1. Concept
21-22
1. What is electronic commerce and internet commerce? (6 marks)
sol:
Electronic commerce (EC):Electronic enabled commercial transactions between and among organizations and individuals
Internet Commerce / Web Commerce(网络商务):The process of buying, selling, or exchanging products, services, or information via Internet
(L5)
2. Describe 3 types of e-commerce based on the transaction directions or unique features. (6
marks)
Business-to-Consumer (B2C)
Transactions occur between businesses and individual consumers.
Unique feature: Focuses on user-friendly interfaces, quick payment options, and efficient delivery to individual customers.
Examples include online retail stores like Amazon or Alibaba where companies sell products or services directly to consumers.
Business-to-Business (B2B)
Transactions take place between businesses.
Unique feature: Usually involves larger transaction volumes, longer sales cycles, and customized pricing or contracts.
Examples include manufacturers selling to wholesalers or wholesalers selling to retailers via online platforms.
Consumer-to-Consumer (C2C)
Transactions occur directly between consumers, often facilitated by a third-party platform.
Unique feature: Emphasizes peer-to-peer interaction and often relies on reputation systems to build trust.
Examples include platforms like eBay or Taobao where individuals sell goods or services to each other.
(L5)
3. Discuss the statement that “Take the screenshots of web pages by the client with his/her own PC is an effective way to preserve the web evidences”. Do you agree/disagree with this statement?(6 marks)
Taking screenshots is better than nothing, but not legally reliable as standalone evidence. For proper digital evidence, it must be collected through authorized or forensic means to ensure authenticity, integrity, and admissibility in court.
(Lec11)
4. Discuss the statement that “Three-tier architecture proposed by Microsoft is a MVC model”. Do you agree/disagree with this statement? (6 marks)
Disagree, the Three-tier architecture is a more macro-level system design that divides the entire application into distinct layers—Presentation Layer, Business Logic Layer, and Data Access Layer—emphasizing modularity, separation of concerns, and often supporting distributed deployment.(没有独立的controller)
On the other hand, MVC (Model-View-Controller) is an architectural pattern that helps split applications into logical units—Model, View, and Controller—mainly addressing how to organize the user interface and handle user interactions.
(L7)
5. Discuss the statement that “Once the front-end and back-end of a website split, back-end still have views of MVC”. Do you agree/disagree with this statement? (6 marks)
Yes, I agree. Even when the front-end and back-end are split, the back-end still retains "views" in the MVC sense, though they may not be HTML views anymore. They are replaced by data views (e.g., JSON responses) tailored to what the front-end requests.
(L7)
6. Discuss the statement that “Asymmetric encryption is more secure to against brute-force attacks than symmetric one”. Do you agree/disagree with this statement? (6 marks)
Disagree – Symmetric encryption is more secure against brute-force attacks per bit of key length, and asymmetric encryption compensates with longer keys, not greater resistance.
7. Explain what is PV, UV, DAU and MAU and explain which are for PC webs and which are for mobile APPs. (4 marks)
they are Traffic Metrics
For pc web
• User
• Session
• PV (page view)
• UV (unique Visitor)
For mobile app
• DAU: daily active user
• WAU: weekly active user
• MAU: monthly active user
22-23
1. What are three flows in commerce and which of them could be fully electronic? (6 marks)
物流(Material Flow)信息流(Information Flow)资金流(Financial Flow)
Information flow and financial flow can be fully electronic.
Material flow can only be fully electronic when it involves virtual goods (e.g., digital products, online credits).
2. Do you agree/disagree with this statement - “The rapid development of internet e-commerce has led to the fact that EDI (Electronic Data Interchange) is no longer used”? Give your reasons. (6 marks)
I disagree with the statement.
Reasons:
-
EDI is still widely used in B2B industries like manufacturing and logistics.
-
It offers high efficiency and low error rates for large data exchanges.
