Question

In: Computer Science

A developer was tasked to building a login / authentication system for a website. He creates...

A developer was tasked to building a login / authentication system for a website. He creates a table,
USER that has the user-name, and password stored in a database table. He then creates a web-page
that prompts the user to enter in his user-id and password. On the server side, the developer takes the
two pieces of information (user-id and password) and invokes the following query:
Select * from USER where user =’$username’ and password=’$password’
You are tasked on performing a peer review on this development. What two pieces of feedback would
you give him, and how would you recommend addressing them?

Solutions

Expert Solution

The task is to develop a login/authentication for a website
data table used is USER
the usernames and passwords are stored in the table
here after the details are stored in the database
if the user enter the information in the login page
It's better to fetch the details based on the username and then check for the password
it can be done using the query SELECT * FROM USER WHERE username = "$username"
so if the query is executed the details of the particular user will be fetched from the database like
{username:"username", password:"password"}
now the password has to be checked from this fetched dictionary so that there will be an idea whether the details really exist in database or not
consider the first case:(both are fetched)
while checking the details suppose the password is incorrect then it cannot be identified like whether the "password is incorrect and the username is exist" or "the details with that username doesn't exist in the database"

consider the second case:(only username is fetched)
while checking first if the user name doesn't exist in the database a message can be displayed like "user doesn't exist" but if the password is incorrect then a message can be displayed like "password is incorrect". It cannot be done in the first case

If you have any doubts please comment and please don't dislike.


Related Solutions

C++ : Write a program that creates a login name for a user, given the user's...
C++ : Write a program that creates a login name for a user, given the user's first name, last name, and a four-digit integer as input. Output the login name, which is made up of the first five letters of the last name, followed by the first letter of the first name, and then the last two digits of the number (use the % operator). If the last name has less than five letters, then use all letters of the...
Question 3 As a website developer, you have been contracted to design a website for a...
Question 3 As a website developer, you have been contracted to design a website for a retail shop. Discuss the necessary steps that you would take: a. Before b. During c. After Site development.
You and your team are tasked with analyzing the AHQA, by reviewing their website at www.ahqa.org,...
You and your team are tasked with analyzing the AHQA, by reviewing their website at www.ahqa.org, paying special attention to the benefits of becoming a Quality Improvement Organization member (QIO). After reviewing the AHQA, discuss with your team the best practices and skills needed to ensure you can properly communicate these new guidelines of quality improvement to your staff. You must consider the importance of mentoring, providing feedback and listening to as well as incorporating staff input into your new...
7. (a) Do you think application-level authentication is superior to operating system authentication? Explain. (b) Discuss...
7. (a) Do you think application-level authentication is superior to operating system authentication? Explain. (b) Discuss how a SQL injection attack works. (c) Differentiate between in-band and out-of-band SQL injection attacks.
A developer is going to build a new commercial building in Kowloon Tong. The features of...
A developer is going to build a new commercial building in Kowloon Tong. The features of the building are described as follows: Number of storey: 25 floors Floor areas: approx. 600m2 (each floor) Core areas: approx. 100m2 (each floor) G/F to 2/F: Restaurant premises (40% of the UFA); Retail establishments (60% of the UFA) 3/F to 25/F: Office premises Note: UFA denotes Usable Floor Area i ) Calculate the total cooling load for a given building. This part fulfills the...
Suppose you work in an organization that creates web pages for clients. You have been tasked...
Suppose you work in an organization that creates web pages for clients. You have been tasked with creating a KM program to make the process more efficient. Describe, in detail, how you would measure its effectiveness. Be sure to include examples to support your response.
Are the answers to Green Building Systems and Green Construction on this website
Are the answers to Green Building Systems and Green Construction on this website
At a university, each student is assigned a system login name, which the student uses to...
At a university, each student is assigned a system login name, which the student uses to log into the campus computer system. Write the code that generates system login names for students. You will use the following algorithm to generate a login name: Get the first three characters of the student’s first name. (If the first name is less than three characters in length, use the entire first name.) Get the first three characters of the student’s last name. (If...
A market analyst wants to know if the new website (Website A) he designed is showing...
A market analyst wants to know if the new website (Website A) he designed is showing increased page view per visit than his original website (Website B). A customer is randomly sent to one of the two different websites, offering the same products. Here are the summary statistics for the page views for each website. Website 1 Wesite 2 12 8 4 12 14 3 10 4 2 5 a. State/check the conditions for the appropriate hypothesis test. Be sure...
In 2020 Coco Corporation signed a contract to construct a major office building for a developer.  The...
In 2020 Coco Corporation signed a contract to construct a major office building for a developer.  The construction is expected to take 3 years.  The contract price is $50 million.  The actual costs incurred each year, the estimated costs of completing the project as of the end of each year, the progress billings for each year, and the collections of those billings each year are presented in the chart below. 2020 2021 2022 Actual costs incurred during each individual year $10,000,000 15,000,000 12,500,000...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT