How does XSS work?

-
Cross-site scripting works by manipulating a vulnerable web site so that it returns malicious JavaScript to users. When the malicious code executes inside a victim's browser, the attacker can fully compromise their interaction with the application.


Comments

Post a Comment

Popular posts from this blog

SQL Interview Questions

-
1) What are the usages of SQL? To execute queries against a database To retrieve data from a database To inserts records in a database To update records in a database To delete records from a database To create new databases To create new tables in a database To create views in a database 2) Does SQL support programming? No, SQL doesn't have loop or Conditional statement. It is used like commanding language to access databases. 3) What are the subsets of SQL? Data definition language (DDL) - Data definition language(DDL) allows you to CREATE, ALTER and DELETE database objects such as schema, tables, view, sequence etc. Data manipulation language (DML) - Data manipulation language makes user able to access and manipulate data. It is used to perform following operations. Insert data into database Retrieve data from the database Update data in the database Delete data from the database Data control language (DCL) - Data control...
Read more

Object oriented programming concepts in PHP

-
Is it always necessary to create objects from class? No. An object is necessary to be created if the base class has non-static methods. But if the class has static methods, then objects don’t need to be created. You can call the class method directly in this case, using the class name. How much memory does a class occupy? Classes do not consume any memory. They are just a blueprint based on which objects are created. Now when objects are created, they actually initialize the class members and methods and therefore consume memory. Can you create an instance of an abstract class? No. Instances of an abstract class cannot be created because it does not have a complete implementation. However, instances of subclass inheriting the abstract class can be created. What is a final variable? A variable whose value does not change. It always refers to the same object by the property of non-transversity. What are the differences between error and exception? Exception - Exception can be recovered b...
Read more

How can we optimize database query?

-
MySQL is one of the most popular open-source Relational Database Management System (RDBMS) that uses Structured Query Language (SQL). Useful tips to improve MySQL Query for speed and performance. 1. Optimize Your Database You need to know how to design schemas to support efficient queries. Well-designed queries and schema are crucial for your application to work properly. Optimizing your MySQL queries alone will not bring excellent database performance. A well-structured database is crucial along with an optimized query. The following steps will help you to optimize your database. a. Normalize Tables b. Use Optimal Data Types c. Avoid Null Values d. Avoid Too Many Columns 2. Optimize Joins 3. Index All Columns Used in ‘where’, ‘order by’, and ‘group by’ Clauses 4. Use Full-Text Searches - MySQL full-text search (FTS) is far faster than queries using wildcard characters. To add a full-text search index to the students’ sample table, we can use the below MySQL command: mysql>Alter tab...
Read more