It can be achived as follows.
A. Set enable_dl to Off in the server’s php.ini configuration file.
B. Add dl to the current value of disable_functions in the server’s php.ini configuration file.
It can be achived as follows.
A. Set enable_dl to Off in the server’s php.ini configuration file.
B. Add dl to the current value of disable_functions in the server’s php.ini configuration file.
instanceof is used to determine whether a PHP variable is an instantiated object of a certain class:
<?php class A{ } $obj = new A(); if ($obj instanceof A) { echo 'A'; } ?>
The function parses the HTML document in the file named filename. Unlike loading XML, HTML does not have to be well-formed to load.
This function may also be called statically to load and create a DOMDocument object. The static invocation may be used when no DOMDocument properties need to be set prior to loading.
Several predefined variables in PHP are “superglobals”, which means that they are always accessible, regardless of scope – and you can access them from any function, class or file without having to do anything special.
The PHP superglobal variables are:
$_SESSION superglobals does not necessarily contain data from the client
password_hash() creates a new password hash using a strong one-way hashing algorithm. password_hash() is compatible with crypt(). Therefore, password hashes created by crypt() can be used with password_hash().
To hash a password, take the password string and pass it into password_hash the function as a parameter along with the algorithm you want to use, then store the returned hash into the database.
Following are the acceptable ways to create a secure password hash in PHP
A. crypt()
B. hash_pbkdf2()
C. password_hash()
Late Static Binding is something that helps us correctly resolve to static classes at run time. So when we use self keyword, PHP checks it at compile time which class to bind the method call to but when we use static keyword, PHP would check it late eg it would determine which class to use and bind method call to at runtime. Doing it at runtime is what helps PHP determine which class was meant.
Late static binding is used in PHP to use caller class information provided in static method call.
The standalone declaration is a way of telling the parser to ignore any markup declarations in the DTD. The DTD is thereafter used for validation only.
Following methods are available to limit the amount of resources available to PHP through php.ini
A. Limit the amount of memory a script can consume
B. Limit the maximum execution time of a script
The following can prevent PHP from being able to open a file on the hard drive
A. File system permissions
B. File is outside of open_basedir
• The PHP directive file_uploads must be set to On
• The form’s method attribute must be set to “post”
• The form’s enctype attribute must be set to “multipart/form-data”