Transcription

THE DESIGN AND IMPLEMENTATION OF AN E-COMMERCESITE FOR ONLINE BOOK SALESBySwapna KodaliProject Report Submitted to the faculty of theUniversity Graduate Schoolin partial fulfillment of the requirementsfor the degreeMaster of Sciencein theDepartment of Computer and Information SciencesIndiana University South BendMay 2007Committee Members:Dr. Hossein Hakimzadeh, AdvisorDr. Dana VrajitoruDr. Morteza Shafii Mousavi

ii

2007Swapna KodaliAll Rights Reservediii

AbstractThe business-to-consumer aspect of electronic commerce (e-commerce) is themost visible business use of the World Wide Web. The primary goal of an e-commercesite is to sell goods and services online.This project deals with developing an e-commerce website for Online Book Sale.It provides the user with a catalog of different books available for purchase in the store.In order to facilitate online purchase a shopping cart is provided to the user. The systemis implemented using a 3-tier approach, with a backend database, a middle tier ofMicrosoft Internet Information Services (IIS) and ASP.NET, and a web browser as thefront end client.In order to develop an e-commerce website, a number of Technologies must bestudied and understood. These include multi-tiered architecture, server and client sidescripting techniques, implementation technologies such as ASP.NET, programminglanguage (such as C#, VB.NET), relational databases (such as MySQL, Access).This is a project with the objective to develop a basic website where a consumeris provided with a shopping cart application and also to know about the technologies usedto develop such an application.This document will discuss each of the underlying technologies to create andimplement an e-commerce website.iv

ACKNOWLEDGMENTSIn completing this graduate project I have been fortunate to have help, supportand encouragement from many people. I would like to acknowledge them for theircooperation.First, I would like to thank Dr.Hossein Hakimzadeh, my project advisor, forguiding me through each and every step of the process with knowledge and support.Thank you for your advice, guidance and assistance.I would also like to thank Dr.Shafii Mousavi and Dr.Dana Vrajitoru, my projectcommittee members, who showed immense patience and understanding throughout theproject and provided suggestions.Finally, I would like to dedicate this project to my parents, my husband Ram andmy friends Kumar and Soumya, for their love, encouragement and help throughout theproject.v

TABLE OF CONTENTS1. INTRODUCTION. 12. LITERATURE REVIEW . 13. PROJECT DESIGN. 33.1 DATA M ODEL . 43.1.1 Database Design. 63.2. PROCESS M ODEL . 103.2.1. Functional Decomposition Diagram. 103.2.2 Data Flow Diagram (DFD). 123.3 USER INTERFACE D ESIGN . 194. IMPLEMENTATION TECHNOLOGIES . 234.1. INTERNET INFORMATION S ERVICES (IIS) . 244.2 ASP.NET . 254.2.1. Authentication in ASP.NET . 264.3. M YSQL DATABASE . 274.4. INTEGRATING IIS AND ASP.NET . 284.5. INTEGRATING THE WEBSITE AND DATABASE. 295. WEB PAGE PROGRAMMING OPTIONS. 305.1. S ERVER -SIDE PROCESSING. . 315.2. CLIENT -SIDE PROCESSING. . 356. WEB BASED APPLICATION DEVELOPMENT. 367. DATABASE CONNECTIVITY . 387.1 ADO.NET. 387.2 CONNECTING ASP.NET APPLICATION TO A DATABASE. 458. THE SHOPPING CART APPLICATION . 468.1. S EARCH FOR BOOKS . 488.2. REGISTRATION . 498.3. USER D ETAILS . 508.4. SHOPPING CART . 518.5. PLACE AN ORDER . 528.6. CHECK O UT . 548.7. PURCHASE HISTORY. 568.8. TRANSACTIONS IN THE APPLICATION . 619. LIMITATIONS AND FUTURE DEVELOPMENT. 6510. CONCLUSION . 6511. BIBLIOGRAPHY. 67vi

