COMP519 Web Programming (2017-18) -- Practical Assignment 4: PHP

Your task for this practical assignment consists of two parts:
  1. Develop a web-based system using HTML, CSS, PHP, and MySQL that provides the functionality stated in the Requirements section below.
  2. Make the system that you have created accessible and usable via the URL<your user name>/gym.php
    taking care that the access rights for the file are neither too restrictive nor too permissive. Making the system usable includes setting up the corresponding database on the departmental MySQL server and filling it with the appropriate data.


A local gym has asked you to develop a web-based system that allows members of the gym to book its fitness classes. To keep the system simple, we assume that the gym members do not have accounts with the system but instead enter a few personal details whenever they book a class. They also only book a class one week ahead. Each class is typically offered more than once during a week. Every time a class is run it can only accommodate a certain number of participants; in the following we will call this the capacity of the class or the number of places on the class. We keep the range and capacity of classes small.

In more detail, we assume that the gym offers the following classes at the indicated times and all with the indicated capacity independent of the time at which the class is offered:

Class Times Capacity
Boot Camp Monday, 9:00; Tuesday, 9:00; Wednesday, 9:00 2
Boxercise Thursday, 10:00; Friday, 10:00 4
Pilates Monday, 11:00; Wednesday, 11:00; Friday, 11:00 3
Yoga Tuesday, 13:00; Wednesday, 13:00 2
Zumba Friday, 14:00 2

That is, in total there are 5 different classes, offered between once and three times a week, and each with a capacity for only two to four participants every time the class runs.

The web-based system should allow a gym member

  1. select a class via a drop-down list;
  2. select a date and time at which that particular class is offered via a separate drop-down list;
  3. enter their name via a text field;
  4. enter their phone/mobile number via another text field (in case the class is cancelled at short notice and gym members need to be notified);
  5. after selecting/entering the data above, submit a booking request by pressing a `Submit' button.

The user of the system is able to enter all this data via a single web page. Also, the menus are populated with data from the database.

On submission of a booking request, the user should be shown a confirmation whether the booking request has been successful or unsuccessful. This confirmation should include the details of the booking that was attempted.

  • The system should ensure that what the user enters as a name satisfies the following constraints: A name only consist of letters (a-z and A-Z), hyphens, apostrophes and spaces; contains no sequence of two or more of the characters hyphen and apostrophe; and starts with a letter. If these constraints are satisfied, then we call the name valid. If these constraints are not satisfied, then the system should display an error message and the booking request must be unsuccessful.
  • The system should ensure that what the user enters as a phone or mobile number satisfies the following constraints: A phone or mobile number only consists of digits and spaces; contains either nine or ten digits; and starts with the digit 0. If these constraints are satisfied, then we call the phone number valid. If these constraints are not satisfied, then the system should display an error message and the booking request must be unsuccessful.
  • If name and phone number are valid, then a booking request must be successful if the selected class at the selected date and time still has at least one place left. On success, the number of places on the selected class at the selected date and time is reduced by one and a record of the booking will be kept in the database, including the class, date and time, name and phone number.
  • A booking request must be unsuccessful if there are no places left on the selected class at the selected date and time.

Underlying the system must be a MySQL database. Initially, the database must contain information on the classes, the dates and times at which each class runs and number of places available, exactly as indicated in the table above. The database should then keep track of the number of places remaining after each successful booking request and also keep records of all successful booking. The PHP Data Objects (PDO) extension of PHP must be used to implement the interactions between your system and the database.

Additional requirements and comments:

  • If none of the classes at any date and time has places left, then the system should inform the user about this and not show any drop-down menus or text fields.
  • The description of the system above suggests that a user goes through a sequence of five steps in order to submit a booking request. Your system should make sure that a request is only processed once all the required information has been provided and should produce appropriate error messages if the request does not contain all the necessary data.
  • The system would ideally help the user by listing in the first menu only classes which have places left at one of the dates and times it runs and, once the user has selected a particular class in that menu, would in the second menu only list the dates and times at which the selected class still has places left.
  • It would also be helpful to the user if entries in the two menus are listed in a `sensible' order, that is, classes should be ordered alphabetically and the dates and times chronologically. Also, each class should only occur at most once in the first menu and each date and time at most once in the second menu.
  • If a booking request is unsuccessful, then it should then be possible for the user to make another attempt with as little effort as possible. For example, if name and phone number were valid, but there were no places left on the selected class, then the system would ideally be programmed in such a way that there is no need to enter name and phone number again.
  • Note that the user still has great freedom when it comes to entering a name. You need to make sure that name strings are correctly stored in the database.
    You should also make sure that code injection is not possible via any of the inputs of the system.
  • There is the possibility that two users nearly simultaneously try to book the last remaining place on a class at a particular date and time. Depending on how you implement the interaction with the database, this could lead to a situation in which your system determines for both users that there is still a place remaining and then records for both users that he/she has successfully booked that place. This is obviously an incorrect behaviour by the system and needs to be avoided. The booking request of exactly one of the two users must be successful and the booking request of the other has to be unsuccessful.
  • As this is an assignment on PHP, the use of other scripting languages should be kept to a minimum. In particular, the use of JavaScript must be restricted to the pre-defined submit() function.
  • Your code should follow the COMP519 Coding Standard. This includes pointing out which parts of your code have been developed with the help of on-line sources or textbooks and references for these sources.


Submit your HTML, CSS, PHP code and a dump of your MySQL database (as separate, individual files; not as part of an archive file) via the departmental submission system at (COMP519-4: Assignment4N (PHP)). Do not forget to also set up the database on the departmental MySQL server, to make gym.php accessible via the departmental web server, and to correctly connect the two.


The deadline for this practical assignment is

Friday, 15 December 2017, 17:00

Earlier submission is possible, but any submission after the deadline attracts the standard lateness penalties. Please remember that a strict interpretation of `lateness' is applied by the Department, that is, a submission on Friday, 15 December 2017, 17:01 is considered to be a day late (analogously for submissions that are delayed further).


This practical assignment will address the following learning outcomes of the module:

  • be able to make informed and critical decisions, design and implement reasonably sophisticated server-side web applications using one or more suitable technologies.
  • be able to demonstrate an understanding of the range of technologies and programming languages available to organisations and businesses and be able to choose an appropriate architecture for a web application

This practical assignment will contribute 25% to the overall mark of COMP519. Failure on this assignment may be compensated by higher marks on other assignments for this module.

Marks will be awarded according to the following scheme:

  • The PHP script is accessible via the required URL, works without producing script errors, all required files were submitted, the files accessible via the web are identical to those that were submitted, and the access rights of the files in your filestore must be such that no other user can view their contents in the filestore: 10
  • Input/Output handling: 54
  • Database and processing of booking requests: 24
  • Formatting, commenting, and quality of code: 12

The mark for a submission that is not set up correctly on the departmental web server and MySQL server will be capped at 9.

As stated above, the University policy on late submissions applies to this assignment as does the University policy on Academic Integrity, which can be found at You should follow the COMP519 Lab Rules to ensure that you do not breach that policy.