VISVESVARAYA TECHNOLOGICAL UNIVERSITY BELAGAVI, KARNATAKA A Project Report on “SECURE ONLINE AUCTIONING PORTAL” Submitted in the partial fulfillment for the requirements for the conferment of Degree of BACHELOR OF ENGINEERING in INFORMATION SCIENCE AND ENGINEERING By Mr. ABHAY SOMANI USN: 1BY14IS002 Mr. GUNJAN BOBADE USN: 1BY14IS015 Mr. VIKSHIT SHARMA USN: 1BY14IS061 Under the guidance of Mrs. ASHWINI N. Asst.Professor 2017-2018
VISVESVARAYA TECHNOLOGICAL UNIVERSITY BELAGAVI, KARNATAKA BMS INSTITUTE OF TECHNOLOGY & MANAGEMENT YELAHANKA, BENGALURU-560064 DEPARTMENT OF INFORMATION SCIENCE & ENGINEERING CERTIFICATE This is to certify that the Project work entitled “SECURE ONLINE AUCTIONING PORTAL” is a bonafide work carried out by Mr. ABHAY SOMANI (1BY14IS002), Mr. GUNJAN BOBADE (1BY14IS015), Mr. VIKSHIT SHARMA (1BY14IS061) in partial fulfillment for the award of Bachelor of Engineering Degree in Information Science and Engineering of the Visvesvaraya Technological University, Belagavi during the year 2017-18. It is certified that all corrections/suggestions indicated for Internal Assessment have been incorporated in this report. The project report has been approved as it satisfies the academic requirements with respect to project work for the B.E Degree. __________________ ______________________ Signature of the Guide Signature of the Coordinator Mrs.Ashwini N. Dr. Pushpa S. K __________________ EXTERNAL EXAMINERS _____________________ Signature of the HOD Signature of the Principal Dr. Manjunath T. N Dr. Mohan Babu G. N Name of the Examiners 1. Signature with Date 2.
SECURE ONLINE AUCTIONING PORTAL CHAPTER 1 INTRODUCTION An auction is Latin work which means augment. Auction is a bid, a process of selling; buying and services offered take place. 1.1 PREAMBLE There are several different types of auctions and certain rules exist for each auction. There are variations for an auction which may include minimum price limit, maximum price limit and time limitations etc. Depending upon the auction method bidder can participate remotely or in person. Remote auction includes participating through telephone, mail, and internet. Shopping online has widely grown; online auction system is increasing rapidly. Online auction is becoming more and more popular in electronic commerce and hence it should system must increase its quality and security. The online auction system is a model where we participate in a bid for products and service. This auction is made easier by using online software which can regulate processes involved. There are several different auction methods or types and one of the most popular methods is English auction system. This system has been designed to be highly-scalable and capable of supporting large numbers of bidders in an active auction. Online Auctioning System has several other names such as e-Auctions, electronic auction etc. The requirement for online auction or online bidding can be more accurately specified by the client. It should be healthy and will be a good practice when it is made more transparent as a matter of fact. Online Bidding has become more wide spread in all sorts of industrial usage. It not only includes the product or goods to be sold, it also has services which can be provided. Due to their low cost this expansion made the system to grow. Online bidding has become a standard method for procurement process. Bidders can be maintained in a single database according to the preference, and they can be monitored. User’s data can be maintained in a confidential way for validity and integrity of contractual documentation. Neat reporting reduces paperwork, postage, photocopying and time beneficial. Multiple bidders can be communicated with a great ease. This system allows multiple bids by single users. Online bidding is based upon lowest or the highest price which is ISE, BMSIT&M 1 2017-18
SECURE ONLINE AUCTIONING PORTAL initiated but not the best value for the product. Although there is a chance to fix the criteria against the fact expected to have desired value by the seller. 1.2 MOTIVATION The security based flaws in the current auctioning system motivated us to take up this project. We see a scope of improvement in the current system as they are susceptible to a lot of fraudulent activities. The users need to be verified before being able to sell or buy products and that is what we have tried to achieve by the means of this project. ISE, BMSIT&M 2 2017-18
SECURE ONLINE AUCTIONING PORTAL CHAPTER 2 LITERATURE SURVEY An auction is a market with an explicit set of rules determining resource allocation and prices on the basis of bids from market participants (McAfee & McMillan, 1987). Generally speaking, an auction is the standard means for performing an aggregation of supply and demand in the marketplace to effectively establish a price for a product or service. It establishes prices according to participants’ bids for buying and selling commodities, and the commodities are sold to the highest bidder. Simply stated, an auction is a method for allocating scarce goods, a method that is based upon competition between the participants. It is the purest of markets: a seller wishes to obtain as much money as possible for the commodity offered, and a buyer wants to pay as little as necessary for the same commodity. Traditionally, there are three protagonists in the auction: sellers, buyers, and auctioneers. An auction offers the advantage of simplicity in determining market-based prices. In the case of a traditional physical auction, a seller will choose an auction house based on the service: the form of licensing, the availability of suitable insurance, suitable descriptions and access to the commodities, payment terms, and security of goods before and during the auction process. The buyer or seller needs to come to the market or sends his/ her representative. Participants may join an online auction system, effectively placing bids using a computer on an anywhere-anytime basis. The access is not only limited to desktop computers, but also handheld devices such as mobile phones. In online auctions, transactions take place based on information (product descriptions), and the products move from seller directly to buyers only after online transactions are completed. They facilitate buyers and sellers in: meeting, the listing of items for sale independent of physical location, exchanging information, interacting with each other, and ultimately completing transactions. They offer significant convenience, allowing trading at all hours, and provides continually updated information; and they allow buyers and sellers to trade directly, by bypassing traditional intermediaries and lowering costs for both parties. Online auctions are global in reach, offering buyers a significantly broader selection of goods to purchase, and provide sellers with the opportunity to sell their goods efficiently to a broader base of buyers. Factors that make online auctions attractive may also present disadvantages. Many online auctions simply list the items for sale. No attempt is made to verify and check that the ISE, BMSIT&M 3 2017-18
