ICTWEB501 Building a Dynamic Website: Assessment 1 Answer
Hypertext Transfer Protocol
HTTP is protocol used at application level for collaborative, and distributed systems (Denium and Rubio, 2016). This protocol is foundation for the WWW World Wide Web for data communication since the year 1990. HTTP can be used for many purposes that follows general and stateless protocol . It can also be used for request methods and error codes
GET HTTP verb retrieves data from a web server. The request may contain parameter specified in the URL. To retrieve any document usually this method is used. The below request response shows a GET request response (Richardson and Ruby, 2017).
There is a similarity between HEAD method and GET method in comparison to their functionality, but in this case the server replies with response code and response headers, but we do not get anybody (Deinum and Rubio, 2016).
The usage of POST query comes with the aim of providing some data to the server such as form data to update or enter data or to upload file. In post query the data is sent to the sever with parameters containing their respective value. It can be in JSON format also.
The PUT HTTP verb proves to be beneficial when the aim is to request the server for storage of included data in entity-body form to location specified by the URL.
To establish network connection between the server and the client over HTTP CONNECT HTTP method is used.
The usage of OPTIONS method is to list out all the methods that are allowed on particular endpoint or a page. If a page is allowing only GET and POST method it would say that only these methods are allowed (Richardson and Ruby, 2017).
TRACE method is used for debugging purposes. It will echo the contents of HTTP request is sent back to the requester.
Stateless programming is a procedure in which the functions, methods, procedures etc we implement are not dependent and sensitive to the state of the computing. So when we call function twice same result is obtained.
Session management is the process of maintaining multiple requests from the same user or entity. A session starts by authenticating a user with his credentials.
These are unique token or value assigned when users sessions starts. When the user log into he gets a unique token which is unique and strongly framed and hashed.
These are unique entity assigned to user when he logs with his true credentials. These are responsible for riding the session.
When the user wants to go out from his access control his session id should get expired.
Flow of Control:
Control flow in any program is implemented through three basic structure Sequential, Selection and Repetition
Useful keywords used in Control Structure-
pseudocode - it is the false code of structure
flowchart - graphical representation to formulate an program's flow
True and False
- Repetition and Selection statements involve following decision steps.
- Mostly functions has yes/no situation.
- If an expression gives 0 on evaluation, then its value is false
- If an expression gives non-zero value on evaluation its value is true
The arithmetic comparison works much likely the symbols we use in mathematics calculation. Either the value is true or a false.
a == b if a is equal to b
a != b if a is not equal to b
a < b if a is less than b
a <= b if a is less than or equal to b
a > b if a is greater than b
a >= b if a is greater than or equal to b
If-else Selection Statement
This is the most common selection statement is the if-else statement. syntax:
- The else is an optional, the proper syntax for it would be
- A switch statement is more convenient whenever there is multiple options.
- syntax :
The Conditional Operator
Conditional operator are used for shot expression.
first_expression ? correct_expression :wrong_expression
- first_expression evaluates for correct/wrong value. Much like the first expression of an if-statement
- If the first expression is correct, then operator will returns the correct_expression
- If the first expression is false, then operator will returns the wrong_expression
(x > y ? "x greater than y" : "x less than or equal to y");
if (x > y)
“x greater than y";
"x less than or equal to y";
Object-oriented programming is programming that defines not only the data type of data structure but also different type of functions that can be applied to the data structure also.
Different properties of OOP’s are:
Abstraction: It allows us to pick out the common features of objects and the procedure.
Class: The class defines all element that share common properties.
Encapsulation: The process of combining series of operation.
Information hiding: Hiding the details of an object or function.
Inheritance: The process of inheriting the properties of a class.
Interface: platform used to communicate
Object: an instance of class that consists of data and procedures to change the data.
Polymorphism: The ability to process objects according to their data type or class.
Classes and Objects
A blueprint of an object is called class. Before creating object you need to implement class. So, A class named ‘Car’ would provide a blueprint for what a car looks like and what is the mileage of the car. To actually use a ‘car’ in your program, we need to create an object. We can use the car class to create an object of the type 'person.Then we can describe this person.
Authentication is a way of determining whether is who he pretends to be. By Authentication we provide access to a person to a systems by checking to know whether user's credentials matches the credentials in the database and then after he authorized to access his control (Stefanov, 2015).
Authentication as cyber security point of view
It is important to have authentication in an organization in order to keep the network secure by allowing only authenticated user to enter to access the critical assents of the organization likes sensitive file, databases or in website.
A website need to be protected with some authentication over the sensitive parts so that the authentic user can access the website. This is very reason we have login portal in website. Every genuine user with their credentials could access their page on the website (Drozdek, 2015) .
With authentication authorisation has also some existence but they are par different from each other. Authorisation means some action which requires your authority other are not allowed to do that part. For example the user has only authority to change his profile picture. Authorisation is the privilege which a user enjoys. Whereas by authentication we mean to say that with only true credentials or recognition the user would be allowed to the protected areas.
The web was always vulnerable to attack from the hacker, if proper steps are not taken to secure like strong encryption and safe network not used. The are many attacks like SQL injection, XSS, IDOR and parameter tampering that is very dangerous for an Website or Mobile app.