Activity 1.1: Indexed Arrays in PHP
|
|
- Giles Morton
- 5 years ago
- Views:
Transcription
1 Name: StudentID: Note: Please fill the online CES feedback for this course if you have not done so. We value your feedback and it helps us to improve the course. Note: All of you should be familiar with indexed and associative arrays (ie objects) from the javascript course content. If you aren't, make yourself known to teaching staff as soon as possible: there will be a very steep learning curve ahead in Activity 1 (multiple parts) if you are not up to speed! Activity 1.1: Indexed Arrays in PHP An array is a sequential list. The simplest is a numerically indexed array, indexed by integers starting at 0 : Compare the following Javascript and PHP code samples and explain what they do: Sample 1 <script> let numbers = [ 'zero', 'one', 'two', 'three', 'four' ]; document.write( numbers[2] ); /* OR */ alert( numbers[2] ); console.log( numbers ); // print out structure AND data </script> <?php $numbers = array( 'zero', 'one', 'two', 'three', 'four' ); // OR $numbers = [ 'zero', 'one', 'two', 'three', 'four' ]; // (PHP v5.4 onwards) echo $numbers[2]; /* OR */ print ($numbers[2]); print_r($numbers); // print out structure AND data /* OR */ $details = print_r($numbers, true ); // store structure AND data in a string echo $details; // print out structure AND data?>
2 Sample 2 <script> for (let i=0; i<numbers.length; i++) { document.write( numbers[i] + "<br>\n" ); </script> <?php for ($i=0; $i<count($numbers); $i++) { echo $numbers[$i]. "<br>\n";?> COSC2413/2426/ Web Programming Page 2 of 11
3 Activity 1.2: Associative Arrays in PHP As discussed in the last javascript tute and lab, associative arrays free us from having to use keys of sequential integers starting at 0. Compare the following Javascript and PHP code samples and explain how they work: Sample 1 <script> let letters = { zero: 'A', one: 'B', two: 'C', three: 'D', four: 'E' ; document.write( letters['two'] ); /* OR */ document.write( letters.two ); </script> <?php $letters = array( 'zero'=> 'A', 'one'=> 'B', 'two'=> 'C', 'three'=> 'D', 'four'=> 'E' ); echo $letters['two'];?> COSC2413/2426/ Web Programming Page 3 of 11
4 Sample 2 <script> for ( let key in letters ) { document.write( key + ': ' + letters [ key ] + "<br>" ); </script> <?php foreach ( $letters as $key => $letter ) { echo " $key : $letter <br>" ;?> COSC2413/2426/ Web Programming Page 4 of 11
5 Activity 1.3: Associative Arrays in PHP The real world is far more interesting than simple indexed lists can describe and it makes sense to use keys that have more meaning. Compare the $stupidpizza with the $smartpizza variable. What advantages do associative arrays offer? <?php // Indexed array $stupidpizza = [ 'large', // element 0 is large 'thin', // element 1 is thin 'capricciosa', // element 2 is capricciosa 15.5 // element 3 is 15.5 ]; // Associative array $smartpizza = [ 'size' => 'large', // ah... the size is large 'base' => 'thin', // ah... the base is thin 'type' => 'capricciosa', // ah... the type is capricciosa 'price' => 15.5 // ah... the price is $15.50 ];?> NB: You will find the terms keys and names interchangable when reading about key/value or name/value pairs. What is printed by the following PHP code samples? echo $mypizza[' size ']; echo $mypizza[' price ']; COSC2413/2426/ Web Programming Page 5 of 11
6 Activity 1.4: Example of a Real World Data Structure in PHP We can also put arrays inside arrays to create a data structure. This gives the data both shape and meaning: $mypizza = [ ' size ' => 'large', ' base ' => 'thin', ' type ' => 'capricciosa', ' extras ' => [ ' cheese ' => 'triple', ' anchovies ' => true, ' pineapple ' => true ], ' price ' => ]; /* Pizza data has both structure and meaning: mypizza object : size is large base is thin type is capricciosa list of extra toppings : cheese is triple add anchovies add pineapple price is $22.50 */ The "pizza" data in the associative array above looks more like a tree structure. This makes more sense than storing the data in a flat 1D data structure. COSC2413/2426/ Web Programming Page 6 of 11
7 What is printed by the following PHP code samples? echo $mypizza[' base ']; echo $mypizza[' extras '][' cheese ']; How can we check if the customer wants anchovies on their pizza? if ( $mypizza[' '][' '] == true ) { addanchovies(); Have another look at what is submitted from your cart page to the processing script. Is the POST data sent as an indexed array or as an associative array? (hint: look at the keys: are they numeric or useful strings?) COSC2413/2426/ Web Programming Page 7 of 11
