PHP INTERVIEW

1.How to create a text file in php?

$filename = "/home/user/guest/newfile.txt";
 $file = fopen( $filename, "w" );
if( $file == false )
{ echo ( "Error in opening new file" );
exit();
}
fwrite( $file, "This is a simple test\n" );
fclose( $file );

2. How to strip whitespace (or other characters) from the beginning and end of a string ?

The trim() function removes whitespaces or other predefined characters from both sides of a string.
3.How to redirect a page in php?
The following code can be used for it, header("Location:index.php");

4. How stop the execution of a php scrip ?
exit() function is used to stop the execution of a page.

5.  How to set a page as a home page in a php based site ?
index.php is the default name of the home page in php based sites.

6.  How to find the length of a string?
strlen() function used to find the length of a string

TYPE OF ATTACKS

Viruses

 A virus is a destructive program that infects systems by replicating itself and spreading across the network. Viruses can easily hide within a system by attaching themselves to other files or programs because they are small. It is difficult to trace a virus after it has spread across a network. Viruses either destroy data or change the functionality of the software applications on a computer. Virus attacks are one of the main areas that need to be considered while planning for the security of the networking infrastructure within an organization.

Worms 

A worm is a self-replicating program that uses the network and security gaps for its replication. It scans the network for a computer with a specific security gap. The worm copies itself to a computer by using the security gap and starts replicating itself into the newly infected computer. A worm also takes up the memory resources of a computer system on a network. In addition, a worm can travel across networks, and consumes the network bandwidth and system memory of the computers in the network.

Some of the differences between a virus and a worm are:

• A virus can replicate itself from one program to another on a single computer. However, a worm can replicate itself from one computer to another in a network.
•  A worm spreads faster than a virus. This is because a virus needs human intervention to spread from one computer to another unlike a worm. 

Trojan Horse

 Trojan Horse is a destructive program that masquerades as a useful program. Trojans do not replicate themselves like viruses. Users install Trojans thinking them to be legitimate programs. However, Trojans can contain viruses 

that destroy or corrupt the data and programs on the network. Trojans can also corrupt software applications. Like the name suggests, a Trojan can bring other viruses and worms with itself. A Trojan can be concealed within any software. Trojans can also be created by using existing utility programs. 

Man-in-the-Middle Attacks

 In the man-in-the-middle attack, a hacker can redirect the data being exchanged between two authorized entities to multiple unauthorized entities. In other words, before the authorized entities exchange data, a third party intercepts to monitor, capture, or control communication on a network. In this type of attack, the hacker acts as an authorized entity and captures the data meant for the authorized entity.

Denial-of-service Attacks 

A Denial-of-service (DoS) attack is a mechanism of making a computer or network resource, such as a Web server, unavailable to the intended users. Such attacks generally target sites or services hosted on Web servers, such as banks and credit card payment gateways. DoS attacks are based on the concept of network congestion or starvation of resources and aimed at disrupting network use for legitimate users. Resource starvation can be caused in many ways. Typical examples would include sending a large number of junk email messages or a large number of IP request packets to a mail server. Any intruder can cause network congestion by sending loads of junk data over the network. As a result, the target computers are inaccessible for some time because all routes to reach the computers are blocked. It can even cause the target computers to stop responding due to lack of resources, such as memory and disk space. A DoS attack can be executed from any IP packet sent over a network. The intruder’s identity is kept anonymous. Some of the commonly used methods to initiate DoS attacks are:

• SYN flood
•  Broadcast storm
•  Ping of death 
• Mail bomb 
• Spamming 

SYN Flood

 The SYN flood attack is primarily focused on the TCP protocol used by all the computers on the Internet. To understand how this attack occurs, you need to understand the SYN-ACK (three-way) handshake process

The steps in this process are: 

The first node requests communication by sending a packet with the sequence number and the SYN bit. The second node acknowledges the receipt of data and responds with an acknowledgement (ACK) that contains the sequence number, plus one increment in value, and its own sequence number (SYN-ACK). The first node responds, and the communication between the two nodes continues. 

Broadcast Storm 

In a broadcast storm , an intruder sends a large number of fake broadcast packets to all the computers on the network. As a result, each computer forwards these packets to the specified fake target address, increasing the amount of network traffic excessively. 

