Teacher Course

Teacher Course Listing

We need to allow a teacher to see all courses he teaches.

This page must pass the W3C Markup Validation Service. http://validator.w3.org/

Style is not our concern at this moment.

Teacher Course Detail

We need to allow a teacher to see details about a course he teaches.

In this detail page, a teacher can see all books that are added to the course
and manage the list of books.

User Module

User create(String password)

This static method should insert data into the user table and return a user
object representing the record. This method depends on the Password module.

User from(Int user_id)

This static method should return an user object representing the record with
the user id in the user table.

delete()

This instance method deletes the record with the stored user id from the
database.

Int id()

This instance method returns the id of this user.

Teacher Module

Teacher create(User user, String email, ..., etc)

This static method inserts a record into the teacher table and returns an
teacher object representing the recod.

Teacher from(User user)

This static method returns an teacher object representing the record in the
teacher table with the user id stored.

delete()

This instance method deletes the record in the teacher table with the user id
stored.

String email()

This instance method returns the email property.

email(String email)

This instance method sets the email property.

update()

This instance method updates the record in the teacher table with the user id
stored. Properties are synchronised to the database.

Shop Book Management

Shop Book List

We need to allow a clerk to see all books he can sell and put the book for sale
or not.

This page must pass the W3C Markup Validation Service. http://validator.w3.org/

Style is not our concern at this moment.

In the router module, PHP sets the Content-Type header. Apache should take the responsibility.

Respond 403 Forbidden when a user doesn't have enough permission to access the page he tries to get or post to.

Student Module

Student create(User user, String email, ..., etc)

This static method inserts a record into the student table and returns an
student object representing the recod.

Student from(User user)

This static method returns an student object representing the record in the
student table with the user id stored.

delete()

This instance method deletes the record in the student table with the user id
stored.

String email()

This instance method returns the email property.

email(String email)

This instance method sets the email property.

update()

This instance method updates the record in the student table with the user id
stored. Properties are synchronised to the database.

Login

Need a login page and a login handler.

Login Form

This page has a form with fields for username, password and role in the system.
Roles are admin, clerk, student, teacher.

This page must pass the W3C Markup Validation Service. http://validator.w3.org/

Style is not our concern at this moment.

Login Handler

This page validates the login information a user provided. If the login
information is incorrect, the user is redirected back to the login page.

Otherwise, the user is redirected to the welcome page and the user_id and the
user_role are stored in the session.

We currently output whatever is in the database. This exposes our user in the concern of XSS. We need to escape data whenever we outputs data. We might also consider lightweight template engines to do that for us. e.g. mustache

We need to remove echo from all the controller files by using the Notice module.

Admin Module

Admin create(User user, String email, ..., etc)

This static method inserts a record into the admin table and returns an admin
object representing the recod.

Admin from(User user)

This static method returns an admin object representing the record in the admin
table with the user id stored.

delete()

This instance method deletes the record in the admin table with the user id
stored.

String email()

This instance method returns the email property.

email(String email)

This instance method sets the email property.

update()

This instance method updates the record in the admin table with the user id
stored. Properties are synchronised to the database.

Blacklist Management

Black User Listing

We need to allow a user to see all black users he has added.

This page must pass the W3C Markup Validation Service. http://validator.w3.org/

Style is not our concern at this moment.

Add Black User

We need to allow a user to add another user to his black list.

Remove Black User

We need to allow a user to remove another user to his black list.

Show log out button on small screen.

It's currently not shown.

Message Module

We need a Message module to deal with message operation.

Message create(User sender, User receiver, String content)

This static method inserts a record into the message table. And return a
Message object to represent the inserted record.

Messages find(User sender)

This static method returns an array of message objects. Representing the
messages sent by the sender.

Message from(int id)

This static method returns a message object representing the message.

String content()

This instance method returns the actual content.

delete()

This instance method deletes the message from the message table.

int id()

This instance method returns the id of the message.

User receiver()

This instance method returns an user object representing the receiver.

User sender()

This instance method returns an user object representing the sender.

Markup Validation Service Marklet

Need a validation marklet. To ease the pain of markup validation.

Clerk Module

Clerk create(User user, String email, ..., etc)

This static method inserts a record into the clerk table and returns an
clerk object representing the recod.

