INFS3202
What symbol is used for each variable in PHP?
$
How do you get information from a form that is submitted using the "get" method?
$_GET[];
What is the correct way to add 1 to the variable "$dollar"?
$dollar++;
How do you concatenate the two strings $given_name = "Sen" and $family_name = "Wang"?
$given_name." ".$family_name; The empty string is just to add some space.
Which one of these variables has an illegal name? 1) $myVar 2) $my_Var 3) $my-Var
$my-Var since hyphens can't be used when declaring a variable.
What are the advantages of the symmetric algorithm?
*Advantages*: fast, efficient, simple. *Disadvantages*: limited security, easy to decrypt, difficult to distribute the keys.
Name some client-side languages and some server-side languages.
*Client-Side*: Javascript, Java Applets, jQuery, AJAX, etc. *Server-Side Programming*: PHP, Perl, Tcl, Python, CGI, ASP, Servlets/JSP, Ruby on Rails, Note.js, etc.
What are the security requirements?
*Confidentiality*: -Protection from disclosure to unauthorised persons *Integrity*: -Maintaining data consistency *Authentication*: -Assurance of identity of person or originator of data *Non-Repudiation*: -Originator of communications can't deny it later
What are the issues related to WIS?
*S*calability: Dynamic load balancing for large number of clients, heavily requested documents, in a short time (surge). *A*vailability: Affordable to any type of users who ask for different services (QoS) for different storage and network capacities, bandwidth, etc. *U*seability: Multiple devices (mobiles, sensors, PDA's, tablets, robots, etc.) *R*eliability: Services are trustworth at anytime, anywhere, for anyone. *S*ecurity and Privacy preservation
What's inside two-tier architecture?
- Client (user interface + main business logic) - Thin or fat client - A computer heavily dependent on a server's applications - A computer provides rich functionality independent of the central server - Server (some business logic + database management)
What's inside three-tier architecture?
- Client (user interface) - Application server (business logic) - Database server (data management) - The three-tier architecture has many advantages, one of them is a natural mapping to the Web environment
With regards to the TCP/IP architecture, what is the Data Link/Physical Layer?
- Data transfer between neighbouring network devices. - Bits on the wire. - TCP/IP does not define any specific protocol. It supports all of the standard proprietary protocols, on LAN (Local Area Network), MAN (Metropolitan Network), WAN (Wide Area Network).
What's HTTP, FTP, SMTP, and Telnet Protocol
- HTTP (HyperText Transfer Protocol): transfers web pages and files contained in web pages such as images - FTP (File Transfer Protocol): transfer files from one machine to the other - SMTP (Simple Mail Transport Protocol): email - Telnet Protocol: open telnet session
What are the ways to add comments in PHP?
/* multi-line comments */ #single-line comment shell //one-line c++ style comment
What is the correct way to end a PHP statement?
;
Which of the following code is correct? 1) <% if (Math.random() < 0.5){ Hello! } %> 2) Time is now: <% new Date() %> 3) <% private int count = 5; %> 4) <% if (Math.random() > 0.5){ %> Hello! <% } %>
<% if (Math.random() > 0.5){ %> Hello! <% } %>
Select the one which is invalid: 1) <%@ include file="hello.jsp" %> 2) <jsp:include page="hello.jsp"></jsp:include> 3) <% import "hello.jsp" %> 4) <jsp:include page="hello.jsp" />
<% import "hello.jsp" %>
Write a complete PHP script to save two text strings "INFS3202 2014" and "INFS7202 2014" into a text file named FinalExam2014.txt
<?php $file =fopen('FinalExam2014.txt', 'w'); fwrite($file, 'INFS3202 2014'); fwrite($file, 'INFS7202 2014'); fclose($file); ?>
How do you start and end PHP code.
<?php echo 'This is demo code'; ?>
How do you start a PHP session?
<?php session_start(); ?>
How do you create a cookie in PHP? print a cookie, view all cookies.
