Blogs

What is the difference between URL and URI?

A URL (Uniform Resource Locator) is the address of some resource on the Web. A resource is nothing but a page of a site. There are other type of resources than Web pages, but that's the easiest conceptually.

A URI is a unique identifier to usually a namespace.
Though it looks like a URL but it doesn’t have to necessarily locate any resource on the web.

URI is a generic term. URL is a type of URI.

What is the Pre-Compilation feature of ASP.NET 2.0?

Previously, in ASP.NET, the pages and the code used to be compiled dynamically and then cached so as to make the requests to access the page extremely efficient. In ASP.NET 2.0, the pre-compilation feature is used with which an entire site is precompiled before it is made available to users.

There is a pre-defined folder structure for enabling the pre-compilation feature:

How can we create custom controls in ASP.NET?

Custom controls are user defined controls. They can be created by grouping existing controls, by deriving the control from System.Web.UI.WebControls.WebControl or by enhancing the functionality of any other custom control. Custom controls are complied into DLL’s and thus can be referenced by as any other web server control.

Basic steps to create a Custom control:

Ways in which object can be created using Remoting

SAO Server Activated Object (call mode): lasts the lifetime of the server. They are activated as SingleCall/Singleton objects. It makes objects stateless. A SingleCall object gets created for each request by client and A Singleton object is created once on the server and is shared by all the clients.

CAO (Client Activated Objects): CAO creates stateful objects. The object creation request is based on the request by client side. Therefore, the lifetime is based on client and not server. Single instance of object is created for every call.

What is session hijacking?

Session hijacking is the misuse of a valid computer session. It is used to attain unauthorized and illegal access to a system. This access is attained using the “brute force†attack where in he tries multiple id’s to login in a system while the session is in progress. The most common method of session hijacking is IP spoofing where an attacker uses source-routed IP packets to insert commands into an active communication between two systems on a network and pretending itself as one of the authenticated users.

What is meant by Session Clustering?

Session clustering is used to provide scalability for keeping the session data in synch across a “cluster†of PHP servers. The sessions reside on the machine in which they are created. These sessions are then delivered from one machine to another. This delivery is fully distributed. The Zend Session manager is used for transferring sessions from the system (session storage) to remote addresses.

How many ways I can register the variables into session?

Global variables in PHP can be registered using the session_register() function. It accepts different number of arguments, any of which can be either a string holding the name of a variable or an array consisting of variable names or other arrays

Example:
Session_register(“smpleâ€);

$_session can also be used for registering variables.

Example:
$_SESSION['count'] = 0;

What is PHP security tips?

Avoid the use of global variables. Hence it must be ensured that register_globals option is not enabled.
Use of variables designed to be set by GET or POST requests.
Store passwords in an encrypted format
Avoid storing credit card and other secured information. Trust a third party gateway.
Make use of server side validations and avoid trusting the user input.
Example: if the expected value is integer, use the intval function.
$post_id = intval($_GET['post_id']);
mysql_query("SELECT * FROM post WHERE id = $post_id");

How can we encrypt the username and password using PHP?

User names and passwords in PHP can be encrypted using md5 function.
MD5 function calculates the md5 hash of a string. It is basically used for encryption. It is also used for digital signature applications, where a large file must be "compressed" in a secure manner.

Example:

Md5($str);

Crypt() function can also be used to encrypt a string,. It used MD5, DES or blow fish algorithms for encryption.

Syntax:

Crypt(str, salt)

Salt is an optional parameter used to increase the number of characters encoded, to make the encoding more secure

Pages