Sonoma State University
Department of Computer Science
CS-370: Software Design and Development
Programming Assignment 2: Display User Transactions

OBJECTIVE

Write a server-side Common Gateway Interface (CGI) application that will display all the user's past and current transactions. The user’s transactions should be divided into four categories:

  1. Selling
  2. Purchases
  3. Current Bids
  4. Didn't Win

SPECIFICATIONS

User Interface:
  • Under the "Selling" category, display all items the user is selling at auction (i.e. where the auction has not expired yet) then display all items that sold (i.e. auction has closed).
  • Under the "Purchases" category display all the items the user has purchased (i.e. the user was the highest bidder before the auction closed.)
  • Under the "Current Bids" category, display each item the user is currently bidding on and the current highest bid price for the item. If the user is not the highest bidder, output a warning that the user has been outbid. Provide a button or link to increase a user's maximum bid on each item (regardless of whether user has highest bid or not).
  • Under the "Didn’t Win" category, display each item the user had bid on but was outbid by another user when the auction closed. Display the winning bid price for the item.
Implementation:
  • You may write your Common Gateway Interface (CGI) application in PHP, Python, Perl, Java, C, or C++ (please include a Makefile if writing in C or C++).
  • All form processing must be done on the server-side via CGI.
  • Third party authentication software such as Google, Meta, etc. may not be used.
  • Your application must use the MySQL Relational Database Management System (RDBMS).
  • Your program must generate HTML 5 compliant output. Before generating dynamically-generated web content, create static web pages that you can submit to the World Wide Web Consortium Markup Validation Service at https://validator.w3.org/

SUBMITTING YOUR WORK

  • Please upload your source code (including Makefile if applicable) as a zip or gzipped-tar file.

Programming Assignment 2 Rubric

CRITERIA RATINGS POINTS
Compilation:
Web-base application uses the Common Gateway Interface and runs on the Blue web server in the CS department at Sonoma State University.		 Excellent
2 points
Application runs on the Blue web server at Sonoma State University via the Common Gateway Interface. No HTTP warnings or errors occur. The application is written in PHP, Python, Perl, Java, C, or C++.		 Satisfactory
1.4 points
The application runs on the Blue web server at Sonoma State University via the Common Gateway Interface but some HTTP warnings occur. No HTTP errors occur. The application is written in PHP, Python, Perl, Java, C, or C++		 Needs Improvement
1 point
The program relies solely on client-side Javascript applications for form processing.		 Unsatisfactory
0 points
The Common Gateway Interface is not implemented; OR an HTTP error occurred.		 2 points
Authentication:
Does the server-side application require user-authentication?		 Excellent
4 points
Web-based application requires user-authentication. If a user is logged-in, the web-based application will time-out after five minutes of inactivity. In such cases, the server will prompt the user to authenticate again before continuing. To authenticate, the user must enter their email address and a password or register as a new user with an email address and a password. No third party authentication tools are utilized (e.g. Google, Meta, etc.). No HTTP errors or warnings occur.		 Satisfactory
2.8 points
Web-based application requires user-authentication. The web-based application does not time-out after five minutes of inactivity. No third party authentication tools are utilized (e.g. Google, Meta, etc.). No HTTP errors or warnings occur.		 Needs Improvement
1.5 points
Web-based application requires third-party authentication tools (e.g. Google, Meta, etc.).		 Unsatisfactory
0 points
No user-authentication software was implemented.		 4 points
MySQL implementation:
MySQL is accessed through a database interface on the server side.		 Proficient
3 points
MySQL database is accessed via a server side application running on Blue. The server side is able to send read and write requests to update data managed by MySQL. All data is sanitized before reads or writes to the MySQL to ensure no SQL injections can occur.		 Needs Improvement
1.5 points
MySQL database is accessed via a server side application running on Blue. The server side is able to send read and write requests to update data managed by MySQL. No SQL statements are sanitized before sending to the MySQL server. Therefore, an SQL injection can occur!		 Unsatisfactory
0 points
MySQL is not accessed on the server-side.		 3 points
HTML version 5 compliant output:
Does all dynamically-generated HTML output conform to HTML 5 standard?		 Excellent
1 point
All dynamically-generated output is HTML version 5.0 compliant as verified by the HTML5 validator.		 Satisfactory
0.7 points
One error occurs in the dynamically-generated HTML output when tested with the HTML5 validator.		 Needs Improvement
0.2 points
Two or three errors occur when the dynamic web content is validated with the HTML5 validator.		 Unsatisfactory
0 points
Four or more errors occur in the dynamic web-based output when validated in the HTML validator; OR no web content is output.		 1 point
User Interface:
The server-side's application interface.		 Excellent
5 points
If the user is currently logged in (i.e. authenticated) and has been active within the last five minutes, all of the following sections (and their appropriate content - if applicable) is displayed: Selling; Purchased; Bidding; or Lost Bid.		 Satisfactory
3.5 points
If the user is currently logged in (i.e. authenticated) and has been active within the last five minutes, one of the following sections is missing from the user interface: Selling; Purchased; Bidding; or Lost Bid. The other three sections are present and display results (if applicable).		 Needs Improvement
2 points
If the user is currently logged in (i.e. authenticated) and has been active within the last five minutes, two of the following sections is missing from the user interface: Selling; Purchased; Bidding; or Lost Bid. The other two sections are present and display results (if applicable).		 Unsatisfactory
0 points
If the user is currently logged in (i.e. authenticated) and has been active within the last five minutes, no content is displayed for the following sections: Selling; Purchased; Bidding; and Lost Bid.		 5 points
Total points: 15