Khóa luận Xây dựng framework thương mại điện tử
BQ GIAO DVC DAO T30 TRITONG BSI HQC THANG LONG —o0o-- THANG LONG UNIVERSITY KHOA LUAN TOT NGHIEP yak y DUNG FRAMEWORK THLIONG MAI DIEN TIT MAO VIEN HUONG DAN: SIKH VIEN THVC CHUYEN NGANH: Ths. Trim Tan Tan Nguyen Bat) Trung - A15042 Nguyen Chi Cueing - A15897 Ging Nghe Thong Tin HA NQI - 2013 IA CAM ON D4 hoin thinh luan van nay chtIng t8i xin chin third' gni itri cam an den i quy thiy c8 trong khoa Toin Tin trubng D3i hqc Thiing Long a quan tam gittp der chi
Tóm tắt tài liệu Khóa luận Xây dựng framework thương mại điện tử, để xem tài liệu hoàn chỉnh bạn click vào nút DOWNLOAD ở trên
bio tan tinh trong qui trinh thvc hien de tai. Nher d6 chi ng toi da tiep thu dtrqc
nhieu y kien d6ng g6p vi nhan xet qui biu dm qui thiy c8 thong qua cic bu6i bio
ye a cuang.
Ching ten xin girl 16i cam on sau sic nhAt den ThS. Tri'n Tuan Toin da trvc tiep
hueng can, dinh hueng chuyen mon, quan tim gitip der *In firth vi tao mqi diau kien
thuan lqi !that trong qui trinh Ong tic cling nhu Ow hien luan van.
Tren het chin toi xin big to long kinh trong vi sv biet an siu sic den gia
dinh da tqo mqi dieu icien tot nhit 44 chting toi ce the hoin thimh tot mqi ding viep
trong qui trinh thvc hien luan van. Ben card' d6, ching toi cling xin girl lai cim an
cua minh Uri ban be, luon quan tim, chia se, dOng vien toi trong suik thai gian thvc
hien luan van.
Mac 46 da rit ct ging tong qui trinh thtrc hien nhung luan van idgeg the Minh
nhfing thieu set. Ching toi mong 'than dtrqc sv g6p y cis quy diAy co vi ban be.
MVC LVC
PHAN 1. MY! THIEU
1
1.1. Giei thien ht thong thung mgi Min tn. (E-Commerce)
1
1.2. Tong (plan vi dAc PHP Framework
3
1.3. Framework thieving mgi dien tdr con c6 nheng 0? 3
1.4. Framework cAa chung to s81Am dirge nhttng gi?
4
1.5. Lqi fch ter viec xily dgng Framework thsrang m0 dimn tv
7
PHAN 2. TONG QUAN Vt DESIGN PARTTERN VA MO
MVC
2.1. min that ki (Design Patterns)...
.9
2.1.1. floc diem chung
9
2.1.2. Phan log! Pattern
9
2.1.3. Ccic miu that ki dirqc sti dung trong Framework
10
2.2. M8 hinh Singleton ve Registry.
11
2.2.1. Singleton
11
222. Registry
16
2.2.3. M6 hinh kit hop Singleton & Registry
18
2.3. MO H1NH MVC
20
2.3.1. Lich sir
20
2.12. Kan trtic mo hinh MVC
20
2.3.3. Dec cam mia mo hinh MVC
21
PHAN 3. CAU TRUC CiJA FRAMEWORK.
24
3.1. Ciin truc thu myc Framework
24
3.2. Deng clay de lien trong Framework ..
26
3.3. 1URL
27
3.4. Model
28
3.5. View
29
3.6. Controller
31
3.7. Cic Library
34
17.1. Thu vien Cart
34
3.7.2. Thu vien Clean
35
3.7.3. Thu vien Currency
35
3.7.4. Thu. Wen Form_ validation
36
3.7.5. Thus vin Session
37
3.7.6. Thus Wen User control
37
3.8. Cie Helper
38
3.8.1. UY8 helper
38
18.2. Text helper
39
3.8.3. Url helper
39
PHAN 4. DAC TA VA XIV DIPIG CAC cllirc NANG CiJA Ilt THONG
THUONG MAI DEW TIT....
41
4.1. Phis tfch that hi
41
4.2. Dec ti °lc cher sang cfis hg thang.
42
UC #0001
42
QUATN Lk NHOM NGI167 DUNG, NGIVI DUNG
42
UC #0002...
...47
QUyiN NHA SAN XUAT
47
UC #0003
..50
QUIN LI.
DANN MCIC SAN PH&
50
UC #0004
53
QUAN Li sky PlaM
53
UC #0005 57
QUAN NHOM KIIACH HANG
57
UC #0006 60
QUIN
ICHACH HANG
60
UC #0007 63
QUAN DO7V HANG
63
UC #0008
.....67
QUAN Lk COUPON
67
UC #0009 71
GUY MAIL 71
UC #0010
73
QUAN Lir LOY TIN Tilt
73
UC #0011
76
QUAN Lk TIN TUC
76
UC #0012
-.79
BAO CAO, THONG KR
79
UC #0013
83
QUAN Li' TIEN n 83
UC #0014
86
MUA HANG
86
4.3. Tir dien de lieu
93
4.4. My dung cic chat thing cis Framework
99
4.4.1. Qucino, nham nguai dung
100
4.4.2. Quinn ly nguai dung
101
4.4.3. Qucinl" nha san flat
102
4.4.4. Qucinlji danh myc san phim
103
4.4.5. Quern !juin pham
104
4.4.6. Quern ly nhom khach hang
106
4.4.7. Quoin ly khcich hang
107
4.4.8. Quern orr coupon
109
4.4.9. Quern 135 clan hang
110
4.4.10. Quern ly loai tin hit
113
4.4.11. Quern 135 tin tar
114
4.4.12. Bao cao
115
4.4.13. Quern ly ccic phrtang thar thanh to:in
117
4.4.14. Quern Ifr tie'n te 118
4.4.15. Backup/Restore
119
PHAN 5. XAY DUNG WEBSITE SIT DUNG FRAMEWORK
121
5.1. GM Mtn bei tome
121
5.1.1. MO to bai loan
121
5.1.2. Mac tieu cbc chic ruing can qua III
122
5.1.3. Phan tick thilt ki he thong
123
5.2. Clu blab co bin
124
5.3. My dvng cfc chit ning
126
5.3.1. Quern ly tcic gici
126
5.3.2. Thong ke truy cap
130
PHAN 6. KI THUAT NANG CAO HIP NANG VA BAO MAT CHO INC
DUNG WEBSITE
6.1. M(it so ky thnot sir dyng trong Framework
...132
132
6.1.1. Method Chaining
132
6.1.2. Active Record
133
6:1.3. AJAX 135
6.1.4. Javascript
140
6.1.5. Payment 141
6.2. Rio mjit cho ding dyng website
143
6.2.1. HTML injection va Cross site scripting
143
6.2.2. SQL Injection
145
6.2.3.
Cross — site Request Forgery
148
DANH MVC HiNH ANH
Hinh 2.1. Diem dank theo each thong thtrong
13
Hinh 2.2. Diem danh theo m8 hinh Singleton
15
Hinh 2.3. Mo hinh MVC don gian
20
Fah 2.4. Throng truyen tree mo hinh MVC.
21
Hinh 2.5. Sr khac nhau gala MVC vi 3 — layers
21
Hinh 2.6. Qua trinh truyen trong m6 hinh 3 — layers.
22
HIM 2.7. Qua trinh truyen trong MVC.
22
Hinh 4.1. So d0 Usecase Framework
41
Hinh 5.1. Sa dO UseCase he thting
123
Hinh 5.2. Quy trinh mua hang
124
Hinh 5.3. Cai dot — Glen thieu.
125
Hinh 5.4. Cai dat — Ciu hinh.
125
Hinh 5.5. cai dot - Ket thus.
125
Hinh 6.1. ling dung web truyen thong Ora° va frng dung AJAX
136
Hinh 6.2. Tucmg tac diing b0 trong CEng clung web truyen thiing vi di b0 trong vng
dung AJAX.
137
Hinh 6.3. AJAX — Form thing kj, . 138
Hinh 6.4. AJAX — Hien thi loi
139
DANH MVC WET TAT
ICI hien viet tit
Ten day da
TMDT Throng mrti din ter
MVC
Model — View — Control
PL Presentation Layer
BL Bussiness Layer
DL Data Access Layer
URL Uniform Resource Locator
URI
Uniform Resource Identifier
XSS Cross-Site Scripting
CSRF Cross — site Request Forgery
CMS
Content management system
QL Quart lj
NV NMI vien
PHAN 1. G161 THIEU
1.1. Gioi (Mtn re he &Ong Hwang mai dien tir (E-Commerce)
Trong vii nam ter lai day, dac biet la 6 Viet Nam, cum ter Thuong Mai Dien Ter
(TMDT) (con gel la E-Commerce hay E-Business) xuat hien ngay met phi) bien. Pham
vi cua TMDT rat rOng, bao quit hau nhu mei hinh thai hog deng kinh t4, khong chi
bao gam buon ban hang hea va dich vu, vi the kho c6 the um met CUM nghia co ranh
gieri re ret cho khai niem TMDT. Xet met cach dog quit, cac dinh nghia TMDT duce
chia thanh hai nhem tity thuec vao quan diem:
- Theo nghia hcp, TMDT chi don than b6 hcp thuang mai dien ter trong viec
mua ban hang hem va dich vu thong qua cac phuong tien dien ter, nhet la qua
Internet va cac mang lien thong khac;
Theo nghia Ong, TMDT la cac giao dich tai chinh va thtrcmg mai bing
phuong tien dien ter nhu: trao din de .
lieu dien ter, chuyen tien dien t6 va cac
hoat &Ong nhu girl/nit tien bang the tin dung...
TMDT co the duce phin loci theo tinh each ciut ngueri tham gia:
Ngueri tieu dung:
+ C2C (Consumer-To-Comsumer) Ngueri tieu dimg veri ngtred tieu dimg;
+ C2B (Consumer-To-Business) Nguai tieu dung vai doanh nghiep;
+ C2G (Consumer-To-Government) Ngtrei tieu clang v6i chinh
Doanh nghiep:
+ B2C (Business-To-Consumer) Doanh nghiep veri ngtreri tieu dimg;
+ B2B (Business-To-Business) Doanh nghiep veri doanh nghiep;
+ B2G (Business-To-Government) Doanh nghiep veri chinh phi;
+ B2E (Business-To-Employee) Doanh nghiep veri nhan vien.
Chinh phi:
+ G2C (Government-To-Consumer) Chinh phit veri ngueri tieu &mg;
+ G2B (Government-To-Business) Chinh phu veri doanh nghiep;
+ G2G (Government-To-Government) Chinh ph6 ven chinh
Ngtreri to khai thac sire mash cua TMDT vi met se bar do nhu:
- TMDT gulp cho cac doanh nghiep nitm dirge thong tin phong phu ve thi
throng va deli tic;
- TMDT giip gam chi phi sin xuit;
- TMDT giup giam chi phi ban hang vi tiep thi;
- TMDT thong qua Internet gitip ngueri tieu thing va cac doanh nghiep giam
ding Ice theri gian va chi phi giao dich;
Trang 1
- TMDT tao dieu kien cho viec thiet lap vi ding et mei quan he giaa cic thanh
phan tham gia vao qua trinh thuong mai;
- TMDT tao dieu kien sem tiep can nen kinh 4 s6 hod.
Voi nhang loi ich nhu vay, TMDT ngily cling phat trien math me, bieu hien qua
viec nhftng hang kinh doanh Ulm tuyen xuit hien ugly met nhieu tren Internet.
Cie cling dok tieu bieu cua met giao dich tree cite trang kink doanh true tuyen nay:
1. Khach hang, tir met may tinh tai met nth nao do, dieu nherng thong tin thanh
town vi dia chi lien he vao dun dat hang (Order Form) elm Website ban hang
(con goi la Website TMDT). Doanh nghiep nhk dirge you eau mua hang hod
hay dich vu cim khach hang vi phan hei xac Ethan tom tit lai nhang thong tin
can thiet nhu mat hang da chqn, dia chi giao nhOn vi s6 phieu dat hang...
2. Khach hang kiem tra lai cac thong tin vi kich (click) vao not (button) "dat
hang", tir ban phim hay chuOt (mouse) dm may tinh, a giri thong tin tra vet
cho doanh nghiep.
3. Doanh nghiep nhOn vi Itru ft& thong tin dat hang deng thtri chuyen tiep thong
tin thanh toan (s6 the tin dung, ngily dio han, chit the...) da &Km ma hoa den
may chit (Server, thiet bi xi: 19 du Ho) caa Trung tam cung cep dich vu xir 19
the tren mang Internet. Voi qua trinh ma h6a cac thong tin thanh Wan ciut
khach hang duqc bao mat an Wan nhiim cheng gian lan Kong ale giao dich
(ching han doanh nghiep se khong biet dugc thong tin ve the tin dung cita
khkh hang).
4. Kin Trung tam Xfr 19 the tin clung nhon duk thong tin thanh town, se giii ma
thong tin \di xir 1y giao dich ding sau bac tuerng lira (FireWall) vi tech roi
mang Internet, intim rave dich bao mot tuy 'et del cho cac giao dich thuang
mai, dinh clang lai giao dich vi chuyen tiep thong tin thank tom den ngfin hang
tea doanh nghiep (Acquirer) theo met dutmg day thue bao rieng (mOt dtrimg
truyen s6 lieu rieng biet).
5. Ngan hang edit doanh nghiep giri thong diep dien tir yeu eau thanh tom
(authorization request) den nein hang hoac cong ty cung cap the tin dung ctia
khach hang (Issuer). Va to chat tai chinh nay se phin hei la long y hok tir
chlai thanh town den hung tam xir 19 the tin dung hen mang Internet.
6. Trung tam xir 19 the tin dung ten Internet se tiep tic chuyen tiep ithimg thong
tin phan hei hen den doanh nghiep, vi thy theo do doanh nghiep thong bao
cho khach hang dirge re la dun dat hang se threw thgc hien hay khong.