SECURE ONLINE AUCTIONING PORTAL merchandise actually exists or that the description is accurate. Transaction trustworthiness and security are the two most significant problems. Online auctions have become very popular. One of the most successful online auctions, eBay (www.ebay.com) purports that the number of active users worldwide has increased from 27.7 million in 2002 to 41.2 million in 2003, and the number of listings was about 292 million in 2003 (eBay, 2004). Nielsen/Netratings, the global standard for Internet audience measurement and analysis, also reports that eBay was one of the top five sites in Germany and the United Kingdom in February 2004 (Nielsen/Netratings, 2004). The research firm, the Aberdeen Group, found that 94% of net market transactions were through auctions, with just 6% through catalog sales (Pritchard, 2002). Most auctions are open to the public. Whatever you want, you can find. Given the rapid success of the virtual market, no de facto standards exist as to the bidding rules and policies governing the online auction business. Although online auctions have been developing for many years, there are still two major problems: trustworthy transaction and security. Regarding the first problem, trustworthy transactions, many auction sites describe themselves merely as meeting places for buyers and sellers. They simply allow sellers to list merchandise offered for trade and do not verify that the merchandise actually exists or is accurately described. They only use an email address to identify the traders—buyers and sellers. After the auction is over, it is the seller’s responsibility to deal directly with the buyer concerning payment and delivery. The auction companies do not hold any responsibility for the transaction. Auction fraud is therefore an increasingly difficult problem in the virtual market. The common types of auction fraud are as follows Failure to deliver: Buyers pay for an item, which is never received. Misrepresentation: Items received do not match up to the original description. Shill bidding: A seller, or an associate, places a fake bid intended to drive up prices. Among the complaints that the Federal Trade Commission (FTC) received Provision of a security system with fine-grained access control that will allow, on the one hand, legitimate users access to resources, while on the other, protecting sensitive information from hackers and unauthorized users (i.e., all other users). OAS should provide secure data transactions from sellers to OAS and from OAS to buyers. ISE, BMSIT&M 4 2017-18
SECURE ONLINE AUCTIONING PORTAL 2.1 EXISTING SYSTEM From a recent study make by scientists at Carnegie Mellon University, found many fraud schemes from the historical auction data using data mining techniques and other accomplices. One of the most currently fraud schemes is that the bidders are making false identity or accounts in order to increase the sale price. Currently there are two approaches mostly being implemented such as policy-based and reputation-based trust management, which also lag certain security issues. There was a recently proposed system by Ganeriwal and Srivastava, which was a reputation based model for sensor networks. This system works well in maintain the reputation for the nodes and also in evaluating trustworthiness. But the main drawback is that there is no effective and particular method to prevent the users from giving false identity and hence the system fails in providing a secured environment. The existing \"OPEN Auction House\" is managed manually. Prior to each auction the day of auction, the (venue and the items on auction are announced through news media. Those who wish to take part in the auction have to arrive at the venue on that day on time. This conventional method most of the times prevent aspiring bidders from participating in the bidding process. Another headache of the old system is to track each bidding process and to make it culminate in financial settlement. So the system has to keep records of both buyers and sellers until the end of settlement. The process is very cumbersome and time consuming. 2.1.1 Disadvantages of existing system The disadvantages of the existing system are: Prolonged time In normal auction the time for auction is fixed which will not be changed. But in the case of online auction, the timer is reset with 20 or 30 seconds when a bidder places a bid which makes the auction time to be prolonged causing time delay in closing the auction. ISE, BMSIT&M 5 2017-18
SECURE ONLINE AUCTIONING PORTAL Anonymous bidder The online auction does not take place face to face which creates anonymous bidders. The auctioneers cannot have a hold on who is participating in the bidding. This can lead to anonymity in identifying the bidders. False Auto bidding bots There is option available for auto bidding with the auction software. The software will automatically bid on behalf of the bidder when few criteria for bidding is fixed by the user. This creates false auto bidding bots that may mislead auction. Product genuineness One can view only the product photo on the auction website. One cannot inspect the product about its condition and usability physically which may lead to lack of product genuineness. Some of the online auction does not support refund Fake site The auction website may be sometimes fraudulent which sells fake products which will never be delivered. The product description and actual product may differ. Sometimes the product delivered may not be the product that was placed for auction leading to chaos. 2.2 PROBLEM STATEMENT The need is to develop a system that offers maximum level of security as commodities are involved in the process. The system must give exclusive access to the buyers and sellers to put the product for auctioning and bidding. The registration of the users must be verified by a valid aadhar number which can be tracked in case of a fraudulent activity and also by a mobile OTP that is sent during the time of registration. 2.3 PROPOSED SYSTEM The development of this new system contains the following activities, which try to develop the web-application entire process keeping in the view of database integration approach: This system will provide secure registration and profile management of the users. Administrators would authorize the product to auction, set auction dates & minimum auction amount for that product. ISE, BMSIT&M 6 2017-18
