Page 370 - Open Soource Technologies 304.indd
P. 370
Web Technologies-I
Notes File uploads: File uploads are potentially the biggest security risk in web development. Allowing
a third-party to place files on your server could allow them to delete your files, empty your
database, gain user details and much more.
Safe mode: Safe mode is an attempt to address this and other problems caused by shared servers.
If you are not sharing your server with other users that you do not trust, you do not need to
worry about safe mode at all.
Session files: With PHP’s built-in session support, session information is stored in files in the
/tmp directory. Each file is named /tmp/sess_id, where id is the name of the session and is
owned by the web server user ID, usually nobody.
1. Develop a PHP program to upload a text file in your web application.
2. Develop a PHP program to validate an email address.
14.9 Review Questions
1. What are the global variables and form data? How does it use in PHP?
2. How do we initialize the variable and set their orders in PHP?
3. What is the data filtering? Describe the different methods of data filtering.
4. How the filenames are defined with PHP code? Explain with example.
5. Explain how the file uploads are potentially the biggest security risk in web development.
6. What are the precautions when uploading a file?
7. Write a PHP program to upload an image in your web application.
8. What about the file permission in PHP? What is the safe mode in PHP?
9. How PHP allows a script to execute arbitrary PHP code?
10. How the shell commands are used in PHP?
Answers to Self Assessment
1. (a) 2. (c) 3. (a) 4. (a) 5. (a)
6. (b) 7. (b) 8. (b) 9. (a) 10. (a)
11. / temp. 12. Common
14.10 Further Reading
Essential PHP Security, by Chris Shiflett.
http://php.net/manual/en/security.php
364 LOVELY PROFESSIONAL UNIVERSITY