In completing this assignment you MAY use/access the following resources:
You may NOT use/access:
- Resources not expressly listed above, including, but not limited to,
the following ...
- Source code not provided as part of this assignment. (Obviously, this
includes, but is not limited to, source code written by other students
whether current or in the past).
- Code-generating tools (of which ChatGPT is one example).
- Any web sites not directly linked to from the homework assignment.
Failure to abide by these guidelines will result in a zero for the assignment
and the incident will be reported to the university provost as a violation of
the university academic integrity policy. A second incident of academic
dishonesty (whether from this course or another computer science course) will
result in an F in the course.
For this assignment you will continuing modifying your NodeJS book seller's
application so that it performs database actions by connecting to the REST
API you created in homework 11. So, the completed assignment will have a
functioning application whose front-end is provided via NodeJS and whose
backend is provided by a Laravel-based REST API.
The functionality of the application will be as follows:
- All interaction with the database will be through the API you
created in homework 11.
- You DO NOT need to provide a register/signup page.
- You DO NOT need to provide Ajax behavior.
- You DO NOT need to provide a Change Book button.
- You DO NOT need to provide CSRF protection.
- You should have the following pages working fully as in
previous assignments: home page, detail page (with delete button
and action) add book page, an error page that displays an appropriate
message given a query string parameter.
- You do need to provide protections against XSS and SQL injection.
Do your work in a directory called hw14 in the repository you shared
with the instructor in the previous assignment.
Some additional requirements:
- If a form fails validation it should be repopulated with the most
recent values.
- Permissions and behaviors of pages should match previous assignments.
RECAP: Any user (even if not logged in) can view the home page. If a
user is logged in then the books on the home page are clickable and
lead to the detail page. If the user is the owner/creator of the book
entry then they will be given a Delete button on the detail page. Only
owners can delete a book (whether or not they come from the detail
page). Only logged in users can add a book.
- All forms should be validated as in previous assignments with
helpful error messages when a form fails validation. Also, forms
should be repopulated with previous values upon failed validation.
- Buttons/links should adjust dynamically/appropriately based on the
status of the current user.
Make sure that your assignment has been pushed to the bitbucket repository you
shared with the instructor in the previous assignment.