This set of PHP test focuses on “Session Handling-2”.
1. Which function is used to erase all session variables stored in the current session?
Explanation: The function session_unset() frees all session variables that is currently registered. This will not completely remove the session from the storage mechanism. If you want to completely destroy the session, you need to use the function session_destroy().
2. What will the function session_id() return is no parameter is passed?
a) Current Session Identification Number
b) Previous Session Identification Number
c) Last Session Identification Number
Explanation: The function session_id() will return the session id for the current session or the empty string (” “) if there is no current session.
3. Which one of the following statements should you use to set the session username to Nachi?
a) $SESSION[‘username’] = “Nachi”;
b) $_SESSION[‘username’] = “Nachi”;
d) $SESSION_START[“username”] = “Nachi”;
Explanation: You need to refer the session variable ‘username’ in the context of the $_SESSION superglobal.
4. What will be the output of the following PHP code? Say your previous session username was nachi.
printf("Username now set to: %s", $_SESSION['username']);
a) Username now set to: nachi
b) Username now set to: System
c) Username now set to:
Explanation: If someone want to destroy a single session variable then they can use the function unset () to unset a session variable. To delete the session variable ‘username’ we use the unset () function.
5. An attacker somehow obtains an unsuspecting user’s SID and then using it to impersonate the user in order to gain potentially sensitive information. This attack is known as..
Explanation: The attack session fixation attempts to exploit the vulnerability of a system that allows one person to set another person’s session identifier. You can minimize this risk by regenerating the session ID on each request while maintaining the session-specific data. PHP offers a convenient function named session_regenerate_id() that will replace the existing ID with a new one.
6. Which parameter determines whether the old session file will also be deleted when the session ID is regenerated?
Explanation: The parameter delete_old_session determines whether the old session file will also be deleted when the session ID is regenerated.
7. Which function effectively deletes all sessions that have expired?
Explanation: SessionHandler::gc is used to clean up expired sessions. It is called randomly by PHP internally when a session_start() is invoked.
8. Which function is used to transform PHP’s session-handler behavior into that defined by your custom handler?
Explanation: The function session_set_save_handler() is used to set the user-level session storage functions which are used for storing and retrieving data associated with a session.
9. The session_start() function must appear..
a) after the html tag
b) after the body tag
c) before the body tag
d) before the html tag
Explanation: Like this: <?php session_start(); ?> <html>
10. What is the return type of session_set_save_handler() function?
Explanation: Returns TRUE on success or FALSE on failure.
Sanfoundry Global Education & Learning Series – PHP Programming.
To practice all areas of PHP for tests, here is complete set of 1000+ Multiple Choice Questions and Answers on PHP.