Sunday, January 3, 2021

JavaScript and Web: Film Warehouse

Film Warehouse

Web Development, BSc Computer Science group project, 2018.   You can find the project code by clicking the Github icon. ->GitHub



Introduction


The assignment was to create an e-commerce website. We were allowed to choose the product (groceries, hardware, services, tickets, holidays, etc.). Customers should be able to add items to a basket and enter their personal details (name, address, email, telephone number, etc.).

Why 'Buy Now' is clicked, a confirmation message is displayed and the order is stored. (For the ease of not having to deal with security issues, no payment will be displayed, required or stored.) No money is taken by the website and no confirmation email is sent.

A content management system will also need to be created, to enable staff to add products, view orders, etc. The website will track customers and provide recommendations/ Customers should be able to register on the site and view past orders.

For this assignment, we chose to sell films and DVDs and we chose to name this e-commerce store 'Film Warehouse'.

Film Warehouse logo

Main Website


The website was created in accordance with the requirements e.g. customer registration, login, customer tracking and so on.  Personal data would be stored on the server using MongoDB as a database. Data is expected to be accurately and efficiently stored.

A content management system (CMS) will also be put in place for easy adding of products and change of information by staff or admin.

MongoDB


Our database in MongoDB is named “ecommerce” and has the following collections:
- customers
- orders
- products
- staff

Ecommerce website

The website will have various pages which the user is able to access via the navigation bar added to the site. On entering the site, the user will see the homepage.

A few movies and TV shows and popular products should pop up on the main page. There will also be a recommendations area which will show a couple of movies and names of movies which have been searched in case a customer forgets what they searched for.

The search recommendation will be stored using HTML local/session storage. Finally, the footer will contain various social links and external links to leave reviews.


Next we have the Genres page. This page has a similar layout to the homepage minus the search and recommendations. 

It will have different genres such as children films, science fiction films and action films. This page has all products sorted in terms of genre. It will have the search, filter and sort options available, to allow for easy search and access for the customer.


Of course, as part of the requirements, a login and signup page was required. For the purpose of this assignment, a customer cannot make a purchase without an account. If not logged in and going to checkout, the customer will be redirected to login or sign up.


And finally, we have the checkout page. The checkout page is essential to complete and confirm the customer's purchase order. They are able to delete products in their basket, view their total costs and checkout.

From here they will be able to confirm the purchase where they will have to enter their login details if they haven’t already and then continue to payment.



Content Management System (CMS)


The e-commerce website has a content management system (CMS). From here, staff are able to add and delete products, and view and search for products and orders. AJAX is also incorporated, allowing for a couple of recommendations to the customers.



This is the login page, where you can add staff to the database, which is not the best way to go, in a real-world situation. There should be an admin allowed to add staff once logged in, but this is a basic project, and if allowed time, it could’ve been implemented.



The above is a View Products page, where, logged in, you can view all the products that are stored in
the database. It allows you to search by various keys and allows for sorting according to price and
name.

    


The above is a page for adding products to the database. Once you are logged in, you can
successfully add products. Staff can also change or update the data on existing products.


Testing


The test files are available in the folder. “PHPTests.php” is the main file used for the tests.
“db_tools.php” contains the utility functions used in the tests, and “db_interface” contains the rewritten code from the website, put into functions and run.

Five tests were written (in the file PHPTests.php) and passed:
- To add a customer
- To add a product
- The staff login
- Updating of a customer

JUnit testing was used for testing:
- The customer recommender
- The save function

Front-End testing (Selenium)
- Search and look for 'Tarzan'
- Checkout Page
- Genre page functionality
- Customer login
- Customer registration

Contributions and Third Party Libraries


Below is the third party library which was used for the footer. https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

This project was done by Kristen Rebello, Ekin Pehlivan and Arshad Musejee.

Security, Privacy and Legal Issues


There are security, privacy and legal issues concerning the e-commerce website my group has
created, and because this was never to go live, has been ignored. The website is one which sells DVDs, and to make purchases, customers need to enter their personal details such as name, address, credit card information and so on.

Any sites that hold sensitive data are likely prone to get the attention of hackers. If this data is retrieved by an individual, they could send across spam, conduct phishing attacks, or in worst case, make unauthorized purchases through the customer's credit card details. This would likely mean a loss of money and reputation for the company.

Another security issue could be government putting legislation in place to weaken the e-commerce
websites security. This could result in it being easier for hackers to get into the website or the
government themselves. Once they do this, the government could spy on the customer's activity on the website.

A security issue for the e-commerce website could be activists performing a Denial of service attack
on the website. Activists may do this to deface the website for their own gain which could be raising
awareness of various issues and events, eg. political issues. If they do this they could spam the website, spy on the users of the website even find out their location which is a huge security risk.

When a credit card is used to make a payment, the location and content of the purchase will be tracked. A lot of people may not want their data shared with other companies, while there are other people who have no issue whatsoever having their data shared.

Due to the personal data being stored by the e-commerce website, the company could be liable if they do not have the correct security measures in place. However, legal liability needs to be made clear to the users before anything like this happens.

In order to battle these security issues we should ensure that the computers have firewall enabled and the operating system is up to date, along with the latest security updates installed. If these actions are taken then, the risk of being attacked/hacked is minimal.


0 comments:

Post a Comment




 
Loading...