EXP8 Web Foundation Practice

I. Experimental content

(1) Web front-end HTML: can be installed normally, start and stop Apache. Understand the HTML, understand the form, understand the get and post methods, and write an HTML containing the form.

(2) Web front end Javascipt: Understand the basic JavaScript functionality and understand the DOM. Write JavaScript to verify the user name, password rules.

(3) Web backend: MySQL Foundation: normal installation, start MySQL, build library, create user, change password, build table

(4) Web backend: Writing PHP Web pages, connecting databases, authenticating users

(5) Simplest SQL injection, XSS attack test

Ii. objectives of Practice

Function Description: User can login, login user name password saved in the database, login successfully display welcome page.

Third, practical steps environment configuration

1. Install Apache, direct with instructions
sudo apt-get install apache2Apache is a Web server under Kali, which can be opened by accessing the IP address + port number + file name.

• Input command
  vi /etc/apache2/ports.confChange the listening port number of the apache2;
  

• Input command
  apachectl start
  Open Apahce and use NETSTAT-APTN to view the port number to confirm that Apache is turned on correctly, as shown in:
  
  

Front-end programming

2. Role
cd /var/www/htmlEdit in/var/www/html directory
vi test.html

2. Enter in Firefox: http://127.0.0.1:4330/test.html You can open the page.

Because it is just a form, the code in the above line marked in the action specified by the PHP file, so after filling in the content will appear not found prompt:

JavaScript-related

• Related concepts: JavaScript is a widely used scripting language for client Web development, often used to add dynamic functionality to HTML pages, such as responding to user actions.
• Document Object model, or DOM, is the standard programming interface recommended by the organization to handle extensible flag languages.
• Write a rule that validates the user name and password: (for example, the user name and password cannot be empty)vi test1.html

Effect:




PHP test MySQL basic php+mysql Implementation Login Web page writing (code) SQL injection four, basic knowledge answer 1. What is a form?

• Forms are primarily responsible for data collection functions in Web pages.
• There are three basic components of a form: form labels, top of form, bottom of form
• Form fields: Contains text boxes, password boxes, hidden fields, multiline text boxes, check boxes, radio boxes, drop-down selection boxes, file upload boxes, and more

• Form buttons: Includes the Submit button, reset button, and General button. Form buttons can be used to transfer data to CGI scripts on the server or to cancel input, and you can use form buttons to control other processing tasks that define processing scripts

  2. What language is the browser capable of parsing and running?

1. Hypertext Markup Language: HTML
2. Extensible Markup Language: XML

3. Scripting languages: ASP, PHP, script, JavaScript, VBScript, Perl, Python, ColdFusion, Java, JSP, etc.

   3. What dynamic languages does the webserver support?

• ASP, JSP, PHP, etc.

Five, practical feeling

This experiment is mainly related to Web programming, mainly divided into front and back-end of the writing, the front-end of the use of HTML language and CSS language, the backend is the use of PHP files, the whole experiment content is still more. Database and web programming have not learned before, in terms of time-consuming code, some are still very difficult, but through the Novice tutorial study, the teacher explained and the completion of the experimental students reference, can complete the experimental content. The following attack method SQL injection also shows that in order to understand the database code to complete the attack, that is, the background of the program to execute some of the commands that are filled in order to operate the database. Website design is not a simple thing, not only the interface is friendly, the most important thing is to be able to protect against a variety of possible attacks to ensure the security of the site.

EXP8 Web Foundation Practice