Please post your solutions to the practice final problems to this thread. Best, Chris

-- Practice Final

<nowiki> Andre Domingo Ross Nikolai Montepalco Neeharika Kandikattu 10) A web-site is scalable if it can accommodate increased usage, it can accommodate an increased dataset, and it is maintainable. a) Reverse Proxy The reverse proxy in front of the architecture provides several functions: - Act as a cache for previously calculated whole web pages that have not changed. - Choose which web server should handle a request (might have several machines all running the identical web app). - Hardware support for things like SSL. The reverse proxy in front of everything is typically implemented using Varnish, Squid, or a hardware specific system. An advantage of a layer seven network appliance hardware over a Squid is that it can do SSL in hardware. On the other hand, hardware is harder to change. b) ORM Cache An object relational mapping is a mapping between objects and database tables. Besides one-to-many relationship, one might need to handle many-to-many, belongs-To, and one-to-one relationships. In pretty much all cases, marshaling an object requires several database queries, which can be slow, so may be sped up by caching. An ORM Cache such as Redis or Memcache solves this problem by providing a RAM-based key value store for objects that have been previously marshaled and which have not been written to. c) CDN One problem with website architecture is that traffic all still has to come to your subnetwork of the internet and this could lead to a bottleneck. To scale so that geographic effects don't mess with your ability to provide content, you often would also use a content delivery network. CDN's are often implemented using a distributed hash table, storing key value pairs. Unlike a hash table, there is also a distance function d(k1, k2) which can be used to compare the distance between two keys. </nowiki>

-- Practice Final

 Jason Huynh
 Dustin Nguyen
 Sabrina Ly

 (a) How do you register an autoloader callback in PHP. 

 Add this line to your PHP file:
 spl_autoload_register($your_autoloader_function);
 The function you pass in is autoloaded

 (b) How do you create a new repository in git. 

 CD to wherever you want it to be
 git init "name of the repo"
 Finally, add a readme.txt file to it

 (c) How do you determine who wrote a line of code in git? 

 git blame filename
 This will output a log of all modifications on the file, including who made
 the edit

 (d) How do you create a patch in git.

 The general format is : git format-patch ...

 Two versions:
 ... = rev1 rev2
 ... = commit ID key thingy

Jason Huynh Dustin Nguyen Sabrina Ly (a) How do you register an autoloader callback in PHP. Add this line to your PHP file: spl_autoload_register($your_autoloader_function); The function you pass in is autoloaded (b) How do you create a new repository in git. CD to wherever you want it to be git init "name of the repo" Finally, add a readme.txt file to it (c) How do you determine who wrote a line of code in git? git blame filename This will output a log of all modifications on the file, including who made the edit (d) How do you create a patch in git. The general format is : git format-patch ... Two versions: ... = rev1 rev2 ... = commit ID key thingy

-- Practice Final

9. Alan Ngo, Miguel Vazquez a) CSRF Attack CSRF stands for Cross-site Request Forgery. This attack takes advantage of the user's cookies to perform some kind of attack. Here is an example: Let's say Spiderman is looking on the internet for crime. Five minutes ago he logged into Amazon to buy a new spider suit. He finds a link on a crime finding website and clicks it. The link has malware in it and buys Amazon prime for a decade. When he presses the link, Spiderman's cookie that says he is logged into Amazon makes him buy Amazon prime for a decade. b) Click-Jacking Attack Click-jacking is an attack that attempts to make the user click on an important button on a malicious site. It works by loading an iframe and setting it's opacity to 0 to make it transparent. The page the user sees is positioned over the iframe and the important button to click is actually a different button with its z-index value modified. Here is an example: Spiderman is still searching for crime after losing hundreds on Amazon prime. He stumbles upon a malicious crime fighting website. He clicks on the button thinking it will lead him to another page on the site. Spiderman was just using Amazon 5 minutes ago and the button actually purchases Amazon prime for the next century. c) Target Blank Attack A target blank attack makes use of an anchor tag with the target attribute with value "_blank". The opened tab will have access to the parent tab, and a malicious site would then overwrite the parent tab. Say the user was on Facebook. After the parent tab is overwritten, it shows that the user is logged out of Facebook. The new login is actually a login that steals the user's login information. Here is an example: Spiderman is on a website searching for items and he clicks a link that opens a new tab to Amazon. Unfortunately the link is to a malicious site that looks like Amazon and it overwrites his previous tab. He returns to the other website and logs in; however, the login is now overwritten and the malicious site steals his login and password.

-- Practice Final

Question 5. Cary Lefteroff, Nick Tang, Jaime Zuspann <nowiki> <script> const generateTable = () => { let htmlStr = "<table>"; let consoleStr = ""; for (let i = 0; i < 25; i++) { htmlStr += "<tr>"; for (let j = 0; j < 25; j++) { if (i % 2 === j % 2) { htmlStr += "<td>X</td>"; consoleStr += "X "; } else { htmlStr += "<td>O</td>"; consoleStr += "O "; } } consoleStr += "\n"; htmlStr += "</tr>" } htmlStr += "</table>"; console.log(consoleStr); return htmlStr; } document.write(generateTable()); </script> </nowiki>

