Higher Nationals

Internal verification of assessment decisions – BTEC (RQF)

INTERNAL VERIFICATION – ASSESSMENT DECISIONS

Programme title Higher National Diploma in Computing

Assessor Mis.Kawshi Ekanayaka Internal Verifier

Unit 29 – Application Program Interfaces
Unit(s)

Assignment title online shopping system for OZQ company

Student’s name H.P.D.Mandara Prawarshana

List which assessment criteria Pass Merit Distinction
the Assessor has awarded.

INTERNAL VERIFIER CHECKLIST

Do the assessment criteria awarded match

those shown in the assignment brief? Y/N

Is the Pass/Merit/Distinction grade awarded

justified by the assessor’s comments on the Y/N
student work?
Has the work been assessed
Y/N
accurately?
Is the feedback to the student:
Give details:
• Constructive? Y/N
• Linked to relevant assessment criteria? Y/N
• Identifying opportunities for Y/N
improved performance?
• Agreeing actions? Y/N
Does the assessment decision need
Y/N
amending?

Assessor signature Date

Internal Verifier signature Date

Programme Leader signature (if required)
Date

Confirm action completed

Remedial action taken
Give details:

Assessor signature Date

Internal Verifier
Date
signature
Programme Leader
Date
signature (if required)

Application Program Interfaces 1 H.P.D.Mandara Prawarshana

Higher Nationals - Summative Assignment Feedback Form
Student Name/ID H.P.D.Mandara Prawarsana /E131272

Unit Title Unit 29 – Application Program Interfaces

Assignment Number 1 Assessor

Date Received
Submission Date
1st submission
Date Received 2nd
Re-submission Date
submission
Assessor Feedback:
LO1 Examine what an API is, the need for APIs and types of APIs
Pass, Merit & Distinction P1 M1 D1
Descripts

LO2 Apply the knowledge of API research to design an application that incorporates relevant APIs for
a given scenario or a substantial student chosen application
Pass, Merit & Distinction P2 M2 D2
Descripts

LO3 Implement an application in a suitable development environment

Pass, Merit & Distinction P3 M3 D3
Descripts

LO4 Document the testing of the application, review and reflect on the APIs used
Pass, Merit & Distinction P4 M4 D4
Descripts

Grade: Assessor Signature: Date:

Resubmission Feedback:

Grade: Assessor Signature: Date:

Internal Verifier’s Comments:

Signature & Date:

* Please note that grade decisions are provisional. They are only confirmed once internal and external moderation has taken place and grades
decisions have been agreed at the assessment board.

Assignment Feedback

Application Program Interfaces 1 H.P.D.Mandara Prawarshana

Formative Feedback: Assessor to Student

Action Plan

Summative feedback

Feedback: Student to Assessor

Assessor signature Date

[email protected]
Student signature Date

Application Program Interfaces 2 H.P.D.Mandara Prawarshana

 Pearson Higher Nationals in
Computing
Unit 29 – Application Program Interfaces

Application Program Interfaces 3 H.P.D.Mandara Prawarshana

General Guidelines

1. A Cover page or title page – You should always attach a title page to your
assignment. Use previous page as your cover sheet and make sure all the details are accurately
filled.
2. Attach this brief as the first section of your assignment.
3. All the assignments should be prepared using a word processing software.
4. All the assignments should be printed on A4 sized papers. Use single side
printing.
5. Allow 1” for top, bottom , right margins and 1.25” for the left margin of each
page.

Word Processing Rules

1. The font size should be 12 point, and should be in the style of Times New Roman.
2. Use 1.5 line spacing. Left justify all paragraphs.
3. Ensure that all the headings are consistent in terms of the font size and font style.
4. Use footer function in the word processor to insert Your Name, Subject, Assignment No, and
Page Number on each page. This is useful if individual sheets become detached for any reason.
5. Use word processing application spell check and grammar check function to help editing your
assignment.

Important Points:

1. It is strictly prohibited to use textboxes to add texts in the assignments, except for the compulsory
information. eg: Figures, tables of comparison etc. Adding text boxes in the body except for the
before mentioned compulsory information will result in rejection of your work.
2. Carefully check the hand in date and the instructions given in the assignment. Late submissions will
not be accepted.
3. Ensure that you give yourself enough time to complete the assignment by the due date.
4. Excuses of any nature will not be accepted for failure to hand in the work on time.
5. You must take responsibility for managing your own time effectively.
6. If you are unable to hand in your assignment on time and have valid reasons such as illness, you
may apply (in writing) for an extension.
7. Failure to achieve at least PASS criteria will result in a REFERRAL grade .
8. Non-submission of work without valid reasons will lead to an automatic RE FERRAL. You will then
be asked to complete an alternative assignment.
9. If you use other people’s work or ideas in your assignment, reference them properly using
HARVARD referencing system to avoid plagiarism. You have to provide both in-text citation and a
reference list.
10. If you are proven to be guilty of plagiarism or any academic misconduct, your grade could be
reduced to A REFERRAL or at worst you could be expelled from the course

Application Program Interfaces 4 H.P.D.Mandara Prawarshana

Student Declaration

I hereby, declare that I know what plagiarism entails, namely to use another’s work and to present it as my
own without attributing the sources in the correct form. I further understand what it means to copy
another’s work.

1. I know that plagiarism is a punishable offence because it constitutes theft.

2. I understand the plagiarism and copying policy of Edexcel UK.
3. I know what the consequences will be if I plagiarise or copy another’s work in any of the
assignments for this program.
4. I declare therefore that all work presented by me for every aspect of my program, will be my own,
and where I have made use of another’s work, I will attribute the source in the correct way.
5. I acknowledge that the attachment of this document signed or not, constitutes a binding
agreement between myself and Pearson, UK.
6. I understand that my assignment will not be considered as submitted if this document is not
attached to the assignment.

[email protected]

Student’s Signature: Date:

(Provide E-mail ID) (Provide Submission Date)

Application Program Interfaces 5 H.P.D.Mandara Prawarshana

Higher National Diploma in Business
Assignment Brief
Student Name /ID Number H.P.D.Mandara Prawarsana /E131272

Unit Number and Title Unit 29- Application Program Interfaces

Academic Year 2021/2022

Unit Tutor

Assignment Title

Issue Date

Submission Date

IV Name & Date

Submission format

Part 1 – Report: The submission should be in the form of an individual written report. This should
be written in a concise, formal business style using single spacing and font size 12. You are
required to make use of headings, paragraphs and subsections as appropriate, and all work must
be supported with research. You must provide in-text citations and the reference list using
Harvard referencing system.

Part 2: Fully functional web solution.

The recommended word count for the report is 4,000–4,500 words excluding annexures. Note
that word counts are indicative only and you would not be penalised for exceeding the word.
Minimum word count – 4,000
Maximum word count – 5,500

Application Program Interfaces 6 H.P.D.Mandara Prawarshana

Scenario
“ELEKS “ is a Top 100 Global Outsourcing company. You work as an apprentice web developer for
ELEKS . As part of your role, you have been asked to create an online shopping system for OZQ
company.
Online shopping has grown its popularity over the years, mainly because people find it convenient
and easy to shop from the comfort of their own home or office. This is one of the most enticing
factors about online shopping Because of these reasons OZQ company has decided to develope
an online shopping system.
OZQ-cart has facilitates business-to-consumer sales through its website. OZQ-cart system helps to
buy any type of item online by choosing the listed products from the website. Following are the
functional requirements of the system.

 Registration – Customers can view the store but only the members can buy items. To
become a member of the website, the customer need to register for the membership.
 Login page - The Login page is peripheral of the secure area of the system and allows the
user to log onto the web application. The user can view the store and add their order to
the shopping cart.
 Shopping cart – Member can add their searched items to the cart.
 User Profile - The User Profile page is an area that allows the users to maintain their own
information. The user can browse and search the items and add to the shopping cart.
 Item Search and Select - Each customer must be able to view the status of the placed
order.
 Feedbacks – user can provide opinions/ feedback to the site.

Following are the non-functional requirements of the system.

 Performance
 Usability
 Reliability and availability
 Security

Application Program Interfaces 7 H.P.D.Mandara Prawarshana

 Develop a web based solution for the above scenario.

Activity 1 - Examine what an API is, the need for APIs and types of APIs.
1.1 Examin What is an API (Application Program Interface) ,types and the benefits of APIs and
evaluate the potential security issues surrounding APIs with reference .
1.2 Examin the differences between API and SDK and Assess a range of APIs that covers a
range of users of the proposed solution.