Toan b6 thtri gian thirc hien met giao dich qua mang tir butrc I => 6 dirge xir 19
Kong khoang 15 - 20 giay.
Trang 2
1.2. Tang quan ve the PHP Framework
Thanh ngif Framework khong con xa lu gi vela nhcmg ngutti da lam viec va
nghien ciru PHP. Framework giting nhtr mot thu vien ma lenh duqc xay dtmg sin de
cho nhimg ngutri lop trinh vien sau nay c6 the sir dung lai hoac phat trien.
Hien nay, PHP la met nen nglit script rat phO bien ben rillimg 1Y do: firth hoot, cli c
sir dung, a h9c, Nhung doi viec vitt ma PHP, hay bat cir neon ngit lap trinh nao
khic, co the fret nen don dieu va limg eung. DO la Ific ma chimg ta net! den PHP
Framework.
ttr?mg chung ding sau each thirc lam viec cua met PHP Framework duce ke
den la Model — View — Controller (MVC). MVC la 1 mo hinh (kien trim) trong Iap
trinh, cho phep Lich biet cac ma nghiep Ai (business logic) va giao dien (UI) thanh cac
phan rieng biet, dieu nay thing nghia yeti viec ta c6 the chinh sira chting 1 each rieng
le. Trong cum tir MVC thi: Model (M) co the hieu la phan xir 15, cac thao tic ve nghiep
vu (business logic), View dirgc hieu la phan xir ly 16p . giao (lien (presentation layer),
va Controller lam nhiem Ai 19c cac yeu eau dugc g9i fir ngtkri dung, c6 chile nang nhu
met dinh tuyen (route) - dieu chinh, phan lutong cac yeu au de gel dung Model va
View thich hqp. Ve ca ban, MVC chia nhe qua trinh xir 13, dm met img dung, vi the
nen chfing ta c6 the lam viec tren tirng thenh phan rieng le, trong khi nhung thanh phan
khac se khong bi anh hieing toi. Thtrc chat, dieu nay glop der chting ta lop trinh PHP
nhanh hen va it phtic tap hon.
PHP Framework hien nay kha day diz va dap img him het cac dieu kien can va dti
cho viec xay dung met do an. Nei toi PHP Framework thi nai bat nhat vin la: Zend
Framework, CodeIgniter Framework, CakePHP Framework,.... Cac framework nay
cho trong nhang chi tiet nhe nhat trong lap trinh. Nhim giant tai th?ri gian van dung
cho ngtred sir dung chimg. Ching han nhu cac helper gall) nguiri dung xay dung form,
cac helper gitip ngtrai dimg sir dung nheng the HTML, the helper gifip ngutri dung
validation cac form va chi dieu nay, thut to chi gap phan lam cho
Framework do ter nen than thien va quen thuOc vOi nguori dung nhieu ham.
1.3. Framework thuwng m0 dien tie clin c6 nhung gi?
Cac module can this& khi xay dung met Framework thircmg mai dien tir:
Module San phim: Module nay cho phep doanh nghiep chia thanh nhieu danh
muc san pham c6 the to thay dot theo nhu au vi du chia thanh san phim not that, san
phim my nghe, san pham ding san...vvv. Trinh bay thong tin, hinh anti gia thank .' cita
san pham theo clang e-catalog. tich hey sin giO mua hang dien tie (e-shopping cart)
phuc vu cho nhu cAu mua sim teen mang cua khitch hang.
Trang 3
Module Thank totin qua ming: Module nay di kern vei gio mua hang dien tit (e-
shopping cart), phvc vg cho nhu cau thanh tom qua mang cim khich hang.
Module Quart ly Mack hang: Ltru gift thong tin ve qua trinh dot hang, mua
hang, hem don thanh toar ►...vvv, giep khaeh hang va doanh nghiep thuon tien era ciru
khi can thiet.
Module Dick yin Hien thj thong tin, hinh anti ve cac dich vv cua doanh nghiep
tren website. Moe djch vv c6 1 form you cau djch vv di kern, cho phep khich hang a
ding lien lac khi can thief.
Module Tin at Module cho phdp chia nho thenh nhieu log tin khic nhau vi dv
tin trong nark, tin quac te, tin tiro cling nghe, tin nOi b0...wv.
Module Tito them db
,y kiln: Doanh nghiep c6 the dtra ra nhang cau h6i de thihn
de y kiln cea khach hang khi vieng tham website.
Module Qudng cbo trot aryls: Cho phep doanh nghiep guard)", cac banner, logo
cua cac 461 tac tren website minh, too ngu6n thu tit website.
Ti?,: ich tim kilm: Bao gEm 2 chfrc nang tim kiem: Tint nhanh va tim nang cao.
- Tim nhanh: cho phdp ngtteri xem tim kiem nhanh bat kir thong tin nio bong
website th8ng qua thao tac don gun la nhap tit khera can tim va nhan enter de
ra ket qua.
- Tim /fang cao: cho phep ngueri xem gi6i has khu vttc tim IciEm thong tin de kit
qua hien thj ra chinh xac hon.
Tick kip bj dlm ckuyJn saw Bao gom b0 dem s6 ngueri da truy cap, dang truy
cap website, dem s6 lan da dugc xem cho ten sin pham.
Form lien kf trot tuyin: Cho phep Mach lien he veri doanh nghiep khi co nhu cau.
1.4. Framework ala china to 0 lam dove nhirng gi?
- Quin ly sin pham:
+ Dac truing net b8t bong tinh nang quan tri san pham la ha trq linh hog trong
t6 chin ahem sin phim, cho phep melt sin phim c6 the dirge sao chap va
xuat hien 6 nhieu nh6m khac nhau. DEng thee, co the cai dot nhieu log sin
phim trong quart tri de cac bleu mitt dif lieu phi hap vei dac thu timg log
san pham, vi dv cac du lieu m6 to cho melt log thvc pham khong gi6ng veri
dit lieu cho melt hang dien tit. KM nang nay dac biet quan trong trong
thucmg mai dien to khi website co nhieu mat hang khic nhau ma yin muiln
lam n6i bat dac trong cita mEi loci hang.
+ Ngoli ra he thong hE trq kha nang dien khien cac thuOc tinh hien thi cho
phdp melt sin pham dttqc hien thj theo nhting dac trung khac nhau, tai cac
Trang 4
vi tri nOi dung khac nhau tren giao dien. Tinh nang nay rat quan tang d6i
veri viec trien khai cac mac tieu hay chuang trinh quing cao, khuyen mai
colt tang web.
+ He thting 'quan tri gia sin phim cho phdp quirt tri gia tham chien dash rieng
cho ngubi bin (gia nhOp g6c), gia bin, gia khuyen mai. Viec ho trq gii
nhap gtic chi dinh cho ngtr?ri bin, cho phdp ngtreri bin co the tham khio gia
ngay tren website de &Op quyet ?lath co chip nhan mire gia ma ngutri mua
de nghl khi mu6n mac ca mua hang hay khong.
+ Ngoai ra he th6ng cbn thi'et ke cho phep cap nhat gia cho hang log sin
pham cling lac, tinh nang nay dac biet quan trgng trong throng mai dien hi
khi s6 lugng sin phim tren website len den hang nghin va viec cap nhat lin
lugt la lchong the.
Quin 19 danh mac sin phA'rn:
+ He thifing hiS trq viec them, cop nhat vi x6a cac thong tin ve danh mac sin
phAm. Gap ban a ding trong viec quan 19 cac sin pham.
Ho trq khach mua hang:
+ Xay long giao dien de nhin vi b6 tri cac sin pham hap 19 lim sao cho
khach hang co the de ding tim den sin phim ma mirth mong main. He
thOng h6 trq chirc nang tim kitm sin pham met each nhanh va chinh xac
that.
Quin 19 gib hang:
+ Gib hang dien tx cho phdp ngutd mua hang c6 the ding lac ?tat mua nhieu
sin phim veri cac so Sang khac nhau. Gib mua hang ltru tit cac sin phAm
ma ngutri mua da chgn, cho phdp nguen mua co the xem lai nhang mat hang
minh da chgn dua vio gi6, them vio gib mat hang meri hoac be bin di sin
pham nio do.
+ De dat hang, khach hang chi can don gun kith chuOt vao sin phtim do, tat
ca cac thong tin ve sin pham bao g6m gia ca, mo ta, ma sin pham hay cac
thong tin khac deu dugc hr gong km tnr trong gi6 mua hang. Khi khach
hang da chgn hang xong, hg chi can nhan nut that hien viec mua hang,
phan mem gio mua hang se to dOng tinh toan tong sic) sin pham, thing gia tri
tien thanh toan cling nhu cac chi phi van chuyen hay thue
+ Ngoli ra, chirc nang gi6 hing cda Framework con cho phop khkh hang
chgn sin pham clua vao gin, de gi6 vao mOt ngan io va kith hang sau mOt
vai ngay quay trer lai mai quyet (firth mua hok thanh toan.
- pat hang:
Trang 5
+ Qua trinh dit hang th8ng qua gib hang dien tir cho phdp thu th#p day du the
thong tin cita nortri mua hoc them]) vien kern theo cac thong tin thanh than.
Citc th8ng tin nay trq gitip b0 ph#n ban hang trong qui trinh quart tri va zit
ly dan hang.
Van chuyen:
+ Hg thOng h6 trq viec quirt ly cac hinh that in chuyen. Ban co the them
vao cac hinh that van chuyen va 4p nh#t gia cua mOi hinh that khi an.
- Khuyen mai:
+ Hg thong ho trq viec giant gia danh rieng cho the nhem khach hang. Ngoili
ra 4 thOng ho trq viec quan 19 the Coupon giam gia.
- Quart 19 don hang:
+ Tinh nAng quart tri cho phep nguoi quan tri ket twit cat thOng ke ve mua
ban tren cac dan hang, so luting sin pham da ban ra hoc cac thinh vier
lien quan den dan hang.
+ Ngoli ra, ngtrai quan tri co the cep nigit tinh tang zit ly dan hang kern theo
the ghi chit xir 19 dan hang. Trong throng hap co nhieu ngutri ban hang,
quart tri ban hang co the tiny than chuyen dan hang den cho ngtreri bin hang
pha hgp.
+ Doi veri phia ngtrai sir (twig, khi dang ky va clang nh#p tai khoin thanh vien,
co the theo del thong ke cac dan hang cua minh va trong trtremg hap dirge
quart tri vien kich hoot, co the theo dOi lich sir tinh tang tar 19 dan hang.
Thanh toan:
+ Gib hang dien to cho phep tech hap yea hau het cat cOng thanh toan dien tir
phO bien hien nay nhtr Paypal.com, Authorize.net , Onepay.vn,
Nganluong.vn... tir do hb trq nh#n thanh toan bang the tin dung hoc the
ghi ng ngay tit website. Ket qua thanh toan dirge phan anh ngay 1#p tat
vao thong tin don hang khi dOt hang.
Quin 19 ngtrai dung:
+ Website la rat quan tang ho trq nguOi bin hang trong viec xay dung va then
khai cac chuong trinh bin hang, tham do Uri truemg va xac tier khuyen mai...
+ H6 trg cac tinh nAng quan tri thong tin thanh vien, khach hang, cho phdp
nguai quan tri quart ly danh mac, ket xuat the thong tin va theo d6i the don
hang lien quan den cac thanh vien. Ngoai ra, ban than cac thanh vien cling
co the clang nh#p de chinh sera cac thong tin caa minh va xem xet lich sir
mua hang.
Sao luu / Phut hOi:
Trang 6
+ Sao luu cho phep nguoi quan tri he thtng co the tao ban sao (backup) town
b0 ca so du lieu hoc timg bang ca so da lieu. Diing died sao chop ra the
thiet bj luu
+ Kh8i phue cho phep nguoi qua tri he thong co the khoi phuc tir nguem du
lieu da sao luu trutc da (restore), toan b0 ca sfr du lieu hoc phue hti tang
bang ca se du lieu.
Bao met:
+ Framework cart cluing ta se nga chart mot each tai da cac each that VII
cong nhtr: SQL injection, CRSF, XSS, spam
Marketing, SEO, quan he khach hang:
+ Ngtrai qua tri c6 the sir dung chile nang nay de girl cac thong tin khuyen
catalouge,... den khach hang. Qua 66, thac day va dua khach hag den
guy& dinh thut hien viec mua san phAm cling nhir tang etrang mti quan he
gicra cong ty vai khach hang.
1.5. Loi ich tir viec illy thing Framework Huron mai their' tir
Co rat nhieu ly do lchac nhau de the lop trinh vien sir dung PHP framework,
nhung mot trong nhung 19 do chinh van 11 kha nag giap cac lap trinh vien tag ttc
qua trinh phat then Ong dung. Viec sir dung 10 the ma lenh gieng nhau trong nhieu
ling dung se glair cac ban tiet kiem &we thin gian va cong sac mot each clang ke. MOt
framework se sung cep sin cac module nen tang can thiet de xay dyng mot ling dung,
vi the, cac lap trinh vien co the ten dung duge thai gian de phat trim the ling dyng
thyt te, hen la mat thai gian de xay chmg lai nen tang tren moi project.
Sr On dinh la mot 19 do lem dti vai the lap trinh vien dang sir dung Framework.
Tirth den gian la mat diem mph tha PHP, d6 la 19 do tai sao lai co nhieu ngutri thich
sir dung no, nhung clang thei do cling la diem yeu etia no. PHP thi kha de hoc vi sfr
dung, dee biet la dti vai nhung nguiri mai lam quen yeti lop trinh, tuy nhien, ha co the
thtremg xuye'n viet ma mot each khong khoa hac va them chi khong he nhen thire duce
dieu nay, yeti PHP, trong nhieu trtrang hap the (mg dung van se lam viec dug; nhung
vo tinh ha co the tao ra cac 1& hOng bao met lan trong ma lenh elm minh, va bi hacker
khai thic.
