E Reporting

8/3/2019 E Reporting

http://slidepdf.com/reader/full/e-reporting 1/23

1 System Procedural Design



2 Input/Output and Interface Design



3 System Architecture Design

Applied .NET Framework Programming

If you use the .NET Framework, your code targets the common language runtime (CLR), which

affects your decision about a programming language. The common language runtime is just what its name

says it is: A runtime that is usable by different and varied programming languages.

The features of the CLR are available to any and all programming languages that target it-period. If the

runtime uses exceptions to report errors, then all languages get errors reported via exceptions. If the

runtime allows you to create a thread, then any language can create a thread. In fact, at runtime, the CLR

has no idea which programming language the developer used for the source code.

You may develop your code in any programming language you desire as long as the compiler you use

to compile your code targets the CLR. Microsoft is creating several language compilers that target the

runtime: C++ with managed extensions, C# (pronounced ―C sharp‖), Visual Basic.NET, JScript, Java,

and an intermediate language (IL) Assembler. In addition to Microsoft, there are several other companies

creating compilers that produce code that targets the CLR. At this writing, I am aware of compilers for

Alice, APL, COBOL, Component Pascal, Eiffel, FORTRAN, Haskell, Mercury, ML, Mondrian, Oberon,

Perl, Python, RPG, Scheme, and Smalltalk.



4 Implementation & Coding

Single Vs Multi-user, GUI Vs Non GUI

In the single user environment, the whole system is used by only a single person of theorganization. The person who is using that system will have to look for all the procedures

which are held within the organization. And managing all the activities by a single hand is a

very-difficult task.

While if Multi User environment is there then the user of the system will be more than one.

Different people can handle different task to perform .This kind of system will reduce work

load and can give better results.

In Property Listing India we have provided multi user environment. Any person can have

access to the system up to some extent which is decided by the administrator.

Thus, in our project it is ideal to have multi user environment rater than to have single user

environment.



Standards Used for Coding

We have used the serial number and group classification codes. Coding scheme must

have the following properties.

Concise

A coding scheme must be concise. In other words, the number of digits/characters used in

a code must be minimal to reduce storage space of the code and retrieval efficiency.

Expandable

It should be expandable, that is it must allow new items to be added easily.

Meaningful

It should be meaningful and convey to a user some information about the characteristics

of the item to enable quick recognition and identification of the item.

Comprehensive

It should be comprehensive. In other words, it should include the characteristics relevant

to all the related activities where the item will be involved.

Precise

It should be precise. I.e. the scheme should produce unique, unambiguous code.

Comments

The comments describe the function of every line, the significance of every datastructure, the input to every function, the output from the function and the data manipulation

within the function. Thus, the code is well documented.

Naming convention

The naming of the function, variables, etc. is done according to the convention mentioned

in the Naming Convention Section

Controls Examples

Form frmFormName

Textbox txtTextBoxName

Label lblLabelName

Combo Box cmbComboBoxName



List Box lstListBoxName

Command Button cmdCommandButtonName

Radio Button radRadioButtonName

Check Box chkCheckBoxName

Picture Box picPictureBoxName

Data Grid dgrDataGridName

Menu mnuMenuName

Menu Item mnuMenuItemName

Tab Control tabTabControName

SECURITY FEATURES

Login Pages Should Be Encrypted:

The number of times i have seen web sites that only use ssl (with https: url schemes) after user

authentication is accomplished is really dismaying. encrypting the session after login may be useful —

like locking the barn door so the horses don’t get out — but failing to encrypt logins is a bit like

leaving the key in the lock when you’re done locking the barn door. Even if you’re login form posts to

an encrypted resource, in many cases this can be circumvented by a malicious security cracker who

crafts his own login form to access the same resource and give him access to sensitive data.