Ping of Death 

Ping of death is a technique that involves sending abnormally large ping packets to a specific computer. The target computer receives the ping command in fragments. On receiving the ping command, the computer tries to reassemble the fragments into a big packet. However, the size of the data packets is so large that they cannot fit into the computer’s buffer. As a result, these large-sized ICMP packets cause an overflow, which may cause the system to stop responding, reboot frequently, or the protocol will hang.

Mail Bomb 

The mail bomb is a simple and effective harassment tool. In a mail bomb attack, a message is sent repeatedly to the targeted recipient. This action can cause the recipient’s mail box to crash or spam by sending unauthorized mails by using the target’s Simple Mail Transfer Protocol (SMTP) gateway. Mail bombs can exist in the form of an email message that has huge files attached or is in the 

form of thousands of email messages. For example, some software programs generate thousands of email messages and dispatch them to a user’s mailbox, causing the mail server to stop responding or denying users resources.

 Spamming

 Spamming is an attempt to deliver an email message to someone who might otherwise not choose to receive it. The most common example is commercial advertising. Mail spamming engines are sold on the Internet, with thousands of email addresses adding to the explosive growth of junk mail.

Password-cracking 

On a typical computer network, all the users have fixed passwords until they decide to change it. When the password is typed in, the computer’s authentication kernel encrypts and translates it into a string of characters, and checks it against the long list of encrypted passwords. This list is in a password file stored on the computer. When the authentication module finds an identical string of characters paired with the user name, access to the system is permitted. If a hacker gains access to a copy of this file and runs a password-cracking program, the string of characters can be converted to the original password. A password-cracking program encrypts a long list of character strings, such as all the words in a dictionary, and checks it against the encrypted set of passwords. If the program finds even one match, an intruder can access the system. This type of attack does not require a high level of skill, and as a result, many password-cracking programs are available on the Internet.

Sniffing

 A sniffer is a hardware or software device that passively intercepts and copies all the network traffic on a system, a server, a router, or a firewall. Intruders can use stealth sniffers that are extremely dangerous to a network’s security because they are difficult to detect and can be self-installed almost anywhere. Most stealth sniffers are programmed to specifically detect and extract a copy of data containing a user name and a password. The attacker can then use a network utility or hacking software to capture the user name and password, and impersonate the user. The attacker gains access to the remote server with the help of captured credentials. 

Spoofing

 Spoofing is used to assume the identity of a trusted host to subvert security and attain trustful communication with a target host. IP spoofing is a form in which a network attacker breaches security and gains access by masquerading as a trusted host. 

Email Hacking

 Users often use email to communicate with other users. If email headers and content are sent in the plaintext format, hackers may read or alter the messages in transit. Hackers may also change the header to modify the sender name or redirect the message to another user. They may use a technique called packet replay to retransmit message packets over a network. Packet replay may cause serious security threats to programs on the network that require authentication sequences. A hacker may replay the packets containing authentication data to gain access to the resources of a computer system on a network.

security threats

 SECURITY THREATS

In context of computers, the term security refers to the protection of system resources from intentional or accidental disclosure, destruction, or modification. These resources include infrastructure, hardware, software applications, files and directories, the data stored in the database, and the data in transit.

 Different types of security threats, which can be:

• Network security
•  threats Attacks

Network Security Threats

Based on their sources, security threats can be broadly categorized into human threats and threats caused by natural calamities. 

Natural Calamities 

Security threats from natural calamities include damage caused to network systems due to floods, earthquakes, hurricanes, and fire. This may result in the loss of information, system downtime, or damage to hardware. For example, if the organizational premises of an organization are destroyed due to flood in the area, the computer resources will become unusable. The operations would stop and there is a possibility that critical data is lost. This may amount to huge losses to the organization. 

Human Threats

 Human threats include threats from the users of a computer system on a network or on the host machine. Human threats can be further categorized into intentional and unintentional threats. 

Intentional Threats

 Intentional threats include threats from the internal and external users of a computer system. The motive behind intentional attacks is to delete or alter important information, commit information theft, cause damage to 

the resources, commit fraud by impersonation, or disrupt the normal, day-to-day business activities of an organization. 

External users include hackers. A hacker is a person who breaks into a system on a network without owning the appropriate authorization. Hackers discover the vulnerabilities of a computer system on the network and exploit these weaknesses to gain control of the system. After taking control of the system, hackers can easily access confidential information and manipulate the resources of the system on a network. For example, a hacker can attack an e-commerce website and gain access to the credit card numbers provided by the users of this website. 

