Embed Size (px)
Citation preview
Designing and implementing a secure portal for the departments alumni
3 Implementation
2 Design
4 Conclusion
1 Introduction
1.2 Work Breakdown StructurePORTAL Project
Literature Search
Project Report
Literature Survey
Literature Review
Design PORTAL
Implement PORTAL
Evaluate and Test PORTAL
Develop PORTAL Model
administrator
news
memories
n_picture_picture
n_id
n_status
n_content_fulln_content_brie
f
n_entered_for
n_date
n_title
n_time
n_entered_by
a_id
a_username
a_password
e_mail
m_id
m_content
c_username
m_time
c_picture
m_date
customer
cus_id
c_username
DoBc_picture
c_password
gender
gra_yeare_mailc_nationality
modify
modify
browse
write
write
modify
read
2.1 Entity Relationship Diagram
Department ofCommunication Systems
5 References 6 Acknowledgements
Designing and implementing a secure portal for the Departments alumni. This will enable alumni to be kept updated and update us on latest developments, e.g. new courses, job moves and various career opportunities. There will also be an area for sharing documents, e.g. new courses, modules etc.
Student Name: Lee ChadwickSupervisor: Dr Lina FagooneeCourse: Communications & Computer Systemshttp://dcs-files2/~chadwicl/navigation.php
2.2 Relational Schema
create table memories (m_id int not null auto_increment, c_username varchar (32) not null, c_picture text not null, m_time varchar (32) not null, m_date varchar (32) not null, m_content text not null, primary key(m_id));
create table news (n_id int not null auto_increment, n_title text not null, n_date varchar (32) not null, n_time varchar (32) not null, n_picture_picture text not null, n_content_brief text not null, n_content_full text not null, n_entered_by varchar(32) not null, n_entered_for varchar (32) not null, n_status varchar (32) not null, primary key (n_id));
create table customer (cus_id int not null auto_increment, c_username varchar (32) not null, gender varchar (30) not null, DoB varchar (30) not null, c_nationality varchar (30) not null, gra_year varchar (30), e_mail varchar (50) not null, c_password varchar (32) not null, c_picture text not null, primary key(cus_id));
create table administrator (a_id int not null primary key auto_increment, a_username varchar(32) not null, a_password varchar(32), email varchar(40));
3.1 SQL Tables
3.3.2 View Archived News (Alumni)
3.4.2 View Users (Administrator)
3.3.1 View/Add Memories (Alumni)
ID Task Name Start Finish Duration2006 2007
Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun
1 16d10/08/200620/07/2006Research Alumni needs and expectations
4 30d13/10/200604/09/2006Review current implementation of departmental alumni web portal
5 23d03/11/200604/10/2006Carry out security investigation on PHP, MySQL, Apache
18d14/11/200620/10/2006Compare security of other programming languages
3
2 16d29/08/200608/08/2006Attain Departments needs and expectation of an alumni portal
10d01/09/200621/08/2006Attain key and common features of various alumni implementations
6
66d19/10/200620/07/2006Definition, Plan and Assessment Criteria
10
9
8
7
143d03/04/200715/09/2006Project Implementation
47d01/05/200726/02/2007Evaluation and Testing
33d14/06/200701/05/2007Project Report
1.3 GANTT Chart
3.4.1 Login (Administrator)3.3.4 Login (Alumni)
3.3.5 Member Navigation (Alumni)
3.2 Home Page
McGlinn, J. (2005) Password Hashing [online] last accessed August 2006 at URL http://phpsec.org/articles/2005/password-hashing.html/
PHP.net (2006) Hiding PHP [online] last accessed29 May PHP.net 2007 at URL http://www.php.net/manual/en/security.hiding.php/
PHP.net (2006) Database Security [online] last accessed 29 May 2007 at URL http://www.php.net/manual/en/security.database.php/
Clark, D. (2006) PHP Security Mistakes [online] last accessed 29 May 2007 at URL http://www.devshed.com/c/a/PHP/PHP-Security-Mistakes/
Dickenson, P. (2005) Top 7 PHP Security Blunders [online] last accessed 29 May 2007 at URL http://www.sitepoint.com/article/php-security-blunders/
The project involved many stages which included – Project Planning, Design of System, Project Execution, Evaluation and Testing.
This poster illustrates some of the key features.
3.3.3 New Register (Alumni)
3.3.6 View Current News (Alumni)
Used a combination of PHP, MySQL and Apache to provide a solution to implement the required system.
Used header files and CSS to give the whole site the same look and feel.
Used MD5 (Message Digest 5) for encryption.
Used sessions to access details and methods provided by the portal.
Used PHP as opposed to HTML to hide source code.
Created database files in MySQL and made use of an Apache server.
A special thanks to Dr Lina Fagoonee my supervisor for all her help and support throughout my time working on this project. From start to finish she has been an inspiration, guided me in the right direction and given me all the help and support I have needed.
Thanks to Dr Hassan Ahmed, Lynne Drake, Dr Phil Benachour and Omer Rashid. I would also like to thank all my family and friends.
Many people have been involved in the completion of this project whether it has been in a direct and/or an indirect sense. All their help and support has been amazing and I can not thank people enough for that.
3.4.3 Insert News (Administrator)
Because the project was a follow on from a Master Students work there were various aspects in the design of the system which needed to be addressed.
In the end the database was redesigned. The use of programming in MySQL and PHP was maintained.
Special care was taken In defining the tables for the database. Data entities and their types were chosen carefully so that they matched the requirements of the project.
The project worked well and met the majority of the aims in regards to Definition of Project, Major Deliverables, Statement of Requirements and Critical Success Factors. Administrators can effectively Add/Edit/Delete data with ease.
The project has been enjoyable and rewarding in a sense of learning how to program in PHP and MySQL whilst learning important security aspects of both of these technologies.
1.1 Specification of Project
