Practice - 5 Tasks

Answer the questions below

1fill in blank

easy

Complete the code to get the user input safely.

PHP

<?php
$username = $_GET[[1]];
?>

Drag options to blanks, or click blank then click option'

Ausername

B"user"

C'user'

Duser

Attempts:

3 left

2fill in blank

medium

Complete the code to build an unsafe SQL query using the user input.

PHP

<?php
$query = "SELECT * FROM users WHERE username = '[1]'";
?>

Drag options to blanks, or click blank then click option'

A$username

Busername

C'$username'

D"$username"

Attempts:

3 left

3fill in blank

hard

Fix the error in the unsafe query that allows SQL injection.

PHP

<?php
$query = "SELECT * FROM users WHERE username = '" . [1] . "'";
?>

Drag options to blanks, or click blank then click option'

Amysqli_real_escape_string($conn, $username)

B$username

Caddslashes($username)

Dhtmlspecialchars($username)

Attempts:

3 left

4fill in blank

hard

Fill both blanks to prepare and execute a safe SQL statement.

PHP

<?php
$stmt = $conn->prepare("SELECT * FROM users WHERE username = [1]");
$stmt->bind_param([2], $username);
$stmt->execute();
?>

Drag options to blanks, or click blank then click option'

B"s"

D'?'

Attempts:

3 left

5fill in blank

hard

Fill all three blanks to fetch and display safe query results.

PHP

<?php
$stmt = $conn->prepare("SELECT email FROM users WHERE username = [1]");
$stmt->bind_param([2], $username);
$stmt->bind_result([3]);
$stmt->execute();
$stmt->fetch();
echo $email;
?>

Drag options to blanks, or click blank then click option'

C$email

D"s"

Attempts:

3 left