8 Activity 2: Receiving & Processing $_GET and $_POST data Previously we looked at the form methods get (request data is visible in the url, much like a postcard) and post (request data is hidden inside the packets, much like a letter / envelope). In the lecture you were shown that data submitted by a form to the form-tester processing script can be accessed via the $_GET and $_POST variables. 1. How would you access something that has been submitted? eg from name="firstname", via post $firstname = $_POST[' ']; Unfortunately, a processing script cannot rely on a customer to submit reliable request data, even if the data has been validated using javascript. We should check, using internal / inbuilt php functions, to see if submitted data is set, empty, and in the format we expect (eg text, numeric etc) before assigning the value to variables. 2. How would you check to see if something has been submitted? eg from name="lastname"? if ( ($_POST[ ])) { $lastname = $_POST[ ];... COSC2413/2426/ Web Programming Page 8 of 11
9 3. How would you check to see if an isn t empty and is a valid address? eg from name=" "? if (! ($_POST[ ]) &&... ($_POST[ ], FILTER_VALIDATE_ ) { 4. How would you check to see if something is numeric? eg from name="age"? if ( ($_POST[ ]) ) { $age = $_POST[ ]; The more generalised checks should happen first. What is the best order to complete these checks? if ( && && ) { Is there anything else that could be done to clean up text input from users? COSC2413/2426/ Web Programming Page 9 of 11
10 Activity 3: Using Filters and Sanitizers Accepting user input, especially when storing input into a text file or database, is always a weak point of any computer system. Instead of writing ad-hoc regular expressions or convoluted string checking functions to check and sanitize (clean up) user input, a new function has been introduced to PHP to both check and help sanitize user input string. This function is also designed to evolve and operate at a "best practice" level with time. $ = $_POST[' ']; if (filter_var($ , FILTER_VALIDATE_ )) { echo "Valid "; else { echo "Did you mean to type '". filter_var($ , FILTER_SANITIZE_ )."'?"; // Will display: Did you mean to type 'alice.carroll@wonderland.com?' Each sanitize filter only removes, escapes or encodes particular characters according to its setting, so don't rely on it to fix up anything very broken. It is not an alternative to a human proof-reader or editor. It can also be used to check a range. Some might find the syntax cumbersome, but it can be used in place of a more complex if then else block: $age = $_POST['age']; $minage = 18; $maxage=150; if (filter_var($age, FILTER_VALIDATE_INT, array(" options " => array(" min_range "=>$minage, " max_range "=>$maxage))) === false) { echo("you are either too young, too old, or too "floaty" for this."); else { echo("welcome! Don't say you weren't warned..."); Honest users won't hack the form client side, but hackers will! Always double check data server side. COSC2413/2426/ Web Programming Page 10 of 11
11 Activity 4: Preventing Cross Site Scripting Attacks What can happen if a user enters javascript code into a blog's text field? eg <script>... /* some malicious code here */... </script> Here is an example from RMIT's previous LMS Blackboard: Cross Site Scripting Attack (XXS) How do the htmlspecialchars() and htmlentities() functions protect stored data from this security vulnerability? COSC2413/2426/ Web Programming Page 11 of 11
Security issues. Unit 27 Web Server Scripting Extended Diploma in ICT 2016 Lecture: Phil Smith
Security issues Unit 27 Web Server Scripting Extended Diploma in ICT 2016 Lecture: Phil Smith Criteria D3 D3 Recommend ways to improve web security when using web server scripting Clean browser input Don
More informationBuilding Secure PHP Apps
Building Secure PHP Apps is your PHP app truly secure? Let s make sure you get home on time and sleep well at night. Ben Edmunds This book is for sale at http://leanpub.com/buildingsecurephpapps This version
More information3 The Building Blocks: Data Types, Literals, and Variables
chapter 3 The Building Blocks: Data Types, Literals, and Variables 3.1 Data Types A program can do many things, including calculations, sorting names, preparing phone lists, displaying images, validating
More informationPHP Introduction. Some info on MySQL which we will cover in the next workshop...