SECURE ONLINE AUCTIONING PORTAL Prior to each bid, the user’s mobile number and Aadhar card must be authenticated and authorized. Users can select their interested fields for bidding and periodic Message alerts must be sent in case they have won an auction for a particular item/product. Complete Search/Site Map of the entire site for easy access. An auction house needs to have products to auction/ so in the proposed system this is done using product registration module. The module is open to user who is registered sellers and they need to authenticate before they register any product. The system controls the closing date by adding 1 days to the submitting date there by restricting the bidding process to go on in definitely. Another important module in the proposed protect is the \"Bidding module \". Here one can see the details of any particular product and also the bidding history. The user can bid on that item by entering any amount greater than or equal to the incremental bid amount. Here also system checks to see whether the user has his credential verified otherwise he, she will be directed to the login, registration page. The last but the least module is the \"Administration module”. The module is only open to the web administrator due to security reasons. This module the administrator can add product categories and this is to avoid rampant creation of categories. This will be necessary when some of the details of the product need to be edited for one reason or other. The third and last the closed bid manager where the administrator notifies both the seller and buyer the need to complete the transaction. There is another module which runs more or less like background process. The function of the module is to close bid of those products whose closing date is less than the current date. The process is automatic and hidden from the web users. 2.3.1 Advantages of proposed system The advantages of proposed system are: No physical location The products for auction does not need any physical location in case of online auction. The inventory can be managed online and upon sale the product can be shipped physically. This makes it flexible to hold an auction online site. ISE, BMSIT&M 7 2017-18
SECURE ONLINE AUCTIONING PORTAL Convenience The bidder can participate in auction from anywhere at any time through online auction. There is no limitation regarding the time, place, or person to conduct online auction. Bidders can participate in auction from home or office using the computer terminal. Rich information The related information about each auction product is neatly presented on the website. Bidders can peruse all the documents related to the products before participating in the auction. There is no confusion to get information at fingertips. Time & money saving Online auction saves time and money. There is no dedicated time required to travel and reach an auction place. Just logging into the site makes it possible for the user to participate in auction which also saves money spent for reaching the auction spot. Quick result with instant price update As bidders participate via online, the results are also instantly flashed on the website without any time delay. The bid amount or price is updated as and when the bidding is placed. The results are showed on the site immediately when a bidder wins the product. Time extension Each time when a bidder places a bid, the total bidding count down time is increased by 20 or 30 seconds as fixed by the administrator. Hence the time for the bidding is extended which gives more opportunity for the bidder to participate in auction. Compare prices The main advantage of bidding via online is that it provides the opportunity to compare the price online. The bidder can do a small research regarding the product price and quality with other online auction site before participating in the bidding. No rude bidders ISE, BMSIT&M 8 2017-18
SECURE ONLINE AUCTIONING PORTAL Some bidders can become very aggressive in their attempt to win an item. Name calling, inappropriate hand gestures and in some rare instances even becoming physically violent (shoving chairs for example) toward their competitors. Online auctions do not provide bidders the chance to get huffy with one another. No schedule constraints When going to an auction in person, bidders are bound to the auction house/auctioneer’s scheduled business hours. Auctions are scheduled from time A and end at time B. Online auctions are open twenty-four seven until the designated end date. This is convenient for people who have jobs/school. They can bid at 2am in their pyjamas if they want to! Limited or no auction house fees Auction houses charge a certain percentage for the sale of each auctioned item. Plus the auctioneer has to be paid. Online auctions eliminate the auctioneer expense and sometimes even the auction house percentage. Ability to bid on items on a global level This is a wonderful advantage to an online auction. A person can view listings from a foreign country, bid and win. Unless a person has the money to travel to different countries to attend auctions in person, foreign auctions are just not an option. For auction fans, the online forum allows them to see things that they might never get to see in person. 2.4 OBJECTIVE The Objective is to develop a user-friendly auctioning site where any kind of product can be auctioned and provide value-added services to the bidders and the sellers. The products will be authenticated and the site provides a safe environment for online users: • Secure registration of all users including a personal profile Administrators would authorize the product to auction, set auction dates and Minimum auction amount for that product. • At the time of signing up, the Aadhar Number is checked and Mobile number is verified. • Complete Search/Site Map of the entire site for easy access. • Discussion forums for users to interact with other users to know about the product’s value and originality. ISE, BMSIT&M 9 2017-18
