real estate listing web application project report
DESCRIPTION
College report on the project - Real Estate Listing Web ApplcationTRANSCRIPT
Submitted By:
Tushar Sharma
Roll No. 91133313
Enrollment No.
SGVU091133313
A
Project Report
On
“REAL ESTATE LISTING WEB APPLICATION”
Submitted in partial fulfillment
of requirement for Degree of Bachelor Of Technology
in Computer Science Engineering
2012-13
Under Graduate Department of Computer Science Engineering
Suresh Gyan Vihar University
Mahal Jagatpura, Jaipur
Submitted To:
Mr. Vibhakar Pathak
Program Coordinator
B.Tech.Computer Science
Engineering
CERTIFICATE
This is to certify that the project entitled “REAL ESTATE LISTING WEB
APPLICATION” has been carried out by Tushar Sharma under my guidance in partial
fulfilment of the degree of Bachelor of Technology in Computer Science Engineering of
Suresh Gyan Vihar University, Jaipur during the academic year 2012-2013.
Project Guide:
Mr. Saurabh Gupta
Assistant Professor
(Computer Science Department)
ACKNOWLEDGEMENT
I'm highly indebted to Mr. Saurabh Gupta for their constant supervision, support, and
guidance that has enabled me to bring quality in my work on this project.
My thanks and appreciations also go to my colleagues in developing the project and people
who have willingly helped me out with their abilities.
Tushar Sharma
Enrollment no. SGVU091133313
TABLE OF CONTENTS
Abstract 1 1 Introduction 2
1.1 Project Requirements Specifications 2 1.2 Project Design Specifications 3
1.3 Developer Environment 3 1.4 Technology Applied in this project 6 2 Architecture Design 7
2.1 Building Web Application in .NET 7 2.2 Three Tier Architecture 7
3 Database Design 9 3.1 SQL Server 2008 9 3.2 Entity-Entity Relationship Diagram 10
3.3 Database Tables and Database Diagram 11 4 Implementation Details 12
4.1 Working with Web Objects 12 4.2 Creating Web Surfaces 13 4.3 Binding Data 14
4.4 Storing and Retrieving Data using ADO.NET 15 4.5 Maintaining State Information 16
4.6 Maintaining Security 17 5 Real Estate Web Application Running on the Server 20 5.1 Deploying Web Application 20
5.2 Testing and Running 23 6 Conclusion 32
7 User Manual 33 8 References 34
1
ABSTRACT
The aim of this project was to build a real estate web application using Microsoft ASP .NET
and SQL Server 2008. The programming environment was Visual Studio 2012 using the C#
programming language. The real estate system provides functionality for buyers, allowing
them to search for houses, offices, plots by features. It provides functionality for the seller,
allowing them to log into the system and add new advertisements or delete existing ones.
For this purpose, each user is provided a login account with login ID and password access.
This web application makes use of .NET features, including web controls, html controls,
custom web controls, ADO .NET, error handling. The programming tasks included building
the customer web controls and deploying these on the IIS web server. The system
architecture is based on the three-tier enterprise architecture, comprised of a data layer,
business logic, and a presentation layer.
2
1. INTRODUCTION
The aim of this project was to develop a prototype real estate listing service using Microsoft
technology. There are some important issues in developing the real estate web application.
First, the search time should be kept to a minimum. This depends on choosing the
appropriate development environment and using good development techniques. Second, the
web application should provide the services that both buyer and seller want. Third, the web
application should have a friendly user interface.
This project is developed based on the ASP.NET using C# and the SQL Server 2008
database engine. ASP.NET is part of the Microsoft .NET framework, which is an integrated
and managed environment for the development and execution of native code. ASP.NET is a
platform for creating web applications that run on Windows servers using IIS and the .NET
framework.
1.1 Project Requirements Specifications
This Real Estate Web application provides functionalities for both seller and buyer. The
buyers can browse the web site without any security and they can search for houses based
on state/city/price/features. For the seller, a security issue is added. The seller needs to
create an account in the system and every time he logs in, the previous advertisements
posted by him are presented. He can then delete any of these, and he can add new ones.
The functionalities are as follows:
1. The buyer can search for properties according to detailed information:
state/city/price/property/bedroom/bathroom/additional features.
