Unit 2 Flashcards
What keyword is used to access a global variable inside a PHP function?
A. public
B. super
C. global
D. access
Answer: C
Which PHP superglobal is used to access global variables from anywhere in the script?
A. $_GLOBAL
B. $GLOBALS
C. global[]
D. superglobal[]
Answer: B
Which of the following is NOT a PHP superglobal?
A. $_POST
B. $_SESSION
C. $_CLIENT
D. $_GET
Answer: C
What is the main difference between $_POST and $_GET methods?
A. POST can’t be used with forms
B. GET stores data in the body, POST in the URL
C. GET stores data in URL, POST stores it in the request body
D. POST encrypts data by default
Answer: C
What does htmlentities() do in PHP?
A. Converts a string to uppercase
B. Converts HTML tags into their encoded form
C. Removes numbers from strings
D. Displays HTML code as raw text
Answer: B
What is the benefit of using htmlspecialchars() over htmlentities()?
A. It is more secure
B. It encodes more characters
C. It is faster and sufficient for most use cases
D. It doesn’t encode anything
Answer: C
You want to display a user’s name submitted via a form using the name field. What is the correct code?
A. echo $_REQUEST[“name”];
B. echo $_POST[“name”];
C. echo $_GET[“name”];
D. All of the above (depends on form method)
Answer: D
Which of the following will correctly check if a $_GET[‘color’] value exists before using it?
A. isset($_GET[‘color’])
B. $_GET->color
C. if ($_GET[‘color’] == NULL)
D. defined($_GET[‘color’])
Answer: A
Which form element should be used to allow a user to upload a file?
A. <input type="text"> B. <input type="upload"> C. <input type="file"> D. <input type="submit">
Answer: C
What is the default HTTP method used by forms if none is specified?
A. GET
B. POST
C. PUT
D. DELETE
Answer: A
Which of the following functions best combines trimming and escaping input for HTML output?
A. htmlentities(trim($data))
B. sanitizeInput($data)
C. strip_tags($data)
D. htmlspecialchars(strip_tags($data))
Answer: B
Explanation: This refers to the custom sanitizeInput() function shown in the slides: htmlspecialchars(trim($data)).
What is the purpose of using foreach ($_POST as $key => $value) in form processing?
A. It sanitizes all inputs
B. It loops through all submitted form field name/value pairs
C. It resets the form values
D. It checks if a form is valid
Answer: B
What is the output of var_dump($_POST) typically used for?
A. Clearing form values
B. Encrypting POST data
C. Debugging and displaying structure and contents of POST data
D. Displaying the page source
Answer: C
What does the required attribute in an HTML form field do?
A. Limits input length
B. Submits form without validation
C. Ensures the field is not empty before submission
D. Checks if input matches a number
Answer: C
Which HTML input type would you use for validating an email format automatically? A. <input type="text".> B. <input type="validate".> C. <input type="email".> D. <input type="mail".>
Answer: C
In client-side JavaScript validation, which method stops a form from submitting?
A. form.stop()
B. return false;
C. event.preventDefault()
D. preventSubmission()
Answer: C
What does the JavaScript checkValidity() method do?
A. Checks for duplicate form entries
B. Confirms browser compatibility
C. Verifies all form field constraints
D. Encrypts form data
Answer: C
What is the purpose of setCustomValidity() in JavaScript form validation?
A. It logs validation errors
B. It resets the form
C. It overrides default error messages with a custom one
D. It disables the submit button
Answer: C
Which PHP variable holds the request type used to determine if a form was submitted via POST?
A. $_POST[“type”]
B. $_SERVER[“METHOD”]
C. $_REQUEST[“type”]
D. $_SERVER[“REQUEST_METHOD”]
Answer: D
What is the correct way to validate that a name field has more than 3 characters in PHP?
A. strlen($name) > 3
B. strlen($name) < 3
C. $name > 3
D. strlen(name) > 3
Answer: A
Which of the following is true about server-side form validation in PHP?
A. It is optional if client-side JS is enabled
B. It only runs if JavaScript fails
C. It should always be used for secure validation
D. It runs after the browser reloads
Answer: C
What would this JavaScript code check for?
if (message === “”) {
alert(“Message field cannot be empty.”);
}
```
A. That the message field is valid JSON
B. That the message is under 20 characters
C. That the message input is not empty
D. That the message is an integer
Answer: C
Which method of validation is safest to rely on for security?
A. JavaScript only
B. HTML5 pattern matching
C. Server-side PHP validation
D. CSS validation
Answer: C
In PHP, how can you display all validation errors stored in the $errors array?
A. echo $errors;
B. implode($errors);
C. foreach ($errors as $error) { echo $error; }
D. print($errors[])
Answer: C
What is the purpose of calling .reportValidity() in JavaScript Constraint Validation API?
A. It refreshes the page
B. It logs input to console
C. It shows the browser’s validation error message to the user
D. It prevents form fields from being validated
Answer: C
You validate a form on the client side using JavaScript, but users can still submit invalid data. Why?
A. JavaScript is not enough — it can be disabled by the user
B. The form is missing the required attribute
C. action is not defined in the form
D. HTML input fields must be <form:input> to be secure</form:input>
Answer: A
