COM372: Assignment 8

Authentication, session variables, and use of cookies.
(given 3/24 | due 4/03)

Purpose To secure back-end pages through authentication, using a session variable

The assignment: You don't want just anyone to stumble upon one of your administrative back-end pages. To prevent this, you need to have your administrators login. You then need to check to see that they id and password used to login are in a table of authorized users. If they are, you will store this using a session variable (e.g., authentic = true). On each page of the backend, then, you will test to see whether this variable is set; if so, provide access to the page; if not, redirect to the login page.

While were in here, let's also set a cookie with the name of the customer. When the home page is called, check for the cookie, and confirm that the name is also in our customer database. Provide a link to a page for the customer to login, adding the customer (with address and city) to the customer database, and creating and sending a cookie. Then, on at least one other page, use the customer's name in a police salutation to personalize the site (e.g., "Thank you, Andrew, for your purchase today."

Grading: This assignment is worth 5 points. Each of the following are required; each is worth 1 point. One point will be deducted if the assignment is not done by the due date.

• 1 Administrative login page
• 2 Set session variable for authorized users
• 3 Check authentication on each back-end page
• 4 Customer cookie check and use of name elsewhere in site
• 5 Customer login and add to customer database, and creation of cookie