-
Notifications
You must be signed in to change notification settings - Fork 46
Expand file tree
/
Copy pathweb-features.yml
More file actions
125 lines (125 loc) · 7.63 KB
/
web-features.yml
File metadata and controls
125 lines (125 loc) · 7.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
category: Web Features
questions:
-
question: 'To destroy one variable within a PHP session you should use which method in PHP?'
answers:
- {value: 'Unset the variable in $HTTP_SESSION_VARS', correct: false}
- {value: 'Use the session_destroy() function', correct: false}
- {value: 'Use the session_unset() function', correct: false}
- {value: 'unset the variable in $_SESSION using unset()', correct: true}
- {value: 'Any of the above are acceptable in PHP', correct: false}
-
question: 'If you would like to store your session in the database, you would do which of the following?'
answers:
- {value: 'It requires a custom PHP extension to change the session handler', correct: false}
- {value: 'Implement the session_set_save_handler() function', correct: false}
- {value: 'Create functions for each session handling step and use session_set_save_handler() to override PHP''s internal settings', correct: true}
- {value: 'Configure the session.save_handler INI directive to your session class', correct: false}
-
question: 'To destroy a PHP session completely, one must which of the following?'
answers:
- {value: 'Regenerate the session ID using session_regenerate_id()', correct: false}
- {value: 'If cookies are used, destroy it', correct: true}
- {value: 'Use session_demolish() to completely destroy the session', correct: false}
- {value: 'Change the session name using session_name()', correct: false}
- {value: 'Destroy the session data using session_destroy()', correct: true}
-
question: 'If you would like to change the session ID generation function, which of the following is the best approach for PHP?'
answers:
- {value: 'Set the session.hash_function INI configuration directive', correct: true}
- {value: 'Use the session_set_id_generator() function', correct: false}
- {value: 'Set the session id by force using the session_id() function', correct: false}
- {value: 'Use the session_regenerate_id() function', correct: false}
- {value: 'Implement a custom session handler', correct: false}
-
question: |
Consider the following HTML fragment:
<select name="?????" multiple>
<option value="1">Item #1</option>
<!-- ... more options ... -->
</select>
Which of the following name attributes should be used to capture all of the data from the user in PHP?
answers:
- {value: 'myselectbox=[]', correct: false}
- {value: 'myselectbox[]', correct: true}
- {value: 'myselectbox[''multiple'']', correct: false}
- {value: 'myselectbox{''multiple''}', correct: false}
- {value: 'myselectbox', correct: false}
-
question: 'When uploading a file using HTTP, which variable can be used to locate the file on PHP''s local filesystem?'
answers:
- {value: '$_FILES[''fieldname''][''tmp_name'']', correct: true}
- {value: '$_FILES[''fieldname'']', correct: false}
- {value: '$_FILES[''fieldname''][0][''filename'']', correct: false}
- {value: '$_FILES[''fieldname''][''filename'']', correct: false}
- {value: 'None of the above', correct: false}
-
question: 'To force a user to redirect to a new URL from within a PHP script, which of the following should be used?'
answers:
- {value: 'Send a HTTP "Location:" header', correct: true}
- {value: 'Use the HTML <redirect> Tag', correct: false}
- {value: 'Send a HTTP "Forward:" header', correct: false}
- {value: 'Use the redirect() function', correct: false}
-
question: 'Setting a cookie on the client in PHP can be best accomplished by:'
answers:
- {value: 'Use the add_cookie() function', correct: false}
- {value: 'Use the setcookie() function', correct: true}
- {value: 'Use the the apache_send_header() function', correct: false}
- {value: 'Setting a variable in the $_COOKIE superglobal', correct: false}
-
question: 'How does one create a cookie which will exist only until the browser session is terminated?'
answers:
- {value: 'You cannot create cookies that expire when the browser session is terminated', correct: false}
- {value: 'Setting the expiration time for a cookie to a time in the distant future', correct: false}
- {value: 'Do not provide a cookie expiration time', correct: true}
- {value: 'Enable Cookie Security', correct: false}
- {value: 'Set a cookie without a domain', correct: false}
-
question: 'Setting a HTTP cookie on the client which is not URL-encoded is done how in PHP?'
answers:
- {value: 'Use the setrawcookie() function', correct: true}
- {value: 'Set the cookies.urlencode INI directive to false', correct: false}
- {value: 'Use urldecode() on the return value of setcookie()', correct: false}
- {value: 'Setting the $no_encode parameter of setcookie() to a boolean ''true''', correct: false}
- {value: 'All cookies must be URL encoded', correct: false}
-
question: 'During an HTTP authentication, how does one determine the username and password provided by the browser?'
answers:
- {value: 'Parse the HTTP headers manually using http_get_headers()', correct: false}
- {value: 'Use the get_http_username() and get_http_password() functions', correct: false}
- {value: 'Use the $_SERVER[''HTTP_USER''] and $_SERVER[''HTTP_PASSWORD''] variables', correct: false}
- {value: 'Use the $_SERVER[''PHP_AUTH_USER''] and $_SERVER[''PHP_AUTH_PW''] variables', correct: true}
- {value: 'Parse the $_SERVER[''REQUEST_URI''] variable', correct: false}
-
question: |
Consider the following function:
function redirect($url) {
// Check to make sure we haven't already sent
// the header:
if (/*???????*/) {
header("Location: $url");
}
}
What conditional should replace the ????? above?
answers:
- {value: '!in_array("Location: $url", headers_list())', correct: true}
- {value: '!header_exists("Location: $url")', correct: false}
- {value: '!header_location($url)', correct: false}
- {value: ' $_SERVER[''HTTP_LOCATION''] != $url', correct: false}
-
question: 'One can ensure that headers can always be sent from a PHP script by doing what?'
answers:
- {value: 'Enable header buffering in PHP', correct: false}
- {value: 'Set the header.force INI directive to true', correct: false}
- {value: 'Enable output buffering in PHP', correct: true}
- {value: 'There is no way to ensure that headers can always be set, they must always be checked', correct: false}
- {value: 'None of the above', correct: false}
-
question: 'Which of the following is not a valid fopen() access mode:'
answers:
- {value: 'b', correct: true}
- {value: 'x', correct: false}
- {value: 'a', correct: false}
- {value: 'w', correct: false}
- {value: 'r+', correct: false}