cssainformationdepartment / mycssa Goto Github PK
View Code? Open in Web Editor NEWOnline services platform for Chinese Students and Scholars Association @ Unimelb
Home Page: https://cssaunimelb.com
License: GNU General Public License v3.0
Online services platform for Chinese Students and Scholars Association @ Unimelb
Home Page: https://cssaunimelb.com
License: GNU General Public License v3.0
To show lists of previous committees of Council Board.
Show the photos and the name of all chairmen.
Show message: The list for all Council Board Committees.
Display relevant information for the chairmen.
An opt-in form page needs to be designed and added to the membership management and user login page. The form should be able to collect users' real [First Name] and [Last Name] in English, [Australia Telephone Number] and [Student ID]. The user can decide how many emergency contacts he or she wants to lodge in. Each contact entry should contain [First Name], [Last Name], [Relationship], [Full Address (optional)], [Contact Number] including the country calling codes.
The form is created aligning to the given context
The API is connected and functional as demand
Free to join in membership and paying for a discount card offers multiple benefits.
To show result of 2019 Sem1 Photo Contest.
Show the winning photos and the winners' names.
Show message: 2019 Sem1 Photo Contest has ended.
Display description for the winning photos.
Static Promotion Page for Ball.
Could make use of frame sample on the internet.
A new internal section should be added to provide functions for finding contact target, either the emergency contacts for a person who is under searched, or using contact to find the person.
A search page that can allows using name or contact numbers to find the full emergency contact information for either the contact itself or the person who sign-in the contact earlier.
A table view contains two session. The first section, at the top, is the information related to the person who provides the emergency contact. The second section, at the bottom, is a list for all available emergency contact.
If the provider is also a registered member, more related information should be presented at the first section mentioned above.
The API is connected and functional as demand
On the login page, provide a functionality that registered users can reset their passwords when they forget their passwords.
A link or button on the login page
Collect user's relative details for looking up the specific account: registered email
An Email that includes a reset link is generated and sent to the collected email
When new password is submitted by the reset link, update the information of the account in database
The Event APIs is used for the public site to retrieve information related to the CSSA events.
Return a JSON list of event_id, event_header, start_date, avaliablity_status and link to Detaiil Page, including pagination
A event detail page API, containing all the data details for the page.
Story Points: __
Context
This is an update for our event application system. Currently, applicant can only attach text to the flex form, we want to add a new type which allows the applicant attach a picture for their application.
Definition of Done
Show attach picture option on application page
Link their uploaded photos to our database system
The current user sign up page is still using Django template rendering, It is slow and lack of interactive features support for mobile. This need to be re-written in React.js.
New multiple pages login page collecting the same amount of information as before
An optional step to collect emergency contact
New after registration complete page
Complete the page of CSSA committee recruitment Page.
The recruitment page is built for publishing information of available committee position at the beginning of each semester.
When I 'cd' to the target folder, I used the command below:
" pipenv install -r ../requirements.txt --python=x.x.x ",
but there is an issue which is <can't find the "requirements.txt">
thus, I update the command, "pipenv install -r requirements.txt --python=x.x.x ", which works for me.
The Job APIs is used for the public site to retrieve information related to all published jobs on the website
Return a JSON list of job_id, job_title, organisation_name, due_date, and link to Detaiil Page, including pagination
A job detail page API, containing all the data details for the page.
Story point: 5
We changed our membership card into a discount card and students no longer need to join CSSA to gain the discount. Now students can purchase a discount card for $5 and enjoying all the discount with our cooperative merchants. They can also choose to bind their card with their CSSA account, thus once they lose their card, they can reissue a card for free.
Build a new page of applying for a discount card.
Add an optional feature "Binding My Card" in the personal profile page
Create a linkage on the current "Discount merchants" page.
If the user doesn't have a card, they can apply one (link to the applying page)
If the user already have a card, they can choose to bind it with its CSSA account (link to the login page if the user haven't login, otherwise, link to its personal profile page)
Website background file submission file hosting server vulnerability
Hazard level: low risk
Coverage: This vulnerability can be invoked by all registered users
Vulnerability details
Personal information - avatar upload - upload any picture capture package:
modify the cropped_b64 parameter to data: image / arbitrary file type; BASE64, file content encoding base64 upload can successfully pass the browser - view the source code to get the file after uploading path
Repair plan
The developer database should be set up and sync data from production environment on 12:00 am Sunday each week. This database will eliminate the heavy-lifting on creating dummy data to test new function during the development stage.
Create a developer database on CSSA-Dev-Server
Data will be automatically synced from Prod Server to Dev server every Sunday at 12:00 am
Sensitive data will be masked with fake data
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.