Project Database

Design and Implementation

Group 23

Chris Maltais (10155183)

Spencer Seliga (10125999)
James Weiss (10140819)

CMPE 332
March 26th, 2018
Assumptions
1. A member can only have one review on a movie.
2. A member can only make a review if they have seen the movie (Have it in previous
reservations)
3. A theatre complex does not need to have a customer
4. If a customer wants to buy more tickets to a movie they must book another reservation.
They cannot simply add tickets to a previous reservation.
5. Theatres don’t need to be in use 100% of the time
6. Theatres can re-use ID’s for different complexes (i.e. 1, 2, 3, 4, etc. - think of actual
movie theatres), therefore it is not enough to have the screen ID be the unique primary
key. By having theatres as a weak entity, theatres are uniquely identified with the
complex and ID.
7. Suppliers are defined as owners of the movie and there can only be one owner of each
movie
8. An admin cannot book a movie reservation. If they wish to make a reservation, they
must make a personal account classified under Member.
9. Admins cannot access the normal member website. When they log in, they will only be
directed to the “Admin Dashboard”
10. Only Members can leave reviews, since only members can make reservations to
showings.
11. All movie tickets must be bought on the online platform (no at-the-counter ticket
purchasing)
12. When purchasing a movie ticket, customers can only buy 7 days (one week) in advance.
13. Showtimes are the exact same every day in their respective theatres/complexes.
Example: Man of Steel will play at 2:00pm in Cineplex TRON screen 1 every day for its
showing period. Superman will play at 4:30pm in Cineplex Infinity screen 3 every day for
its showing period. Ect.
14. Once a purchase is made, their credit card will be automatically charged no confirmation
page will be generated.
15. In order to add a movie, the correct supplier must be added to the database if not
already there.
16. In order to add a theatre, the complex must already be in the database, otherwise the
complex must be added first.
17. If an admin account is to be added, it cannot be added directly through the admin
dashboard, it must be added directly through SQL statements into the database.
18. When editing a theatre, a valid screen id must be put in or the request will fail.
19. The price of each movie ticket is $12, this is for every movie, complex, and showtime.
Cardinality Legend for ER Diagram
One (Total Participation):

One (Partial Participation):

Many (Partial Participation):

Many (Total Participation):

Problems encountered during development:

Problem Solution

When designing the website we needed We followed online instructional tutorials

to have our files within the htdocs folder in on how to launch PHP files, and how to
order to launch PHP files. This folder was organize files on Apple computers.
difficult to find on Apple computers.

Our group needed a way to collaborate We created a local copy of our github
on the construction of code in real time, repository in order to be able to pull and
and be able to edit shared files. push files in real time and collaborate on
the development of code files.

The site needed to be able to differentiate In order to do this we would search the
between users/admin personal to login user table for the login information, if it
into the website. wasn’t within there we would search the
admin table, if both failed we would
redirect the user to a login failure page.

When a user logged into the site, the In order to this we used a session
information such as current/past variable to keep track of the user that was
reservations had to be customized to the logged in, and adjusted the content show
user logged in. based on that variable.

In order to take information on previous Our solution was to pass the arguments
pages that were dynamically generated, to the sql used in associated php by
we need to pass arguments to the sql adding them as arguments to the url
function. An example of this was the within the associated buttons href tag. We
cancel reservation button that was used this technique in many other
dynamically place next to auto-generated locations within our website design.
content based on the users reservations.

In order to delete elements in the In order to this we used a cascading

database that had foreign key delete where elements in multiple tables
dependencies on others we needed a would be deleted in order to not keep
way to delete them nicely in succession. useless information in the database. In
our database an example would be when
deleting a user it also deletes the
corresponding member/admin entry
associated with that user.

For our movie selection bar we wanted to Although we had the ajax code and
implement a dynamic drop down menu in function for this functionality we were not
order to show the movies playing based able to implement it into our website
 on the theatre selected. design due to difficulty finding an
associated html tag.

We needed a way to dynamically load We did this by creating dynamic html

copies of the same formatting of lines of tables using a while loop that created
information in our database. table rows for each row in our database.