Unintentional Threats 

Unintentional threats are threats from ignorant users who perform certain tasks without knowing the impact of their actions. These threats are usually from employees who are not trained to use computer systems and are unaware of the security threats and vulnerabilities. For example, a data entry operator may key in erroneous data, which may affect the consistency of the data stored in a database. Another example is that of a programmer who may develop an erroneous application that may cause the system to stop responding

Different Types of Attacks

• Viruses Worms
•  Trojan horse
•  Man-in-the-middle attacks
•  Denial-of-service (DoS)
•  Password-cracking
•  Sniffing
•  Spoofing 
• Email hacking 

php interview

1. What is PHP?

 PHP is a server side scripting language commonly used for web applications. PHP has many frameworks and cms for creating websites.Even a non technical person can cretae sites using its CMS.WordPress,osCommerce are the famus CMS of php.It is also an object oriented programming language like java,C­sharp etc.It is very eazy for learning.

2.How to include a file to a php page? 

We can include a file using "include() " or "require()" function with file path as its parameter.

3.Differences between GET and POST methods ? 

We can send 1024 bytes using GET method but POST method can transfer large amount of data and POST is the secure method than GET method.

4.How to declare an array in php?

 var $arr = array('apple', 'grape', 'lemon');

5.what types of loops exist in php?

 for,while,do while and foreach

6. How to create a mysql connection? 

mysql_connect(servername,username,password);

 7. How to select a database?

 mysql_select_db($db_name);

word

Introducing the Ribbon Panel Ribbon is a panel at the top of a Word document window. It comprises easily accessible commands required to work on a document. The Ribbon panel consists of the following eight basic tabs:


Home : This tab contains options that help you perform basic functions in a Word document, such as formatting and editing text.
Insert : This tab contains options that help you add different objects, such as pictures, tables, shapes, apps, media, and symbols in a document. You can insert these objects from your local PC or from various online sources. The online options include inserting images within the Office Clipart collection online, via a Bing search, or from your own SkyDrive.
Design : This tab makes it easier to use themes, styles, and other formatting features, such as the page background color, page border, or document watermark.
 Page Layout : This tab contains options that help you define page settings in a document. In addition, it contains options for controlling the position of text and graphics.
References : This tab contains options for citing sources of information and creating a bibliography. It also helps you select a style for formatting the citations and references in a document.
 Mailings : This tab contains the options related to a feature called mail merge. Mail merge helps you create and print letters and mailing labels.
Review : This tab contains various options that help you review and edit the contents of a document. View : This tab contains various options that help you view a document in different layouts.
Each tab is divided into several groups incorporating features designed to perform specific tasks during document creation. You can hide the Ribbon panel by double-clicking any
active tab.

css

<!DOCTYPE HTML>
 <HTML>
<HEAD>
<LINK type="text/css" rel="stylesheet" href="externalstylesheet.css" />
 <STYLE>
h1{ color:red; font-size:12pt; font-style:italic; }
 </STYLE>
 </HEAD>
<BODY>
<P>Welcome to BookYourHotel website.</P>
 <H1 style="font-size: 24pt; color: green"> Hotel booking from the comfort of your room.</H1> <H1> Compare and book from more than 5000 hotels. </H1>
</BODY>
</HTML>

Exercise

Exercise 1 :-Write a program to identify whether a character entered by a user is a vowel or a consonant.

Write a program to identify whether the number entered by a user is even or odd.

Write a program to accept a number from the user and display all the prime numbers 

from one up to the number entered by user.

Write a program to accept two numbers and check if the first is divisible by the second. In addition, an error message should be displayed if the second number is zero.

Exercise 5:-Write a program to accept two numbers and display the quotient as a result. In addition, an error message should be displayed if the second number is zero or greater than the first number.

Exercise 6:-

 Write a program to enter a number from 1 to 7 and display the corresponding day of the week.

Exercise 7:-

 Write a program to display the highest of any 10 numbers entered.

Exercise 8 :-

Write a program to print the product of the first 10 even numbers.

Exercise 9:-

 Enter a year and determine whether the year is a leap year or not. A leap year is a non century year that is divisible by 4. A century year is a year divisible by 100, such as 1900. A century year, which is divisible by 400, such as 2000, is also a leap year. 

Hint: If a year is divisible by 4 and is not divisible by 100 or divisible by 400, it is a leap year.