-- Practice Final

Howell DeGuzman, Fernando Gonzalez, Nicholas Hui 4) <?xml version = "1.0" encoding ="utf-8" ?> <!ELEMENT news (date, source, headline, url) > <!ELEMENT date (#PCDATA)> <!ELEMENT source (#PCDATA)> <!ELEMENT headline (#PCDATA)> <!ELEMENT url (#PCDATA)>

-- Practice Final

<nowiki> Aaron Li, Brandon Ong, Aadit Dubey Problem 1: Write a PHP program using the msqli OO interface has connects to a Mysql database Business on the default port of localhost, then using a prepared statement inserts a record to an Employee table with schema (ssn, fname, lname, date_of_birth, salary). $mysqli = new mysqli("localhost", "root", "root", "Business"); $stmt = $mysqli->stmt_init(); if ($stmt->prepare("INSERT INTO Employee VALUES (?, ?, ?, ?, ?) { $record_1 = [“123-92-9284”, “bob”, “smith”, “12/02/1999”, 142098]; $record_1 = [“726-92-8732”, “jim”, white”, “04/07/1990”, 89276]; $records = [$record_1, $record_2]; foreach($records as $record) { $stmt->bind_param("ssssi", $record[0], $record[1], $record[2], $record[3], $record[4]); $stmt->execute(); } $stmt->close(); } $mysqli->close(); </nowiki>

-- Practice Final

    namespace luke\great_project;
    
    trait Loo{
        function renderLoo(){
            echo "Loo";
        }
    }
    
    class Foo{
        use Loo;
        function renderFoo(){
            echo "Foo";
        }
    }

    function renderGoo(){
        echo "Goo";
    }

Jeffrey Yang Luke Brouwer Seungmi Na 2) practiceFinal.php <?php namespace luke\great_project; trait Loo{ function renderLoo(){ echo "Loo"; } } class Foo{ use Loo; function renderFoo(){ echo "Foo"; } } ?> practiceFinal2.php <?php namespace brouwer\some_other_project; require('practiceFinal.php'); class Goo extends \luke\great_project\Foo{ function renderGoo(){ echo "Goo"; } } ?>

-- Practice Final

	return response.json();

	"users":{
	{
	"userID":1,
	"firstName":"first",
	"lastName":"last"
	}
	}

  name: String

  return user.getName();

'''Qs 8''' Team Members: Siddhita Joshi, Pavan Koushik Kommuri, Dylan Ha a''')Fetch API''' Fetch API is used to retrieve data from a server. This is done with a request url given in the fetch clause. Then clause is used to set up a call back function that is executed when the fetch request has completed. Example: fetch(“http://localhost:8888/getUsers”).then( (response) =>{ return response.json(); }); ''' b) JSON''' SON stands for JavaSript Object Notation. It is an open standard file format that stores and transmits data objects consisting of value pairs and arrays. JSON is commonly used in data interchange between web applications and servers. This is an example of the JSON format: { "users":{ { "userID":1, "firstName":"first", "lastName":"last" } } } Users is an array that holds information about users; this can be attributed to a collection in NoSQL. The three lines starting with "userID" is an array element that holds information about the first user; this can be attributed to a document in NoSQL. This example only has one element but typically there would be many more. '''c) REST ''' It is an architectural style that can be applied to web services to create and enhance properties like performance, scalability and modifiability. The protocol for REST is HTTP. REST architecture follows: 1) Division of state and functionality of a web service. 2)Stateless, Client-Server architecture where web browser acts as the client and server acts as the server hosting the application. The state of the application should not be maintained by REST. REST also uses: URI Resource Identification: All the resources should be identified by URI Uniform Interface: It has fixed set of operations. GET, PUT, POST, DELETE _Example of basic GET request using curl:_ Request command: curl https://localhost:8888/getuser Request response: HTTP/1.1 200 OK Content-Type: text/html Content-Length: 643 [html code here] '''d)GraphQL''' GraphQL is a query language for APIs served over HTTP . The server can read and write requests using this specific web service format. A GraphQL service is created by defining types and fields on those types, then providing functions for each field on each type. Example: type User { name: String } function User_name(user) { return user.getName(); }

-- Practice Final

<nowiki> Team: Aparna Thyagarajan, Tyler Nguyen, Farzin Adil 7. Give an application code example of each of the following in Javascript: (a) timer, (b) XHR request, (c) a Javascript class with a private property, (d) Promise, await and aync. (a) One-time timer setTimeout(myCallbackFunction, repeatTimeInMilliSec); Repeat timer setInterval(myCallbackFunction, repeatTimeInMilliSec); (b) request = new XMLHttpRequest(); // create XHR Request object // function to be executed when state changes request.onreadystatechange = function() { switch(request.readyState) { case 4: document.getElementById("test_page").innerHTML = request.responseText; break; } } request.open("GET", "test_page.html", true); request.send(); // send request (c) var student = (function() { var ID = 123456789; return { name: "John Doe", getID : function () { return ID; }, setID : function (id) { ID = id; } } }()); (d) // make promise to get data from random.com/api.json then log it to the console function getAsyncData() { fetch('http://random.com/api.json') .then(response => response.json()) .then(data => console.log(data)) } // async await version of the above function, to get data from random.com/api.json and wait to fetch data before logging it to the console async function getAsyncData() { const response = await fetch('http://random.com/api.json'); const data = await response.json(); console.log(data); } </nowiki>