SECURE ONLINE AUCTIONING PORTAL CHAPTER 3 SOFTWARE REQUIREMENT SPECIFICATION Let’s take a look at the requirements at user as well as the portal’s end. 3.1 FUNCTIONAL & NON FUNCTIONAL REQUIREMENTS The functional capabilities which make up an e-purchasing system suitable for public procurement specified as the following: Many-to-many functionality (Many buyers to many sellers), decentralized buyers and sellers, search for suppliers by name, category, locality code, and contract, create purchase requisitions , generate purchase orders while including optional approver workflow, receive goods into the system, allow for the customization of \"buy policies\", buyer data management, supplier data management. Following are the non-functional requirements: Performance The system must be interactive and the delays involved must be less. So in every action- response of the system, there are no immediate delays. In case of opening windows forms, of popping error messages and saving the settings or sessions there is delay much below 2 seconds, in case of opening databases, sorting questions and evaluation there are no delays and the operation is performed in less than 2 seconds for opening, sorting, computing, posting > 95% of the files. Also when connecting to the server the delay is based editing on the distance of the 2 systems and the configuration between them so there is high probability that there will be or not a successful connection in less than 20 seconds for sake of good communication. Safety Information transmission should be securely transmitted to server without any changes in information ISE, BMSIT&M 10 2017-18
SECURE ONLINE AUCTIONING PORTAL Reliability As the system provide the right tools for discussion, problem solving it must be made sure that the system is reliable in its operations and for securing the sensitive details. Availability If the internet service gets disrupted while sending information to the server, the information can be send again for verification. Security The main security concern is for users account hence proper login mechanism should be used to avoid hacking. The tablet id registration is way to spam check for increasing the security. Hence, security is provided from unwanted use of recognition software. Usability As the system is easy to handle and navigates in the most expected way with no delays. In that case the system program reacts accordingly and transverses quickly between its states. 3.2 USER REQUIREMENTS The system primarily has 3 types of users: Seller module A seller’s primary concern on such a portal would be security against fraudulent buyers and random bids. The seller needs to know who got the product and needs to act accordingly. The seller must be able to check his product for bidding and should be able to add one easily. He should also be able to see the reviews about the product and communicate with the customers or bidders regarding any issue that arises. Buyer module The bidder should first see which product is been posted on the app which is to be auctioned along with all the needed information about it. If the bidder is interested to buy that product, then he can register for the auctioning and bid the amount. At last, at the end of the auctioning the bidder should get to know the result. The buyer or the bidder should be able to give a feedback to the seller or admin. ISE, BMSIT&M 11 2017-18
SECURE ONLINE AUCTIONING PORTAL Admin module The admin must be the one who controls the entire bidding process by deciding the expiry time of each bid. He must be able to add, remove or manage a category. Admin must be able to add or delete comments and take feedback from people regarding the processes going on in the portal. 3.3 SYSTEM REQUIREMENTS Dedicated application server with minimum specification, are as: Intel Core 2 Quad Memory 2*2GB DDR3 Hard Disk 1 x 360 GB HDD SATA Ethernet Card 10/100/1000 Mbps e. Microsoft Windows 2003 Small Business Server. 3.4 INTERFACE SPECIFICATIONS The requirement specifications that are acquired from the first phase are studied in this phase and system design is carried out. System design phase describe the hardware to be used which in this project involves the use of laptops and a server and as an alternative the project makes use of a local host server XAMPP. XAMPP can be hosted on a laptop/computer are used to store the data. System design assists in specifying system requirements and also helps in defining overall system architecture. User Interfaces The user interface for the software shall be compatible to any browser such as Internet Explorer, Mozilla or Netscape Navigator by which user can access to the system. Hardware Interfaces Since the application must run over the internet, all the hardware shall require to connect internet will be hardware interface for the system. As for e.g. Modem, WAN – LAN, Ethernet Cross-Cable. ISE, BMSIT&M 12 2017-18
SECURE ONLINE AUCTIONING PORTAL Communications Interfaces The e-store system shall use the HTTP protocol for communication over the internet and for the intranet communication will be through TCP/IP protocol suite. 3.5 SOFTWARE REQUIREMENTS Software requirements are classified into broader areas into front end and back end. Front end The front end of the portal has been designed using HTML and CSS which allowed us to create a Real time portal for auctioning. HTML tags and CSS formatting. Bootstrap has been used to customize the portal for a display of smaller or bigger size. Some of the commonly used tags in HTML are: o The <header> element is used to identify content that precedes the primary content of the web page and often contains website branding, navigation elements, search forms, and similar content that is duplicated across all or most pages of a website. o The <div> element defines an arbitrary block of content which can be placed and styled as a single unit. o The <form> element is used to create an HTML form. The <form> element does not actually create form fields, but is used as a parent container to hold form fields such as <input> and <textarea> elements. o The <frame> element was used to break a single browser window into multiple independent browsing contexts. Back end In the backend we’ve used MySql as the database and PHP as a server. The queries were written in MySql and then imported to PHP and hence linked to the front end of the application. MySql is a powerful database language that lets you store, organize and access data easily. ISE, BMSIT&M 13 2017-18
