Milestone 1By:

Posi Olarewaju Heather Truc

Domenico Bruce Joseph Meckler

Ming Zhang

• Allows sports fans from all over the world to voice opinions about sports-related events.

• Users will be able to view and post photos/videos either while at the game or while at home/on the road.

• Users will be able to partake in discussion forums or live chats either by sport, league, team, or an actual game.

• Users will have the ability to manage their own personalized profile page, track posts regarding to either sports, leagues, or teams they are interested in, as well as track and post sporting events they will or might be attending.

Problem Statement/Executive Summary:

Requirements Specification:

Non-registered Users: Registered Users: Administrator:

View articles

View list of upcoming events

View registered user profiles

Use search option

Login/out

Reset lost password

Send/receive PMs

Edit profile View/add/edit/delete articles and posts

Post/edit/delete comments Manage user accounts (approve, edit, delete, lock, and ban)

View/edit/remove upcoming events Reset registered users’ passwords

Rate articles, photos/videos, and teams Add/edit/modify teams

Generate and view reports

Functional Requirements:

Requirements Specification:Non-Functional Requirements:

• Usability Requirements– Login/register on any page– Login/register with ease/no hassle– Provide user-friendly interface– Allow administrators/site staff to

navigate with little or no training• Performance Requirements

– Be accessible through the web– Download all pages in 3 seconds (5

for mobile browser)– Generate reports within 1 minute

• Reliability Requirements– Detect any faults/issue warnings for

failure and/or crash• Packaging

– Installed/uploaded on webhost with PHP and MySQL servers using FTP.

– Current server is: http://sit.yorku.ca:8080/grp20/

– Future domain: http://www.mysportlounge.com

• Legal– All levels of users must agree to

terms of service which will allow MySportLounge ownership of information hosted on system

• Maintainability and Portability– Applications to use JEE framework– Use Tomcat on server side– Store users’ password encrypted in

database– Run on different web browsers

• Implementation– Should take 2 working days to install

+ 1 working day to set up staff admin accounts

• Cultural and Political Requirements– All content will comply with ethical

codes and political policy– Website will be accessible in either

English or French

Functional Models:Actors:

Administrator Registered User Pending User

User

Registered Users: Largest group of members and they will be the primary users who interact with

the website. Administrator: Main role is to verify registered user accounts, add, edit, and delete user

accounts, provide user support and ensure that the system is running correctly and available at all times.

Actor Diagram

Functional Models (Cont.):Actor Definitions:

Registered Users:Description Registered User is a member of MySportLeague. He or she is able to post comments

on articles, edit their profile, upload photos and videos, and add themselves to “Current Games” that they are attending.

Aliases Customer, client, sports fanInherits UserActor Type Active - PersonContact Person AdministratorContact Details Registered User’s e-mail and viewable contact information on member’s Profile

page

Administrator:

Description Administrator is a member of MySportLeague. He or she will manage user accounts, verify accounts, and maintain website.

Aliases Staff

Inherits User

Actor Type Active - Person

Contact Person n/a

Contact Details Administrators e-mail

Functional Models (Cont.):Use Case Diagram:

Administrator Registered User

Register

Log In

Reset Password

Add Comments

Search

Edit Profile

Manage User Account

Generate Reports

View, Add, Edit &Delete Articles

View and RateArticles

Send and ReceivePrivate Messages

Upload Photos andVideos

View, Add, Edit andDelete Comments

Functional Models (Cont.):Use Case Descriptions:

Use Case Name Register

Use Case Description The system creates an account for the new user to access the website.

Participating actor(s)

Initiated by the User

Flow of Events 1. User clicks “Register”.

2. System prompts the user to the registration page.

3. User inputs required information in the registration form.

4. User submits registration form.

5. System creates account with inputted information from registration form.

Pre-condition The user does not have an account registered with the website.

The user is on the main page.

Post-condition The User is redirected to the “Login” page.

Functional Models (Cont.):Use Case Descriptions (Cont.):

Use Case Name Login

Use Case Description The system allows the Registered User to login to the website.

Participating actor(s)

Initiated by the Registered User

Flow of Events 1. System prompts the user to log in.

2. The user enters his/her username.

3. The user enters his/her password.

4. The System responds by displaying the appropriate feedback to the User. The feedback could either be a redirect to the homepage indicating a successful login, or an error message indicating an unsuccessful login.

5. The System logs user into website.

Pre-condition The user is already registered.

The user is on the main page.

Post-condition The User is redirected to the main page, OR

The User receives an explanation indicating why he or she was not able to log in to the system.

Exercises:Exercise 1: Data Model

SQL Data Model to Represent Users and User Groups

Exercises:Exercise 1: Data Model (Cont.)

Do you store users passwords in the database encrypted or non-encrypted?- Non-encrypted at this time. If database reaches 500 user

accounts, we will consider integrating encryption.

What are the advantages and disadvantages of encryption?Advantages: Disadvantages:

- Data security- Authentication (and creation of

public/private keys for user)- Enhance protection, increasing

customer satisfaction- As database grows, it allows

protection of website and user accounts from fraud

- Longer processing time- Added overhead- Does not guarantee against

user or website getting hacked or from receiving malicious viruses

Exercises:Exercise 2: Page Flow

Welcome New User

CompleteRegistration

form

Is data valid?

UpdatesDatabase

Yes

LoginPage

Refill error section

No

Exercises:Exercise 3: Basic User Registration and Login Pages

Can someone sniffing packets learn your user's password? Gain access to the site under your user's credentials? - Currently, someone could learn the password, but they would

be unable to sign in as login is not yet implemented

What happens to a user who forgets his or her password?- They click “Forgot Password” link which takes them to

forgotpassword.jsp where they can reset their password using their username and answer to their security question.

Exercises:Exercise 4: Site Administrator's Pages for Working With Users

How can the administrator control who is permitted to register and use the site?- The Administrator may restrict a user from registering if he or

she enters an e-mail address or username that is already in the database or an e-mail address that has been banned due to term violations. When filling out the Registration form, all fields must be valid.

What email notification options does the site administrator have that relate to user registration?- The Administrator will have access to all user accounts’ e-mail

addresses. The e-mail address the user entered during their registration (signup.jsp) will appear in the Administrator’s interface where the Administrator will have access to send user’s messages.

Exercises:Exercise 5: Referential Integrity Constraints and Query Performance

How long will it take to look up a user by email address?- The time it will take the Administrator to look up a user by e-mail

address depends on the size of the database and the user’s Internet connection.

What if this email address is capitalized differently from what you've stored in the database?- Uppercase and lowercase letters in e-mail address will not affect

the way the e-mail is stored in the database. The database that contains the e-mail address will not be case sensitive.

Is it possible to have two users with the same email address?- It is not possible to have two users with the same e-mail address

in the database. The e-mail address is a PRIMARY KEY in the Reg_users table.

QUESTIONS?