Tuesday, 10 May 2011

PHP Interview Questions and answers 2


sessions and cookies

Face to face technical interviews, questions related to sessions and cookies will pop up regularly. Since most of the developers are familiar with these sort of basic php questions they tend to ask more tricky questions, but if you have the correct idea then it is easy to answer any of those tricky questions. Let’s have a look on potential questions,
Where is the sessions are stored?
Sessions are stored in server side and it is accessed by a unique id which is known as the session-id where each user/visitor is assigned when they access your website.
How the session-id is propagated within your website?
Basically, there are 2 methods either store it in a cookie or propagated in the URL.
Session security questions will not be asked in an entry level interviews but, if an advanced level candidate who has experience in developing robust and secured application must know about the vulnerabilities.
Leaking out an existing session-id to a third party is very risky if the session is filled with more important information.
Main two methods of vulnerabilities are,
- When the session-id is carrying in URLs
If an external link from your site, a URL with the id might be stored in the external site’s referrer log.
- Active attacker might listen to network traffic
While the session-id flows over the network and if it is not encrypted an active listener might grab it. The best solution is to implement SSL and make it a must for all the users.

Blue print of an object

What is the construct used to define the blueprint of an object called?
A class is a blueprint of an object, which is an instance of a class.

 

 

0 comments:

Post a Comment

Search here for "Freshers Jobs"