<?php setcookie(name, value, expire, path domain, secure); echo $_COOKIE["user"]; print_r($_COOKIE); ?>
What is the correct way to include the file "time.inc"?
<?php include("time.inc"); ?>
Explain the following URL: http://www.itee.uq.edu.au/~infs3202/profile.pdf
<protocol>://<host>[:<port>]/path_to_document[? Arguments]
What's a file server?
A *file server* is a computer attached to a network that has the primary purpose of providing a location for shared disk access. Designed primarily to enable the rapid storage and retrieval of files (such as documents, sound files, photographs, movies, images, databases, etc.)
Can open source programs be used to establish a CA, why or why not?
A CA can operate using open source software to perform tasks such as signing certificates, however the most important function of a CA certificate is to verify the identity of requesting entities which is not necessarily entirely a software process. Also, a CA certificate must be trusted by client applications, therefore it is not enough to simply have a functional CA authority. The security of a CA is through keeping their private key secret, not the algorithms used. So it is fine for them to use open source software that implements those algorithms.
What's a session?
A PHP *session variable* is used to store information about, or change settings for a user session. - Allow you to store user information on the server for later use (i.e. username, shopping items, etc.) *Session variables* hold information about one *single user*, and *available to all pages in one application.* - Session information is temporary and will be deleted after the user has left the website. - Need a permanent storage? Store the data in a database.
What are cookies and how are they used in PHP?
A cookie is a small amount of information stored by the client and sent to the server with every HTTP request. This allows for state information (such as a user identifier or login token) to be kept about the user without the server having to store that state. This is necessary due to the fact that HTTP is stateless. Cookies are accessed via the $_COOKIE global variable in personal home page. Therefore you can set a cookie like setcookie(name, value, timeout, domain). Cookies can persist after the browser is closed unlike session variables.
What's a cookie?
A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computers. Each time the same computer requests a page with a browser, it will send the cookie. With PHP, you can both create and retrieve cookie values.
Describe a scenario on how both the public keys and private keys are used in processing an online business ordering transaction?
A key goal in an ordering transaction is that only the intended recipient of the order can view the content and that the content cannot be tampered with. These can both be achieved using encryption. In the case of public key cryptography, the entity submitting the order has the public key belonging to the recipient of the order. The submitting entity can encrypt their order using the corresponding private key. The receiving entity may also wish to verify who submitted the order. In that case the sending entity could make a has of their order and encrypt it using their own private key, the receiving entity can then decrypt the has using the sender's public key and ensure the has matches the received order.
What is the difference between a session and a cookie?
A session is like a cookie, except the actual data is stored on the server side and only an identifier is stored in the cookie. The server can then use identifier to look up the stored data. This allows for sensitive authentication information to be kept private from the user.
What is a view?
A view is a set of tuples defined by a SQL query. It will be pre-fetched in the memory.
What is AJAX and how does it work?
AJAX stands for asynchronous JavaScript and XML. Usually a web page cannot obtain new information without making a new HTTP request and fully reloading the page. AJAX is a method of using JavaScript to make requests in the background, the results of which can be used to update parts of the page without fully reloading it. This is useful to make pages more dynamic and more like a traditional desktop application. The browser event onreadystatechange triggers updating of the page when AJAX requests are made. A XMLHttpRequest object is created in JavaScript. This creates a HTTP request in the 'background'. When a response is sent this triggers a JavaScript event. This event will normally be used to process the response and update the page.
What is an SQL Injection attack in a web application?
Ab SQL injection is a code injection attack resulting from malicious user input being used to construct an SQL query. The inserted value may change the nature of the query in unintended ways.
When is the wildcard in a WHERE clause useful?
An exact match is not possible in a SELECT statement.
What is a Web Information System? What are two types of Web Informational Systems?
An information system using WWW as part of deployment and implementation. 1) Informational - Disseminate and share information. 2) Transactional - Conduct transactional business (B2C, C2C, B2B), perform tasks & functions
What are the four layers of protocols in Internet Communications? What are the protocols inside them.
