Untitled

<html>
<head>
    <meta charset="UTF-8" />
    <title>Report</title>
    <link rel="stylesheet" type="text/css" href="TheaterStyle.css" />
</head>

<body>
<img src="../ITF_Assets/Logo.jpg">
    <h1>Report</h1>
    <div id = "navbar">
 <ul>
  <li><a href="Homepage.php">Homepage</a></li>
  <li><a href="MovieList.php">MovieList</a></li>
  <li><a href="SessionList.php">SessionList</a></li>
  <li><a href="Report.php">Report</a></li>
  <li><a href="SignUp.php">SignUp</a></li>
 </ul>
 </div>
<h1>Question:</h1>
<h2>1. What is HTML?</h2>
//HyperText Markup Language(HTML)<br>
//HTML is a computer language devised to allow website creation.<br>
//These websites can then be viewed by anyone else connected to the Internet.<br>
//It is relatively easy to learn, with the basics being accessible to most people in one sitting;<br>
//and quite powerful in what it allows you to create.<br>

<h2>2. What is CSS?</h2>
//Cascading Style Sheets(CSS)<br>
//CSS describes how HTML elements are to be displayed on screen, paper, or in other media<br>
//CSS saves a lot of work. It can control the layout of multiple web pages all at once<br>
//External stylesheets are stored in CSS files<br>

<h2>3. In HTML what does “Hotlink an image” mean, what is hotlinking? Is hotlinking bad?</h2>
is the use of a linked object, often an image, on one site by a web page belonging to a second site.<br>
One site is said to have an inline link to the other site where the object is located.<br>
It is bad because if we just copy the link from other website, when that website change the link, our link will be useless.<br>

<h2>4. What is PHP and what does PHP do?</h2>
//PHP (recursive acronym for PHP: Hypertext Preprocessor)<br>
//It is a widely-used open source general-purpose scripting language that is especially suited for web development<br>
//and can be embedded into HTML.<br>
PHP is mainly focused on server-side scripting,<br>
//so you can do anything any other CGI program can do, such as collect form data, generate dynamic page content, or send and receive cookies.<br>
//But PHP can do much more.<br>
//There are three main areas where PHP scripts are used.<br>
//Server-side scripting.<br>
//Command line scripting.<br>
//Writing desktop applications.<br>

<h2>5. How does PHP and HTML relate to each other?</h2>
//PHP and HTML interact a lot:<br>
//PHP can generate HTML, and HTML can pass information to PHP.<br>
//Before reading these faqs, it's important you learn how to retrieve variables from external sources.<br>
//The manual page on this topic includes many examples as well.<br>

<h2>6. Explain the difference between POST and GET requests. When should post be used? When should GET be used?</h2>
//GET - Requests data from a specified resource<br>
//POST - Submits data to be processed to a specified resource<br>
//
    GET requests can be cached<br>
    GET requests remain in the browser history<br>
    GET requests can be bookmarked<br>
    GET requests should never be used when dealing with sensitive data<br>
    GET requests have length restrictions<br>
    GET requests should be used only to retrieve data<br>
//
    POST requests are never cached<br>
    POST requests do not remain in the browser history<br>
    POST requests cannot be bookmarked<br>
    POST requests have no restrictions on data length<br>

<h2>7. What is trusted data & untrusted data? Please provide some examples of each.</h2>

<h2>8. What is SQL Injection? How does it work? Can you give an example?</h2>
//SQL injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL<br>
//statements that control a web application's database server<br>
//SQL Injections can manipulate data (delete, update, add ecc...) and corrupt or delete tables of the database.<br>
 <br>

<h2>9. Is our website safe from SQL Injection?</h2>
//NO<br>
//SQL Injection Attack<br>
//SQL stands for Structured Query Language. It comes in many different dialects, most of which are based on the SQL-92 ANSI standard.<br>
//An SQL query comprises one or more SQL commands<br>
//It’s these types of queries that make the SQL language so popular and flexible… it’s also what makes it open to SQL injection attacks.<br>

<h2>10. What is Cross Site Scripting (XSS) & how does it work?</h2>
Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application.<br>
//XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input within the output it generates.<br>
//In order to run malicious JavaScript code in a victim’s browser, an attacker must first find a way to inject a payload into a web page that the victim visits.<br>
//Of course, an attacker could use social engineering techniques to convince a user to visit a vulnerable page with an injected JavaScript payload.<br>
//In order for an XSS attack to take place the vulnerable website needs to directly include user input in its pages.<br>
//An attacker can then insert a string that will be used within the web page and treated as code by the victim’s browser.<br>
<h2>11. Is our website safe from XSS?</h2>

<h2>12. What are web cookies?</h2>
//An HTTP cookie (also called web cookie, Internet cookie, browser cookie or simply cookie) is a small piece of data sent from a website and stored in the user's web browser while the user is browsing.<br>
<h2>13. Are cookies bad?</h2>
//NO.<br>
//Some sites may be collecting demographic information about who are visiting their site,<br>
//how often they visit the site, how long they stay on the site, the visitors' surfing habits etc.<br>
//Some sites may use cookies to monitor advertisements.<br>
//It helps them decide what ads they let you see, and how often you see them.<br>
//More importantly, cookies help web servers to personalize the web page for you, and sometimes let you enter a page on a secure server not requiring you to type in your password every time.<br>
//any shopping sites keep a track of what you bought or searched for from their site earlier and keep this information in a cookie.<br>

<h2>14. How much disk space does the website require? Including images.</h2>
 <br>

<h2>15. What are HTTP Status codes?</h2>
// It includes codes from IETF internet standards, other IETF RFCs, other specifications, and some additional commonly used codes.<br>
//The first digit of the status code specifies one of five classes of response;<br>
//an HTTP client must recognise these five classes at a minimum.<br>
//The phrases used are the standard wordings, but any human-readable alternative can be provided.<br>
<h2>//Unless otherwise stated, the status code is part of the HTTP/1.1 standard</h2>

<h2>16. Describe the HTTP status codes listed below:</h2>
o 200://This is the most common HTTP status message.<br>
      //It indicates that the request was successful and the server was able to deliver on the request.<br>
o 302://(Found)The requested resource resides temporarily in another location, but it can still be found at the requested URI.<br>
o 400://(Bad Request)The request could not be understood by the server due to malformed syntax.<br>
o 403://(Forbidden)The server understood the request, but refuses to fulfill it. Authorization, in this case, doesn't matter.<br>
o 404://(Not Found)This is the most easily recognized error message. It states that the URI requested does not exist on the server.<br>
o 500://(Internal Server Error)The server encountered something unexpected that didn't allow it to complete the request.<br>
      // This is often seen with CGI scripts that have problems.<br>

</body>
</html>