SECURE ONLINE AUCTIONING PORTAL 3.6 USECASE DIAGRAMS Use case Diagrams represent the functionality of the system from a user’s point of view. Use cases are used during requirements elicitation and analysis to represent the functionality of the system. Use cases focus on the behavior of the system from external point of view. Actors are external entities that interact with the system. Examples of actors include users like administrator, buyer, seller…etc., or another system like central database. System here refers to the Online Auctioning system and the actors that are using the system are Admin and Customer. Admin can view all the customers, view the bid items, view today and end day auction items and view the profiles of the customers. Customer registers, and upon successful login can buy or sell the items, can view his profile, can view the new auction items today and end day. After providing login details for admin login the details will be validated and after successful validation it will be redirected to the admin home page. Use case diagram of system: System Admin OnLineAuctioningSystem Customer Figure 3.1 System use case diagram. The above system use case diagram shows that both Admin and customer can access the Online Auctioning System. ISE, BMSIT&M 14 2017-18
SECURE ONLINE AUCTIONING PORTAL Use case diagram of Admin: ViewCustomers ViewBidItems Admin Edit Categories Edit product Figure 3.2 Admin use case diagram. The Above use case diagram of Admin shows the Functionalities of Admin such as viewing a customer, view bid items, edit categories, edit products. Use case diagram of Customer: Registration Login Buy Items Sell Customer History Figure 3.3 Buyer/Seller (Customer) use case diagram. The customer can be a buyer and a seller. A customer will first sign up as a buyer or a seller and then login into the system. Different functionalities will be provided to both buyer and seller. ISE, BMSIT&M 15 2017-18
SECURE ONLINE AUCTIONING PORTAL CHAPTER 4 DESIGN AND ANALYSIS The complete detailed design of the system with module description with activity, data flow diagram. 4.1 SYSTEM ARCHITECTURE The system after careful analysis has been identified to be presented with the following modules and roles. The modules involved are: Seller module Buyer module Admin module 4.2 ACTIVITY DIAGRAM Admin EnterUsername,password Fail Login Item Success Home Categories BiddingInfo LogOut AddItems ViewItems AddCategories ViewCategories AddBiddingInfo ViewBiddingInfo Figure 4.1 Administrator activity diagram. After successful validation of login credentials Admin will be redirected to the home page and from the home page he can add items for auction, view items that are up for auction, add categories, view categories, add bidding info and view bidding information. ISE, BMSIT&M 16 2017-18
SECURE ONLINE AUCTIONING PORTAL OwnerOfArticle EnterUsername,password Login Fail Success Item Home Categories BiddingInfo LogOut ViewItems ViewCategories ViewBiddingInfo UpdateItems deleteItems UpdateBiddingInfo DeleteBiddingInfo Figure 4.2 Seller (Owner of the Article or customer) activity diagram. After successful validation of login credentials seller/owner will be redirected to the home page and from the home page he can view items, update or delete items, view categories, view bidding info, update bidding info and delete bidding info. RegisteredBidder Fail Login EnterUsername,password Success Hom Ite Categorie BiddingInfo LogOut e ms ViewItems ViewCategories ViewBiddingInfo Figure 4.3 Buyer (Registered Bidder or customer) activity diagram ISE, BMSIT&M 17 2017-18
SECURE ONLINE AUCTIONING PORTAL After successful validation of login credentials registered bidder will be redirected to the home page and from the home page he can view items, view categories and view bidding info (see Figure 4.3). 4.3 DATAFLOW DIAGRAM The data flow diagram shown in the figure 4.4 illustrates the entire flow in the process. In the Login Screen the entered username and password will be supplied to the authentication server and if the login credentials are valid the user will be directed to the home screen and if they are invalid the user will be taken back to the login screen. Figure 4.4 Data flow diagram which illustrates entire flow in the process. ISE, BMSIT&M 18 2017-18
SECURE ONLINE AUCTIONING PORTAL Administrator flow diagram: In the Login Screen the entered username and password will be supplied to the authentication server and if the login credentials are valid the user will be directed to the home screen and if they are invalid the user will be taken back to the login screen. After logging in Admin will be redirected to the User Interface which displays all the available admin tasks that are to be performed. These tasks include Creating/Modifying Categories, Creating/Modifying Items and Bidding Information. . Figure 4.5 data flow diagram for Admin Figure 4.6 Level 2 diagram for Admin View Categories will fetch the categories information from the database and displays on the user interface. ISE, BMSIT&M 19 2017-18
SECURE ONLINE AUCTIONING PORTAL Figure 4.7 Level 3 data flow diagram for Admin. In the Categories form category name can be entered and it will be stored in the database. Figure 4.8 Level 4 data flow diagram for Admin. Seller flow diagram: For Seller the first step is registration and upon successful login the seller will be taken to the UI displaying the set of operations. The operations include View Items, View Categories, View Bidding Information and sale at higher price. Figure 4.9 Level 1 data flow diagram for seller. From the User Interface clicking the items will fetch the items from the database and will be displayed to the seller. ISE, BMSIT&M 20 2017-18
SECURE ONLINE AUCTIONING PORTAL Figure 4.10 Level 2 data flow diagram for Seller. Buyer flow diagram: For buyer the first step is registration and upon successful login the UI is displayed with a set of operations. Operations include View Items, View Categories, View Biding Information and buying all possible items. Figure 4.11 Level 1 data flow diagram for Buyer. Figure 4.12 Level 2 data flow diagram ISE, BMSIT&M 21 2017-18