Data validation should be done server-side:

Many web forms include some JavaScript data validation. if this validation includes anything meant to

provide improved security, that validation means almost nothing. a malicious security cracker can craft

a form of his own that accesses the resource at the other end of the web page’s form action that doesn’t

include any validation at all. worse yet, many cases of javascript form validation can be circumvented

simply by deactivating javascript in the browser or using a web browser that doesn’t support javascriptat all. in some cases, i’ve even seen login pages where the password validation is done client-side —

which either exposes the passwords to the end user via the ability to view page source or, at best,

allows the end user to alter the form so that it always reports successful validation. don’t let your web

site security be a victim of client-side data validation. server-side validation does not fall prey to the



shortcomings of client-side validation because a malicious security cracker must already have gained

access to the server to be able to compromise it.

Manage your web site via encrypted connections:

Using unencrypted connections (or even connections using only weak encryption), such as

unencrypted ftp or http for web site or web server management, opens you up to man-in-the-middle

attacks and login/password sniffing. always use encrypted protocols such as ssh to access secure

resources, using verifiably secure tools such as openssh. once someone has intercepted your login and

password information, that person can do anything you could have done.

Use strong, cross-platform compatible encryption:

Believe it or not, ssl is not the top-of-the-line technology for web site encryption any longer. Look into

tls, which stands for transport layer security — the successor to secure socket layer encryption. Make

sure any encryption solution you choose doesn’t unnecessarily limit your user base, the way

proprietary platform-specific technologies might, as this can lead to resistance to use of secure

encryption for web site access. The same principles also apply to back-end management, where cross-

platform-compatible strong encryption such as ssh is usually preferable to platform-specific, weaker

encryption tools such as windows remote desktop.

Connect from a secured network:

Avoid connecting from networks with unknown or uncertain security characteristics or from those

with known poor security such as open wireless access points in coffee shops. this is especially

important whenever you must log in to the server or web site for administrative purposes or otherwise

access secure resources. if you must access the web site or web server when connected to an unsecured

network, use a secure proxy so that your connection to the secure resource comes from a proxy on a

secured network. in previous articles, i have addressed how to set up a quick and easy secure proxy

using either an openssh secure proxy or a putty secure proxy.

Don’t share login credentials:

Shared login credentials can cause a number of problems for security. This applies not only to you, the

webmaster or web server administrator, but to people with login credentials for the web site as well —

clients should not share login credentials either. the more login credentials are shared, the more they

tend to get shared openly, even with people who shouldn’t have access to the system. the more they

are shared, the more difficult it is to establish an audit trail to help track down the source of a problem.



the more they are shared, the greater the number of people affected when logins need to be changed

due to a security breach or threat.

Prefer key-based authentication over password authentication:

Password authentication is more easily cracked than cryptographic key-based authentication. the

purpose of a password is to make it easier to remember the login credentials needed to access a secure

resource — but if you use key-based authentication and only copy the key to predefined, authorized

systems (or better yet, to separate media kept apart from the authorized system until it’s needed), you

will use a stronger authentication credential that’s more difficult to crack.

Maintain a secure workstation:

If you connect to a secure resource from a client system that you can’t guarantee with complete

confidence is secure, you cannot guarantee someone isn’t ―listening in‖ on everything you’re doing.

key loggers, compromised network encryption clients, and other tricks of the malicious security

cracker’s trade can all allow someone unauthorized access to sensitive data regardless of all the

secured networks, encrypted communications, and other networking protections you employ. integrity

auditing may be the only way to be sure, with any certainty, that your workstation has not been

compromised.

Use redundancy to protect the web site:

Backups and server failover can help maintain maximum uptime. while failover systems can reduce

outages due to server crashes (perhaps because of ddos attacks) and server shutdowns (perhaps

because the server was hijacked by a malicious security cracker) to mere hiccups in service, that isn’t

the only value to redundancy. the duplicate servers used in failover plans also maintain an up-to-date

duplication of server configuration so you don’t have to rebuild your server from scratch in case of

disaster. backups ensure that client data isn’t lost — and that you won’t hesitate to wipe out sensitive

data on a compromised system if you fear that data may fall into the wrong hands. of course, failover

and backup solutions must be secured as well, and they should be tested regularly to ensure that if and

when they are needed, they won’t let you down.



