PHP Form Validation, XSS Prevention, and CRUD MCQs

1. Which function is used in PHP to prevent Cross-site Scripting (XSS) by converting special characters to HTML entities?

a) htmlspecialchars()
b) strip_tags()
c) escape_html()
d) htmlentities_only()

2. What does the mysqli_real_escape_string() function do?

a) Encrypt passwords
b) Strip all white spaces
c) Escapes special characters to prevent SQL injection
d) Remove JavaScript from strings

3. Which of the following is a secure way to get form input in PHP?

a) $_GET["input"]
b) $_POST["input"]
c) filter_input(INPUT_POST, "input", FILTER_SANITIZE_STRING)
d) $_REQUEST["input"]

4. Which PHP function is commonly used to validate an email address?

a) check_email()
b) validate_email()
c) filter_var()
d) email_filter()

5. What is the main goal of input validation?

a) To improve website design
b) To reduce server memory usage
c) To make sure user inputs are clean and expected
d) To fetch data from databases faster

6. What SQL command is used to retrieve all rows from a database table?

a) INSERT * FROM table_name
b) SELECT * FROM table_name
c) GET ALL FROM table_name
d) SHOW table_name

7. Which PHP function is used to execute SQL commands in a MySQLi connection?

a) mysqli_execute()
b) mysql_query()
c) mysqli_query()
d) db_run()

8. Which HTTP method is usually used for deleting a record through a form?

a) GET
b) POST
c) PUT
d) DELETE

9. In a CRUD app, what does the "Update" operation do?

a) Adds a new record
b) Shows all records
c) Deletes a record
d) Modifies existing data

10. Which SQL command deletes a row in a table?

a) REMOVE FROM table_name WHERE id=1
b) DROP table_name WHERE id=1
c) DELETE FROM table_name WHERE id=1
d) ERASE FROM table_name WHERE id=1

Wait for 20 seconds...