LIST OF FIGURESFIGURE 1 ENTITY RELATIONSHIP DIAGRAM (ERD) . 4FIGURE 2 FUNCTIONAL DECOMPOSITION DIAGRAM. 11FIGURE 3 CUSTOMER - BROWSE CONTEXT DFD. 13FIGURE 4 CUSTOMER - BROWSE DETAILED DFD. 13FIGURE 5 CUSTOMER – SHOPPING CART CONTEXT DFD . 14FIGURE 6 CUSTOMER - SHOPPING CART DETAILED DFD. 14FIGURE 7 CUSTOMER - SHOPPING CART DETAILED DFD. 15FIGURE 8 CUSTOMER - SHOPPING CART DETAILED DFD. 15FIGURE 9 CUSTOMER – AUTHENTICATION – USERPROFILE DFD. 16FIGURE 10 AUTHENTICATED USER-PURCHASE CONTEXT DFD . 16FIGURE 11 CUSTOMER - AUTHENTICATION - PURCHASE DFD . 17FIGURE 12 CUSTOMER - NEW USERREGISTRATION DFD . 18FIGURE 13 ADMINSTRATOR CONTEXT DFD . 18FIGURE 14 ADMINISTRATOR DETAILED DFD . 18FIGURE 15 M ENU . 19FIGURE 16 DISPLAY OF BOOKS PRESENT IN THE STORE . 19FIGURE 17 FOR SEARCHING THE BOOKS IN THE STORE . 20FIGURE 18 SHOPPING CART FOR THE USER . 20FIGURE 19 REGISTRATION OF THE NEW USER . 21FIGURE 20 AUTHENTICATION OF THE USER . 22FIGURE 21 RELATION BETWEEN IIS AND ASP.NET. 23FIGURE 22 W EB PAGE PROGRAMMING OPTIONS . 30FIGURE 23 COMPILED SERVER PROGRAMS FLOWCHART . 31FIGURE 24 ADO.NET ARCHITECTURE . 43FIGURE 25 BOOK DETAILS . 47FIGURE 26 S ERACH FOR BOOKS . 48FIGURE 27 NEW USER REGISTRATION. 49FIGURE 28 USER DETAILS . 50FIGURE 29 SHOPPING CART . 51FIGURE 30 ORDER DETAILS . 52FIGURE 31SHIPPING DETAILS . 53FIGURE 32CHECK OUT . 54FIGURE 33 ORDER CONFIRMATION. 55FIGURE 34 UPDATED INVENTORY AFTER ORDER PLACEMENT . 55FIGURE 35 PURCHASE HISTORY. 56FIGURE 36 BOOK DETAILS . 57FIGURE 37 ADMINISTRATOR - MODIFY BOOKS . 58FIGURE 38 DETAILS ABOUT NEW BOOK . 59FIGURE 39 UPDATED INVENTORY . 60LIST OF TABLESTABLE 1PROCESSING TECHNOLOGY FOR DIFFERENT FILE EXTENSIONS . 33TABLE 2 TRANSACTION ATTRIBUTES . 64vii

1. IntroductionE-commerce is fast gaining ground as an accepted and used business paradigm.More and more business houses are implementing web sites providing functionality forperforming commercial transactions over the web. It is reasonable to say that the processof shopping on the web is becoming commonplace.The objective of this project is to develop a general purpose e-commerce storewhere any product (such as books, CDs, computers, mobile phones, electronic items, andhome appliances) can be bought from the comfort of home through the Internet.However, for implementation purposes, this paper will deal with an online book store.An online store is a virtual store on the Internet where customers can browse thecatalog and select products of interest. The selected items may be collected in a shoppingcart. At checkout time, the items in the shopping cart will be presented as an order. Atthat time, more information will be needed to complete the transaction. Usually, thecustomer will be asked to fill or select a billing address, a shipping address, a shippingoption, and payment information such as credit card number. An e- mail notification issent to the customer as soon as the order is placed.2. Literature ReviewElectronic Commerce (e-commerce) applications support the interaction betweendifferent parties participating in a commerce transaction via the network, as well as themanagement of the data involved in the process [2].The increasing importance of e-commerce is apparent in the study conducted byresearches at the GVU (Graphics, Visualization, and Usability) Center at the GeorgiaInstitute of Technology. In their summary of the findings from the eighth survey, theresearchers report that “e-commerce is taking off both in terms of the number of usersshopping as well as the total amount people are spending via Internet based transactions”.1