HA'u het cac PHP framework deu co sin rat nhieu thanh phAn ma rang
(extention), va cling et rat nhieu framework khac nhau de chting ta lya chem. Chimg ta
them chi con et the to viet rieng cho minh mot framework. Tuy nhien, chang ta nen
can nhic ky tnrac khi quyet dinh sir dung hoc ty phat then mat framework cho minh
hay khong, nen ty det cau hal cho chinh minh la: NO co tiet kiem duce cho ban thai
Trang 7
gian va cong sac hay kh8ng ? CO glop arng clang ban hoat dOng Mt hun thong ? Co di
thin &nye sv On dinh cho frng clang khong ?
Trang 8
PHAN 2. TONG QUAN VE DESIGN PARTTERN VA MO HINH MVC
CO nhieu each khac nhau de xay dvng vi thiet ke mOt Framework. Trong khoa
luan nay, chung ta se xay clang mOt Framework de sit dvng va de hieu.
Trong phat trien phan mem hien dai, kien true tong the coa dir in dang mOt vai
fro quan tang, dac biet yeti bO khung (framework) va mau thiet ke (design pattern).
2.1. Man thiet ice (Design Patterns)
Pattern me ti mOt giai phap chung doi voi mOt van de nao do trong thiet ke
thuing dugc "lap lai" trong nhieu dv an. Nei mOt each khac, mOt pattern ce the dugc
xem nhu meta "khuon mice co sin ap dung dugc cho nhieu tinh hireling khac nhau de
giai guy& mOt van de cu the. Trong bat kt he thOng phan mem nao chimg ta cling co
the bit gap cac van de lap lai.
2.1.1. Nic Sim cluing
Pattern dugc hieu theo nghia tai sit dung 9 tiring han la ma lenh. Pattern cho
phep cac nha thiet ke co the cling ngOi lai vol nhau va cling giai quyet mOt van de nao
di ma khong phai mat nhieu thin gian tranh cai. Trong rat nhieu fruiting hap, dv an
pilaff mem that bii la do cac nha phat trien kh8ng co dirge sir hieu biet chung trong cac
van de ve kien talc phan mem. Ngoai ra, pattern cling cung cap nhitng thuat ng>r va
khai niem chung trong thiet ke. Noi mOt each don gian, khi de cap den mOt pattern nao
day, bat k9 ai biet pattern do deu co the nhanh ching hinh dung ra "bfrc tranh" cfm giai
phap. Va cuei cling , neu dp clang pattern hieu qua thi viec bao tri phan mem cling dugc
lien hanh thuan lyi han, nim bit kien trim he thong nhanh han.
Pattern ha try tai sit clang kien tnic va mo hinh thiet ke phan mem theo quy mo
lin. Can phan biet design pattern vai framework. Framework hti try tai sir clang mo
hinh thiet ke va ma nguon 6 mire chi tiet han. Trong khi d6, design pattern dirge van
dvng o mule ding quit han, giup cac nha phat then hinh dung va ghi nhan cac cAu frac
tinh va dOng sung nhu quan he tircmg tic gifts cac giai phap trong qua trinh thiet ke
ling dvng dei yeti mgt chuyen khu rieng biet.
Pattern da tuang thick. Pattern khong phv thuOc vio ng8n ngfr lap trinh.
2.1.2. Ph& logi Pattern
Pattern dirge phan loaf ra lam 3 Whom chinh sau day:
- Nhom eau thanh (Creational Pattern): Gem Factory, Abstract Factory,
Singleton, Prototype, Builder... Lien quan den qua trinh kited Mo doi Wang cu
the tir mOt dinh nghia triru tugng (abstract class, interface).
Trang 9
- Nham cau trim tinh (Structural Pattern): Gam Proxy, Adapter, Wrapper,
Bridge, Facade, Flyweight, Visitor... Lien quan den van de lam the nao de the
16p vi did Wong keit hop veld nhau tao thanh the cAu true len lion.
- Nhern trong tic dOng (Behavioral Pattern): Gram Observer, State, Command,
Iterator... M6 ta each thirc de de 16p hale doi tugng co the giao titp yeti nhau.
2.1.3. Cdc mtia miet ki thaw sir (long trong Framework
- Model — View — Controller (MVC).
- Registry.
- Singleton.
a. Model — View
— Controller (MVC):
Ma hinh MVC (Model - View - Controller) la mOt kien true phan mem hay
ma hinh thiet ke dirge sir dung trong ky thuat phan mem. NO gulp cho cac nhi
phat trien Lich img dung dm hg ra 3 thanh phan khic nhau Model, View vi
Controller. M8i thanh phan co met nhiem vu rieng biet va do'c lap yr% the
thinh phan khk.
b. Singleton
- Khi phat trien met img dung web, co mOt van de khien chimg ta phai suy nghi,
46 Ii lam sao de co met 16p (class) chi co chinh xk mot the hien (instance),
the hien de e6 the truy cap tir bat cir dim trong pham vi ling dung vi ddc biet
chang ta khong mulin sir dung bien town cue (global variable) vi mOt s6 bat lqi
cita bien toan cue, vi du nhu khi chting ta main kiem tra met each chi ti'et
chuong trinh va muon biet bien town cue doge sir dung the nao thi chitng ta se
phai xem xet chi tiet tirng clang code trong m8i file bed ddc diem dm bien tom
cue la no co the dirge sir dung 6 bat 14 dau trong chuong trinh, viec 46 se
khien chfing ta mat rat nhieu died gian. Han nal, vide sir dung bien than cue
rat nguy hiem vi gia tri cua ne c6 the dirge thay dOi 6 bit cir ham nao m8i khi
ham da dirge goi va chimg ta rat kh6 kiem sok dirge chuyen gi dang xay ra
yeti bien town cue.
DO la hie ma Singleton co the giup ta giai quyet nhimg van de tren. Singleton
la mOt design pattern dirge sir dung khi plui toren trong ck Framework. NO
dua ra each thi'et ke de dim bao ring chi tao ra khong qua mOt the hien ctia
mOt lerp va the hien nay co the throe truy cop tir bit cir dau. N6 thuong dirge sir
dung cho the dad tugng nhu eau hinh he thOng, ket not co so dit lieu...
c. Registry
- La mOt trong nhirng pattern eat him ich. Ta coi n6 nhu melt chiec gi6; sir dung
Registry ban co the them dir lieu (ca gia tri va dai tugng) vao cdi gi6, va truy
Trang 10
xuat chang khi duqc you ciu tir cac phin lduic dm met img dung. Khi moi du
lieu nhu the drat dieu khien Uri met ea tuqng Registry duy nhilt (single), no
lam cho vies truyen alit lieu va den tuctg xung quanh meting dung dan gian
han rat nhieu so voi viec truyen tit tit nhemg der lieu ay nhu met tham s6 rieng
tu (individual) vao met phuang that kWh tao hay cid eat. Trong met hinh that
(fashion) tuang ta, Registry c6 the thay the cho nhu cau phai c6 tat ca 461
ttrqng ban can tray cap totm cut ten ma thii ttrqng 46 hoat Ong nhu met
Singleton.
+ Chinh Registry vira c6 the duqc truyen vao (passed around) nhu met tham
s6 vira c6 the duqc chuyen thanh Singleton de cho phep truy cop town cut
to5i no tir bit cir nai eau trong ang dung. O dau n6 duqc sir dung de thay the
nhieu Singleton, n6 c6 the thay the nhu cau phai biet ten moi 16p rieng
dieu lim cho viec sat clung lai cat 16p trong cac img dung khk de ding han.
+ Registry pattern cho phep luu tre . va truy xuat de. lieu. Cac dei tucmg an
phai truy cap tok cat tap trung trong met dei ttrqng duy nhat. Met lOp
Registry thong thtrtmg bao gem ben phuang that: ghi du lieu (set), truy
xuat ear lieu (get), huji (unset), kiem tra sa ton tai cua 46i arcing (isset).
Trong PHP 5.1, chi mg ta c6 the sit dung cat phuang that ma thuat (magic
method) de the hien cat phuang thirc tren met cach dang.
Mo hinh ket luyp Singleton & Registry
Thay vi chimg ta phai truyen Registry nhu met tham se kb% tao thi chGng ta
se bien 46i tucng Registry trer thinh met dei ham Singleton. Su bien depi nay
rat dan gian, chin ta chi can them met phuang that Singleton() kieu static.
2.2. Mt) hinh Singleton vi Registry
2.2.1. Singleton
De hieu re han ve Singleton, chang ta se Wang tutng met lap hgc co Mn sinh
vien va ben sinh vien nay se phai diem dank de giao vien ghi ten vac, s6. Doan code
duti day se the hien cong viec tren theo citch thong thutmg.
<?php if ( ! defined('BASE_PATH')) exit('No direct script access
allowed');
/**
* @framework: PHP5 - ECOMMERCE FRAMEWORK
*
• @author:
fatange126@gmail.com
- Nguyen 136o Trung
cuongnc.it659@gmail.com
- Nguyen Chi CuOng.
* @description: Script m6 ta ye Singleton Design pattern.
Trang 11
*/
class Teacher
{
private $_name;
static $ number of instances = 0;
public function construct()
{
$this-> name = 'Nguyen Bao Trung';
self::$numberofinstances ++;
echo , st, gido vien:'. self::$ number of instances.
1 ';
}
public function TakeAttendance($studentName)
{
echo $studentName. 'co mdt.';
1
}
class Student
private $ name;
private $_teacher;
public function ...(d0 dAi tei thieu ld 3); neu khong vugt
qua dugc nhang 18i nay thi se thong bAo 16i: Ten dAng nhAp khong
dugc de trOng ho4c Ten deng nh*p phai nhieu han 3 ky tu.
- Ta co cac luat sau:
not_empty No Tra ye FALSE neuthutjc tinh rung.
matches Yes Tni ye FALSE neu thuOc tinh kitting
kh6p y6i tham mti truyen yea
matches[password]
is_unique Yes Tni yi FALSE neu dwec tinh da ton tai
tong bing yeti ten twang duqc chi dinh.
is_unique[tbLusettlimum4
min_length Yes Tr* ye FALSE nen thuijc tinh co dO dii
ngin hunt tham s6 tmyen vac).
min_length[3]
max_length Yes Tni ye FALSE neu thuOc tinh co dO dM
dal hen tham s6 truyen vita
maxiength[l 0]
exact_length Yes Tni ye TRUE nett tituOc tinh c6 de del exact_kngh[5]
Trang 36
, - ....
. r
VI
chinh the bang tham so truyen vio.
greater_than Yes Tra ye FALSE neu thutjc tinh nhe hen
tham so truyen trio hoes kh8ng phiti
kieu se (numeric)
greater than[3]
alpha No Tri ye TRUE neu thuijc tinh chi chira
cic chit cai (alphabet).
alpha_numeric No Tra ya TRUE neu thutjc tinh chi chira
de chit chi (alphabet) hooc de chit so
(numeric).
valid_email No Tra ye FALSE neu thuoc tinh khong co
Bang II met email.
numeric No Tra ye FALSE neu thutjc tinh khong
phai la so.
3.7.5. Thu. Wen Session
Thu vien nay hi; trq Chung ta thao tic yeti phien lam viec (session).
- Mtkin ggi thu vien session, ta sir dung down code sau:
$this->load->library('session');
- Ta co the ham ho trg sau:
+ Them du lieu vao session: $this->session->set_userdata ( ) . Vi
$account = array(
`id' => 1,
`username' => 'admin'
);
$this->session->setuserdata('accounts, $account);
+ Duyet session: $this->session->all_userdata 0 .
+ Xod session: $this->session->unset userdata ( ) . VI du:
$this->session->unset userdata('account');
+ 1-114 session: $this->session->sessdestroy .
3.7.6. Thu Wen User control
Thu vien nay he trg chi:mg ta trong viec xac nhan (authenication) va pha'n quy'en
ngtrai sir dung trong quart tri he th6ng.
- Muen ggi thu vien user control, ta sir dung doan code sau:
$this->load->library(`user_control');
- Ta có cac ham 116 trg sau:
Trang 37
+ Dang nhap: login ( ) . Vi du:
$this->user control->login('username', 'password');
+ Ding xuAt: logo ut(). Vi du:
$this->user control->logout();
+ Kiem tra xem co quyen gi: haspermission(). Vi du:
$this->user control->haspermission('modify', 'backend/report');
3.8. Cic Helper
3.8.1. uus helper
Tap tin nay china cac ham ginp chung ta thao tac veri kieu dir lieu Text WA ma
utf-8.
- Mu& gqi helper utf-8, ta sir dung (loan code sau:
$this->load->helper('utf8');
- Ta c‘i cac ham h8 trg sau:
+ utf8_strleno: tra ve de dii Goa chu8i mA utf-8. Vi du:
$string = 1 M6m nay, ted di hoc !';
$len = utf8_strlen($str);
echo $len;
//OUTPUT
21
+ utfEstrpos(): tra ve vi tri coa chu8i can tim hoac tra ve sai (kieu logic) nen
chutii can kiem tra khong nam trong chu8i yeu eau. Vi du:
$mystring = 'abc';
$findme = 'a';
$pos = strpos($mystring, $findme);
if ($pos === false)
{
echo "Chu6i '$findme' kh6ng nam trong chuOi '$mystring'";
}
else
echo "Chu6i '$findme'
trong chuOi '$mystring'";
echo " o vi tri $pos";
ducc tim thAy
//OUTPUT
Trang 38
Chu& a nAm trong chu8i abc 6 vi tri 0.
+ utfli_substr 0: tra vie chuOi con cita mOt chu6i. Vi du:
echo substr('abcdef', 1); // bcdef
echo substr('abcdef', 1, 3); // bcd
echo substr('abcdef', 0, 4); // abcd
echo substr('abcdef', 0, 8); // abcdef
echo substr('abcdef', -1, 1); // f
3.8.2. Text helper
Tap tin nay chtia cac ham gift!) chung ta thao tac veri der HO ki6u Text.