Application Layer HTTP, FTP, SOAP, Telnet, SMTP, IMAP, POP Transport Layer TCP Internet / Network IP, IPv6, IPv4 Data Link / Physical MAC, ARP, RARP
What are the layers within TCP/IP architecture?
Application Layer Transport Layer Internet/Network Layer Data Link/Physical Layer
What is TCP?
Connection is established. When data sets are sent from A to B, B sends A a data receipt. If one of the data sets is missing, it will not be added to the receipt. When A receives the receipt from B, it notices that a data set was not successfully sent and resends that data set.
What's the difference between cookies and sessions?
Cookies and store in the user's *hard disk*, and sessions are not. A cookie can keep information in the user's browser until deleted or expired; A session is available as long as the *browser is opened*. If you set the variable to "cookies", then your users will not have to log in each time they enter your website; If you set the variable to "sessions", your users will have to login each time they re-open their browser.
With regards to the TCP/IP architecture, what is the Application Layer?
Creates and communicates data to other processes or applications. HTTP, FTP, SMTP, Telnet Supports network applications -Support network applications -Internet, Email, Instant messaging (MSN, Skype), P2P file transfer (BT), Network Game, Remote desktop, Internet telephony
The command to remove rows from a table 'CUSTOMER' is...
DELETE FROM CUSTOMER WHERE ....
The command to eliminate a table from a database is:
DROP TABLE TABLENAME;
What's a digital signature?
Digital signature is used to achieve non-repudiation in the cyber-world. Electronic counterpart of handwrite signatures.
In Internet Communications, acknowledgements and re-transmissions are always used to ensure a reliable data delivery. Give a brief explanation of its basic workflow.
Every time a packet has been successfully sent and received, a confirmation is sent to the sender. If a data packet has not been successfully sent, no confirmation will be sent. If the sender does not receive a confirmation it will resend the data packet until it receives the confirmation.
What are some usages for JavaScript?
Form Validation Manipulate Cookies Interact with different components Animations Effects
When a JSP is executed, of the following, what is most likely to be sent to the client? 1) The compiled Servlet file 2) HTML 3) The source Servlet file 4) The source JSP file
HTML
What is HTTP?
HTTP is the protocol used to transfer Web pages through the Internet, at application layer. Based on request-response paradigm Stands for: Hypertext Transfer Protocol
Describe the protocol HTTP. Your answer should include the full name of this protocol. The functionalities of this protocol should also be explained.
HTTP stands for the hyper text transfer protocol. It is typically used for accessing documents of varying formats over the internet. The most common operations it supports are GET and POST. Typically a client makes a request, including both a header and a body, and the server responds likewise. Request headers include fields such as location, response headers include fields such as a data type and the maximum period the document should be cached for.
What does HTTP, IMAP, SOAP, UDP, DCCP, ARP, and MAC stand for?
HTTP: HyperText Transfer Protocol IMAP: Internet Message Application Protocol SOAP: Simple Object Access Protocol UDP: User Diagram Protocol DCCP: Datagram Congestion Control Protocol ARP: Address Resolution Protocol MAC: Media Access Control
How can you add a row using SQL in a database?
INSERT
In an asymmetric encryption algorithm, how the public keys and private keys are used for the purposes of authentication as well as authorization? Describe them separately.
In *authentication*, the goal is to ensure that a user is who they say are. If Bob wishes to authenticate Alice and Bob has Alice's public key then Bob can send a message to Alice. Alice can then encrypt that value with her private key and send it back, then Bob can decrypt the value with Alice's public key to ensure the values match. Bob can then be sure that the other person is indeed Alice. The goal of *authorization* is to determine whether a particular identity has permission to access a particular resource. If Mary stores files for Bob, and Bob wishes to give access to one of his files to Alice, then he can sign the file name with his private key and give the signature to Alice. When Alice can provide the signature when she requests the file from Mary. If Mary decrypts the signature using Bob's public key she will get a list of files which Bob has authorize Alice to access. Bob can also include attributes such as Alice's public key and a "not after" date which will ensure Alice cannot give the signature to someone else or use it after a particular date.
