Which of the following is a common security vulnerability that exploits web applications by injecting malicious SQL code?
- SQL Injection
- XSS (Cross-Site Scripting)
- CSRF (Cross-Site Request Forgery)
- Ransomware Attack
SQL Injection is a technique where an attacker injects malicious SQL code into input fields, potentially gaining unauthorized access to a database or system.
How can you modify the lifetime of a cookie in PHP?
- By setting the expires attribute in setcookie() function with a future timestamp.
- By using session_set_cookie_params()
- By directly modifying the cookie file.
- By changing the cookie name.
To modify the lifetime of a cookie in PHP, you can set the expires attribute in the setcookie() function with a future timestamp. This specifies when the cookie should expire.
Which PHP superglobal array contains information about uploaded files?
- $_GET
- $_POST
- $_FILES
- $_REQUEST
The $_FILES superglobal array in PHP contains information about uploaded files. It provides details such as file name, file type, and file size for files uploaded via a form.
Which of the following operators is used in PHP to check if two values are identical in both value and data type?
- ==
- ===
- =
- !=
The '===' operator in PHP checks for strict equality, meaning both the value and data type must match.
To ensure session data is only transferred over secure connections, you can enable the ________ configuration directive in PHP.
- session.use_trans_sid
- session.cookie_secure
- session.use_cookies
- session.use_only_cookies
The 'session.cookie_secure' configuration directive ensures that session cookies are only transmitted over secure (HTTPS) connections, enhancing security.
Which PHP function can be used to write a string to a file?
- fwrite()
- file_put_contents()
- file_get_contents()
- file_open()
The file_put_contents() function in PHP is used to write a string to a file. It simplifies the process of opening a file, writing data, and closing the file, making it a convenient option for file writing operations.
Imagine you are developing a PHP application that needs to frequently insert user data into a database. To ensure security and performance, which approach would be most appropriate?
- Use PDO prepared statements
- Use raw SQL statements with user input directly in the query
- Use MySQLi extension with prepared statements
- Use raw SQL statements with hardcoded values
Using PDO prepared statements is the recommended approach as it's secure against SQL injection and offers good performance.
What is the result of the expression 5%35%3 in PHP?
- 1
- 0
- 2
- 3
In PHP, the % operator is used for modulus. In this expression, 5%35 first results in 5, then 5%3 results in 2. So the answer is 2.
Using ________ ensures that even if two users have the same password, their hashed values will be different.
- Salted hashing
- Hash collision prevention
- Unique salting
- Hashed password variation
Utilizing salted hashing in password storage involves adding a unique random "salt" to each user's password before hashing it. This prevents identical passwords from having the same hashed value.
How can you differentiate between a 'directory' and a 'file' using PHP functions?
- is_dir() checks for directory
- file_exists() checks for a file
- scandir() lists the directory's contents
- is_file() checks for a file
The is_dir() function in PHP is used to determine if a given path is a directory. It's a key function for distinguishing directories from files.