- Site created by A. Star Student as a class project for MIS
314 at Western Washington University.
- All product information is dynamically generated using PHP and mySQL.
- Product, customer and order information is stored in a mySQL database.
- Include files are used for all code that is used more
than once (i.e. search/browse menu, ListAuthor function,
header and footer).
- mySQL Database
- Normalized to 3rd normal form (or greater). Tables include:
- book details
- book categories
- relationship details-books (many-to-many)
- relationship authors-books (many-to-many)
- order items (one-to-many)
- Home page
- Selects three random items from from the
database using a SQL statement.
- Generates the browse menu dynamically from the database using a SQL query that shows
only the book categories that currently contain books.
- Truncates book descriptions at 250 characters.
- Search page
- Cleans user entered data to protect against SQL Injection attacks and cross-site scripting.
- Searches book title, description, author and
category fields in the database.
- The mysql_num_rows() function is used
to count the number of books found by the search.
- Responds gracefully to searches that return no matches.
- Shopping cart page
- Uses a cookie to store the ISBNs of items in the
- Checkout pages
- Searches the database for email addresses of existing
customer accounts and writes their shipping information in
the form on the order confirmation page.
- Customer ID is encrypted using Rijndael encryption algorithm
- Order Confirmation Page
- Checks for shopping cart and prompts user if cart is
- All fields are checked to make sure that they contain
- Checks email address in database and prompts user to try
again user if address not found.
- Modifications made to customer information are updated in
- Order information are written to the database.
- An email is sent to the customer with the order
- The shopping cart is emptied by setting ItemCount to zero in the ShoppingCart cookie.
- Order History Page
- Searches the database for all orders associated with
- If no matching email address is found user is prompted to
- The sample site does not have any enhancements. See
XML Music for enhancement examples.
- Thanks to Amazon.com for the use of its
icons, book images and book descriptions.