2. The results are displayed twelve per page and the buyer can view the next or
previous page.
3. The results can be sorted and viewed by selecting the sorting item and order.
4. When a buyer clicks the link for each listed item, he will be redirected to a page that
lists the detail information for this house.
5. A seller can create an account in the system, and each seller has a username and a
password.
6. The seller can add new advertisements and provide the detailed information and
photo.
3
1.2 Project Design Specifications
The Real Estate Web application consists of three parts: content, program logic, and Web
configuration information. The content of the project is presented through the web forms
which use web controls and HTML components like conventional HTML page. The
program logic, the project’s executable is stored in a .dll file called an assembly. The
assembly is compiled to intermediate code, and common language runtime does the final
compilation before running the project. The back end of the project uses SQL Server 2008
which is a relational database management system. ADO.NET is used to create a tight tier
between the data tier and business logic. The whole process of running this web application
would be: When client requests one of the web forms pages from the browser, IIS starts the
project’s executable. The .dll composes a response to the client based on content of the web
form page and the program logic which generates the dynamic content. IIS gives back the
HTML response to the client.
1.3 Developer Environment
The project is hosted by windows server by IIS 7.5 (Internet Information Services) and
.NET framework together with Microsoft SQL Server 2008. It is developed in the Visual
Studio 2012 integrated development environment.
4
Internet Information Services: It is a very powerful web service which provides a highly
reliable, manageable, and scalable web application infrastructure for windows server. It
organizes web sites and hosts web applications together with system administration.
Microsoft .NET Framework: It is the infrastructure for developing distributed applications
for the internet. It is made of two parts, an execution engine called the common language
runtime(CLR), a class library which includes the whole set of ASP.NET classes as well as
windows programming classes, other programming tasks such as file access, data type
conversion, array and string manipulation and so on.
5
ASP.NET: It is the successor of ASP. It is part of the .NET framework and it supports two
kinds of applications: web application and web services. It is a very powerful tool for
making dynamic and interactive web page.
ADO.NET: .NET provides databases access through the set of tools and namespaces
collectively referred to as Microsoft ADO.NET. There are three layers: the physical data
store which could be a SQL database or an XML file, the Data Provider which interacts
between the program and the database, the DataSet which stores disconnected data on the
local memory.
SQL Server 2008: It is an RDBMS which uses Transact-SQL to send requests between a
client computer and a SQL Server 2008 computer. RDBMS manages and stores the data by
organizing the data into rows and columns within the database. It consists of the database
engine, various applications, tools and databases.
Visual Studio: The Visual Studio provides a very friendly programming environment. It
enables developers to quickly create data driven and distributed applications using familiar
Visual Basic techniques and reusable controls.
6
1.4 Technology Applied in this project
There are some specific technologies that I have used in this project. These improve the
performance and security of web applications.
Using Session as data container: Instead of getting the house record data from the database
every time, the project fills the data into the session. It cuts time down by limiting the
transmitting time from the server to the back end SQL Server 2008.
Custom Authentication and Salted Encryption: Custom authentication is used requiring
Username and Password. The login page connection in SSL (Secure Socket Layer)
encrypted. The username and password are stored in database. The password is salted
(using random strings) and encrypted for enhanced security.
7
2. ARCHITECTURE DESIGN
2.1 Building Web Application in .NET
Web applications provide content from a server to client machines over the internet and the
users view the web applications through a web browser. This project uses client/server
architecture. It is hosted on the web server and responds from other clients.
The real estate web application runs under Microsoft Internet Information Services. IIS
manages the project, passes requests from the clients and returns the response based on
executable code, web forms, html page, image files and other content. These requests and
responses as passed over internet using HTTP.
2.2 Three Tier Architecture
Three-tier is a client–server architecture in which the user interface, functional process logic
("business rules"), computer data storage and data access are developed and maintained as
independent modules, most often on separate platforms. The three-tier model is a software
architecture and a software design pattern. Apart from the usual advantages of modular
software with well-defined interfaces, the three-tier architecture is intended to allow any of
8
the three tiers to be upgraded or replaced independently in response to changes in
requirements or technology. For example, a change of operating system in the presentation
tier would only affect the user interface code.
