Philadelphia University
Faculty of Information Technology
Department of Software Engineering
Examination Key
Lecturer : Dr. Samer Hanna
Internal Examiner: Dr. Mourad Maouch
Coordinator: Dr. Samer Hanna
Software Construction
(0721420 ) Section 1
Final Exam’s Key
Second Semester of 2014/2015
Date: Thursday, June 18 , 2015-------- Time: 2 hours.
th
Q1) (6 marks)
Discuss the following in details
1. Barricade
Barricades are a damage-containment strategy. The reason is similar to that for having isolated
compartment in the hull of a ship. If the ship runs into an iceberg and pops open the hull, that compartment
is shut off and the rest of the ship is not affected. They are also similar to firewalls in a building. A building's
firewalls prevent fire from spreading from one part of a building to another part. (Barricades used to be
called "firewalls," but the term firewall now commonly refers to blocking hostile network traffic.)
One way to barricade for defensive programming purpose is to design certain interfaces as boundaries to
"safe" areas. Check data crossing the boundaries of a safe area for validity, and respond sensibly if the data
is not valid.
2. Defensive programming
The idea of defensive programming is based on defensive driving. In defensive driving, you adopt the mindset that you are never sure what the other drivers are going to do. That way, you make sure that if they do
something dangerous you won't be hurt. You take the responsibility of protecting yourself even when it
might be the other driver's fault.
In defensive programming, the main idea is that if a routine is passed bad data, it won't be hurt, even if the
bad data is another routine's fault.
3. SQL injection with example
SQL injection is a technique where malicious users can inject SQL commands into an SQL statement, via
web page input.
Example
SELECT fieldlist
FROM table
WHERE field = 'anything' OR 'x'='x';
Q2) (8 marks)
Suppose that you want to build an application for Philadelphia University that facilitates dealing with courses at
different departments in the University.
Each course at Philadelphia should have the following properties:
- Course number
- Course name (must be less than 30 chacters)
- Section number (must be between 1 and 10)
- Students registered in this course (10 to 40 students)
- Department proposed the course
- Professor that will teach the course
For each student in a course the following properties must be specified:
- Student id (must be between 2005 and 2015)
- Student name (must be less than 40 characters and more than 3 characters)
1
- Student department
- Accumulated average (must be between 35 and 100)
For each professor of a course the following properties must be specified:
- Professor name
- Professor id
- Professor rank (must be in: assistant prof, associate prof or prof)
1. Draw a class diagram corresponding to the above requirements. (2 marks)
2. Map the class diagram in 1. To code (use C#). (6 marks)
Solution:
1.
2.
namespace Q2
{
class Course
{
public int CourseNo { get; set; }
private string courseName;
public string CourseName
{
get { return courseName; }
set
{
if (value.Length < 30)
courseName = value;
else
courseName = " ";
}
}
private int sectionNo;
public int SectionNo
{
get
{
return sectionNo;
}
set
{
if (value >= 10 && value <= 40)
2
sectionNo = value;
else
sectionNo = 0;
}
}
public string CourseDept { get; set; }
public ArrayList studs = new ArrayList();
public Prof prof { get; set; }
public Course(int courseno, string coursename, int sectionno, string dept)
{
CourseNo = courseno;
CourseName = coursename;
SectionNo = sectionno;
CourseDept = dept;
}
}
}
//////////
namespace Q2
{
class Student
{
private int id;
public int Id
{
get { return id;}
set
{
if (value >= 2005 && value <= 2015)
id = value;
else
id = 0;
}
}
private string name;
public string Name
{
get
{
return name;
}
set
{
if ((value.Length > 3) && (value.Length < 40))
name = value;
else
name = " ";
}
}
public string Dept { get; set; }
public float Avg { get; set; }
}
}
////////////
namespace Q2
{
class Prof
{
//property for name
public string Name { get; set; }
3
//property for salary
public int Id { get; set; }
public enum Rank { assistant, associsate, prof }
}
}
Q3) (4 marks)
Suppose that Philadelphia University asked you to modify the application you built in Question 2 to consider Master
degree courses to distinguish it from the bachelor courses.
For the Master course the following properties must be included:
- Supervisor name
- Thesis title
1. Modify the class diagram in Question 2 to reflect the new requirement. (1 mark)
2. Add the needed code to map the modified class diagram in 1. (3 marks)
1.
2.
namespace Q2
{
class MasterCourse : Course
{
public string Location { get; set; }
public DateTime Time { get; set; }
public MasterCourse(int courseno, string coursename, int sectionno, string dept, string loc,
DateTime t)
: base(courseno, coursename, sectionno, dept)
{
Location = loc;
Time = t;
}
}
}
Q4) (6 marks)
Suppose that in Question 2 you are asked also to write an interface that has the following two methods:
- PrintAll is a method that has no input or output and it is responsible for printing the information of all
the students in a given course.
- SearchStudent is a method that accepts and integer as input (representing student’s id) and return a Boolean
value. This method is responsible to search for a given student in a course and returns true if he is exits and
false otherwise.
4
1. Modify the class diagram in Question 2 to reflect the new requirement. (1 mark)
2. Write the code of the required interface. (1 marks)
3. Write the needed code to allow the course in Question 2 to implement the interface in 2. (4 marks)
1.
2.
namespace Q2
{
interface Interface1
{
void PrintAll();
bool SearchStudent(int id);
}
}
3.
namespace Q2
{
class Course : Interface1
{
public int CourseNo { get; set; }
private string courseName;
public string CourseName
{
get { return courseName; }
set
{
if (value.Length < 30)
courseName = value;
else
courseName = " ";
}
}
private int sectionNo;
public int SectionNo
{
get
{
return sectionNo;
}
set
{
if (value >= 10 && value <= 40)
sectionNo = value;
else
sectionNo = 0;
}
}
public string CourseDept { get; set; }
public ArrayList studs = new ArrayList();
5
public Prof prof { get; set; }
public Course(int courseno, string coursename, int sectionno, string dept)
{
CourseNo = courseno;
CourseName = coursename;
SectionNo = sectionno;
CourseDept = dept;
}
public void PrintAll()
{
foreach (Student current in studs)
{
current.printStud();
}
}
public bool SearchStudent(int id)
{
foreach (Student current in studs)
{
if (current.Id==id)
return true;
}
return false;
}
}
}
Q5) (6 marks)
1. What are the needed activities to create a database to store the courses information in Question 2 (call the
database CoursesDB) (1 mark)
Go to SQL Server Object Explorer  right click on (localdb)\v11.0  create database
2. Create the needed tables to map the requirement in Question 2. (1 marks)
CREATE TABLE [dbo].[Course]
(
[CourseId] INT NOT NULL PRIMARY KEY,
[CourseName] NVARCHAR(50) NOT NULL,
[SectionNo] INT NOT NULL,
[CourseDept] NVARCHAR(50) NOT NULL
)
3. Write the needed activities to populate a DataGridView with the courses data stored in the database tables. (2
marks)
Drag a DataGridView from toolbox to the form  Click on the DataGridView arrow  select Choose Data
Sourse  <New Data Source>  Add project data source  Database   Dataset OK  New
Connection  Server Name  (localdb)\v11.0  Select or enter a database Name  CoursesDB  OK 
Next  Tick Do you want to save the connection in the application configuration file  Choose a name for the
connection string (or leave it as it is CoursesDBConnectionString)  Next  Next  Finish
6
4. Write the needed C# code to displays three objects of the Course class in Question 2 in another
DataGridView (2 marks)
IList list = new ArrayList();
Course c1 = new Course(720120, "Object Oriented", 1, "SE");
Course c2 = new Course(721422, "Web Engineering", 2, "SE");
list.Add(c1);
list.Add(c2);
dataGridView2.DataSource = list;
Q6) (6 marks)
Write the code in C# of the following defensive programming techniques to the courses application you built in
Question 2:
1. Assertion with the section number property (1 mark)
2. Log a warning message to a file with the section number property (1 marks)
3. Closest legal value with the section number property(1 mark)
4. Return error code with the professor rank property. (1 mark)
5. Display an error message with the student average property (1 mark)
6. Shut down with the student average field (1 mark)
Solution:
///1
Debug.Assert(c1.SectionNo >= 1 && c1.SectionNo <= 10, "Invalid section number");
///2
if (c1.SectionNo < 1 || c1.SectionNo > 10)
{
System.IO.StreamWriter file = new System.IO.StreamWriter("c:\\faults.txt");
file.WriteLine("ivalid section number");
file.Close();
}
///3
if (c1.SectionNo
c1.SectionNo
if (c1.SectionNo
c1.SectionNo
<
=
>
=
1)
1;
10)
10;
/////4
Q2.Prof.Rank r = c1.prof.ProfRank;
if (r != Prof.Rank.assistant && r != Prof.Rank.associsate && r != Prof.Rank.prof)
MessageBox.Show("invalid rank");
///5
if (s1.Avg<35 || s1.Avg>100)
MessageBox.Show("invalid average");
///6
if (s1.Avg < 35 || s1.Avg > 100)
Application.Exit();
Q7) (4 marks)
Write the needed code to test the code you built in Question 2, 3 and 4.
namespace Q2
{
static class Program
7
{
/// <summary>
/// The main entry point for the application.
/// </summary>
[STAThread]
static void Main()
{
Course c1 = new Course(721420, "construction",
Prof prof1 = new Prof() { Name = "Samer", Id =
Student s1 = new Student() { Id = 2010, Name =
Student s2 = new Student() { Id = 2012, Name =
c1.studs.Add(s1);
c1.studs.Add(s2);
c1.prof = prof1;
c1.PrintAll();
}
1, "SE");
618, ProfRank = Q2.Prof.Rank.assistant };
"Sami", Dept = "SE", Avg = 87 };
"Samer", Dept = "SE", Avg = 85 };
}
}
////////////////
private void Form1_Load(object sender, EventArgs e)
{
// TODO: This line of code loads data into the 'coursesDBDataSet.Course' table. You can
move, or remove it, as needed.
this.courseTableAdapter.Fill(this.coursesDBDataSet.Course);
IList list = new ArrayList();
Course c1 = new Course(720120, "Object Oriented", 1, "SE");
Course c2 = new Course(721422, "Web Engineering", 2, "SE");
list.Add(c1);
list.Add(c2);
dataGridView2.DataSource = list;
}
8