Sprint 3: Server-Side with PHP and SQL

Due: March 31, 2025 at 11:59pm

Purpose: This sprint will help you practice the following skills, reinforce knowledge, and experience server-side web development.

  • Develop server-side web components using PHP
  • Apply business logic and domain specific of the application to perform server-side input validation
  • Apply software usability concepts to improve the quality of web application
  • Evaluate your web application for compliance with the requirements and the usability evaluation criteria
  • Work as a team, collaborate with your project partner(s) professionally and contribute fairly

Overview

In this sprint, you will work in your project groups to implement server-side web components written in PHP to perform some of the functionality of your project. While it is possible to embed HTML into your PHP code for all server responses, you will additionally be required to implement at least one response that returns a JSON object instead. By planning for your server to respond with format-independent data (JSON, instead of HTML), it will help with development, maintenance, and evolution since it provides for additional separation of concerns. Specifically, it will help us when connecting our server-side PHP with client-side JavaScript as well as transforming our client side to Angular.

You are encouraged to add enough service and behavior to your application to start to fulfill the vision that you set out in your project proposal.

You will also continue to ensure that your code is valid HTML5 (to ensure optimal compatibility) and that it meets Section 508 standards (to ensure accessibility of your site).

Sprint Requirements

Please consider the following as minimum requirements only. You are strongly encouraged to get creative and do more than this, but this is what will be required to receive full credit.

Minimum Requirements

These requirements must be implemented in PHP (thus, your file must be .php).

  • Implement at least four of the following requirements:
    • Use array(s), may be one-dimensional arrays or multi-dimensional arrays
    • Use expressions
    • Use control structures (such as selection and loop)
    • Use predefined / standard / built-in function(s)
    • Use a front-controller design pattern
  • Implement at least two user-defined functions
  • Use the following implicit objects
    • $_GET - for sending and handling HTTP GET requests
    • $_POST - for sending and handling HTTP POST requests
    • Please note: in addition these required implicit objects, you may use other implicit objects (such as $_REQUEST and $_SERVER) but you cannot substitute them for the required objects.
  • Perform server-side input validation
    • Validate form data
    • Provide user-appropriate error messages
      • If no error message is provided, other reasonable and appropriate handling (such as auto-complete or auto-correction with defaults) and / or some forms of user-appropriate feedback are acceptable.
    • Use at least one regular expression
  • Implement form submission and handling
  • Support multiple users, using a server-side $_SESSION object to maintain state of the application on the server
  • Use at least one of the following state maintenance mechanisms. Please note, while $_SESSION and the following state maintenance mechanisms can serve the same purpose, their implementations are different. Requiring you to use both server-side state maintenance mechanism and the following gives you an opportunity to experience multiple techniques.
    • $_COOKIE - stores information on the client
    • URL rewriting - passes information via URL / request
    • Hidden form fields - passes information via form submission
  • Support multiple sessions, using a relational database to persist data.
    • Returning users must be able to access their existing data, records, or previous states; for example, existing orders, previously stored data, last request, recent setting / configuration / preference.
    • Users must be able to retrieve and view data previously stored in a database and use them in some ways to serve some purposes
      • You decide the business logic, whether data will be displayed on screen (front end) to serve some functionalities and / or transformed into reports (in some formats) allowing users to print them.
    • Users must be able to add (in some ways, you decide) data to the database; i.e., data being stored must reflect the user inputs and / or the application states.
      • You decide the business logic; levels of permissions may be incorporated in your project.
    • Users must be able to update and / or delete (in some ways, you decide) data stored in the database; i.e., data being stored must reflect the user inputs and / or the application states.
      • You decide the business logic, whether users can modify and / or delete other users’ data or levels of permissions may be incorporated in your project.
    • Please note: a relational (Postgres) database is required; NoSQL and data files are optional.
  • Implement at least one query that returns JSON instead of HTML
    • This may be user information, search results, information about a specific object in your design
  • Use good coding style
    • Make identifier names understandable
    • Use proper and consistent indentation
    • Use comments
    • Use new lines in your output \n
  • Deploy your app (.html, .css, .php) to our cs4640 server. Instructions available online.
    • Include the URL for your app in a comment in the header of your index.html or index.php file. Only one partner needs to host the site on our server, but we encourage everyone to host.