- Mu6n goi helper text, ta sir dung doun code sau:
$this->load->helper(`text');
- Ta ce cac ham h6 trq sau:
+ word limiter(): cat chuiii tir so tir duce quy dinh. Vi du:
1 $string = "Heim nay la mOt ngay dep trOi.";
1$string = wordlimiter($string, 4);
//OUTPUT
Hem nay la mOt _
1
+ chanaderlimiter0: cAt b6 chu6i tir s6 chit trong tir duqc quy dinh.
Vi du:
$string = "Hello everybody !";
$string = characterlimiter($string, 5);
//OUTPUT
Hello
3.8.3. Uhl helper
Tap tin nay chira cac ham giup cluing ta lam vi6c v6ri URLs.
- Mu6n gqi helper url, ta sir dung dour' code sau:
$this->load->helperpurl');
- Ta co cac ham h6 trq sau:
+ base url(): tra ve duang dan chink cua trong web. Vi du:
echo base_url();
//OUTPUT
echo base_url("blog/post/123");
//OUTPUT
Trang 39
+ current_ur10: tra ve dtdmg dAn hian tat ma ngubi dimg dang
truy cap. Vi dp:
echo current url();
//OUTPUT
+ redirect(): chuyn htrang trang web. Vi du:
//Ta dang 6 dueng dAn:
//Ta thuc hiAn chuyen huding ri6u dAng nhAp thAnh cong
if(checkLogin)
{
//Chuyen hu6ng
redirect(baseurl(). 'home');
else
//Thong bAo clang nhAp khong thAnh c6ng
Trang 40
PHAN 4. DAC TA vA fly DUNG CAC cllirc NANG CIJA fl THONG
THU'UNG MAI DItN Tcr
4.1. Phan deb thiet ice
a. Su dO tang quan air chat fling clia Framework
QL: Quan ly
Hinh 4.1. So. clj Usecase Framework
b. Cic tic nhfin tham gia vio hg thong
- %heck hung: LA nhimg ngurri sir dung he th6ng de" mua san pham, xem san
phAm va (lath gia ve san phAm do.
- 1Vhen view La nhang ngtreri ski dung he th6ng quart 1y. Dwa vio Si he
thong de phin quyen cho cac nhem nhan vien cho phu hyp
'Frang 41
4.2. Dec ti cic chirc ning cfia hg &sing
UC nil
. -r....;"
QUAN LI"( NHOM NCO % DUNG, NGUUI
DUNG
DO Phi
top:
Me t*
Chat nang nay cho phep ngtari quan tri co the liet ke, tao mm, chinh
sira, x6a, phan loai, phin quyen cac tai khoin trong he thong. Ngoiti
ra, ngutri quart tri co the tao ra cac nhom nguiri dung va phan quyen
theo timg nhom ngubi dimg.
Tic
°Ilan
,
child' Nhan vien quan tri.
thy Khong co.
e Tin diet t; -
Phai ding nhap vao he thong va phai co quyen thao tac tren chat
nang nay tut khi bit dttu UseCase.
iti utu
diet
kitn
.
nil&
,..-
clifig
Ca so dff lieu se dugc thay d6i.
t i Tinh trang he thong se khong thay din.
. - -
DAC TA c NANG
I
Luling sq:kien chinh/lqch bin chinh
1. Chic nang nay bit dL khi ngtrai quan hi mu6n liet ke, tao men, chinh sira, xoa,
tim kiem, phan loai, phan quyen nhom ngueri dimg va ngueri dung.
2. He thong yeu tau ngueri quirt tri he th6ng xac dirth chirc nang main thqc hien.
- Neu ngueri quan tri he thong chqn "Quin 45 nit& nye& ding" thi luong con
"Quin Ut nhom nguil ding" se duchy thqc thi.
- Neu nguiri quan tri 4 thOng chop "Quin lft ngtroi ding" thi luting con "Qudn
os viol ding" se dtrqc thqc thi.
Chris nang gain It nh6m nguni dung
1. He th6ng hien thi danh sash cac them ngtroi dung tren he thong.
2. Ngured quart tri he thong chon chic nang thqc hien.
v Them mIri nhom dung:
+ He thong yeu au ngueri quan tri nhap thong tin ve nhom ngutri dung m6i.
+ Ngutri quan tri nhip ten therm ngueri dimg va phan quyen chic nang ciut
timg them ngtroi dung:
n Quyen truy cep tren the chic nang.
n Quyen thao tic hen cac clam nang.
+ He thong kiem tra nh6m ngtreri dung tren da din tai hay chum:
Neu tren he thong chug tim tai nhom ngtred sir dung nay thi he thong se them meri
nhom ngtreri ding vao 4 th6ng.
Neu tren 4 thong di ten tai nhOm ngtreri &mg nay thi he thimg se thong bao de
Trang 42
ngucn quan tri nhap lai, ngueri quan tri ci the chin hily bo viec tao meri nhem nguai
ding.
v Cap 'that nhom nprii dung:
+ Ngtrai quan tri chin them an sia tir danh sach them nguii ding va bAm
nut Sim
+ Ngutri quan tri thay 46i bat kjr thong tin nao dugc chi ra trong chirc nang
Them meri thorn ngueri dimg.
+ Nguai quan tri him nut DOng 9.
+ He thcing se cap nhat lai thay 461 cua nhim 40.
v X011 nham nguti ding:
+ Ngueri quan tri chin cac them ngueri dung can xoa tir danh sach nhem
ngueri dung
+ He tiding xac titian lai yeti can x6a cila ngutri quan tri, neu ngtrai quan tr.(
dingy xia thi he thong xac dinh va xoa nhing nhim ngueri dung 46 Ichei
he theing.
Chic nang quin lj nguti ding:
1. Nguii quan tri chin chic nang Quin 19 ngueri ding
2. He thOng hien thi danh sach cac nguiri dimg tren he thOng
3. Ngueri quan tri chin chic nang can thut hien
v Them mai ngutd ding:
He th6ng yeti can. ngtroi quan tri nhap vao th8ng tin ve ngueri dung mil
bao g6m:
+ Ten ngueri ding.
+ Mat khau.
+ Email.
+ Nh6m ngueri ding (chin tir danh sach co sin, neu Ichong thi se la nh6m mac
dinh va khong &tic cap quyen nao) va barn nit "Eking 9"
He th6ng kiem tra ngueri ding da ton tai tren he tilting hay chua
+ Neu ten he thOng chin din tai ngueri ding nay, he thOng se them mai ngueri
ding vao he thing.
+ Neu tren he thOng da ton tat nguiri dung nay thi he thong se thong bao de
ngutri quan tri nhap lai, ngueri quan tri co the chin hay bee viec tao mai
nguari ding.
nhlat nguiri ding:
Ngtrai quail tri thay 461 bat ky th8ng tin nao citric chi ra trong chic nang
Them meri ngueri edung
- Ngueri quan tri bam nit Cap nhat
- He th8ng se cap nhat lai thay doi cua nh6m di.
v Xol nguti ding:
- Nguii quan tri chin nguii dung can xoa tir danh sach ngueri ding va bAm nit
Trang 43
"X6a".
- He thong xic Stan lai you eau x6a dm wren quart trj, nett floral pan tri ding
Si x6a thi he thong xic djnh va xott ngueri dung de khoi he thong.
Luong stIden phit sinhaqch bin phit shah
Neu din tai ngtren dung trong nhom ngtreri dung thi item ngtreri dung d6 khong dugc
x6a.
Cic you CIO d#C bet khic ,.
Trinh duyet phiti hti try javascript.
Giao di011ninh.hua
Cac giao dien nay chi ce muc dich minh hoa de cho ngtreri doc a dang hien lion ve he
thong, giao dien thuc to c6 the dtrqc thay di met phen nao do
Er
to
S Minn ♦
4 Cerxedmoi 5
3 Iamb, ‘ U
1 Mod ‘ U
Giao din quart 0 nhom nguyli dung
Ten nhOm
Qtr,en lily cap
L; backend author
12 backendlbackup
kend/banner
U backend/cate
t E 1.....“ A.,Itens. n•
Calaalkagsbaalit
Cluyen MO tat
kand/author
L. backendibacicup
J backend/tanner
Li backend:care
caathy atctioA
Them mol nhenn ?wail dung
Trang 44
26336:1313
1644.-2013
26142313
4
3
2
Enable
Enable
Enable O
X6a nh6m Aga& dung
Giao then win 117 nguai dung
Ten (fang nhap
Ho va len
Password
Email
37v: i'f.-!54grn3h
NhOm Rau cii darn
Admin •
Trang thai
Them miti nguoi &mg
Trang 45
Trang 46
,
UC #0662 - ?-'.- ;.,.-
QUAN Lt NHA SAN XUAT
D. phirc
tap:
- , M6 to ,
-,
Chfrc nAng nay cho phep nhan vien co the liet ke, them mai, cap
nhat xoa nha sin xuAt trong he thong.
Tic
°hen
h NhAn vien
Pa
,.
Khong co.
A A -- Tien dietticien
-
Phai dang nhap vao he tilting va co quyen thao tac tren chic nang
nay fru& khi bit dAu UseCase.
A Btu eau
Wen
Minh
i
..tp. fig Ca so da lieu se duce thay d6i.
Tinh trang he thong se killing thay dOi.
, .
HAC TA atilt NANG
, .
Luong sv hien chinhilQch bin chink
1. Chat nAng nay bat dAu khi nhan vien muen liet ke, them meri, cap that, x6a nha
sin xuAt ra kh6i he thong
2. He thong yeu au nhan vien chop chat nang ma minh muor n bao gam:
- Neu nhan vien chon "Them mdi nkd sin nit thi luring con "Them mdi nki
sin min" duqc thuc thi.
- NM nhan vien chon "Cpp nktit dui sin mat thi lung con "Clip nk# nkd
sin air dirge thqc thi.
- Neu nhan vien chqn "Xda nba sin air thi luring con "Ma nki sin nab"
duqc num thi.
Chat nang them mai nhi sin xuAt
1. He thong yeu cAu than vien nhap thong tin ye nha sin xuAt bao g6m:
- Ten nha sin xuAt
- Dien thoai
- Dia chi
- Email
2. Sau khi nhan vien nhap thong tin ve nha sin xuAt. He thong se sinh ma duy nhat
img veri mill nha sin xuat, vi nha sin xuat d6 duqc them vao he thong.
Chat fling cap nat nhi sin xmit
1. He thong hien till danh sach cac nha sin xuat.
2. Nhan vien chqn nha sin xuAt ma mink mutn cap that. ,
3. He thong truy xuat va hien thi thong tin ve nha sin xuAt do.
4. Nhan vien cap nhat thong tin ve nha sin xuAt do.
5. Sau khi nhan vien cap nhat, he thong se cap nhat lai thong tin ve nha san xuAt
do.
Chat nang x6a nhi sin xuAt
1. 114 thong hien thi danh sach cac nha sin xuAt.
"Prang 47
2. Nhan vien chgn nhi san xuat ma minh mutOn x6a va chgn x6a nha san xuat.
3. He thtng dim ra de nghj xac nhan x6a nha san xuat.
4. Nhan vien xac then viec x6a nha sin xuat. He thong se x6a nha san xuat 46 ra
lched he thong.
.
Luang Slit h Obit On ech binphilsinh •
CAc yen till ibiet Ithic
Trinh duyet phai ha trg javascript
Gig(' then -Minh hija
Cac giao dien nay chi ce mac dich minh hqa de cho ngu&i dgc de dang hieu ham ve he
thong, giao dien thac to c6 the dugc thay di mOt phi!' nio d6
CIO
r,
10 11013 Us 4499
012151511491 % *
9 NAB Ti19 ipp 01215242 MA Hak, ism Iii 4012fersto :sr- %
*
8 NM H414 Ma .10 S N
NXE1Tho.41se S N
6 We Oa hoc I. plom S N .
4 We) it4 90i 0111111 NA king 100e94 4901 S N
4 NXB ilisnh NM 01:21211 HA M; Meru& 4,411 S K .
)
NIB Tr{
01714143242 Hi t46. xh11.4112m4,1 49m 5 N
2 NX51141 phro I4.1 01215151491 He No 06144441094a41 tom 41 N
1 t0131(rm Ding 01215151491 146 44 kurdange9m44 ram SI N
Ciao dien quern lji nhis san xis&
Ten nha sin nett
t,xs Ka 1 cirr._
Dien ihoni
04337 ,...;_ri
Din di:
Email
. ______
Trang 48
012151511491
Them mot nhis san xulit
10 NliBbo OEN
9 WS 'Ong hop
8 NXB Hot nha -M
E1303 rho. do
6 NM Dye hoc su Oven
5 HABThd gio n
4 1.1e3 thank Mg
3 WS Int
2 106 HQ* ptE) nfr
1PB Kip), D4ng
Islange2.34grAl1 corn
1913grnal can
treynai corn
xt4roesenall cog, -
frunii@gmal
firrelYWgrlati cCt
0111 1 11
Pa tang
01271211
1-4,
01214113242
Ha NO,
01215151431
Na 1.16
91215151491
MOO
XOQ nha san xuat
Trang 49
..',4•UC
,
I I QUAN Lir DANA MVC SAN PHAM
D4 phirc
tap:
. -
M8 .- Chirc nang nay cho phep nhan vien co the liet ke, them, xoa, sera cic danh mac san phim trong he thtmg.
Tic
nhin
/tan vien
kp 'thong co.
Tan dieiaien .
- - , • i•,• --
Phai dang nhap vio he thOng va c6 quy6n thao tac tren chic nang
nay truck khi bit dAti UseCase.
Hi u •
(Wu
44011
- ,
•
" a
r.• •
- cung
Co so aft lieu se dupe thay dia.
r Tinh trang he thong se khong thay dai.
DAC TA CHeC NANG
- . . . ..... .
A •• Luang skr hien chinhilqch bin chin!,
1. Chat nang nay bit Mu khi nhan vien mu6n Iiet ke, them, sera, xoa danh mac
san phAm.
