Complete the code to start a PHP session, which is important for managing user security.
<?php
session_[1]();
?>In PHP, session_start() is used to begin a session, which helps track user data securely.
Complete the code to safely get a value from user input to prevent security risks.
<?php $user_input = filter_input(INPUT_GET, '[1]', FILTER_SANITIZE_STRING); ?>
Using filter_input with INPUT_GET and FILTER_SANITIZE_STRING helps clean the 'username' input to avoid harmful data.
Fix the error in the code to prevent SQL injection by using prepared statements.
<?php $stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email'); $stmt->execute(['[1]' => $email]); $results = $stmt->fetchAll(); ?>
The placeholder in the SQL query is ':email', so the key in the execute array must be 'email' to match it exactly.
Fill both blanks to create a secure password hash and verify it correctly.
<?php $hash = password_[1]($password, PASSWORD_DEFAULT); if (password_[2]($password, $hash)) { echo 'Password is valid'; } ?>
password_hash creates a secure hash, and password_verify checks if the password matches the hash.
Fill all three blanks to safely escape output and prevent cross-site scripting (XSS).
<?php $user_input = '<script>alert(1);</script>'; $safe_output = htmlspecialchars($user_input, [1], [2], [3]); echo $safe_output; ?>
htmlspecialchars uses ENT_QUOTES to convert quotes, UTF-8 as charset, and true for double_encode to safely escape output.