PHP (MCQs)
Q.105 What is the main advantage of using a PHP framework like Laravel or Symfony?
A. Standardized coding practices
B. Faster execution of scripts
C. Automatic HTML parsing
D. Increased PHP script size
Answer. A
Q.106 Spot the mistake in this PHP session handling code:
session_start(); $_SESSION = array(); session_destroy();
A. Not using session_unset() before session_destroy()
B. Incorrect use of session_start()
C. No mistake
D. The session array should not be emptied
Answer. A
Q.107 Identify the error in this PHP cookie code:
setcookie(“user”, “Alice”, time() – 3600);
A. The cookie is being set with a past expiration time
B. The cookie value is incorrect
C. There is no error in the code
D. The cookie name is incorrect
Answer. A
Q.108 Consider this PHP code:
session_start();
$_SESSION[‘user’] = ‘Alice’; session_destroy();
echo $_SESSION[‘user’];
What is output?
A. Alice
B. An error
C. Nothing
D. The session ID
Answer. A
Q.109 In PHP, how can you delete a cookie?
A. By setting its value to null
B. By using the delete_cookie() function
C. By setting its expiration date in the past
D. By unsetting it in $_COOKIE
Answer. C
Q.110 What will be the output of the following PHP code?
setcookie(“user”, “John Doe”, time() + 3600); echo $_COOKIE[“user”];
A. John Doe
B. An error
C. Nothing
D. The current time + 3600
Answer. A
Q.111 How can you increase the security of PHP sessions?
A. By using SSL and storing sessions in a database
B. By increasing the session timeout
C. By disabling cookies
D. By using longer session IDs
Answer. A
Q.112 What is a session hijacking attack?
A. An attack where the attacker steals the session cookie
B. An attack where the server hijacks a client’s session
C. A brute force attack
D. A SQL injection attack
Answer. A
Q.113 In PHP, what function is used to start a session?
A. session()
B. session_start()
C. start_session()
D. begin_session()
Answer. B
Q.114 How are PHP sessions different from cookies?
A. Sessions are stored on the client-side, while cookies are stored on the server-side
B. Sessions and cookies are the same
C. Sessions are stored on the server-side, while cookies are stored on the client-side
D. Sessions encrypt data automatically
Answer. C
Q.115 What is the primary purpose of cookies in web development?
A. To store server data
B. To store client-side, persistent user data
C. To improve network speed
D. To encrypt data
Answer. B
Q.116 Spot the vulnerability in this PHP session handling:
session_start();
if (!isset($_SESSION[‘user’])) {
header(‘Location: login.php’);
}
A. The session is not regenerated upon login
B. The session ID is not stored securely
C. There is no vulnerability in this code
D. The header location is not absolute
Answer. A
Q.117 Identify the security flaw in this PHP code snippet:
if (isset($_GET[‘user_id’])) {
$user_id = $_GET[‘user_id’]; // Perform database query }
A. The user input is not sanitized before being used
B. No error in the code
C. The user ID should be stored in a session
D. The user ID should be encrypted
Answer. A
Q.118 In PHP, how can you securely handle file uploads to prevent malicious files from being uploaded?
A. By checking the file extension only
B. By limiting the file size
C. By validating the MIME type and checking file extensions, and storing files outside the web directory
D. By renaming files upon upload
Answer. C
Q.119 How can htmlspecialchars() function in PHP help in preventing security risks?
A. By encrypting data
B. By suppressing error messages
C. By converting special characters to HTML entities, thus preventing XSS attacks
D. By validating user input
Answer. C
Q.120 What is Cross-Site Request Forgery (CSRF) and how can it be prevented in PHP?
A. A type of attack where a malicious website performs actions on behalf of a user on another website
B. Using SSL certificates
C. Validating user input
D. Using tokens in forms
Answer. A
