the following criteria. Each criteria represents a specific achievement of your assignment and has a scoring guide. The scoring guide explains the possible scores you can receive. Some scoring guides have a list of indicators. These indicators are a sign of meeting, or a symptom of not meeting, the specific criterion. Note that a single indicator may not always be reliable or appropriate in a given context. However, as a group, they show the condition of meeting the criterion. For information on grading policies, including interpretation of scores, see the course Syllabus. Database Export 2: Database loads from dbname.sql file with no errors or warnings 1: Database loads from dbname.sql file but has errors, warnings or missing data 0: Does not load or dbname.sql file not submitted Functionality 10: Demonstrates mastery of the assignment Has extra features or demonstrates techniques beyond the assignment Applies concepts from the lessons appropriately Meets all specifications (see above) with particularly elegant solutions Runs to completion with no abnormal error conditions Generates correct output given correct input Behaves in a reasonable way in response to incorrect data 8: Has all the functionality expected of the assignment Demonstrates many techniques from the lesson Meets all specifications (see above) Implementation seems more complicated than necessary. May have one minor error 6: Has most of the functionality expected of the assignment Demonstrates some techniques from the lesson Meets all but one of the specifications (see above) Implementation seems excessively complicated. May have 2-3 minor errors 4: Has some of the functionality expected of the assignment Demonstrates some techniques from the lesson Meets at least 1/2 of the specifications (see above) Implementation seems excessively complicated. May have more than 3 minor errors 2: Serious functional problems but shows some effort and understanding Meets less than 1/2 of the of the specifications (see above) Has a major error or many minor errors Implementation seems very convoluted Demonstrates few techniques from the lesson 0: Does not execute User-Input Error Handling 4: Errors are handled gracefully and users can correct them easily All input is thoroughly checked Error messages clearly explain how to fix the problem All errors are identified in the form at one time All prior entries retained Errors color-coded or highlighted 3: Errors can be corrected with some effort All input is checked but some minor conditions were missed Error messages somewhat explain how to fix the problem All errors are identified in the form at one time All prior entries retained 2: Errors are tiresome to correct or messages are annoying All input is checked but many conditions were missed Error messages are somewhat vague Only one error at a time is identified Prior entries are discarded 1: Error checking is inconsistent Some input is not checked Error messages are confusing Prior entries are discarded 0: Does not run PHP Documentation 2: Code is well-documented Name, date, and page description in page comment block Follows format for page comment block Proper use of whitespace and indenting 1: Code has some documentation errors 0: No apparent attempt at documentation README.txt File 2: README.txt file submitted with specified information included 1: README.txt submitted but some information was not included 0: No README.txt submitted Maximum Score: 20, plus extra credit ^ top What to Turn In Submit a zipped file with all required files in the specified directories following the instructions for homework. Your .zip file must include all the files and subdirectories needed to make your assignment function properly. Do not assume that the instructors has any files except dbconvars.php. Your assignment must work as submitted. If you have a restricted page that is part of the grading, please explain in your README.txt file how I can access it. If I cannot access a restricted page, then I cannot grade it. ^ top Home | WebCT | Announcements | Course info | Expectations | Schedule Project | Help | FAQ's | HowTo's | Links Last Updated: December 11 2005 @22:05:48