Q
Which PHP function is commonly used to sanitize input data from a form to prevent XSS attacks?

Answer & Solution

Answer: Option A
Solution:
The htmlspecialchars() function in PHP converts special characters to HTML entities, preventing XSS attacks by rendering injected scripts harmless.
Related Questions on Average

What security mechanism prevents Cross-Site Request Forgery (CSRF) attacks by generating and validating unique tokens for each form submission?

A). CSRF Token

B). Session Management

C). Secure Cookies

D). HTTPS

Which of the following is a common security vulnerability associated with form data submission?

A). SQL Injection

B). Form Spamming

C). Broken Authentication

D). Clickjacking

Which of the following is a secure method for storing passwords in a database?

A). Hashing

B). Encryption

C). Salting

D). All of the above

Which HTTP header instructs web browsers to limit the scope of cookies to a specific domain?

A). SameSite

B). Cache-Control

C). Access-Control-Allow-Origin

D). Content-Security-Policy

What does XSS stand for in the context of web security?

A). Cross-Site Scripting

B). XML Secure Socket

C). External Server Session

D). Cross-Site Sanitization

Which PHP function is commonly used to validate email addresses submitted through a form?

A). filter_var()

B). preg_match()

C). validate_email()

D). email_check()

What security measure helps prevent form spamming by distinguishing between human users and bots?

A). CAPTCHA

B). HTTPS

C). CSRF Token

D). Two-Factor Authentication

Which PHP function is commonly used to sanitize input data from a form to prevent SQL injection?

A). mysqli_real_escape_string()

B). htmlspecialchars()

C). filter_var()

D). htmlentities()

Which of the following is NOT a common input validation technique for form data?

A). Regular Expressions

B). Whitelisting

C). Blacklisting

D). Tokenization

What is the purpose of using prepared statements when interacting with databases in PHP?

A). Preventing SQL Injection

B). Improving Performance

C). Encrypting Data

D). Enforcing Data Integrity