CSC309

The Final Exam

You are permitted two 8-1/2x11 double sided aid sheets
You must obtain a minimum of 40% on the final exam to pass the course. Failure to achieve this minimal mark will result in a course mark of no more than 47.
The final will be in our labs, on the computer. You have been assigned a room by name, please see the UTM exams schedule.
You can find old final exams at the UTM Library. Look for Old Exams and then search for CSC309 utm.
The environment we will prepare will include vim, sublime, gedit as well as all software you need to build running applications.
We will include api for the technologies you have been introduced to in the course.
Your access to the rest of the web will be restricted.
The best way to study: Go over the labs, review your assignments. Pick a simple application and re-write it numerous times using all technlogies we have explored.

Some notes

The Syllabus (tentitive)
Office hours TBD (Proposal: W 10-12)
Prerequisite waiver forms can be found here, please print and submit to me next week. We drop people from the course in the second week.
Note: I am posting summaries of the lectures and labs as well as the examples and notes presented in class. They are necessarily incomplete. The real source of the material is the lectures and labs themselves and the discussion we have together when working through the material. Make sure to take notes. It has been proven that note taking helps you remember better than simply reviewing a video of the material. Even better, do something about the material, for example, run through the examples, ask and answer questions about it yourself (or send them to us). As I said early on, my lectures are not supposed to be text books, they are supposed to take advantage of the fact that we are in a room together, exploring, playing with the real thing, solving problems.

Week 1 Lab

We covered forms, basic form inputs (text boxes, buttons, submit, reset (in the exercises), combo/list boxes, ...), labels, element id, url encoding and how the server receiving the form understands the form variables (QUERY_STRING and STDIN in CGI). The difference between POST and GET as far as CGI is concerned. We set you up on our server, discussed unix permissions briefly, how the apache server is run under account www-data, and the implications for your files. We discussed how the URL gets translated to a request for a particular file. Finally, you created two webpages, validated them and submitted your work.

Lecture 1 (W1 F/ W2 T)

We covered the role of the browser and server. Covered basic HTML5, including the structure of an empty, valid HTML5 document and what the pieces mean. We also covered many basic elements, including block vs inline rendering of elements, DIV and SPAN. We discussed some aspects of the http protocol and the pieces of a URL, that http is a protocol, usually listened to by servers running on port 80. We briefly demoed the http protocol by telnetting into a server and so explained the pieces of a standard URL. We also explored the difference between relative and absolute links. We even thought about image tags and what this means with respect to a single webpage with images and the number of requests a browser might have to make to servers to render the page.

HTML5 Introduction
http, cgi, cookies etc. (142.1.44.124)

Week 2 Lab

Work on your first php scripts.

Lecture 2 (W2 F/ W3 T)

Today we covered php, more than just the basics, as well as a good bit about the http protocol, saw headers and the body, that http is stateless and connectionless, we discussed how to add state with cookies and what cookies are, that they can have lifespans, and that they are returned to the site that created them, within certain URLs (if specified). I demoed telnet/nc to a web server and issuing http requests. We showed, in a telnet session cookies being set and being sent. Highlights for php, include $_REQUEST and the interaction with URL encoded attribute/value pairs and forms, $_SESSION, $_COOKIE dictionaries, looping, variables, the general role of PHP etc. I demoed all of the details behind how PHP sessions are implemented, including security implications and demoed session hijacking at a low level. I even touched on file locking and serialization of data, both through var_export and via json. We finished with a demo of a script which shares json data between many clients via shared access to a file. We also spoke about the security implications of php scripts running as root, www-data, or the owner of the script that is executing. We are running suphp (the last option) in our server, so this has implications as to where the php sessions are stored.

Week 3 Lab

Lecture 3 (W3 F/ W4 T)

We reviewed a small web framework in class. Concepts included Model, View, Controller. The Controller implemented as a Front Controller (so all requests go through that), There were two states to consider, the model state and the application state. The model state was kept in model variables, the application state was kept in a state variable (also in the session). Also, the Controller used a finite state machine to manage the transitions in application state. We covered how to determine if a submitted page was old via the use of a page state token. We also covered pre-filling/refilling form variables.

Week 4 Lab

Writing an MVC application

Assignment 01

Lecture 4 (W4 F/ W5 T)

javascript

Week 5 Lab

Javascript

Lecture 5 (W5 F/ W6 T)

AJAX, JSON and JQuery

Week 6 Lab

Work on A1

Lecture 6 (W6 F/ W7 T)

Some notes node.js 1) model of computation, a) single thread, b) event driven, c) motivation for the model, d) demo it by putting a bad loop in the code, preventing handling of other requests, e) show ps on my system to see the many handler processes for apache (to compare) 2) Make some mistakes, like trying to start multiple node.js servers on the same socket, 3) view some of the requests using firefox developer tools 4) make some requests using telnet (so they see the cookie exchange) etc. 5) look at headers 6) look at parsing parameters 7) look at cookies 8) node+express 9) node+express+pug 10) node+express serving static content rest-api (see rest_notes.txt) 1) PUT vs GET vs POST vs DELETE (for CRUD applications) https://restfulapi.net/http-methods/ 2) Routing in node+express 3) Return codes https://restfulapi.net/http-status-codes/

node.js, and restful api

Week 7 Lab

Ajax/Node

Lecture 7 (W7 F/ W8 T)

We covered: this, closures, arrow functions, canvas, flys (animation/game loop), a drop of mobile.

Advanced Javascript: Classes: yet another way to define classes (see ballClass.js)
Advanced Javascript: variable scope, this, arrow functions (see closures below to understand arrow functions)
Advanced Javascript: closures
Advanced Javascript: promises
Mobile Javascript (Didn't really cover this, just spoke about it at a high level)
Canvas

Assignment 02

Lecture 8 (W8 F/ W9 T)

We covered: CSS

Week 8 Lab

Lecture 9 (W9 F/ W10 T)

We covered: React

react, or as react.zip

Week 9 Lab

react

Lecture 10 (W10 F/ W11 T)

We covered: node and WebSockets, mobile api

Assignment 03

Week 10 Lab

webSockets notes
webSockets (see the notes.txt)

Lecture 11 (W11 F/ W12 T)

Coded something from scratch which used React, AJAX, JQuery, WebSockets

vote.zip

Week 11 Lab

mongodb, adapted to our system setup from the online tutorial
connecting to mongo inside node