This assignment is based on the organisation known as Bazaar Ceramics and it will build on the…

Scenario
This assignment is based on the organisation known as Bazaar Ceramics and it will build on the Dynamic Websites Practical Task and Written assignments you have done so far. The client Emma Rich, is impressed with the progress of the website and would now like to see the implementation of member’s authentication enabling members to logon and access content unique to them. She has also asked if it would be possible to allow new members to self-register. She has however, some concerns regarding security and ensuring that not just anyone can gain access to the member’s page.
The other thing she has been asking about is the ability to order online. She is satisfied with what has been developed so far but is wondering how this can be incorporated into Bazaar Ceramics information processing system.
Your supervisor Christopher Dilbert has explained to Emma about the need for setting up customer, product and order details in a database which the website can connect to and interact with. After many meetings with Emma, Christopher and other members of the project team who specialise in database design, a database schema for Bazaar Ceramics has been produced (see Appendix A).
Christopher in consultation with yourself and the other members of the project team has now “nutted” out the next stage of development for the Bazaar Ceramics website.
Firstly he would like you to prepare for Emma Rich an explanation of web security covering authentication and encryption in conjunction with session management. One thing that has piqued her interest was the mention of “salt” in reference to encryption.
For the members pages he has come up with the following requirements:
• a logon page or facility for members to logon to the Members page of the Bazaar Ceramics website.
• the facility for new members to self-register after appropriate validation checks
• a personalised message displayed on the appropriate pages welcoming the member
• verify the existence of an existing member at logon using encryption. If the existing member’s details do not match then they should be redirected back to the logon page
• the member’s credentials should be verified on the appropriate member pages therefore, their details will need to be maintained while they are visiting the site during the same session
• a logoff option that will clear their details
Christopher has asked that you keep the development of these features as efficient by re-using code as much as practicable.
At this stage the development of the website will still be approached as that of a prototype until it is completely deployed.
All pages are to be HTML5 compliant.