How does XSS work?

-
Cross-site scripting works by manipulating a vulnerable web site so that it returns malicious JavaScript to users. When the malicious code executes inside a victim's browser, the attacker can fully compromise their interaction with the application.


Comments

Post a Comment

Popular posts from this blog

Object oriented programming concepts in PHP

-
Is it always necessary to create objects from class? No. An object is necessary to be created if the base class has non-static methods. But if the class has static methods, then objects don’t need to be created. You can call the class method directly in this case, using the class name. How much memory does a class occupy? Classes do not consume any memory. They are just a blueprint based on which objects are created. Now when objects are created, they actually initialize the class members and methods and therefore consume memory. Can you create an instance of an abstract class? No. Instances of an abstract class cannot be created because it does not have a complete implementation. However, instances of subclass inheriting the abstract class can be created. What is a final variable? A variable whose value does not change. It always refers to the same object by the property of non-transversity. What are the differences between error and exception? Exception - Exception can be recovered b...
Read more

How can we optimize database query?

-
MySQL is one of the most popular open-source Relational Database Management System (RDBMS) that uses Structured Query Language (SQL). Useful tips to improve MySQL Query for speed and performance. 1. Optimize Your Database You need to know how to design schemas to support efficient queries. Well-designed queries and schema are crucial for your application to work properly. Optimizing your MySQL queries alone will not bring excellent database performance. A well-structured database is crucial along with an optimized query. The following steps will help you to optimize your database. a. Normalize Tables b. Use Optimal Data Types c. Avoid Null Values d. Avoid Too Many Columns 2. Optimize Joins 3. Index All Columns Used in ‘where’, ‘order by’, and ‘group by’ Clauses 4. Use Full-Text Searches - MySQL full-text search (FTS) is far faster than queries using wildcard characters. To add a full-text search index to the students’ sample table, we can use the below MySQL command: mysql>Alter tab...
Read more

Difference between unset() and unlink() in PHP

-
In PHP unlink() is a function for file system handling, unlink() is used to delete files (physical). Suppose you have uploaded a file and wants to delete this file through the coding then unlink() function is used to delete the file, Suppose you have an image with the name test.png and you wants to delete this image then use the <?php /****Condition*****/ /****Condition*****/ unlink(image path/test.png); /****Condition*****/ /****Condition*****/ ?> or <?php $xx = fopen('testing.html', 'a'); fwrite($xx, '<h1>Hello EWA!</h1>'); fclose($xx); unlink('testing.html'); ?> unset() is a function for variable management. It will make a variable undefined. Or we can say that unset() is used to null out the value of a given variable. OR Unset () is used to destroy a variable in PHP. In can be used to remove a single variable, multiple variables, or an element from an array. Example for unset() : <?php $value =...
Read more