This is a website, which helps the users to see individual raccoon in different page with the detailed description of them. This description includes the name of the raccoon, their photo, a review list and average rating. Users are also able to give new reviews along with their own name and a specific rate. When the user first login to the website, it shows a menu list of all raccoons with sorting facility. If the user selects a particular menu, it shows the detailed description of the raccoon. If there is more than one user in the website and any one updates any review, the website automatically shows the update in the list.
This website has been made with the help of several different programming languages like PHP, HTML, Java Script. In the opinion of Bharathi et al. (2016), in order to create the database, one can use My SQL queries and implement them successfully for creating a complete database. Here, two tables are required for the database. One is for the detailed description of the raccoons and another one is for the user details. Both the tables are interconnected for a specific reason. If a user wants to post a new review or update any existing review or wants to delete a review, raccoon id is required for each purpose. The first table named Raccoon has a primary key, id, which is the foreign key for the second table namely Review. The back end technology has been made using PHP language, where different methods are used for inserting and retrieving the data. It also allows the users to update or delete any post from the existing database.
Session fixation or session hijacking is two different terms. Both are the attempts for accessing a system as a different user. In the opinion of Jain, Sahu & Tomar (2015), session fixation refers to the concept of using session id in the address bar or the URL in order to predict the id and use them after for login. There are two steps for performing the session fixation process:
● First, need to send the target to the URL: http://unsafe/?PHPSESSID=mysession
● Then go to the URL: http://unsafe/?PHPSESSID=mysession.
It looks like the same user has logged in to the website.
Another way of acting like a different user is:
● First, login to the URL: http://unsafe/?PHPSESSID=mysession
● Then, send the actual user to the URL: http://unsafe/payment_methods?PHPSESSID=mysession.
As per Zheng et al (2015), this process is used to hack the data and account information of a user. In this process, the users are unaware of the fact that they are redirecting to a different website or URL, where all the information can be stolen in a hidden way.
In order to counter these attacks, users must not put their session ids in the URL section. According to Kim (2014), another way to mitigate session hijacking is to re generate the ids. The session must be expired, once a user logout from the system or the website. If the session does not have the feature of auto expiration, then that can be used by the hackers and the attackers in order to steal information from the existing user’s account. SSL certificates are very important in order to defend a hacking tool like Fire sheep. As demonstrated by Kamal (2016), all the login forms and sessions must pass through SSL before permitting the users to access the data.
The users must use the secure session cookies along with the HttpOnly flags. Both hijacking and fixation are interrelated with each other. Session fixation comes in the scenario, when hackers have become successful to hijack the session. Apart from these, there is another terminology associated to session fixation. This is: client side scripting. The process is as follow:
1. The attacker requires to establish a connection to the web server
2. Then a session id has been issued
3. The victim needs to receive a link along with the session id
4. The victim needs to click on the link in order to make the process successful
5. In order to get the access of the email id, the victim must click on the link.
6. Then the victim unknowingly provides the credentials in order to get the access and the information becomes vulnerable to the hacker.
7. In this step, the hacker uses the session id for getting the access of the use account.
This is a very popular process for hacking the user account and gets all personal and private information of the users. In this way, the hackers are able to know the personal account number of the users, their pin number and other bank details.
Website designing is nothing but a promotional activity of any organisation. If an organisation plans to make its business larger or launch any new product, the best possible way to let the public know about the product is to make a website and promote that product in the website. The course work has covered a discussion on the theme of a particular website, session fixation and hijacking. Additionally it includes the DOM diagram of the website. This study has helped to understand the difference between session fixation and session hijacking. Finally, the case work concludes with the DOM diagram of the website.
Holding a PhD degree in Finance, Dr. John Adams is experienced in assisting students who are in dire need...
55 - Completed Orders
Canada, Toronto I have acquired my degree from Campion College at the University of Regina Occuption/Desi...
52 - Completed Orders
Even since I was a student in Italy I had a passion for languages, in fact I love teaching Italian, and I...
102 - Completed Orders
To work with an organization where I can optimally utilize my knowledge and skills for meeting challenges...
109 - Completed Orders
JOB OBJECTIVE Seeking entry level assignments in Marketing & Business Development with an organization...
202 - Completed Orders
Current work profile Project manager- The Researchers Hub (2nd Jan 2016 to presently working) Researc...
20 - Completed Orders
Sales Assistant, Mito Marina Assigned to the Stationery dept – assisted in merchandising, stock taking...
100 - Completed Orders
Personal Profile Dedicated and highly experienced private chauffeur. High energy, hardworking, punctua...
200 - Completed Orders
I'm Lizzy, full time education specialist in English, Essay Writing, Economics and Maths. Having Assi...
109 - Completed Orders