PHP-MySQL Interview Question - 2

Q:81	What is ‘float’ property in CSS?
A:81	The float property sets where an image or a text will appear in another element.
Q:82	What is descendant structure in CSS?
A:82	Descendant selectors are used to select elements that are descendants of another element in the document tree.For example, you may wish to target a specific element on the page, but not all elements. A sample document could contain the following code: <body> <h1>Heading <em>hereem> h1> <p>Lorem ipsum dolor <em>sitem> amet.p> body> The document tree diagram (with the element to be targeted) would be:If you use a type selector like the example below, you will select all elements on the page: em {color: blue; } However, if you use a descendant selector, you can refine the elements that you select. The rule below will only select elements that are descendants of elements. If this rule is applied, the element within the will not be colored blue. p em {color: blue; } You can also jump levels in the document tree structure to select descendants. For example, the following code: <body> <p>Lorem ipsum dolor <em>sitem> amet.p> <ul> <li>item 1li> <li>item 2li> <li><em>item 3em>li> ul> body> The document tree (with a third-level element highlighted) would be: Using the following rule you can isolate any element inside a element, without having to describe the element. If this rule is applied, any element within a element will be colored blue. However, the element within the will not be colored blue: ul em {color: blue; } Descendant selectors are well supported across standards-compliant browsers.
Q:83	What is Child Descendant structure in CSS?
A:83	Child selectors A child selector is used to select an element that is a direct child of another element (parent). Child selectors will not select all descendants, only direct children. For example, you may wish to target an that is a direct child of a , but not other elements that are descendants of the . A sample document could contain the following code: <body> <h1>Heading <em>textem>h1> <div> This is some <em>textem> <p>This is a paragraph of <em>textem>p> div> body> The document tree (highlighting the that is a child of the ) would be: Using the following rule you can target any element that is a child of the . Other elements that are descendants but not direct children of the will not be targeted. div > em { color: blue; } OR div>em { color: blue; } Child selectors are not supported by Windows Internet Explorer 5, 5.5 and 6, but are supported by most other standards-compliant browsers.
Q:84	How to create a class in JavaScript?
A:84	Classes can seem off-putting at first, but once you see the point of them, their use can be invaluable.We have already met objects. A computer object is a representation of a real object. For an estate agent the object may be a house, including information about the number of rooms and the price.An estate agent may have a lot of houses available. These houses all have different characteristics, and as objects they all go through the same processes. They are viewed, surveyed and bought, and so on.A full estate agent program would be difficult to demonstrate here, but we can introduce the use of classes.In this example, we have the house class. The house class produces house objects, all with object properties, such as number of rooms and price, and all having access to the same methods, such as sold and bought. So a class can create objects with a group of properties and methods. JavaScript doesn't have a keyword specific to class, so we must go back to basics and develop classes in a different way. This isn't very difficult. Class Properties Let us examine a very small estate agent program. We define a House function that takes three parameters, rooms, price and garage. The function uses the this keyword to create an object. When we call the House function, we assign the result to our variable, which becomes an object. So, identical code would be: house1=new Object(); house1.rooms=4; house1.price=100000; house1.garage=false; We would have to type this in for all houses, which would be very tedious and is why we use the class structure instead. When we display the details for a house, I have introduced the ternary operator, '?:'. The ternary operator is a compacted version of: if (garage) str='a'; else str='no'; (garage?'a':'no') means if garage is true, return 'a' else return 'no'. Using the ternary operator removes a line of code, and avoids having to create a new variable. Class Methods The House class we have so far defined only contains object properties. We could add a method to replace the document.write() action we used before. (See example) Much better! Note how we must add another property, name, so that we can identify the house in question. This offers more flexibility than re-using the variable name, and the variable name is inaccessible anyway, i.e. it is very difficult, if not impossible, to get the view() function to use the string 'house1'.
Q:85	Are namespaces are there in JavaScript?
A:81	A namespace is a container and allows you to bundle up all your functionality using a unique name. In JavaScript, a namespace is really just an object that you've attached all further methods, properties and objects. But it is not always necessary to use namespace.
Q:86	What is JSON? What are the notations used in JSON?
A:86	JSON (JavaScript Object Notation) is a lightweight data-interchange format. It is easy for humans to read and write. It is easy for machines to parse and generate. It is based on a subset of the JavaScript Programming Language, Standard ECMA-262 3rd Edition - December 1999. JSON is a text format that is completely language independent but uses conventions that are familiar to programmers of the C-family of languages, including C, C++, C#, Java, JavaScript, Perl, Python, and many others. These properties make JSON an ideal data-interchange language.
Q:87	How to get Query String in PHP for http request?
A:87	$_GET[] and $_REQUEST[]
Q:88	How to get the http Request in PHP?