Over three quarters of the 10,000 respondents report having purchased items online. Themost cited reason for using the web for personal shopping was convenience (65%),followed by availability of vendor information (60%), no pressure form sales person(55%) and saving time (53%).Although the issue of security remains the primary reason why more people donot purchase items online, the GVA survey also indicates that faith in the security of ecommerce is increasing. As more people gain confidence in current encryptiontechnologies, more and more users can be expected to frequently purchase items online[11].A good e-commerce site should present the following factors to the customers forbetter usability [11]: Knowing when an item was saved or not saved in the shopping cart. Returning to different parts of the site after adding an item to the shopping cart. Easy scanning and selecting items in a list. Effective categorical organization of products. Simple navigation from home page to information and order links for specificproducts. Obvious shopping links or buttons. Minimal and effective security notifications or messages. Consistent layout of product information.Another important factor in the design of an e-commerce site is feedback [4]. Theinteractive cycle between a user and a web site is not complete until the web site respondsto a command entered by the user. According to Norman [5], "feedback--sending back tothe user informa tion about what action has actually been done, what result has beenaccomplished--is a well known concept in the science of control and information theory.Imagine trying to talk to someone when you cannot even hear your own voice, or tryingto draw a picture with a pencil that leaves no mark: there would be no feedback".2

Web site feedback often consists of a change in the visual or verbal informationpresented to the user. Simple examples include highlighting a selection made by the useror filling a field on a form based on a user's selection from a pull down list. Anotherexample is using the sound of a cash register to confirm that a product has been added toan electronic shopping cart.Completed orders should be acknowledged quickly. This may be done with anacknowledgment or fulfillment page. The amount of time it takes to generate anddownload this page, however, is a source of irritation for many e-commerce users. Usersare quick to attribute meaning to events. A blank page, or what a user perceives to be "along time" to receive an acknowledgment, may be interpreted as "there must besomething wrong with the order." If generating an acknowledgment may take longer thanwhat may be reasonably expected by the user, then the design should includeintermediate feedback to the user indicating the progress being made towardacknowledgment or fulfillment.Finally, feedback should not distract the user. Actions and reactions made by theweb site should be meaningful. Feedback should not draw the user's attention away fromthe important tasks of gathering information, selecting products, and placing orders.3. Project DesignIn order to design a web site, the relational database must be designed first.Conceptual design can be divided into two parts: The data model and the processmodel. The data model focuses on what data should be stored in the database while theprocess model deals with how the data is processed. To put this in the context of therelational database, the data model is used to design the relational tables. The processmodel is used to design the queries that will access and perform operations on thosetables.3

3.1 Data ModelA data model is a conceptual representation of the data structures that are requiredby a database. The first step in designing a database is to develop an Entity-RelationDiagram (ERD). The ERD serves as a blue print from which a relational database maybededuced. Figure 1 shows the ERD for the project and later we will show thetransformation from ERD to the Re lational model.Figure 1 Entity Relationship Diagram (ERD)In the ERD, a rectangle is used to represent a table and a diamond to represent therelationship between the entities. The cardinality is the frequency of a relationshipbetween two entities. The types of cardinality are one to one (1:1), one to many (1:M),zero to many (0:M) and many to many (M:M). One to one means that every record in4

entity A matches exactly one record in entity B and every record in B matches exactlyone record in A. One to many means that every record in A matches zero or more recordsin B and every record in B matches exactly one record in A. If there is a one to manyrelationship between two entities, then these entities are represented as AssociativeEntities. In the Relational Database model, each of the entities will be transformed into atable. The tables are shown below along with the attributes.5

3.1.1 Database DesignIn this section, the basic structure of the tables composing the database for theproject are shown along with information about primary and foreign rimary key for Customer identification2PasswordVarcharSecurity for Customer3First NameVarchar4Last StateVarchar9Email AddressVarchar10Phone egerPrimary key for Inventory Identification,ISBN of a book2Book NameVarchar3AuthorVarchar5Nr booksInteger6PriceDoubleBooks6

State TaxSNONAMETYPEDESCRIPTION1State NameVarcharPrimary key for State Identification2Sales Tax RateDoubleSales tax for each stateShopping Cart rimary key for Shopping DateDate5UserIDVarchar6QuantityIntegerForeign key to InventoryForeign key to CustomerOrder y key for Order identification1UserIDCharForeign key to Customer2Receiver’s NameCharIf order is to be sent to other address ratherthan to the customer, we need that oreign key to State Tax7Type of ShippingCharForeign key to Shipping Type8Date of PurchaseDate7

Shipping TypeSNONAMETYPEDESCRIPTION1Type of ShippingVarcharPrimary key to define type of shipping2PriceDouble3Approximate daysfor deliveryIntegerCredit Card DetailsSNONAMETYPEDESCRIPTION1Credit UsernameVarcharPrimary key for Customer Identification2Varchar3Credit CardNumberCard TypeVarcharMaster Card, Visa, Discover4CVV NumberIntegerNumber present on the back of the card forextra security5Expiry DateDate6UserIDVarcharForeign key to ReviewsISBN of the book on which the review iswrittenReview on the book3RatingVarchar4Review DateDate5User NameVarcharBook ReviewVarcharRating given to the book in a scale of 5Name of the user providing the review8