Encapsulation

Encapsulation is implemented by using access specifiers. An access specifier defines the scope and visibility of a class member. C# supports the following access specifiers:
  Public
 Private
 Protected
  Internal
  Protected internal

Example
using System;
namespace Loops
{
   
    class Program
    {
        static void Main(string[] args)
        {
            /* local variable definition */
            int a = 10;
            /* do loop execution */
             do
            {
                if (a == 15)
                {
                    /* skip the iteration */
                    a = a + 1;
                    continue;
                }
                Console.WriteLine("value of a: {0}", a);
                a++;
            } while (a < 20);
 
            Console.ReadLine();
        }
    }
}
When the above code is compiled and executed, it produces the following result:
value of a: 10
value of a: 11
value of a: 12
value of a: 13
value of a: 14
value of a: 16
value of a: 17
value of a: 18
value of a: 19 

Loop Control Statements

Loop Control Statements

 Loop control statements change execution from its normal sequence. When execution leaves a scope, all automatic objects that were created in that scope are destroyed.

Break Statement
The break statement in C# has following two usage:
1. When the break statement is encountered inside a loop, the loop is immediately terminated and program control resumes at the next statement following the loop.
 2. It can be used to terminate a case in the switch statement. If you are using nested loops (i.e., one loop inside another loop), the break statement will stop the execution of the innermost loop and start executing the next line of code after the block.

Syntax

 The syntax for a break statement in C# ,c,c++is as follows:

break;

Continue Statement 

The continue statement in C# works somewhat like the break statement. Instead of forcing termination, however, continue forces the next iteration of the loop to take place, skipping any code in between. For the for loop, continue statement causes the conditional test and increment portions of the loop to execute. For the while and do...while loops, continue statement causes the program control passes to the conditional tests.

The syntax for a continue statement in C# is as follows:
continue; 

nested for loop Example

Example

 The following program uses a nested for loop to find the prime numbers from 2 to 100: 

using System;  

namespace Loops 

{ 

     

   class Program 

   { 

      static void Main(string[] args) 

      { 

         /* local variable definition */ 

         int i, j;  

         for (i = 2; i < 100; i++) 

         { 

            for (j = 2; j <= (i / j); j++) 

               if ((i % j) == 0) break; // if factor found, not prime 

            if (j > (i / j))  

               Console.WriteLine("{0} is prime", i); 

         } 

Console.ReadLine(); 

      } 

   } 

} 

2 is prime 

3 is prime 

5 is prime 

7 is prime 

11 is prime 

13 is prime 

17 is prime 

19 is prime 

23 is prime 

29 is prime 

31 is prime 

37 is prime 

41 is prime 

43 is prime 

47 is prime 

53 is prime 

59 is prime 

61 is prime 

67 is prime 

71 is prime 

73 is prime 

79 is prime 

83 is prime 

89 is prime 

91 is prime

Do...While Loop & Nested Loops

Do...While Loop

 Unlike for and while loops, which test the loop condition at the start of the loop, the do...while loop checks its condition at the end of the loop. A do...while loop is similar to a while loop, except that a do...while loop is guaranteed to execute at least one time.

Syntax

 The syntax of a do...while loop in C#,c,c++ is:

do
{
   statement(s);
}
while( condition );

Example 

using System;  

namespace Loops 

{ 

     

    class Program 

{

 static void Main(string[] args) 

        { 

            /* local variable definition */ 

            int a = 10;  

            /* do loop execution */ 

            do 

            { 

               Console.WriteLine("value of a: {0}", a); 

                a = a + 1; 

            } while (a < 20);  

            Console.ReadLine(); 

        } 

    } 

}  

When the above code is compiled and executed, it produces the following result: 

value of a: 10 

value of a: 11 

value of a: 12 

value of a: 13 

value of a: 14 

value of a: 15 

value of a: 16 

value of a: 17 

value of a: 18 

value of a: 19 

Nested Loops

 C# allows to use one loop inside another loop. Following section shows few examples to illustrate the concept. 

Syntax

 The syntax for a nested for loop statement in C# is as follows: 

for ( init; condition; increment ) 

{ 

   for ( init; condition; increment ) 

   { 

      statement(s); 

   } 

   statement(s); 

} 

The syntax for a nested while loop statement in C# is as follows: 

while(condition) 

{ 

   while(condition) 

   { 

      statement(s); 

   } 

   statement(s); 

} 

The syntax for a nested do...while loop statement in C# is as follows: 

do 

{ 

   statement(s); 

   do 

   { 

 statement(s); 

   }

while( condition );  

}

while( condition );