Transactions are used to...
A. guarantee high performance
B. secure data consistency
C. secure access to the database
D. reduce the database server overhead
E. reduce code size in PHP
One common security risk is exposing error messages directly in the browser. Which PHP configuration directive can be disabled to prevent this?
A. html_display
B. error_reporting
C. display_errors
D. error_log
E. ignore_repeated_errors
Which function can NOT help prevent cross-site scripting? (Choose 2)
A. addslashes()
B. htmlentities()
C. htmlspecialchars()
D. strip_tags()
E. quotemeta()
Which constant must be passed as the second argument to htmlentities() to convert single quotes (') to HTML entities?
A. TRUE
B. FALSE
C. ENT_QUOTES
D. ENT_NOQUOTES
E. ENT_COMPAT
When a browser requests an image identified by an img tag, it never sends a Cookie header.
A. TRUE
B. FALSE
Which of the following techniques ensures that a value submitted in a form can only be yes or no ?
A. Use a select list that only lets the user choose between yes and no .
B. Use a hidden input field that has a value of yes or no .
C. Enable the safe_mode configuration directive.
D. None of the above.
You work for a shared hosting provider, and your supervisor asks you to disable user scripts to dynamically load PHP extensions using the dl() function. How can you do this? (Choose 2)
A. Set enable_dl to Off in the server's php.ini configuration file.
B. Add dl to the current value of disable_functions in the server's php.ini configuration file.
C. Add dl to the current value of disable_classes in the server's php.ini configuration file.
D. Write a custom function called dl() , save it under the name prepend.inc and then set the auto_prepend_file directive to prepend.inc in php.ini.
Which of the following filtering techniques prevents all cross-site scripting (XSS) vulnerabilities?
A. Strip all occurrences of the string