(Lec 5 )
3. Do you agree/disagree with this statement - “LVS has strong load capacity than Nginx for load balance”? Give your reasons. (6 marks)
Agree. LVS (Linux Virtual Server) works at the transport layer (Layer 4), offering higher performance and better load capacity than Nginx, which works at the application layer (Layer 7). LVS handles large-scale traffic more efficiently with lower system overhead.
4. Do you agree/disagree with this statement - “Once the front-end and back-end of a MVC style website split, the html web page in front-end is still the view of back-end”? Give your reasons. (6 marks)
no, back-end still retains "views" in the MVC sense, and they may not be HTML views anymore. They are replaced by data views (e.g., JSON responses) tailored to what the front-end requests.
5. Do you agree/disagree with this statement - “Using only the D-H asymmetric algorithm can safely generate a shared secret key between Alice and Bob”? Give your reasons. (6 marks)
Disagree. D-H alone lacks authentication, so it's vulnerable to man-in-the-middle attacks. It needs extra mechanisms to be truly secure. So it needs to combine with authentication methods, such as digital signatures or certificates.
6. Do you agree/disagree with this statement – “Screenshots of web pages stored in a block-chain must be real”? Give your reasons. (6 marks)
I disagree. Blockchain ensures data isn’t changed after storage but doesn’t guarantee the screenshots are real when uploaded. Edited or fake screenshots can be stored, as there’s no automatic authenticity check.
(L11)
7. Explain 3 steps of the SE and what is SEO. (4 marks)
(L6)
3 steps of SE: Crawling – The search engine uses bots (called spiders) to discover and scan webpages across the internet.
Indexing – After crawling, the pages are analyzed and stored in a huge database (index) for quick retrieval.
Ranking – When a user enters a query, the search engine sorts and displays results based on relevance and quality using algorithms.
SEO:marketing strategy that focuses on driving traffic to your site organically
23-24
1. Do you agree or disagree with this statement - "Test plan to be written after development is completed."? Give your reasons. (6 marks)
Disagree. Test plans should be written before development ends, even starting in the design stage. This helps:
Catch issues early
Save time
Align with project goals
Support continuous testing (Agile/DevOps)
Writing it after development delays quality and increases risk.
2. Do you agree/disagree with this statement - “Offline transactions using credit card payments belong to e-commerce”? Give your reasons. (6 marks)
I disagree with the statement because e-commerce refers to internet-enabled commercial transactions. While credit card payments are electronic, offline transactions in physical stores do not involve the internet or web-based systems. Therefore, they do not meet the definition of e-commerce, which requires the buying, selling, or exchanging of goods and services via the internet.
3. Do you agree/disagree with this statement - “The web MVC (Model View Controller) solution can avoid using routers”? Give your reasons. (6 marks)
I disagree with the statement.
The MVC (Model-View-Controller) pattern separates data (Model), user interface (View), and control logic (Controller), but it does not eliminate the need for routers. In web applications, routers are essential for handling URL requests and directing them to the correct controller actions. Without routing, the application wouldn’t know which part of the code to execute for a given web request. So, even in an MVC framework, routers are necessary to connect user requests to the appropriate controller.
4. Do you agree/disagree with this statement - “LVS cannot be used together with Nginx for load balance”? Give your reasons. (6 marks)
Disagree. LVS and Nginx can be used together. LVS handles Layer 4 load balancing for high performance, while Nginx provides Layer 7 features like caching and SSL termination. Combining them offers both efficiency and flexibility.
5. Do you agree/disagree with this statement - “HTTPS uses asymmetric algorithm for all data encryption”? Give your reasons. (6 marks)
disagree,HTTPs Using asymmetric algorithm to generate a safe session key
and the Session is encrypted by the symmetric algorithm.
6. Do you agree/disagree with this statement – “Notarization can prove the authenticity of emails”?Give your reasons. (6 marks)
I agree with the statement. disagree, 不能完全证明,只能增加credibility
Notarization can prove email authenticity because the process is monitored, uses official systems, and reduces uncertainty. Notarial officers act as legal witnesses, and their reports are trusted by law, making the preserved email strong legal evidence.
