Chapter 7 Flashcards
I want to add new columns to my database. What would I use here: _____ _____ mismatch_user ADD username VARCHAR(32) NOT NULL AFTER user_id, ADD password VARCHAR(40) NOT NULL AFTER username;
ALTER TABLE ALTER TABLE mismatch_user ADD username VARCHAR(32) NOT NULL AFTER user_id, ADD password VARCHAR(40) NOT NULL AFTER username;
What does SHA() stand for?
Secure Hash Algorithm
What is SHA() used for?
- SHA() is used to encrypt data inserted into a table using the Secure Hash Algorithm
- SHA() create a 40 character hexadecimal encrypted string using a one way encryption scheme
SHA() create a 20 character hexadecimal encrypted string using a two way encryption scheme.
True or False?
False:
SHA() creates a 40 character hexadecimal encrypted string using a one way encryption scheme.
True or False
SHA() creates a 40 character hexadecimal encrypted string using a one way encryption scheme.
True
True or False:
mysqli_real_escape_string() is used to protect against SQL injection attacks by escaping special characters in a string used for an SQL statement.
True
$user_username = mysqli_real_escape_string($dbc, trim($_SERVER[‘PHP_AUTH_USER’]));
$user_password = mysqli_real_escape_string($dbc, trim($_SERVER[‘PHP_AUTH_PW’]));
What does the mysqli_real_escape_string() function do?
mysqli_real_escape_string() is used for escaping special characters in a string used for anSQL statement.
What does the trim() function do?
The trim() function trimms whitespace from either end of the string.
What are the components of a cookie?
- Name
- Value
- Expiration Date
A cookie will last forever. True or False?
False, a cookie will last as long as it’s set expiration date.
If the expiration date is not set, it will last until the user dismisses the browser session.
What do cookies do?
Cookies allow the persistance of small pieces of data on the client that have a time limit and can be deleted at will.
What does the function setcookie() do?
setcookie() allows you to set the name, value, and expiration of a cookie.
setcookie(‘username’, ‘kenmarks’);
setcookie(‘user_id’, ‘1’);
$_COOKIE does what?
$_COOKIE is a superglobal used to retrieve the value of a cookie.
echo ‘
You are logged in as ‘ . $_COOKIE[‘username’] . ‘.
’;
True or False:
Using cookies for log-in means that you can also use the HTTP Authorization header
False:
Using Cookies for log-in information means you cannot use the HTTP Authorization header
True or False:
Using Cookies for log-in information means you cannot use the HTTP Authorization header
True.
How do you use cookies to log a user out?
setcookie()
Use setcookie() to set back the time which forces the deletion of the Cookie
setcookie(‘username’, ‘kemarks’, time() - 3600);
What doe sthe following code do:
setcookie(‘username’, ‘kemarks’, time() - 3600);
Sets back the time by one hour to log the user out.
What arethe three main positive attributes of Sessions?
- Sessions are not dependent upon the client
- Sessions store information on the server (not the client).
- Session information expires when the session ends (i.e. the user closes the browser)
How do you start a session in PHP?
session_start()
How do you end a session in PHP?
session_destroy()
True or False:
When you end a session, the session variables are all destroyed.
False:
The session variables are not destroyed until the browser is closed
True or False:
The session variables are not destroyed until the browser is closed
True
What is $_SESSION?
$_SESSION is a superglobal used to retrieve the session variables.
echo ‘
You are logged in as ‘ . $_SESSION[‘username’] . ‘.
’;
True or False:
$_SESSION is a superglobal used to retrieve the session variables.
True
True or False:
$_SESSION is a superglobal used to retrieve the cookie variables.
False:
$_SESSION is a superglobal used to retrieve the session variables.
True or False
Session variables are automatically deleted when a session is destroyed.
False:
Session variables are not automatically deleted when a session is destroyed
True or False:
Session variables are not automatically deleted when a session is destroyed
True
To force the removal of all the session variables for the current session you would do what?
$_SESSION = array ();
True or False
Sessions are long lived.
False:
Sessions are short lived. They only last as long as the current browser session. I fthe user closes the browser tab, the session is destroyed.
True or False:
Sessions are short lived. They only last as long as the current browser session. I fthe user closes the browser tab, the session is destroyed.
True
True or False:
Sessions can not work with cookies.
False
Sessions can work with Cookies. If the browser allows Cookies, a session may set a Cookie that temporarily stores the session ID. You access the session ID using the session_name() function.
True or False:
in order to fully close a session, you must delete any Cookies that were created to store the session ID.
True:
if (isset($_COOKIE[session_name()]))
{
setcookie(session_name(), ‘’, time() - 3600);
}
What is setcookie()
The built in PHP function is used to set a cookie on the browser, including an optional expiration date, after which the cookie is destroyed. If no expiration is provided, the cookie is deleted when the browser is closed.
What is session_start()
This built in PHP function starts a new session or re-starts a pre-existing session. You must call this function prior to accessing any session variable.
Define:
empty($_COOKIE[‘user_id’])
use a cookie to determine if a user is logged in or not.
Define:
setcookie(session_name(), ‘’, time() - 3600;
Destroy a session cookie by setting its expiration to an hour in the past.
Define:
SHA(‘$user_password’)
Encrypt a user’s password into an unrecognizable format.
Define:
session_destroy()
Close the current session.
Define:
setcookie(‘user_id’, $row[‘user_id’])
Store a user’s unique ID in a cookie
Define:
$_SESSION = array()
Destroy all session variables
session_start()
Start a new session
isset($_SESSION[‘user_id’])
Use a session variable to determine if a user is logged in or not.
