Lab6 - A1 and A2

Date: Monday, 06 March 2017

In the previous Lab5 over recess week, you and your capstone project group should have overcomed the dreaded 'integration problem' (most likely by picking the best version and continue that repo instead of trying to merge various repos into one) and now ready to expand your group work for one final push (before switching to capstone project).

Basic technical requirements:

  • For this Lab6, you will need to use Laravel A1 (actually built-in) and A2 (need to adjust your users table) to ensure that your ranklist database is not corrupted by malicious users (including your own Lab TA)... The expected behavior are as follows:
    1. If a user has not logged in, only allow read only access to ranklist/details to only show students at the TOP-7 (7 is your lecturer's favorite number) in the class (the class size, N, is still expected to be at least N ≥ 50). This is to hide the details of the bottom end of the class.
    2. If a user is logged in with an account that has a student privilege, do read only access as above but additionally also showing his/her position if he/she is outside TOP-7, plus the details of up to 1 (ONE) student exactly above/below him/her (if he/she is really last, then nobody is below him/her). Moreover, add a simple text box with a submit button that can be used to send a message to the admin/lecturer, e.g. to say "sir, please update my CodeForces achievement as I have just passed it, here is my CodeForces account for your verification.", etc. His/her account name and submission timestamp will be associated with that message. If his/her admin/lecturer has replied, the reply will be seen.
    3. If a user is logged in with an account that has an admin privilege, allow him/her to see the entire ranklist without anything hidden and allow him/her to create/read/edit/delete student scores, read the messages from his/her student and reply those messages accordingly (only the actual sender of that message will be able to see that reply). This 'internal messaging' feature should also causes another database schema migration.
  • The "Password Reset Feature" must be working (you need to configure the email account that your Laravel app will use for sending that reset link).
  • You shall disallow /register route as the admin/lecturer will register all his N accounts upfront at the beginning of the semester and will disallow anyone else from taking his/her class afterwards.
  • Lab TA will continue trying to hack your project group's web application against a checklist (that is not shown to you) and if it survives, we will consider that it is safe enough. For testing purposes, you need to let your Lab TA know the user account details of at least 1 admin and 2 students (that is, you do not need to manually setup the other N-2 students).

The Extra Challenges for Lab7:

  1. DOMAIN NAME+HTTPS CHALLENGE (EASY WITH "LetsEncrypt" BUT A BIT COSTLY FOR GOOD DOMAIN NAME): If your capstone project group is still using IP address as of Lab5, try to get a free (but usually meaningless) domain name. Once you have a domain name for your DO droplet, setup HTTPS using LetsEncrypt. However, if your capstone project group already have a very strong idea on what to do for capstone project and already decide on the name for the capstone project, then immediately buy a meaningful+short domain name using NameCheap, GoDaddy, Exabytes (for .sg domain) before it is taken by others and use it to claim this achievement for this Lab6. Your capstone project group will have to do this by Week 13 anyway.

  2. PERFORMANCE AND/OR SCALABILITY CHALLENGE (CAN BE CHALLENGING, read ahead): Improve the loading your ranklist app (try enlarging N to 10 000 for example) and basically any other aspects that can be optimized, use tool like Google PageSpeed Insights or the Google Chrome built-in stopwatch (network tab) to help you check this. You may need to read ahead for a few technical insights.

  3. INTERNATIONALIZATION (i18n) + LOCALIZATION (l10n) CHALLENGE (EASIER if your group has members who can speak various languages): If you (or your project group members) know any other language other than English, translate all the English text in your application to at least one other language, then give option for your user to switch language (and maybe also record his/her language preference in the users table database). You can do this on client-side version (use JavaScript to change the html text of your paragraphs or span elements — not the best way to do this) or server-side version (use PHP to switch between languages — the better way). We will discuss this topic more in future class but you are free to use any simple strategy that works, including this.

  4. ANALYTICS + MARKETING CHALLENGE (EASY to setup, HARD to get many visitors due to the nature of the ranklist app): First, quickly set up Google Analytics (or other relevant service) tracker code inside your HTML files ASAP and then monitor the web traffic; Show the Google Analytics data to your Lab TA on Monday, 06 March 2017 to convince him that you have (some) visitors other than yourself... To encourage more visitors, if you know anyone in the actual CS3233 class (current or past students), ask them to visit your ranklist app, get their feedback (if any), and tell those feedback to your Lab TA.

  5. SOCIAL MEDIA CHALLENGE (CAN BE HARD for those who have not tried this before): Do a self-study on Facebook Developers Page to add Facebook like button in your HTML files. Test it by clicking like and seeing it appears in your own Facebook account newsfeed. If you can already do that, also try Twitter tweet button.


  1. Q: There are so many stuffs to be self-learned for the extra challenges on top of the basic A1+A2 requirements... Are you serious?
    A: Yes. You will frequently do this kind of self learning of various web programming tools/techniques if you continue this line of work. Divide the workload among your project group mates so that each student has reasonable workload.
  2. Q: Is this really the last face to face lab session?
    A: No, see the epiloque below.


This marks the 'end' of CS3226 guided Lab1-6 for this semester. For Week 9-10-11-12-13, Lab TAs will use Lab time to guide each capstone project group so that a reasonable end product can be presented by the 10th STePS on Wednesday, 12 April 2017.

As Lab1-6 is just a course requirement (or a professional job) and none of you have deep connection with it, most likely the project will no longer be updated after this Lab6. However, it is something that is important to Steven so he will use the best techniques used by various lab groups and will keep maintaining/updating his version for his CS3233 classes and beyond. Motivation is important. Therefore, it is quite important to pick an idea that at least one of your capstone project group member strongly believes in...

Lab TA Checklist

  1. Showcase the selected best Lab5 work so far.
  2. Review the Laravel Auth scaffolding and on what to change from that scaffold in order to use both A1+A2 system.
  3. Open-ended: Discuss some of the (easier) ways to do the various extra challenges.
  4. Grade groups who have completed Lab6 and nominate ONE best lab work in your lab group overall.