PHP and MYSQL PHP Introduction PHP is a recursive acronym for PHP: Hypertext Preprocessor -- It is a widely-used open source general-purpose serverside scripting language that is especially suited for
More informationPHP 5 if...else...elseif Statements
PHP 5 if...else...elseif Statements Conditional statements are used to perform different actions based on different conditions. PHP Conditional Statements Very often when you write code, you want to perform
More informationCSC Web Programming. Introduction to JavaScript
CSC 242 - Web Programming Introduction to JavaScript JavaScript JavaScript is a client-side scripting language the code is executed by the web browser JavaScript is an embedded language it relies on its
More informationWEB APPLICATION ENGINEERING II
WEB APPLICATION ENGINEERING II Lecture #4 Umar Ibrahim Enesi Objectives Gain understanding on: Form structure Form Handling Form Validation with Filters and Pattern matching Redirection Sticky form 06-Nov-16
More informationDaniel Pittman October 17, 2011
Daniel Pittman October 17, 2011 SELECT target-list FROM relation-list WHERE qualification target-list A list of attributes of relations in relation-list relation-list A list of relation names qualification
More informationCOMP519 Practical 15 PHP (1)
COMP519 Practical 15 PHP (1) Introduction This worksheet contains exercises that are intended to familiarise you with PHP Programming. While you work through the exercises below compare your results with
More informationEmbedding Medial Media Library Videos in Blackboard or a Web Page. Version 5
Embedding Medial Media Library Videos in Blackboard or a Web Page Version 5 A QR Code (on the front cover) is a hypertext link in image form any URL can be encode into a QR Code, which means a webpage
More informationREADSPEAKER BLACKBOARD BUILDING BLOCK
READSPEAKER BLACKBOARD BUILDING BLOCK System Administrator Guide Version 1.0.4 This guide is intended for Blackboard System Administrators and describes how to install and configure the ReadSpeaker. This
More informationWeb Security, Summer Term 2012
Table of Contents IIG University of Freiburg Web Security, Summer Term 2012 Cross Site Scripting - XSS Dr. E. Benoist Sommer Semester Presentation: Inject Javascript in a Page Javascript for manipulating
More informationWeb Security, Summer Term 2012
IIG University of Freiburg Web Security, Summer Term 2012 Cross Site Scripting - XSS Dr. E. Benoist Sommer Semester Web Security, Summer Term 2012 5 Cross Site Scripting 1 Table of Contents Presentation:
More informationNET 311 INFORMATION SECURITY
NET 311 INFORMATION SECURITY Networks and Communication Department Lec12: Software Security / Vulnerabilities lecture contents: o Vulnerabilities in programs Buffer Overflow Cross-site Scripting (XSS)
More informationAttacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14
Attacks Against Websites 3 The OWASP Top 10 Tom Chothia Computer Security, Lecture 14 OWASP top 10. The Open Web Application Security Project Open public effort to improve web security: Many useful documents.
