THIS PAGE UNDER CONSTRUCTION
In Module 6, you will learn about python, a scripting language, and Django, a web framework.
This article contains your assignments for Module 6.
Python tutorial Django tutorial
Install Python Tools
sudo yum install python-setuptools
sudo yum install python-devel
- You will write a python script that reads a set of student grades in from a file and does some basic parsing and processing. here is the section of the python tutorial on reading and writing files.
- An example grades file is here. For the sake of simplicity you can assume that the file name is always going to be grades.txt.
- The first line of the file is of the form: NUM_LABS,NUM_EXAMS,LAB_WEIGHT
- All of the other lines in the file are of the form: FIRSTNAME LASTNAME|GRADE|TYPE
- The FIRSTNAME and LASTNAME fields are the student's full name (always only a first and last name), the GRADE is one grade for the student, and the TYPE describes what kind of assignment the grade was for, in this case either a 'lab' or an 'exam'.
- Your script should read in a grades file with the above format and perform the following:
- Compute the final grade for every student, given that there were a total of NUM_LABS labs, NUM_EXAMS exams, and that the labs account for a total of LAB_WEIGHT percent of the grade.
- Compute the final letter grade based on the final numeric grade (A = 90 or above, B = 80 - 90, C = 70 - 80, D = 60 - 70, F = below 60).
- Ignore any blank lines.
- Sort the students by last name, and print out final grades in that sorted order.
- No names should be hard coded into the script (you will run your script on another file with different student names when we grade your assignment).
- Finally, the script should take one optional command line argument, which is a string to match against student names. Only names that match the string in full or in part, should be printed out with their final grades.
- For example, with the argument 'John' grades for both John Smith and John Locke should be printed (if those are the only two Johns in the grades.txt file)
This procedure assumes you are using and Amazon AMI Linux on an ec2 instance. An in-depth install guide can be found on the Django website, but a quick version is below. Run these commands as root.
- Install Distribute (prerequisite for pip):
- Install pip:
Install Django using pip:
curl http://python-distribute.org/distribute_setup.py | python
curl https://raw.github.com/pypa/pip/master/contrib/get-pip.py | python
pip install Django
You may work in pairs on this project.
Image Tagging/Browsing Site
You may find this wiki article helpful
- Users can register for accounts and then log in to the website.
- Accounts should have both a username and a secure password. NEVER store plaintext passwords in a database!
- For more information on password security, refer to the Web Application Security guide.
- Registered users can submit stories: either a link with summary or news text.
- You do not have to make a distinction between the two types of stories, although if you want to, you could do something with this for the creative portion of your project.
- Registered users can comment on any story.
- Administrator users can delete stories and comments.
- Unregistered users can only view stories and comments.
- Registered users can edit their stories and can delete their comments.
- All data must be kept in a MySQL database (user information, stories, comments, and categories).
- As before, please check with a TA to see if your creative portion is okay or not before you proceed.
Web Security and Validation
Your project needs to demonstrate that thought was put into web security and best practice. For more information, see this week's Web Application Security guide: Web Application Security, Part 2
- Your application needs to be secure from SQL injection attacks. If you are using prepared queries, you should already be safe on this front.
- All of your output needs to be sanitized using htmlentities().
You shouldn't forget the practices you learned last week:
- You should pass tokens in forms to prevent CSRF attacks.
- Your page should validate with no errors through the W3C validator.
Due Date: Wednesday October 10th, by 1pm (both individual and group)
|Data Queries Correct||2|
|Salted One-Way Encryption||1|
|Main page displays all stories (or most recent stories)||1|
|Page with individual story and comments||1|
|Administrator Deletion of Stories/Comments||1|
|User Edit/Delete of Story (1 pt) and Delete of Comment (1 pt)||2|
|Protect Against SQL Injection Attack||1|
|CSRF Safe and Validation||1|
Total Points = 19