CODING STANDARDS

protected void btnlogin_Click(object sender, EventArgs e)

{

//string Enc = Encrypt(txtpass.Text.Trim());

//dtper = daper.GetDataforLogIn(txtname.Text,Enc);

con.Open();

string p="select * from tblEmployeePersonalDetails";

cmd =new SqlCommand(p,con);

dr=cmd.ExecuteReader();

while(dr.Read())

{

if (txtname.Text==dr["strName"].ToString() && txtpass.Text==dr["strEmpPassword"].ToString())

{

//drper = (dspersonal.tblEmployeePersonalDetailsRow)dtper.Rows[0];

//dtcom = dacom.GetDataByPK(drper.intEmpId);

Session["intEmpId"] = dr["intEmpId"].ToString(); ;Session["strName"] = dr["strName"].ToString();

dtcom = dacom.GetDataByPK(Convert.ToInt32(Session["intEmpId"]));

if (dtcom != null && dtcom.Rows.Count > 0)

{drcom = (dscompany.tblEmployeeCompanyDetailsRow)dtcom.Rows[0];

Session["intRoleId"] = drcom.intRoleId;

Session["post"] = drcom.charEmpPost;

Session["department"] = drcom.intDeptId;

//FormsAuthentication.RedirectFromLoginPage(txtname.Text.Trim(), false);

FormsAuthentication.SetAuthCookie(txtname.Text.Trim(), false);if (Convert.ToInt32(Session["intRoleId"]) == 5)

{

Response.Redirect("Admin/home.aspx");

}else

{

Response.Redirect("~/User/userhome.aspx");

} }

else

{

Label l1 = new Label();l1.Text = "You are not registered in company ";

}}

else

{

lblmsg.Text = "User Name And Password Doesn't Match";

}}

con.Close();

}



5 Testing

Test Strategy

As we were working with 2 team members it was very difficult to check the work done as no

individual was assigned for that particular work. Moreover checking the work done was very important to

reduce risk factor. Checking was being ultimately handled by Testing but interim checking was required.

Right from starting we planned to adopt one technique called Assessment by Rotation to adopt. Work that

is done by one member was assessed by other for some time and again revolved for other level check.

This technique proved to be very much helpful as it came out with innovative ideas reduces errors to very

low level.

Testing Methods

Stress Testing

Stress testing is to test the system for emergent properties such as performance and reliability.

Performance tests have to be designed to ensure that the system can process its intended load. Here, we

checked out the multi-user capability of our system.

Performance Testing

Performance testing is designed to test the runtime performance of the system within the context of

the system. These tests were performed as module level as well as system level. Individual modules were

tested for required performance.

In performance testing we counted the processing time and response from the server with respect

to request.

We also checked out the total-execution time, which takes 10 to 15 minutes for 6 to 10 queries.

Black-box Testing

We have tested our functions of component to check the specification of our

components. We selected input set to test the components like in query process we gave the differentkinds of inputs to examine there output. We test software with sequences that have only a single value.

Interface Testing

Interface testing is integral part of Integration testing. Therefore we checked for the



Interface misuse

Interface misunderstanding

We examined the code to be tested and explicitly list each call to an external component. In the system,

standards tests for GUIs have been performed, which are as follows.

Testing the screen control for its position and size.

The position and related labels for all controls were checked.

Name of the form in system is given appropriately.

All menu functions and sub functions were verified for correctness.

Validation for all inputs were done

Each menu functions were tested, whether it invokes the corresponding functionality properly.

Pull down controls was verified for proper functionality.

Whether the non-editable text control is disabling and it was also verified that it doesn’t exceed

the maximum allowed length.

Whether the system prompts the user with appropriate message as and when invalid information

is entered.

All required fields aren’t left blank

Grouping information is displayed appropriately

Following testing principals which are used.

All tests should be traceable to customer’s requirement.

Tests should planned long before testing begins.

Testing should begin in small and progressed towards testing in the large.

Exhausting testing is not possible.

To be most effective testing should be conducted by an independent third party.