The pricing of tickets we chose to do To do this we decided to use an ajax

dynamically based on the number of on_change function that ran every time
tickets chosen by the user. We wanted to the value within the number of tickets
refresh the price whenever the user label changed. This function would then
changed the number of tickets label. calculate the total price based on the
value within the field.

When cancelling a reservation we needed We used sql to return the current number
to add back that number of tickets to the of seats and added the number
theatre’s available seats associated with the reservation back to
the theatres available_tickets variable

If a movie introduced a new supplier that When adding a movie with a new supplier
didn't exist in the database we need to we thus redirected users to a add new
account for this suppliers page before they could add the
movie.

Design and Implementation Decisions:

1) Members can only leave a review if they’ve seen the movie. This was a design decision
we decided to make based on logic - we didn’t want to grant members the ability to
spam fake reviews. This decision was implemented by only allowing users to leave a
reveiw from the “Reservation History” page which only displays movies that were seen
prior to the current date.
2) Due to the fact that showtimes, reservation history, and current reservations were all
dynamically displayed (i.e. if there were 4 current reservations, all 4 would be displayed
on the page), we decided to run through a while loop that created the HTML/CSS for
each row of data that we queried. If the user clicked the “Cancel Reservation” button
(that was dynamically created) the name of the movie was then posted to a PHP script
that deleted the reservation from the database. The difficulty in this lies in the fact that
the PHP script needed to know the unique “name” of the button tag in advance. The
solution to this required some thinking. The “names” of the button could be updated by
appending the row number at the end (i.e. reservation0, reservation1, etc.), but that
didn’t solve the issue of requiring the name in the PHP script. The solution we
implemented was to add the name of the button as an argument to the URL of the PHP
script, then parse the URL within the PHP script to grab the “name” of the button.
Booking a reservation decrements the number of seats available for that specific
 showing. Cancelling a reservation adds the corresponding number of seats for that
specific showing. This was not a requirement but seemed like a logical necessity. This
was done using regular PHP and SQL statements.
3) For Admins, when adding a new movie to the database: if the supplier of the movie is
not currently in the database, the admin is redirected to a page where they must provide
the supplier information to add to the database, before they can add a movie. This is due
to the fact that the supplier attribute in the Movie table is a foreign key to the Supplier
table, which means it is required and must be existing when adding a Movie. This logic
was implemented using a PHP page to query the supplier. If the supplier existed in the
database, the movie could be added. If the supplier did not exist, the admin would be
redirected to the “Add Supplier” page.
4) Autopopulate fields when editing data. This design feature was only implemented for
Users however, given more time, we would have implemented the feature for Admin as
well. This allows the user to edit information easily without requiring them to input all
fields with the same information every time they wanted to edit a field.

Technologies and Tools Used:

Technology/Tool Why Experience

XAMPP (Cross Platform - None of us had experience in - Difficulty realizing that

OS, Apache Server, PHP/MySQL development. Being “htdocs” folder is analogous
MySQL, PHP) shown how to use it in class gave to a “PHP engine” for your
us enough knowledge to feel computer and local git
comfortable using it repository must be stored in
this folder.
- PHPMyAdmin helped
visualize our database easily.
- PHP “$_SESSION”
variables are analogous to
“global” variables

Git (Version Control) - Semi-difficult learning curve if - Effective collaboration tool

never used before, but more - Streamlined development
efficient than copy pasting code in process
the long run. - All code available at all
- Important tool for software times on GitHub
developers to learn (due to use in
the industry)
- Professionalism

Bootstrap 4 - Simple front-end framework - Difficulty understanding how

(HTML/CSS/Javascript (CSS/Javascript is already written, columns/rows were
Framework) only need to customize if wanted) organized, used Google’s
- Logically groups front end Developer Tools to visually
elements to help formatting understand column/row
 - Let focus of project rely on PHP structure
and SQL - Documentation had great
tutorials
- Many templates to choose
from

