Web Project Assignment 3

<head>
  <style>
    var { text-decoration: underline; }
    ol ol { list-style-type: lower-alpha; }
  </style>
</head>
<p>
<center>
  <h1> Web Project Assignment 3 </h1>
  <h2> PhP Implementation </h2>
</center>
<hr>
In this homework assignment you will write a number of php scripts that
allow you to 1) query your mysql database to obtain information that your
front-end will display in its forms and 2) update the database with information
that the user enters into the forms.
<p>
Please observe the following constraints on your php scripts:
<p>
  <ol>
    <li> We will test your php scripts from the command line by invoking
them with the
<tt>php-cgi</tt> command. For example:
<pre>
  php-cgi -f login.php email='coyote@utk.edu' password='password'
</pre>
The <tt>-f</tt> option tells <tt>php-cgi</tt> which script to execute and
the <tt>name=value</tt> pairs will be translated into $_GET parameters that
your script can access via the $_GET array. When you hand in the
scripts in the final assignment you will change some of your submissions to
use POST, but for this assignment you must use GET parameters since we will
be testing your scripts using automated scripts.
<p>
  <li> Your scripts should print any output in JSON format. As demonstrated
    in class, your php scripts should load all output into a single array
    and then echo out this array at the end of the script using the
    <tt>json_encode</tt>. Do not use multiple <tt>json_encode</tt> commands
    as this will cause problems in the final assignment when you send the
    results back to the front-end.
    <p></p>
  <li> Use prepared SQL statements to avoid issues associated with
	malicious attacks and
	special characters in the input data, like double quotes
    (") and single quotes (').
  <li> In the following description, all $GET parameters to your php
scripts are underlined.
  <li> Your JSON output will be using key/value pairs for the columns and their
	values. The keys should have the same names as the columns.
  <li> For the questions that insert, update, or delete tuples do NOT perform
	a SELECT query in order to show that your updates succeeded. The gradescript can query the DB itself and find what was updated.
</ol>
<p>
    You need to write the following .php scripts:
    <ol>
     <li> login.php: Print the instructorId, sectionId, courseId, major, semester, and year
      of all sections taught by
      an instructor with a given <var>email</var> address and
      <var>password</var> (remember that you will need to convert the password string to a hash
string using MySQL's
      PASSWORD function). Your answer should eliminate duplicate rows but note that the same sectionId could appear
      twice in the results because that section might be used to assess both
      EE and CpE majors or both CS and CpE majors. These rows are not duplicates because they will differ in the major column. 
      For example, if the courseId for a section is COSC365, the semester is spring, the year is 2019, and both CS and CpE majors are assessed in COSC365 in spring 2019, then you will have two rows in your result table for this section--one for CS majors and one for CpE majors. 
The results should be
      ordered by year in descending order and secondarily by semester in
      ascending order.
    <li> outcomes.php: Print the outcomeIds and outcomeDescriptions of all outcomes assessed
      by a <var>sectionId</var> for a given <var>major</var>. 
      Order the output by outcomeIds.
    <li> results.php: Print all outcome results for a given <var>major</var> and <var>outcome</var>
      that were assessed by <var>sectionId</var>. Print the performance description
      (e.g., Meets Expectations) and number of students that achieved that
      performance description. Order the results by performanceLevel. Note
      that you are printing the performance description, not the performanceLevel,
      but you are ordering the results by the performance Level.
    <li> assessment.php: Print all assessment plans for a given 
      <var>major</var> and <var>outcome</var> that was
      assessed by <var>sectionId</var>. Print the assessment description and weight.
      Order the results by weight in descending order and secondarily by
      assessment description in ascending order.
    <li> narrative.php: Print the narrative summary for a given 
      <var>major</var> and <var>outcome</var> that
      was assessed by <var>sectionId</var>. Print the strengths, weaknesses, and
      actions.
    <li> checkWeight.php: Print the sectionId, instructor email, outcomeId, major, and
      sum of the weight fields
      (name it weightTotal) for any outcome whose assessments' weights
      for that outcome and major do not exactly equal 100. As one example,
      the sum of the assessment weights for EE majors for outcome 1 in section
      7 is 70, so you would print the requested information for this section.
      Order the results by instructor email in ascending order, then by
      major in ascending order, and finally by outcome in ascending order.
    <li> updateResults.php: Update the results relation with
      the given <var>sectionId</var>, <var>outcomeId</var>, <var>major</var>, 
      <var>performanceLevel</var>, and <var>numberOfStudents</var>. If this
      tuple is not yet in the relation, then insert it rather than updating
	it (you need to figure out what the primary key is). You can use
	MySQL's <tt>INSERT INTO ... ON DUPLICATE KEY UPDATE</tt> statement
	to perform either the insert or update in one statement.
    <li> updateAssessment.php: update the Assessments relation with the given
      <var>assessmentId</var>,
      <var>sectionId</var>, <var>assessmentDescription</var>, <var>weight</var>,
      <var>outcomeId</var>, and <var>major</var>. If this tuple is not yet
	in the relation, then insert it rather than updating it (you need to
	figure out what the primary key is). If the primary key is an auto-increment column and it's value is null then
	the tuple is not yet in the relation. It is fine to give null as the
	value for an auto-increment key in a INSERT INTO ... ON DUPLICATE KEY UPDATE query--SQL will automatically generate a value for the key in this case.
    <li> updateNarrative.php: update the Narratives relation with the given
      <var>sectionId</var>, <var>major</var>, <var>outcomeId</var>, 
      <var>strengths</var>, <var>weaknesses</var>, and <var>actions</var>.
	If this tuple is not yet in the relation, then insert it rather than
	updating it (you need to figure out what the primary key is). 
    <li> deleteAssessment.php: delete the assessment with the given
      <var>assessmentId</var>.
    <li> updatePassword.php: update the <var>password</var> of the instructor
      with the given <var>email</var>. Make sure that you use MySQL's
      PASSWORD function to encrypt the password. You may assume that the
	tuple is already in the relation.
</ol>
<hr>
<h2> What To Submit </h2>
<p>
<ol>
	<li> Submit a zipped file with the .php files specified in this
assignment.
        <li> In the submission comments tell us the netid, password and
	  database name (e.g., cosc465_bvanderz) you 
	  have used in your .php files. If you feel
		uncomfortable with giving us the password you used, then
		put another password in your files, but use the same password
		for all your .php files and make the password something unique
		because we will be using a script to replace your netid/password
		with the TA's netid/password. Do <b>not</b> use 'password' as
	        your password as we use a sed script to do search and replace
	        and our scripts will break if you use 'password' as your
	        password.
        <li> Your submission must work without us having to edit
any files or provide any additional files. We will run a script that changes
your netid/password/databaseName to our netid/password/databaseName.
        <li> If you are working with someone, please make only one submission
and list the name of the other person in the submission comments.
</ol>