More informationWebGoat Lab session overview
WebGoat Lab session overview Initial Setup Virtual Machine Tamper Data Web Goat Basics HTTP Basics Sniffing Web server attacks SQL Injection XSS INITIAL SETUP Tamper Data Hold alt to reveal the menu in
More informationctio Computer Hygiene /R S E R ich
Computer Hygiene Protect Yourself You don't want to be part of the problem If there is a serious attack, you want your systems to be clean You rely on your systems on the air these days Packet NBEMS Logging
More informationPHP with data handling
171 Lesson 18 PHP with data handling Aim Objectives : To provide an introduction data handling with PHP : To give an idea about, What type of data you need to handle? How PHP handle the form data? 18.1
More informationExecuting Simple Queries
Script 8.3 The registration script adds a record to the database by running an INSERT query. 1
More informationLet's Look Back. We talked about how to create a form in HTML. Forms are one way to interact with users
Introduction to PHP Let's Look Back We talked about how to create a form in HTML Forms are one way to interact with users Users can enter information into forms which can be used by you (programmer) We
More informationCOMP519 Practical 16 PHP (2)
COMP519 Practical 16 PHP (2) Introduction This worksheet contains exercises that are intended to familiarise you with PHP Programming. While you work through the exercises below compare your results with
More informationWeek 13 Thursday (with Page 5 corrections)
Week 13 Thursday (with Page 5 corrections) Quizzes: HTML/CSS and JS available and due before 10 pm next Tuesday, May 1 st. You may do your own web research to answer, but do not ask classmates, friends,
More informationAttacks Against Websites. Tom Chothia Computer Security, Lecture 11
Attacks Against Websites Tom Chothia Computer Security, Lecture 11 A typical web set up TLS Server HTTP GET cookie Client HTML HTTP file HTML PHP process Display PHP SQL Typical Web Setup HTTP website:
More informationPHP for PL/SQL Developers. Lewis Cunningham JP Morgan Chase
PHP for PL/SQL Developers Lewis Cunningham JP Morgan Chase 1 What is PHP? PHP is a HTML pre-processor PHP allows you to generate HTML dynamically PHP is a scripting language usable on the web, the server
More informationEECS 282 Information Systems Design and Programming. Atul Prakash Professor, Computer Science and Engineering University of Michigan
EECS 282 Information Systems Design and Programming Atul Prakash Professor, Computer Science and Engineering University of Michigan 1 What is the Course About? A second programming course - but different
More informationZipRecruiter Apply Webhook Documentation. ZR ATS Integration Team. Version 1.1,
ZipRecruiter Apply Webhook Documentation ZR ATS Integration Team Version 1.1, 2017-10-12 Table of Contents Introduction................................................................................ 1
More informationzend. Number: Passing Score: 800 Time Limit: 120 min.
200-710 zend Number: 200-710 Passing Score: 800 Time Limit: 120 min Exam A QUESTION 1 Which of the following items in the $_SERVER superglobal are important for authenticating the client when using HTTP
More informationCSCD 303 Essential Computer Security Fall 2017
CSCD 303 Essential Computer Security Fall 2017 Lecture 18a XSS, SQL Injection and CRSF Reading: See links - End of Slides Overview Idea of XSS, CSRF and SQL injection is to violate the security of the
More informationExcerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt
Excerpts of Web Application Security focusing on Data Validation adapted for F.I.S.T. 2004, Frankfurt by fs Purpose of this course: 1. Relate to WA s and get a basic understanding of them 2. Understand
More informationShell scripting and system variables. HORT Lecture 5 Instructor: Kranthi Varala
Shell scripting and system variables HORT 59000 Lecture 5 Instructor: Kranthi Varala Text editors Programs built to assist creation and manipulation of text files, typically scripts. nano : easy-to-learn,
More informationSession Observed [1]
# Feature/Location Issue 1 2 3 4 5 6 Immediate Postponed 1 Course Page 2 Add a Section 2A Add a Section 3 Course Page 3A Course Page Iconography The course page has no clear indication that messaging students
More information<form>. input elements. </form>
CS 183 4/8/2010 A form is an area that can contain form elements. Form elements are elements that allow the user to enter information (like text fields, text area fields, drop-down menus, radio buttons,
More informationAssessment - Unit 3 lessons 16-21
Name(s) Period Date Assessment - Unit 3 lessons 16-21 1. Which of the following statements about strings in JavaScript is FALSE? a. Strings consist of a sequence of concatenated ASCII characters. b. Strings
More informationc122mar413.notebook March 06, 2013
These are the programs I am going to cover today. 1 2 Javascript is embedded in HTML. The document.write() will write the literal Hello World! to the web page document. Then the alert() puts out a pop
More informationControlled Assessment Task. Question 1 - Describe how this HTML code produces the form displayed in the browser.
