Practice - 5 Tasks

Answer the questions below

1fill in blank

easy

Complete the code to safely display user input in HTML.

PHP

<?php echo htmlspecialchars([1]); ?>

Drag options to blanks, or click blank then click option'

A$_SERVER['input']

B$_POST['input']

C$_COOKIE['input']

D$_GET['input']

Attempts:

3 left

2fill in blank

medium

Complete the code to prevent XSS by escaping output inside an HTML attribute.

PHP

<input value="[1]">

Drag options to blanks, or click blank then click option'

A<?php echo htmlspecialchars($_GET['name'], ENT_QUOTES); ?>

B<?php echo $_GET['name']; ?>

C<?php echo strip_tags($_GET['name']); ?>

D<?php echo $_POST['name']; ?>

Attempts:

3 left

3fill in blank

hard

Fix the error in the code that causes XSS vulnerability.

PHP

<?php echo [1]; ?>

Drag options to blanks, or click blank then click option'

A$_GET['comment']

Bstrip_tags($_GET['comment'])

Chtmlspecialchars($_GET['comment'])

Daddslashes($_GET['comment'])

Attempts:

3 left

4fill in blank

hard

Fill in the blank to create a safe HTML list from user input array.

PHP

<?php
$items = $_GET['items'];
echo '<ul>';
foreach ($items as $item) {
    echo '<li>' . [1] . '</li>';
}
echo '</ul>';
?>

Drag options to blanks, or click blank then click option'

Ahtmlspecialchars($item)

B$item

Cstrip_tags($item)

Daddslashes($item)

Attempts:

3 left

5fill in blank

hard

Fill in the blank to safely display user input in a JavaScript context inside HTML.

PHP

<script>
let userInput = '[1]';
console.log(userInput);
</script>

Drag options to blanks, or click blank then click option'

A<?php echo $_GET['input']; ?>

B<?php echo addslashes($_GET['input']); ?>

C\'

D\\

Attempts:

3 left