Zend 200-710 Exam - Topic 9 Question 30 Discussion

Actual exam question for Zend's 200-710 exam

Question #: 30
Topic #: 9

[All 200-710 Questions]

An HTML form contains this form element:

When this form is submitted, the following PHP code gets executed:

move_uploaded_file(

$_FILES['myFile']['tmp_name'],

'uploads/' . $_FILES['myFile']['name']

);

Which of the following actions must be taken before this code may go into production? (Choose 2)

ACheck with is_uploaded_file() whether the uploaded file $_FILES['myFile']['tmp_name'] is valid

BSanitize the file name in $_FILES['myFile']['name'] because this value is not consistent among web browsers

CCheck the charset encoding of the HTTP request to see whether it matches the encoding of the uploaded file

DSanitize the file name in $_FILES['myFile']['name'] because this value could be forged

EUse $HTTP_POST_FILES instead of $_FILES to maintain upwards compatibility

Show Suggested Answer

Suggested Answer: B, D

by Hillary at Jun 01, 2022, 04:35 AM

Limited Time Offer

25%

Off

Get Premium 200-710 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Kirk

6 months ago

Sanitizing the file name is essential because it could be forged, no doubt!

upvoted 0 times

...

Bettina

6 months ago

I thought charset encoding was only for text files, not uploads?

upvoted 0 times

...

Alonzo

7 months ago

Wait, isn't $HTTP_POST_FILES outdated?

upvoted 0 times

...

Naomi

7 months ago

I agree, checking with is_uploaded_file() is crucial too.

upvoted 0 times

...

Elli

7 months ago

Definitely need to sanitize the file name, it's a must!

upvoted 0 times

...

Tayna

7 months ago

I think we should sanitize the file name because browsers handle it differently, but I'm not entirely sure if that's the main reason.

upvoted 0 times

...

Kandis

7 months ago

I remember practicing a question about sanitizing file names because they can be forged. That seems really important here too.

upvoted 0 times

...

Lazaro

7 months ago

I think we definitely need to check if the file is valid with is_uploaded_file(), but I'm not sure about the other option.

upvoted 0 times

...

Lachelle

7 months ago

I feel like checking the charset encoding is less critical, but I can't recall if it was mentioned in any of the practice materials.

upvoted 0 times

...

Alonso

7 months ago

Ah, the ZFS Snapshots part - that's a good strategy for backups, I remember learning about that.

upvoted 0 times

...

Glennis

7 months ago

I'm pretty confident this is in the Event. Kubernetes will log the reason for why a Pod couldn't be scheduled there.

upvoted 0 times

...

Darnell

7 months ago

Okay, let's see. I know that Persistent Cache is important for improving performance, but I'm not sure if it's the best option here. I'll have to review the other choices.

upvoted 0 times

...

Okay, let me see... The output shows some kind of directory or object information, so I'm guessing it's a command that displays that kind of data. I'll have to test out each option to see which one matches.

upvoted 0 times

...

Zend 200-710 Exam - Topic 9 Question 30 Discussion

Contribute your Thoughts:

Kirk

Bettina

Alonzo

Naomi

Elli

Tayna

Kandis

Lazaro

Lachelle

Alonso

Glennis

Darnell

Melissia