SECURE ONLINE AUCTIONING PORTAL CHAPTER 5 IMPLEMENTATION Following are the ways in which the system has been implemented. 5.1 PLATFORM SELECTION Sublime text has been used as it has a very simple interface and breaks down code in a very interactive way. It gives a better view of the code and helps us understand code better. XAMPP was used to create servers for MySQL and PHP. 5.2 PROGRAMMING LANGUAGE GIST The platform being used are: 5.2.1 HTML and CSS HTML is a markup language for describing web documents (web pages). HTML stands for Hyper Text Markup Language A markup language is a set of markup tags HTML documents are described by HTML tags Each HTML tag describes different document content CSS is a style sheet language that describes the presentation of an HTML (or XML) document. CSS describes how elements must be rendered on screen, on paper, or in other media. Advantages of HTML are as follow: Highly Flexible User Friendly Easy to Maintain and update any site No strain on the server Validation Look and feel 5.2.2 PHP The PHP stands for Hypertext Preprocessor (PHP), is a programming language that allows web developers to create dynamic content that interacts with databases. PHP ISE, BMSIT&M 22 2017-18
SECURE ONLINE AUCTIONING PORTAL is basically used for developing web based software applications. This document helps programmer to build system base with PHP. PHP is an acronym for \"PHP: Hypertext Preprocessor\" PHP is a widely-used, open source scripting language PHP scripts are executed on the server PHP is free to download and use PHP can generate dynamic page content PHP can create, open, read, write, delete, and close files on the server PHP can collect form data PHP can send and receive cookies PHP can add, delete, modify data in system database PHP can be used to control user-access PHP can encrypt data Advantages of PHP are as follows: PHP runs on various platforms (Windows, Linux, Unix, Mac OS X, etc.) PHP is compatible with almost all servers used today (Apache, IIS, etc.) PHP supports a wide range of databases PHP is free. Download it from the official PHP resource PHP is easy to learn and runs efficiently on the server side 5.2.3 MySQL MySQL is the most popular Open Source Relational SQL database management system. MySQL is one of the best RDBMS being used for developing web-based software applications. MySQL is a fast, easy-to-use RDBMS being used for many small and big businesses. MySQL is developed, marketed, and supported by MySQL AB, which is a Swedish company. MySQL is becoming so popular because of many good reasons: MySQL is released under an open-source license. So programmer has nothing to pay to use it. MySQL is a very powerful program in its own right. It handles a large subset of the functionality of the most expensive and powerful database packages. ISE, BMSIT&M 23 2017-18
SECURE ONLINE AUCTIONING PORTAL MySQL uses a standard form of the well-known SQL data language. MySQL works on many operating systems and with many languages including PHP, PERL, C, C++, JAVA, etc. MySQL works very quickly and works well even with large data sets. MySQL is very friendly to PHP, the most appreciated language for web development. MySQL supports large databases, up to 50 million rows or more in a table. The default file size limit for a table is 4GB, but programmer can increase this (if system operating system can handle it) to a theoretical limit of 8 million terabytes (TB). MySQL is customizable. The open-source GPL license allows programmers to modify the MySQL software to fit their own specific environments. 5.2.4 Bootstrap Framework Bootstrap is the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first web sites. Bootstrap is completely free to download and use and also an open-source collection of tools for creating websites and web applications. It contains HTML- and CSS-based design templates for typography, forms, buttons, navigation and other interface components, as well as optional JavaScript extensions. It aims to ease the development of dynamic websites and web applications. Bootstrap is a front end framework, that is, an interface for the user, unlike the server-side code which resides on the \"back end\" or server. Bootstrap is compatible with the latest versions of the Google Chrome, Firefox, Internet Explorer, Opera, and Safari browsers, although some of these browsers are not supported on all platforms. Since version 2.0 it also supports responsive design this means the layout of web pages adjusts dynamically, taking into account the characteristics of the device used (desktop, tablet, mobile phone). Starting with version 3.0, Bootstrap adopted a mobile design philosophy, emphasizing responsive design by default. Bootstrap provides bootstrap CSS, bootstrap layouts and bootstrap plugins for effective design. ISE, BMSIT&M 24 2017-18
SECURE ONLINE AUCTIONING PORTAL 5.3 MODULE DESCRIPTION The system after careful analysis has been identified to be presented with the following modules and roles. The modules involved are: Seller module In this module, the seller will post the product information in which he/she wants to sell or auction the product through online. In this module the seller can post the image of the product by using capture image and all the necessary information about the product such as the product name, its description and the auction date and time at what the product is going to be auctioned and finally the stop time of the auction. Buyer module In this module, the bidder will first see which product is been posted on the app which is to be auctioned. The bidder/buyer will see all the information about the product. If the bidder is interested to buy that product then he can register for the auctioning and bid the amount. At last, at the end of the auctioning the bidder will get to know the result. Last when the number of auction has been created the bidder will decide the amount which product to be auction. The bidder has to auction within a time which is set by the seller while creating auction that is one hour, twenty-four hours, etc. Admin module The admin can manage the users and view the information about each item on the system. If the item was sold or reached its ending time, it will be removed from the data-base. ISE, BMSIT&M 25 2017-18
