MCQs on Form Handling and Validation | PHP Intermediate
Boost your PHP form handling and validation skills with this set of 30 multiple-choice questions. Covering advanced form validation, CSRF protection, validation libraries, and sanitizing input data, this guide is essential for web developers.
PHP Form Handling and Validation
Advanced Form Validation
- Which PHP function is commonly used to validate an email address?
- a)
validate_email() - b)
email_check() - c)
filter_var() - d)
is_email()
- a)
- What type of regular expression pattern can be used to validate a phone number in PHP?
- a)
\d{10} - b)
^[0-9]{10}$ - c)
[0-9]{10} - d) Both a and b
- a)
- Which PHP function is used to check if a value is an integer?
- a)
is_numeric() - b)
is_integer() - c)
is_int() - d)
check_integer()
- a)
- How can you ensure that a form field contains a valid URL in PHP?
- a) Using
filter_var()withFILTER_VALIDATE_URL - b) Using a regular expression to match the URL pattern
- c) Using
validate_url()function - d) Both a and b
- a) Using
- What is the correct way to validate a date in PHP?
- a)
is_valid_date() - b)
checkdate() - c)
validate_date() - d)
is_date()
- a)
- How can you check if an email address has a valid domain in PHP?
- a) By checking for an ‘@’ symbol
- b) Using
filter_var()withFILTER_VALIDATE_EMAIL - c) By using regex pattern for domains
- d) Both b and c
- What function is used to validate a specific length of a string in PHP?
- a)
strlen() - b)
validate_length() - c)
length_check() - d)
substr()
- a)
- What does the
FILTER_VALIDATE_INTfilter do in PHP?- a) Validates an integer number
- b) Validates an integer in a specific range
- c) Validates that the input is a valid number
- d) Validates that the input is a positive integer
- What is the best practice when validating user-submitted data in PHP?
- a) Only use client-side validation.
- b) Only use server-side validation.
- c) Use both client-side and server-side validation.
- d) Skip validation entirely.
- What is the function used to check if an IP address is valid in PHP?
- a)
is_ip() - b)
validate_ip() - c)
filter_var()withFILTER_VALIDATE_IP - d)
check_ip()
- a)
CSRF Protection
- What is the purpose of a CSRF token?
- a) To validate the identity of the server.
- b) To prevent unauthorized form submissions.
- c) To secure database connections.
- d) To check form field input.
- How is a CSRF token typically implemented in a form?
- a) By embedding a hidden input field with a unique token.
- b) By storing the token in the database.
- c) By passing the token via URL.
- d) By using cookies to store the token.
- Which PHP function is commonly used to generate a CSRF token?
- a)
generate_token() - b)
csrf_token() - c)
bin2hex(random_bytes()) - d)
create_csrf_token()
- a)
- What is a common attack that CSRF tokens protect against?
- a) SQL Injection
- b) Cross-Site Scripting (XSS)
- c) Cross-Site Request Forgery (CSRF)
- d) Man-in-the-middle attacks
- When should a CSRF token be verified in a PHP script?
- a) After form submission and before processing the data.
- b) When a user logs in.
- c) At the time of generating the form.
- d) After receiving an AJAX request.
- How can you verify a CSRF token in PHP?
- a) Compare the token stored in the session with the one submitted in the form.
- b) Use
filter_var()to validate the token. - c) Check if the token exists in the request headers.
- d) Use
csrf_check()to verify the token.
- Which of the following methods can be used to prevent CSRF attacks in PHP?
- a) Use
$_SESSIONto store CSRF tokens. - b) Ensure the form action is the same origin as the page.
- c) Implement a CAPTCHA for form submissions.
- d) All of the above.
- a) Use
- What happens if a CSRF token verification fails in PHP?
- a) The form submission is allowed.
- b) The form submission is blocked, and an error message is displayed.
- c) The session is destroyed.
- d) The form is reset.
- Which HTTP method is typically used with CSRF tokens to ensure security?
- a) GET
- b) POST
- c) PUT
- d) DELETE
- What is the key benefit of using CSRF tokens?
- a) Prevent unauthorized access to the system.
- b) Ensure the form data is valid.
- c) Protect against automated bots.
- d) Prevent malicious users from submitting forms on behalf of another user.
Validation Libraries
- Which PHP validation library is widely used for handling form validation?
- a)
Respect/Validation - b)
Laravel Validation - c)
Symfony Validator - d) All of the above
- a)
- How does the
Respect/Validationlibrary simplify validation?- a) It provides simple and expressive validation rules.
- b) It performs complex database queries.
- c) It automatically sanitizes input data.
- d) It validates data in real-time.
- Which method does
Respect/Validationuse to validate an email address?- a)
Email::valid() - b)
email()->validate() - c)
validateEmail() - d)
is_valid_email()
- a)
- Which of the following is a built-in validation rule in
Respect/Validation?- a)
alpha() - b)
is_integer() - c)
date() - d) All of the above
- a)
- How can you apply custom validation rules with libraries like
Respect/Validation?- a) By extending the base validation class.
- b) By defining custom functions for validation.
- c) By using
validate()function. - d) By configuring settings in the database.
- What is the role of the
Symfony Validatorcomponent?- a) To handle form data sanitization.
- b) To manage and validate form inputs using constraints.
- c) To generate HTML forms automatically.
- d) To store form data in a database.
- Which of the following is true about the
Laravel Validationlibrary?- a) It uses predefined rules and custom validation methods.
- b) It only supports basic validation rules.
- c) It integrates only with MySQL.
- d) It cannot validate custom fields.
- What is the purpose of using validation libraries in PHP?
- a) To improve the readability of validation code.
- b) To simplify the process of validating complex form data.
- c) To reduce code duplication and ensure consistent validation.
- d) All of the above.
- Which of the following PHP frameworks offer built-in validation libraries?
- a) Laravel
- b) Symfony
- c) CodeIgniter
- d) All of the above
- What feature do most validation libraries provide to display error messages?
- a) They automatically redirect the user.
- b) They store errors in a session or flash message.
- c) They automatically fix the errors.
- d) They send errors as HTTP headers.
Answer Key
| Qno | Answer |
|---|---|
| 1 | c) filter_var() |
| 2 | d) Both a and b |
| 3 | c) is_int() |
| 4 | a) Using filter_var() with FILTER_VALIDATE_URL |
| 5 | b) checkdate() |
| 6 | d) Both b and c |
| 7 | a) strlen() |
| 8 | a) Validates an integer number |
| 9 | c) Use both client-side and server-side validation. |
| 10 | c) filter_var() with FILTER_VALIDATE_IP |
| 11 | b) To prevent unauthorized form submissions. |
| 12 | a) By embedding a hidden input field with a unique token. |
| 13 | c) bin2hex(random_bytes()) |
| 14 | c) Cross-Site Request Forgery (CSRF) |
| 15 | a) After form submission and before processing the data. |
| 16 | a) Compare the token stored in the session with the one submitted in the form. |
| 17 | d) All of the above |
| 18 | b) The form submission is blocked, and an error message is displayed. |
| 19 | b) POST |
| 20 | b) Ensure the form data is valid. |
| 21 | d) All of the above |
| 22 | a) It provides simple and expressive validation rules. |
| 23 | a) Email::valid() |
| 24 | d) All of the above |
| 25 | a) By extending the base validation class. |
| 26 | b) To manage and validate form inputs using constraints. |
| 27 | a) It uses predefined rules and custom validation methods. |
| 28 | d) All of the above |
| 29 | d) All of the above |
| 30 | b) They store errors in a session or flash message. |