Activity 2 - Apply the knowledge of API research to design an application that incorporates
relevant APIs for a given scenario or a substantial student chosen application
2.1 Apply the knowledge of API research and Analyse the alternative solutions similar to the
proposed system that could be enhanced by a suitable API.
2.2 Design an application that will utilize a range of APIs for the proposed solution and justify
the design choices used.

Activity 3 - Implement an application in a suitable development environment

3.1 Develop an application with suitable android and web-site wireframes for the proposed
system design in task 2.
3.2 Provide all the interfaces of the system and the appropriate codes of it.

Activity 4 - Document the testing of the application, review and reflect on the APIs used
4.1 Design and complete a ‘black box’ and ‘white box’ testing methods for the developed
system and update the system according to the results.
4.2 Critically evaluate the APIs used within your application and results of your Test Plan.
Include a review of the overall success of your multipage website and
4.3 provide a data security report of the application you developed for the above sceanrio.

Application Program Interfaces 8 H.P.D.Mandara Prawarshana

 Observation Sheet

Activit Activity Learning Feedback

y Outcom (Pass/ Redo)
No e
1 Examine what an API is, the need for APIs and LO1
types of APIs.

2 Apply the knowledge of API research to design an LO2

application that incorporates relevant APIs for a
given scenario or a substantial student
Chosen application.
3 Implement an application in a suitable LO3
development environment.
4 Document the testing of the application, review LO4
and reflect on the APIs used.

Comments:

Assessor Name :…………………………………………….

Date :…………………………………………….

Assessor Signature :…………………………………………………………………………

Application Program Interfaces 9 H.P.D.Mandara Prawarshana

 Grading Rubric

Grading Criteria Achieved Feedback

LO1 Examine what an API is, the need for APIs and types
of APIs

P1 Examine the relationship between an API and a

software development kit (SDK).
M1 Asses a range of APIs for a particular platform that
covers a range of uses.
D1 Evaluate potential security issues surrounding APIs

LO2 Apply the knowledge of API research to design an

application that incorporates relevant APIs for a given
scenario or a substantial student chosen application
P2 Analyse an existing application that could be
extended with a suitable API.

M2 Design an application that will utilise an API for a

given purpose.

D2 Create a design for a chosen substantial application

that will utilise a range of APIs, justifying choices..

LO3 Implement an application in a suitable

development environment
P3 Build on an existing application framework to
implement an API.

Application Program Interfaces 10 H.P.D.Mandara Prawarshana

 M3 Develop an application that utilises an API.

D3 Construct an application utilising multiple APIs,

following the designs in LO2

LO4 Investigate scenarios with respect to design

PatternsLO4 Document the testing of the application,
review and reflect on the APIs used

P4 Design and complete a ‘white box’ test of the

application, recording the results.

M4 Conduct ‘black box’ tests of your application,

recording the results.
M5 Update the application accordingly with the results.

D4 Critically evaluate the APIs used within your

application. Provide a data security report of your
application.

Application Program Interfaces 11 H.P.D.Mandara Prawarshana

 Acknowledgement

The timely and effective completion of the book would not have been possible without the
assistance and support of many people. I'd want to use this occasion to express my gratitude to
everyone who assisted me in some way throughout this crucial project, whether directly or
indirectly. First of all, I wish to express my sincere gratitude and due respect to my Mis Kawshi
Ekanayaka lectures in department of Computing Esoft Metro Campus Matara. I give him a great
heartfelt thanks for his invaluable advice, constant encouragement, and positive support, all of
which greatly aided me during my time at work. I'd want to thank him for always taking an active
interest in my questions and making useful advice.

H.P.D.MANDARA PRAWARSHYAN

Application Program Interfaces 12 H.P.D.Mandara Prawarshana

 Catalog
Acknowledgement ..............................................................................................................................................................12
Introduction to OZQ - cart: Revolutionizing Online Shopping Experience. ............................................................... 1
Explaing the API . (Application Programming Interface) ................................................................................................... 1
Figure 1 What API (mongodb.com ,2023) ........................................................................................................................ 2
Advantages of APIs. .............................................................................................................................................................2
Disadvantages of APIs. ........................................................................................................................................................ 3
How API Works ...................................................................................................................................................................3
How APIs are Used for Building OZQ System. .................................................................................................................. 4
Main types of API ................................................................................................................................................................ 4
1. Public APIs .......................................................................................................................................................................4
2. Partner APIs ..................................................................................................................................................................... 5
Private APIs ......................................................................................................................................................................... 5
Composite APIs ................................................................................................................................................................... 5
Different types of APIs used in software development. .................................................................................................. 5
Web APIs ............................................................................................................................................................................. 5
Source-Code APIs ................................................................................................................................................................ 6
Mobile API ...........................................................................................................................................................................6
Production API .....................................................................................................................................................................6
Communication level of APIs High-level ............................................................................................................................6
Lower-level APIs ................................................................................................................................................................. 7
1. JDK ..................................................................................................................................................................................8
2. GWT ................................................................................................................................................................................ 8
3. Flex SDK ......................................................................................................................................................................... 8
Benefits of SDK ................................................................................................................................................................... 8
Difference between an API and an SDK ..............................................................................................................................8
Comparison of API vs. SDK ..............................................................................................................................................10
Potential security issues surrounding APIs ........................................................................................................................ 11
API Inability .......................................................................................................................................................................11
The risks of XML ...............................................................................................................................................................11
Validation is not enough .................................................................................................................................................... 11
Overriding API usage .........................................................................................................................................................11
Accountability .................................................................................................................................................................... 11
Getting out of control ......................................................................................................................................................... 12
Evaluate the range of APIs for a particular platform that covers a range of users ............................................................ 12
API for the online Shopping Cart .......................................................................................................................................12
Below are some examples of API-based carts. .................................................................................................................. 14
Compare and differentiates the Shopping cart APIs. ......................................................................................................... 16
Differences between WooCommerce and Shopify: ........................................................................................................... 17
1. Sopify cost ..................................................................................................................................................................... 17
2. WooCommerce Pricing ................................................................................................................................................18
Provide the android and website wire frames for the proposed system design. ................................................................ 20

Application Program Interfaces 1 H.P.D.Mandara Prawarshana

Design an application that uses the API for a given purpose .............................................................................................24
Create a design for a selected significant application that uses a range of APIs. .............................................................. 28
Justify the choice. ...............................................................................................................................................................28
Develop an application using the API for the proposed system and provide all interfaces and appropriate code for the
same. ...................................................................................................................................................................................28
The developed system should be tested using black box and white box testing method test plan. ................................... 37
Introduction ...................................................................................................................................................................... 38
Purpose ..............................................................................................................................................................................38
Testing goal ....................................................................................................................................................................... 38
Test case template ............................................................................................................................................................ 39
Testing procedure .............................................................................................................................................................39
Critically evaluate the results of your test plan and include a review of the overall success of your multi-page website.47
First login page ................................................................................................................................................................. 47
HTTP develops: ................................................................................................................................................................. 49
First page ...........................................................................................................................................................................49
Critically evaluate the API used in your application. Provide a data protection report on your application. ....................50
References .......................................................................................................................................................................... 52

Figure 1 What API (mongodb.com ,2023) .................................................................................2

Figure 2 Shopify logo (Startupyo.com/, 2021) ..........................................................................14
Figure 3 BigCommerce logo (Multiorders.com, 2021) ............................................................ 14
Figure 4 Magento logo (Seekpng.com, 2021) ...........................................................................15
Figure 5 WooCommerce logo (Paylinedata.com, 2021) ......................................................... 15
Figure 6 Shift4Shop logo (Shift4.com, 2021) ............................................................................16
Figure 7 Constant Contact logo (Pointofsale.com, 2021) ........................................................ 16
Figure 8 Login Page(the author,2023) ..................................................................................... 20
Figure 9 Login Page(the author,2023) ..................................................................................... 21
Figure 10 Registor Page(the author,2023( ...............................................................................21
Figure 11 Registor Page(the author,2023) ...............................................................................22
Figure 12 home (the author) .....................................................................................................22
Figure 13 home (the author) .....................................................................................................23
Figure 14 my cart(the author,2023( ......................................................................................... 23
Figure 15 my cart(the author,2023( ........................................................................................ 24
Figure 16 Login (Author 2021) .................................................................................................24
Figure 17 Create account (Author 2021) ................................................................................. 25
Figure 18 Home (Author 2021) ................................................................................................ 25
Figure 19 My cart (Author 2021) ............................................................................................ 26
Figure 20 Cart Price Generation (the author,2023( ................................................................ 26

