Page 370 - Open Soource Technologies 304.indd
P. 370

Web Technologies-I



                   Notes         File uploads: File uploads are potentially the biggest security risk in web development. Allowing
                                 a third-party to place files on your server could allow them to delete your files, empty your
                                 database, gain user details and much more.
                                 Safe mode: Safe mode is an attempt to address this and other problems caused by shared servers.
                                 If you are not sharing your server with other users that you do not trust, you do not need to
                                 worry about safe mode at all.

                                 Session files: With PHP’s built-in session support, session information is stored in files in the
                                 /tmp directory. Each file is named /tmp/sess_id, where id is the name of the session and is
                                 owned by the web server user ID, usually nobody.

                                                1.  Develop a PHP program to upload a text file in your web application.

                                                2.  Develop a PHP program to validate an email address.

                                 14.9 Review Questions

                                    1.  What are the global variables and form data? How does it use in PHP?

                                    2.  How do we initialize the variable and set their orders in PHP?
                                    3.  What is the data filtering? Describe the different methods of data filtering.

                                    4.  How the filenames are defined with PHP code? Explain with example.
                                    5.  Explain how the file uploads are potentially the biggest security risk in web development.
                                    6.  What are the precautions when uploading a file?
                                    7.  Write a PHP program to upload an image in your web application.

                                    8.  What about the file permission in PHP? What is the safe mode in PHP?
                                    9.  How PHP allows a script to execute arbitrary PHP code?

                                   10.  How the shell commands are used in PHP?
                                 Answers to Self Assessment
                                     1.  (a)    2.  (c)       3.  (a)     4.  (a)         5.  (a)
                                     6.  (b)    7.  (b)       8.  (b)     9.  (a)        10.  (a)

                                    11.  / temp.  12.  Common

                                 14.10 Further Reading



                                                Essential PHP Security,  by Chris Shiflett.



                                                http://php.net/manual/en/security.php












        364                               LOVELY PROFESSIONAL UNIVERSITY
   365   366   367   368   369   370   371