CSci 4657 Project 1 (100 points). Due Tuesday, April 5th at 11:59pm

Work in in groups of four.

Your task is to develop an events calendar application using cakephp. The calendar may be used by an organization to list events, their locations, contact persons, etc. Events have user-defined tags and may be searched by tags. Users must log in in order to submit or edit or delete events.

Contents-based requirements

• An event must have a name, a location, date/time information (multi-day events are OK), a contact person (i.e. the person who submitted the event), and a description. In a standard view only a part of this information is displayed. The user will see details by clicking on the event or by hovering over it.
• The calendar may be viewed in a monthly mode or a weekly mode. The user should be able to switch between the two modes and move from a given week (or month) forward or backward. Day view is not required.
• The user viewing events should be able to search by dates, event names (or words in them), by tags, and by a combination thereof. Gracefully handle empty search results (with a message, not just an empty page).
• Users must be logged in in order to submit, edit, or cancel an event. Users can modify/cancel only their own events.
• Users can select existing tags to mark their posts or may define new ones. The newly defined ones are added to the list of tags. A post may have multiple tags or no tags at all.
• When logged in, users should be able to change their own password. We assume that all user accounts have been created beforehand. Some form of user information (name, position, contact info) is associated with every user and should be displayed when the user name is clicked or is hovered over. Users can change their own information when logged in.
• Users must be able to log out and must be unable to modify/submit events or change their personal information after they log out.

Additional features

Each group must develop two features in addition to the basic requirements. Let me know on Monday March 21st which features you are considering, they need to be pre-approved.
You can implement private events (visible to a particular group of users), repeated events (make sure that you allow users to modify some of them or the whole group), etc.

Technical requirements

• Your code must be well-organized and use good style. Make sure to document your code, including information about who participated in development of a particular feature.
• Your web site must be XHTML-valid (using strict 1.1 checking). It should have a consistent style provided by an external CSS file that passes CSS validation, except possibly some (documented) CSS3 features. The CSS3 features must work in the majority of browsers.
• Validate all form data, both on the client side (for user convenience) and on the server side. Your validation should check for length of fields (set a limit on event title length and other fields, should check that a selected date exists and that the starting date/time is before the ending date/time), etc. Limit tags that a user can use in event description. Make sure your error reporting is reasonable.
• Use AJAX for page updates to avoid reloading the entire page. Implement at least one search in which partial results are displayed as the user is typing.

Security requirements

• Handle log in and log out in a secure way.
• Store passwords as a salted secure hash (not MD5). Using the same salt is OK, but generating differrent salt values for different passwords is better. This resource may be helpful, and so may be this one.
• Do not send any information that the user shouldn't have access to to the client (as embedded ids, hidden fields, javascript functions, etc).
• We are currently not using ssl. If that changes, I will let you know.

Testing

• Make sure that the model, validation, and user interface are tested. In your submission explain how you tested your web site and provide testing code for retesting. If you would like to create another database for testing purposes, let me know. Cakephp provides testing functionality.

What to submit

• Send me (by e-mail, CC all group partners) the location of your project in SVN; point out where the starting page is. If your project is currently not in the dungeon SVN, please add a copy of it there.
• In the e-mail please explain (briefly) how each requirement above is satisfied. For many of them simple "Done" is sufficient, for others (e.g. Ajax) explain where it is located in your web site. If something is not finished or is not working as it should, please mark it as such.
• Please explain what extra features your project is implementing (this is for all groups of 4).
• Each group member should write down what they were working on. If you would like to mention extra effort or extra contributions of one or more group members, please do so. You may choose to report contributions in one of two ways:
  • Write it together and include it in the main submission e-mail
  • Send me separate e-mails about contributions to the project (in that case every person comments on everyone's contributions, including their own, separately).
  Choose the option that you are more comfortable with. If the contributions are uneven, this will be reflected in the grade. If there is a discrepancy in description of contributions, I will talk to each group member while going over the code, to determine what the actual contributions were.

Some helpful information

• Copy cakephp distribution from ~elenam/web/. It also contains lighttpd.conf file that has the necessary setting. Modify it to point to your directory (it is currently pointing to mine). There are three places that you need to change (look for my username). Also modify php.ini to change the sessions path to point to your directory.
• Another file that you need to modify is database.php in cake/app/config/ subdirectory of the web directory. It should look like this:

  class DATABASE_CONFIG {
  
    var $default = array('driver' => 'mysql',
                         'persistent' => false,
                         'host' => 'csci4657spr11',
                         'login' => 'yourusername',
                         'password' => 'yourdbpassword',
                         'database' => 'yourdb',
                         'prefix' => '');
  
          var $test = array(
                  'driver' => 'mysql',
                  'persistent' => false,
                  'host' => 'csci4657spr11',
                  'login' => 'yourusername',
                  'password' => 'yourdbpassword',
                  'database' => 'yourdb',
                  'prefix' => '',
          );
  }
  

  The database information is different for every group and will be sent to you by email.
• This assumes that you are running lighttpd from the web directory. If you prefer a different setup, move the lighttpd.conf and php.ini files to where you will be running lighttpd. You will also need to modify these files to point to the correct directories.
• To start lighttpd, type lighttpd -D -f lighttpd.conf in web directory (or the directory to which you moved the configuration file).

This page is a part of CSci 4657 course web site.