SECURE ONLINE AUCTIONING PORTAL CHAPTER 6 SOFTWARE TESTING Software Testing is the process used to help identify the correctness, completeness, security, and quality of developed computer software. 6.1 Unit Testing The primary procedure of testing is named unit testing. The Unit test affirms on most diminutive piece of programming arrangements the method. The unit testing is continually glass box orchestrated. In this, unmistakable strategies are attempted inverse to the particulars conveyed in the midst of layout for the techniques. Unit test is essentially for affirmation with the code made in the midst of the coding stage, and in this way the goal is to test the inward basis of the modules. It is customarily done by the product architect of the module. In light of its adjacent association with contemplations of coding, and the coding stage is as frequently as conceivable called \"Unit Testing with Coding.\" This test should be possible at the same time amid the product era. Test Case:- SOAP-1 Name of Test:- Product search Description:- To search product in different categories Sample Input:- Search on the categories list Expected output:- Displayed the products of the searched categories Actual output:- Displayed the products of the searched categories Final Result:- Successful Table 6.1: SOAP-1 ISE, BMSIT&M 26 2017-18
SECURE ONLINE AUCTIONING PORTAL Test Case:- SOAP-2 Name of Test:- Delete a product Description:- Deleting a product from a specific category Sample Input:- Deleting a product Expected output:- Product is deleted from the specified category Actual output:- Product is deleted from the specified category Final Result:- Successful Table 6.2: SOAP-2 Test Case:- SOAP-3 Name of Test:- Aadhar card validation Description:- Validating the Aadhar card of the user Sample Input:- Unique 12-digit Aadhaar number Expected output:- Aadhaar card is validated Actual output:- Valid Aadhaar Final Result:- Successful Table 6.3 SOAP-3 ISE, BMSIT&M 27 2017-18
SECURE ONLINE AUCTIONING PORTAL Test Case:- SOAP-4 Name of Test:- Aadhar card validation Description:- Validating the Aadhar card Sample Input:- Less than 12-digits number Expected output:- Aadhar number is invalid Actual output:- Invalid Aadhar Final Result:- Successful Table 6.4 SOAP 7 Test Case:- Test Case-5 Name of Test:- Mobile number Description:- New user sign up form Sample Input:- Mobile number less than 10-digits Expected output:- Invalid mobile number Actual output:- Invalid mobile number Final Result:- Successful Table 6.5 SOAP 5 ISE, BMSIT&M 28 2017-18
SECURE ONLINE AUCTIONING PORTAL Test Case:- SOAP-6 Name of Test:- Mobile number Description:- New user sign up form Sample Input:- Mobile number more than 10-digits Expected output:- Invalid mobile number Actual output:- Invalid mobile number Final Result:- Successful Table 6.6 SOAP 6 Test Case:- SOAP-7 Name of Test:- Username Description:- Username in sign up form Sample Input:- Username with special characters Expected output:- Special characters not allowed Actual output:- Special characters not allowed Final Result:- Successful Table 6.7 SOAP 7 ISE, BMSIT&M 29 2017-18
SECURE ONLINE AUCTIONING PORTAL Test Case:- SOAP-8 Name of Test:- Username Description:- Username in sign up form Sample Input:- Username Expected output:- Username already exists Actual output:- Username already exits Final Result:- Successful Table 6.8: SOAP 8 Test Case:- SOAP-9 Name of Test:- Delete a product Description:- Deleting a product from a specific category Sample Input:- Deleting a product Expected output:- Product is deleted from the specified category Actual output:- Product is deleted from the specified category Final Result:- Successful Table 6.9: SOAP 9 6.2 Integration Testing The another level of framework testing is named joining testing. Joining of a testing is an exact methodology for building up the venture structure, while driving tests to reveal botches associated with interfacing. In this, various attempted modules are joined into subsystems, which are then attempted. The target here is to check whether every one of the modules can be facilitated honestly. 30 2017-18 ISE, BMSIT&M
SECURE ONLINE AUCTIONING PORTAL The different methods for consolidation testing are: Top-Down Integration: Top down fuse is a persistent approach to manage advancement of venture courses of action. Segments are fused by indicating downwards hurl the senator hierarchy of leadership beginning with the rule control fragment. Bottom-Up Integration: Bottom up blend as its name deduces, begins Construction and testing with customized modules. Regression Testing: In this test of a blend test strategy, backslide testing is that the end of the day same execution of few subset of test that have starting at now been coordinated to ensure that movements have not multiplied unintended framework. Test Case:- SOAP 10 Name of Test:- User Login form test Description:- Login of users Sample Input:- Username and password Expected output:- Account opens on successful user name and password entry Actual output:- The user will be entering into their page Final Result:- Successful Table 6.10: SOAP 10 Test Case:- SOAP-11 Name of Test:- AdminLogin form test Description:- Login of users Sample Input:- Username and password Expected output:- Account opens on successful user name and password entry ISE, BMSIT&M 31 2017-18
SECURE ONLINE AUCTIONING PORTAL Actual output:- The user will be entering into their page Final Result:- Successful Table 6.11: SOAP 11 Test Case:- Test Case-12 Name of Test:- Add product to the portal Description:- To add a product in different categories. Sample Input:- Add a new product Expected output:- New product is added in the respected category. Actual output:- New product is added in the respected category. Final Result:- Successful Table 6.12 SOAP 12 Test Case:- SOAP-13 Name of Test:- User Login Form Test Description:- Login of users Sample Input:- Invalid user Expected output:- User doesn’t exist Actual output:- User does not exist Final Result:- Successful ISE, BMSIT&M Table 6.13: SOAP 13 2017-18 32
SECURE ONLINE AUCTIONING PORTAL Test Case:- SOAP-14 Name of Test:- User name and login Description:- Login of users Sample Input:- Invalid password Expected output:- Password is not valid Actual output:- Incorrect password Final Result:- Successful Table 6.14: SOAP 14 Test Case:- SOAP-15 Name of Test:- Sign up form Description:- New user sign up Sample Input:- 10-digit number Expected output:- Valid mobile number Actual output:- Valid mobile number Final Result:- Successful Table 6.15: SOAP 15 Test Case:- SOAP-16 2017-18 Name of Test:- New product Description:- Adding new product without image ISE, BMSIT&M 33
