Code a Web Component, interacting with a back office server using a custom protocol/language (XML on HTTP), to permit secure multi-level users access to data.
The requirements :
- No code redundancy
- User management session based
==> Authentication mechanism must prevent any user account bypass or privilege hijacking
==> All data must stay on the server side, identification after authentication based on cookie session ID
- Multibyte strings management
- Implement mechanism to check all user inputs to prevent any XSS/CSS or data manipulations (SQL/code injection)
- No internal private data provided on client side
==> If objects related to a specific user are identified by private keys on the server side these IDs must be translated to temp IDs which can't be reversed to obtain the original ID on client side
(Easy implementation for the example list (456, 563,890), is to send the list 0,1,2 where tmp=456 on the server side.)
- Manage the global structure of the pages to prevent any direct access to a page
==> Each page can only be accessed through a specific scenario
- Design must be easily customizable
A working version of the web site exists, but after cleaning the existing code we’ve chosen to
create a new project. Original code available upon request after NDA.
1) Develop from scratch a web site which has the same functionality as the current existing site (STEP 1: THE CURRENT Project)
2) If step one satisfactorily meets the requirements, develop step by step all other existing functionalities (STEP 2 )
3) Develop new functionalities (STEP 3 )
Standard outsourcing Requirement for Service providers.
1) Must have Chat and be online daily (more than 5 minutes) on either:
ICQ, MSN or Yahoo,
There is No excuse as they are all free to use, We suggest you use trillian basic from [url removed, login to view] (its free!)
2) Must communicate often, AT LEAST ONCE A DAY, even if nothing to report.
3) Must be able to send and receive large files 30MB, 100MB (no-dialup!)
4) Must have a working reliable email address, if you cannot send me emails you have disqualified yourself.
5) Must accept payment via Paypal
6) If programming - Code produced must compile in Microsoft Visual C++ 6.0 with all patches and Microsoft SDK
7) Code must compile with 0 warnings and 0 error
8) If programming in C - Code must comply these C++ Programming Style guidelines
9) Code must be well documented
10) Code must be documented to support Doxygen
11) Signed Non-Disclosure Agreement if handling our internal products or code
12) Comments, error messages, function names, variable names, MUST be in English.
13) If you make Installers as part of the project, then they must be made in InstallShield 9.0 for Visual Studio and must be able to do unattended installation.
a) Individuals over companies
b) Minimum software for product execution : windows 2000 SP3/windows XP/ windows 2003
c) Minimum Hardware for Execution of our product: 256 MB Ram, 1G Free diskspace, 800Mhz
d) You have your own compilers and tools
e) Specific bids over generic bids
f) The clarification board is for questions about the project, not for spam or self promotion
g) The Private Messages are for just that and not repeating your offer, and no spam.
h) Specific self promotion that you do not want to show the competition belongs here on the Private Messages