info2300-2020sp-website

Lab Homework 11: Sessions & User Access Controls

Practice adding login functionality to an existing page as well as adding some user access controls.

Learning Objectives

• Experience leveraging existing login functionality to add session capability to a site.
• Implement the logic necessary to support user access controls.
• Support learning research at Cornell by completing a post-virtual instruction survey.

Deadline

Lab Homework	Deadline	Slip Days	Credit	Solution
Part I	Sun 5/10 at 11:59pm	Max: 2 days	20 points (completion)	Provided
Part II	Sun 5/10 at 11:59pm	Max: 2 days	20 points (completion)	Not Provided

Instructions

1. Clone your lab repository.

   Clone the following URL: git@github.coecis.cornell.edu:info2300-2020sp/YOUR_GITHUB_USERNAME-lab11.git\ Replace YOUR_GITHUB_USERNAME in the URL with your Cornell GitHub username.

2. Work together.

   Feel free to work with your peers to complete this lab. Use your section specific chat rooms. Organize a Zoom hangout to work on the assignment together. Take this as an opportunity for some virtual human contact!

   Note: You are encouraged to work together so long as you do your own work and you don’t give away answers.

3. Ask questions or say hi during your registered section live Zoom Q & A.

   Your section leaders will hold a Zoom Q & A during your registered section time. Feel free to pop in and say hi or ask a question! Again, use this as another opportunity to keep up with your fellow Cornell community members!

4. Submit.

   When you’re finished, follow the instructions in submit.md to submit your assignment.

Part I: Bank - User Access Controls

The 2300 Bank wants to support online account access, however its current site only shows one user’s account balance. It’s also not a secure site. Anyone can withdraw from this user’s account. You job is to correct this.

Objective: Using the information that you learned in lectures 20, 23, and 24, you need to implement login support and user access controls to show the account information of only the current logged in user.

Modify bank.php to support the following:

• No account information should display unless the user is logged in.
• When a user is logged in, they may only view their account and no other accounts.
• If a user is not logged in, they should be presented with a login form.
• Once the user is logged in, the login form should be replaced with their account information and withdraw form.

Hint: Existing login functionality is completely located in init.php with the exception of the login form helper.

Hint: The existing login functionality features a is_user_logged_in() function that returns a Boolean.

Hint: See gradebook.php for an example of how to use the existing login form helper: login_form(). If you don’t want to use this helper, you may implement your own login form.

Hint: See the TODO at the top of bank.php to support showing the current user’s account information.

Hint: This lab can be completed with 7 new lines of code (this includes lines with only }), deleting two lines (includes a comment), and by modifying 2 lines. You can add and/or change more lines if necessary. This lab is designed to be straightforward; I am not trying to trick you.

Part II: Post-Virtual Instruction Survey

Please complete the following survey: https://cornell.qualtrics.com/jfe/form/SV_d54DJu4GEVN82ln

Note: This is not the same survey you filled out earlier in the semester. You must complete this survey to receive credit.

Submit

Follow the instructions at the beginning of this document to submit your assignment.

Contributors

The following individuals made contributions to this assignment:

• Kyle Harms