Difference between revisions of "Module 5"

From CSE330 Wiki
Jump to navigationJump to search
Line 47: Line 47:
<p>It is important you do all the steps in the tutorial to get comfortable defining models, views, templates, and using the interactive shell and the admin app.</p>
<p>It is important you do all the steps in the tutorial to get comfortable defining models, views, templates, and using the interactive shell and the admin app.</p>
<li><h4>[https://docs.djangoproject.com/en/1.4/intro/tutorial01/ Part 1]</h4>
<li><h5>[https://docs.djangoproject.com/en/1.4/intro/tutorial01/ Part 1]</h5>
<li>Create a project</li>
<li>Create a project</li>
Line 57: Line 57:
<h4>[https://docs.djangoproject.com/en/1.4/intro/tutorial02/ Part 2]</h4>
<h5>[https://docs.djangoproject.com/en/1.4/intro/tutorial02/ Part 2]</h5>
<li>Activate the admin site</li>
<li>Activate the admin site</li>
Line 65: Line 65:
<h4>[https://docs.djangoproject.com/en/1.4/intro/tutorial03/ Part 3]</h4>
<h5>[https://docs.djangoproject.com/en/1.4/intro/tutorial03/ Part 3]</h5>
<li>Configure URL handling</li>
<li>Configure URL handling</li>
Line 72: Line 72:
<h4>[https://docs.djangoproject.com/en/1.4/intro/tutorial04/ Part 4]</h4>
<h5>[https://docs.djangoproject.com/en/1.4/intro/tutorial04/ Part 4]</h5>
<li>Write a form that modifies the database</li>
<li>Write a form that modifies the database</li>

Revision as of 23:34, 18 October 2012


In Module 6, you will learn about python, a scripting language, and Django, a web framework.

This article contains your assignments for Module 6.

Individual Assignments

Python tutorial Django tutorial

Python Tutorial

Install Python Tools

  • sudo yum install python-setuptools
  • sudo yum install python-devel

Python Assignment

  • You will write a python script that reads a set of student grades in from a file and does some basic parsing and processing. here is the section of the python tutorial on reading and writing files.
  • An example grades file is here. For the sake of simplicity you can assume that the file name is always going to be grades.txt.
  • The first line of the file is of the form: NUM_LABS,NUM_EXAMS,LAB_WEIGHT
  • All of the other lines in the file are of the form: FIRSTNAME LASTNAME|GRADE|TYPE
  • The FIRSTNAME and LASTNAME fields are the student's full name (always only a first and last name), the GRADE is one grade for the student, and the TYPE describes what kind of assignment the grade was for, in this case either a 'lab' or an 'exam'.
  • Your script should read in a grades file with the above format and perform the following:
    1. Compute the final grade for every student, given that there were a total of NUM_LABS labs, NUM_EXAMS exams, and that the labs account for a total of LAB_WEIGHT percent of the grade.
    2. Compute the final letter grade based on the final numeric grade (A = 90 or above, B = 80 - 90, C = 70 - 80, D = 60 - 70, F = below 60). 
    3. Ignore any blank lines.
    4. Sort the students by last name, and print out final grades in that sorted order.
    5. No names should be hard coded into the script (you will run your script on another file with different student names when we grade your assignment).
    6. Finally, the script should take one optional command line argument, which is a string to match against student names.  Only names that match the string in full or in part, should be printed out with their final grades.
      • For example, with the argument 'John' grades for both John Smith and John Locke should be printed (if those are the only two Johns in the grades.txt file)

Django Tutorial

Install Djgano

This procedure assumes you are using and Amazon AMI Linux on an ec2 instance. An in-depth install guide can be found on the Django website, but a quick version is below. Run these commands as root.

That's it.

Django Assignment

Complete the tutorial on the django website. You will create a Polls app. There are four parts to this tutorial.

It is important you do all the steps in the tutorial to get comfortable defining models, views, templates, and using the interactive shell and the admin app.

  • Part 1
    • Create a project
    • Start the development server
    • Setup an SQLite database
    • Create the Polls app and define the models
    • Interact with the database using the interactive python shell
  • Part 2
    • Activate the admin site
    • Add the poll app to the admin site
    • Modify the database using the admin site
  • Part 3
    • Configure URL handling
    • Create some views
  • Part 4
    • Write a form that modifies the database
    • Refactor to use generic views

Group Project

You may work in pairs on this project.

Image Tagging/Browsing Site

You may find this wiki article helpful


  • Users can register for accounts and then log in to the website.
  • Accounts should have both a username and a secure password. NEVER store plaintext passwords in a database!
    For more information on password security, refer to the Web Application Security guide.
  • Registered users can submit stories: either a link with summary or news text.
    You do not have to make a distinction between the two types of stories, although if you want to, you could do something with this for the creative portion of your project.
  • Registered users can comment on any story.
  • Administrator users can delete stories and comments.
  • Unregistered users can only view stories and comments.
  • Registered users can edit their stories and can delete their comments.
  • All data must be kept in a MySQL database (user information, stories, comments, and categories).
  • As before, please check with a TA to see if your creative portion is okay or not before you proceed.

Web Security and Validation

Your project needs to demonstrate that thought was put into web security and best practice. For more information, see this week's Web Application Security guide: Web Application Security, Part 2

In particular:

  • Your application needs to be secure from SQL injection attacks. If you are using prepared queries, you should already be safe on this front.
  • All of your output needs to be sanitized using htmlentities().

You shouldn't forget the practices you learned last week:

  • You should pass tokens in forms to prevent CSRF attacks.
  • Your page should validate with no errors through the W3C validator.


Due Date: Wednesday October 10th, by 1pm (both individual and group)

Assignment Points
Tables Correct 2
Data Queries Correct 2
Group Portion:
User Authentication 1
User Registration 1
Salted One-Way Encryption 1
Main page displays all stories (or most recent stories) 1
Page with individual story and comments 1
Story Submission 1
Comment System 1
Administrator Deletion of Stories/Comments 1
User Edit/Delete of Story (1 pt) and Delete of Comment (1 pt) 2
Protect Against SQL Injection Attack 1
Sanitize Output 1
CSRF Safe and Validation 1
Creative Portion 2

Total Points = 19