Typically, the user interface runs on a desktop PC or workstation and uses a standard
graphical user interface, functional process logic that may consist of one or more separate
modules running on a workstation or application server, and an RDBMS on a database
server or mainframe that contains the computer data storage logic. The middle tier may be
multi- tiered itself (in which case the overall architecture is called an "n-tier architecture").
Three-tier architecture has the following three tiers:
Presentation tier
This is the topmost level of the application. The presentation tier displays information
related to such services as browsing merchandise, purchasing, and shopping cart contents. It
communicates with other tiers by outputting results to the browser/client tier and all other
tiers in the network.
Business Logic tier
The logic tier is pulled out from the presentation tier and, as its own layer, it controls an
application’s functionality by performing detailed processing.
Data tier
This tier consists of database servers. Here information is stored and retrieved. This tier
keeps data neutral and independent from application servers or business logic. Giving data
its own tier also improves scalability and performance.
9
3. DATABASE DESIGN
A good database design will contribute to software development and improve performance.
It is always very important to keep in mind the data retrieval, storage and modification
efficiency in mind. Good data modelling will provide easier and more intuitive access than
others. I have gone through the following step:
1. First, I analyzed the requirement of the real estate web application.
2. Second, I spent time modeling the data, using the standard method ER
Diagramming, adding fields into each table.
3. Third, I tried out the ideas, tested them through limited trials and made necessary
changes.
3.1 SQL Server 2008
SQL Server 2008 has a good connection with Microsoft .NET platform and provides two
fundamental services to .NET platform. The first service is the SQL Server service, which is
a high performance, scalable relational database engine. The second service is SQL Server
2008 Analysis Service.
SQL provide a relational database management system (RDBMS). A Database is similar a
data file in that it is a storage place for data. The developer runs the application that access
data from SQL Server and presents it to the user in a friendly format. A relational database
stores all its data into tables, and nothing more. It uses mathematical set theory and
normalization process to effectively organize data.
10
3.2 Entity-Entity Relationship Diagram
11
3.3 Database Tables and Database Diagram
Figure : Key View of Tables
Based on the project description and requirements, several tables have been designed.
tbl_usersignup: Contains user's login credentials, and user type.
tbl_userdetails: Because of sparse nature of user's additional details, user details are
kept in another table.
tbl_property: Contains complete details on posted properties.
tbl_states, tbl_cities, tbl_localities: Maintain standard names of locations.
tbl_threadparticipants: Maintains unique thread between two distinct users.
tbl_thread: Provide strength to weak tbl_threadparticipants set.
tbl_message: Keeps all the messages.
tbl_messagereadstate: Records when the message was read by each user.
12
4. IMPLEMENTATION DETAILS
This chapter describes in detail the technologies used in this project. .NET Framework has
an advantage in developing web application because ASP.NET uses a powerful set of web
and HTML control, complete version of library classes, strong connection with ADO.Net,
integrated security with IIS. SQL Server provides the power of Transact SQL to generate
SQL queries dynamically. Additionally the stored procedures provide fast execution be
storing execution plan and they being parameterized provide security against SQL injection
attacks.
4.1Working with Web Objects
Visual C# has a full set of object-oriented programming concept including classes, abstract
classes, interfaces and overloading or overriding members.
The system library classes are organized in namespaces. We can take a look at the
statements in this project to allow developer to use class library:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Media;
using System.Drawing.Imaging;
using System.Drawing;
using System.Drawing.Drawing2D;
using System.Web.UI;
using System.Data;
using System.Security.Cryptography;
using System.Text;
13
4.2 Creating Web Surfaces
This project uses ASP.NET controls to create user interfaces for multi-page web forms.
There are two styles of form layout: Grid layout and Flow layout. The web controls that
have been used in this project are: Label, TextBox, Button, DropDownList, GridView,
CheckBox, RequiredFieldValidator, CompareValidator. We can take some examples how
these web controls are used. Button Control:
In the html view of .aspx page, the following code is needed.
