Programming Assignment 4
A Message Board using PHP and MySQL

Due on Thursday March 23 before midnight
Worth 6% of your final grade

Description

The goal of this project is to learn server-side web programming using PHP and a relational database system (MySQL). More specifically, you will create a message board where registered users can post messages.

This project must be done individually. No copying is permitted. Note: We will use a system for detecting software plagiarism, called Moss, which is an automatic system for determining the similarity of programs. That is, your program will be compared with the programs of the other students in class as well as with the programs submitted in previous years.

Note that, if you use a Search Engine to find similar programs on the web, we will find these programs too. So don't do it because you will get caught and you will get an F in the course (this is cheating). Don't look for code to use for your project on the web or from other students (current or past). Just do your project alone using the help given in this project description and from your instructor and GTA only. Finally, you should not post your code nor deploy your project on a public web site.

Platform

As in the previous projects, you will develop this project on your PC/laptop using XAMPP and you will test it using using your Mozilla Firefox web browser. Download project4.zip and unarchive the files inside your web server document root directory. The project4 directory contains the file createDB.sql, which contains the SQL description of the tables: users and posts, that have the following schema:

users ( username, password, fullname, email )
posts ( id, replyto, postedby, datetime, message )
Primary keys: users.username and posts.id.
Foreign keys: posts.postedby->users.username and posts.replyto->posts.id.
To create the database, start the Apache Web Server and the MySQL Database on your PC using the XAMPP manager console. Run phpMyAdmin on your browser, create a new database with name board by clicking on New. After you create it, select this database (under the name board), go to the SQL tab, and cut and paste the SQL code in createDB.sql and push Go. This will create your schema. You can test your setup on your web browser by using the URL address http://localhost/project4/board.php

The project4 directory contains the file board.php that uses the PDO extension of PHP to insert a new user and to query the users table using MySQL.

Documentation

Please read The PHP Data Objects (PDO) extension, especially the PDO class.

Project Requirements

You need to write two PHP scrips login.php and board.php. The login.php script generates a form that has two text windows for username and password and a "Login" button. The board.php has a "Logout" button, a textarea to write a message, a "New Post" button, and a list of messages. The board script prints all the messages in the database as a flat list ordered by date/time (newest first, oldest last). Note: messages should not be organized based on their replyto attributes. For each posted message, it prints:

From the login script, if the user enters a wrong username/password and pushes "Login", it should go to the login script again. If the user enters a correct username/password and pushes "Login", it should go to the board script. From the board script, if the user pushes "Logout", it should logout and go to the login script. The board script must always make sure that only authorized used (users who have logged-in properly) can view and post messages. From the board script, if the user fills out the textarea and pushes the "New Post" button, it will insert the new message in the database (with null replyto attribute) and will go to the board script again. If the user fills out the textarea and pushes the "Reply" button, it will insert the message in the database -- but this time you need to set the replyto value, and will go to the board script again.

Hints: Each Reply button must have an action that submits the form to board.php with a different replyto value. You may use a form button with type="submit" and formaction="board.php?replyto=12345" to reply to a message with ID 12345.
Use md5 to encode passwords in PHP. Use uniqid to generate a unique id in PHP. Use the MySQL function now() to return the current date and time.

What to Submit

Zip your project4 directory and use the form below to submit your project4.zip file. We do not accept email or hardcopy submissions. You may submit multiple files, if you like, as long as they have different names. After you submit the files, please double-check that your submitted files are correct by clicking on the Status link.

Submit Project #4:

Last modified: 03/07/2017 by Leonidas Fegaras