Clerk from(User user)

This static method returns an clerk object representing the record in the
clerk table with the user id stored.

delete()

This instance method deletes the record in the clerk table with the user id
stored.

String email()

This instance method returns the email property.

email(String email)

This instance method sets the email property.

update()

This instance method updates the record in the clerk table with the user id
stored. Properties are synchronised to the database.

When a user sends data to us, we accept it without any hesitation. We actually need to validate the data and reject when necessary. This validation must be independent from the user interface we present to our user.

Password-changing

Need a login page and a login handler.

Password-changing Form

This page has a form with fields for password and new password and confirmation
of new password.

This page must pass the W3C Markup Validation Service. http://validator.w3.org/

Style is not our concern at this moment.

Password-changing Handler

This page makes sure the new password and the confirmation of the new password
are the same. If they are not the same, return the user to the
password-changing page and tell the user that his new passwords don't match.

If the passwords are the same, updates the password of the user. Once that's
done, return the user to the password-change page and tell the use that he has
successfully changed his password.

ShopBook Module

route(String file_path)

This static method requires the file if the file exists. Otherwise shows the
user a 404 not found page.

The router needs to support Glyphicons.

StudentOrderDetail Module

StudentOrderDetail create(StudentOrder student_order)

This static method inserts a record into the student_order_detail table and
returns a StudentOrderDetail object representing the record.

StudentOrderDetails find(StudentOrder student_order)

This static method returns an array of StudentOrderDetail objects with the
student_order_id.

StudentOrderDetail from(Int student_order_detail_id)

This static method returns an admin object representing the record in the
student_order_detail table with the student_order_detail_id stored.

Book book()

This instance method returns the book property of this object.

Int number()

This instance method returns the number property of this object.

number(Int number)

This instance method sets the number property of this object.

I think we should change all email address in this repository to be xxx@ncut-book-store. e.g. esbb48@ncut-book-store, hsy0130@ncut-book-store, sharils@ncut-book-store. This makes the commits looks like from a team and makes it easier to associate commits with github accounts.

Before we have a router, we scattered database initialisation everywhere. Now we can clean them up.

We need .htaccess to route all requests through index.php.

We don't want "require" statements any more. In modern PHP development, classes are loaded on demand. We can adapt auto-loading by adding the class_loader submodule. But to be able to utilise it. We need to namespace all of our classes first.

StudentOrder Module

Student create(Student student, Timestamp date)

This static method inserts a record into the student_order table and returns
a a StudentOrder object representing the record.

StudentOrder from(Int student_order_id)

This static method returns an StudentOrder object representing the record in
the StudentOrder table with the id.

Clerk clerk()

This instance method returns the clerk property.

clerk(Clerk clerk)

This instance method sets the clerk property.

Timestamp date()

This instance method returns the date property.

date(Timestamp date)

This instance method sets the date property.

Int id()

This instance method returns the id property.

String status()

This instance method returns the status property.

status(status)

This instance method sets the status property.

Student student()

This instance method returns the student property.

update()

This instance method updates the record in the student_order table with the
student order id stored. Properties are synchronised to the database.

We need to allow users to reset their password when they want to if they have their email verified. How we approach it is to be specified.

We already have toRole method for a user. We no longer need to remember the role of the loggin user.

ShopBook Module

create(Book book, Int number)

This static method adds the book id and the number to the ShopBook table.

ShopBook from(Book book)

This static method returns a ShopBook object representing a record in the
ShopBook table.

Boolean availability()

This instance method gets availability property.

availability(Boolean availability)

This instance method sets availability property.

Int number()

This instance method gets the number property.

number(Int number)

This instance method sets the number property.

update()

This instance method updates the record in the database.

Book Module

Book create(String author, String isbn, Float market_price, String name, Float price, String remark, String type, String version)

This static method inserts a record into the book table and returns a book
object representing the record.

Books find(String keyword)

This static method finds books that matches the keyword.

Book from(Int id)

This static method returns a book object representing the record in the book
table.

String author()

This instance method returns the author property.

delete()

This instance method deletes the record in the book table with the book id
stored.

Int id()

This instance method returns the id property.

String isbn()

This instance method returns the isbn property.

Float marketPrice()

This instance method returns the marketPrice property.

String name()

This instance method returns the name property.

Float price()

This instance method returns the price property.

String remark()

This instance method returns the remark property.