Controlled Assessment Task Question 1 - Describe how this HTML code produces the form displayed in the browser. The form s code is displayed in the tags; this creates the object which is the visible
More informationexam. Number: Passing Score: 800 Time Limit: 120 min File Version: Zend Certified Engineer
200-710.exam Number: 200-710 Passing Score: 800 Time Limit: 120 min File Version: 1.0 200-710 Zend Certified Engineer Version 1.0 Exam A QUESTION 1 Which of the following items in the $_SERVER superglobal
More informationBEGINNER PHP Table of Contents
Table of Contents 4 5 6 7 8 9 0 Introduction Getting Setup Your first PHP webpage Working with text Talking to the user Comparison & If statements If & Else Cleaning up the game Remembering values Finishing
More informationBIS1523 Homework Assignments 2.1
Homework Assignments 2.1 Folder: hw01 Assignment #1, Bio Overview: Create a web page with some information (real or made up) about yourself. Your web page should include the following: A header, with your
More informationCNIT 129S: Securing Web Applications. Ch 12: Attacking Users: Cross-Site Scripting (XSS) Part 2
CNIT 129S: Securing Web Applications Ch 12: Attacking Users: Cross-Site Scripting (XSS) Part 2 Finding and Exploiting XSS Vunerabilities Basic Approach Inject this string into every parameter on every
More informationAdmin Login Log. User Guide. Compatibility: 1.5, 1.6, 1.7, 1.8, 1.9. Official Extension Page: Admin Login Log. User Guide: Admin Login Log Page 1
Admin Login Log User Guide Compatibility: 1.5, 1.6, 1.7, 1.8, 1.9 Official Extension Page: Admin Login Log User Guide: Admin Login Log Page 1 Table of contents: 1. Introduction.3 2.Extension Configuration..5
More informationWeb Focused Programming With PHP
Web Focused Programming With PHP May 20 2014 Thomas Beebe Advanced DataTools Corp (tom@advancedatatools.com) Tom Beebe Tom is a Senior Database Consultant and has been with Advanced DataTools for over
More informationBusiness Logic Security
Business Logic Security Ilia Alshanetsky @iliaa https://joind.in/14863 whois: Ilia Alshanetsky PHP Core Developer since 2001 Release Master of 4.3, 5.1 and 5.2 Author of Guide to PHP Security Author/Co-Author
More informationClient Side Injection on Web Applications
Client Side Injection on Web Applications Author: Milad Khoshdel Blog: https://blog.regux.com Email: miladkhoshdel@gmail.com 1 P a g e Contents INTRODUCTION... 3 HTML Injection Vulnerability... 4 How to
More informationLAMP Apps. Overview. Learning Outcomes: At the completion of the lab you should be able to:
LAMP Apps Overview This lab walks you through using Linux, Apache, MySQL and PHP (LAMP) to create simple, yet very powerful PHP applications connected to a MySQL database. For developers using Windows,
More informationSQL Deluxe 2.0 User Guide
Page 1 Introduction... 3 Installation... 3 Upgrading an existing installation... 3 Licensing... 3 Standard Edition... 3 Enterprise Edition... 3 Enterprise Edition w/ Source... 4 Module Settings... 4 Force
More informationLecture 6: More Arrays & HTML Forms. CS 383 Web Development II Monday, February 12, 2018
Lecture 6: More Arrays & HTML Forms CS 383 Web Development II Monday, February 12, 2018 Lambdas You may have encountered a lambda (sometimes called anonymous functions) in other programming languages The
More informationWeb Programming TL 9. Tutorial. Exercise 1: String Manipulation
Exercise 1: String Manipulation Tutorial 1) Which statements print the same thing to the screen and why? echo "$var"; value of $var echo '$var'; the text '$var' echo $var ; value of $var 2) What is printed
More informationData Feed Manager. End user instructions
Data Feed Manager End user instructions Configure your data feeds with Data Feed Manager To create and configure your data feeds, go to Products > Data Feed Manager > Data Feeds. Your data feeds will be
More informationCOMS 469: Interactive Media II
COMS 469: Interactive Media II Agenda Review Conditional Statements String and Numeric Functions Arrays Review PHP History Rasmus Lerdorf 1995 Andi Gutmans & Zeev Suraski Versions 1998 PHP 2.0 2000 PHP
More informationWEBD 236 Lab 5. Problem
WEBD 236 Lab 5 If you use an external source (i.e. a web-page, the required textbook, or an additional book) to help you answer the questions, then be sure to cite that source. You should probably always
More informationAn Overview of Protocols and Function
An Overview of Email Protocols and Function A Brief History of Email Email or e-mail (both spellings are acceptable) is short for electronic mail E-mail predates the inception of the Internet, and was
More informationPHP Security. Kevin Schroeder Zend Technologies. Copyright 2007, Zend Technologies Inc.
