Pair up with men’s football boots crafted to win, in a pick from this extensive range. With a full collection that includes Adidas, Nike, Predator, Mercurial, Puma boots,... as well as champion wears, you’ll be prepped for victory. Choose for a variety of surface types including firm and soft ground, astro turf pitches as well indoor courts. Laceless boots are also an option, as well as those with collars. Whatever your skill, ambition and ability, you’ll be able to kit yourself out in boots to suit here.
Customers
-
Customers can register / log in.
- Register with username and pass
- Address, Phone, Mail will update later
- Cash = 0 at registration
- Login with username and pass
-
Customers can add/delete products to the shopping cart.
- User choose product at homepage/product list
- User choose size, color, quantity to cart
- At cart user can +/- quantity by 1
- User can delete any product in cart
-
Others
- At checkout user INPUT their SHIPPING infomation (Name, Mail, Phone, Address) Phone and mail must be vaild. Automatic input user only push on order button.
- Customers can checkout to see total amount and Shipping address then payment.
- After checkout and enough cash in account, user will revice order.
- With each order, have a payment and a ship to tracking shipping status
-
Customers can search for the product according to the specified criteria
- Productname, productid, product color, productsize, product review, product price,...
-
Customers can choose products by brand.
- Show users products by brand and users can choose product by brand
-
Customers can sort products by price, choose price by range.
- Show users products by price and users can choose product by price
-
Customers can compare 2 product
- User use this function need choose 2 product at this page
-
Customers need deposit cash to account to buy product
- Cash can deposit by contact administrator
Admin
-
Admin can add or modify product.
- Add product with product name, review, price, review and image link
- Modify product
- Delete product if it not never used (if added wrong)
-
Admin can add or modify Product inventory.
- Add product with size, color and quantity
- Modify quantity of product
- Delete product in inventory if it not never used (if added wrong)
-
Admin can add, edit brand, color (if Color and brand is not used admin can delete it)
-
Admin can change the data of any user.
- Admin can update name, address, sex, mail, phone of anyone
- Admin can deposit cash into your any account
- Admin edit cash into your any account
-
Admin can view orders of all users.
- View orders and see payment and ship status
- At here admin can go to ship status and change it
- Admin can button ship to ship order to customers
System
- Log deleted by admin, log adminid, date deleted, infomation deleted
- Some Logic system
- Quantity of product in user cart must < quantity of product have in system
- User can add to cart positive numbers > 0 quantity of product
- User can't add to cart quantity of product > quantity of product have in system
- In cart quantity must >= 1 and <= quantity of product have in system
- Phone must be in Viet Nam format, Email must be vaild
- In checkout Cash of user must >= total value of product in cart to payment. If try to payment, notice to deposit money.
- Quantity of products in stock and user's money will be deducted after successful order, cart will be emty
- ...
- Security:
- Check vaild seession to get userid Then implement Sql query with userid
- User can't view order, cart, payment, ship... of others user
- Filter Xss with malicious input
- Prevent Some Sql injection
- Weak point: Native pass, unlimited number of logins,...
- ...
With genuine, good quality products, we aim to improve the playing ability of all classes of players from the elite, amateur, semi-professional and professional, towards the society. When it comes to authentic soccer shoes, everyone has good shoes to play with, follow their passions, and maintain physical and mental health.
Front-End Development:
- [Bootstrap]
- [HTML]
- [CSS]
- [Javascript]
Back-End Development
- Java Web App: [Servlet], [JSP], [Java] (JDK 8), [JDBC], [Apache Maven]
Database sever
- [Microsoft SQL Sever]
==== Software And Tools Required ====
- Microsoft SQL Sever 2019
- Netbeans + Apache Maven
- Java [JDK 8+]
- Tomcat v8.0+
- Login
- Home
- Home1
- Listing
- Details
- Compare
- Cart
- Checkout
- Admin
- Admin
- Admin
- Admin
- Admin
- Admin
- Diagrams
- Entity–relationship model
The build has some non-optimal problems related to the database and algorithm.
- Should write API then use Ajax to update cart may be more good. In produdct details, user choose color then it redirect with parameter ?chooseColor="colorname". Not optimizing the user experience when having to reload the page when
- Password shoud hashing to more security
- Should use Gzip to Increase website loading speed effectively
- ...
i dont like this project
Some Security test:
- SQL injection in admin login (Pass)
- Burp force admin login ( Fail - Pass not enough strong)
- User Login SQL injection (Pass)
- User input (orderby, searchkey, brandid, colorid, ...) (Pass)
- Param can edit in both post and get method , XSS and SQLi filter test (Pass)
- Can't View order of other user (Pass)
- A case study
- Wireframe or Screenshots of the system
- Database design
- System design
- Conclusion and Discussion
- Bui Xuan Hung - SE150126 - [email protected]
- Le Minh Huy - SE140377 - [email protected]
- Thi Nhat Nam - SE150922 - [email protected] Project Link: Assignment Group 06