Explore topic-wise InterviewSolutions in .

The final keyword in a declaration of the method indicates that the method cannot be overridden by SUBCLASSES. A class that is declared as final cannot be subclassed.

This is especially useful when we are creating an IMMUTABLE class LIKE the STRING class. Only classes and methods MAY be declared final, properties cannot be declared as final.

PATH traversal is a form of attack to READ into the files of a web application. '../' (dot-dot-sequences) is a cross-platform symbol to go up in the directory. Path traversal makes use of this symbol to operate the web application file. The ATTACKER can reveal the content of the file attacked using the path traversal outside the root directory of a web server or application. It is usually done to gain access to secret passwords, tokens, and other sensitive information stored in the files.

Path Traversal is also called “Directory Traversal”. It allows the attacker to exploit vulnerabilities present in the web file under attack.

Let’s take a simple example. Consider we have a “Show File” button that opens up some URL.

For a CLASSIC directory traversal attack, the attacker may try to access the system file /etc/passwd (assuming a UNIX/LINUX system). If the application receives the value of the file parameter from the URL and passes it to a system call, it would traverse the relative path ../../etc/passwd starting from /var/www and ask the system to load the password file.

This technique is also called a dot-dot-slash attack, because it usually uses the special characters ../ (or \.. on Windows) to climb to a higher-level directory.

The PHP parsing engine needs a way to differentiate PHP code from other page elements. The mechanism to achieve this is KNOWN as ‘escaping to PHP’. Escaping a STRING means REDUCING ambiguity in quotes used in that string.

For example, when you’re defining a string, you surround it in either double quotes or single quotes:
"HELLO, InterviewBit." 

But what if I include double quotes within the string?
"Hello "InterviewBit."" 

Now I have ambiguity - the interpreter doesn’t know where does my string end. If I want to KEEP my double quotes, I have various options. I could use single quotes around my string:
'Hello "InterviewBit."' 

Or I can escape my quotes:
"Hello \"InterviewBit.\"" 

Any quote that is preceded by a slash is escaped and understood to be part of the value of the string.

The main difference between ASP.NET and PHP are given below:

A cookie is a small record that the server installs on the client’s computer. They store data about a user on the browser. It is used to identify a user and is embedded on the user’s computer when they request a particular page. Each time a similar PC asks for a page with a program, it will SEND the cookie as well.

After verifying the user’s identity in encrypted form, cookies maintain the session id generated at the back end. It must reside in the browser of the machine. You can store only string values not object because you cannot access any object across the website or web apps.

By default, cookies are URL particular. For EXAMPLE, Gmail cookies are not supported by Yahoo and vice VERSA. Cookies are temporary and transitory by default. Per site 20 cookies can be created in a single website or web app. 50 bytes is the initial size of the cookie and 4096 bytes is the maximum size of the cookie.

In PHP, we can create cookies using the setcookie() function:

setcookie(name, value, expire, path, domain, secure, httponly);

Here name is mandatory and the remaining parameters are optional.

Example:
setcookie(“instrument_selected”, “guitar”)

include() function

This function is used to copy all the contents of a file CALLED within the function, text wise into a file from which it is called.

When the file is included cannot be found, it will only produce a warning (E_WARNING) and the SCRIPT will continue the execution.

require() function:

The require() function PERFORMS same as the include() function. It ALSO takes the file that is required and copies the whole CODE into the file from where the require() function is called.

When the file is included cannot be found, it will produce a fatal error (E_COMPILE_ERROR) and terminates the script.

The crypt() FUNCTION is used for this functionality as it provides a large number of hashing algorithms that can be used. These algorithms include SHA1, sha256, or md5 which are DESIGNED to be very FAST and efficient.

The foreach statement is a looping construct that is used in PHP to iterate and loop through the array data type.

The working of foreach is simple, with every SINGLE pass of the value, elements GET assigned a value, and pointers are INCREMENTED. This process is repeatedly done until the end of the array has been reached.

The syntax for using the foreach statement in PHP is given below:

JAVASCRIPT is a client-side programming language, whereas PHP is a server-side SCRIPTING language. PHP has the ability to generate JavaScript variables, and this can be executed easily in the browser. Thereby MAKING it possible to pass variables to PHP USING a simple URL.

TRAITS are a mechanism that LETS you create reusable code in PHP and similar LANGUAGES where multiple inheritances are not supported. It’s not possible to instantiate it on its own.

A trait is INTENDED to reduce the limitations of single inheritance by ENABLING a developer to reuse sets of methods freely in many independent classes living in different hierarchies of class.

The 3 main TYPES of errors in PHP are:

• NOTICES: Notices are non-critical errors that can occur during the execution of the script. These are not VISIBLE to users. Example: Accessing an undefined variable.
• Warnings: These are more critical than notices. Warnings don’t interrupt the script execution. By default, these are visible to the user. Example: include() a file that doesn’t exist.
• Fatal: This is the most critical error TYPE which, when occurs, immediately terminates the execution of the script. Example: Accessing a property of a non-existent object or require() a non-existent file.

There are 3 main types of arrays that are used in PHP:

INDEXED Array

An array with a numeric key is KNOWN as the indexed array. Values are STORED and accessed in linear order.

Associative Array

An array with strings for INDEXING elements is known as the associative array. Element values are stored in association with key values rather than in STRICT linear index order.

Multidimensional Array

An array containing one or more arrays within itself is known as a multidimensional array. The values are accessed using multiple indices.

A PHP parser is software that CONVERTS source code into the code that COMPUTER can understand. This means whatever SET of instructions we GIVE in the form of PHP code is converted into a machine-readable format by the parser.

You can parse PHP code with PHP USING the token_get_all() function.

In PHP, @ is used for suppressing error messages. If any RUNTIME error OCCURS on the LINE which CONSISTS @ symbol at the beginning, then the error will be handled by PHP.

PHP scripts have the ability to generate HTML, and it is POSSIBLE to PASS INFORMATION from HTML to PHP.

PHP is a server-side language whereas HTML is a client-side language. So PHP executes on the server-side and gets its results as STRINGS, objects, arrays, and then we use them to display its values in HTML.

This interaction HELPS bridge the gaps and use the best of both languages.