To develop a Java applications and applets, what do you need?
JDK (Java Development Kit)
What JSP element should be used to generate a random number of the first request, then show the same number to all users until the server is restarted?
JSP declarations
What is the relationship between JSP and servlets?
JSPs are built on servlet semantics and all JSPs are compiled to servlets for runtime usage.
What is the output of the following code? <% session.setAttribute("name", "John"); %> <%= session.getAttribute("name") %>
John
What's a KDC?
Key Distribution Center In cryptography, a key distribution centre is part of a cryptosystem intended to reduce the risks inherent in exchanging keys. KDC often operates in systems within which some users may have permission to use certain services at some times and not at others. KDC is mainly used for distributing the symmetric key.
What is an alternative to embedding Java code directly within the HTML markup of your JSP page?
Moving the code into JavaBeans and servlets.
What's new in HTML5?
New Elements New Attributes Full CSS3 Support Video and Audio 2D/3D Graphics Local Storage Local SQL Database Web Applications
Must include files have the file extension '.inc'
No.
When using the POST method, are variables displayed in the URL?
No.
How do you open a file? what do the modes 'r', 'r+', 'w', 'w+', 'a', 'a+'.
Opening a file - fopen(filename, mode) *$file = fopen("test.txt", "r");* "r": read only. start at the beginning of the file. "r+": read/write. starts at the beginning of the file. "w": write only. opens and clears the contents of file or starts new one. "w+": read/write same as w. "a": append at the file, opens and writes to the end of the file or creates a new file if it doesn't exist. "a+": read/append. preserves file content by writing to the end of the file.
What does PHP stand for?
PHP: Hypertext Preprocessor
With regards to the TCP/IP architecture, what is the Transport Layer?
Provides *end-to-end* communication services for applications. Manage the received data. Where TCP or UDP protocols are.
What does PKI stand for? What are the advantages of the asymmetric algorithm?
Public Key Infrastructure. *Advantages*: Highly secure, difficult to hack. *Disadvantages*: Performance issue.
What does PHP stand for?
Recursive acronym: PHP: Hypertext Preprocessor. Originally PHP stood for Personal Home Page.
What does strpos() do?
Returns the position of the first occurrence of a string inside another string. No match? Returns FALSE.
With regards to the TCP/IP architecture, what is the Internet/Netowrk Layer?
Routes the Data In order to route the data, it needs two parts of information. *IP Address* *Media Access Control (MAC) Address* - The identity of the network card. All network cards have a different MAC address.
Provide an example of an SQL Injection.
SELECT * FROM users WHERE username = "'.$user.'";'; The query will behave as intended if $user = "fred"; However, if: $user = "fred"; DROP TABLE products; SELECT * FROM users WHERE 1 = 1; This is valid SQL code, which will still parse.
When a servlet accepts a client call, what are the objects that are received?
ServletRequest and ServletResponse.
What does TCP and UDP stand for?
TCP = Transmission Control Protocol UDP = User Datagram Protocol
What are JavaServer Pages processed by?
The JSP container.
What is the difference between doing an "include" or a "forward"?
The forward method transfers control to the designated resource, while the include method invokes the designated resource, substitutes its output dynamically in the display, and returns control to the calling page.
What PHP function is used to close the connection of a PHP program to MySQL database? Is there anything wrong if this connection is not to be closed?
The mysqli_close function closes a connection to MySQL. Although in many cases connections will be closed automatically when the script execution completes, it is good practice to explicitly close connections. If too many connections are left open you may exceed the connection limit of the MySQL server - which will then refuse new connections.
What is a CA (certificate authority)?