SECURE ONLINE AUCTIONING PORTAL Sample Input:- Post a new item without uploading the image Expected output:- Product should be uploaded Actual output:- Cannot add product since image not uploaded Final Result:- Unsuccessful Remarks:- The above SOAP is unsuccessful because the new product will not be added until the image is not uploaded. Table 6.16: SOAP 16 ISE, BMSIT&M 34 2017-18
SECURE ONLINE AUCTIONING PORTAL CHAPTER 7 RESULTS AND DISCUSSIONS We have developed a software which is more secure than the existing software. Security is achieved by validating the Aadhar card ID and verifying the mobile OTP (One Time Password) sent to the user. The existing system lacks the aspect of security in verifying and authenticating the users. The user or the client inputs his unique Aadhar card ID with the linked mobile number to that Aadhar during sign up process and then OTP is sent to the client’s mobile number which he uses to complete his verification process. Thus it makes the proposed software more secure and efficient. Fig 7.1: Sign up page ISE, BMSIT&M 35 2017-18
SECURE ONLINE AUCTIONING PORTAL Fig 7.2: Adding a new product Fig 7.3: New product successfully posted ISE, BMSIT&M 36 2017-18
SECURE ONLINE AUCTIONING PORTAL Fig 7.4: Image has been successfully uploaded ISE, BMSIT&M Fig 7.5: Mobile number verified 2017-18 37
SECURE ONLINE AUCTIONING PORTAL Fig 7.6: Valid Aadhar ID Fig 7.7: Booking has been locked ISE, BMSIT&M 38 2017-18
SECURE ONLINE AUCTIONING PORTAL CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS The overall working of the system is concluded in this chapter with its limitations and future enhancements. 8.1 CONCLUSION Secure Online Auction Portal is a new experience and has greatly impacted the lives of consumers in its short time of existence. It is expected to grow constantly in years to come with advancements in technology. Secure online auction portal has made consumers more effective and efficient in their behavior and has driven businesses to a new level, forcing many to make the necessary adjustments and changes to reach the new market of knowledgeable consumers. The results of this survey underscore the need for businesses to take the online market seriously. e-transformation in the global retail infrastructure. Internet has emerged as a cost effective means of doing business. Thanks to rising internet and higher incomes and more savvy population. Secured online payments, better to Electronic Stores, return policies and exciting discounts could help the Perceptions of Auction System Benefits. Secure online auction portal organizations can use the relevant variables and factors, identified from the study, to formulate their strategies and plans in the country. The organizations can prioritize the consumer implicit and explicit requirements in Secure online auction portal environment. The results can also be used by various organizations to identify their target 32 customer segments. The results of the study can be utilized by practitioners in 45% relooking or revamping their strategies for Secure online auction portal. Online websites should pay more attention to the female segments as results prove that females shop more in secure online auction portal as compared to men. So companies should devise the policies and strategies to attract more number of people in this segment in future also. With the advances in technology, more business opportunities will be discovered by companies. Electronic commerce will become an important part of the business in companies. Better understandings of consumer secure online auction portal behavior will help companies in getting more online consumers and increasing their e- business revenues. At the same time, as realized the benefits from e-auction, consumers are more willing to make purchases online. With the popularity of Internet, the number of Internet users will continue to grow and more Internet users will become online consumers, even regular online buyers. However, the evolvement of e-auction will bring new problems. ISE, BMSIT&M 39 2017-18
SECURE ONLINE AUCTIONING PORTAL The changes in business operation, business environment, and economic condition etc. will affect consumer secure online auction portal behavior. Therefore, continuous efforts have to be devoted to studying consumer secure online auction portal 230 behavior in a dynamic way. With the knowledge of consumer secure online auction portal behavior, it is believed that e-auction will continue to grow and it will become not only an important business revenues channel, but also a part of people’s daily life. 8.2 FUTURE ENHANCEMENTS It is not possible to develop a system that makes all the requirements of the user. User requirements keep changing as the system is being used. Some of the future enhancements that can be done to this system are: As the technology emerges, it is possible to upgrade the system and can be adaptable to desired environment. Because it is based on object-oriented design, any further changes can be easily adaptable. Based on the future security issues, security can be improved using emerging technologies. Sub admin module can be added. An in-built web browser can be added. The future plan of this project is to improve design, implementation and documentation in such a way that anyone can use this project for better perform. We will develop the site more dynamically and the database work as well. In future we will add the following module for better improvement of the project: More security in the system, More user friendly system. 8.3 LIMITATIONS The limitation of this system is that I can only authenticate dummy Aadhar numbers for now which have been fed to the system. But the same can be applied on a bigger scale using the original Aadhar portal on request from the government. The access to the verification is given to selected organizations. ISE, BMSIT&M 40 2017-18
SECURE ONLINE AUCTIONING PORTAL BIBLIOGRAPHY [1] www.academia.edu/9174592/ONLINE_AUCTION_MINI_PROJECT_REPORT.html [2] Bajari, Patrick, Ali Hortacsu (2004). \"Economic Insights from Internet Auctions\" Journal of Economic Literature, Vol. XLII No. 2: 457-86. [4] sdsu-dspace.calstate.edu/bitstream/handle/10211.10/1377/Potla_Shanthi.pdf [5] Chris Bates: Web Programming Building Internet Applications [6] https://ageconsearch.umn.edu/bitstream/91423/2/PR-10-02.pdf [7] gnu.inflibnet.ac.in:8080/jspui/bitstream/.../ONLINE%20AUCTION%20SYSTEM.pdf ISE, BMSIT&M 41 2017-18
Search
Read the Text Version
- 1 - 43
Pages:
