Assignment 2
This presentation is the property of its rightful owner.
Sponsored Links
1 / 14

Assignment 2 PowerPoint PPT Presentation


  • 45 Views
  • Uploaded on
  • Presentation posted in: General

Assignment 2. Salim Malakouti. Ticketing Website. User submits tickets Admins answer tickets or take appropriate actions. Demo. Posting tickets. Enter info: Name Email Brief description of problem

Download Presentation

Assignment 2

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Assignment 2

Assignment 2

Salim Malakouti


Ticketing website

Ticketing Website

  • User submits tickets

  • Admins answer tickets or take appropriate actions


Assignment 2

Demo


Posting tickets

Posting tickets

  • Enter info:

    • Name

    • Email

    • Brief description of problem

    • NOTE: All info are required and should be checked at server side. (Client side using JS is extra credit)

      User submits the ticket


How to handle a ticket submission

How to handle a ticket submission

  • When a ticket is submitted:

    • A confirmation is returned to the user in a Web page

    • An email confirmation is sent to the user (using the email address submitted

    • The request is added to the technical support database

    • An email is sent to all tech administrators

      • Admins are predefined in the system

        • You have their records in the database

        • No need for any user interface

        • Admins need to login

        • Their info should be in DB


Login requirement

Login Requirement:

  • Show error for invalid user and pass

  • RESET Password:

    • Send a link to user’s email

    • Link should contain a random token

    • Token should be stored in DB

      • This way no one can fake the URL


Admin s view

Admin’s view

  • Table in project description

    • Make sure to have a nice design and use tables for it.

  • Description of the Admin Table features


Ticket s page

Ticket’s Page

  • Ticket info and body

  • Close / reopen the ticket

    • You will need to keep a flag in DB check for something that would have the min waste of storage

  • Assign / Remove self to the ticket

    • You will need to update the information in DB

  • Email the submitter

    • You have done examples in lectures

  • Delete the ticket

    • We did something similar in class

  • Find all other tickets from the same submitter person that submitted the ticket in question

    • Send a query to database

  • Find all similar tickets

    • Tickets having at least

  • Go back to the main administrator page


Security

Security

  • Common bug:

    • User is not logged in as Admin

    • Goes to admin.php

      • ERROR: Access denied

    • So he tries to go to ticket.php?id=293

    • We are not checking it there because we were assuming that everyone will start from admin.php (Cheaters and Hackers)


How to handle it

How to handle it?

  • A simple and clean way to handle it:

    • Create a auth.php which has to contians the code for authentication and access management

    • Use “Include “auth.php” on the first line of each file

  • Sample


Database

Database

  • You choose your schema

    • You will at least need

      • Admin: A table to keep admins’ info

      • Ticket: Keep ticket info (Two or more)

        • It will need and ID as Primary Key similar to our Movie database

        • Why?


Requirements

Requirements

  • Use classes effectively

    • I will check this


How to start the project

How to start the project

  • Start with creating the token page

    • Design DB

    • Submission of Ticket

    • Checkout your DB using PHPMyAdmin to CMI toolsto check if it works

    • Check for possible bugs and hacks and miss uses of your system

    • Move to Next

  • Take care of the admin table

  • Take care of Ticket’s Page

  • Make sure you design, code and implement one by one. Don’t forget checking for possible misuses after each part is finished and after the whole project is finished


Important

IMPORTANT

  • START EARLY

  • START EARLY

  • START EARLY

  • START EARLY

  • START EARLY

  • START EARLY

  • START EARLY

  • START EARLY


  • Login