2. He thOng you cAu nhan vien xac djnh chile nang ma hp muton thvc hien.
- Neu nhan vien chitin "Them dank myc" thi luting con "Them dank mpc sin
phim" se dirqc thpc thi.
- Neu nhan vien chip "Siva dank inpc" thi luting con "Sew dank mpc sin
phim" se dupe thpc thi.
- Neu nhan vien chpn "Xda dank myc" thi luting con "Xda dank mpc sin
pkJm" se dupe thpc thi.
Chat fling them danh mpc sin phim
1. He thong yeu cAu nhan vien nhap thong tin ve danh mpc san phAm bao Om:
- Ten danh mpc san phAm.
- TM: ar uu lien.
- Trang that
2. Khi nhan vien cung cap cac you au, he thiing se sinh ra ma danh mac duy nhAt
va danh mac san phAm 86 se duvc them vao he th6ng.
Chat nang sera daub myc sin phim
1. He thting Men Oil danh sach cac danh mac san phAm.
2. Nhan vien chpn danh mpc sin phAm ma mink muOn sin.
3. He thong truy xuat va hien till th8ng tin ve danh mpc san phAm da.
4. Nhan vien sin thong tin ve danh mac san pham 86
5. Sau khi nhan vien sira danh mac san phAm, he thong se cap nhat lai thong tin ve
danh mac san pham d6 trong he thong.
Chat nang xia dank myc sin phim
1. He thong hi'en till danh sach cic danh mpc san phAm.
2. Nhan vien chan danh mpc san pham ma minh mu6n x6a va chin x6a danh mpc.
Trang 50
3. He thong dua ra de nghj xic &fan x6a danh muc .san phim ,
4. Nhan vien xic than viec x6a danh muc sin pham. He thong se x6a danh muc
sin phAm ra ;chat 4 thong.
I en Obit sin 'ck bin phitsbah -
- Neu ten danh muc sin phAm dA ton tat trong he thong thi danh muc sin phAm
de se khong dugc them vao trong 4 thong.
- Neu danh muc sin phAm dang chira sin phAm thi danh muc de
killing duqc x6a.
Cic yeu c u'd4c hitt:kink
Trinh duyet phai he try Javascript.
Giao dienttinnk hna
Cic giao din nay chi ci mitre dich mirth hna de cho ngutri doe a ding hiOu hart ve hO
thong, giao din tlinc to c6 the dugc thay dOi mgt phin nio de
so
6 Di lino Snail 999 Ole-awl #
6 1.19 thull Win al 9% roilhuai % #
4 Svc Mob wt. dm I suc We % #
3 Khoo hoc k9 thuta Min MI 3 lzkoshoc-ky-thuo1 • It
2 N991 ^ 9G So thi 2 ^1203. -^ 9u % #
1 ix 1 KIM door+ Mindli dodcarth % a
Giao dien qutin If , danh myc siin ph/Am
Ten chuyen myc
Sal, g z=s *yza
Trang trial
Hien Ihi •
IVY hr
009
lieu dg khOng dgu
Them mai danh myc san pham
"[rang 51
Trang 52
UC #0604 .,, QUAN Lt SAN PHAM
DO phirc
tap:
,., Mo hi ,
.,,,
Chirc nang nay cho phep nhan vien c6 the het ke, them, cap nhat,
x6a san phAm trong he thong.
Tic
nhin
,
04h
.
Man wen
Ohm Kh8ng ceo.
Tien dikuldin trz,
Phai dang nhap vao he thong va c6 quyen thao tic tren chew nang
nay three khi bat diu UseCase.
Hill
.
dien
hien
inh
ng
Ca se du lieu se duqc thay dOi.
• Tinh trang he thong se khong thay del.
i
DAC TA CHOC NANG
.
Luting sy-kien chinh/Hich bin chinh
1. Chat nang bit du khi nhan vien mutm them, cap nhat, x6a thong tin san phAm.
2. He thong yeu au nhan vien xac djnh chile nang ma hq muon thuc hien.
- NM nhan vien chqn "Them sin phAm" thi luting con "Them sin Sam" se
duqc dux thi.
- Neu nhan vien chqn "gip nh# sin philm" thi luting con "Clip nhis't sin
phim" se duqc thus thi.
- Neu nhan vien chqn "Ma sin phim" thi luting con "Xia sin pham" se duqc
thqc thi.
Choc nang them sin phim
I. He thong yeu au nhan vien nhap thong tin ye san phAm bao gem:
- Ten san phim - Tem tat san pham
- Gia - Nha cung cap
- SO luqng - Loai san phAm
- Hinh anh dai dien - Can san phim lien quan
- Yeu eau van chuyen - Trang thai
- Ngoai ra he thong con c6 chirc nang khuyen mai va ap dung diem thuemg cho
mixii san phim:
+ Discount: Giam gia san phim theo so luting mua, img veri mill nh6m khic
hang.
+ Special: Mirc gia san phann cho timg nhem Ichach hang.
+ Diem thuerng ce 2 phan:
Diem: Diem de mua san phim 46 (mac dinh la 0 — kheing mill:in san phim
duqc mua bang diem thuerng).
Diem thuerng: Diem de thuemg khi khach hang mua san pham nay.
2. Khi nhan vien cung cap cac yeu cAu ve san phim. He thong se sinh ra ma duy
Trang 53
nhAt dm sin pham da va san phfun do se dirgc them vio he thling
Chirc rang cap nhet sin phAm
1. He thOng hien thi danh sich cac sin phAm.
2. Nhan vien chgn san phAm ma minh mutat cap nhat.
3. He thong truy xuAt va hien thi th8ng tin ve san pham da.
4. Nhan vien cap nh#t th6ng tin ve sin phArn do.
5. Sau khi nhan vien e#p nh#t sin phAm, he thOng se cap nhai tai thong tin ve sin
phim dO trong he thong.
Chic ning xen sin phAm
1. He thong hien thi danh sich cac sin phAm.
2. Nhan vien chgn sin phArn ma minh muOn x6a vi chgn xoa sin phAm.
3. He fluting dua ra de nghi xac nh#n xda sin pham.
4. Nhan vien xac rili#n vi'e'c x6a sin phfun. He thOng se xga sin phAm do ra kh6i
he tilting.
,
Luling'si hien phit sinh/Kich bin phitlinti-:
Cic yen au d#c biet khic
Trinh duyet phai hil trg javascript
Giao dien mink hqa
Cac giao dien nay chi c6 mgc dich minh hga de cho nguiri dgc de" ding hieu han ve he
thong, giao dien thgc to c6 the dugc thay &a mOt phan nao de
111111111111111.1111111111111a11111111111.11111111
60 -
31
30
29
2$
27
II
Ar
111
2
1.14 VA Wing OW 14 250 0%10 so Han Ou NA
Mry 1,nh !Meg Saw 19 990 0004 11, 7.
%
#
f4n bow cl, Meg
17 210 0304 107 Hitnlry % It
0,4n thaw cl, log. 6 680 OW IWO Kim tta Ile #
Dst, Ono& tgag 3 990 OM 999 iiii #
Giao dien Tien Ift dm pham
Trang 54
Maas. Igedol Din Ibsen
Mann On NOV Sok Wink tic
inn sin Mk,
Tin san M1 4rn AWN cdt(Vi au . Tin vino— ten asnl
HM ann
Cm. Ss: ow
Tom Si
tAr sir sot
osock ;:
Lem sin onim
I -Oms—lom—sioneM
Sin Osio Stn wan r As:scam:4ml
Yea cAu van cruyen
cn
Trang VIM
Mint
Them mai san phdm
Trang 55
'Wang 56
UC #0005 QUAN Lir NHbM ICHACH HANG
DO Pbfrc
tap:
Chirc nAng nay cho phep nhan vien co the Het id, them, sfra, x6a
nhom khach hang trong he thong.
Tic
:nhiln
,.. .
etirthh Nhan vien
khV Khong co.
Tien . A 8ie0, utien
--. -2 .:
Phil (tang nhap vao he thong va co quyen thao the tren chirc nAng
nay tnrgc khi bat dAu UseCase.
Effiu
(lien
hien
ding
Ca so du lieu se duce thay d61.
Tinh trong he thong se khOng thay dOi.
1D4C Tioutrc NANG
L_ uang sir Weil chthh/Kich ban chfnh
1. Chat nang bit dAu khi nhan vien muOn them, sib., xga nh6m khach hang.
2. He thong you eau nhan vien xic djnh chirc nAng ma hg muon thgc hien.
- Neu nha'n vien chgn "Them nhom Mich hang" thi luting con "Them nhom
khdch hang" se dtrgc thgc thi.
- Neu 'than vien chgn "Cap nhat nhom khdch hang" thi luting con "Cap nhat
nhdm khdch hang" se duce thgc thi.
- Neu nhan vien chgn "Ma them khdch hang" thi luting con "Xda Wham
Mulch hang" se dirge thgc thi.
Them nhom khach hang
1. He thong you cau nhan vien nhap thong tin ve idiom khach hang bao gem:
- Ten nhom khach hang
- MO to
- SO diem tham gia vao nhom
2. Khi nhan vien cung cap cac yeu cau ye nhOm khach hang. He thong se sinh ra
ma duy nhat dm nh6m khach hang va nhom khach hang do se dirge them vao
he thOng.
C#p nkit nhom khich hang
1. He thong hien thi danh sach cac !thorn khach hang.
2. Nhan vien chgn nh6m khach hang ma minh main cap nhat.
3. He th8ng truy xuat va hien thi th8ng tin ve ahem ngutti thing do.
4. Nhan vien situ thong tin ve nhom khach hang do.
5. Sau khi nhan vien cap nhat th6ng tin ye nhom khach hang, he thong se cop that
lai thong tin ye nhom khach hang do trong he th8ng.
X6a nhom khieh hang
L He thong hien thi danh sach cac them khach hang.
Trang 57
2. Nhin vien chip nhom khkh hang ml nth muon x6a va chin x6a nhom Ichich
hing..
3. He th6ng dua ra de nghi xac nhin x6a nh6m khkh hang.
4. NhAn vien xac thin vi'ec x6a nhom khach hang. He thOng se x6a nhom khach
hang d6 ra khoi he thOng.
Luang sy Oen' phi t sinhaCich bin phit Sink
- Neu ten nhom khich hang di tan tqi thi Whom khich hang do khong duqc
them vao he' thong.
- Neu din tai khach hang thuk thorn khich hang 46, thi 'thorn khach hang
kh6ng dtrqc x6a.
Cic yen c n..dic biet khic
Trinh duyet phii hii trq Javascript
-.*
Giao din iunh hqa
thong,
Cac giao din nay chi co rrinc dich minh hqa de cho ngutri dqc a clang hiEu hcrn ve he
giao din thqc to co the duqc thay dOi mot phAn nio 46
se -
5 Mk anli Detail 0 % *
4 Km Cacmg tattm Which I•arg Wan cutup 1600 % X
3 Bong N1,em khldi hang dog 600 % *
2 Bac ?Morn 1.14:, nirg bac Ka • *
1 yang ?Wan illach hing van 1000 % 0
Giao dien qucin 5, nhom khdch hang
Trang 58
Ten nhom khcich hang
MO to
SO Lem Mom QuavaoMwm
1
Them moi nh6m khOch king
X6a nh6m Ichhch hhng
Trang 59
UC #00(6 QUAN Li? 1CHACH HANG
D8' phric
tap:
M8 tat-
Chirc nang nay cho phip Strut vien co the liet ke, them, sera, x6a
khach hang trong he thong.
Tic
nhan
Chinh Nhan vien
P4hy Khong co.
1 Tien diet
. r
Phil ding nhap vio he thiing va c6 guy& thao tic tren chirc ning
nay tnrac khi bit &Au UseCase.
fis
--=-P
dien
Wen
'11111111
i
gag
Ca sec dtt lieu se dugc thay dOi.
rz i
Tinh trang he thong se khong thay dOi.
DAC Ti CHUC NANG
.c-
Luling snien chInh/Kich bin chinh
*4
1. Chirc nang bit dAu khi nhan vien muOn them, sirs, x6a khich hang.
2. He th8ng you cAu nhan via xac dinh chirc nang ma ho muon thvc hien.
- Neu nhan vien chon "Them khdch hang" thi luting con "Them khdch hang"
se dugc thvc thi.
- Neu !than vien chon "C4p nh#t khdch hang" thi luting con "C', nh(it khdch
king" se duqc thvc thi.
- Neu nhan vien chon "Xda khdch hang" thi luting con "Mkt Mulch hang" se
dugc thvc thi.
Chat ning them khich hing
1. He thOng yeu du nhan vien nhOp thong tin ve nh6m khach hang bao gam:
- Ten ding nhalp - SO dien thoai
- HQ ten - Mit khlu
- Email - Trang thai
- NhOm khach hang: Chcon tar danh mvc co truac
Ngoai ra nhfut vien phai cap nhOt them dia chi von chuyen clia khach hang de
lien giao nhOn bao gem:
- Dia chi
- Thanh pho
- Quon huyen
2. Khi nhan vien cung cap cac you cAu Nit khilch hang. He thong se sinh ra ma duy
nhit dm khach hang va khich hang d6 se dugc them vao he tilling.
Chirc ning yip nhit khich hang
1. He thong hien thi danh sach cac khach hang.
2. Nhan vien chon khich hang ma minh muOin calf) nhOt.
3. He thong truy xuat va hien thi thong tin ye khach hang do.
Trang 60
4. Nhan vien cap nhat thong tin ve khach hang de.
5. Sau khi nhan vien cap nhat thong tin ve khach hang, he thong se cap that lai
thong tin ve khach hang d6 trong he tilting.
Chic. rang x6a khich hang .
I. He thong hien thi danh sach cac khach hang.
2. Nhan vien chon khach hang ma minh muon x6a va chi:xi x6a khach hang.
3. He thong dua ra de nghi xac nhan x6a khach hang.
4. Nhan vien the nhan viec x6a khach hang. He thong se xna khach hang de ra
khOi he thong.
