Netscapes: Creation and Coding

Now we are moving into the development stage of our project, I have started setting up the server-side technologies we are planning to use. Here is an overview of the resources we plan on using plus an update of  my work so far.

Resources we are using

Here are the hardware and software resources we are using for our project:

  • MongoDB – in conjuction with PDO/PHP – for database operations
  • P5.js (with HTML/CSS/js .etc) – for visualizations
  • GitHub – for easy collaboration and version control
  • My server/website – for hosting .etc
  • Raspberry Pi & Touch input – for user input
  • Projector & Projection mapping software – such as surface mapper GUI

Setting up the Server/Database

I installed MongoDB to my server ready for us to use.I designed how it would work in relation to the data we will store and how we will store it. The database and other parts of the project will be hosted here.

Database Design


Sketch of Database connection flow in relation to Raspberry Pi and IVT visualization

A flowchart I created to outline how our project will operate in relation to the server/Database.

Functional & Non-functional requirements:


  • Input of user data from input page/app
  • Storage and retrieval of data for use in visualization


  • Security of database – PDO (PHP data objects) is used as it uses prepared statements, which makes it more secure against injection attacks. (, 2017)
  • Security of server – a separate username and password are used for database access only, hidden from viewing by site visitors.

Sample Content of Database

Below is an outline of how our database will work, where “options” relates to the sliders within the app.

db structure

MongoDB Document structure, created by Chris (

Primary Key Name Option 1 Option 2 Option 3 Option 4
1 John Doe 1 6 5 3
2 Jane Doe 8 9 6 7
3 Jill Doe 4 2 8 4


After designing I created a database with necessary tables ready to store the data once the app becomes live.

Since MongoDB works with PDO, I chose to use this for our project as I have experience working with it in the past. This is beneficial for added security against injection attacks and flexibility in case of moving to another database. (, 2017)


We are using GitHub for easy collaboration and version control. Since a lot of my work is on the server side, not much will be seen on GitHub other than adding my contributions (such as server connections) to my other group member’s code.

My GitHub can be found here:


My GitHub: 
My Website:

Sources (2017). In PHP, how does PDO protect from SQL injections? How do prepared statements work?. [online] Available at: [Accessed 3 Dec. 2017].

Web Development: Building a Job website

I was tasked with creating the back-end for a typical job recruitment website, that caters to the needs of both recruiters & job seekers. Since I didn’t have to create the front end designs, I kept the UI work minimal, only building simple frameworks for tables.


I started by planning out how my website would work, by creating multiple design documents such as flowcharts of system operations, Use-case & Entity-Relationship diagrams. I looked carefully at how different types of users would expect the platform to behave and how to best cater to that, whilst maximising efficiency and security. I also considered the operation of the system, in terms of not allowing users who are not logged in to post applications .etc

Building & Operation (in brief) 

I created my job recruitment website using a mix of PHP, MySQL, Javascript, HTML & CSS. Below is a brief look at some of the functionalities of the website:

Firstly, users can create a login with a name, email and password. This is checked against the database, and if an account doesn’t already exist, it is then stored within the database.

Then users can login, opening a session that will last either until the browser is closed or the logout button is pressed. When a session is started, a user can upload a job listing or application (provided there are jobs already posted) and this will be linked to their account using the current session data. Sessions also work when it comes to applying for a job – once a user has selected a job from the job search, the primary key of that job is temporarily stored, meaning that the application is automatically linked to that listing for ease of viewing by a recruiter.


Files such as CV uploads are typically too large to be stored in a database – instead, I programmed it so that the location of the file is saved in the SQL database, allowing a recruiter to simply hit a download button to view it later.

Some information, such as which users posted which jobs or applications, is cross-referenced between tables. In these cases, primary keys are also used (for example to link applications to the appropriate job listings).


When it comes to website security, there is a lot more to consider than just passwords. When building a website of this nature, there is often extra risks, such as stored user information & file uploads.

I used PDO (Php Data Objects) instead of MySQLi, as it uses prepared statements; making it more secure against SQL injection attacks. Unlike mySQLi, which only works on SQL databases, PDO works on many, meaning that switching to another database later on requires minimal effort.

File uploads, in this case CV uploads, create potential for attacks. This can be combated by conducting multiple checks before a file is allowed to be uploaded to the server. This includes file size limits & checking for file types. Since this is still not perfectly secure, extra steps can be taken, such as renaming a file and using a new extension — ensuring that uploaded files are non-executable.

All user data is stored hashed, so in the event of a data breach, user information is kept safe and secure. A separate username & password is used for database operations only (as opposed to full root access), which is hidden from viewing by site visitors.