Grading Rubric

Total: 160 points

  • 9 points: Correctly and properly implement at least three of the following requirements (3 points each):
    • Use array(s), may be one-dimensional arrays or multi-dimensional arrays
    • Use expressions
    • Use control structures (selection and loop)
    • Use predefined / standard function(s)
  • 6 points: Correctly and properly implement and use at least two user-defined functions (3 points each)
  • 10 points: Correctly and properly use the following implicit objects:
    • 5 points: $_GET
    • 5 points: $_POST
  • 10 points: Returning JSON for at least one query
  • 35 points: Proper implementation of form submission and handling
    • 15 points: Implement form with submission and response
    • 11 points: Properly validate form data
    • 5 points: Utilize at least one regular expression
    • 4 points: Provide user-appropriate error messages
      • If no error message is provided, other reasonable and appropriate handling (such as auto-complete or auto-correction with defaults) and / or some forms of user-appropriate feedback are acceptable.
  • 20 points: Correctly implement and properly support multiple users, using the server-side $_SESSION array
  • 15 points: Correctly implement and properly maintain state of the application using at least one of the following mechanisms
    • $_COOKIE
    • URL rewriting
    • Hidden form field(s)
  • 30 points: Correctly implement and properly support multiple sessions, using a relational database
    • 10 points: Users must be able to retrieve and view data previously stored in a database and use them in some ways to serve some purposes
      • This must be done through the interface of your system, not direct access to the database.
    • 10 points: Users must be able to add data to the database; i.e., data being stored must reflect the user inputs and / or the application states.
      • This must be done through the interface of your system, not direct access to the database.
    • 10 points: Users must be able to update and / or delete data stored in the database; i.e., data being stored must reflect the user inputs and / or the application states.
      • This must be done through the interface of your system, not direct access to the database.
  • 5 points: Adherence to all usability concepts as discussed in class
  • 5 points: Use good coding style: readability, style, and maintainability
    • Make identifier names understandable
    • Use proper and consistent indentation
    • Use comments
    • Use new lines
  • 15 points: User demonstration
    • 10 points: Program is demonstrated clearly
    • 5 points: Code segments clearly explained

Note: All partners must be present at the demo. Otherwise, 10 points will be deducted and you are required to reschedule the demo.

  • -5 points: More than 5 minutes late for demo
  • -10 points: Cancel or change the demo time less than 2 hours before the scheduled time
  • -50 points: No show for the signed-up demo time (you may be able to reschedule if there are available openings)
  • -160 points: No demo (no points will be awarded if you do not demo your work)
  • -10 points: Not submitting all files necessary for your project to be functioning to Gradescope
  • -10 points: Not all team member names included as authors of the programs/files (based on contribution, in the meta tag or in comments in CSS) or not all team members’ names are included in the group when submitting to Gradescope
  • Unless a demo arrangement has been made prior to the sprint due date, a demo must be completed within one week after the due date. Otherwise, a zero grade will be assigned.

Submission

Upload all of your .php, .html, .css, and any image files to the Sprint 3 assignment on Gradescope. Gradescope will accept a zip file, individual uploads, or a GitHub repository for your submission. You must include your partner in the group submission on Gradescope for both partners to get credit for the assignment.

  • The files submitted must be all the files necessary for your project to run on the cs4640 server or a similarly configured server.
  • Include all partners’ names as authors of the files (in a <meta> tag in HTML or a comment in CSS) based on their actual contributions (who wrote which content)
  • Include in a comment in the header of your index.html file the URL to your working version on the cs4640 server

Your program will be graded during an interactive session in which you demonstrate it to the course staff (instructor and/or TA). You will have to sign up for a demonstration slot in order to do this. A sign up page will be available for you to use as the deadline approaches. Sign up early so that you get a time slot you want.

If you do not do a demonstration, you will receive no credit for the sprint.

Part of your grade will be based on explaining code segments and/or design to the instructor or TA. Come to the demonstration prepared to talk about your code.

Even though you will be demonstrating the files after the deadline, all the code must EXACTLY match the code that was submitted, and cannot have been modified after submission deadline. Several randomly selected assignments will be tested by installing the submitted files back onto the server before running the program. If it is determined that your code was modified after submission deadline, you will not receive credit for it.

Note: Making your submission available to the course staff is your responsibility; if we cannot access your files and your site on the cs4640 server, then we have to assign a zero grade. Be sure to test access to your files before the due date.

Important Note: All code in this assignment must be your own! You are free to use the course handouts and examples, as well as Bootstrap examples, as a starting point. You may refer to online resources with proper citation but you CANNOT take full code from the web, chatGPT or other generative ai, or any other source. Assignments that are found to have done this will be given a zero and submitted to the Honors Committee. You may not use code you have submitted for another course.