7. Explain paid listings and organic listings. (4 marks)
paid listings are listings that search engines sell to advertisers, usually through paid placement or paid inclusion programs. In contrast, organic listings are not sold.
2. RSA Cryptography Application
好多门课的内容都是重合的Ψ( ̄∀ ̄)Ψ 计网小学了一下,算法又学了一下
ics,爽
21-22
Both Alice and Bob have asymmetric keys as: Alice - Pubic key (29, 91), Private key (5, 91);
Bob - Pubic key (173, 323), Private key (5, 323). They have exchanged their public key and keep their private key safely. Use them to solve the following questions:
1. Alice send an encrypted message “112” to Bob. Please specify which key should be used for decryption and decrypt the message. (8 marks)
2. Bob received a file from Alice and the digital signature is 6. Bob calculated the HASH of file is 77. Please specify in which way that Bob can verify the file is original or not and do the verification. (12 marks)
22-23
1. Alice and Bob want to generate a secret key by Diffie–Hellman algorithm. They agreed to use 101 as a prime number and 11 as its generator. Alice chosen a private key and deduced the pubic key: 37. Bob chosen 6 as his private key. Please deduce the public key of Bob and deduce the session key. (8 marks)
2. Alice and Both need to ensure that the pub key of D-H algorithm come from each other. They decide to use RSA asymmetric keys for verification. The RSA keys are:
Alice - Pubic key (31, 91), Private key (7, 91);
Bob - Pubic key (103, 143), Private key (7, 143).
Their public keys have been safely exchanged and private keys are safely stored.
Please specify the process how to verify the pub key of D-H algorithm from each other and use Alice’s pub key in question III.1 as a sample to do the calculation and verification. (12 marks)
23-24
Alice and Bob want to have a secret communication. They choose to use RSA + DH algorithms for session key generation.
D-H: prime number - 107, generator - 13
RSA key pairs for Alice are: public - (11, 119), private - (35, 119)
RSA key pairs for Bob are: public – (7, 95), private – (31, 95)
1. Bob choose 9 as the private key for D-H algorithm, please deduce the D-H public key of Bob and encrypt it by Alice’s RSA key. (10 marks)
2. Bob received the RSA encrypted D-H public key from Alice – 91, please deduce the session key. (10 marks)
3. Code
21-22
You should see the following snapshot in your lab practice.
Appendix contains the related code (it can work properly). Read them carefully and answer the following questions:
1. Please specify the host’s IP address of this web server. (4 marks)
192.168.2.162
2. If the XAMPP is installed at “H:\xampp” and this web was published under folder “htdocs”, please specify the full path of “index.php” and “view.php”. (6 marks)
H:\xampp\htdocs\index.php
H:\xampp\htdocs\view.php
3. Please describe in detail where the get parameters in the HTTP link:
“?product=view&cat_id=1” have been used and for what purposes. (10 marks)
In the URL ?product=view&cat_id=1, product and cat_id are two GET parameters. Their typical purposes are as follows:
-
product=view: Indicates that the current request is to view a specific product page. In the code,$_GET['product']is used to determine whether to loadview.phpor to call a function that handles the view logic. -
cat_id=1: Specifies that the product to be viewed belongs to the category with ID = 1. This parameter might be used inview.phpto query the database for products under that category.
Overall, these parameters are used to control what content is displayed on the webpage — they trigger the product viewing page and filter the products based on the given category ID (1).
4. Write the minimum columns of the data structure of the two tables “product” and
“product_category”, which you can deduct from the code. Describe the foreign key relationship if any. (10 marks)
不考便不写
5. Please draw a sketch in the area “Table zone” of the webpage generated by the code. You HAVE to show the major visual components and their relative positions rather than a screenshot. You can assume a number of products in the database already. (10 marks)
index.php
view.php
22-23
You should see the similar snapshot in your lab practice like Fig. II.1:
Appendix contains the related code (it can work properly). Read them carefully and answer the following questions:
1. Please specify the host’s IP address and the port number of Apache server. (6 marks)
IP: 192.168.3.107
port: 8302
2. If the XAMPP is installed at “F:\xampp” and this web was published under folder “htdocs”, please specify the full path of “index.php”. (4 marks)
F:\xampp\htdocs\can302\index.php
3. Please describe in detail where the get parameters in the HTTP link: “category=4” have been used and for what purposes. (12 marks)
In the link ?category=4, category is a GET parameter used to filter products by category ID.
