300582 technologies for web applications - design the web


Technologies for Web Applications - Web Application Assignment

A. Requirements

a) ALL instructions given in this document MUST be followed in order to be eligible for full marks for the Web Application Assignment. This document has five (5) pages.

b) This assignment is NOT a group assignment; collusion, plagiarism, cheating of any kind is not acceptable. As part of your submission you MUST certify that all work submitted is your own. If you cannot honestly certify that the work is your own then do not submit the assignment. Breaches of the Misconduct Rule will be dealt with according to the university policy (see the learning guide for more information).

c) All assignment submissions will be checked for academic misconduct by the use of the MOSS program from Stanford University. Details on MOSS can be obtained from the MOSS web site

d) Design the web pages with ease of navigation and operation, attractiveness and accessibility in mind. Images other than those provided in the assignment zip file (if any) may also be used in the assignment.

e) All assignment files are to be uploaded to the Assignment1 folder of your TWA web site prior to the due date and time. You may create subfolders within this folder if you wish.

f) All styling and page layout must be achieved using CSS. For the problem definition described in section B you must

g) include your authorship details at the top of each file in coded comments;

h) reference all sources that you used for inspiration of your solution as per Section C of this document;

i) ensure that your web application renders correctly in Chrome and runs correctly from the TWA web server.

B. Web Application Assignment Details

B(i) - Background information and description

Wayne Enterprises, the multinational conglomerate owned by Bruce Wayne (aka Batman), wants to implement a new online Staff Performance Review system to replace its current system. The current system sometimes results in staff performance reviews becoming lost and there is a lack of ability to be able to track accurately when reviews are due to be completed and if they have been completed. These general problems can be rectified by online lodgement of performance review forms which will enable better tracking by the supervisors. For the web application project in TWA your task is to implement a simple online Staff Performance Review system that supports Wayne Enterprises Staff Performance Review process.

In this assignment, you will create a web application that supports the performance review process including allowing employees to view their reviews (past and present) and for supervisors to undertake performance reviews of staff members they supervise. There are different types of employees that can use the system: Supervisors need to be able to use the system to carry out performance reviews for staff that they supervise; Staff need to be able to use the system to view previously completed performance reviews about themselves and to be able to accept a current review that is in progress. You will need to design and create the PHP web pages for this assignment.

The specific functional requirements for the assignment are described in section B(ii) of this document. The Performance Review database is described in section B(iii) of this document.

B(ii) - Functional Requirements

Your Web Application must

a) be coded using HTML 5, CSS, JavaScript, and PHP as necessary. Note: all five files described below must be PHP files to achieve the server-side functionality.

b) provide easy-to-use navigation for the user as described in the following page descriptions.

c) provide the following functionality for each page as described.

1. Employee login page (login.php). The purpose of this page is to provide a login facility for employees that need to use the Wayne Enterprises Staff Performance Review system. No other pages within the system will be accessible unless the employee has successfully logged in first.

The login page must contain a login form that will capture the staff members login information (Username and Password) and then verify those details against the records in the database before allowing the staff member access to the subsequent pages of the system. This section of the page will have the following content:
- An HTML form which contains

- a text box to capture the employee ID
- a password box to capture the employee's password
- a submit button
- Appropriate design and instructions for the staff member
- The provision for displaying error messages as detailed below
- the following two paragraphs:

The performance planning and review process is intended to assist supervisors to review the performance of staff during a given period (at least annually) and develop agreed performance plans based on workload agreements and the strategic direction of Wayne Enterprises .
The Performance Planning and Review system covers both results (what was accomplished), and behaviours (how those results were achieved). The most important aspect is what will be accomplished in the future and how this will be achieved within a defined period. The process is continually working towards creating improved performance and behaviours that align and contribute to the mission and values of Wayne Enterprises .
This login page will need to submit to itself and authenticate the user credentials as supplied by the user in the form. Successful authentication should automatically redirect the user to the Choose Performance Review page. Unsuccessful authentication should automatically redirect to the login page so that the employee may try to login again.

The login page must be able to display an appropriate error message to the user if the login attempt fails or if the user tries to access any of the protected pages of the Staff Performance Review system. The message display is not to be a JavaScript alert (or any other browser side component) but must be implemented using appropriate PHP server-side code. The message should be displayed in an appropriate location on the login page in a suitable colour. The message must indicate the problem that caused it to occur.