String type()

This instance method returns the type property.

update()

This instance method updates the record in the book table with the book id
stored in the object. Properties are synchronised to the database.

String version()

This instance method returns the version property.

Database Module

We need a Database module that deals with connection to the database.

Array execute(String query_string, Array parameters)

This is a static method. In the life of a request, whenever we need to query
the database. We simply do:

$users = Database::execute(
    'SELECT * FROM `user` WHERE `id` = :id;',
    array(
        ':id' => '12345'
    )
);

Then $users contains the query result. If there is an error, it throws an
exception. What is thrown is subject to the implementation.

initialise(String host, String user, String password, String database)

This is a static method. In index.php, we get the connection info from
settings.php and store these info as static properties in the Database module.
e.g.

Database::initialise(
    $host,
    $user,
    $password,
    $database
);

We need to change the favicon to use ours.

User authenticate(String sn, String sn, String password)

$user = User::authenticate($sn, $type, $password);

This method uses $sn and $type to find $user_id, and check if $user_id and
$password forms a pair it returns an instance of User. Otherwise it throws an
exception. What's thrown is yet to be defined.

Course Module

Course create(Teacher teacher, String type, String name, String year)

This static method inserts a record into the course table and returns a course
object representing the record.

Course from(Int course_id)

This static method returns a course object representing the record in the
course table with the course id stored.

CourseBooks books()

This instance method returns an array of CourseBookList object, representing
the books associated with this course.

delete()

This instance method deletes the record in the course table with the course id
stored.

Int id()

This instance method returns the id property.

String name()

This instance method returns the name property.

Teacher teacher()

This instance method returns the teacher property.

String type()

This instance method returns the type property.

Int year()

This instance method returns the year property.

Password Module

We need a password module to deal with the password and salt.

Password create(password)

This static method returns an instance of the Password class, with randomly
generated salt and hashed password stored in it.

Password from(password, salt)

This static method returns an instance of the Password class, with the hashed
password being $password and salt being $salt.

String password()

This instance method returns the hashed password stored in this object.

String salt()

This instance method returns the salt stored in this object.

update(String old_password, String new_password)

This instance method changes the hashed password and the salt stored in this
object based on $new_password. If $password->verify($old_password) is true.

Boolean verify(String password)

This instance method tells us whether the $password is the plain password.

Message Management

Message Creation

We need to allow an user to write a message to another user.

Message Listing

We need to allow an user to see all messages he has sent and received. Sent
messages and received messages are separated.

This page must pass the W3C Markup Validation Service. http://validator.w3.org/

Style is not our concern at this moment.

Message Detail

We need to allow an user to see details about a message.

In this detail page, an user can reply or delete the message.

ShopBook Module

ShopBook create(Book $book, Int $number, Boolean shelf)

This static method inserts a record into the shopbook table and returns an shopbook object representing the record.

ShopBook find()

This static method returns an array of shopbook object representing all records in the shopbook table.

ShopBook from(Int book_id)

This static method returns an shopbook object representing the record in the shopbook table with the id stored.

Book book()

This instance method returns the book object.

delete()

This instance method deletes the record in the shopbook table with the book id stored.

Int number()

This instance method returns the number property.

number(Int number)

This instance method sets the number property.

Boolean shelf()

This instance method returns the shelf property of this object.

shelf(Boolean needed)

This instance method sets the shelf property of this object.

update()

This instance method updates the record in the shopbook table with the book id stored. Properties are synchronised to the database.

I should not own this repository. I'll still take the ownership until it's the time to lay it off. One of you should take it.

StudentCourse Module

StudentCourse from(Student student)

This static method returns a StudentCourse object representing the collection
of courses in the student_course table table with the student id.

add(Course course)

This instance method adds the course to this collection and inserts the record
to the student_course table with the course id.

remove(Course course)

This instance method removes the course from this collection and deletes the
record in the student_course table with the course id.

Replace tab with 4 spaces according to PSR-2

Welcome

Need a welcome page for different role of users.

Common

These two menu are shared by all users.

Message

• Create messages.
• List messages.
• View message.
• Reply message.
• Delete message.

Blacklist

• List black user.
• Add black user.
• Remove black user.

Admin

Course

• Create courses.

User

• Create admins.
• Create clerks.
• Create students.
• Create teachers.