PHP Security Kevin Schroeder Zend Technologies Copyright 2007, Zend Technologies Inc. Disclaimer Do not use anything you learn here for nefarious purposes Why Program Securely? Your job/reputation depends
More informationInformation Security CS 526 Topic 8
Information Security CS 526 Topic 8 Web Security Part 1 1 Readings for This Lecture Wikipedia HTTP Cookie Same Origin Policy Cross Site Scripting Cross Site Request Forgery 2 Background Many sensitive
More informationWeb Security. Attacks on Servers 11/6/2017 1
Web Security Attacks on Servers 11/6/2017 1 Server side Scripting Javascript code is executed on the client side on a user s web browser Server side code is executed on the server side. The server side
More informationQ1. What is JavaScript?
Q1. What is JavaScript? JavaScript was designed to add interactivity to HTML pages JavaScript is a scripting language A scripting language is a lightweight programming language JavaScript is usually embedded
More informationJacksonville Linux User Group Presenter: Travis Phillips Date: 02/20/2013
Jacksonville Linux User Group Presenter: Travis Phillips Date: 02/20/2013 Welcome Back! A Quick Recap of the Last Presentation: Overview of web technologies. What it is. How it works. Why it s attractive
More informationCSE361 Web Security. Attacks against the server-side of web applications. Nick Nikiforakis
CSE361 Web Security Attacks against the server-side of web applications Nick Nikiforakis nick@cs.stonybrook.edu Threat model In these scenarios: The server is benign The client is malicious The client
More informationJackson State University Department of Computer Science CSC / Advanced Information Security Spring 2013 Lab Project # 3
Jackson State University Department of Computer Science CSC 439-01/539-02 Advanced Information Security Spring 2013 Lab Project # 3 Use of CAPTCHA (Image Identification Strategy) to Prevent XSRF Attacks
More informationPHPBasket 4 Administrator Documentation
PHPBasket 4 Please ensure you have the latest version of this document from http://www.phpbasket.com Contents CONTENTS 2 REQUIREMENTS 3 INSTALLATION 4 PREPARATION 4 UPLOAD 4 INSTALLATION 4 ADMINISTRATOR
More informationClient Side JavaScript and AJAX
Client Side JavaScript and AJAX Client side javascript is JavaScript that runs in the browsers of people using your site. So far all the JavaScript code we've written runs on our node.js server. This is
More informationFundamentals of Web Programming
Fundamentals of Web Programming Lecture 8: databases Devin Balkcom devin@cs.dartmouth.edu office: Sudikoff 206 http://www.cs.dartmouth.edu/~fwp http://localhost:8080/tuck-fwp/slides08/slides08db.html?m=all&s=0&f=0
More information11 Most Common. WordPress Mistakes. And how to fix them
11 Most Common WordPress Mistakes And how to fix them Introduction We all make mistakes from time to time but when it comes to WordPress, there are some mistakes that can have devastating consequences.
More informationComputers and stuff Sam Houliston
Computers and stuff Sam Houliston The hidden calculator. Did you know that MS-Word has an inbuilt calculator? If you re a long time user, dating back to Word 97, you probably do, but if you re new to Word
More informationCMPT 100 : INTRODUCTION TO
CMPT 100 : INTRODUCTION TO COMPUTING TUTORIAL #5 : JAVASCRIPT 2 GUESSING GAME 1 By Wendy Sharpe BEFORE WE GET STARTED... If you have not been to the first tutorial introduction JavaScript then you must
More informationREST. Web-based APIs
REST Web-based APIs REST Representational State Transfer Style of web software architecture that simplifies application Not a standard, but a design pattern REST Take all resources for web application
More informationExpressions and Variables
Expressions and Variables Expressions print(expression) An expression is evaluated to give a value. For example: 2 + 9-6 Evaluates to: 5 Data Types Integers 1, 2, 3, 42, 100, -5 Floating points 2.5, 7.0,
More informationAdvanced Web Technology 10) XSS, CSRF and SQL Injection
Berner Fachhochschule, Technik und Informatik Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011 1 Table of Contents Cross Site Request Forgery - CSRF Presentation
More informationA QUICK GUIDE TO PROGRAMMING FOR THE WEB. ssh (then type your UBIT password when prompted)
A QUICK GUIDE TO PROGRAMMING FOR THE WEB TO GET ACCESS TO THE SERVER: ssh Secure- Shell. A command- line program that allows you to log in to a server and access your files there as you would on your own
More informationPHP Syntax. PHP is a great example of a commonly-used modern programming language.