Note: the passwords that are stored in the employee table of the performancereview database are encrypted using the sha256 algorithm. A list of user names and (decrypted) passwords can be found in the User Credentials document.

The login page will have no direct hypertext links to any other pages of the system.

2. Choose Performance Review Page (choosereview.php). This page will list Performance Reviews that exist in the database. These Performance Reviews may be either completed or ongoing (current). The user (an employee of Wayne Enterprises) will be able to choose a Performance Review to either process (for current reviews) or view (for completed reviews). The content of this page will be slightly different depending on the type of user that is logged in (ie, whether they supervise staff or not).

- General content that must be displayed on this page:
a. Navigation to the other pages of the system as appropriate including a Log Off link (this link must run the logoff.php page).
b. current server date
c. logged-in user's name

- Content that must be displayed on this page for all users:
The first section of the page will list all of the Performance Reviews that exist in the system that are about the logged-in user. Display in reverse order of the year of review:
d. the year of review (this is to be a hypertext link which when clicked will pass the reviewid to the viewReview.php
page)
e. date completed (if it has been completed)

Note 1: From the way that the list is displayed it must be clear to the user which reviews are completed and which are still ongoing (current). The user will then be able to click the review they wish to view (for completed reviews) or finalise (for ongoing reviews).

Note 2: viewing or finalising a review does not occur on this page but on the viewReview.php and finaliseReview.php pages respectively.

- Content that must be displayed on this page for a user that is a supervisor:

The second section of the page will only be displayed if the logged-in user is a supervisor. This section will display summary details of all performance reviews that exist for employees for whom the logged-in user is their supervisor. In this section display:
f. the department name
g. for each review that exists for this supervisor:
i. Employee's Surname, Firstname,
ii. review year (this is to be a hypertext link which when clicked will pass the reviewid to the finaliseReview.php page),
iii. review id, employee id, completed, action, date completed.

Additionally, this output should be grouped into two sections. Firstly, list the reviews that are not yet completed. Secondly, list those that have been completed. Within each of these groups display the lists in reverse order of review year. The user will then be able to select the review they wish to view (for completed performance reviews) or finalise (for ongoing reviews).

Notes
- The design of this page is open to your creativity but it must appropriately display all required information in a clearly readable and usable format.
- This page must only be accessible by a logged-in user. If a user tries to access this page and they are not logged in they must be automatically redirected to the logoff.php page (which redirects to the login page) and then display an appropriate error message on the login page indicating that the error has occurred.

3. View Performance Review page (viewReview.php). The purpose of this page is to display to the user the content of the chosen completed review (the choice occurs on the Choose Performance Review Page as described above).

General content that must be displayed on this page:
a. Navigation to the other pages of the system as appropriate including a Log Off link (this link must run the logoff.php page).
b. current server date
c. logged-in user's name

Content that must be displayed on this page for the chosen review:
d. Employee information section: Employee ID, Surname, First name, Employment mode, Review Year
e. Ratings Information section: Ratings for each criteria: Job Knowledge, Work Quality, Initiative, Communication,
Dependability
f. Evaluation and Action section: Additional Comments, Goals for employee, Action Required, date that the review was completed.

Notes
- Completed reviews cannot be modified by the user. This page is for viewing the performance review only.
- The design of this page is open to your creativity but it must appropriately display all required information in a clearly readable and usable format.
- This page must only be accessible by a logged-in user. If a user tries to access this page and they are not logged in they must be automatically redirected to the logoff.php page (which redirects to the login page) and then display an appropriate error message on the login page indicating that the error has occurred.

4. Finalise Performance Review page (finaliseReview.php). The purpose of this page is to 1) enable supervisors to fill in details for an existing but not yet completed performance review for an employee; 2) enable a staff member to accept the review that has been written by their supervisor. Hence, the script will need to first retrieve any existing values for the performance review from the database and display the values in an appropriate form. Doing so will enable the user to modify the current values and then update the database. Note however that not all values are allowed to be changed - read the information below carefully.

