ASSIGNMENT 2 Salim Malakouti
Ticketing Website User submits tickets Admins answer tickets or take appropriate actions
Demo
Posting tickets Enter info: Name Brief description of problem NOTE: All info are required and should be checked at server side. (Client side using JS is extra credit) User submits the ticket
How to handle a ticket submission When a ticket is submitted: A confirmation is returned to the user in a Web page An confirmation is sent to the user (using the address submitted The request is added to the technical support database An is sent to all tech administrators Admins are predefined in the system You have their records in the database No need for any user interface Admins need to login Their info should be in DB
Login Requirement: Show error for invalid user and pass RESET Password: Send a link to user’s Link should contain a random token Token should be stored in DB This way no one can fake the URL
Admin’s view Table in project description Make sure to have a nice design and use tables for it. Description of the Admin Table features
Ticket’s Page Ticket info and body Close / reopen the ticket You will need to keep a flag in DB check for something that would have the min waste of storage Assign / Remove self to the ticket You will need to update the information in DB the submitter You have done examples in lectures Delete the ticket We did something similar in class Find all other tickets from the same submitter person that submitted the ticket in question Send a query to database Find all similar tickets Tickets having at least Go back to the main administrator page
Security Common bug: User is not logged in as Admin Goes to admin.php ERROR: Access denied So he tries to go to ticket.php?id=293 We are not checking it there because we were assuming that everyone will start from admin.php (Cheaters and Hackers)
How to handle it? A simple and clean way to handle it: Create a auth.php which has to contians the code for authentication and access management Use “Include “auth.php” on the first line of each file Sample
Database You choose your schema You will at least need Admin: A table to keep admins’ info Ticket: Keep ticket info (Two or more) It will need and ID as Primary Key similar to our Movie database Why?
Requirements Use classes effectively I will check this
How to start the project Start with creating the token page Design DB Submission of Ticket Checkout your DB using PHPMyAdmin to CMI toolsto check if it works Check for possible bugs and hacks and miss uses of your system Move to Next Take care of the admin table Take care of Ticket’s Page Make sure you design, code and implement one by one. Don’t forget checking for possible misuses after each part is finished and after the whole project is finished
IMPORTANT START EARLY