TEST PLAN

Any system, to be successful, must be thoroughly tested, and well managed test plan should be

prepared before actual testing is being performed.‖ ― has been developed and need to be tested in

a manner that can reduce occurring of defects as low as possible. Following are the activities we

planned to test the system.



This system is indeed an evolutionary system so every unit of the system is continuously under testing

phase.

One test activity ―Basis Path Testing‖ that will try to cover all paths in the system. This activity identifies

all paths who provides different functionality of the system, and also other paths to reach at that

functionality.

Other testing activity is ‖Control Structure Testing‖, which will test each and every conditions withpositive and negative data combination.

This testing activity will also perform ―Data Floe Testing‖ in which it will be tested how the data refollowing the system. And will also check whether the data entered from one procedure, is reflected

whenever it requires or not.

All conditions will be tested with ―Boundary Value Analysis‖ where different input will be given to testwhether the system is functioning with boundary values or not.

Along with the boundary value analysis, the system is also tested with ―Range Value Tested‖ where

editable values will be tested with ranges of values.

The system is begin tested in ―Unit Testing‖ manner where at the completion of one unit that is testedthoroughly with above mentioned testing activities.

The integration testing will also be performed to ensure that the integrated unit is working properly with

other units or not.

9.2 MODULE OF TESTING

Analyze and check system representation such as the requirement document, design

diagrams and the program source code. They may be applied at all stages of the process.

Unit Testing

Module Testing

Sub-system



There are different Models of testing. On the basis of testing methods there are two types of

testing :

1. White-box testing.

2. Black-box testing

1).WHITE-BOX TESTING

White-box testing some times called glass-box testing, is a test case design method that users the

control structure of the procedural design to drive the test case.

Logical errors and incorrect assumption are inversely proportional to the probability that a

program will be executed. Errors tend to creep into our work we design and implement

function, condition or control that is out of the mainstream tends to be well understood.

We often believe that a logical path is not likely to be executed when in fact it may be

executed on a regular basis. The logical flow of a program times counter intuitive.

2). BLACK-BOX TESTING:

For our project periodically we have tested our software using

black-box testing. Thinking as a client we have evaluated the software for its easy going and

convenience.

System Testing

Acceptance



Unit Testing:

During the programming stages each and every form, modules and class treated unit has

been put into the test data. Every modules is tested independently. The steps are follows:

1. Manually code is tested like spelling checks, logic and errors. 2. Once the manual checking is over the complication has been done. Syntactical

errors if any have to be corrected.

3. After the clean complication the program, some dummy data, as specification,has been used for testing of the module to see if it works as specified.

Integration Testing

After our individual’s modules were tested out we go the integrated to create a complete

system. This integration process involves building the system and testing the resultant system for

problems that arise from component interaction.

Performance Testing

Performance testing is designed to test the runtime performance of the system within the

context of the system. These tests were performed as module level as well as system level. Individual

modules were tested for required performance.

Condition Testing

Performance testing is a test case design method that exercise the logical conditions.

Interface Testing

Interface sting is integral part of integration. We examined the code to be tested and explicitly

list each call to an external component. In the system standards tests for GUIs have been performed,which are as follows:

The position and related labels for all controls were checked.

Validation for all inputs were done.

Pull down controls was verified for proper functionality.

Whether the non-editable text controls disabling and it was also verified that it

doesn’t exceed the maximum allowed length.



CONTENT TESTING:

Errors in WebApp content can be as trivial as minor typographical error as incorrectinformation, improper organization or validation of intellectual property laws. Content Testing attempt to

uncover this and many other problems before the user encounter them.

Content Testing Objectives:

There are three types of objectives.

To uncover syntactic errors in text-based documents, graphical representation and othermedia.

To uncover semantic errors in any content object represented as navigation occurs, and

To find errors in organization or structure of content that is presented to the end-user

DATABASE TESTING:

Modern Web Application does much more than present static content objects. In many

application domains, WebApps interface with sophisticated database management system and build

dynamic content object that are created in real time using the data acquired from a database.

Database Testing for WebApps is complicated by a variety of factor.