-
The value
4is retrieved usingmyget('category'). -
It is passed to the function
myproduct($con, $category_id). -
This function runs a SQL query to fetch products where
category_id = 4. -
The results are displayed on the webpage using
outputproduct(). -
If subcategories exist, it recursively loads their products too.
Purpose:
To show only products under category ID 4, allowing dynamic content filtering and improving user navigation.
4. Write the minimum columns of the data structure of the two tables “spu” and
“product_category”, which you can deduct from the code. Describe the foreign key relationship if any. (12 marks)
product_category
| 字段名 | 说明 |
|---|---|
id | 主键,分类唯一标识 |
name | 分类名称,用于展示 |
parent_id | 外键,指向父分类的 id |
priority | 排序字段,用于调整显示顺序 |
外键
$sql = "SELECT COUNT(*) FROM product_category WHERE parent_id = " . $parent_id;
$sql = "SELECT * FROM product_category WHERE parent_id = " . $parent_id . " ORDER BY priority";
spu
| 字段名 | 说明 |
|---|---|
id | 主键,商品唯一标识 |
name | 商品名称 |
description | 商品描述 |
category_id | 外键,指向 product_category 表的 id |
外键
$sql = "SELECT * FROM spu WHERE category_id = " . $category_id;
5. Please draw a sketch in the area “Product zone” of the webpage generated by the code when the “consumer electronics” category was chosen. You HAVE to show the major visual components and their relative positions. You can assume a number of products in the database for all categories already. (6 marks)
结构
<div class="col-lg-3 col-md-4 col-sm-6">
<p>[商品名称]</p>
<img src="img/demo.jpg" width="200" height="150" οnclick="window.open('product.php?spu=[商品ID]')">
<p>[商品描述]</p>
</div>
-----------------------------------------------------------------------------------
| Name: Phone A | Name: Camera B | Name: Tablet C | ...
| [Image: demo.jpg] | [Image: demo.jpg] | [Image: demo.jpg] | ...
| Description: ... | Description: ... | Description: ... | ...
-----------------------------------------------------------------------------------
function.php
<?php
// open database by PDO
$dbms='sqlite'; // DBMS type
$host=''; // Host name
$dbName='mysqlitedb.db'; // database name
$user=''; // database user
$pass=''; // database password
$dsn="$dbms:$dbName";
try {
$con = new PDO($dsn, $user, $pass);
} catch (PDOException $e) {
die ("Error!: " . $e->getMessage() . "<br/>");
}
// a safe method to receive get data
function myget($str){
$val = !empty($_GET[$str]) ? $_GET[$str] : '';
return $val;
}
// a safe method to receive post data
function mypost($str){
$val = !empty($_POST[$str]) ? $_POST[$str] : '';
return $val;
}
// 递归输出分类菜单
function mycategory($db_con, $parent_id){
$sql = "SELECT COUNT(*) FROM product_category WHERE parent_id = " . $parent_id;
$query = $db_con->query($sql);
if($query->fetchColumn() > 0){
echo "<ul class=\"list-unstyled components\">";
$sql = "SELECT * FROM product_category WHERE parent_id = " . $parent_id . " ORDER BY priority";
$query = $db_con->query($sql);
foreach($query as $row){
echo '<li>';
echo '<a href="?category=' . $row["id"] . '">' . $row["name"] . '</a>';
mycategory($db_con, $row["id"]);
echo '</li>';
}
echo "</ul>";
}
}
// 输出商品展示卡片
function outputproduct($query){
foreach($query as $row){
echo '<div class="col-lg-3 col-md-4 col-sm-6">'; // 大的12/3 = 4个,中等12/4 = 3...