Features to be Added:
1) Dynamic dropdowns
a) In the “Find movies” page, there are 3 dropdowns: Complex, Movie, and Date.
Regardless of what selection is chosen first (i.e. going to a complex is a
preference for some people, seeing a certain movie is a preference, or watching
at a certain date), the other 2 dropdowns would update their values
instantaniously. Example: If Cineplex Tron is selected as the complex, only the
movies playing at Cineplex Tron are available to select from the dropdown. Once
the movie is selected (in addition to the complex), the date dropdown would
update dynamically as well and only display the dates that the corresponding
movie are playing on.
2) Password Hashing
a) When user’s register, their passwords are stored in plain text in the database.
This is a huge security flaw that can be remedied by running the passwords
through a built in PHP hashing function, and storing these hashed values in the
database as opposed to the plaintext passwords
3) Clearing Session Cookies
a) The $_SESSION variables that track user data were not cleared upon logout.
This is another security flaw that can be remedied by adding session_unset and
session_destroy
4) Use more of Bootstraps features to make the buttons look nicer (We realized these
functionalities during the “Review” page, the last of our User pages we created).
User Manual:
Login Screen:

This is the login screen, here you can do two things:

1) You can register a new account if you do not have one previously.
2) You can log in to a previously existing account. If you log in with an Admin email,
you will be take to the Admin Dashboard page, and if you log in with a Member
email, you will be taken to the regular Member interface.
If you enter incorrect information you will be taken back to this page with an “invalid”
message in the URL.

SQL Statements:
“SELECT member_id FROM Member where email = '$recemail'"”
“"SELECT email, _password FROM User_Account where email = '$recemail' and
_password = '$recpass' "”
“"SELECT admin_id FROM Admin where email = '$recemail'"”
“"SELECT email, _password FROM User_Account where email = '$recemail' and
_password = '$recpass' "”
Registration Screen:

If you clicked the “Create Account” button on the login screen, you will be taken to this
screen. Here you can enter all the information needed to set up an account on Tix4Flix.
If you do not enter valid information, the screen will prompt you with a red box saying it
is invalid (See First and Last name). Once you click “Register” the information will be
put into the database and you will be sent back to the home screen where you can log
in.
SQL Statements:
“"SELECT max(member_id) FROM Member"”
“"INSERT INTO User_Account (email, _password, fname, lname, street_name,
street_num,
postal_code, phone_number) VALUES
('$email','$password','$fname', '$lname','$streetname',$streetnumber,'$postalcode',
'$phonenumber');"”
“"INSERT INTO Member (member_id, email, card_number, card_expiry) VALUES
($nextmemberid, '$email','$creditcardnumber','$expiration')"”

Home Screen:

Once logged in, you are brought to the home screen. Here you can see the most
popular movies, their posters, and a couple options on how you’d like to interact with the
movie. The biggest feature on the home screen is the top Navigation bar. Off to the top
right you can see an “Account Setting” drop down where you are able to “Edit
Information”, “See Previous Reservations”, “See Upcoming Reservations”, or “Log Out”.
The top Nav Bar is available on every screen in the Member Interface to ensure ease of
moving throughout the site. Some of the other features on this page are: The ability to
click on the “Trailer” tab and be directed to the youtube link of each movie (Stored in the
database), See reviews on the movie through the “Reviews” button at the bottom of
each poster, and book a showtime through either the “Showtime: button under the
movie posters, the “Find Showtimes” button in the top jumbotron, or the “Book Tickets”
tab in the top Nav Bar.
SQL Statements:
“"SELECT DISTINCT title FROM Showing"”
“"SELECT trailer_link FROM Movie WHERE title ='$movie_for_trailer'"”
Edit Personal Info:

If you clicked “Edit Information” in the top Nav Bar, you will be taken to this page. Here,
all your information will be auto populated into the input bars so you can easily see what
previous information you have stored. The Name on Card information is not auto
populated since we do not store that in the database. You can change your information
as you’d like, and press the “Save” button to update it all in the database.

