BCPR294 Final Presentation Semester 2 2019
50 marks – worth 50% of the final grade for the course
Friday 6 December 9:00am
POWERPOINT – 50-60+ slides
Use a server side scripting language (PHP) to program data base connection solutions and web
to database interconnections; programme dynamic page generation for applications such as
product displays, shopping carts, client management, order management and other online
applications; and program a user-friendly client interface for a web service.
• Design and implement and test small systems that require server side scripting
• Use supplied classes for functionality such as PDF creation, database connection and query
etc.
COMPLETE 20 marks
A demonstration of the ‘completed’ web site.
100% of must-have ‘features’ with all scenarios working = 10/20
Configurable for two different communities = 5/20
Has technical features 5/20
• Makes a database of 2-3 tables AT FIRST
• Gets data and inserts data
• Modify existing data
• Simple (select * or a few fields query) and display
• Complex subset query and display
 Work through a MoSoCoW list. Show features working in a demo. Make sure a
Minimum Usable SubseT is demoed. https://en.wikipedia.org/wiki/MoSCoW_method
 Show the MUST-have features working for BOTH a Suduko on-line community and a Hindi
Language learning on-line community. Show how your system can be easily reconfigured for the two
communities. Support Kiwispeak and Hindi. https://lingohub.com/blog/2013/06/php-
internationalization-i18n-mechanisms-tutorial/
 Show the code working and/or show tests passing

Analyse issues in server side programming with respect to best practice, and issues that exist in a
server-side programming environment.
SECURE 5 marks
MUST have a secure login process and NOT “store passwords in plain text” [2 marks]
A summary of the defences implemented against
 A1:2017- Injection [1 mark]
 A2: 2017-Broken Authentication and Session Management [1 mark]
 A3:2017- Sensitive Data Exposure [1 mark]
 See https://www.owasp.org/index.php/Category:Attack and
https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf

For each of the three attacks
• explain the attack
• identify where the attack could be used against your site
• demo how the attack being used against an unsecured version of your site
• display code in conforming to OWASP guidelines that protects against the attack
• demo the attack failing against a secured version of your site

GOOD 20 marks
Can (should?) have more than 2-3 tables.
An analysis of and reflection on Programming values (SOLID)
Select FOUR different modules of code YOU have written (15+ lines each) and explain the good
principles behind the code.
4 good/valid examples of each of 5 things (S O L I D) = 20 marks

LESSONS LEARNED 5 marks
At the end of the course, you should reflect on your experience in the course. You should write a short
essay of approximately 600 words on your experience with developing a PHP application.
Marked using the SOLO Taxonomy. http://www.mbms.org.uk/faculties/science/assets/SOLO/solo-taxonomy-explained-full.jpg