- General content that must be displayed on this page:
a. Navigation to the other pages of the system as appropriate including a Log Off link (this link must run the logoff.php page).
b. current server date
c. logged-in user's name

- Content for the ongoing/current review chosen by the user:
d. Employee information section (the data in this section is not allowed to be changed by the user): Employee ID,
Family Name, Given Names, Job Title, Employment mode, Department Name, Review Year
e. Ratings Information section (the data in this section can be changed by the user): Ratings for: Job Knowledge, Work Quality, Initiative, Communication, Dependability.
f. Evaluation and Action section (the data in this section can be changed by the user): Additional comments, Goals for employee, Action Required.
g. Verification section (the data in this section can be changed by the user):
i. the following two paragraphs:

Thank you for taking part in your Performance Review. This review is an important aspect of the development of our organisation and its profits and of you as a valued employee.

By electronically signing this form, you confirm that you have discussed this review in detail with your supervisor. The fine print: Signing this form does not necessarily indicate that you agree with this evaluation. If you do not agree with this evaluation please feel free to find another job outside of Wayne Enterprises .

ii. an appropriate input device that enables the employee to agree with the above statement,
iii. a Save button,
iv. a Submit button.

Validation of user input
- Client-side input validation using JavaScript should be implemented as follows:
a. Each rating must be a number in the range 1 to 5. Not mandatory field.
b. Action must be a text box (ie, don't use a selection list or similar). Action must be a whole numeric value in the range 1 to 18 (which represents the number of months until the next review is required for this employee) or the value ‘N' (which indicates that no action is to be taken). Not mandatory field.
Note: Error messages as a result of the above client-side validation must be displayed inline (ie, no alert boxes are to be used).

- Server-side input validation using PHP should be implemented as follows:
a. Goals for employee may only contain alphanumeric ["0" to "9", "a" to "z", "A" to "Z"] characters, spaces [" "], hyphens ["-"], commas [","], period ["."] and exclamation marks ["!"]. Mandatory field.
Note: Error messages as a result of the above server-side validation must be displayed inline (ie, no alert boxes are to be used). Additionally, the database should not be updated if there is an error with the user input.

Submission of form
The form must use postback (ie, submit to the same page). The form should only be allowed to submit when all data in the form is valid (according to the above client-side validation rules). The form can be submitted by clicking either the Save or Submit button. The Save button enables the user to enter data in the performance review and save it into the database for later editing. The Submit button saves the data to the database but also completes the performance review. If the logged-in user is a supervisor and the data is valid then update the database with the values from the form and display a message indicating that the performance review has been updated in the database on the current date, by the logged in supervisor. If the logged in user is not a supervisor then the data displayed in the form will be for the logged-in user. As such the only task the user should be allowed to do is Accept the performance review and submit the form - this also needs to be updated in the database accordingly.

Notes
- The design of this page is open to your creativity but it must appropriately display all required information in a clearly readable and usable format.
- This page must only be accessible by a logged-in user. If a user tries to access this page and they are not logged in they must be automatically redirected to the logoff.php page (which redirects to the login page) and then display an appropriate error message on the login page indicating that the error has occurred.

5. Logoff page (logoff.php). The purpose of this page is to log the user off the system and automatically return them to the login page. The page must not display anything to the user. The page should remove all session variables and end the session (if sessions were used). It should then redirect to the login page. This page can be accessed from any of the pages as detailed above.

B(iii) - Database Description

You have your own copy of the performance review database. To access this database, you have to use a username and password. The following generic connection information can be used to connect to your performancereview database from your php scripts:

Database name: performancereview###
Username: twa###
Password: twa###XX
Server: localhost

where ### is your twa site number, and XX refers to the first two characters of your twa site password.

For example, if your TWA site is twa999, and your password is abcd7890, then the following would be your connection information: Database name: performancereview999
Username: twa999
Password: twa999ab
Server: localhost

Hence, to connect to the performancereview999 database from your php script you would require code similar to the following:

$connection = new mysqli('localhost', 'twa999', 'twa999ab', 'performancereview999'); if ($connection->connect_error) {
exit("Failed to connect to database " . $connection->connect_error);
}

Notes
- The tables within the performancereview database have already been populated with data. Use the allTables.php script to view the data (make sure you use the connection information as indicated above).
- Tables in the performancereview database are described in the Data Dictionary document.
- A list of user names and [plain text] passwords can be found in the User Credentials document.

Attachment:- Data Dictionary.rar

Solution Preview :

Prepared by a verified Expert
: 300582 technologies for web applications - design the web
Reference No:- TGS02778862

Now Priced at $100 (50% Discount)

Recommended (90%)

Rated (4.3/5)