Purchase HistorySNONAMETYPEDESCRIPTION1UserIDVarcharPrimary key for Customer Identification2InventoryIDVarcharBook purchased by the user3Date of oubleForeign key to Order details9

3.2. Process ModelA Process Model tells us about how the data is processed and how the data flowsfrom one table to another to gather the required information. This model consists of theFunctional Decomposition Diagram and Data Flow Diagram.3.2.1. Functional Decomposition DiagramA decomposition diagram shows a top-down functional decomposition of asystem and exposes the system's structure. The objective of the FunctionalDecomposition is to break down a system step by step, beginning with the main functionof a system and continuing wit h the interim levels down to the level of elementaryfunctions. The diagram is the starting point for more detailed process diagrams, such asdata flow diagrams (DFD). Figure 2 shows the Functional Decomposition Diagram forthis project.10

Figure 2 Functional Decomposition Diagram11

3.2.2 Data Flow Diagram (DFD)Data Flow Diagrams show the flow of data from external entities into the system,and from one process to another within the system. There are four symbols for drawing aDFD:1. Rectangles representing external entities, which are sources or destinations ofdata.2. Ellipses representing processes, which take data as input, validate and process itand output it.3. Arrows representing the data flows, which can either, be electronic data orphysical items.4. Open-ended rectangles or a Disk symbol representing data stores, includingelectronic stores such as databases or XML files and physical stores such as filingcabinets or stacks of paper.Figures 3 - 14 are the Data Flow Diagrams for the current system. Each process withinthe system is first shown as a Context Level DFD and later as a Detailed DFD. TheContext Level DFD provides a conceptual view of the process and its surrounding input,output and data stores. The Detailed DFD provides a more detailed and comprehensiveview of the interaction among the sub-processes within the system.12

Customer-Browse Context DFDFigure 3 Customer - Browse Context DFDCustomer-Browse Detailed DFDFigure 4 Customer - Browse Detailed DFD13

Customer - ShoppingCart Context DFDFigure 5 Customer – Shopping Cart Context DFDCustomer - ShoppingCart Detailed DFDFigure 6 Customer - Shopping Cart Detailed DFD14

Customer-Authentication Context DFDFigure 7 Customer - Shopping Cart Detailed DFDCustomer-Authentication-PurchaseHistory DFDFigure 8 Customer - Shopping Cart Detailed DFD15

Customer-Authentication-UserProfile DFDFigure 9 Customer – Authentication – UserProfile DFDAuthenticated User-Purchase Context DFDFigure 10 Authenticated User-Purchase Context DFD16

Authenticated User-Purchase DFDFigure 11 Customer - Authentication - Purchase DFD17

Customer-NewUserRegistration DFDFigure 12 Customer - NewUserRegistration DFDAdministrator Context DFDFigure 13 Administrator Context DFDAdministrator Detailed DFDFigure 14 Administrator Detailed DFD18

3.3 User Interface DesignBefore implementing the actual design of the project, a few user interface designswere constructed to visualize the user interaction with the system as they browse forbooks, create a shopping cart and purchase books. The user interface design will closelyfollow our Functional Decomposition Diagram (Figure 2). Figures 15 – 20 show theinitial designs of the web pages.Figure 15 MenuFigure 16 Display of Books present in the store19

Figure 17 For searching the books in the storeFigure 18 Shopping Cart for the user20

Figure 19 Registration of the new user21

Figure 20 Authentication of the user22

4. Implementation TechnologiesThe objective of this project is to develop an online book store. When the usertypes in the URL of the Book Store in the address field of the browser, a Web Server iscontacted to get the requested information. In the .NET Framework, IIS (InternetInformation Service) acts as the Web Server. The sole task of a Web Server is to acceptincoming HTTP requests and to return the requested resource in an HTTP response. Thefirst thing IIS does when a request comes in is to decide how to handle the request. Itsdecision is based upon the requested file's extension. For example, if the requested filehas the .asp extension, IIS will route the request to be handled by asp.dll. If it has theextens ion of .aspx, .ascx, etc, it will route the request to be handled by ASP.NET Engine.Figure 21 Relation between IIS and ASP.NETThe ASP.NET Engine then gets the requested file, and if necessary contacts thedatabase through ADO.NET for the required file and then the information is sent back tothe Client’s browser. Figure 21 shows how a client browser interacts with the Web serverand how the Web server handles the request from client.23