Lubng str)den phit sinh/Kich bin phit shah
Neu email vi ten ding nhap da c6 trong he tilting thi he thing se hien thi thong bao 18i
de nhan vien nhap lai.
Cie yen cAu -dtic brit khic
Trinh duyet phai 118 trq Javascript
Giao dit'kminh him
Cac giao dien nay chi cif) time dich mink hoa de cho ngtred due de ding bleu km ve he
thong, giao dien thic to cif) the duqc thay 461 mOt phin nio d6
93 ...
11 ...re Mk mn Sn ey cape asss@nd ca, 1 *
Giao dien span 135 Mach hang
Trang 61
Thong tin Mulch Wong Ofs di 4n churin
Tan Map Whip'. !hada(
Ho I ton: 113Ci %van Hii
Nham Mulch hang: 1 Mk QM • ,
E-Mai: rhataegmad tom
thin Most 10125793849
MO khiu:
Nh#p lai m#t Wu:
Twig UAL i Enabled •
Them mol khlich king
Xoa khcich hirng
Trang 62
UC #000 QUAN Li? DON HANG
DO phirc
tap:
M8 tit . , r.,_
-,
Chirc nang nay cho phop ngutri co the het ke, xem don hang chi tiet,
in don hang, xia dan hang, phin h6i don hang, va girl mail thong
bao cho khach hang trong he thing.
Tic
thin
_
Nhan vien
PuLg Khong co.
A 04 4 Tien lieu Mien Phil Sing nhap vao he th6ng va c6 quyen thao tic tren chat nen
nay trutrc khi bit din UseCase.
1n.
diet
ki§n
*ph
c
A • Co so de lieu se dugc thay dm.
Tinh trang he th6ng se ;thong thay d6i.
DAC TA. CHITC NANG
,
Luling sv Mid n cbinh/Kich bin chinh
1. Chirc neng nay bit du khi ngutri quan 12 mulm liet ke, xem, in va x6a don hang.
2. He th6ng you au ngutri nhan vien xic (firth chirc nang muon thgc hien.
- Neu nhan vien chgn "Xem don hdng" thi luting con "Xem dun hang" se dugc
thgc thi.
- Neu nhan vien chgn "In don hdng" thi luting con "In don hang" se dugc
thgc thi.
- Neu nhan vien chgn "Xda den hdng" thi luting con "%6a dan hang" se dugc
thkrc thi.
- Neu nhan vien chgn "Plidn hik vi den hang" thi luting con "Phan hid dm,
hang" se dugc thgc thi.
- Neu ngtari quail 15, chgn "Mail" thi !ding con "Mai/"se dugc thkrc thi.
Chat Wing xem dun hing
A • X 1. He thong hien thj danh sach cac don hang de co trong he thong.
2. Nhan vien chop hea don ma minh muen xem chi tiet hoc hinh thfrc thanh town
hoc muen cep nhat lich sir dm don hang.
3. He Outing hien thj th6ng tin vie don hang ma nhfin vien vim chgn.
4. Nhan vien xem chi tiet dan hang, hinh thirc thanh town va chgn trang thai mutm
cap that cia don hang trong ljch se don hang.
Trang thai cila dan hang:
+ Cancel: Kh8ng chip nhin dam hang.
+ Pending: Dang xir 1.
+ Complete: Floan thanh.
5. Neu nhan vien chgn cap nhat trang thai ctia dam hang. .
+ Nhan vien quan 1S, cO the gei mail cho khach hang de th8ng bao ve trang
Trang 63
thai dun hang vira cAp nhjt hoc !thong ve chin "Add History" de them
twig thai don hang vao lich sir dun hang
+ Sau khi cAp rihtlt trang thai dm dun hang, heethang se thay dOi trang thai
efts dun hang.
. •
6. Neu than vien chqn them diem tinning cho khach hang (neu co).
+ He thong se cAp nhot diem thutng cho khich hang clang thiri gin mail lining
bao cho khach hang.
Chirc ning x62 dun Ming
1. He thong hien thj dank sach cac dun hang co sin trong he tilting.
2. Nlian-vien chip dun hang mutin x6a
3. He thOng xac nhan Iai you cau muan x6a cita than vien, neu nhan vien clang 9
x6a, he thong se xic dinh va xoa cac thong tin ve don hang da trong he thong.
Choy ning phin hal ve den hing
1. He thOng hien till dank sach cac phin hed ve dun hang.
2. Nhan vien chqn dun hang muan phan hai.
3. He thong truy xuAt va hien nil thong tin ve don hang bao gam chi tiet ve phan
h6i, Ten san phAm, Ly do phan hal va lich sir
4. Sau khi nhan vien chon trang thai va ly do de phan heti cho khach hang, he
thong se giri mail va thong bao cho khach hang hitt.
Lueng Eqr k n phit sinh/Kich bin phoit sink
Cie yen a iitic Wit khic
,
Trinh duyet phai 116 trq Javascript.
`, Gino then mush hut
,?
thong,
Cac giao then nay chi co num dich minh hop de cho ngued dqc de clang hieu hun ve he
giao dien thqc to co the dugs thay &Si mat phin nao do
EMI
38 Ngirs in Bio Mug ircN Si C4.%2013 89.152013 4
5 *
35 MgMn %to itng 4empge S•6 851362013 C9)(8.42313 5 5 *
Ciao ...t; $date
);,
$this->db->where('id', $id);
$this->db->uodatermytable l , $data);
// Produces:
// UPDATE mytable
// SET title = '{$title}', name = '{$name}', date = '{$date}'
// WHERE id = $id
- Cac him clued day cho phep cluing ta thay the cho Ienh DELETE.
$this->db->delete('mytable', array('id' => $id));
// Produces:
// DELETE FROM mytable
// WHERE id = $id
- Ngoai ra, ta co the sir dung Method Chaining.
$this->db->select('title')->from('mytable . )->wherWid',$id) -
>limit(10, 20);
$query = $this->db->qet();
//Produces:
SELECT title FROM mytable WHERE id = '$id' LIMIT 20, 10.
6.1.3. AJAX
a. Dinh nghia
De tai Icy thuat von luon kho khan va khong may thti vi, nhung nhcmg eau
chuy'e'n ve qua trinh phat trien dm AJAX trong khong gian Cmg dung Internet da
phuong tien da tao nen sue hat kho tin xuyen sag nam 2005.
AJAX, viet tat tit Asynchronous JavaScript and XML (JavaScript va XML khong
citing be), la be tong cm cho phep tang tic 40 img dung web bang cash cat nhO du lieu
va chi hien thi nhung gi can thief, thay vi tai di tai lai Man be trang web. AJAX !thong
phai met ding nghe dun le ma la su ket hqp met them ding nghe vii nhau. Trong d6,
HTML va CSS dung vai hien thi dii lieu, mo hinh DOM thrill bay th8ng tin ding, del
tugng XMLHttpRequest trao doi dir lieu kh0ng ding be yeti may chic web, con XML
la dinh clang chit yeu cho chi lieu truy'en. Day du 11 tong nghe san co nhung Javacript
da lip rap Chung lai de thut hien nhung "sir menh" Clang 'chain phut.
Trang 135
Hau het cac cau chuyen ve nguan g6c dm AJAX dame bat (Mu tir khi Microsoft
phat trien cong nghe Remote Scripting vao nam 1998. Tuy nhien, phucmg phap tai
khong thing b0 nOi dung tren mOt trang web da xuAt hien trong thanh t6 IFRAME ciut
Internet Explorer 3 (1996) va thinh t6 LAYER cita Netscape 4.0 am 1997. KM gieri
thieu Internet Explorer 4.0, Microsoft da sir ding mo hinh d6i ttrgng tai lieu DOM
khac biet. Den nam 2000, Netscape hoan tan (Midi mat thi throng trinh duyet vao tay
hang phAn mem dm Bill Gates va thinh to LAYER cling khong con dtrgc cac chuyen
gia phat trien web chti y teri.
Phai vai nam sau, AJAX moi lai I8i keo &me so quan tam cita gieri cong nghe va
trey thanh cong co cai tien giao dien ngutri thing cho Ong dgng web. Thuat ngil nay
duct nhac ten trong bai viet not tieng coa Jesse James Garrett tren trang Adaptive
Path (2/2005). TO d6, AJAX trey thanh trung tam trong mqi au chuyen lien quart den
the he Web 2.0.
b. Horst ding cast AJAX
sr Men
NT Noel •
http( s) trans
MN. OMB
OMSK Wks. ,
__s INICV Maws
server-side systens
browser debt
us riot
smeslertem
4 Ifall+dala
esipbe
A
httr(s) trans t
auarr
V
gab mite PIK
4101Ses.
Set Sr MIS
server-side systems
t
Hinh 6.1. Ong dyng web tru)4n thing (trch) va ling dyng AJAX.
TO lau, mqi ngutri da Wang ttrqng (mg dtmg may tinh r6i se dtrqc Itru va chay
hoan toan tren web thay vi nlm b6 butte trong 6 cling. Du vay, viers cant' d6 yin chua
the xay ra do Ong citing web bi han the beri nguyen 1y rang tat ca cac thao tic phai
duqc thgc hien thong qua HTTP (HyperText Transfer Protocol - Giao thirc truyen tai
sieu van ban). Nhting hoot dOng cua ngtrtri sir dong tren trang web se too ra mOt yeu
au HTTP tel may chit. May chit thgc hien melt s6 khau xir ly nhu lay lai du lieu, tinh
toan, krem tra su hip le cita thong tin, sira d6i b0 nher, sau do giri lai mot trang HTML
hoan chinh tel may khach. Ve mat ky that, phuong phap nay nghe co ye hip ly
nhung ding kha bAt tien va mat theri gian, beri khi may chit dang thgc hien vai fro dm
no thi ngtreri dung se lam gi? TAt nhien la cher dqi.
DE khac phoc han the tren, cac chuyen gia phat then gidi thieu hinh thirc trung
gian - co the xis 19 AJAX - gifta may khach va may chit. Dieu nay gidng nhu viec tang
Trang 136
Nu w* appiallon model (asyndwonots)
"'a ----- -
them met 16p gift cho *rig dung de giam qua trinh "di lar dm thong tin va giant theri
gian phan (mg. Thay vi tai lai (refresh) toll .' be met trang, no chi nap nhttng thong tin
ducc thay doi, con gift nguyen cac phin Ichic. Vi the, khi duyet met trang ho try AJAX,
ngtari sir dung !thong bao gib nhin thAy met cfra so trang (blank) va bieu tircmg dling her
cat - dAu hien cho thAy may cha dang awe hien nhiem vv. Vi du, trong met website anh,
vOi (mg dung truyen thong, toan be trang chira cac anh se phai mer lai to dAu neu co met
thay doi nao 46 tren trang. Con khi ap dung AJAX, DHTML chi thay the doan fieu de
va phAn vua chinh sera, do vA'y tao nen cac giao dich Iron tru, nhanh thong.
chest vit applicsidat model Nedirau•)
twit.
0.4•1n11
*Wet
Hinh 6.2. Twang tcic tiling bQ trong zing Ming web truAn thong va di b6 trong zing
dung AJAX
c. Nhuvc diem cull AJAX
AJAX c6 the g6p phan tao nen met the 114 mOi cho (mg dung web (nhu colr.org
hay backpackit.com). Tuy nhien, no cling la met tong nghe "nguy hiem" khi gay ra
khong it rat rei ve giao then ngtrai dung. Ching hart, phim "Back" (trer lai trang truerc)
dirge danh gia cao trong giao dien website chuAn. Dang tiec, chime nAng nay khong
hog Ong An khop vOi Javascript va mci ngueri khong the tim lai nei dung fru& d6 khi
bam phim Back. Beri vay, chi met so xuAt nhe la chi lieu tren hang da bi thay dei vi
kh6 c6 the kh8i phut lai ducrc. Day la met trong nhang nguyen nhan chinh khien nhieu
ngtreri khong zing he img dung Javascript.
Ben canh 46, moi ngutri khong the km lai dia chi web vio thu mix Favorite
(Bookmark) dE xem lai ve sau. Do ap dung lerp trung gian de giao dich, cac img dung
Trang 137
AJAX kh8ng ca met dia chi c6 dinh cho timg nOi dung. Khiem khuyet nay lim cho
AJAX de "mat diem" tong mitt ngutri dung.
d. Vi dg
Ta se di vao met vi du cu the a ca cai nhin chi tiet han ve AJAX.
Ta se xiy dung met met chirc nAng dang ky ngutri dimg g6m cac thong tin sau:
ten dAng nhip; mat khiu; email yeti cac rang buk nhu sau:
- Email phai dimg dinh dang.
- Mat khAu phai nhieu han 3 Icy qr.
- Ten dAng nhip kh8ng dirk tang voi tir "admin".
Sau khi submit form, neu khong thoa man cac dieu kien tren thi hien thi
dm% cac 8 input twang img ma se kh6ng phai load lai trang dAng ky. Ta se sir dung
jQueryAJAX de thut hien ding vik tren.
- Form dAng register.php.
BANG Kt
Ten ding nbigx
Email
mit ithir
Hinh 6.3. AJAX — Form dang kik
- Ta nhop cac gia tri vao cac 6 input twang (mg. Sau khi nhip xong vi in
Register, chimg ta se sir dung ky thuit AJAX de chuyen cac du lieu den file
process.php de xir ly , neu khong hqp le ta se hien thi 16i.
Trang 138
BANG Kt
Tett .41tog *OE__ _
admin
Ten ding nhop dit taro tat !
Eras&
abe
Email sai cnh dang !
Mtn,
•
Nat Idalu phai nlaclu hon 3 kt tv
P1Mr=l1
Hinh 6.4. AJAX — Hien thi
- Ta on clop code AJAX nhu sau:
//Demo AJAX by Nguyen BAo Trung
<!--
$(document).ready(function()(
Winput[name=sub]').click(function()(
$.ajax({
url: 'process.php',
type: 'POST',
data:'username= .