The role of a CA is to link an identity to a public key. A CA is responsible for verifying the identity of an entity who wishes to have their public key signed. Then, the entity can give their public key and CA signature in the form of a certificate to users connecting to their service. This ensures to connecting users that a malicious man-in-the-middle hasn't substituted the provided public key with their own.
With regards to HTTP, what is stateless connection?
The server has no memory of previous ones (i.e., a request is closed once responded)
JavaServer Pages are processed by what?
The server.
When do you use the method "GET" in PHP?
This method should *not* be used when sending passwords or other sensitive information! This can be useful where you want to be able to bookmark a page with specific query string values.
What is UDP
UDP does not establish a connection, nothing is ensured. Great for video calls etc, bad for web pages. Basically use UDP if you don't care if some packets go missing. UDP is faster but more unreliable.
What is a URL?
Uniform Resource Locators URL is a string of alphanumeric and characters that uniquely represents the location or address of a resource on the Internet and how that resource should be accessed:
What's the difference between _POST and _GET in PHP?
Unlike _POST, _GET method is visible to everyone since it will be displayed in the browser's address bar.
What's a VPN?
Virtual Private Network - Assume that you are working in a small bank. One day, your boss approaches you and asks you whether it is important/useful to set up a VPN for the bank...
What is a Web Information System?
Web information system, or web-based information system, is an information system that uses Internet web technologies to deliver information and services, to users or other information systems/applications. It is a software system whose main purpose is to publish and maintain data by using hypertext-based principles.
When are init parameters read by the container?
When the servlet is initialized.
What is the difference between XML and JSON?
XML is a very well structured mark-up language with JSON is predefined structured and very effective.
In PHP, can you use both single quotes ( ' ' ) and double quotes ( " " ) for strings?
Yes you can.
Does PHP allow you to send emails directly from a script?
Yes.
The SQL statement that queries or reads data from a table is ________ . a) SELECT b) READ c) QUERY d) None of the above is correct
a) SELECT
Which of the following is the correct order of keywords for SQL SELECT statement? a) SELECT, FROM, WHERE b) FROM, WHERE, SELECT c) WHERE, FROM,SELECT d) SELECT,WHERE,FROM
a) SELECT, FROM, WHERE
The SQL WHERE clause: a) Limits the column data that is returned. b) Limits the row data returned. c) Both A and B are correct. d) Neither A nor B are correct.
b) Limits the row data returned.
To sort the results of a query use: a) SORT BY. b) GROUP BY. c) ORDER BY. d) None of the above is correct.
c) ORDER BY
SQL is: a) a programming language. b) an operating system. c) a data sub-language. d) a DBMS.
c) a data sub-language.
SQL can be used to: a) create database structures. b) query database data. c) modify database data. d) All of the above can be done by SQL.
d) All of the above can be done by SQL.
Which of the following do you need to consider when you create a table using SQL? a) Data types b) Primary keys c) Default values d) All of the above.
d) All of the above.
Which of the following is the original purpose of SQL? a) To specify the syntax and semantics of SQL data definition language b) To specify the syntax and semantics of SQL manipulation language c) To define the data structures d) All of the above.
d) All of the above.
How do you write 'Hello World' in PHP?
echo 'Hello World';
What is the correct way to open the file "time.txt" as readable?
fopen("time.txt", "r");
What is the correct way to create a function in PHP?
function MyFunction()
What PHP function is used to connect a PHP program to MySQL database? What parameters are provided to this function when it is called?
mysqli_connect is the function. $conn = mysqli_connect($servername, $username, $password); Accepts: - Host: The hostname of the MySQL server - Username - Password - Database: The name of the database to select (optional) - Socket: The socket that should be used (optional)
What is the output of the following code? <% session.setAttribute("name", "John"); %> <% = session.getAttribute("John") %>
null
What do the following functions do: str_replace() strcmp() print() printf() fprintf()
str_replace(): replaces some characters in a string. strcmp(): compares two strings print(): outputs one or more strings printf(): outputs a formatted string fprintf(): writes a formatted string to specified output stream(e.g. file or database)