We can call some of the C functions from PHP like printf() fputs() fwrite() fgetc() exit() and so many others but not all.
What is the purpose of ob_start() ?
This function will turn output buffering on. While output buffering is ON no output is sent from the
Where does the session stored, either client side or server side?
PHP Session is used to maintain client's previous
In javascript take a global variable to count the
var count 0;
function count_click()
{
count++;
return count;
}
This function will return you each count of user click.
why we need a function like fetch_object and what is the purpose of using it?
Fetch array normally retrives the records based on array
What is PHP header()?
In commons, header() being used for page redirection, whereby a specific location being define. However header() can be use more than just that.
header() may also be use for page authentication, assigning content type, cache control, etc.
use of htaccess
.htaccess files are configuration files of Apache
How to get domain name?
eg:
will result the domain name.
How to prevent form hijacking in PHP?
Following things can be done for preventing your PHP Form from Hijacking
1. Make register_globals to off to prevent Form Injection with malicious data.
2. Make Error_reporting to E_ALL so that all variables will be intialized before using them.
3. Make practice of using htmlentities(), strip_tags(), utf8_decode() and addslashes() for filtering malicious data in php
4. Make practice of using mysql_escape_string() in mysql.
Few more coding practices can be done to avoid PP Form Hijacking
1. User Input Sanitization-Never trust web user submitted data. Follow good clieint side data validation practices with regular expressions before submitting data to the server.
2. Form Submision Key Validation: A singleton method can be used to generate a Session form key & validating form being submitted for the same value against hidden form key params.
3. SQL injection attacks by using mysql_escape_string()
What is the difference between session_register and $_session?
session_register() is used for register one or more global variables with the current session. While $_SESSION[] array is used for storing one or more variables with in the current session array. session_register() depends upon register_global is enable or disable If it disable it will not work.
What is CAPTCHA?
CAPTCHA stands for Completely Automated Public Turing Test to tell Computers and Humans Apart. To prevent spammers from using bots to automatically fill out forms CAPTCHA programmers will generate an image containing distorted images of a string of numbers and letters. Computers cannot determine what the numbers and letters are from the image but humans have great pattern recognition abilities and will be able to fairly accurately determine the string of numbers and letters. By entering the numbers and letters from the image in the validation field the application can be fairly assured that there is a human client using it.
How we know browser properties?
get_browser() attempts to determine the capabilities of the user's browser. This is done by looking up the browser's information in the browscap.ini file.
echo $_SERVER['HTTP_USER_AGENT'] .
\n ;
$browser get_browser();
foreach ($browser as $name > $value) {
echo $name $value
\n ;
}
What is diff between srand & shuffle?
srand function seeds the random number generator with given seed. Function shuffle is used for shuffling the array values. This function generates new keys for the array elements.
Mysql command to fetch onlythe unique values?
select distinct column_name from table_name;
how can a script come to a clear termination?
using exit 0; you may force to terminate clearly a PHP script with
What is random number?
A random number is a number generated by a process, whose outcome is unpredictable, and which cannot be subsequentially reliably reproduced.
Would you initialize your strings with single quotes or double quotes?
Since the data inside the single-quoted string is not parsed for variable substitution, it’s always a better idea speed-wise to initialize a string with single quotes, unless you specifically need variable substitution
Single quote strings are executed faster than double quotes
When we use single quote for string then php will not parse the things between that quote. It simply assign as it is.
But when we use double quotes then it will parse for variables and other things between double quotes.
What are magic quotes in PHP?
Some special characters in PHP like single quote( ' ) double quote( ) amperson ( & ) etc. are escape by slash its called magic quotes.
Describe the process from a users web browser, to the web-server and back again.
When user submits the form from the browser, the form is submitted to the Web server where it filters the server-side languages and client-side languages. Now the server side languages is parsed and executed on the server and queries if any to the backend i.e. database and gets values from there. After whole process or form is executed, the result is thrown to the web browser on the client side. And client side scripts like javascript and HTML are already parsed on the user's browser only.
How would you check that a string is a palindrome? *hint* using only one statement.
For checking tht the string is palindrome, just check the original string with its strrev() result, if both matches, than the string is palindrome.
What is 'htmlentities' and it's relationship with preventing XSS attacks/vulnerabilities?
XSS or crossite attacks is like when you change the URL and try to change the form submit for attacking to the server for some hacking or such stuffs. e.g. : www.mysite.com?name=kalpesh can be easily attacked if there is no "htmlentities" which filters all the html tags, by using like : www.mysite.com?name='kalpesh; drop table test;'
what are the various methods to pass data from one web page to another web page ?
GET
HEAD
POST
PUT
DELETE
TRACE
CONNECT
OPTIONS
REF: http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html
What is Template engine in PHP and Hw many types of tables are there in MYSQL database?
MySQL 5.1 supports the following storage engines:
MyISAM
InnoDB
Memory
Merge
Archive
Federated
NDB
CSV
Blackhole
http://dev.mysql.com/doc/refman/5.1/en/storage-engine-overview.html
What is Joomla?
Joomla! is one of the most powerful and an award-winning Open Source Content Management System (CMS) that will help you build everything from simple websites to complex corporate applications. Joomla! is easy to install, simple to manage, and reliable. Best of all, Joomla! is an open source solution that is freely available to everybody.
How to get the URL domain name in PHP?
Yes it is possible by $_server[HTTP_HOST]
eg:
will result the domain name.
What is htaccess? Why do we use this and Where?
Using this ".htaccess" file we can control "php.ini" and "httpd.conf" file.
For php.ini:
for register globals Enter "php_flag register_globals on" in that file and place it inside the context folder where you are running the php files. Now this is set to globals throughout the files present inside that context folder. This is boolean so we are giving like "php_flag". if it is the value we have to give like "php_value".
Added to all answers its also useful for 301 redirection blocking your website for few users can include .php codes on .html file. Still lot more uses are there.
This will allow to have your .php file on .html file
RemoveHandler .html .htm
AddType application/x-httpd-php .php .htm .html
This can block the site for few users.
AuthName "control panel"
AuthType Basic
AuthUserFile /usr/local/bham/.htpasswd
Satisfy any
order deny allow
deny from all
allow from
require user support
require user
use of header() function in php
In commons, header() being used for page redirection, whereby a specific location being define. However header() can be use more than just that.
header() may also be use for page authentication, assigning content type, cache control, etc.
No comments:
Post a Comment