Chapter 7

Question 1

I want to add new columns to my database. What would I use here: _____ _____ mismatch_user ADD username VARCHAR(32) NOT NULL AFTER user_id, ADD password VARCHAR(40) NOT NULL AFTER username;

Answer 1

ALTER TABLE ALTER TABLE mismatch_user ADD username VARCHAR(32) NOT NULL AFTER user_id, ADD password VARCHAR(40) NOT NULL AFTER username;

Question 2

What does SHA() stand for?

Answer 2

Secure Hash Algorithm

Question 3

What is SHA() used for?

Answer 3

• SHA() is used to encrypt data inserted into a table using the Secure Hash Algorithm
• SHA() create a 40 character hexadecimal encrypted string using a one way encryption scheme

Question 4

SHA() create a 20 character hexadecimal encrypted string using a two way encryption scheme.

True or False?

Answer 4

False:

SHA() creates a 40 character hexadecimal encrypted string using a one way encryption scheme.

Question 5

True or False

SHA() creates a 40 character hexadecimal encrypted string using a one way encryption scheme.

Answer 5

True

Question 6

True or False:

mysqli_real_escape_string() is used to protect against SQL injection attacks by escaping special characters in a string used for an SQL statement.

Answer 6

True

$user_username = mysqli_real_escape_string($dbc, trim($_SERVER[‘PHP_AUTH_USER’]));

$user_password = mysqli_real_escape_string($dbc, trim($_SERVER[‘PHP_AUTH_PW’]));

Question 7

What does the mysqli_real_escape_string() function do?

Answer 7

mysqli_real_escape_string() is used for escaping special characters in a string used for anSQL statement.

Question 8

What does the trim() function do?

Answer 8

The trim() function trimms whitespace from either end of the string.

Question 9

What are the components of a cookie?

Answer 9

• Name
• Value
• Expiration Date

Question 10

A cookie will last forever. True or False?

Answer 10

False, a cookie will last as long as it’s set expiration date.

If the expiration date is not set, it will last until the user dismisses the browser session.

Question 11

What do cookies do?

Answer 11

Cookies allow the persistance of small pieces of data on the client that have a time limit and can be deleted at will.

Question 12

What does the function setcookie() do?

Answer 12

setcookie() allows you to set the name, value, and expiration of a cookie.

setcookie(‘username’, ‘kenmarks’);

setcookie(‘user_id’, ‘1’);

Question 13

$_COOKIE does what?

Answer 13

$_COOKIE is a superglobal used to retrieve the value of a cookie.

echo ‘

You are logged in as ‘ . $_COOKIE[‘username’] . ‘.

’;

Question 14

True or False:

Using cookies for log-in means that you can also use the HTTP Authorization header

Answer 14

False:

Using Cookies for log-in information means you cannot use the HTTP Authorization header

Question 15

True or False:

Using Cookies for log-in information means you cannot use the HTTP Authorization header

Answer 15

True.

Question 16

How do you use cookies to log a user out?

Answer 16

setcookie()

Use setcookie() to set back the time which forces the deletion of the Cookie

setcookie(‘username’, ‘kemarks’, time() - 3600);

Question 17

What doe sthe following code do:

setcookie(‘username’, ‘kemarks’, time() - 3600);

Answer 17

Sets back the time by one hour to log the user out.

Question 18

What arethe three main positive attributes of Sessions?

Answer 18

• Sessions are not dependent upon the client
• Sessions store information on the server (not the client).
• Session information expires when the session ends (i.e. the user closes the browser)

Question 19

How do you start a session in PHP?

Answer 19

session_start()

Question 20

How do you end a session in PHP?

Answer 20

session_destroy()

Question 21

True or False:

When you end a session, the session variables are all destroyed.

Answer 21

False:

The session variables are not destroyed until the browser is closed

Question 22

True or False:

The session variables are not destroyed until the browser is closed

Answer 22

True

Question 23

What is $_SESSION?

Answer 23

$_SESSION is a superglobal used to retrieve the session variables.

echo ‘

You are logged in as ‘ . $_SESSION[‘username’] . ‘.

’;

Question 24

True or False:

$_SESSION is a superglobal used to retrieve the session variables.

Answer 24

True

Question 25

True or False:

$_SESSION is a superglobal used to retrieve the cookie variables.

Answer 25

False:

$_SESSION is a superglobal used to retrieve the session variables.

Question 26

True or False

Session variables are automatically deleted when a session is destroyed.

Answer 26

False:

Session variables are not automatically deleted when a session is destroyed

Question 27

True or False:

Session variables are not automatically deleted when a session is destroyed

Answer 27

True

Question 28

To force the removal of all the session variables for the current session you would do what?

Answer 28

$_SESSION = array ();

Question 29

True or False

Sessions are long lived.

Answer 29

False:

Sessions are short lived. They only last as long as the current browser session. I fthe user closes the browser tab, the session is destroyed.

Question 30

True or False:

Sessions are short lived. They only last as long as the current browser session. I fthe user closes the browser tab, the session is destroyed.

Answer 30

True

Question 31

True or False:

Sessions can not work with cookies.

Answer 31

False

Sessions can work with Cookies. If the browser allows Cookies, a session may set a Cookie that temporarily stores the session ID. You access the session ID using the session_name() function.

Question 32

True or False:

in order to fully close a session, you must delete any Cookies that were created to store the session ID.

Answer 32

True:

if (isset($_COOKIE[session_name()]))

{

setcookie(session_name(), ‘’, time() - 3600);

}

Question 33

What is setcookie()

Answer 33

The built in PHP function is used to set a cookie on the browser, including an optional expiration date, after which the cookie is destroyed. If no expiration is provided, the cookie is deleted when the browser is closed.

Question 34

What is session_start()

Answer 34

This built in PHP function starts a new session or re-starts a pre-existing session. You must call this function prior to accessing any session variable.

Question 35

Define:

empty($_COOKIE[‘user_id’])

Answer 35

use a cookie to determine if a user is logged in or not.

Question 36

Define:

setcookie(session_name(), ‘’, time() - 3600;

Answer 36

Destroy a session cookie by setting its expiration to an hour in the past.

Question 37

Define:

SHA(‘$user_password’)

Answer 37

Encrypt a user’s password into an unrecognizable format.

Question 38

Define:

session_destroy()

Answer 38

Close the current session.

Question 39

Define:

setcookie(‘user_id’, $row[‘user_id’])

Answer 39

Store a user’s unique ID in a cookie

Question 40

Define:

$_SESSION = array()

Answer 40

Destroy all session variables

Question 41

session_start()

Answer 41

Start a new session

Question 42

isset($_SESSION[‘user_id’])

Answer 42

Use a session variable to determine if a user is logged in or not.