<asp:Button ID="Button1" runat="server" Text="Confirm" OnClick="Button1_Click" />
In the code-behind of .cs file: an event-handler is associated with the button control, when
the button is clicked, the code in the block will be executed.
protected void Button1_Click(object sender, EventArgs e) {
string username = TextBox1.Text;
string email = TextBox2.Text;
string password = TextBox3.Text;
string usertype = RadioButtonList1.SelectedValue;
BLL rbll = new BLL();
try {
int result = rbll.InsertUser(username, email, password, usertype);
if (result > 0)
signupmsg.Text = "Signup Successful";
else
signupmsg.Text = "Error! User <strong>" + TextBox1.Text +
"</strong> already exists";
} catch {
signupmsg.Text = "Error! User " + "<strong>" + TextBox1.Text +
"</strong> already exists";
} finally {
rbll = null;
}
}
14
4.3 Binding Data
A data bound drop down list would look something like this. No items need to be inserted
manually, they will be bound at run time. DataVauleField and DataTextField define what
data will be sent to server, and what options will be displayed at client.
Additionally, on change on selected item, a request will be sent to server because
AutoPostBack is set to true.
Markup:
<asp:DropDownList ID="DropDownList2" runat="server" Width="160px"
DataValueField="CityId" DataTextField="CityName"
OnSelectedIndexChanged="DropDownList2_SelectedIndexChanged"
AutoPostBack="True"> </asp:DropDownList>
Code Behind:
private void BindDropDown2(BLL rbll) {
DropDownList2.Items.Clear();
if (DropDownList5.SelectedIndex > 0) {
DropDownList2.DataSource =
rbll.SelectCity(Convert.ToInt32(DropDownList5.SelectedItem.Value));
DropDownList2.DataBind();
}
DropDownList2.Items.Insert(0, "--Select City--");
DropDownList2.Items[0].Value = -1 + "";
}
15
4.4 Storing and Retrieving Data using ADO.NET
ADO.NET is used to access and modify data stored in SQL database. The DataSet is the
central object in ADO.NET. Table rows and columns collection can be used get data items
in a DataSet.
Using data-access objects in code follows the same sequence:
1. Create the data connection object
2. Create the command object
3. Create the data adapter object use the command object
4. Create a data set object
5. Invoke methods on the adapter object to fill the data set
Take a look at some code in this project as an example:
internal DataTable SelectProperty(int id) {
SqlConnection con = new SqlConnection(_conStr);
con.Open();
SqlCommand cmd = new SqlCommand("selectproperty", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@PropertyId", id);
try {
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
da.Fill(dt);
16
return dt;
} catch {
throw;
} finally {
cmd.Dispose();
con.Close();
}
}
4.5 Maintaining State Information
HTTP is stateless protocol and it is important to retain data on web forms between requests.
ASP.NET provides different mechanisms: Query strings, cookies, view state, session state,
application state.
Query strings can send additional information along with an address, as shown here:
Response.Redirect("ViewList.aspx?uName=" + name).
To retrieve a query string in code, use the QueryString method, as shown here:
name = Request.QueryString["uName"].
Developer can store any type of object into session and retrieve it later. In this project the
session state is used to store the DataTable for the lifetime of a user session. To store a
session is shown as: Session["records"]=dt;
To retrieve a session variable is shown as:
DataTable dt = (DataTable) Session["records"];
17
4.6 Maintaining Security
a) Using Stored Procedures:
An example stored procedure
PROC [dbo].[selectmessages]
@ThreadID int,
@UserID int
AS
SELECT M.*, US.UserName SenderName, UD.ProfileImage FROM
( tbl_message M INNER JOIN tbl_userdetails UD
ON M.SenderID = UD.UserID
) INNER JOIN tbl_usersignup US ON M.SenderID = US.Id
WHERE
M.ThreadID = @ThreadID AND
ThreadID IN (
SELECT ThreadID
FROM [tbl_threadparticipants]
WHERE UserID = @UserID
)
ORDER BY M.SentDate DESC
This stored procedure uses parameters named @ThreadID, and @UserID which have
certain type (integer) and accept no value not conforming to the type, thus random SQL
strings posing threat of SQL injection aren't accepted.
To pass parameters, the code must be written as follows.