1) The original client side request for information is rarely presented in form that can be input to

a database management system.

2) The may be remote to the server that houses the webApps. WebApps Server and

properly formatted for subsequent transmittal to the client.

3) RAW data acquired from the database must be transmitted to the

4) The dynamic content objects must be transmitted to the client in a form that can be displayed

to the end user.



In figure testing should be ensure that

1. valid information is passed between the client and server from the interface layer

[Layers of interaction]

2. The WebApps process script correctly and properly extract

or formats user data.

3. Queries are passed to a data management layer that

Communicates with database access routines.

4. User data are passed correctly to a server side data

transformation function that format appropriate queries

Client layer-user interface

Server layer- WebApp

Server layer-

Server layer - data

Database layer – data access



INTERFACE TESTING

Interface design model is reviewed to ensure that generic quality criteria established for all

user interfaces have been achieved and that application specific interface design issue has been

properly addressed.

Interface testing strategy:

The overall strategy for interface testing is to (1) Uncover error related to specific

Interface mechanisms (2) uncover errors in the way the interface implements the semantics of

navigation, WebApp functionality, or content display. to accomplish this strategy, a number of

objectives must be achieved:

Interface futures are tested to ensure that design rules, aesthetics,

and related visual content are available for the user without error.

Individual interface mechanisms are tested in a manner that is alogous to unit testing Forexample, tests are designed to exercise all forms, client-side scripting, dynamic HTML.

Testing Interface Mechanisms:-

When a user interacts with a WebApp, the interaction occurs through one or more interface

mechanisms.

Links: - Each link is tested to ensure that the proper content object or

function is reached . The Web engineer builds a list of all links

associated with interface layout.and then executes each

individually.

Forms: - At a microscopic level, tests are performed to ensure that

(1) Labels correctly identified fields within the form and that

mandatory fields are identified visually for the user.

(2) The server receives all information content within the form

and their no data are lost in the transmission between client and server.

(3) Appropriate defaults are used when the user does not selectfrom a pull down menu or set of buttons.

(4) Browser function don’t corrupt data enter in a form.

(5) Scripts that perform error checking on data entered work

Properly and provide meaningful error message.



Client side scripting:-

Black box tests are conducted to uncover any error in processing As the

script is executed.These tests are coupled with forms testing because script input is often derived

from data provided as part of forms processing

Dynamic HTML:-

Each Web page that contain dynamic HTML is executed to ensure that the dynamic displayis correct. In addition a compatibility test should be conducted to ensure that the dynamic HTML

is work properly in the environmental configuration that support the WebApps.

Application specific interface mechanisms:-Test conforms to a checklist of functionality and

features that are defined by the interface mechanism.

Boundary test minimum and maximum number of item that can be placed in to shopping chart. Test to determine persistence of shopping chart contents.

Test to determine whether the WebApp can be record shopping chart content at some future date.

USABLITY TESTING:-

Usability test may be designed by Web engineering team.

(1) Define a set of usability testing categories and identify goal for each.

(2) Design test that will enable each goal to be evaluated.

(3) Select participants who will conduct test.

(4) Instrument participant’s interaction with WebApp while testing isconducted.

5)Develop a mechanism for assessing the usability of the WebApp.

The following test categories and objective illustrate establish testing:

Interactivity- Are interaction mechanism easy to understand and use?

Layout- Are navigation mechanism, content and function place in a manner

that allows the user to find them quickly?



Readability- Is text well written and under stable?

Aesthetics- Do layout color, typeface, and related characteristics lead to ease of use ?

Display Characteristics- Does the WebApp make optimal use of screen size and resolution?

Time Sensitivity- Can important features, functions and content be used in a timely manner?

Accessibility- Is the WebApp accessible to people who have Disabilities?

COMPATIBILITY TESTING:-

WebApps must operate within environment that differs from one another. Different computer,

display device, OS, browser and network connection speed can have significant on WebApp operation.

Different browser some time produced slightly different results, regardless of the degree of HTML

standardization within the WebApps.

