ptg16476052
686 LESSON 24: Taking Advantage of the Server
Quiz Answers
- In PHP, strings in double quotes are parsed for variable references and special char-
acters before they are presented. Strings in single quotes are presented as is. - The include_once function does not return a fatal error if the file being included is
not found. With require_once, if the file is not found, a fatal error occurs and the
rest of the page is not processed. - You can use htmlspecialchars() to escape the characters used to generate HTML
tags for a page. You can use strip_tags() to remove HTML tags from a string.
Either approach should prevent users from using malicious input to attempt a cross-
site scripting attack. - Associative arrays are declared as follows:
$array = ('key' => 'value, 'key2' => 'value2');
Exercises
- Get PHP up and running on your own computer.
- Write a script that enables a user to show the current date and time on a web page.
- Go to the PHP manual online and find a built-in function that wasn’t introduced in
this lesson. Use it in a script of your own.