SQL Statement:
“"UPDATE User_Account SET _password='$password', fname = '$fname', lname =
'$lname', street_num = $streetnumber, street_name = '$streetname', postal_code =
'$postalcode', phone_number = '$phonenumber' WHERE email = '$email_start';"”
Find Movies:

This is the “Find Movies” screen. Here you can select which complex you would like to
view a movie at, what movie you would like to view, and what day (in the next 7 days)
you would like to find a showtime for. Once you click the “Find Showtime” you will be
taken to a screen showing the complex, movie, and day you have selected.

SQL Statements:
“"SELECT name FROM Theatre_Complex"”
“"SELECT title FROM Movie"”
Find a Showtime:

Here is the “Find a Showtime” screen. This screen will by dynamically loaded from the
previous “Find a Movie” screen based on your selections. To do this, we needed to
store both the trailer URL, and the address to the movie poster in the database. From
here, it queries the database to find all showtimes on that given day, complex, and
movie. You can also click on the “Reviews” button below to read any reviews previous
users left. You can navigate anywhere out of this page using the Nav Bar at the top.
SQL Statements:
“"SELECT rating FROM Movie WHERE title='$movie_title'"”
“"SELECT run_time FROM Movie WHERE title='$movie_title'"”
“"SELECT plot_synopsis from Movie WHERE title='$movie_title'"”
“"SELECT start_time from Showing WHERE title='$movie_title' and name='$complex'
and date_played='$date'"”
“"SELECT trailer_link from Movie WHERE title ='$movie_title'"”
Buy Tickets:

Here is the “Buy Tickets” page. On this page you can ensure you have selected the
correct complex, movie, and showtime. Additionally, when selecting the number of
tickets you would like to buy, you can click off the input box and dynamically update the
price label. We assumed each ticket was $12. If you enter an amount of tickets that the
showing cannot accommodate, it will return an unsuccessful message in the URL and
return you to this screen. If you pick a proper amount of tickets, you will be directed to
the “Confirm Purchase” page.
Confirm Purchase:

This is the “Confirm Purchase” page. Here you can see all the details of your
reservation. It shows you the complex, movie, showtime, and number of tickets. There
is a return home button to return back to the member homepage for further browsing.

SQL Statements:
"SELECT max(reservation_id) FROM Reservations"
"SELECT showing_id FROM Showing WHERE start_time = '$showing' and name =
'$complex' and title = '$title'";
"UPDATE Showing SET num_seats = num_seats - $num_tickets WHERE showing_id =
'$showing_id'"
"INSERT INTO Reservations (reservation_id, num_tickets, account_num, showing_id)
VALUES ('$next_reservation_id', $num_tickets, $user_id, '$showing_id')")
Current Reservations:

This is the “Current Reservations” page. On this page you can see all upcoming reservations
that you have booked. All information will auto-load (Including poster) and you will have an
option on “Canceling your Reservation”. The website will check a “current date” session variable
and compare it to the date of the showing. Based on if the showing is before or after the current
date, the reservation will either be placed in the “Current Reservations” page, or the “Previous
Reservations” page.
SQL Statements:
“"SELECT Reservations.reservation_id, Reservations.num_tickets, Movie.run_time,
Movie.plot_synopsis, Showing.title, Showing.date_played, Showing.start_time, Showing.name
FROM Reservations LEFT JOIN Showing ON Showing.showing_id = Reservations.showing_id
LEFT JOIN Movie ON Movie.title = Showing.title WHERE Reservations.account_num = $user"”

Previous Reservations:

This is the “Previous Reservations” page. On this page, you can see all reservations you have
made that are in the past. This is done the same way as on the “Current Reservations” page
with a global “date” session variable. Additionally, in this page you can click the “Leave a
Review” button to leave a review for the movie. This is the only place on the website where you
can leave a review for a movie since you can only leave a review if you have actually watched
the movie. If you click the “Leave a Review” button, you will be brought to the “Leave a Review”
page.
SQL Statement:
“"SELECT Reservations.num_tickets, Movie.run_time, Showing.title,
Showing.start_time, Showing.name, Movie.plot_synopsis, Showing.date_played FROM
Reservations LEFT JOIN Showing ON Showing.showing_id = Reservations.showing_id
LEFT JOIN Movie ON Movie.title = Showing.title WHERE Reservations.account_num =
$user"””