4.1. Internet Information Services (IIS)IIS is a set of Internet based services for Windows machines. Originally suppliedas part of the Option Pack for Windows NT, they were subsequently integrated withWindows 2000 and Windows Server 2003). The current (Windows 2003) version is IIS6.0 and includes servers for FTP (a software standard for transferring computer filesbetween machines with widely different operating systems), SMTP (Simple MailTransfer Protocol, is the de facto standard for email transmission across the Internet) andHTTP/HTTPS (is the secure version of HTTP, the communication protocol of the WorldWide Web) [12].Features: The web server itself cannot directly perform server side processingbut can delegate the task to ISAPI (Application Programming Interface of IIS)applications on the server. Microsoft provides a number of these including ones forActive Server Page and ASP.NET.Compatibility: Internet Information Services is designed to run on Windowsserver operating systems. A restricted version that supports one web site and a limitednumber of connections is also supplied with Windows XP Professional.Microsoft has also changed the server account that IIS runs on. In versions of IISbefore 6.0, all the features were run on the System account, allowing exploits to run wildon the system. Under 6.0 many of the processes have been brought under a NetworkServices account that has fewer privileges. In particular this means that if there were anexploit on that feature, it would not necessarily compromise the entire system.24

4.2 ASP.NETASP.NET is a programming framework built on the common language runtimethat can be used on a server to build powerful Web applications. ASP.NET has manyadvantages – both for programmers and for the end users because it is compatible withthe .NET Framework. This compatibility allows the users to use the following featuresthrough ASP.NET:a) Powerful database-driven functionality: ASP.NET allows programmers todevelop web applications that interface with a database. The advantage ofASP.NET is that it is object-oriented and has many programming tools thatallow for faster development and more functionality.b) Faster web applications: Two aspects of ASP.NET make it fast -- compiledcode and caching. In ASP.NET the code is compiled into "machine language"before a visitor ever comes to the website. Caching is the storage ofinformation in memory for faster access in the future. ASP.NET allowsprogrammers to set up pages or areas of pages that are commonly reused to becached for a set period of time to improve the performance of webapplications. In addition, ASP.NET allows the caching of data from a databaseso the website is not slowed down by frequent visits to a database when thedata does not change very often.c) Memory leak and crash protection: ASP.NET automatically recovers frommemory leaks and errors to make sure that the website is always available tothe visitors.ASP.NET also supports code written in more than 25 .NET languages(including VB.NET, C#, and Jscript.Net). This is achieved by the Common LanguageRuntime (CLR) compiler that supports multiple languages.25

4.2.1. Authentication in ASP.NETThere are two separate authentication layers in an ASP.NET application. Allrequests flow through IIS before they are handed to ASP.NET, and IIS can decide todeny access before ASP.NET even knows about the request. Here is how the processworks [14]:1. IIS checks to see if an incoming request is coming from an IP address that is allowedaccess to the domain. If not, the request is denied.2. IIS performs its own user authentication, if it is configured to do so. By default, IISallows anonymous access and requests are authenticated automatically.3. When a request is passed from IIS to ASP.NET with an authenticated user, ASP.NETchecks to see whether impersonation is enabled. If so, ASP.NET acts as though it werethe authenticated user. If not, ASP.NET acts with its own configured account.4. Finally, the identity is used to request resources from the operating system. If all thenecessary resources can be obtained, the user's request is granted; otherwise the request isdenied.26

4.3. MySQL DatabaseIn this project, MySQL is used as the backend database. MySQL is an opensource database management system. The features of MySQL are given below: MySQL is a relational database management system. A relational database storesinformation in different tables, rather than in one giant table. These tables can bereferenced to each other, to access and maintain data easily. MySQL is open source database system. The database software can be used andmodify by anyone according to their needs. It is fast, reliable and easy to use. To improve the performance, MySQL is multithreaded database engine. A multithreaded application performs many tasks atthe same time as if multiple instances of that application were runningsimultaneously.In being multithreaded MySQL has many advantages. A separate thread handleseach incoming connection with an extra thread that is always running to manage theconnections. Multiple clients can perform read operations simultaneously, but whilewriting, only hold up another client that needs access to the data being updated. Eventhough the threads share the same process

The usinessb -to-consumer aspect of electronic commerce (e-commerce) is the most visible business use of the World Wide Web. The primary goal of an e-commerce site is to sell goods and services online. This project deals with developing an e-commerce website for Online Book Sale.