Download PHP Sessions and Security Quiz Answers and Explanations - Prof. David L. Tarnoff and more Quizzes Computer Science in PDF only on Docsity! CSCI 2910 PHP Sessions and Security Quiz Name: ________________________________ Spring 2007 1. For lower traffic sites, sessions can be kept track of with a text file. High traffic sites, however, should use a(n) __database__ to keep track of sessions. (1 point) 2. To start a new session explicitly, the function ____________ should be called. (1 point) a.) session_start() b.) get_session() c.) new Session() d.) find_session() e.) session_open() 3. To open an existing session, the function ____________ should be called. (1 point) a.) session_start() b.) get_session() c.) new Session() d.) find_session() e.) session_open() Questions 4 and 5 are based on the following 'snippet' of PHP code. Note that the numbers on the left have been added as a reference to line numbers and are not part of the code. 1: if(!isset($_SESSION['count'])) 2: { 3: $_SESSION['count'] = 0; 4: $_SESSION['name'] = $_POST['user_name']; 5: } 6: $_SESSION['count']++; 4. What condition causes the returned value of isset() in line 1 to be false? (2 points) isset() returns a false if the variable inside the parenthesis has not been initialized yet. As many of you suggested, this is typically to see if a session has been started. If a session has not been started, the variable will not have been initialized, thereby making the PHP engine execute the initialization code. 5. If this piece of code is accessed 25 times during a client's session, how often was line 6 executed for this client? (1 point) a.) never b.) one time c.) 24 times d.) 25 times 6. True or False: A session variable can be of any type or object (1 point) 7. There are two ways to remove session variables. One is to remove them individually using unset(). The second method is to remove them all at once. How is the second one achieved? (2 points) To remove all session variables without destroying the session, you simply redefine the $_SESSION[] array using $_SESSION = new array();. 8. Define only two of the following three superglobal variables. (4 points) $_SERVER['HTTP_REFERER']: This returns the URL of the web site that the user came from in order to get to the current form, i.e., it is the URL of the site with a link to the form the client is currently submitting. $_SERVER['REQUEST_METHOD']: This returns whether the form data was submitted using POST or GET. $_SERVER['REMOTE_ADDR']: This returns the IP address of the client's machine.