Skip to content

PROJECT_PLAN.md

Latest commit

 

History

History
115 lines (89 loc) · 6.65 KB

PROJECT_PLAN.md

File metadata and controls

115 lines (89 loc) · 6.65 KB

Project Plan: checkresult PHP Application

1. Project Overview

Name: checkresult Purpose: A PHP-based software designed to allow students to check their academic results online. It is intended for use by schools and colleges. Current Status: Core refactoring complete. Includes a new installation script for easier setup, dynamic subject handling, and admin functionality for subject management. Developer: W3Techy (as per README.md)

2. Key Components

The application consists of several PHP scripts and supporting files:

  • install.php: New installation script. Guides the user through database configuration, site settings, and initial schema setup. Creates config.php, site_meta.php, and install.lock.
  • config-template.php: Template used by install.php to generate config.php.
  • config.php: Database connection configuration (MySQL). Generated by install.php.
  • site_meta.php: Stores site-specific metadata like Site Name and Description. Generated by install.php.
  • index.php: User login page. Handles authentication using exam_number and pin.
  • session.php: Manages user sessions.
  • header.php & footer.php: Common HTML header and footer. header.php now uses SITE_NAME and SITE_DESCRIPTION from site_meta.php.
  • result.php: Displays consolidated, dynamic results for the logged-in user.
  • style.css: CSS file for basic styling.
  • sql/ directory: Contains SQL dump files for database table creation:
    • user.sql, subjects.sql, results.sql.
  • admin/ directory: Contains administration-specific files.
    • admin/index.php: Admin dashboard.
    • admin/admin_header.php & admin/admin_footer.php: Common admin UI elements. admin_header.php also uses SITE_NAME.
    • admin/manage_subjects.php: Interface for admins to add and view subjects.
  • install.lock: Marker file created after successful installation to prevent re-running install.php.

3. Dependencies

  • PHP: Server-side scripting language (version supporting mysqli extension).
  • MySQL: Relational database management system.
  • Web Server: Capable of running PHP (e.g., Apache, Nginx) with write permissions to the application root during installation (for config.php, site_meta.php, install.lock).
  • Web Browser: For user and admin interaction.

4. Core Functionality

  1. Installation:
    • A web-based installer (install.php) guides first-time setup:
      • Collects database credentials and site metadata.
      • Creates config.php and site_meta.php.
      • Sets up the database schema (user, subjects, results tables).
      • Secures the installation by creating install.lock.
  2. User Authentication: (As before, using exam_number and pin).
  3. Result Display: (As before, dynamic results from results and subjects tables).
  4. Print Results: (As before).
  5. Admin Subject Management:
    • Basic admin area (admin/) allows viewing and adding new subjects to the subjects table via admin/manage_subjects.php. (Currently no admin authentication).

5. Data Structures (Database Tables)

  • user Table (sql/user.sql): exam_number (PK), pin.
  • subjects Table (sql/subjects.sql): subject_id (PK), subject_name (UNIQUE).
  • results Table (sql/results.sql): result_id (PK), exam_number (FK), subject_id (FK), score, grade, remarks.

6. User Interactions

  • First-time User/Admin: Runs install.php to set up the application.
  • Student User: (As before: login, view results, print).
  • Admin User: Navigates to admin/ to manage subjects (view, add).

7. Installation & Deployment

Installation (New)

  1. Deploy all project files to the web server.
  2. Ensure the web server has write permissions to the application's root directory.
  3. Navigate to install.php in a web browser.
  4. Follow on-screen instructions to provide database details and site settings.
  5. Upon successful installation, config.php, site_meta.php, and install.lock will be created.
  6. It's recommended to manually delete install.php after successful setup for enhanced security.

Standard Deployment (Post-Installation)

  • Copy files to server.
  • Ensure config.php and site_meta.php are present and correctly configured.
  • Ensure database is set up as per the schema in sql/ files.
  • (No install.php or install.lock needed if already installed and configured).

8. Testing Strategy

  • Installation Process: Requires thorough manual testing on a clean environment, including error conditions and successful setup. Verification of file creation (config.php, site_meta.php, install.lock) and database schema is critical.
  • Admin Functionality: Manual testing of subject management in the admin area.
  • User Functionality: (As before: login, result display).

9. Proposed Enhancements

I. Addressed/In Progress Features & Refactoring

  1. Correct Database Schema & Result Logic: (Addressed)
  2. Consistent User Identifier: (Addressed)
  3. Dynamic Subject Handling: (Addressed)
  4. Basic Admin - Subject Management: (Partially Addressed) - Viewing and Adding subjects implemented. Lacks Edit/Delete and authentication.
  5. User-Friendly Installation: (Addressed) - New install.php script.

II. Remaining/Future Enhancements

  1. Admin Authentication: Secure the /admin directory and its functionalities with a login system.
  2. Full Admin CRUD for Subjects: Add Edit and Delete functionality for subjects in admin/manage_subjects.php.
  3. Admin Management for Users & Results: Create interfaces for admins to manage student users (add, edit PINs) and their results.
  4. Robust Input Validation & Sanitization: Comprehensive review and implementation across all user inputs.
  5. Improved Error Handling: Centralized and user-friendly error display; server-side logging.
  6. Secure config.php (Post-Install): While install.php creates it, advise on moving it outside webroot if possible.
  7. UI/UX Modernization: For both public and admin interfaces.
  8. PIN/Password Security: Hash PINs in the database (password_hash(), password_verify()). Implement "Forgot PIN".
  9. User Profile Information: Display student's name, etc.
  10. Explicit Logout Functionality.

III. Development & Maintenance Improvements

  1. Automated Testing: Unit tests, integration tests.
  2. Version Control: Consistent Git practices.
  3. Templating Engine (Optional).

This plan reflects the addition of the installer and the current state of the application.