Clerk

Book

• Choose book for sale.

Order

Teacher

Student

Course

• Add course to oneself.

Order

Teacher

Course

• Add book to a course he teaches.

Notice

• Notify the teacher that he has course that has no book.

Course Creation

Course Creation Form

We need to allow an admin to create a course manually. The form must contain
fields for teacher, type, name, year.

The teacher field is a many-to-one control listing all teachers from the
database. Type, name and year are text inputs.

This page must pass the W3C Markup Validation Service. http://validator.w3.org/

Style is not our concern at this moment.

Course Creation Handler

This page validates the course creation information a user provided. If the
information is incorrect. The user is redirected back to the course creation
page and shown a message telling the user what's wrong with the submission.

Otherwise, the course is created.

Admin Account

Need to have bootstrap admin account. The username and password are both admin.

That's saying that we need to insert two records to the database. One to the
user table, the other to the admin table.

Admin Module

RoleClass createUser(String role, String email, ... etc)

This instance method returns an object of the role.

Student Order Management

Student Order Creation

We need to allow a student to create a new order.

Student Order Listing

We need to allow a student to see all orders he has.

This page must pass the W3C Markup Validation Service. http://validator.w3.org/

Style is not our concern at this moment.

Student Order Detail

We need to allow an user to see the detail about an order.

What a student can do with an order depends on the status of the order. An
order has the following status:

• shopping
• submitted
• processing
• ordered
• shipping
• arrived

shopping

A student can:

• See the detail of the order
• Delete the order.
• Submit the order.
• Add a book from the order.
• Change the quantity of a book.
• Remove a book from the order.

submitted

A student can:

• See the detail of the order
• Unsubmit the order.

processing

A student can:

• See the detail of the order

ordered

A student can:

• See the detail of the order

shipping

A student can:

• See the detail of the order

arrived

A student can:

• See the detail of the order

Blacklist Module

Blacklist from(User user)

This static method returns a blacklist object representing the user's
blacklist.

add(User black_user)

This instance method adds black_user to the list of the user.

Users blackUsers()

This instance method returns an array of users who are in the black list of the
user.

remove(User black_user)

This instance method removes black_user to the list of the user.

Student Course Management

Student Course List

We need to allow a student to see all courses he has added.

This page must pass the W3C Markup Validation Service. http://validator.w3.org/

Style is not our concern at this moment.

Add Student Course

We need to allow a student to add a course he majors.

Remove Black User

We need to allow a student to remove a course he majors.

Publisher Module

Publisher create(String email , String acount ..., etc)

This static method inserts a record into the publisher table and returns an publisher
object representing the recod.

Publisher find()

This static method returns an array of publisher object representing the record in the publisher table with the int id stored.

Publisher from(Int id)

This static method returns an publisher object representing the record in the publisher table with the id stored.

String account()

This instance method returns the account property.

String address()

This instance method returns the address property.

address(String address)

This instance method sets the address property.

delete()

This instance method deletes the record in the publisher table with the int id
stored.

String email()

This instance method returns the email property.

email(String email)

This instance method sets the email property.

Int id()

This instance method returns the id property.

String name()

This instance method returns the name property.

String person()

This instance method returns the person property.

person(String person)

This instance method sets the person property.

String phone()

This instance method returns the phone property.

phone(String phone)

This instance method sets the phone property.

update()

This instance method updates the record in the publisher table with the id
stored. Properties are synchronised to the database.

CourseBook Module

CourseBook create(Course course, Book book, Boolean sample)

This static method returns a CourseBook object and inserts a record into the
course_book table.

CourseBooks find(Course)

This static method returns an array of CourseBook objects that are used for a
course.

CourseBook from(Course course, Book book)

This static method returns a CourseBook object representing a record in the
database.

Book book()

This instance method returns the book property of this object.

delete()

This instance method deletes the record with the book id in the course_book
table.

Boolean sample()

This instance method returns the sample property of this object.

sample(Boolean needed)

This instance method sets the sample property of this object.

update()

This instance method udpates the databaes with the property of the object.

Notice Module

String addTo(String notice, String url)

This static method takes a notice and url, then add the notice as a parameter
to the url then return the result.

String get()

This static method returns the notice property of this class.

set(Function set_callback)

This static method takes a function and set the notice to the execution result
of set callback.