Revision Questions

• What is the role of environment variables for security?
  (Do environment variables pose security risks? Can they be used to improve security?)

• Which of the following does not pose a direct security risk for the server:
  
  • html injection
  • Trojan horses
  • sending mail from a script
  • phishing
  • hidden variables
  • Denial of Service

• What does this regular expression match?
  /:[\(\)]/

• An HTML page "one.html" is stored in a directory "/home/00101234/public_html/" on a webserver "www.napier.ac.uk". What is the URL of the page? If the page contains a form "<form action=php/two.php>" what is the URL of the page the users sees after submitting the form?

• Which language is more secure, PHP or Perl?

• A script has Unix permission 700. This script runs without errors and correctly displays information in a client's browser. Under what user is the script running on the server?

• Write a regular expression for matching:
  house number, some space, street name

• What is the purpose of these environment variables:
  • QUERY_STRING
  • CONTENT_LENGTH
  • REMOTE_USER
  • HTTP_COOKIE
  • HTTP_USER_AGENT
  • REMOTE_ADDR

• Which environment variables are used for sessions?