Answer & Solution
Answer: Option A
Solution:
Prepared statements in PHP prevent SQL Injection by separating SQL logic from user input, ensuring that input data is treated as data and not executable code.
Q
What is the purpose of using prepared statements when interacting with databases in PHP?
Related Questions on Average
Which PHP function is commonly used to sanitize input data from a form to prevent XSS attacks?
A). htmlspecialchars()
B). htmlentities()
C). strip_tags()
D). filter_var()
Which PHP function is commonly used to check if a form field is empty?
A). empty()
B). isset()
C). is_empty()
D). is_null()
What does XSS stand for in the context of web security?
A). Cross-Site Scripting
B). XML Secure Socket
C). External Server Session
D). Cross-Site Sanitization
Which of the following is NOT a common input validation technique for form data?
A). Regular Expressions
B). Whitelisting
C). Blacklisting
D). Tokenization
Which of the following is a secure method for storing passwords in a database?
A). Hashing
B). Encryption
C). Salting
D). All of the above
What is the purpose of using HTTPS (HTTP Secure) in web applications?
A). Encrypting Data
B). Authenticating Users
C). Preventing XSS Attacks
D). Optimizing Page Load Speed
Which of the following is NOT a common security vulnerability associated with file uploads in web applications?
A). File Inclusion
B). File Upload Vulnerability
C). Path Traversal
D). Cross-Site Request Forgery
What is the primary purpose of form data validation in web applications?
A). Enhancing user experience
B). Preventing security vulnerabilities
C). Optimizing server performance
D). Improving search engine ranking
Which HTTP header instructs web browsers to limit the scope of cookies to a specific domain?
A). SameSite
B). Cache-Control
C). Access-Control-Allow-Origin
D). Content-Security-Policy
Which PHP function is used to generate a random CSRF token for form submissions?
A). bin2hex()
B). uniqid()
C). md5()
D). openssl_random_pseudo_bytes()