Anda di halaman 1dari 4

SYLLABUS

College of Computer Studies


Course Title: Web Application and Development1 Effectivity: Document Code: Revision No.:

Course Code: CSWD01 Credit Unit(s): 3

Prerequisite: Lecture Unit(s): 2 Lab Unit(s): 1

Issue No.:

Date Issued:

COURSE DESCRIPTION
This course deals with the software tools and environments for developing dynamic, secured and database-driven web applications using PHP and MySQL. Cross-Site Scripting (XSS) attacks, Cross-Site Request Forgery (CSRF/XSRF) attacks, SQL Injections, SSL Certificates, SSH and other security issues for a web application is also discussed in this course.

COURSE AIMS
At the end of the term, the student is expected to be familiar in internet technologies specially web application development using PHP and MySQL as the main tool. Specifically, the student should be able to: 1. Learn the platform-neutral fundamentals of dynamic and secured web application development. 2. Learn how to implement a web application using one specific set of open source server-side tools. 3. Efficiently continues to expand their web development knowledge on their own. 4. Have a level of web application security knowledge exceeding that of many web developers in industry.

COURSE REFERENCES
1. 2. 3. 4. 5. Active Class Participation: Actual and Virtual Assignments, Seat Works, Projects Quizzes: Oral and Written Machine Problems Laboratory Activity Major Examination

RESOURCE REQUIREMENTS

1. 2. 3. 4. 5.

HTML: A Beginner's Guide: Wendy Willard McGraw-Hill 2007 PHP & MySQL Web Development: Luke Welling & Thomson Sams Publishing 2003 XML: The complete reference by Heather: Williamson Osborne/McGraw-Hill 2001 Pro PHP Security:Chris Snyder, Thomas Myer and Michael Southwell Apress 2010 Core CSS: Cascading Style Sheets: y Keith Schengili-Roberts Pearson 2004 6. JavaScript: Creating Dynamic Web Pages Elizabeth Gandy and Simon Stobart Lexden Publishing 2005 7. Mastering PHPMYADMIN 3.1 for Effective MySQL Management: Marc Delisle Packt Publishing Ltd. 2009

This is a controlled document. Revision of this document should undergo the standard procedure. The original copy of this document is located at the office of the Academic Affairs Department (AAD). The user should secure the latest revision of this document from the AAD office.

Prepared by MARK CHRISTOPHER BLANCO

Reviewed by: DENNIS B. GONZALES

Approved by: ALMA V. DELA CRUZ, Ph.D.

SYLLABUS
College of Computer Studies
Course Title: Web Application and Development1 Effectivity: Document Code: Revision No.:

Course Code: CSWD01 Credit Unit(s): 3

Prerequisite: Lecture Unit(s): 2 Lab Unit(s): 1

Issue No.:

Date Issued:

Course Content PRELIMANARY PERIOD 1. Orientation 1.1. Setting of house rules 1.2. College Mission, Vision and Objectives 1.3. Course Requirements 1.4. Grading System 2. Introduction 2.1. What a web application? 2.2. Why are we using PHP and MySQL? 2.3. WAMP and Eclipse+PDT set up 2.4. First insecure and secure PHP Script 2.5. Vulnerability research and disclosure 3. PHP/HTML/CSS Overview 3.1. Introduction to PHP and HTML 3.2. Introduction to CSS 3.3. HTML Form 3.4. Handling form input with PHP 3.5. Risk/rewards of independent vulnerability research 3.6. Cross Site Scripting overview 4. Client Side Scripting Overview 4.1. What is JavaScript? 4.2. OOP in PHP 4.3. User authentication Prepared by MARK CHRISTOPHER BLANCO Reviewed by: DENNIS B. GONZALES

Intended Learning Outcomes To discuss the house rules To discuss the course description To familiarize the course requirement To discuss the grading system To introduce web application Understand the server-side scripting To apply the 3rd party software in PHP To develop a website that secure pages To introduce the PHP To apply CSS to the web To associate HTML to a script

# of Hrs 1

Strategies/Methods/ Procedures / Activities Class Participation and Class Discussion

Evaluation Tools / Measures

Lecture Class Discussion Laboratory Installation of WAMP Configuration of Web Server Lecture Computer Presentation Prelim Quiz 1 Laboratory Discussion of PHP Environment Machine Problem 1 Lecture Class Discussion Prelim Quiz 2 Laboratory

Graded Recitation Setup

Graded Recitation Graded Machine Problem

To understand the client-side scripting To define JavaScript To introduce Javascript

Graded Recitation Graded Prelim Quiz 2 Graded M.P. 2

Approved by: ALMA V. DELA CRUZ, Ph.D.