Application Program Interfaces 2 H.P.D.Mandara Prawarshana

 Figure 21 Our Team(the author,2023( ..................................................................................... 27
Figure 22 Dashboard(the author/2023) ................................................................................... 27
Figure 23 Add Producat(the author,2023) ................................................................................ 28
Figure 24 code(the author,2023) .............................................................................................. 29
Figure 25 code(the author,2023) ...............................................................................................29
Figure 26 code(the author,2023) ..............................................................................................30
Figure 27 code(the author,2023) ...............................................................................................30
Figure 28 code(the author,2023) ...............................................................................................31
Figure 29 code(the author,2023) ...............................................................................................31
Figure 30 code(the author,2023) ...............................................................................................32
Figure 31 code(the author,2023) ...............................................................................................32
Figure 32 code(the author,2023) ..............................................................................................33
Figure 33 code(the author,2023) ..............................................................................................33
Figure 34 code(the author,2023) ..............................................................................................34
Figure 35 code(the author,2023) ..............................................................................................34
Figure 36 code(the author,2023) ..............................................................................................35
Figure 37 ER Digram (the author,2023) .................................................................................. 35
Figure 38 database (the author,2023\ ...................................................................................... 36
Figure 39 database (the author,2023\ ........................................................................................36
Figure 40 database (the author,2023\ .......................................................................................37
Figure 41 Test case 01 (Author 2023) ...................................................................................... 40
Figure 42 Test case 01 (Author 2023) ..................................................................................... 40
Figure 43 Test case 02 (Author 2021) ...................................................................................... 41
Figure 44 Test case 02 (Author 2021) ...................................................................................... 41
Figure 45 Test case 03 (Author 2021) ...................................................................................... 42
Figure 46 Test case 03 (Author 2021) ...................................................................................... 42
Figure 47 test case 04 (Author 2021) .......................................................................................43
Figure 48 Test case 05 (Author 2021) ...................................................................................... 44
Figure 49 Test case 01 (Author 2023) ..................................................................................... 45
Figure 50 Test case 02 (Author 2021) ...................................................................................... 46
Figure 51 Test case 03 (Author 2021) ...................................................................................... 47
Figure 52 Final login page (Author 2021) ............................................................................... 47
Figure 53 Final login page (Author 2021) ................................................................................ 48
Figure 54 The first sign up page (Author 2021) ....................................................................... 48
Figure 55 The first sign up page (Author 2021) ....................................................................... 49

Application Program Interfaces 3 H.P.D.Mandara Prawarshana

 Figure 56 Https develops first page (Author 2021) ................................................................. 49
Figure 57 Https develops final page (Author 2021) ................................................................ 50

Table 1 Comparison of API vs. SDK (Author 2023) ................................................................10

Table 2 Differentiate between shopping carts (Fundera.com, 2021) ...................................... 19
Table 3 Test case template (Author 2021) ................................................................................ 39
Table 4 Black box testing (Author 2021) ................................................................................. 39
Table 5 Test case 01 (Author 2021) ..........................................................................................40
Table 6 Test case 02 (Author 2021) ..........................................................................................41
Table 7 Test case 03 (Author 2021) .........................................................................................42
Table 8 test case 04 (Author 2021) ........................................................................................... 43
Table 9 Test case 05 (Author 2021) ..........................................................................................44
Table 10 White box testing (Author 2021) ............................................................................... 45
Table 11 Test case 01 (Author 2021) ........................................................................................45
Table 12 Test case 02 (Author 2021) ........................................................................................46
Table 13 Test case 03 (Author 2021) ........................................................................................46

Application Program Interfaces 4 H.P.D.Mandara Prawarshana

Introduction to OZQ - cart: Revolutionizing Online Shopping Experience.

In the fast-paced digital era where the undefined and accessibility reigns supreme, OZQ-cart
emerges as a pioneering force in the online shopping space. OZQ-cart, a brainchild of the forward-
thinking team at renowned Top 100 Global Outsourcing company ELEKS, is poised to redefine the
elbow room we shop in the virtual landscape. Gone are the days of wandering through crowded
stores and long queues; OZQ-cart embodies the paradigm of hassle-free shopping by seamlessly
bridging the gap between consumers and their desired products. With a keen understanding of the
needs and desires of coeval shoppers, OZQ-cart has embarked on a mission to create an online
shopping arms platform that transcends specific minutes and transforms them into experiential
journeys.

OZQ-cart's appeal lies not only in its user-friendly interface, but also in its commitment to
providing an all-inclusive shopping experience. As enthusiasm for online shopping continues to
grow, OZQ-cart is positioned as a catalyst for this massive shift in undefined behavior. With a
comprehensive set of functional requirements meticulously designed for all aspects of the shopping
process, OZQ-cart has a system that seamlessly integrates registration, login, shopping cart
management, exploitation profiles, item search and selection, and valuable feedback mechanisms.

As a testament to ELEKS' commitment to innovation and excellence, the OZQ-Cart emerges as a

beacon of sophistication, transforming online shopping from a mere transaction to an unforgettable
experience. The marriage of technological sophistication and user-eccentric design puts OZQ-Cart
at the forefront of the online shopping revolution, cementing its position as a game-changer in the e-
commerce landscape. Get to OZQ-cart, where worldly concerns of convenience, quality and
selection come together to redefine your shopping journey. (mongodb.com ,2023)

Explaing the API . (Application Programming Interface)

APIs (Application Programming Interfaces) are essential bridges that enable seamless basic
interaction and communication between different software applications and systems. They define
protocols and methods for how software components should interact, allowing developers to
incorporate functionality from one application to another. Various types of undefined APIs

Application Program Interfaces 1 H.P.D.Mandara Prawarshana

including APIs, Web genus APIS (HTTP/RESTful APIs), library/APIs, Operating System APIs,
database APIs, and remote control APIs. They volunteer many benefits such as code re-usability,
molecularity, collaboration, innovation and interoperability. However, API also introduces security
challenges. Issues such as authentication, data privacy, injection attacks, value capping, break-out
of control, and third-party vulnerabilities can compromise system integrity. Proper safeguards, such
as strong authentication mechanisms, data encryption and monitoring, are essential to keeping APIs
and the sensitive data they handle safe. In our interconnected digital world, APIs serve as the
backbone of Bordon font software development, where APIs can be efficiently and effectively
defined between different applications. (mongodb.com ,2023)

Figure 1 What API (mongodb.com ,2023)

Advantages of APIs.

 Code Reusability: APIs allow developers to reuse existing functionality, saving development
time and effort.
 Modular design: Apis promotes standard software architecture, which makes it easy to move
and update components independently.
 Innovation: Developers can integrate advanced features or third-party services into their
applications without building from scratch.
 Interoperability: APIs enable different applications, systems or platforms to communicate and
work together seamlessly.
 Efficiency: APIs streamline development by providing pre-built functionality, reducing
development time and cost.

Application Program Interfaces 2 H.P.D.Mandara Prawarshana

 Collaboration: The Apis genus facilitates collaboration between development teams or
organizations, as different components must be developed separately.
 Specialization: Since APIs provide ready-made solutions for various functionalities, developers
can focus on their core competencies.

Disadvantages of APIs.

 Security Issues: Poorly secured APIs can be misused for unauthorized access, data breaches or
injection attacks.
 Version Challenges: Changes in API versions can lead to compatibility issues with existing
clients or integrations.
 Performance Impact: Poorly pre-designed or inefficient APIs can introduce rotational latency
and impact application performance.
 Complexity: Designing, implementing and maintaining an API can be complex, requiring
careful planning.
 Dependence on third parties: Relying on undefined API tins introduces risks if the third-party
service goes down or changes its API.
 Maintenance burden: Updates or changes to the API must be managed to ensure backward
definition and avoid disruptions.
 Documentation and learning curve: Clear support is essential for effective API use. Developers
need to understand how to use the API correctly.

Conclusion: Although integration, reuse, and efficiency are made possible through APIs, there are
certain potential drawbacks that must be carefully considered during design, implementation, and
ongoing administration. Realizing the benefits of APIs while minimizing their drawbacks requires
appropriate security precautions, careful documentation, and ongoing monitoring.
(mongodb.com ,2023)

How API Works

An easy way to understand how APIs work is to think about a common scenario, like third-party
payment processing. When making a purchase, an e-commerce website could prompt visitors to
"Pay with Paypal" or utilize another external payment processor. This method uses APIs to create
the connection.

Application Program Interfaces 3 H.P.D.Mandara Prawarshana

An API requests information when a customer clicks the payment button, a call. The API's Uniform
Resource Identifier (URI) is used to process this request, which comes with a request verb, headers,
and occasionally a request body.
The API calls the external program or web server, in this case, the third-party payment system, after
receiving a legitimate request from the product webpage.
The server replies to the API with the data that was requested.
The API sends the data to the application that requested it, in this case, the product website.

Although the amount of data transmission will vary depending on the web service used, an API
manages both the requests and the answers. APIs seem to the user as a smooth connection since
they exchange data inside the computer or application and are not visible on the user interface.

How APIs are Used for Building OZQ System.

If you could provide me with further context or information on what APIs (Application
Programming Interfaces) are, I'd be happy to help you understand how they may be used in the
context of the "OZQ System". Since APIs give different software systems a way to connect and
communicate with one another, their utilization relies on the specific requirements and
characteristics of the system in question. If the "OZQ System" is a software system or program,
APIs may be used for a variety of tasks, such as data exchange, system integration, automation, and
more. Please describe the "OZQ System" in greater detail or provide its context so that I may react
to you in a way that is more appropriate and accurate.

Main types of API

APIs, or application programming interfaces, are rule sets and protocols that allow communication
between different software applications. Without knowing the underlying code, they let developers
to access particular features or data from a service, library, or platform. The following are the most
popular API types:

1. Public APIs
While they usually include costs, public APIs are similar to open APIs. Additionally, it implies that
they frequently include a key for authentication or authorisation in order to monitor usage.
Freemium business models are common in public APIs. Because they are developed with the
broader public in mind, public APIs are typically among the most robust and cutting-edge. They are
also necessary for accessing some of the benefits of APIs, like money and brand recognition. These

Application Program Interfaces 4 H.P.D.Mandara Prawarshana

are just a handful of the explanations given by 31% of API developers for why making APIs
publicly accessible is their top priority, according to Google's most recent State of the API study.

2. Partner APIs
More restrictions apply to who can use a partner API to access the service. Both free and premium
versions are offered. Since partner APIs are only made accessible to specified parties, they usually
have stricter regulations around authorisation, authentication, and security. The most well-known
and commonly used APIs are those from partners. eBay's APIs are an example of a partner API.
There are also certain aspects of the Twitter API. The Twitter Essential API allows you to connect
to a number of Twitter's legacy endpoints after you have an API key. The upper level, Elevated or
Elevated+, is only open to approved partners.

Private APIs
Internal or private APIs are solely intended for use within a company or organization. Since they
can be produced rapidly and don't need to be as durable as things for everyday use, they are the
most common API. Today, internal APIs are utilized in practically all areas of business. Sales teams,
marketing departments, or HR departments are typical internal API customers. There are several
internal APIs, such as chat programs and tools for group coding. They are essential to designing a
microservices architecture because they provide as the foundation for collaborative platforms and
environments.

Composite APIs
A composite API is a design approach for progressively combining many API requests into one API
call. Instead of making several visits to the server, a client can use a series of calls to send a single
API request and receive a single answer. When many calls are made sequentially, delivered to the
server at once in a single API request, and only one response is returned, composite APIs are
utilized. Alternately, we may state that Composite APIs are utilized when we submit a batch of
them consecutively, receive a single answer.

Different types of APIs used in software development.

Web APIs

An API protocol outlines the guidelines for API requests, including acceptable commands and
acceptable data formats. Different API architectures specify various restrictions on communication.
As the name implies, a web API is an API that can be accessed using the HTTP protocol. It is not a

Application Program Interfaces 5 H.P.D.Mandara Prawarshana

technology; it is a concept. Different technologies, including Java,.NET, and others, can be used to
create Web API. As an illustration, Twitter's REST APIs give programmatic access to read and
write data, allowing us to incorporate Twitter's features into our application. (Brooks, G, 2013)

Source-Code APIs

1. It is the core idea behind any computer program that a programmer develops. It is frequently
employed in development tasks to produce a little application. Calls are made in accordance
with the requirements of the application environment, such as J2EE or.NET.
2. This source code API is a collection of coding instructions that allow data to be passed from
one software product to another. It provides object, class and other library collections.

Mobile API
The requirements for mobile apps are specifically catered for by a mobile API, often known as a
mobile application programming interface (API). The ability to connect with server-based or cloud-
based systems is provided to mobile applications so they can access backend services, data, or
functions. APIs for mobile application programming (APIs) are essential for creating native or
hybrid mobile applications since they allow developers to establish connections with servers, get
data, and carry out different actions (Brooks, G, 2013)

Production API
An Application Programming Interface (API) that has completed all necessary development and
testing stages and is now ready for deployment in a live or production environment is referred to as
a Production API. To satisfy the required performance, security, and reliability standards, the
product underwent extensive testing and quality assurance procedures. In order to efficiently handle
the needs of real-world traffic and usage scenarios, production application programming interfaces
(APIs) are made available to end users or other applications. (Brooks, G, 2013)

Communication level of APIs High-level

APIs
In compared to lower-level APIs, this high-level API (Application Programming Interface) is a
mechanism for creating multiplayer features that offers more capability in a single command and is
simpler to use.You may also start, stop, and read counters for a particular list of events thanks to this
feature. A higher-level API has certain benefits over a low-level API, including being simpler to use
and requiring less processing.

Application Program Interfaces 6 H.P.D.Mandara Prawarshana

A higher level of API customization is thus challenging. High-end APIs like this increasingly offer
certain benefits. Page 6 Unit 29: Application Programming Interface Because developers do not
need to comprehend the complexity of SAML, it is simple to utilize. Less code is needed for the
application. This removes this duty from the program and guarantees the accuracy of numerous
security tests.

Lower-level APIs

The first and first API is the low-level API. The introduction of that high-level API is intended to
simplify SAML integration for users. Similar to this, low-level APIs are used to implement high-
level APIs. A team of skilled application programmers and a larger variety of skills are needed
since that sort of API is also more sophisticated and complex. One of the main benefits of lower-
level usage is that it allows for more performance and Lopez customization than higher-level APIs
and gives users the freedom to freely adapt the API in accordance with the functionality and
demands of the vendor. Hardware events are managed via the low-level API (Application
Programming Interface) in user-defined groups. It is designed for seasoned tool and application
developers who must adjust and regulate the interface for PAPI. It supports native events and PAPI
presets, unlike the top-level interface. Access to hardware and executable information, as well as
multi-purpose and overflow options, are further elements of the low-level API. Utilizing a low-level
API rather of a high-level one has benefits such as increased productivity and performance.

Software development kit (SDK)

A software development kit (SDK) is a set of software tools and programs provided by hardware
and software vendors that developers can use to build applications for specific platforms. These
providers offer their SDKs to help developers easily integrate their applications with their
services.To use the SDK, a developer needs the iOS SDK to build iOS apps and the Android
Toolkit to build Android apps, the Nordic SDK to build Bluetooth or wireless apps, and VMware
SDK to enable integration with the VMware platform.

Although SDKs are mostly associated with native mobile apps, developers can also use them in
conjunction with websites, set-top boxes, and other digital platforms.

SDKs include documentation, application programming interfaces (APIs), code samples, libraries
and processes, as well as guidelines that enable developers to use and integrate their applications.
Developers can use the SDK to build and maintain applications without writing everything from
scratch. (Rosencrans, 2021)

Application Program Interfaces 7 H.P.D.Mandara Prawarshana

1. JDK
2. GWT
3. Flex SDK

Benefits of SDK
An SDK, or software development kit, offers a set of tools, libraries, documentation, and resources
that assist developers in creating software applications for a specific platform, framework, or
service. There are several advantages of using the SDK:

 Ease of development: The SDK provides pre-built components, libraries, and tools that
simplify the development process. Developers can save time by leveraging these resources
instead of building everything from scratch.
 Consistency: SDKs often follow the best practices and design guidelines of the platform or
service for which they are intended. This ensures that your app complies with standards and
maintains a consistent look and feel.
 Faster time to market: Since the SDK provides ready-to-use components, developers can
accelerate development cycles. This can be critical in competitive industries where it is
essential to get a product to market quickly.
 Reduced complexity: SDKs abstract complex functionality, allowing developers to work at a
higher level of abstraction. This reduces the complexity of integrating different services, APIs
or features.
 Access to features: Many platforms and services offer extensive functionality that can be
challenging to implement correctly. The SDK provides access to these features through a
documented API, sparing developers the need to understand every technical detail.
 Cross-platform compatibility: SDKs often include tools that enable cross-platform development.
This is especially valuable for mobile app development, as the SDK allows developers to target
both iOS and Android platforms simultaneously.
 Community and Support: SDKs usually have active developer communities. Developers can
get help, share experiences and find solutions to common challenges in these communities. The
SDK provider's official support channels can also be invaluable for troubleshooting.

Difference between an API and an SDK

API (Application Programming Interface) and SDK (Software Development Kit) are closely related
concepts in software program development, but they serve different purposes and provide

Application Program Interfaces 8 H.P.D.Mandara Prawarshana

extraordinary levels of support to developers. Here's a breakdown of the name differences between
an API and an SDK:

API (Application Program Interface):

 Definition: An API is a set of rules, protocols, and tools that allow non-standard software
applications to communicate with each other. It defines the methods, functions, and information
structures that developers can use to interact with a service, library, or platform.
 Functionality: APIs provide a way for developers to obtain specific functionality or data from
an external service or rule system without having to understand its internal implementation.
APIs abstract complexity and expose an easy user interface for interaction.
 Usage: Developers use the API to make requests, send data, and receive responses from a
remote service or library. An API is a large transaction used to integrate undefined services or
extend the functionality of an existing application.
 Example: Google Maps API allows developers to integrate maps and geolocation services into
their applications. Developers can use the API to display maps, add markers, and visualize
positioning data.

SDK (Software Development Kit):

 Definition: An SDK is a comprehensive package of tools, libraries, documentation, and

resources that assist developers in creating software applications for a particular platform,
framework, or service.
 Components: An SDK includes not only the Apis category, but also pre-built undefined
libraries, sample code, documentation, and undefined tools that facilitate the entire
development process.
 Usage: Developers use SDKs to streamline the development process by providing ready-to-use
components and tools. SDKs are often used when building applications for a specific weapon
platform or environment.
 Example: The Android SDK provides a set of tools and resources that developers use to build
Android applications. It includes APIs for interacting with device features, scripting tools for
testing, and code samples to demonstrate outside practical uses.

Key Differentials :

Application Program Interfaces 9 H.P.D.Mandara Prawarshana

 Scope: API focuses on shaping the interface and protocols for communication between
software components, patc an SDK provides a comprehensive set of tools and resources to
serve developers in creating applications.
 Use case: Apis are typically used for undefined communication and interaction between
package systems or services, piecemeal SDKs are used to streamline undefined work by
providing pre-built components and tools.
 Support Level: Apis provide an undefined interface, developers are responsible for
implementing the functionality that uses the API. SDKs provide a high level of support by
offering libraries, tools, and documentation that guide developers through the development
process.
 Dependency: While the API can be used independently, the SDK is often used as a package
that developers include in their projects.

In summary, while an API is primarily concerned with defining interfaces for interaction, SDK
spells provide a more comprehensive set of resources for software development, including APIs,
libraries, tools, and documentation. While both concepts are important for building software
applications, the choice between using APIs or SDKs depends on specific development goals and
requirements.

Comparison of API vs. SDK

API SDK

Purpose Connects and integrates Contains a variety of development tools

software

Characteristics Lightweight, fast, usually More robust, usually includes many utilities
specialized

Use Case Used for adding specific Used for creating new applications or adding
functions to an application many functionalities with one package

Table 1 Comparison of API vs. SDK (Author 2023)

Application Program Interfaces 10 H.P.D.Mandara Prawarshana

Potential security issues surrounding APIs

When creating, testing, and deploying an API, security concerns should be a top priority. Security
levels have frequently overlooked the design and development of the API due to its interesting
development. As a result, there are several security issues and API vulnerabilities in the modern
world. It is now a widespread issue in the modern online community. Sensitive data security is a
significant issue that today's developers and everyone else worry about. As a result, API, like any
software, has the potential to affect the system and steal data. Due to its role as a third party's bearer
of disclosure, it is susceptible to assaults. There are certain security risks as a result.

API Inability
It can be withdrawn if repeated and redundant API usage is not seen. When this occurs, it is quite
expensive. Strong API restrictions should be provided since API monitoring is required for use.

The risks of XML

Keep in mind that the SOAP protocol is linked to the XML format. Hackers can concentrate on a
number of security risk areas in this paradigm. In order to prevent a security breach, it's crucial to
remain current with this model.

Validation is not enough

To protect the security of your API, SSL certificate is always required. Insecure API traffic
interception and insufficient validation will surely give a hacker right. From here they can steal API
keys, passwords and usernames.

Overriding API usage

Therefore, in large companies, sometimes management can neglect to trace APIs and their usage
numbers. From here, you can incur a lot of fees and open yourself up to security risks due to
exposed APIs.

Accountability

Accountability is a messy issue. Who is responsible for API security risks? The answer starts with
the developer. Creating an API is a developer's job. But the responsibility also falls on the shoulders
of the person using the API. People using the API can add additional API security measures by
taking care of additional security layers.

Application Program Interfaces 11 H.P.D.Mandara Prawarshana

Getting out of control

As soon as API calls come in, your API is exposed. It is always prudent to set limits to mandate re-
authentication for API password configurations, connections as well as heavy usage. It may seem
like overkill, but it's better to err on the side of caution. (Axway.com, 2021)

Evaluate the range of APIs for a particular platform that covers a range of users

APIs establish the digital business core. APIs define your business data, processes and capabilities
that can be consumed by internal projects and external communities. In an increasingly connected
world, APIs are your core business product; Expose your valuable services across customer, partner
and supplier channels.

Accordingly, Rapid API is the world's largest API marketplace. It is used by millions of developers
to monitor and connect to thousands of APIs. Using Rapid API, developers can search and test APIs,
subscribe to, and connect to APIs—all with a single account, a single API key, and a single SDK.
So these software development teams can take advantage of faster APIs for teams. Accordingly,
Rapid API provides a common workplace for these groups to publish and collaborate on internal
APIs and share common API contributions. With Agile APIs for Teams, companies can avoid
duplicating code and effort, and ensure their APIs deliver consistent data and results across
platforms.

Visual Studio is an easy way to develop an API Visual Studio provides an API for development that
facilitates the creation of services that reach a wide range of clients, including ASP.Net browsers
and mobile devices. It helps to share work with other developers as well as to develop, build, test
and document the API speed.

Furthermore, the poster further helps to make the API platform more efficient while working with
the API. As such, it is easier to use than Fiddler.

API for the online Shopping Cart

An application programming interface ('API') is a computer interface that defines the interaction
between multiple software intermediaries. It defines the types of calls or requests that can be made,
how they are made, the data formats to be used and the conventions to be followed. Accordingly, by
creating APIs for different transactions, different types of information are stored between software.

Application Program Interfaces 12 H.P.D.Mandara Prawarshana

Developers can experience many benefits by developing a system using this API. So multiple
developers are not necessary to create apps from scratch. Instead, it can be done by connecting
remote applications or active sites.

A shopping cart on an online retailer's website is software that facilitates the purchase of a product
or service. It accepts the customer's payment and organizes the distribution of that information to
the merchant, payment processor and other parties.

That's why developers are tempted to use API for their systems because of its ease of use.
Accordingly, some reasons for using that API can be defined as follows.

 Terms can be changed in any order.

 Add product information to a product. Very easy to update and delete.
 Retrieving order information is very easy.
 Easily connect with social media.

Accordingly, each of these shopping carts has documentation on how to activate the system with the
online shopping system API. Also, it can be used in several different languages for APIs like
JavaScript API or API with HTML elements. API Usage Management and Management The API
Cart system has greatly enhanced security as it provides API keys for their various functions,
including security and protection against API abuse.

The shopping cart also offers greater user friendliness, handles debugging, and assures high levels
of security. A higher degree of security is guaranteed, debugging is handled, and the shopping cart
is more user-friendly. In order to link the API with the client website, the installation procedure has
also been made simpler.

Online Shopping Cart Features:

 Add/edit/remove products, manufacturers, customers and reviews.
 Support for physical (downloadable) and virtual (downloadable) products.
 The admin area is secured with a username and password.
 Inventory management.
 Contact customers directly through email or newsletters.
 Print invoices and packing lists from the order screen.
 Statistics for products and customers.

Application Program Interfaces 13 H.P.D.Mandara Prawarshana

 Multilingual support.
 Customers can maintain their accounts.
 Fast and friendly quick search and advanced search features.
 Product reviews for an interactive shopping experience.
Accept many online and offline payment methods like cards, mobile wallets, bank transfers, cash on
delivery, cheques, etc.

Below are some examples of API-based carts.

Shopify
Shopify is a fully hosted, web-based e-commerce solution that specializes in ease of use. With
Shopify, you can easily set up an online store, organize your products, customize your storefront,
accept credit card payments, track orders, and more. Famous users Includes Tesla Motors,
Budweiser and Red Bull. (Ecomdash.com, 2021)

Figure 2 Shopify logo (Startupyo.com/, 2021)

BigCommerce
More than 90,000 online businesses are powered by BigCommerce, a fully hosted, web-based, user-
friendly shopping cart with notable clients including Camelbak, Skullcandy, and Ben & Jerry's. The
platform includes all the features and resources required to set up an online store, handle orders, and
preserve your store's own branding. 2021 (Ecomdash.com)

Figure 3 BigCommerce logo (Multiorders.com, 2021)

Application Program Interfaces 14 H.P.D.Mandara Prawarshana

Magento
Open-source Magento is a feature-rich e-commerce platform that allows for total customization. For
seasoned online merchants that have the skills and resources to effectively apply cutting-edge
technologies, this shopping cart is a great option. Coca-Cola, Ford, and Warby Parker are a few
well-known companies that utilize Magento. 2021 (Ecomdash.com)

Figure 4 Magento logo (Seekpng.com, 2021)

WooCommerce

An open-source shopping cart plugin that only functions with WordPress websites is called
WooCommerce. WooCommerce is the software used by approximately 41% of all e-commerce
websites because it provides the functionality that the majority of merchants want at a cheap cost
and integrates into a platform that the majority of online sellers are already using. Users include
Singer, Ghostbed, and Ripley's Believe It or Not. 2021 (Ecomdash.com)

Figure 5 WooCommerce logo (Paylinedata.com, 2021)

Shift4Shop

A fully hosted, web-based e-commerce platform for small and big enterprises, Shift4Shop.
Shift4Shop is an excellent alternative for retailers looking for a cost-effective selling solution

Application Program Interfaces 15 H.P.D.Mandara Prawarshana

because it has a variety of features and price options. Although the shopping cart has more than 100
themes, designing an online business requires a working knowledge of HTML and CSS. Hunter's
Friend, Frantic Stamper, and Pete's Tire Barns are a few businesses that use Shift4Shop. 2021
(Ecomdash.com)

Figure 6 Shift4Shop logo (Shift4.com, 2021)

Constant Contact
Another user-friendly shopping cart that supports small internet enterprises is Constant Contact's
internet Store. It is incredibly user-friendly and provides all the tools required to expand your
business. For new e-commerce firms, this cart is ideal because it includes analytics and shipment
control. The biggest perk is that you may upgrade to access all of their sophisticated email
marketing offerings. 2021 (Ecomdash.com)

Figure 7 Constant Contact logo (Pointofsale.com, 2021)

Compare and differentiates the Shopping cart APIs.

WooCommerce is a free WordPress plugin. But Shopify is a subscription-based service. They all
provide the same solution. They offer unlimited bandwidth and unlimited storage, including web
hosting. But WooCommerce has to manage it manually. Also, the WooCommerce API is open
source and developers can freely modify the store website. There are no limits. But shopkeepers
can't do that. Going to the store makes the Lord Buddha a stage. Also, developers can change the
bed when this is at a disadvantage to the shopkeeper and many payment solutions are supported but
not all API payment solutions offer. There are several payment solutions for storage. By the way, if
WooCommerce is enabled, owners have an account with WordPress. But the shop owner doesn't
want that. Also, there are similarities and differences between modern and sidewalks.

Similarities between WooCommerce and Shopify:

 Receive shipping charges and taxes that can prepare sales statistics and reports.
 Ability to sell an unlimited number of products.

Application Program Interfaces 16 H.P.D.Mandara Prawarshana

 Having a mobile friendly structure.
 It allows you to sell anything (physical, digital, products, services).

Differences between WooCommerce and Shopify:

Security and transaction security

Every successful online business must assure customers that their transactions are secure and their
data is not misused. Adding an SSL certificate to your site is one way to protect transactions on
both WooCommerce and Shopify sites, but different types of SSL certificates are included in
Shopify's built-in toolset. WooCommerce users will need to purchase and install an SSL certificate
separately. Shopify also includes compliance with the Payment Card Industry Data Security
Standard, or PCI DSS. WooCommerce users can also be compatible, but this feature is not native to
the WooCommerce plugin, so additional steps are required.

Payment gateways and fees

Both WooCommerce and Shopify offer a variety of ways for customers to pay, with choices from
many of the leading online payment gateways. WooCommerce users can add their favorite payment
gateways like PayPal via plugin extensions, but Shopify offers many of these on the site. Some
Shopify account plans may charge a small transaction fee each time a sale is made, but this can be
eliminated if a user installs Shopify's new payment feature, which handles all payment methods
from the site's dashboard.

Ease of setup and use

Both WooCommerce and Shopify offer tools to quickly set up and customize an e-commerce
website, but because WooCommerce is a plugin designed to work with an existing WordPress
website, it must be installed and configured to match its extensive complement of extensions.
Shopify is a fully hosted store builder that offers a range of customizable themes and templates, so
users don't have to worry about maintaining the technical aspects of the store on the back end.
Furthermore, Shopify provides constant access to user support in case of problems. WooCommerce
users have access to an extensive user community, tutorials, and documentation for plugin setup and
troubleshooting.

Pricing and Services

1. Sopify cost

Application Program Interfaces 17 H.P.D.Mandara Prawarshana

Shopify users have a choice of several tiered plans that offer different features and service levels, so
users have a single monthly payment that includes every aspect of setting up and running a website
at the level they choose. With plans ranging from $29 to $200 per month, Shopify helps users
budget for setting up and running an online store.
2. WooCommerce Pricing
WooCommerce itself is free, but setting up the storefront requires a WordPress site, which includes
purchasing a domain name and getting a web hosting account. Users may need to purchase various
WooCommerce extensions as well as other plugins or themes to make the site work properly, so it
can be more difficult to predict how much a WooCommerce site will cost. And that cost can change
as the site needs new components.

WooCommerce and Shopify are the web's top choices for setting up and running an online store —
and in their different ways, both platforms make it possible for anyone to launch a new e-commerce
business. (Bluehost.com, 2023)

Distinguish between shopping carts:

 BigCommerce: Well-suited for a variety of business owners, with impressive payment
processing options.
 Shopify: A feature-rich top e-commerce solution that is one of the fastest and easiest platforms
to use for starting an online store.
 WooCommerce: An open source WordPress plugin, ideal for WordPress users and business
owners who want an accessible open source solution.

WooCommerce Shopify Big-commerce

Ease of use Advanced self- Easy to use, with Difficult to
hosting and coding simple language and understand firstly
are essential for lots of visual cues after that it will easy
advanced technology.
Mobile App WooCommerce The Shopify app lets No App
Mobile App - you manage orders,
Manage orders, products, staff, and
receive sales customers
notifications, and
view key metrics

Application Program Interfaces 18 H.P.D.Mandara Prawarshana

 Customer support No customer Have Have
supports

Design Unlimited 60+ free and paid 60+ free and paid
customization - That themes, all mobile themes
depends on the responsive, but need
developers’ to reformat site if you
knowledge switch
Pros Free to download, Ease of use, No transaction fees; a
extensive integration options, variety of processing
customization built-in Shopify options; unlimited
capabilities, the best Payments, recovery bandwidth, staff
option for WordPress tools for shopping accounts, and
users cart abandonment products for all
included in all plans, plans; multichannel
no technical selling options;
knowledge needed single-page checkout
Cons No abandoned cart Advanced features Processing limits for
recovery tools; may only in highest-level each plan, no mobile
require more plan, heavy reliance app, not as many
development or on integration integration options as
technical knowledge; options, transaction Shopify
requires you have a fees for using a
WordPress site; in payment processor
charge of your other than Shopify
hosting, domain, Payments
security, etc.;
extensions can be
pricey
Table 2 Differentiate between shopping carts (Fundera.com, 2021)

In light of the aforementioned, the author comes to the conclusion that WooCommerce is ideal for
shopping solutions and creative control, whereas Big Commerce is excellent for enterprises wishing
to grow. As a result, Shopify has the most functionality and is the most user-friendly. Therefore,

Application Program Interfaces 19 H.P.D.Mandara Prawarshana

every consumer may rapidly establish their store. The fact that it supports endless customization
using WooCommerce WordPress is another fantastic benefit.

Provide the android and website wire frames for the proposed system design.

Mobile interface And Desktop Interface

Login Page

Figure 8 Login Page(the author,2023)

Application Program Interfaces 20 H.P.D.Mandara Prawarshana

 Figure 9 Login Page(the author,2023)

Registor Page

Figure 10 Registor Page(the author,2023(

Application Program Interfaces 21 H.P.D.Mandara Prawarshana

 Figure 11 Registor Page(the author,2023)

Home Page

Figure 12 home (the author)

Application Program Interfaces 22 H.P.D.Mandara Prawarshana

 Figure 13 home (the author)

My Cart

Figure 14 my cart(the author,2023(

Application Program Interfaces 23 H.P.D.Mandara Prawarshana

 Figure 15 my cart(the author,2023(

Design an application that uses the API for a given purpose

Login

Figure 16 Login (Author 2021)

Application Program Interfaces 24 H.P.D.Mandara Prawarshana

Create account

Figure 17 Create account (Author 2021)

Home

Figure 18 Home (Author 2021)

My cart

Application Program Interfaces 25 H.P.D.Mandara Prawarshana

 Figure 19 My cart (Author 2021)

Cart Price Generation

Figure 20 Cart Price Generation (the author,2023(

Application Program Interfaces 26 H.P.D.Mandara Prawarshana

Our Team

Figure 21 Our Team(the author,2023(

Dashboard

Figure 22 Dashboard(the author/2023)

Add Producat

Application Program Interfaces 27 H.P.D.Mandara Prawarshana

 Figure 23 Add Producat(the author,2023)

Create a design for a selected significant application that uses a range of APIs.

Justify the choice.

Many users using OZQ cart can use it to access the website. As a re-author, the author must choose
the appropriate API framework for these applications. The author has invented many API
frameworks like Reset API, ASP.NET Web, API, Graph etc. An architectural style that meets
specific guidelines, such as Agent Transfer or REST. It typically takes advantage of HTTP when
used for web APIs and can be used with REST over any protocol to enable web API activation.
This means that developers can take advantage of a REST API design without installing libraries or
additional software. Keeping this in mind, the author suggests the best way to create an application
using ASP.NET Web API, because data can be easily communicated through HTML language,
which helps in creating an attractive design for the application using HTML. Improving the OZQ
Service.

Develop an application using the API for the proposed system and provide all interfaces and
appropriate code for the same.

Application Program Interfaces 28 H.P.D.Mandara Prawarshana

Developing Web application

Figure 24 code(the author,2023)

Connect to Database

Figure 25 code(the author,2023)

Application Program Interfaces 29 H.P.D.Mandara Prawarshana

Login Page Code

Figure 26 code(the author,2023)

Login PHP Code

Figure 27 code(the author,2023)

Application Program Interfaces 30 H.P.D.Mandara Prawarshana

Registor Page

Figure 28 code(the author,2023)

Registor page PHP code

Figure 29 code(the author,2023)

Application Program Interfaces 31 H.P.D.Mandara Prawarshana

Dashboad Page

Figure 30 code(the author,2023)

Shopping Cart System

Figure 31 code(the author,2023)

Application Program Interfaces 32 H.P.D.Mandara Prawarshana

Shopping Cart System PHP code

Figure 32 code(the author,2023)

Add Producat Code

Figure 33 code(the author,2023)

Application Program Interfaces 33 H.P.D.Mandara Prawarshana

Add Producat PHP code

Figure 34 code(the author,2023)

API Code

Figure 35 code(the author,2023)

Application Program Interfaces 34 H.P.D.Mandara Prawarshana

Figure 36 code(the author,2023)

Create Database

Figure 37 ER Digram (the author,2023)

Application Program Interfaces 35 H.P.D.Mandara Prawarshana

PHP My Admin Database create

Figure 38 database (the author,2023\

Figure 39 database (the author,2023\

Application Program Interfaces 36 H.P.D.Mandara Prawarshana

Database Connection

Figure 40 database (the author,2023\

The developed system should be tested using black box and white box testing method test plan.

WHITE BOX AND BLACK

BOX TEST OF THE OZQ
SHOPPING CART

Application Program Interfaces 37 H.P.D.Mandara Prawarshana

 Table of Content

Introduction
Purpose
Testing goals
Test case template
Testing procedure

Introduction
OZQ-Cart is a valuable online shopping system that facilitates business-to-business sales through
its website. The OZQ-Cart system allows you to purchase any type of product online by selecting
the products listed on the website. To do this, the author must develop a suitable shopping cart for
the system. Also, some activities require a system such as registration, login page, shopping cart,
user profile, item search and selection, and feedback. Based on these facts, the author must
successfully develop the system to meet those needs.

Purpose

The author intends to test the development plan and API for the best performance of the OZQ
shopping cart website, with the primary goal of identifying non-functional requirements for the
system through a test plan such as performance, usability, reliability and usability, security. It also
aims to identify the effectiveness and productivity of these system designs and to improve the
performance of users.

Testing goal
Identify application usage
Identify the ness of the design
Identify the Application performance

Application Program Interfaces 38 H.P.D.Mandara Prawarshana

Identify the Application Security

Test case template

Test Case Input data Expected Actual result (Pass or Fail)

result

Table 3 Test case template (Author 2021)

Testing procedure

Black box testing:

Test case
Description Tester Name Test Date
Number

Black Box Testing

1 Thusitha Dushan 01.08.2023

Login checking

2 Anuda Bhashitha 03.08.2023

Signup checking

3 Rosiru perera 04.08.2023

Login with Correct information

4 Check the shopping cart Hasindu Silva 08.08.2023

5 Mohomad Naflan 10.08.2023

Profile setting check

Table 4 Black box testing (Author 2021)

Test case 01

Test by Thusitha Dushan

Application Program Interfaces 39 H.P.D.Mandara Prawarshana

 Test No Input data Expected result Actual result (Pass or
Fail)

01 Email Incorrect email Incorrect email Pass

[email protected] or password or password

Password
12345OZQ

Table 5 Test case 01 (Author 2021)

Figure 41 Test case 01 (Author 2023)

Figure 42 Test case 01 (Author 2023)

Application Program Interfaces 40 H.P.D.Mandara Prawarshana

Test case 02

Test by Anuda Bhashitha

Test No Input data Expected Actual result (Pass or Fail)

result

02 name – Nipuna You're Not You're Not Pass

Email completely completely
[email protected] Full-fill Full-fill
Contact -
Password - 123456

Table 6 Test case 02 (Author 2021)

Figure 43 Test case 02 (Author 2021)

Figure 44 Test case 02 (Author 2021)

Application Program Interfaces 41 H.P.D.Mandara Prawarshana

Test case 03

Test by Rosiru perera

Test No Input data Expected result Actual result (Pass or Fail)

03 Emil -
[email protected] Login Login Pass
successful successful
Password -
OZQ12345

Table 7 Test case 03 (Author 2021)

Figure 45 Test case 03 (Author 2021)

Figure 46 Test case 03 (Author 2021)

Application Program Interfaces 42 H.P.D.Mandara Prawarshana

Test case 04

Test by Hasindu Silva

Test Case Input data Expected Actual result (Pass or Fail)

result

04 Adding ring View shopping View shopping Pass

to Shopping cart Add to list cart Add to list
cart and view
Shopping Cart

Table 8 test case 04 (Author 2021)

Figure 47 test case 04 (Author 2021)

Test case 05

Test by Mohomad Naflan

Application Program Interfaces 43 H.P.D.Mandara Prawarshana

 Test Case Input data Expected Actual (Pass or
result result Fail)

05 Remover the item (RING) Remove Remove Pass

successful successful

Table 9 Test case 05 (Author 2021)

Figure 48 Test case 05 (Author 2021)

White box testing:

Test
case Description Tester Name Test Date
Number
White Box Testing

1 Thusitha Dushan 11.08.2023

Checking Communication Security

2 Login Error Hasindu Silva 13.08.2023

Application Program Interfaces 44 H.P.D.Mandara Prawarshana

 3 Registor Error Mohomad Naflan 15.08.2023

Table 10 White box testing (Author 2021)

Test case 01

Test by Thusitha Dushan

Test Input data Expected Actual (Pass or

Case result result Fail)

01 Enter Show the Show the Fail

https://localhost:14411/api/customers customer customer
API data API data

Table 11 Test case 01 (Author 2021)

Figure 49 Test case 01 (Author 2023)

Application Program Interfaces 45 H.P.D.Mandara Prawarshana

Test case 02

Test by Hasindu Silva

Test Case Input data Expected Actual (Pass or

result result Fail)

02 Login Error PHP Error PHP Error Pass

Table 12 Test case 02 (Author 2021)

Figure 50 Test case 02 (Author 2021)

Test case 03

Test by Mohomad Naflan

Test Input data Expected Actual (Pass

Case result result or
Fail)
03 Registor Error PHP Error PHP Pass
Error

Table 13 Test case 03 (Author 2021)

Application Program Interfaces 46 H.P.D.Mandara Prawarshana

 Figure 51 Test case 03 (Author 2021)

Critically evaluate the results of your test plan and include a review of the overall success of
your multi-page website.

OZQ Shopping cart login:

First login page

No sign in with Facebook button No sign in with Google account Use email Can log in. Below is a
picture of the login page before development.

Figure 52 Final login page (Author 2021)

Final login page

Things that grew:

Can log in with strict Facebook account Can log in with strict Google account Can log in using
email. Here is a picture of the developed login page.

Application Program Interfaces 47 H.P.D.Mandara Prawarshana

Figure 53 Final login page (Author 2021)

Accordingly, customers can easily access the website through their Google or Facebook accounts.
A participant can log in using Facebook or Google by clicking either button. Accordingly the
account holder verifies it.

OZQ Shopping Cart Sign up:

The first sign up page

No registration with a Facebook button No registration with a Google account. Below is a

screenshot of the registration page before it was developed.

Figure 54 The first sign up page (Author 2021)

Application Program Interfaces 48 H.P.D.Mandara Prawarshana

Final registration page

Things that grew:

You can sign up for a strong Facebook account and you can sign up for a strong Google account

Figure 55 The first sign up page (Author 2021)

With this test plan, the author can identify the missing part of the registration option, and then the
author registers using Facebook and registers with Google. This allows customers to easily register
for the site through their Google or Facebook accounts. This is a good way to reject users quickly
and easily.

HTTP develops:

First page

Figure 56 Https develops first page (Author 2021)

Application Program Interfaces 49 H.P.D.Mandara Prawarshana

Final page

Figure 57 Https develops final page (Author 2021)

Enabling this HTTPS does not guarantee the integrity of the HTTPS site for the OZQ site. HTTPS
protects users' privacy and security. Https is very useful in communicating data which provides
security to the website. Today, most users of Https check if a website is more secure than the OZQ
shopping cart site.

Critically evaluate the API used in your application. Provide a data protection report on your
application.

The author uses REST API with ASP.NET Web API for this OZQ system. This is because
ASP.NET makes it easy to create services that reach a wide range of clients, including browsers and
mobile devices.

So, in recent years, it is clear that HTTP is not only for HTML pages. ASP.NET Web API is a set of
components that simplify HTTP programming. Because it is built on top of the ASP.NET MVC
runtime, Web API automatically handles HTTP low-level transport information. Furthermore, Web
API naturally exposes the HTTP programming model. One of the goals of Web API is not to
abstract the HTTP reality. On the contrary, the web

The API is flexible and easy to extend. The REST architectural style has proven to be an effective
way to leverage HTTP. It is not the only valid approach for HTTP.

Accordingly OZQ is the website and the author uses the remaining API with ASP.NeT Web API for
OZQ. For more information, these are the security mechanisms used by the OZQ app, such as

Application Program Interfaces 50 H.P.D.Mandara Prawarshana

signing in with Google and Facebook, authorization, and HTTP. In HTTPS, ASP.NET Core allows
developers to easily configure and manage security, and ASP.NET Core has authentication,
authorization, data security, HTTPS validation, and management features.

Use Google and Facebook to sign in,

Enabling the login mechanism of the OZQ shopping cart system provides more security for the
website and allows Facebook and Google users to use their platforms for app authentication, they
use different APIs. It is best to use OAuth 1.0, OAuth 2.0, OpenID, OpenID Friend Connect, and
these social access technologies.

If the user feels that they have lost their password, they can reset it and get benefits across many
websites. Often, the service that provides the authentication functionality provides other
information. These can be used to post profile updates.

Cookie-based authentication – Cookie-based authentication is when you store some identifier in a

cookie and use it to automatically identify the API request. This means that the cookie needs some
mechanism to set it first so that all (eligible) requests from the same host are automatically included
in the cookie so that it is not vulnerable to subsequent requests. Token-based authentication –
Token-based authentication is a variant of cookie-based authentication, but gives you more control.
Essentially, you generate a token similar to a cookie-based authentication system, but you include it
with requests.

Session-based authentication – API-based session-based authentication requires some way of

associating a session with a client. This is often very simple to set up, but can suffer if your API is
deployed across multiple servers. Accordingly, the authors used these mechanisms as mechanisms.

Application Program Interfaces 51 H.P.D.Mandara Prawarshana

References

Axway.com, 2023. API Security Vulnerabilities. [online]

Available at: https://www.axway.com/en/products/api-management/manage-apis/top-10-security-
risks [Accessed 01 01 2023].

Bluehost.com, 2021. Shopify vs. WooCommerce. [online]

Available at: https://www.bluehost.com/resources/shopify-vs-woocommerce-which-ecommerce-
platform-should-you-choose/ [Accessed 07 01 2023].

Ecomdash.com, 2021. Shopping Carts. [online]

Available at: https://www.ecomdash.com/are-you-using-the-best-shopping-cart-integration-
software/ [Accessed 07 01 2023].

Fundera.com, 2023. Distinguish between shopping carts. [online] Available at:

https://www.fundera.com/blog/bigcommerce-vs-woocommerce [Accessed 01 02 2023].

Geeksforgeeks, 2021. What is Web API?. [online]

Available at: https://www.geeksforgeeks.org/what-is-web-api-and-why-we-use-it/ [Accessed 01 01
2023].

Multiorders.com, 2021. Bigcommerce. [online] Available at: https://multiorders.com/how-to-

change-bigcommerce-favicon/ [Accessed 07 01 2023].

Paylinedata.com, 2021. WooCommerce. [online] Available at: https://paylinedata.com/blog/how-to-

change-payment-processors-on-woocommerce/ [Accessed 07 01 2023].

Pointofsale.com, 2021. Constant Contact. [online] Available at: https://pointofsale.com/constant-

contact-brings-together-small-businesses- entrepreneurs-power-hour-roundtables/ [Accessed 01 07
2023].

Rosencrans, L., 2021. Software Developer's Kit. [online]

Available at: https://whatis.techtarget.com/definition/software-developers-kit-SDK [Accessed 01 01
2021].

Application Program Interfaces 52 H.P.D.Mandara Prawarshana

Seekpng.com, 2021. Magento. [online] Available at:
https://www.seekpng.com/ipng/u2w7t4r5y3o0w7t4_pos-marketplace- ecommerce-with-magento-
logo-magento-logo/ [Accessed 07 01 2022].

Shift4.com, 2021. Shift4shop. [online] Available at: https://www.shift4.com/news/shift4shop-

ecommerce-solution/ [Accessed 07 01 2023].

Squareup.com/, 2021. What is the difference between SDK and API?. [online] Available at:
https://squareup.com/us/en/townsquare/sdk-vs-api [Accessed 01 01 2023].

Startupyo.com/, 2021. Shopify. [online] Available at: https://www.startupyo.com/business-with-

shopify-2021/ [Accessed 07 01 2023].

Application Program Interfaces 53 H.P.D.Mandara Prawarshana