Description

You are required to build a complete dynamic Web site to support the online presence of the Art Academy. It focuses on arts practice. It is a large space featuring some of the most progressive student artists. The presence of online exhibition will be immense benefit to the broader community.

The Web application consists of several major components: the public pages that are accessible by the users, and private pages accessible to those who administer the site and update the pages. A site might have login and authentication pages; an index page with links to various areas of the site; pages that add, change, or delete data; a page for contact information, and email; and header and footer files to include titles. Please note that all admin pages should only be accessed after administrative login authentication.

The Web site is organised as shown in the table below:

  • admin_art_edit.php Administration screen to edit an art record. Client side validation with JavaScript.
  • admin_art_insert.php Administration screen to add an art record. Please note that name and surname of each artist in the database should be displayed in the single select drop-down list. Client side validation with JavaScript.
  • admin_art_list.php Administration screen to display a list of the art in the inventory. Art details (all fields from the art table) together with artist's name and surname should be displayed.
  • admin_artist_edit.php Administration screen to edit an existing artist. Client side validation with JavaScript.
  • admin_artist_insert.php Administration screen to add a new artist. Client side validation with JavaScript.
  • admin_artist_list.php Administration screen with the list of all the artists, displays all the names of the artists in the database as hyperlinks. Also include the phone numbers and e-mail addresses of the respective artists. Include hyperlink to delete an artist. If the user clicks an artist’s name, the ID of the artist is passed in the hyperlink to another file called admin_art_edit.php admin_artist_edit.php. If the user clicks the delete hyperlink, the action value from the link will be set to delete, and the id of that artist will be used in the SQL Delete statement to determine which artist should be removed from the database. Please note that all art records associated with the artist will be also deleted.
  • admin_footer.php Footer for all the administration pages.
  • admin_header.php Header included on all the administration pages to provide a connection to the database, to check if administrator has logged in or not, and to provide the administration menu.
  • admin_login.php A login screen to verify the username and password entered and to update the session so that the user can freely use the administration pages. Administrator user name is 'admin' and password is 'admin2011'. Please make sure that those values are validated against the 'admin' table. The administrator passwords are encrypted with the MD5() hash function. Client side validation with JavaScript.
  • index.php A public page to display all the information for a specific artist. A list of artists (with concatenated surname and name of each artist in the database) should be displayed on the page in a single select drop-down list in alphabetical order (by artist's surname). Default selection is on the first artist from the list.
  • contact.php A simple form to request contact with the staff. This form sends an email when submitted.
  • galleryDb.sql A SQL script to create the Art, Artist, and User tables and populate them with demo data. The initial file should be used when start working with the database. New file should be created when (exported) when assignment is submitted for assessment. There should be minimum of five (5) artists and ten (10) art pieces. The 'admin' table should contain original administrator details.
  • footer.php The footer that is included at the bottom of very public page.
  • header.php A header file included at the top of every public page to provide the navigation bar, database connectivity and the logo.
  • admin_index.php The initial page to display the 'main menu' allowing administrator to manage gallery database.
  • style.css A cascading style sheet to specify fonts, colours and so on. Please make sure that all your pages include the style sheet file.

Creating the Database

The first step is to create a database called “gallery”. The galleryDB.sql script is used to create and populate the database. For more instructions see 'README' comments in the galleryDB.sql file. SQL statements from the galleryDB.sql script are shown below. Please note that SQL use double hyphen ( -- ) to include a comment with an SQL statement.

DROP DATABASE IF EXISTS `gallery`; CREATE DATABASE `gallery`; USE `gallery`; -- Table structure for table `admin` used for admin login CREATE TABLE IF NOT EXISTS `admin` ( `login` varchar(10) NOT NULL COMMENT 'Login Name', `passwd` varchar(50) NOT NULL COMMENT 'MD5 hashed password', PRIMARY KEY (`login`) ) ENGINE=MyISAM COMMENT='Administrator Access'; -- Insert data into `admin` table used for admin access -- please note that the passwd is MD5 hashed
-- the password value is 'admin2011'
INSERT INTO `admin` (`login`, `passwd`) VALUES
('admin', '9656387b6542bc9be1b8730b45b49fd8');

-- Table structure for table `artist` used to store artist information
-- Please note that email has 'unique' constraint meaning that two artists cannot have the same email address
CREATE TABLE IF NOT EXISTS `artist` (
`artist_id` smallint(3) unsigned NOT NULL AUTO_INCREMENT,
`first_name` varchar(25) NOT NULL,
`surname` varchar(50) NOT NULL,
`bibliography` text NOT NULL,
`phone` varchar(50) NOT NULL,
`email` varchar(100) NOT NULL,
PRIMARY KEY (`artist_id`),
UNIQUE KEY `email` (`email`)
) ENGINE=InnoDB COMMENT='Artist Records';

-- Table structure for table `art` used to store art details
CREATE TABLE IF NOT EXISTS `art` (
`art_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`title` varchar(120) NOT NULL,
`description` text NOT NULL,
`price` int(8) NOT NULL DEFAULT '0',
`artist_id` smallint(3) unsigned NOT NULL,
PRIMARY KEY (`art_id`),
KEY `artist_id` (`artist_id`)
) ENGINE=InnoDB COMMENT='Art Displayed in the Gallery';


-- Constraints for table `art`
-- This is actual foreign key that links art and artist table
-- Each art piece is associated with one and only one artist
ALTER TABLE `art`
ADD CONSTRAINT `fk_artist` FOREIGN KEY (`artist_id`)
REFERENCES `artist` (`artist_id`)
ON DELETE CASCADE ON UPDATE CASCADE;

-- Finally we create a DB user called 'gallery_user' with 'gallery2011' password
-- This username and password will be used in the mysql_connect() function to connect to MySQL server.
-- We give this user data management permissions only on the `gallery` database (all tables)
GRANT SELECT,INSERT,UPDATE,DELETE ON gallery.* TO 'gallery_user'@'localhost' IDENTIFIED BY 'gallery2011' ;

Figure 1 shows Entity Relationship Diagram for the gallery database. See image.

Securing pages with Login

To secure the administrative pages from unauthorised access, we require the user to log in. The login name and password are stored in the 'admin' table. Because every administration page will include the admin_header.php, this is a good place to check if the user has already logged in. You are required to use a PHP session to do this.

Layout and design guidelines

  • Useful contents
  • Establish user requirements
  • Consider User Interface issues
  • Provide feedback
  • Provide printing options
  • Accessibility – diverse users e.g. visual impaired
  • Constraint imposed by Hardware/software eg account for browser differences
  • Well constructed homepage. A homepage should clearly communicate the site’s purpose and show all major options available on the Web site.
  • Well structured page layout
  • Easy navigation
Academic Honesty!
It is not our intention to break the school's academic policy. Posted solutions are meant to be used as a reference and should not be submitted as is. We are not held liable for any misuse of the solutions. Please see the frequently asked questions page for further questions and inquiries.
Kindly complete the form. Please provide a valid email address and we will get back to you within 24 hours. Payment is through PayPal, Buy me a Coffee or Cryptocurrency. We are a nonprofit organization however we need funds to keep this organization operating and to be able to complete our research and development projects.