echo '<p>' . $row["name"] . '</p>';
echo '<img src="img/demo.jpg" width="200" height="150" onclick="window.open(\'product.php?spu=' . $row["id"] . '\')"/>';
echo '<p>' . $row["description"] . '</p>';
echo '</div>';
}
}
// 根据分类 ID 显示商品或子分类商品
function myproduct($db_con, $category_id){
$sql = "SELECT * FROM spu WHERE category_id = " . $category_id . " ORDER BY name";
$query = $db_con->query($sql);
outputproduct($query);
$sql = "SELECT COUNT(*) FROM product_category WHERE parent_id = " . $category_id;
$query = $db_con->query($sql);
if($query->fetchColumn() > 0){
$sql = "SELECT * FROM product_category WHERE parent_id = " . $category_id . " ORDER BY priority";
$query = $db_con->query($sql);
foreach($query as $row){
myproduct($db_con, $row["id"]);
}
}
}
// 根据关键词搜索商品
function searchproduct($db_con, $keyword){
$sql = "SELECT * FROM spu WHERE name LIKE '%" . $keyword . "%' OR description LIKE '%" . $keyword . "%' ORDER BY name";
$query = $db_con->query($sql);
outputproduct($query);
}
?>
index.html
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<body>
<div class="wrapper">
<!-- Sidebar Holder -->
<nav id="sidebar">
<div class="sidebar-header">
<h3>CAN302 DEMO</h3>
</div>
<ul class="list-unstyled components">
<p>Dummy Store</p>
</ul>
<?php
// 显示所有分类(从父分类 ID 为 1 开始递归加载)
mycategory($con, 1);
?>
<ul class="list-unstyled CTAs">
<li><a href="#" class="download">Back to HOME</a></li>
</ul>
</nav>
<!-- Page Content Holder -->
<div id="content">
<!-- Nav Bar Holder -->
<nav class="navbar navbar-default">
</nav>
<div class="container-fluid">
<h2>Welcome to CAN302 DEMO store</h2>
<div class="line"></div>
<?php
// 根据用户行为显示搜索结果或分类下的商品
if (isset($_POST['keyword'])) {
searchproduct($con, mypost('keyword'));
} elseif (isset($_GET['category'])) {
myproduct($con, myget('category'));
}
?>
</div>
</div>
</div>
</body>
</html>
23-24
You should see the similar snapshot in your lab practice like Fig. II-1:
Appendix contains the related code (it can work properly). Read them carefully and answer the following questions:
1. The IP address of web server is 192.168.10.123, the port number of Apache is 8023. The local path of “index.php” is “F:\xampp\htdocs\can302\index.php”. Please specify the URL (Uniform Resource Locator) to visit the “index.php” through web accordingly. (10 marks)
192.168.10.123:8023/can302/index.php
2. According to “function.php”, write the minimum columns of the data structure of the two tables “products” and “product_categories”, and describe the foreign key relationship if any. (10 marks)
table: products
product_id (Primary Key)
product_category_id (Foreign Key)
product_title
product_price
product_image
Table: product_categories
product_category_id (Primary Key)
product_category_title
Foreign Key Relationship:
products.product_category_id → product_categories.product_category_id
3. Please identify the code used to output the “Product zone” and analyse the running process of the code. (8 marks)
The “Product zone” is generated by the following code in index.php:
<div class="col-md-9"> <?php getProducts(); ?> </div>
Execution process:
-
The page loads
index.php. -
The
getProducts()function is called. -
It connects to the database and runs the query:
SELECT * FROM products ORDER BY 1 DESC LIMIT 0,3. -
It loops through the results and outputs HTML for each product (image, title, price).
-
The browser renders this as the product display area, i.e., the “Product zone”.
