Web Technologies II - Midterm Exam

You may use as an aid the following resources: Any source code you have written (xHTML, CSS, Javascript/JQuery, DTD, XML, PHP, or SQL). Write your name on this exam sheet and write your answers on the answer sheets provided.

  1. (2 pts each) Write the appropriate Linux / Mercurial command to accomplish each of the following tasks:
    1. list the files in the Web2/hw04 folder
    2. view the last several lines of the PHP error log
    3. use hg or git to view a list of changes since the last commit
    4. use hg or git to record a set of changes that fixed a login system bug

  2. (3 pts) What the difference between sanitizing and validation?

  3. (2 pts) Does bcrypt allow the use of salt values?

  4. (4 pts) Contrast client-side validation with server-side validation.

  5. (4 pts) Compare and contrast session-variables and cookies.

  6. (4 pts) In the context of a password management system, what is ``salt'' and how does it help secure passwords?

  7. Answers these questions about XSS attack:
    1. (3 pts) Explain (give names of commands if appropriate) how to prevent a successful XSS attack.
    2. (3 pts) Suppose a form contains the following radio button group:
      <input type="radio" name="favoritechipmonk" value="alvin" checked="checked" />
      <input type="radio" name="favoritechipmonk" value="simon" />
      <input type="radio" name="favoritechipmonk" value="theodore" />
      Further suppose the landing page saves the posted value to the database. If the value stored to the database is later displayed on a web page is there any need to be concerned about an XSS attack? Explain.

  8. Suppose a PostgreSQL database resides on the same host as the web server and is named gametracker (also the name of the database user/owner) with a password of mysecret is used to store username, password, and salt entries into a table named users (found in the fun schema) which has the following structure:
      CREATE TABLE users (
        id          SERIAL,
        username    VARCHAR(100),
        password    VARCHAR(200),
        salt        VARCHAR(100)

    Further suppose that this database has been used successfully for some time but that the site administrator wants to add a feature to the site which allows a user to modify their password. In preparation for this feature the following form has been created:

      <form method="post" action="modifyPassword.php">
        Username: <input type="text" name="uname" /> <br/>
        Old Password: <input type="password" name="oldpw" /> <br/>
        New Password: <input type="password" name="newpw" /> <br/>
        New Password Again: <input type="password" name="newpwagain" /> <br/>
        <input type="submit">

    Write modifyPassword.php so that it accomplishes the following tasks:

    1. (4 pts) Connect to the database and give an error message if unable to connect. Also, set the schema search path to fun.
    2. (4 pts) Sanitize the form data to prevent SQL injection attacks.
    3. (4 pts) Search in the database for the username specified in the form. If no such user exists indicate so with an appropriate error messages. (SQL to find entry with username of 'fred': SELECT * FROM users WHERE username='fred')
    4. (6 pts) Verify that the old password matches what was stored in the database. You should assume that the stored password is found by concatenating the entered password with the stored salt value and then applying the PHP sha1() function to the result (e.g., $encryptedval= sha1($val);). If the match fails give an appropriate error message.
    5. (2 pts) Verify that the new passwords match one another. Give an error message if not.
    6. (4 pts) Store the new password (concatenated with the stored salt value followed by application of sha1()). (SQL to store password for username 'fred': UPDATE users SET password='newSaltedEncryptedPassword' WHERE username='fred')

Quick Links