I have an idea for a website/service and have started to dip my toe
into PHP & PHPCake. I'd like to develop this site but aren't too sure
how to go about doing this to create a commercial website. I've
written the requirements of the service and think I need someone to
work with me and mentor me throughout the development.
I'm looking for an experienced developer who will be able to guide me
through the development of this application, advice on best practice
etc.
Below are details of the web site. If your able to able to help with
this project please contact me.
Best Regards
Ben
This document aims to give broad details of the service and the core
functionally. It is expected that the developer will make reasonable
design decisions to deliver a workable solution.
Overview of requirements
Assumptions
Written in PHP with the use of PHPCake version 1.3 using a MySQL
datebase. All code is commented in English and is free of copyright
and can be used licence and royalty free and becomes wholly owned by
this company and can't be used without prior consent. None of the code
is encrypted or right protected. The code is structured in a Model-
View-Controller following an Object Orientated Programming design
structure.
Security
All code written is designed to protect the website / service from
being hacked from an unauthorised party, this includes but is not
limited to SQL injection attacks. Only the regustered user can edit
there profile details.
Website Presentation
The website will be incorporated into an Open Source Content
Management System, SilverStripe. Cascading Style Sheet tags should be
used to define the a common design throughout the website. The the
design of the website should be included within this project but the
system detailed in this document can be used/tested without any
further configuration.
Registration
Users of the website are required to register before being able to
gain access to non public sections of the website. The functionality
of this module will include -
Unique user name based on a valid email address.
Details collected during registration.
Country of residence (Drop Down list).
Mobile phone number (required).
First Name (required).
Surname (required).
Password (required). User to confirm by retyping if the two passwords
don't match then a warning is displayed. Password will be encrypted.
Forgotten password retrieval. If the user can't remember their
password they are presented with a form allowing them to enter the
email address (user name) used in registration. A temporary password
is set for the relevant user and email to the user and a page is
displayed to the user asking them to check their email inbox.
*When signing into the website or using the forgotten password
retrieval if the email address (user name) the user enters is not
valid either because it hasn't been used during registration or the
format of isn't correct a message asking for a valid user email
address to be entered is displayed.
Signing into the website
The user is presented with a user name and password form were they
submit their user name I(email address) and password this page also
have the option to select "forgotten password" where they'll
redirected. Please see section (*) above regarding valid email
address.
Remember Password
The user can opt for their user name and password (encrypted) to be
saved is a cookie which will expire after 14 days.
Once the user has supplied valid credentials then they are allowed
access to the following sections of the website.
Account Overview
Once signed into the website the user will be able to review their
registration details and make necessary amendments the above
validation rules are enforced when editing account details.
Profiles
Register Profile
Requires user to have created an account as specified above. Once the
user has successfully signed into the websites they are able to
register one or more profiles (one user may have many profile). The
user enters a serial number and pin number (this has been supplied
outside the scope of this website) depending on the serial number the
user is directed to a page where they can enter the relevant details.
The profiles database table holds details regarding the profiles and
what type of "profile template" has been assigned to the to the serial
number.
An example of the above.
A customer registers and signs into the website where they are able to
register profile(s). Selecting "Register Profile" link the user is
presented with a page asking for a profile serial and pin numbers. If
these numbers are valid (i.e. in the profile database table and the
serial number and pin number correspond) then the user is directed to
a page where they are able to enter relevant details. The users enters
serial number 123456 and pin number 321 this directs the user to page
where they are able to enter details about a CD Player, the user then
adds another profile and enters serial number 654321 and pin number
123 and is able to enter details about a Laptop.
The system would be configured with a predefined number of profiles
each of which would allow a different set of detail to be store. Each
set of detail would be stored in there own corresponding "profile"
database table. In the above example the ables would be
"Profile_CDPayer" and "Profile_Laptop".
Edit Profile
Once the user has a registered profile the user is able to edit the
profile details. Only the associated user can edit their profile.
Validation rules are enforced.
Deactivate / Reactivate Profile
Profile can be deactivated. Deactivated profiles can be reactivated.
Profile Subscription
The registration and other elements of this website require the
profile to have an active subscription. This is to ensure that the
user has paid to use the service the website offers.
Below is an example of how this subscription membership.
When a profile is first registered the website will check that the
most recent subscription period is active. This is stored in the
subscription table which has a start date, end date (which are
initially null), duration (in days) and a status (which will be set
outside the scope of this website).
If the latest status subscription entry is set to "UNSET" then the
start date is populated with the current date, the end date is set to
the start date plus the duration value and the status is set to
"ACTIVE".
When the end date has passed the status is set to "EXPIRED" (outside
the scope of this website). This places the profile into a dormant
state the profile can not be edited, deactivated or reactivated nor
will other functionality detailed in this document be applied to this
profile. If the profile has expired then the user will have the option
to be directed to an external link (to purchase a new subscription) on
the profile overview page, please see below.
Complementary subscriptions.
If the profile already has an active subscription entry (status
"ACTIVE") and the start date is empty (null) then the current date is
inserted into the start date and the end date is calculated by adding
the the comp_duration (number of days) to the start date, this
calculated date is then inserted into the end date.
Once the end date has passed then the status will be set (outside the
scope of this application) to "EXPIRED".
Profile Overview Page
After a user has signed into the website they will be able to select a
"my profile" link. This page will act as a central menu where the user
can administer their profiles. This page will give an overview of each
of the registered profiles and there current status as detailed from
the latest entry in the subscription table. If the profile has expired
then the user will have the option to be directed to an external link
(to purchase a new
subscription).
Third Party Access
Unregistered users are able to view profile details. Only the
registered user is able to edit profile details (as detailed above).
Website
An unregistered user enters a profile number / pin number (validation
occurs) and successfully passing a CAPTCHA system. Depending on the
status of the latest subscription period the following will occur.
Active Subscription
If the profile is ACTIVE then a page detailing the profile details is
displayed. An email to the registered user is also sent saying that
their profile has been accessed. The unregisistered user IP Address is
stored into an audit table. (Audit table holds, profile serial number,
time and date, access method (iunregisterweb), and details (IP
Address), outcome (details displayed).
Unset Subscription
A page saying the profile hasn't been registered is displayed. The
audit table as detailed above is populated (outcome unset).
Expired Subscription
If the profile is EXPIRED then a page informing the user that the
subscription has expired is displayed. The audit table is populated
with the outcome of expired. An email is sent to the registered user
saying that someone tried to access there profile however the
subscription has expired.
Telephone Access
Details of profiles are also available to be accessed via a
telephone . Using cloudvox (www.cloudvox.com) an unregistered user
dials a phone number. Using the key pad they are prompted to enter the
serial and pin numbers. Depending on the latest subscription the
following will occur.
Active Subscription
The profile details are read to the called. The registered user is
email saying that there profile detail have been accessed. The audit
table is populated, access method (phone - phone number dialed),
details (unregisisted user phone number), outcome (profile accessed),
call duration minutes.
Unset Subscription
A message saying that the profile hasn't been register is read to the
caller. The audit table is updated.
Expired Subscription
A message saying that the subscription has expired is read to the
caller. The audit table is updated. An email is sent to the registered
user saying that someone tried to access there profile however the
subscription has expired.
Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
To unsubscribe, reply using "remove me" as the subject.
No comments:
Post a Comment