This is a controlled document. Revision of this document should undergo the standard procedure. The original copy of this document is located at the office of the Academic Affairs Department (AAD). The user should secure the latest revision of this document from the AAD office.

SYLLABUS
College of Computer Studies
Course Title: Web Application and Development1 Effectivity: 4.4. Sessions and session-scope data 4.5. Application-scope data 4.6. Cookies 4.7. Password Storage 4.8. JavaScript and XSS 4.9. Session Hijacking PRELIMINARY EXAMINATION MIDTERM PERIOD 5. Database Overview 5.1. What is Database and whats an RDBMS? 5.2. Introduction to SQL 5.3. Primary Keys in Database Table 5.4. SQL statements: Select and Insert 5.5. Introduction to PHPMyAdmin 5.6. Creating a DB in PHPMyAdmin 5.7. Accessing a database through PHP 5.8. Persistent XSS 5.9. SQL Injection 6. Advance Database 6.1. SQL Statements: Update and Delete 6.2. Using Database abstraction layer 6.3. Foreign Keys and Relating Databases Tables 6.4. XSS Filter Invasion 6.5. Cross Site Request Forgery 6.6. Extracting data from a database SQL injection FINAL PERIOD 7. AJAX Overview 7.1. Ajax Libraries Prepared by MARK CHRISTOPHER BLANCO Reviewed by: DENNIS B. GONZALES Document Code: Revision No.:

Course Code: CSWD01 Credit Unit(s): 3

Prerequisite: Lecture Unit(s): 2 Lab Unit(s): 1

Issue No.:

Date Issued:

To familiarize the OOP in PHP. To secure and protect your Web Pages

Machine Problem 2 Prelim Exam

Graded Lab Exam

To introduce SQL in the application server To design page using the 3rdparty software To integrate database to your website. To introduce SQL in the application server To design page using the 3rdparty software To apply the SQL update and delete To apply database privileges to the page

Lecture Class Discussion Computer Presentation Midterm Quiz 1 Laboratory Configuration of mySQL

Graded Midterm Quiz 1 Machine Problem 1

Lecture Classroom Presentation Midterm Quiz 2 Midterm Examination Laboratory Machine Problem 2 Lecture Final Quiz 1 Laboratory

Graded Graded Quiz 1 Graded Graded

Recitation Midterm Mid Exam MP #2

To introduce the different keys in SQL To apply the SMTP function in

Graded Recitation Graded Quiz Graded M.P

Approved by: ALMA V. DELA CRUZ, Ph.D.

This is a controlled document. Revision of this document should undergo the standard procedure. The original copy of this document is located at the office of the Academic Affairs Department (AAD). The user should secure the latest revision of this document from the AAD office.

SYLLABUS
College of Computer Studies
Course Title: Web Application and Development1 Effectivity: 7.2. Sending email from PHP 7.3. Email header injection 7.4. DOMbased XSS 7.5. Intranet attacks through XSS 8. File submission through HTML forms 8.1. Using PHP to store form uploaded files 8.2. Image Processing in PHP using GD 8.3. Dangers with file uploads 8.4. Browsing History theft through XSS 9. Understanding Frameworks 9.1. PHP Frameworks and libraries 9.1.1. PEAR 9.1.2. ZEND framework 9.1.3. CakePHP 9.2. Using random scripts off the Net 9.3. Trusting other peoples Code 10. Understanding Templating 10.1. Templating System: PHP Itself and Smarty 10.2. Accessing a site over SSL 10.3. E-Commerce and credit card processing 10.4. Introduction to XML 10.5. XML handling in PHP using SimpleXML 10.6. Protecting against automated bots 10.7. Storage of sensitive data FINAL EXAMINATION Document Code: PHP Revision No.:

Course Code: CSWD01 Credit Unit(s): 3

Prerequisite: Lecture Unit(s): 2 Lab Unit(s): 1

Issue No.:

Date Issued:

Machine Problem

To discuss the advance functions in PHP and some danger methodology in file uploading To discuss the advance features of PHP by choosing the best framework to develop PHP application

Lecture Computer Presentation Installation Laboratory Machine Problem Lecture Discussion Laboratory Case Study

Graded Recitation Graded MP

Graded Recitation

To understand the PHP templates To introduce XML in PHP script To develop PHP website that will handle database and publish it to the domain server

Lecture Discussion Quiz Laboratory Presentation of Case Study Oral Defense

Graded Discussion Graded Quiz Graded Oral Defense

This is a controlled document. Revision of this document should undergo the standard procedure. The original copy of this document is located at the office of the Academic Affairs Department (AAD). The user should secure the latest revision of this document from the AAD office.

Prepared by MARK CHRISTOPHER BLANCO

Reviewed by: DENNIS B. GONZALES

Approved by: ALMA V. DELA CRUZ, Ph.D.