SqlCommand cmd = new SqlCommand("selectmessages", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@ThreadID", threadid);
cmd.Parameters.AddWithValue("@UserID",
Convert.ToInt32(HttpContext.Current.Session["userid"]));
18
b) Coded Authorization
A global class monitors user requests and transfers unauthorized users to Login Page.
void Application_PreRequestHandlerExecute(object sender, EventArgs e) {
if (Context.Session != null) {
if( Session["username"] == null) {
var authorizedform = new[] {
"postproperty.aspx",
"postreq.aspx",
"myprofile.aspx"
};
if(authorizedform.Any(s => Request.RawUrl.ToLowerInvariant().Contains(s))) {
Server.Transfer("Redirect.aspx");
}
}
}
}
c) Salted Encryption
Passwords are hashed and salted. Hashed passwords can't be recovered. Even if someone
gets access to database tables where passwords are stored, salting makes it impossible to
guess passwords based on patterns in them.
19
Here, User1, and User2 both enter the password '123456'
But when viewed in database, there is no way to tell if they entered same password.
20
5. REAL ESTATE WEB APPLICATION RUNNING ON THE
SEVER
After developing the project, it is time to publish the completed web application on a web
server for client use. Also, it is important to monitor and maintain the application when it is
in use. This project uses Internet Information Server 7.5 on local machine as the web server
to host and run the deployed project.
5.1 Deploying Web Application
a) Set debug="false" in Web.config file.
b) Select 'Publish Web Site' from Build Menu.
21
c) Select 'Target Location' in Publish Web Site Dialog Box, and create a new application.
d) Visual Studio Output tab indicating successful Publish operation.
22
e) To enable use of SSL, select Default Web Site in IIS Manager, and select 'Edit Bindings'
f) Choose to Add Binding
23
g) Select https protocol and choose one of the installed certificates.
5.2 Testing and Running
The application can be run by typing
http://localhost/realestate in address bar of a web browser
Following pages and features are available, and their use is listed below.
24
Home Page:
This is the first page visible to user. From here, the user can search properties, select a
property, navigate to login/signup page.
25
Signup Page:
Signup allows user to post properties or engage in conversation with property seller/seeker.
Login Page:
Login is required after signup to access services related to user's account.
26
Properties Page:
This page lists the available properties.
27
Property Details:
Here complete details of the selected property are listed.
Initiating a conversation:
A conversation can be started by going to a user's profile and sending him a message.
28
All Conversations:
User's own profile page lists all his conversations/threads.
Whole conversation:
Upon selecting a conversation from the conversations list, all the messages in the
conversation can be viewed.
29
Searching:
User can start a search from the Home page.
Search Results:
Search results are displayed on search results page.
30
Post Property:
Logged in users can post properties.
31
Manage Page:
Page available to administrator to insert locations in database.
32
6. CONCLUSION
This Real Estate Web Application is a typical .NET web application using ASP.NET and
SQL 2008 in the C# programming language. It uses a client/server architecture based on the
HTTP protocol. It is developed in Microsoft’s Visual Studio programming environment.
There are several things that could have been implemented and made better, they are in my
to do list, and should be reflected in later versions.
33
7. USER MANUAL
Server System Requirements:
Microsoft .NET Framework 4.5 installed
Visual Studio 2012 installed (optional)
SQL Server 2008 installed
Internet Information Services installed
Windows 7/2008 Server/2012 server
Client System Requirements:
Operating System: Any installed
Internet Explorer 5.0+/Netscape Navigator/Mozilla Firefox/Google Chrome
installed
Server Installation:
1. Install IIS and start the web server in windows operation system.
2. Install Microsoft .NET Framework 4.5 and register ASP.NET.
3. Install SQL Server 2008
4. Create a virtual directory called RealEstate and point it to the RealEstate physical
directory containing the source code.
5. Run the database scripts called realstate.sql in the package
Client Installation:
1. Install Web Brower
2. Brower http://www.address/RealEstate/
34
8. REFERENCES
1. Pro ASP.NET 4 in C# 2010 by Matthew MacDonald, Adam Freeman, and Mario
Szpuszta
2. C# in Depth, Second Edition by Jon Skeet
3. Database Design for Mere Mortals™: A Hands-On Guide to Relational Database
Design, Second Edition
4. The Art of SQL by Stéphane Faroult and Peter Robson
5. http://www.stackoverflow.com
6. http://code.msdn.microsoft.com
7. http://www.asp.net