4. Please draw a sketch in the area “Product Zone”, in which you HAVE to show major visual components and their relative positions. Please assume a number of products is in the database already. (6 marks)
---------------------------------------
| [Product Image] |
| [Product Title] (as a link) |
| $Product Price |
---------------------------------------(Repeat horizontally 3 times per row)
5. If the URL has a question mark and parameters as: “?categories=3&product_categories=17”, please describe in detail where such parameters have been used and for what purposes. (6 marks)
These parameters are GET variables in the URL.
Purpose:
-
When
categoriesorproduct_categoriesis set, the code does not loadhotproducts.php. -
This allows the page to display filtered results instead of default "hot products".
-
Likely used to load products by category (category ID 3, product_categories 17).
index.php
<?php
// 包含头部文件(通常包含导航栏等)
include("includes/header.php");
?>
<!-- 主滑动图区域容器 -->
<div class="container" id="slider">
<!-- 这里可以放幻灯片 -->
</div>
<!-- 优势区域(此处留空) -->
<div id="advantages">
</div>
<!-- 热门商品区域 -->
<div id="hot">
<div class="box">
<div class="container">
<div class="col-md-12">
<?php
// 如果没有选择产品分类或普通分类,就显示热门产品
if (!isset($_GET['product_categories']) && !isset($_GET['categories'])) {
include('includes/hotproducts.php'); // 加载热门产品模块
}
?>
</div>
</div>
</div>
</div>
<!-- 主内容区域 -->
<div id="content" class="container">
<div class="col-md-3">
<?php
// 包含侧边栏(分类导航等)
include("includes/sidebar.php");
?>
</div>
<div class="col-md-9">
<?php
// 调用函数展示产品列表
getProducts();
?>
</div>
</div>
<?php
// 包含页脚部分
include("includes/footer.php");
?>
<!-- 引入 JS 脚本 -->
<script src="js/jquery-331.min.js"></script>
<script src="js/bootstrap-337.min.js"></script>
</body>
</html>
function.php
<?php
// 建立与MySQL数据库的连接
$db = mysqli_connect("localhost", "root", "", "ecom_store");
/// 开始定义 getProducts 函数 ///
function getProducts() {
global $db; // 引用全局数据库连接变量
// 查询语句:从 products 表中按 ID 倒序获取最新的3个产品
$get_products = "SELECT * FROM products ORDER BY 1 DESC LIMIT 0,3";
$run_products = mysqli_query($db, $get_products); // 执行查询
// 遍历结果集中的每一行
while ($row_products = mysqli_fetch_array($run_products)) {
// 获取产品字段
$product_id = $row_products['product_id'];
$product_category_id = $row_products['product_category_id'];
$product_title = $row_products['product_title'];
$product_price = $row_products['product_price'];
$product_image = $row_products['product_image'];
// 输出 HTML 代码展示产品信息
echo "
<div class='col-md-4 col-sm-6 single'>
<div class='product'>
<a href='details.php?product_id=$product_id'>
<img class='img-responsive' src='admin_area/product_images/$product_image'>
</a>
<div class='text'>
<h3>
<a href='details.php?product_id=$product_id'> $product_title </a>
</h3>
<p class='price'> $ $product_price </p>
</div>
</div>
</div>
";
}
}
/// getProducts 函数结束 ///
/// 开始定义 getProductCategories 函数 ///
function getProductCategories() {
global $db; // 引用全局数据库变量
// 查询所有产品分类
$get_product_categories = "SELECT * FROM product_categories";
$run_product_categories = mysqli_query($db, $get_product_categories); // 执行查询
// 遍历每个分类
while ($row_product_categories = mysqli_fetch_array($run_product_categories)) {
$product_category_id = $row_product_categories['product_category_id'];
$product_category_title = $row_product_categories['product_category_title'];
// 输出每个分类的链接列表项
echo "
<li>
<a href='shop.php?product_category_id=$product_category_id'> $product_category_title </a>
</li>
";
}
}
/// getProductCategories 函数结束 ///
?>
扫一扫
283
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