PHP is a great example of a commonly-used modern programming language. C was first released in 1972, PHP in 1995. PHP is an excellent language choice for software that requires an easy way to do things
More informationWeb Security: Vulnerabilities & Attacks
Computer Security Course. Song Dawn Web Security: Vulnerabilities & Attacks Cross-site Scripting What is Cross-site Scripting (XSS)? Vulnerability in web application that enables attackers to inject client-side
More informationEECS 282 Information Systems Design and Programming. Atul Prakash Professor, Computer Science and Engineering University of Michigan
EECS 282 Information Systems Design and Programming Atul Prakash Professor, Computer Science and Engineering University of Michigan 1 What is the Course About? A second programming course - but different
More informationIntroduction to Programming II Winter, 2015 Assignment 5 (Saturday, April 4, 2015: 23:59:59)
60-4 Introduction to Programming II Winter, 205 Assignment 5 (Saturday, April 4, 205: 2:59:59) This is a lengthy assignment description. Take time to read it carefully and thoroughly. Dynamic Linked Lists
More informationPHP. Interactive Web Systems
PHP Interactive Web Systems PHP PHP is an open-source server side scripting language. PHP stands for PHP: Hypertext Preprocessor One of the most popular server side languages Second most popular on GitHub
More informationAssessment 1 Task 3 Explain the following security risks SQL Injection Cross Site Scripting XSS Brute Force Attack/Dictionary Attack
P3 - Explain the security risks and protection mechanisms involved in website performance Assessment 1 Task 3 Explain the following security risks SQL Injection Cross Site Scripting XSS Brute Force Attack/Dictionary
More informationBoot Camp. Dave Eckhardt Bruce Maggs
Boot Camp Dave Eckhardt de0u@andrew.cmu.edu Bruce Maggs bmm@cs.cmu.edu 1 This Is a Hard Class Traditional hazards 410 letter grade one lower than other classes All other classes this semester: one grade
More informationCSCD 303 Essential Computer Security Fall 2018
CSCD 303 Essential Computer Security Fall 2018 Lecture 17 XSS, SQL Injection and CRSF Reading: See links - End of Slides Overview Idea of XSS, CSRF and SQL injection is to violate security of Web Browser/Server
More informationCS 5010 Program Design Paradigms Lesson 6.1
Lists vs. Structures CS 5010 Program Design Paradigms Lesson 6.1 Mitchell Wand, 2012-2016 This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. 1 Module Introduction
More informationLab 3 - Pizza. Purpose. Assignment
Lab 3 - Pizza Purpose To assess your ability to apply the knowledge and skills developed in weeks 1 through 9. Emphasis will be placed on the following learning outcomes: 1. Create syntactically correct
More informationWhat is PHP? [1] Figure 1 [1]
PHP What is PHP? [1] PHP is an acronym for "PHP: Hypertext Preprocessor" PHP is a widely-used, open source scripting language PHP scripts are executed on the server PHP is free to download and use Figure
More informationPart A Short Answer (50 marks)
Part A Short Answer (50 marks) NOTE: Answers for Part A should be no more than 3-4 sentences long. 1. (5 marks) What is the purpose of HTML? What is the purpose of a DTD? How do HTML and DTDs relate to
More informationPHP and MySQL for Dynamic Web Sites. Intro Ed Crowley
PHP and MySQL for Dynamic Web Sites Intro Ed Crowley Class Preparation If you haven t already, download the sample scripts from: http://www.larryullman.com/books/phpand-mysql-for-dynamic-web-sitesvisual-quickpro-guide-4thedition/#downloads
More informationFlow Control: Branches and loops
Flow Control: Branches and loops In this context flow control refers to controlling the flow of the execution of your program that is, which instructions will get carried out and in what order. In the
More informationJavaScript Functions, Objects and Array
JavaScript Functions, Objects and Array Defining a Function A definition starts with the word function. A name follows that must start with a letter or underscore, followed by any number of letters, digits,
More informationJavaScript s role on the Web
Chris Panayiotou JavaScript s role on the Web JavaScript Programming Language Developed by Netscape for use in Navigator Web Browsers Purpose make web pages (documents) more dynamic and interactive Change
