-
Technology
- Industry
-
Experience
- Testimonials
- "I would say that they are meeting/exceeding my expectations. They appear very capable and their high level of enthusiasm for the project is great."
- Senior QA manager
- FAQs
- What can RayooTech do for my outsourcing IT project?
- RayooTech has many years experience in software outsourcing and offshore, so we would offer professional programmers and the best outsourcing services for...
Secure web application for a book retail company
Project Overview
According to protect customers’ information such as bank details, addresses, password etc, a secure web application is required by our client, a book retail company. The completed project should include web application source code, a report with specification of user configuration, user interface introduction etc. It took a group of 3 software developers in 4 months to complete the whole project.
Functionality analysis
Based on client requirement, the project has been divided into 3 parts. The first part is website which will allow new users to create and manage their accounts. The second part is web search engine. It will allow users to search books which they are interested in. The last part is SSL model. It is an interface to general a pair of keys to encrypt data.
| 1. |
Web site flow |
|
| This part is the bases of the whole project. The website is an online B2C system. The site will allow users to input their information to create user accounts. Viewing and buying books online. And also the site has high security for its data. | ||
| 2. | Web search part flow | |
| Users can search the book which they are interested in. The system will show the search results if there are results matched. If not, then show the message which tells users that their search did not match any documents. | ||
| 3. | SSL Model flow | |
| SSL Model generates a pair of keys for asymmetric encryption by using 128 bits encryption. This technology is used to encrypt data, for example, credit card number or other bank details, home addresses etc. |
|
3-1. |
General keys | ||
|
|
SSL is used to encrypt online data. SSL contains public key and private key. The SSL model will allow users to create their own keys. The SSL model contains an interface. After users enter the data such as passphrase, countryName, stateOrProvinceName, localityName, organizationName, organizationalUnitName, commonName and emailAddress to generate public key and private key, the system will create a customized pair of keys. The item ‘passphrase’ is used to generate private key and decrypt data which is encrypted by using public key. |
||
| 3-2. | Reuse keys | ||
| Public key and private key will be created after users input their data. On the demo page, a string will be used to test how those keys work. The keys will be saved as different files. The private key will be stored in private.pem and the public key will be saved in publickey.pem. |
Technologies used in the program
| 1. |
PHP |
|
| The project was based on PHP programming language which is very popular. PHP provides programmers feel free to use object-oriented constructs in PHP 5. There are still some problems while programming although PHP is good for beginners. Some functions are different in various PHP editions. Such as DOM functions, in the project, at beginning the DOMXML page was written in PHP 5, but programmers changed it to PHP 4 because the XSLT processor is not installed on PHP 5. | ||
| 2. | JavaScript | |
| JavaScript is used to give feedback to customers. Because it runs on client side, the speed of feedback will be fast. It is often been used to implement client validation when there is a form submitted. JavaScript can implement client side validation, but it is not reliable because users can turn off JavaScript on browser. So server side validation is needed. The validation program was written in JavaScript on the registration page. When users submit form, before data processing, the validation program will be run on server side in order to protect database from SQL query attacks. | ||
| 3. | XML & XSLT | |
|
XSLT is used to transfer XML data to HTML webpage. XSLT is powerful to display XML data because in XML, encryption can be used and XSLT can write both HTML code and JavaScript code. However, it is difficult to write the XSLT which contains both HTML and JavaScript. It is not easy for beginners to debug the XML and XSLT. In the project XSLT is used to write the table in the body of the HTML page only. The rest part (guide line and foot bar) is written by PHP script. |
||
| 4. | MYSQL | |
| MYSQL is used to store user information such as the information to general keys, books’ details and customer orders, etc. |
Skype:unisoft-china
Submit request
Phone: +86 1062431711
Fax: +86 1062431800
E-mail: info@unisoftchina.com
- Outsourcing