A:88	When PHP is used on a Web server to handle a HTTP request, it converts information submitted in the HTTP request as predefined variables: $_GET - Associate array of variables submitted with GET method. $_POST - Associate array of variables submitted with POST method. $_COOKIE - Associate array of variables submitted as cookies. $_REQUEST - Associate array of variables from $_GET, $_POST, and $_COOKIE. $_SERVER - Associate array of all information from the server and the HTTP request.
Q:89	How you provide security for PHP application?
A:89	There are many ways to accomplish the security tasks but the most common 7 ways are1. Validate Input. Never trust your user and always filter input before taking it to any operation.2. Provide access control.3. Session ID protection4. preventing Cross Site Scripting (XSS) flaws 5. SQL injection vulnerabilities. 6. Turning off error reporting and exposing to the site for hackers. Instead use log file to catch exceptions 7. Effective Data handling
Q:90	What is SQL Injection in PHP security?
A:90	SQL injection attacks are extremely simple to defend against, but many applications are still vulnerable. Consider the following SQL statement: This query is constructed with $_POST, which should immediately look suspicious. Assume that this query is creating a new account. The user provides a desired username and an email address. The registration application generates a temporary password and emails it to the user to verify the email address. Imagine that the user enters the following as a username: bad_guy', 'mypass', ''), ('good_guy This certainly doesn't look like a valid username, but with no data filtering in place, the application can't tell. If a valid email address is given (shiflett@php.net, for example), and 1234 is what the application generates for the password, the SQL statement becomes the following: Rather than the intended action of creating a single account (good_guy) with a valid email address, the application has been tricked into creating two accounts, and the user supplied every detail of the bad_guy account. While this particular example might not seem so harmful, it should be clear that worse things could happen once an attacker can make modifications to your SQL statements. For example, depending on the database you are using, it might be possible to send multiple queries to the database server in a single call. Thus, a user can potentially terminate the existing query with a semicolon and follow this with a query of the user's choosing. MySQL, until recently, does not allow multiple queries, so this particular risk is mitigated. Newer versions of MySQL allow multiple queries, but the corresponding PHP extension (ext/mysqli) requires that you use a separate function if you want to send multiple queries (mysqli_multi_query() instead of mysqli_query()). Only allowing a single query is safer, because it limits what an attacker can potentially do. Protecting against SQL injection is easy: Filter your data.This cannot be overstressed. With good data filtering in place, most security concerns are mitigated, and some are practically eliminated. Quote your data.If your database allows it (MySQL does), put single quotes around all values in your SQL statements, regardless of the data type. Escape your data.Sometimes valid data can unintentionally interfere with the format of the SQL statement itself. Use mysql_escape_string() or an escaping function native to your particular database. If there isn't a specific one, addslashes() is a good last resort.
Q:91	What is cross site Scripting?
A:91	To understand what Cross Site Scripting is, let’s see a usual situation, common to many sites. Let’s say we are taking some information passed in on a querystring (the string after the (?) character within a URL), with the purpose of displaying the content of a variable, for example, the visitor’s name: http://www.yourdomain.com/welcomedir/welcomepage.php?name=John As we can see in this simple querystring, we are passing the visitor’s name as a parameter in the URL, and then displaying it on our “welcomepage.php” page with the following PHP code: echo ‘Welcome to our site ’ . stripslashes($_GET[‘name’]); ?> The result of this snippet is shown below: Welcome to our site John This is pretty simple and straightforward. We’re displaying the content of the “name” variable, by using the $_GET superglobal PHP array, as we have done probably hundreds of times. Everything seems to be fine. Now, what’s wrong with this code? Nothing really. But let’s modify the querystring by replacing our visitor’s name passed in the URL: http://www.yourdomain.com/welcomedir/ welcomepage.php?name=John with something like this: http://www.yourdomain.com/welcomedir/ welcomepage.php?name= Do you remember the PHP code included in our “welcome.php” page? Yes, you’re correct. When we modify the querystring, the following code is executed: echo ‘Welcome to our site ‘ . ?> The output of this code is an alert JavaScript box telling you “Hey, you are going be hijacked!” after the “Welcome to our site” phrase. Very ugly stuff, right? That’s a simple example of the Cross Site Scripting vulnerability. This means that any pasted JavaScript code into the URL will be executed happily with no complaints at all.
Q:92	Which method do you follow to get a record from a million records? (Searching, .... not from database, from an array in php)
A:92	use array_search(), array_keys(), array_values(), array_key_exists(), and in_array().
Q:93	Which sorting method is lowest time consumable?
A:93	HeapSort, Merge sort are the lowest time consumable sorting algorithm.
Q:94	Which sorting method is lowest memory consumable?
A:94