More informationApplication. Security. on line training. Academy. by Appsec Labs
Application Security on line training Academy by Appsec Labs APPSEC LABS ACADEMY APPLICATION SECURITY & SECURE CODING ON LINE TRAINING PROGRAM AppSec Labs is an expert application security company serving
More informationWorking Bootstrap Contact form with PHP and AJAX
Working Bootstrap Contact form with PHP and AJAX Tutorial by Ondrej Svestka Bootstrapious.com Today I would like to show you how to easily build a working contact form using Boostrap framework and AJAX
More information<?php $sql = " SELECT card_num, card_name, card_expiry FROM credit_cards WHERE uid = '{$_GET['uid']}' ";?>
Welcome! What is Wrong Here? $sql = " SELECT card_num, card_name, card_expiry FROM credit_cards WHERE uid = '{$_GET['uid']}' "; http://example.com/script.php?uid=42 SELECT card_num, card_name, card_expiry
More informationClient Side Scripting. The Bookshop
Client Side Scripting The Bookshop Introduction This assignment is a part of three assignments related to the bookshop website. Currently design part (using HTML and CSS) and server side script (using
More informationJavaScript Introduction
JavaScript Introduction What is JavaScript? JavaScript was designed to add interactivity to HTML pages JavaScript is usually embedded directly into HTML pages JavaScript is an interpreted language (means
More information3. SPIDER Staff Advanced Tools
3. SPIDER Staff Advanced Tools This session covers the more advanced aspects of the staff tools, and introduces staff to ways of presenting content within the SPIDER framework - managing myfiles and creating
More informationPremium POS Pizza Order Entry Module. Introduction and Tutorial
Premium POS Pizza Order Entry Module Introduction and Tutorial Overview The premium POS Pizza module is a replacement for the standard order-entry module. The standard module will still continue to be
More informationPHP Personal Home Page PHP: Hypertext Preprocessor (Lecture 35-37)
PHP Personal Home Page PHP: Hypertext Preprocessor (Lecture 35-37) A Server-side Scripting Programming Language An Introduction What is PHP? PHP stands for PHP: Hypertext Preprocessor. It is a server-side
More informationFinding Vulnerabilities in Web Applications
Finding Vulnerabilities in Web Applications Christopher Kruegel, Technical University Vienna Evolving Networks, Evolving Threats The past few years have witnessed a significant increase in the number of
More informationInformation Security CS 526 Topic 11
Information Security CS 526 Topic 11 Web Security Part 1 1 Readings for This Lecture Wikipedia HTTP Cookie Same Origin Policy Cross Site Scripting Cross Site Request Forgery 2 Background Many sensitive
More informationNinox API. Ninox API Page 1 of 15. Ninox Version Document version 1.0.0
Ninox API Ninox Version 2.3.4 Document version 1.0.0 Ninox 2.3.4 API 1.0.0 Page 1 of 15 Table of Contents Introduction 3 Obtain an API Key 3 Zapier 4 Ninox REST API 5 Authentication 5 Content-Type 5 Get
More informationIf you re serious about Cookie Stuffing, take a look at Cookie Stuffing Script.
Cookie Stuffing What is Cookie Stuffing? Cookie Stuffing is a very mild form of black hat marketing, because in all honesty, this one doesn t break any laws. Certainly, it goes against the terms of service
More informationThe Paperless Classroom with Google Docs by - Eric Curts
The Paperless Classroom with Google Docs by - Eric Curts Table of Contents Overview How to name documents and folders How to choose sharing options: Edit, Comment, and View How to share a document with
More informationSuch JavaScript Very Wow
Such JavaScript Very Wow Lecture 9 CGS 3066 Fall 2016 October 20, 2016 JavaScript Numbers JavaScript numbers can be written with, or without decimals. Extra large or extra small numbers can be written
More informationWeb Application Development (WAD) V th Sem BBAITM(Unit-1) By: Binit Patel
Web Application Development (WAD) V th Sem BBAITM(Unit-1) By: Binit Patel Introduction: PHP (Hypertext Preprocessor) was invented by Rasmus Lerdorf in 1994. First it was known as Personal Home Page. Later
More informationCLEANING AFTER A COURSE IMPORT TABLE OF CONTENTS
CLEANING AFTER A COURSE IMPORT After completing an import from one course to a new course or semester, some cleanup may be necessary. TABLE OF CONTENTS Deleting Lessons area when using a differently titled
More information