Skip to content

Latest commit

 

History

History
78 lines (53 loc) · 3.06 KB

README.md

File metadata and controls

78 lines (53 loc) · 3.06 KB
Raw

LTW

Repository for the Web Languages and Technologies (LTW) course.

Tools

PHP, Javascript, CSS, sqlite3

Usage

Download repostitory, run

php -S localhost 8080

It may be necessary to edit php.ini file to activate gd2 and pdo_sqlite libraries and/or install them.

LTW Project - PetRescue

Description

The project goal was to develop a web site to connect founders of abandoned animals to its new owners. The founders create an add with the animal information and the future owners browse the available animals to select the ideal one. It is possible to make a proposal and post queries and answers in each animal mini forum.

Snapshots

Some website pages images:

Main Page SnapShot Main Page

LogIn Page LogIn Page

Register Page Register Page

Pet Page Pet Page

Elements:

  • Raul Viana (201208089)

Credentials

Libraries:

  • gd2 library to scale and convert the uploaded images to standard internal size and type. This library was used in "templates/files/process-files.php" file.
  • pdo_sqlite to prepare the queries and query the sqlite3 database.

Features:

  • Security
    • XSS: yes - filtering all possible user manipulated input with Regex expressions
    • CSRF: yes - in all "action" type php files accepting forms
    • SQL using prepare/execute: yes - in all queries
    • Passwords: was used the "password_hash" and "password_verify" PHP functions, which automatically insert the salt in the hashed password and extracts it afterward to make the password verification.
    • Data Validation:
      • regex -> all inputs liable of user manipulation
      • php -> password length and presence of upper character
      • html -> required and check for password confirmation
    • Other: files are stores with database id name and not with original user uploaded name.
  • Technologies
    • Separated logic/database/presentation: yes
    • Semantic HTML tags: yes
    • Responsive CSS: partially, almost all horizontal CSS values are percentages, which allows shrinking the page until approximately 500 pixels. It wasn't implemented different size page layouts.
    • Javascript: yes
    • Ajax: yes - adding and deleting posts in pet-page.php and accepting proposals in proposal-list.php
    • REST API: no
  • Usability:
    • Error/success messages: yes; in PHP, except when it was made an AJAX request. In these cases, the messages were generated and processed in Javascript.
    • Forms don't lose data on error: yes, they don't.