+Winput[name=username]').val() '&email='
Winput[name=email]').val() '&password='
Winput[name=password]').val(),
success: function(result)(
var strJSON = $.parseJSON(result);
$("#username").empty();
$("#password").empty();
$("#email").empty();
if(strJSON['username'])
$(4username").html(strJSONflusernamern;
1
if(strJSON['password'])
$(4password").html(strJSONflpassword'));
if(strJSON['email'])
Trang 139
$ ( "#email " ).html(strJSON flemail' I );
}
1);
return false;
I ) ;
1) ;
//-->
6.1.4. Javascript
a. Dinh nghla
Javascript IA met ngOn nga th6ng djch, chucmg trinh nguton cilia no duct Ethan
hoac tich hqp vao tap tin HTML. Khi trang web duqc tai trong trinh duyet hi)" trq
javascript, trinh duyet se thong dich vi [hue hien the l'enh Javascipt.
b. Cich sir dyng
CO 2 each de nhang Javascript vao trong tap tin HTML.
- Cach 1: vitt chuong trinh Javascript true tiep trong file HTML.
//Cac lOnh Javascript
- Cach 2: sir dung tap tin javascript ben ngoai.
Cling gi6ng nhu CSS ngoai tuyen, chting ta cling co the nhimg Javascript vao tap
tin HTML bang each lien ket den met tap tin ben ngoai, day cling la phucrng thuc duqc
sir dung nhieu nhat. Veri phucmg phap nay, cac lenh Javascrip se duqc viet trong mot
file rieng biet c6 phan ma r'6ng la.js.
Vi du ta c6 tap tin my.js. De nhang tap tin my.js vao to tin HTML ta sir clung
doan ma sau:
<script type="javascript" src="my.js"
type="text/javascript">
c. VI dy
Ta se sir dung Javascript de hien thj thong bao nhac nguai dimg c6 chic chin
muen xod san phatn hay kh8ng.
$C.delete').click(functionuf
if( ! confirm('Ban ca chAc chSn mulin xoA san phAm nay hay khong
?'))
{
return false;
}
Trang 140
6.1.5. Payment
Trong TMDT, co hai hinh thfrc thanh Man:
Thanh toan ngoai tuyen (off-line payment)
+ Phien giao djch gifra ngu?ri sir (long va nha cung cap co the din ra ma
khong can den so tham gia cim ngiin hang. Nei each khlic, nha cung cap to
kiem tra tinh hqp le cfm dOng tien ma khong can den so trq giup cita ben
thir ba.
Thanh toan Uvc tuyen (online payment)
+ Trong moi lan giao djch, nhi cung cap se yeu ciu ngfin hang kiem tra tinh
hqp le dm dOng tien do ngtari dung chuyen truerc khi chap nhiln thanh
Vi viy, he thong thanh toan trim tuyen c6 kha nang kiem tra dtrgc tinh tin
ciy cua dOng tien.
+ Thanh toan tree tuyen thich hqp veri nhang giao djch c6 gia tri lern. Veri he
thong nay, qui trinh thanh town va girl tien vao ngan hang se tich biet nhau
trong mOi lan giao djch. Do viy, chi phi ve then gian ding nhu lien bac se
tim kern hon.
Trong Framework dm chimg ta da tich hqp sin 2 off-line payment va 1 online
payment la Paypal. Ta se di co the vio each tich hqp them cac online payment cling
nhu tim hieu ve ca the cua cting thanh toan Paypal trong moc ke tiep.
a. Throng din tich hqp them cAng thanh tofu vio Framework
Khi c6 trong tay down ma tich hqp cOng thanh toan theo each thong Hurting, ta se
tien hanh viec lip trinh theo dung eau true Framework nhu sau. Ta lay vi du cOng
thanh toan can tich hqp la Paypal
+ Root - Thu now gee
+ application
+ models
+ frontend/pp_model
- Noi a xir IS,
(validate) cac tham
s6 cim cling thanh
toan.
+ views i
+ backend/payment/pp.php
- G iao dien de
config c6ng thanh
toan Paypal.
Trang 141
+ frontend/payment/pp.php
- Giao dien de hien
thi the der lieu cull
khach hang ci-mg
nhu don hang.
+ system
+ libraries
+ Payment_pp.php
- Thu vien chira efic
ham de hien thi
giao dien, config
the option efra
thing thanh toan,
kiem tra firth hop le
dm cOng thanh
toan ...
Trong viec tich hqp cOng thanh toan vac, Framework dm chung to thi file quan
tong nhat la systemilibrar ies/Payment_tenviettatcongthatoan.php.
- System/libraries/Payment_pp.php.
..,
-1. ,...4 i .
s . ..la i
Render_payment Phuong thfrc nay se hien thi da lieu cfut ngtreri nh#n, ngueri thanh toll], de
lieu hang hoa sau 46 se day clic du lieu nay ra View tong file:
frontend/payment/pp.php.
Callback Phuang thirc nay se kiem tra tinh chinh Joie der lieu tra ye ctia Paypal a sau
46 xic nh#n xem don hang ce hqp 14 hay Icheing ?
Confirm Sau khi xic nh#n don hang hqp 14 thi phuong tithe nay se that hien viec c$p
nh#t trang thii boa don.
Edit Phuang thfrc nay se cip nhot the config ctia cOng thanh Wan.
b. Ca the cis Paypal
Ta c6 cac buoy sau day de thoc hien viec thanh toan bang citing thanh toan Paypal.
Biz& 1:
+ Sau khi quy& dinh ehon mua san pharn/dich vu tai mot website c6 tich hop
ding thanh toan trot tuyEn PayPal va chap nhan thanh toan bang tai khoan
PayPal cua mirth, ban se duqc diEu huang vE trang (tang nhap PayPal.
+ Nhap dia chi email va password sir dung cho tai khoan PayPal ctla ban; bAm
Login de dang nhap vao tai khoan.
Trang 142
+ Trong buck nay, he thOng se sinh ra met ma (secure code) vi km trong Ca
dft lieu.
Buck 2:
+ Kiem tra gib ca (Price), so ltrong (Quantity), tong tien (Total) ciut giao dich
bon can thanh total sau khi dang nhip vito PayPal. Neu mqi thong tin dell
chinh xac, chqn Continue a tiep tuc quit trinh thanh tom hing.
- Buck 3:
+ Sau khi An Continue, Paypal se dieu hut:mg bin ve thong qua tham so
return url ma chung
ta di config a file
systemnibraries /Payment_pp . php 6 tren.
+ H .O thong se kiem tra de lieu tra ye thong qua ma secure code 6 ten, neu
chInh xac thi se tien himh cap nhat hob don len thanh Pending (dang xfr 15r).
Sau khi chit so hut cua tai khoin kiem tra don hang trong If0 thOng va tai khoin ctia
minh trong Paypal, nett chinh xac thi se clap nhit Wong thai hob don thinh Complete
(thanh cong) va ties hAnh chuyen hang cho khach hang.
6.2. Rio mit cho ung dyng website
Ngay nay, bao mat website IA melt van de thi quan trong dei von ck nhA phat
tries web. Tat ca ck (mg dung web deu c6 the a ding 1)1 tit' I cong bang ck each khk
nhau chin ban nhu cross site scripting (gib ma° cbc you eau) XSS va cross site
request forgery (tAn cong sir dung guy& chimg thuc cua ngtrtri quart hi website)
CSRF. Ngoli ra met each Mn cong elk biet nguy hiem khbc lb SQL injection. Nhung
cluing ta c6 the gibm thieu toi da ck cbch ten cong vi nang cao duqc tinh bao mat cho
website coa chfing ta neu chimg ta hieu ve ne va tim each gibi quyet chung. Sau day
chimg ta se tim hieu ye met so cach thfrc tan cling va !chic phuc chimg.
6.2.1. HTML injection vb Cross site scripting
Cross-Site Scripting (XSS) lit met trong nhang kg thu4t Mn cling ph6 bien nhat
hien nay, dOng thai cling IA met trong nhing van de bao mat toi quan trong dOi veri cbc
nhb phat tries web va ca nhang ngutri sir dung website. BAt k5r met website nio cho
phep ngutri sir dung dang th8ng tin ma khong c6 sit kitm tra chit the cic doan ma
nguy hiem thi deu dr the tiem An cbc loi XSS.
Cross-Site Scripting hay con duqc goi tit IA XSS (thay vi pi tat IA CSS de tranh
nhAm Ian voi CSS — Cascading Style Sheet dm HTML) IA met kg thuo't tan cong bang
each chen vio cbc website dOng (ASP, PEW, JSP ...) nhang the HTML hay nhCmg
doan ma script nguy hiem c6 the gay nguy hal cho nhUng ngutri sir dung khk. Trong
de, nhang doan ma nguy hiem duqc chen vim hau het duqc viet bang ck Client — Site
Script nhu JavaScript, Jscript, DHTML va cling co the IA cac the HTML. Kg thu'ot ten
Trang 143
Ong XSS da nhanh cheng tra thanh mOt trong nhung 16i ph6 bien nhit cua Web
Applications va mid de doa cua chiing deli vat nguai sir dung ngiy cang Ian. Ngubi
chien thing trong cuOc thi eWeek OpenHack 2012 la ngutri da tim ra 2 XSS mai. Phiti
chang mit nguy hiem to XSS ngay can duqc m9i ngtrtri chit y hot ?
6.2.1.1 Hogt &Ong cua XSS
Ve co ban XSS ding nhu SQL Injection hay Source Injection, n6 cling la cac yeu
can request duqc giri tir cac may client toi server nhlm chen vao do cac thong tin vtrqt
qua lam kiem xoat dm server. NO c6 the la mOt request duqc giri tir cac form da lieu
hoc cling co the do chi li cac URL nhu:
i was
(found !');
Vi eat co the trinh duyet cua ban se hien len mOt thong bdo "XSS was found !".
Cac doan ma trong the script khong he bi giai han bai chang hoan town co the thay the
bing mOt file ngutin tren mOt server khdc th8ng qua thuOc tinh src da the script. Cling
chinh vi le da ma chimg to chum the luting het duqc do nguy hiem cfia cac loi XSS.
Nhung neu nhu cac thuot tan cong khac co the lam thay doi duqc da lieu
nguan cua web server (ma ngtain, eau true, co s6 dli lieu) thi XSS chi gay Mn hai d6i
vai website 6 phia client ma nan than trqc tiep la nhCmg ngutri khach duyet site do.
Tit nhien doi khi cac hacker ding sir dung ki thuat nay de deface cac website nhung
d6 vin chi tin cong vao be mat cua website. That Nifty, XSS 11 nhung Client-Side
Script, nhang doan ma nay se chi chay b6i trinh duyet phia client do d6 XSS khong
lam anh huting den he th6ng website nim tat server. Mpc tieu tan cong cua XSS
khong ai !chic chinh la nh&ng ngtrai sir dung !chic cua website, khi ho vo tinh vao cac
trang co china cac doan ma nguy hiem do cac hacker de lai h9 c6 the bi chuyen tai cac
website khk, cldt lai homepage, hay nang hon la mat mat khau, mat cookie tham chi
may tinh ban co the se bi di dc loai virus, backdoor, worm ...
6.2.1.2 Gifu phcip
Nhu da de cap 6 tren, mOt tin cong XSS chi thqc hien duqc khi gui mOt trang
web cho trinh duyet web dm nan than c6 ken .' theo ma script dOc cua ke tan cong. Vi
vay nhCmg nguai phat trien web c6 the bao 4 website cua minh kh6i bi Ica dung thong
qua nhung tan cong XSS nay, dam bao nhang trang phit sinh dOng kh8ng china cac tag
cua script bing each 19c va xac nhan hqp ly cac dli lieu dau vao tir phia ngueri dung
hodc ma hea (endcoding) va 19c dc gid tri xuat cho ngueri dung. Neu nhu ban dang sir
dung PHP thi co the tan dung mOt so ham c6 sin cua PHP nhu htmlspecialchars,
htmlenti ties de ma hod Ur d'Ong (enconding) hoc st rip_tags nen khong muon co
HTML trong nOi dung.
Trang 144
6.2.2. SQL Injection
6.2.2.1 SQL Injection lit gi ?
Khi trien khai cac img dung web tren Internet, nhieu nguari van nghi rang viec
dam bao an town, bao mat nhitm giam thieu t6i da kha nang bi tar' t ding tir cac tin tic
chi dun thuan tip trung vao cac van de nhu chip he dieu hanh, he quart tri cu so du
lieu, img dung nao cho may chit Web,... ma quen mat rang ngay ca ban than img dung
chay tren 46 cling tiem an mOt 16 hong bao mil rat Tern. Mqt trong se) cac 16 hOng nay,
d6 la SQL injection. Trong than gian vita qua, kW:mg it website tai Viet Nam da bi tan
ding vi da s6 deu la 18i SQL injection. Valy SQL injection la gi ?
SQL injection la min kyr thuat cho phep nhemg ke tan ding lqi dung 16 Wing trong
viec kiem tra du lieu nhap trong cac Ung dung web va cac thong bao 16i dm he quart tri
cu sir du lieu de tiem vao va thi hanh cac au lenh SQL bit hop phip (khong duqc
nguai phat trien img dung !Ong three). Hau qua coa no rat tai hai vi no cho phep
nhcmg Ice tan cling co the thoc hien thao tic xoa, hieu chinh, ... do co town quyen tren
cc sir dir lieu cern img dung, thann chi server ma img dung 46 dang chay.
L6i nay thutmg xay ra tren cac img dung web co du lieu duerc quan 19 bang cac
he quan tri cu so du lieu nhu SQL Server, MySQL, Oracle, DB2, Sysbase
6.2.2.2 Cgc dung tiro tong SQL Injection
Co b6n clang thong darting bao g6m: vuqt qua kiem tra luc dang nhap, sir dung
cau lenh SELECT, sir dung tau lenh INSERT, sir dung cac stored - procedures.
