Functionality to be accomplished:

This is expressed as a number of levels. The level of functionality implemented in your application will find out the maximum possible mark which you can accomplish.

It is suggested that in designing your websites (and databases) you must permit for all of the features to be implemented. In building the websites each level must be attempted in increasing order. Starting with Level 1 you must incrementally enhance your work to comprise the next level.

Level 1:  Account creation

Make an XHTML form allowing visitors to make an account with the site.

The form should mandate basic contact details but must as well allow for personal information to be comprised. Account details are to be stored in your MySQL database. Information must be stored in a secure way.

Visitors must be able to select a username and password. The system should prevent duplicate usernames being chosen. Newly created accounts must remain inactive until they are verified by handshaking the email details (Level 3). Members might wish to conceal their email address from other members to avoid spam.

Note: Keep in mind that some characters (notably the apostrophe) can cause problems with your SQL strings. The member passwords must ideally be stored in the database in an encrypted format. Authentication credentials must be protected from interception in transit.

Level 2:  Authentication

Give a login form which allows members to authenticate with the site by using their username and password. These credentials must be compared with the information recorded in a MySQL database.

Note that you will require initiating some form of session state to prevent unauthorized access to further activity. New members will as well need to verify their account details (Level 3) before being allowed access to further activity with the site.

Level 3:  Verify account

Account verification will need sending a message to the email address given in Level 1. This email message must comprise some sort of key which enables a member to activate their newly created account after they have authenticated with the site. Members must not be allowed to make further use of the site till they have verified their account.

Note: This page should comprise PHP which denies access to users who have not authenticated as a member by using the form that you created in Level 2.  Members must only be needed to verify their account the first time that they authenticate.

Level 4:  Editing details

Give XHTML forms which allow authenticated members (who have verified their account) to add to and edit existing information stored about themselves.

Note: Editing information is not the same as re-entering information, the user might only be seeking to correct a spelling mistake and so should not be required to re-enter complete data. The simplest way to implement this is to re-use the form that you created in Level 1 but populated with default values extracted from your database.

Level 5:  Offer item(s) and express interest for item(s)

Give XHTML forms which allow authenticated members to offer one or more unwanted items and express their interest for one or more items. For illustration suppose that someone has an unwanted item listed. The other user can register interest on the item and what the system must do is to make this item unavailable for anyone else. Functionality should be in place where an item can be made again available by the owner in case the user who expressed interest does not turn up to collect.

Such forms must permit members to be able to upload images related with the items they offer and leave a comment. The system must permit for editing and deleting of the item details and allow multiple images and comments to be stored for each item with a means of deleting or replacing stored images.

Note: Images might be stored as either files on the server or as records in the MySQL database.

Level 6:  Keyword Search

Provide a means for casual visitors and members to search and browse the items on offer matching the keyword entered. Search results must be initially returned in a short list format where each entry in the list might be clicked to show full item details.

Note: A casual visitor must not be expected to authenticate with the site. Obviously this means that he/she is not shown full information of the item(s). You must not expect search terms to be an exact match for the item description stored in your database. Result lists might become lengthy and must thus be paginated.

Use of tools:

You are expected to use web authoring tools such as EditPlus, Bluefish and XMLspy to aid your productivity. If you wish, you may make use of WYSIWYG tools like Dreamweaver. Be careful when using code generators which you understand the code that is being generated and if you use a tool such as FrontPage that it does not insert components that need specific client or server support.

Keep in mind that your application requires running in a range of browsers like Mozilla, Netscape, Opera and Internet Explorer and which the servers that your sites run on may not have FrontPage server extensions installed.