Leave A Review:

This is the “Leave A Review” page. On this page you can type a review for a movie you
have previously seen (In your previous reservation). Once you are done, you can press
the “Leave Review” button, and the website will post your review to the movie review
page. The page will then redirect to the home page.
See Reviews:

This is the “See Review” page. On this page you can see any reviews that you or any
other users have posted. It will show the user who posted its name, as well as what they
wrote about the film. From here you can navigate back to the home page through the
Nav Bar.

SQL Statement:
“"SELECT review, fname, lname FROM Opinion JOIN User_Info on Opinion.member_id
= User_Info.member_id where title = '$movie'”
“"CREATE OR REPLACE VIEW User_Info(fname, lname, member_id) AS SELECT
fname, lname, member_id FROM User_Account JOIN Member ON User_Account.email
= Member.email"”
Admin Manual:
Admin Home:

This is the “Admin Home” page. On this page the admin has many options on what they
would like to do. On the left of the page, there is a Side Navbar which allows the admin
to choose the functionality they would like to access. There are many functions the
admin can do to edit the database including adding, editing, and viewing business
analytics of all the complexes. The main feature on this page is the “List of Members”. In
the middle of the screen a table of all Members will be populated based on the amount
of members in the database. This table contains relevant information on the user, plus
the functionality to view their “Movie History” and the ability to “Remove” a member from
the database. If you “Remove” a member from the system, you will not be prompted to
confirm, the page will simply reload and the member info will be gone. If you click
“Movie History” you will be brought to the “Member Movie History” page. Just like the
Member Home page, this Navbar will be present on every single Admin page for easy
access to other functionalities.

SQL Statement:
“"SELECT Member.member_id, User_Account.fname, User_Account.lname FROM
User_Account RIGHT JOIN Member ON Member.email = User_Account.email"”
Member Movie History:

This is the “Member Movie History” page. On this page you can see all the details of
any members movie history. Along with that you can see what upcoming movie
reservations they have, and some details on their account. If a member cancels a
reservation it will not show up on this screen. This page will dynamically load based on
which member was chosen from the “Admin Home” page.

SQL Statement:
“"SELECT Showing.date_played, Reservations.reservation_id,Showing.name,
Movie.title,Showing.start_time,Reservations.num_tickets FROM ReservationsLEFT
JOIN Showing ON Showing.showing_id = Reservations.showing_id LEFT JOIN Movie
ON Movie.title = Showing.title WHERE Reservations.account_num = '
$sections_of_URL[1] '"”
“"SELECT Showing.date_played, Reservations.reservation_id,Showing.name,
Movie.title,Showing.start_time,Reservations.num_tickets FROM Reservations LEFT
JOIN Showing ON Showing.showing_id = Reservations.showing_id LEFT JOIN Movie
ON Movie.title = Showing.title WHERE Reservations.account_num = '
$sections_of_URL[1] '"”
Add a Movie:

This is the “Add a Movie” page. On this page you can add a movie to the database by
entering the appropriate data in the fields below. You must be careful though because if
you put in information for a Supplier that doesn’t exist, the website will run an error.
Additionally, if you try to enter a movie that is already in the system, it will also return an
error since the movie name is our primary key. Main Actors can be entered but must be
separated by a comma. Once you press “Add Movie” you will be sent back to the Admin
Home and the movie will be added.

SQL Statements:
“"INSERT INTO Movie (title, plot_synopsis, run_time, rating, director,
production_company, start_date, end_date, supplier) VALUES
('$title','$synopsis','$run_time','$rating','$director','$production_company', $start_date,
$end_date, '$supplier');"”
“ "INSERT INTO Movie_Actors (title, main_actor) VALUES ('$title', '$actor_array[$i]')"”
Add a Complex:

This is the “Add a Complex” page. On this page you can enter the details of a new
theatre complex. When you press the “Add Complex” button you will be sent to the
home page and the information will be inserted into the database.

