Web Development Final Lab Paper - PHP and MySQL


  1. If the submitted code matched with another submission, both students would get 0 marks and UMC case will be filed to Exams Department that may further result into cancellation of whole semester.
  2. In htdocs folder, create project folder based on your registration number. For example, if your registration number is CIIT/FA18-BCS-122/LHR, the project folder name should be fa18-bcs-122. Create images folder in your project folder to place uploaded images. Use random name for image files.
  3. Must use the provided SQL schema to create the database schema to ensure your code is compatible with my database. (Do not submit any SQL file).
  4. Before you make a .rar file to upload, the database host name, database name, user name and password MUST be same as given in common.php file (if you changed it for any reason, undo those changes). Include this file in your all php files for easy maintenance. Feel free to add any more utility functions in common.php
  5. To submit, select all project files and images folder and right click and choose Add to "fa18-bcs-122.rar" option. This way, the rar file will contain only php files and images folder. Your project should open from URL i.e. http://localhost/fa18-bcs-122/index.php. Don’t forget to change "fa18-bcs-122" as per your registration information.
  6. Do not submit separate code for each functionality but complete project at once with all mentioned features. Upload the rar file in Google Classroom Assignment titled “Web Technologies – Terminal (Lab Exam)”.
Do not do multiple submissions. Submit only once.

Question # 1. [50 Marks]

A company has some devices e.g. smart phones, tablets, cameras, laptops, etc. These devices are issued to different employees for different project requirements, which are returned after use. Recently, 2 devices were lost and there was no record to which employee the device were issued and who issued them. Create below explained features to keep track of the devices to avoid such events in future.

  1. Create a login.php page to login. Only authorized users (stored in users table) shall be able to login and perform different operations. If an un-authorized user try to access any secure page, he/she shall be redirected to login.php. On successful login, redirect user to devices.php (explained in next point).  Furthermore, the index.php page shall redirect to login.php if user is not logged-in. And index.php page shall redirect to devices.php page if user is logged in already. Also provide logout out link in nav-bar to logout. (Place my given php file in your project and use them to save your time). [5 Marks]
  2. Let only authenticated users visit Devices Dashboard (devices.php) and view List of Employees (employees.html) from nav-bar, these links shall be visible only when a user is logged-in. The employees’ page shall display all employees in tabular form and the names of all devices each employee has (see, Figure 1). Why an HTML page? When the page is loaded, you shall fetch the employees record from given API and parse JSON to create HTML table (see/call get-employees-data.php). [5 Marks]
  3. The devices.php page shall display each device detail and let user perform different operations (see Figure 2 to get an idea how your output shall look alike), details of these features is as follows:
    1. Display the device id, name, picture, availability status (YES, NO). A device is Available, if it’s not issued to anyone i.e. when issued_to field is NULL. If a device is already issued, show to which Employee the device is issued and who issued it. [10 Marks]
    2. If a device is available. It means, the device is new or it’s returned after use. Show the user name who received the device in Received By column. When user click Receive link in Actions, column. That device shall be received and currently logged in user shall be recorded to display the name in Received By column. [10 Marks]
    3. If the device is Available. Let logged-in user issue the device to an employee. It shall be issued when user choose the employee name from option list given in Issue To column, only if the device limit is not reached for that employee. The limit is stored in devices_limit column in employees stable. If the selected employee already hold the maximum devices allowed, show error message when user try to issue him/her another device and do not issue the device to that employee. For all non-AJAX operations, always redirect to devices.php page after performing that operations. Either check limit with AJAX call or show error on next page, when device can’t be issued. [10 Marks]
    4. Let user Add new device and Update and Delete an existing device. Allow user to update only device name, picture. Must show the old device name and picture in update form. Delete using AJAX call. Make any number of php pages for it and name them as you like. But they must be linked/called accordingly. [10 Marks]
  4. Some backend endpoints and functions are given e.g. to get list of employees in JSON format, function to check validity of given credentials and a function to check is device limit reached for an employee. Use them to save your time.

Figure 1

Figure 2

Download Attachments (ths SQL script and above mentioned PHP help files)