Académique Documents
Professionnel Documents
Culture Documents
Harini Iyer
Topics Discussed
Project Description
Information about the database
ER Diagram
Navigation Around Webpage
Voting and Signup
Admin Accessible Areas
User Accessible Areas
Password Changing
Public Accessible Areas
All Security Measures
Project Description:
The project Fantasy Cricket League Web Application.
There will be six teams with 11 players each.
The winning team will be decided on the basis on votes from the users of the web
application.
Information about the teams, the player, the winners and other statistics will be
available to all.
Registered users can vote once. Admin can vote any number of times.
There is a signup option available for new users to register themselves.
All the statistical information about Players and Teams is available to public.
The is project is protected from XSS and SQLi injection.
Database Description:
The database consists of 7 tables.
They are interconnected with each other by means of foreign keys.
Information about each team and the players can be displayed by pulling out
information from the database.
Updates and Displays can be done on the database by admin and authorized users.
The admin has unrestricted right to vote and update information in the database.
The registered voters can modify limited amount of information in the database, if
they pass the authentication test.
The unregistered has no rights to update the information in the database.
They can solely access the unrestricted display information.
ER DIAGRAM
Navigation Around Webpage:
The Header:
Through the header included in every page, the users can access the list of team
and the positions and team players.
The Player list gives a list of all players in the list.
The Vote Page allows registered users to vote by logging in.
There is a signup option for new users.
Teams: Player List:
Position and Teams Team names are hyperlinked to
players in each team:
Pictures and Videos of best match:
Pictures and the video of the best match of each player in Embedded in the Player
List.
Admin user can update the video after logging in, if required.
Voting and Signup:
To Vote the User must be registered.
New users have an option to signup.
Voting and Signup:
The username of the new user must be unique, else signup is prevented.
Entering Blank Values into any fields will generate error.
Admin Accessible Area:
If you are the admin, you can do anything you want!
User Accessible Area and Password Change:
If you are a registered user, you can vote only once.
You can change your password by answering the secret questions correctly.
Public Accessible Area:
You can view the Player information, embedded videos and scores.
Security Measures:
1. Prepared Statements, SQLi and XSS Preventions
2. Authentication
3. Unique User Name
4. Security Questions, Password Reset
5. HTTPS
6. User Inputs Sanitized
7. Sessions