SQL Statements:
“"INSERT INTO Theatre_Complex (name, street_name, street_number, postal_code,
phone_number) VALUES
('$complex_name','$street_number','$street_name','$postal_code', '$phone_num');"”

Add a Theatre:

This is the “Add a Theatre” page. Here you can select what complex you would like the
theatre to be a part of. You can put what screen_id you’d like (It can’t be previously
existing), and the other details. Once you press Add theatre you will be sent back to the
homepage, and the theatre will be added to the database.

SQL Statements:
“"INSERT INTO Theatre (name, screen_id, max_seats, screen_size) VALUES
('$complex_name','$screen_id', '$max_seats','$screen_size')";”
Add a Showtime

This is the “Add a Showtime” page. On this page you can add showtimes to each
complex and theatre screen. There is a drop down menu to select the available movies
and complexes, but the screen_id is needed. Input the other needed information and
click “Add Showtime” to put it into the database.

SQL Statements:
“"SELECT max(showing_id) FROM Showing"”
“"INSERT INTO Showing (showing_id, name, screen_id, title, date_played, start_time,
num_seats) VALUES
('$nextid','$complex_name','$screen_id', '$movie', '$date', '$start_time','$num_seats')";”
Add a Supplier:

This is the “Add a Supplier” page. On this page you can input the information for a new
supplier. This was needed because we ran into problems with our Database relation
schema when trying to add movies. Once you press “Add Supplier” you will be brought
back to the home page, and the supplier will be added into the database.

SQL Statements:
“"INSERT INTO Supplier (company_name, phone_number, street_name,
street_number, postal_code, contact) VALUES
('$company_name','$phone_num','$street_name','$street_number','$postal_code','$cont
act');";”
BI Analytics:

This is the “Business Analytics” page. On this page we list the Complexes, and Movies
in order of highest ticket sales. The top row of each table is the most popular, with the
lowest being the least popular. One limitation of this page is that if no tickets have been
bought from a certain complex or to a certain movie, they will not appear on this page.

SQL Statements:
“"SELECT Showing.name, sum(Reservations.num_tickets) as total_tickets FROM
Reservations LEFT JOIN Showing ON Showing.showing_id = Reservations.showing_id
LEFT JOIN Movie ON Movie.title = Showing.title GROUP BY Showing.name ORDER
BY sum(Reservations.num_tickets) desc"”
“"SELECT Movie.title, sum(Reservations.num_tickets) as total_tickets FROM
Reservations LEFT JOIN Showing ON Showing.showing_id = Reservations.showing_id
LEFT JOIN Movie ON Movie.title = Showing.title GROUP BY Movie.title ORDER BY
sum(Reservations.num_tickets) desc"”
Edit Complex:

This is the “Edit Complex” page. On this page you can edit information about the
various complex locations. There is a dropdown to choose the theatre complex that you
would like to edit. Input the other needed information and click “Edit Complex” to put it
into the database.

SQL Statements:
“$sql = "INSERT INTO Theatre_Complex (name, street_name, street_number,
postal_code, phone_number) VALUES
('$complex_name','$street_number','$street_name','$postal_code', '$phone_num');";”
Edit Theatre:

This is the “Edit Theatre” page. On this page you can edit information about the various
theatres within the complex locations. There is a dropdown to choose the theatre
complex that you would like to edit the theatres of. Input the other needed information
and click “Edit Theatre” to put it into the database.

SQL Statements:
“"SELECT showing_id, name, start_time, date_played, title FROM Showing"”

Edit Showing:

This is the “Edit Showing” page. On this page we list every single showtime that is past
the current date. It will auto populate the movie title, as well as auto populate and let
you change the movie complex it is being shown at, and what time the movie will be
shown at. Once you have changed the showtime you would like, you can press the
“Update” button on the right and the database will automatically be updated. You will be
redirected back to this page encase you want to change more than just one showing.

SQL Statements:
“SELECT showing_id, name, start_time, date_played, title FROM Showing”