The Web Engineering team derives a series of compatibility, validation tests, derived from existing

interface tests, navigation tests, performance tests and security tests.

Test Cases:-

(1) Invalid User

Test Case:-

If the username and password is not valid, means that the person who is trying to access the

website is not authenticated so system will give the message that unauthicated user.

Solution

Solution of this case is that user is not aware about the login criteria so the person needs to

create its account to the website and it may be there mistake in the typing so it needs to retype the

username and password.



(2) Invalid Inforamtion entered on search page.

Test Case:-

If the any user enters invalid information on the search page an message is generated or on

asking user to enter the corect type.

Solution

Solution of this case is that user is not aware about the Type of data to be search or it may

be person’s mistake in the searching so it needs to research the information.

(3) Invalid Inforamtion entered on seller page

Test Case:-

If the name enters invalid information an error message is generated on asking user to enter

the corect type.

Solution

Solution of this case is that user is not aware about the Type of data to be entered or it may

be person’s mistake in the typing so it needs to retype the information.

(4) Invalid Inforamtion entered on buyer page.

Test Case:-

If the name enters invalid information an error message is generated on asking user to enter

the correct type.

Solution

Solution of this case is that user is not aware about the Type of data to be entered or it

may be person’s mistake in the typing so it needs to retype the information.



(5) Error in data base connectivity

Test Case:-

If there is any problem connecting to the database user will be asked to browse and search for

the data base and establish the bridge .

Solution

Solution of this case is that user has to first establish the connectivity with the database and

then run the project.

(6) Error loding the module

Test Case:-

This problem may arise if the browser does not have the write support .

Solution

Solution is to first check the browser supports for module

6 Screen shots and User manual

7 Limitation and Future Enhancement

Limitation

Following are the limitations of our project.

We are using centralized approach to implement database. So an efficient database should be

provided to us necessarily.

.Net platform is mandatory; we can not make it out without .Net.

IE 9.0 or higher version of browser is compulsory.



Future Enhancement

The system is much flexible and extensible; hence further enhancements, if needed, can be

developed and it can be integrated with the existing one very easily.

Correctness:

Although we have included only little fundamental tools as an entry-level system, the system

is correct.

Reliability:

System is reliable to a greater extent.

Maintainability:

As the system is developed as a system of tool the system is maintainable.

Portability:

The system can be transformed from one hardware configuration to another.

Error tolerance:

The system can tolerate with errors that occurs.

8 Conclusion and Discussion:-

Conclusion

The main purpose as mentioned in the first chapter is to provide support to the student/faculty

member and to provide response to his/her interested features. We have included as many features as we

can to make the product viable and usable. According to personal viewpoint we are successful to a large

extent. Projects requirements are fulfilled up to satisfactory levels. This tells that we are very much

successful. And our proposed system is online and real time based on Internet, which is very much ahead

of the current existing system so, user of the system would like to use this application.



We have followed all the rules and regulations and coding standards so that in future the

enhancement or maintenance will be easy for the management committee. Application is developed with

reusability so can be used with other systems without too many changes to this application.And the

beauty of this product is that at regular interval the reviews of the completed work was done and after

taking reviews the suggestions were given so accordingly we have changed our system and now we have

the perfect one. So we can say that our product is now on cloud 9 according to our own point of view.

Now we are at the end of the project. At the end, we want to mention that we have heartily

worked for it and hope that our system users would be satisfied to high levels. It would be our great

pleasure to distribute this product.

Discussion

Below cited is the list of Enhancement that might take place in future.

Mobile Interface: In future user may be able to perform all the operation through mobile

device.

RFID: Radio Frequency Identifier is a one type of chip that is attached to the each

book will help the student in finding the exact location of the book in the library

Help Resources: In future we can incorporate tutorial topics in our Online library management

System module from which user can get help.

Alert mail: Member will get alert mail before 2 days of returning date of a particular book

which he gas issued

Reservation:Member can reserve particular book in advance.

Date post:	07-Apr-2018
Category:	Documents
Upload:	himanshu-vaja
View:	225 times
Download:	0 times

E Reporting

Documents