Final Project
Part A Due 21:00 Tue, 6/6
Part B Due 21:00 Tue, 6/10

Table of Contents

Project Motivation
Information Architecture
Dreamweaver Trial Version
PHP documentation
Requirements
Rubric
Turn-In Procedure

Project Motivation

A working knowledge of PHP will be assumed in CIT 381. In 381, you will study the mySQL open source database, and use PHP libraries that access a mySQL database.

Information Architecture

Dreamweaver Trial Version

If you are interested in using Adobe CS3 Dreamweaver on your home computer, a 30-day trial version may be download from the Adobe website. Adobe CS4-beta was just released this week, and is available for free download.

PHP Documentation

See the 281 readings for week 9.

Final Project Requirements

1. Part A .
   
   
   1. Upload your media page from project 3 to /281/media/hosted-video.html.
      
      
   2. EC2 Home Page: /281/281-home.html.
      
      Create a simple web page for your 281 site on EC2.
      
      Add a My Media Page link that connects to /281/media/hosted-video.html
      
      Add a Sign Up for Email Updates link that connects to /281/examples/email-form.html. See description, below.
      
      
   3. HTML document: email-form.html.
      
      This page allows the user to sign up for email updates. Form requirements:
      
      
      1. At a minimum, the form should accept the user's name and email address, but other user inputs are fine, as well.
         
         
      2. The form's action attribute connects to /281/php/email-form.php, using method=Post.
         
         
      3. Add a small image to the page.
         
         
      4. Use the style rules in /281/css/donuts.css to line up form elements and layout the page. Example.
         
         
   4. PHP script: /281/php/email-form.php.
      
      This page does two things: It returns a confirmation page (same as project 3), and writes two lines to a text file. The first line is the user's name, the second line is the user's email address.
      
      
      1. Using your favorite SSH client connect to your account on our EC2 host.
         
         
      2. Create a new directory, /home/yourUserName/web-files/, and change its mode to 777.
         
         
      3. Move to the web-files directory.
         
         Using the Unix touch command, create a new file, names-addrs.txt, and change its mode to 777.
         
         Reason: If you create the file, you can edit the file. If your php script creates the file, it is owned by Apache and it is read-only.
         
         
      4. email-form.php. In Dreamweaver (or another editor), create email-form.php.

         Algorithm for email-form.php
         Order Confirmation: Get the Post data from the form, and echo it (same as project 3)
         Assign the pathname to a variable: '/home/yourUserName/web-files/names-addrs.txt'
         Open names-addrs.txt file in append mode
         Use fwrite() to write the user name and email address to names-addrs.txt
            (one per line, terminated with a newline ('\n'))
         Use fclose() to close names-addrs.txt
         
         End algorithm
         

         Use DW (or another SFTP client) to upload the script to /281/php/email-form.php.
         Change the script's file mode to 777.
         Test it by opening /281/examples/email-form.html in a browser, entering form data and submitting it.
         Debug as necessary.
         
         

      5. Edit names-addrs.txt to delete all content. When your script is tested and debugged, open names-addrs.txt in Emacs and delete all of the lines in the file. Save it and exit Emacs. See a A Portable Swiss Army Knife of Emacs Commands.
         
         You can also achieve the same effect by deleting the file and then making a new one, but you will have to set the permissions again. The Emacs method is easier.
         
         
      6. Submit your form twice, so that names-addrs.txt has two, valid user names and addresses. Since most servers will not accept email from ec2-75-101-220-118.compute-1.amazonaws.com, use Paea's address for both users: plependu@gmail.com. (Thanks, Paea!)
         
         
   5. PHP Script: batch-echo.php.
      
      This script is run from the command line and does just one thing: It reads each line in /281/yourUserName/web-files/names-addrs.txt, and echoes the line. When you have this script working, you can modify it to send email to each recipient in the file.
      
      In Dreamweaver (or another editor), create batch-echo.php.

      Algorithm for batch-echo.php
      
      set file variable: '/home/yourUserName/web-files/names-addrs.txt'
      open file in read mode
      
      //priming read
      read two lines from file
      
      //success? process file
      while(!feof($fh)){
              // echo the two lines just read
      
              // read the next two lines
      
      }
      close file
      
      End algorithm
      

      Use DW (or another SFTP client) to upload the script to /281/php/batch-echo.php.
      Change the script's file mode to 777.
      Test it by entering "php batch-echo.php" at the command line.
      Debug as necessary.
      
      
   6. PHP Script: batch-echo-heredoc.php. Save batch-echo.php as batch-echo-heredoc.php. Instead of simply echoing the contents of name-addrs.txt, embed the user name and email address in a heredoc, and then echo the heredoc.
      
      Heredoc example.

      $msg=<<<_TXT_
      Your order is:
      * 2 Fried Bean Curd
      * 1 Eggplant with Chili Sauce
      * 3 Pineapple with Yu Fungus
      _TXT_;
      

      Heredoc text behaves just like a double-quoted string, without the double quotes. This means that variables in a heredoc are expanded.
      
      
   7. PHP Script: batch-mail.php.
      
      Save batch-echo-heredoc.php as batch-mail.php. Instead of simply echoing the contents of name-addrs.txt embedded in a heredoc, modify the script to use the mail function to send a message to each person in the file, where the message text of the email is defined using a heredoc.
      
      Constraints: name-addrs.txt must consist of just four lines, representing the contact information for two people. Use different names for each person, but the same email address: plependu@gmail.com.
      
      
2. Part B. Protecting against Email Injection.
   
   In honor of DeadWeek, Part B is a low-workload requirement:
   
   
   1. Save batch-mail.php as batch-mail-secure.php.
      
      
   2. Copy the spamcheck() function from the W3Schools' secure email example, and paste it into batch-mail-secure.php.
      
      Modify your script so that it calls spamcheck() to validate the email address.
      
      
   3. spamcheck() calls filter_var() which is available only in PHP >= 5.2.0. Our EC2 server has PHP Version 5.0.4. Therefore your script will not complete, but will report the error, "PHP Fatal error: Call to undefined function filter_var()." Generating that error will be sufficient to meet this requirement.
      
      
3. Final Project Grading Rubric. This document describes in detail how your lab instructor (GTF) will grade your project. To get full credit for your work, evaluate your project carefully using the rubric before submitting it for grading.
   
   
4. How to Submit Final Project for Grading in Blackboard.