De biet cac website co bi tan c8ng SQL injection hay khong, ta sir dung cac soft
hok the c8ng et; tim kiem 161.
a. Mpg tan cling kiem tra lie ding nh$p
Veri dung tan cling nay, tin tic co the de' clang vuqt qua cac trang (Icing nhap niter
vao 16i khi dung the eau lenh SQL thao tic tren cu sir du lieu cita img dung web.
Xet mOt vi du dien hinh, thong thuerng de cho phep ngueri dung truy cap vao
cac trang web duqc bio mot, he tilting thuong xay dung trang dang nhap de yeu a'u
ngtred dung nhap th8ng tin ve ten dang nh#p hok mat khan. Sau khi ngueri dung nh#p
thong tin vac', he thong se kiem tra ten (tang nhap va mat khau co hop le hay 'thong
quyet Binh cho phep hay tir choi thut hien ti'ep. Trong truing hop nay, nguoi ta ce
the ding hai trang, mOt trang HTML de' hien thi form nhap lieu va mOt trang PHP
(hthc ASP, JSP ...) dimg de xir ly th8ng tin nhap tir phia ngtrai dung.
Neu ta viet code theo each thong thuemg 6 trang xir 19 thong tin thi dtrerng nhu
Trang 145
khong china bat k9 met 18 hOng bao mat nit). Ngueri dung kh8ng the clang nhap neu
ten Clang nhap host mat khAu kh8ng hqp le. Tuy nhien, QS the doan ma nay khong
thuc str an toan va la tien de cho met lei SQL injection. Dac biet, chi; so her (neu c6)
nam o chE nhap lieu vio tir ngtrtri dung de xay dung true tiep nen cau truy Van SQL.
Chinh dieu nay cho phep nhtmg ke tan cong co the dieu khien cau truy vAn se &gm
thuc hien. Vi du, neu ngueri dung nhap chugi sau vao ca trong 2 o nhap lieu
username/password cua trang HTML la: OR " = " Lac nay cau truy vAn se
duqc thud hien nhu sau:
SELECT * FROM T USERS WHERE USR NAME - " OR "=" AND
USR PASSWORD= " OR "="
Cau truy van nay la hqp le va se tri ye tit ca da lieu cita bang T_USERS va doan
ma fiep theo x6 19 ngtr6i dung ding nhap bAt hqp phap nay nhu met ngurn dung
hqp le.
b. Dung tin cong sir dung cau II§nh SELECT
Dung tan cong nay phi= tap hon. De thuc hien duce kieu tan cong nay, ke tat'
cong phai c6 kith nang hieu va lqi dung the so her trong the thong bao lei tin he thOng
de d6 tim the diem yeu kheri dAu cho viec tacit cong. Xdt met vi du rat thuong gap trong
the website ve tin tiro. Thong thu?mg, se c6 met trang nhan ID cila tin can hien thj roi
sau d6 truy vAn not dung dm tin c6 ID nay.
Vi du, to co . h4d nguan cho chile
nang nay thubrng dtrqc viet kha dun gian nhu sau:
//Lay ma tin tirc bang phuong thirc $_GET
(int)$news id = $ GET('id');
//Xai dung cau truy van SELECT v6i $news_id = 123
$strSQL = "SELECT * FROM T NEWS WHERE news id = $news id";
//Thuc hiOn truy van
$query = mysqlquery($strSQL);
//Tra ve )(At qua
return mysql_fetch_array($query);
Trong cac tinh huong thong thu&ng, doan ma nay hien thi nOi dung dm tin co
ID thing veri ID da chi dinh va halt nhu khong thAy co 18i. Tuy nhien, gi6ng nhu vi
du clang nhap 6 tnrac, doan ma nay de 10 so her cho met lei SQL injection khac. Ke
tin cong co the thay the met ID hqp 10 bang each gin ID cho met gia tri Ichic, va tir
do, kheri dau cho mot cuec tan cong bat hqp phap, vi du nth": 0' OR 1 = 1, tic la
URL bay giar se tra thanh: http: //domain/news .php?id=0' or 1 = 1. Cali truy
Trang 146
van SQL kw nay se tra ve het tit ca cat tin tire tir bang T_NEWS vi no se thut hien cau
truy yin:
$strSQL = "SELECT * FROM TNEWS WHERE news id = '0' OR 1 = 1'";
lit nhien trong vi du not ten, throng nhu khong co gi nguy hiem, nhung hay this.,
Wang Wang Ice tin cong co the xoa Wan be co . set dif lieu bing cach then vao cat doan
lenh nguy hiem nhu DROP TABLE. Vi do nhu:
DROP TABLE T AUTHORS
c. Ding tin cong sir dyng
Itinh INSERT
Thong thuang the (mg dung web cho phop ngu?ri dung clang ki met tai khoan de
tham gia. Clare Ming khong the thieu la sau khi dang ki thanh tong, ngtred dung co the
xem vi hieu chinh thong tin cim mirth. SQL injection cc!, the dirge dimg khi he thing
khong kiem tra tinh hop le dm thong tin nhap vao.
Vi du, to co ?loan ma that hien viec INSERT dfr lieu vao nhu sau:
$strSQL = INSERT INTO TABLE NAME VALUES ('Value One', 'Value
Two', 'Value Three');
$query = mysql_query($strSQL);
Neu that thi ma lenh ten thi chic chin ban di mac 16i SQL injection, bed vi nen
Ice tan tong nhap vao truing this nhat: + (SELECT TOP 1 FieldName FROM
TableName) + ' Lac nay truy yin so INSERT INTO TableName VALUES ( " +
(SELECT TOP 1 FieldName FROM TableName) + ", 'abc', 'def'). !Chide,
hit thtrc hien lenh INSERT Mtn thi xem nhu ban da you cAu that hien them met tau
lenh nita do la: SELECT TOP 1 FieldName FROM TableName.
6.2.2.3 Gicii phcip phong thong SQL Injection
Diem yeu SQL Injection bit ngulin tir viec xis 15, &I lieu tir nguiri Ming khong tot,
do do viec xay dtmg ma nguen dim bao an ninh la cot 16i cim viec phOng chting SQL
Injection. MOt vii giai phap sau day co the giam thieu fel da tan cong SQL Injection.
a. Mo hinh danh sach cho ph6p — Whitelist
M8 hinh whitelist liet ke danh sach nhUng gia hi input nao duct cho phep, chinh
vi the khi xay dung no din hal ngutri phat trien phai hieu re logic nghiep vu dm *rig
(long ducm thy clang. MOt se dic diem dm input ma mo hinh nay chi, y ton nhu kieu
du lieu, do Mb, mien da lieu (del veri input kieu s6) hoac met se dinh clang chuin khic.
Vi dy, yea clang met usemame thueng dung cho met database cong ty, thi met mitt
hop le se la cat kY to gi&i han trong c6 15 kj, ttr, chi china chic cai va con se. Cac dieu
kien nay pho thuOc nhi'eu vao logic nghiep vu va thoi thuo'n von ngutri sir dung.
Trang 147
Ban e6 the sir dung cac ham co sin cita NIP de thut hien viec kiEm tra der lieu
tren nhu strlen, is_numeric... hok sir dung the ham bieu thirc chinh quy
(regular expression).
b. M8 hinh dank sick cam — Blacklist
Mo hinh nay xay dung nen cac mau input duqc cho 11 nguy hiem vi se khong
chAp nhan nhang matt nay. Mo hinh nay kern hieu qua hcm m8 hinh whitelist do s6
lugng kha ding xay ra cua met input xilu rat lern va khet cop nhAt cac mau nay.
Tuy nhien uu diem dm phuang phip nay so yea phuang phip whitelist IA viec
xay dung don gian hon. Neu sir dung phuang phip nay thl ta can phai ma hod output
de giam thieu nguy co rd ri thong tin ve nheng mau ma m8 hinh nay b6 set.
MOt dieu chit y hap &Si yeti viec sir dung me hinh blacklist vi whitelist, d6 la cac
mau nay nen dirge xir IS,
6 phia client (thong qua javascript, jquery...). Bai trong met
phien lam viec phirc tap, dieu can tranh nhAt cho ngu&i dung IA tat ca mqi thong tin da
xir IS1 bi huS,, phai lim lai tir dAu do phat hien c6 dieu bit On trong input. Tuy da xir 1S,
6 client, nhung dieu d6 khong dam bao cac input de da an toan, chting ta van can phai
thgc hien lam sach da lieu 6 cac btrerc tiep theo.
6.2.3. Cross — site Request Forgery
Cross — site Request Forgery (CSRF) la met kg, thuat tan cong bang each sir dung
guy& chimg thue coa ngutri quan tri website, hay neoi each khite la lgri dung quyEn cua
ngtrtri quan trj website de thgc thi nhOng tic vu ma mirth mong mu6n (ngutri quart tri
se khong he biet mirth hi lqi dung).
frau qua dm no kh6 co the biet dugc la nang hay nhg. Va ngtrtri thge hien tan
cong nay phii la ngutri am hieu source code ctia img dung web muOn tan cong , c6 the
la ngu&i lam ra n6 hay met CMS nao do hoc source code bi le, bin vi neu main tan
cong theo each thirc nay thi ngutri tan cong phai nam dirge duemg link trong trang
quan
6.2.3.1 Cach that tan cling
Ta see di vao cu the melt vi du de hieu re hap ve each thirc tan cong CSRF. Gia sir,
trang quan trj cua chting ta ea chic nang xoa san pham vii dutmg link nhu saw
http: / /domain/ungdung/admin/delete/1.
Ta hieu dual% link nay nhtr sau: !Man
duqc request xoa san pham vii ma san pham II 1 sau do xac thut quyen va thgc
hien xoa neu xac thgc quyan dirge thong qua. Ket qua am doing link nay la san pham
vii ma sin pham la 1 se bi xoa khed khoi Ca so di: lieu.
Vay neu, tin tat biEt dtrgc dutrng link nay va Chung se gin tii email dm ngtrtri
quan tri met bite thu nac danh co nei dung nhu sau:
Trang 148
<img src=" " width="0"
height="0" />
<img src=" " width="0"
height="0"
<img src=" " width="0"
height="0"
Chao ban. Chuc ban min ngay tot lanh !
Ngutri (wan tri thay email till se click vao de xem dux, va vOi nhfkng bac hinh
kh6ng dugc hien thi nay, ngu&i quan tri se vo tinh ggi tgi ang dung va xoa (delete)
nh&ng sin pham c6 ma san pham trong url.
Qua vi dp nay ta ding phan nao thay duqc mac dr) nguy hiem cua cich thi c tan
ding CSRF.
62.3.2 Gicii phop
De phang trinh each thac tan cong clang CSRF nay ta thutmg c6 ba
phucmg in sau:
- Dung POST thay cho GET.
- Mai khi thao tic trong trang (pan tri thi phai cung cap mat khau.
- Su dung *it token va kiem tra token neu hqp le thi mai xtir
Trong ba phuong An ke tren thi phutmg in thin ba se khien cho viec khai thac
CSRF ter nen kho khan han, nhung dieu d6 khong thing nghia yeti viec chang ta co the
phang chOng hoan town CSRF. Phuong an nay duqc thgc hien kha de dang nhu saw
//Khei tao met bien token
$token = md5(unigid(rand(), true));
//Thay vi clueing link xoa nhu tren, ta se thay the nhu sau:
url:
//Mk nay, khi xu lY viec xoa san phem ta se lam nhu sau:
If($token == $_GET[Itoken'])
//Thuc hien xoa
}
Else
//Token khong hqp 10.
}
Trang 149
KET LU4N
Khea lufm nay da trinh bay each de xay dung Framework thircmg mai dien ter.
Khea luan da di sau tim hieu the van de:
- Tim hieu ve he th6ng thtrong mai dien ter,
- Biet dirge tong quan ve cac PHP Framework,
- Ve cac mAu this& ke (Design Pattern) nlur MVC, Registry, Singleton.
- Cach xay dung cac helper, library.
- Sir dung Ajax trong Framwork
- Cfich bao mat chung cho met img dung WEBSITE
Ket qui thu dirge sau khi thut hien khoa luan:
- Nang cao dirge cac icy rang viet tai lieu, (Lich tai lieu chuyen nganh.
- Biet dirge cac Idle khan va ding th&i el cac phuong phip giai quyet eat khe
khan trong qua trinh vitt mot tai lieu chuyen
Huth% phat trien sau nay:
- Xay dung cac CMS de h6 trg viec to nhanh ra 1 Website thircmg mai dien to
- Ap dung nhUng gi trong khOa luan de phat hien cac san pham ve thucmg mai
dien ter.
Li ngu&i that hien khOa luan, chung em hi vcing met ngay kh8ng xa cac kien
thee nay c6 the ap dung vao that to de dem lai Igi ieh cho ban than va xd hOi.
Met !An nth em xin than thanh cam an cac Thay, Co da tao dien kien gulp do em
hoan thanh tea khOa 1u4n tot nghiep nay.
Trang 150
TM LIEU THAM 'CHAO
• TM lieu fling Viet
[1] - Ebook tin cong vi pheng thfi website, Trung tam an ninh mang, Dai hoc
Bach Khoa HI Nei, nam 2011
[2] - SQL Injection, Dai hoc Khoa hoc Tv nhien — DHQG TP.HCM, nam 2009
[3] - Giio trinh Thuvng mai then tfr ca bin, Dai hoc Ngoai Thuong, nam 2011
[4] - Slide Lep trinh Web, Dai hoc Thing Long
[5] - Gil° trinh He thOng thong tin gain if, Dai hoc Thing Long
[6] - Gig° trinh Cong ugh' plan mem, Dai hoc Thing Long
• Milieu tieng Auh
[1] - Michael Peacock, Packt Publishing PHP5 E-commerce Development
[2]- Cristian Dade, Emilian Balanescn, Beginning PHP and MySQL E-
Commerce, Second Edition
• Cie Website tham khio
[1] -
[2] -
[3]
-
[6] -
Trang 151
Các file đính kèm theo tài liệu này:
khoa_luan_xay_dung_framework_thuong_mai_dien_tu.pdf
