Part 1
You have been hired to design a web application for an online shop that sells video games.
The system requires the following features:
• Users can search the different video games available
• Video games can be searched/filtered by:
• Genre/Category
• Platform (console/PC etc.)
• Features
• Price
• Users can sign-up and log-in
• Users can order video games
• Users can view their order history
Thinking about such a system, complete the following tasks:
您受雇为一家销售视频游戏的在线商店设计 Web 应用程序。该系统需要以下功能: 用户可以搜索可用的不同视频游戏 可以通过以下方式搜索/过滤视频游戏: o流派/类别 o平台(控制台/PC 等) o功能 o价格 用户可以注册和登录 用户可以订购视频游戏 用户可以查看他们的订单历史 考虑这样一个系统,完成以下任务:
Task 1.1
Design a database schema diagram for the system described.
• Be sure to include appropriate relationships and cardinalities.
• Be sure to normalise the schema to at least 3rd normal form.
• 为所描述的系统设计一个数据库模式图。
• 确保包括适当的关系和基数。
• 确保将架构规范化为至少第三范式。
Upload the file as an image or pdf 将文件作为图像或pdp上载
Allowed Extensions: jpeg jpg pdf png
Task 1.2
When building a database schema, N-N relationships need to be properly reduced/decomposed.
Briefly discuss how this applies to the system you’ve designed in Task 1.1 and, specifically in terms of your system and its relationships, explain how this relates to database normalisation.
在构建数据库模式时,需要适当减少/分解 N-N 关系。简要讨论这如何适用于您在任务 1.1 中设计的系统,特别是在您的系统及其关系方面,解释这与数据库规范化有何关系。
Task 1.3
Implement your database schema from Task 1.1 in MySQL
When you create the database
• Ensure appropriate tables, data types, keys and integrity constraints are present.
• Add at least 1 row of test data to each table.
Download a backup/dump of the database and upload as a zip file
在 MySQL 中实现任务 1.1 中的数据库模式 创建数据库时 确保存在适当的表、数据类型、键和完整性约束。 向每个表添加至少 1 行测试数据。下载数据库的备份/转储并上传为 zip 文件
Task 1.4
Write a SQL query to retrieve the name and email address of all users who bought a given item in the last 110 days.
You can assume the item’s unique indentifying information is provided.
编写一个 SQL 查询来检索在过去 110 天内购买给定项目的所有用户的姓名和电子邮件地址。您可以假设提供了该项目的唯一识别信息。
Task 1.5
Implement a basic web application for the search feature of this online shop.为该在线商店的搜索功能实现一个基本的 Web 应用程序。
• Use only the technologies covered in this course:
• HTML & CSS
• JavaScript, AJAX, & basic client-side Vue.js
• NodeJS/Express
• MySQL
• Only implement the search page/feature and any necessary supporting code on the server.
• Users should also be able to filter search results by:
• Genre/Category
• Platform (console/PC etc.)
• Features
• Price
• Be sure to follow best practices as discussed throughout the course.
Excluding the node_modules folder, submit/upload your implementation as a zip file
Allowed Extensions: zip
Task 1.6
Steam is an example of an online shop that sells video games.
Identify a feature present in both the Steam website, and your implementation from Task 1.5.
Specifically in terms of operability and cogintive load, discuss how these two systems compare.
Part 2
Download THIS ZIP FILE containing an express web application.
• This web application is for the online Q&A site that we developed throughout the semester.
• To run it, you will need to:
• Unzip its contents.
• Use npm install to install its modules.
• Start a MySQL server.
• Run npm start .
• It has 2 user accounts, alice & bob both using the password password.
Task 2.1
The files provided contain a number of HTML & CSS validation errors
Identify the validation errors and in terms of those specific errors discuss the benefits and disadvantages of how modern web browsers handle invalid HTML & CSS.
Task 2.2
The provided index.js JavaScript file in the routes folder also contain a number of linting errors for the linting rules used in this course.
Identify the linting errors and in terms of those specific errors discuss the role that linting plays in the development of error-free code.
Task 2.3
Specifically using examples from this Part 2 web application, explain the purpose and role of HTTP status codes in web systems.
公式编辑器样式字体大小
Task 2.4
Discuss the role that middleware plays in the security of this web application and identify any issues with the way that the middleware in this web application is implemented.
Task 2.5
This web application contains a SQL injection vulnerability.
Identify the vulnerability and explain the consequences of SQL injection in terms of this vulnerability.
Task 2.6
Using the vulnerability identified in 2.5, use Insomnia to craft and test an exploit that does one of the following:
• Modifies data in the database without authorisation
• Reveals data from the database without authorisation
Use the Copy as Curl option to copy the request for this exploit and paste it in the box below:
Task 2.7
Using the list below, fix the issues and make the improvements identified.
• Fix the validation and linting issues identified in 2.1 & 2.2.
• Fix any issues with the middleware in this web application as identified in 2.4.
• Fix the SQL injection vulnerability identified in 2.5.
Excluding the node-modules folder, submit/upload the fixed/improved web applicaiton as a zip file