+
Related Flashcards
Cards In This Set
| Front | Back |
|
Which one of the following is not a valid e-mail address?
A. [email protected]
B. "John Coggeshall" [email protected]
C. joe @ example.com
D. jean-có[email protected]
E. john
|
Of all of the e-mail addresses listed above, only Answer D is invalid. Both A and B are
classic e-mail addresses that are in use frequently today. Although C looks invalid, mail transport agents (MTAs) automatically remove extra whitespace, making it just as good, while E is valid for a local delivery. This leaves D, which contains an invalid character for an e-mail address (an accented letter).
|
|
In PHP, the way e-mail is sent from a Windows- or Novell-based machine is different when compared to the behaviour of a UNIX-based machine that uses the sendmail application. In which of the following ways does it differ? (Choose 2):
A. Windows/Novell installations require no third party software (i.e. sendmail or
equivalent) to function.
B. A UNIX installation will rely on the sendmail_from configuration directive to
determine the From: header of the e-mail
C. You cannot send e-mail with multiple recipients on Windows/Novell installations—
each e-mail must be sent separately by calling mail() multiple times.
D. Depending on the value of sendmail_path configuration directive, they may behave
identically.
E. Unlike Windows/Novell installations, in UNIX you must properly configure the
MTA host and port using the SMTP and smtp_port configuration directives.
|
The correct answers are A and D. While the UNIX version of PHP requires the sendmail
application (or an equivalent emulation thereof) to send mail through an MTA, the
Windows/Novell versions communicate directly with the MTA using SMTP. However, if available, PHP can also be configured to use a “sendmail wrapper” to simulate the sendmail application on Windows/Novell, in which case all three versions of PHP would function in the same way. Also note that, when using the internal implementation of mail() on
Windows/Novell environments, it is necessary to set the sendmail_from configuration directive, while UNIX flavours leave that task to the sendmail application itself.
|
|
Which of the following steps would you need to undertake if you wanted to send e-mails to
multiple recipients or MIME compatible e-mails from PHP?
A. Add the necessary additional headers to the $message parameter (third parameter) of
the mail function.
B. Communicate directly with the MTA using SMTP from PHP code
C. Append additional headers to the e-mail using the extended features of the mail
function’s $additional_headers parameter (fourth parameter) as a string with a
newline \n character at the end of each needed header
D. Although sending e-mails to multiple recipients is allowed, PHP does not support
sending of MIME e-mail.
E. Use the $additional_headers parameter of the mail function to provide a string with a
newline and line feed \r\n characters at the end of each needed header.
|
PHP can indeed send e-mails of any valid format using the mail function, making
communication with the MTA directly from PHP code using SMTP a poor choice.
Additional headers at the top of the e-mail must be added as a string using the
$additional_headers parameter, with each header ending with both a newline and linefeed character (\r\n). When sending complex e-mails, such as ones with file attachments and/or HTML-formatted text, not only must additional headers be added, but MIME-specific headers must also be included in the $message portion of the e-mail itself, so answer E is correct.
|
|
When sending e-mails that have file attachments using MIME (multi-part e-mails), the body of the message and the attachment must be separated by a special string called a boundary. What MIME e-mail header defines this boundary?
Your Answer: ____________________________
|
When sending MIME e-mails that are considered multi-part, you must specify a boundary (any US-ASCII string) that is unique enough not to appear at any point in the actual body of the e-mail. This boundary must be unique for each embedded multi-part block in a MIME message; it is specified in the Content-Type: MIME header.
|
|
When sending HTML e-mail using MIME, it is often desirable to use classic HTML tags
such as
|
There are indeed two answers above that are valid for including elements, such as images,
within your HTML document. The fastest method is to simply reference a remote image by specifying any valid URL for the SRC attribute of the tag. However, images and other component content can also be embedded within the MIME e-mail itself as a MIME content block. These content blocks are then assigned a content ID, which can be referenced from the SRC attribute using the cid: resource identifier followed by the assigned content ID. This means that Answers B and C are correct.
|
|
Under which of the following conditions can the fifth (last) parameter of the mail function, called $additional_parameters, be used?
A. Both when sending e-mail from UNIX and Windows/Novell
B. Only when sending e-mail from Windows/Novell to provide SMTP commands to the MTA
C. Only in conjunction with the sendmail application or a wrapper application specified
by sendmail_path
D. This parameter is deprecated and is no longer used in PHP
|
The final parameter of the mail function is used to provide additional parameters to the
sendmail application and is typically only used in UNIX environments where sendmail is available. However, this parameter could also be used in Windows/Novell environments if the sendmail_path configuration directive is used.
|
|
Under which of the following circumstances is the Content-Transfer-Encoding MIME header used?
A. Only when sending non-plaintext (ASCII) data to specify the encoding of the MIME
segment
B. To indicate special formatting of the e-mail, such as if it is to be rendered as HTML,
plain text, or rich text
C. It can be used at any time to specify the encoding of any segment of the MIME email
D. It can only be used to specify the encoding format (such as base64) of binary
segments of a MIME e-mail.
E. None of the above
|
The correct answer is C. The Content-Transfer-Encoding MIME header is used to specify the encoding of any segment of a MIME email. This header is most commonly associated with binary data to specify the algorithm used to encode it. By default, 7bit, quoted-printable, base64, 8bit and binary are available—however, anyone may specify their own encoding format using a name similar to x-.
|
|
Which of the following hold true for MIME boundaries specified by the boundary field in a Content-Type header? (Choose 3)
A. Boundaries must be at least 8 characters in length
B. Boundaries must be used to separate MIME segments by prefixing them with two
hyphens (e.g.: --abcdefghi) to begin the segment and both prefixing and appending
two hyphens (for example, --abcdefghi--) to end the segment
C. Boundaries must be unique in a MIME e-mail
D. Boundaries cannot be embedded within other boundaries
E. The actual text used for a boundary doesn’t matter
|
The correct answers are B, C and E. Boundaries are a critical part of sending MIME e-mails. Although there is no official restriction on the length of a boundary, there are significant consequences to a poor boundary choice. Because boundaries are simply plain text strings within the e-mail, it is very important that their value never appear within the actual body of one of the MIME segments. For instance, consider the potential disaster that a boundary of John, although technically valid, would cause if someone named John signed his e-mail -- John: the receiving e-mail client would parse that signature as the start of a new MIME
segment and, most likely, completely misinterpret the contents of the e-mail.
|
|
Consider the following e-mail:
From: John Coggeshall <[email protected]>
To: Joe User <[email protected]>
Subject: Hello from John!
Date: Wed, 20 Dec 2004 20:18:47 -0400
Message-ID: <[email protected]>
Hello, How are you?
What headers must be added to this e-mail to make it a MIME e-mail? (Select all that apply)
A. MIME-Version
B. Content-Disposition
C. Content-Type
D. Content-Transfer-Encoding
E. Content-ID
|
To create a valid MIME e-mail from the given plain-text message, the correct answers are A, C and D. A MIME e-mail must have the MIME-Version header at the start of the e-mail, while each segment (including the “root” segment) must sport both a Content-Type and Content-Transfer-Encoding header associated with it. The two other headers mentioned in the answers above are optional: Content-Disposition is used to indicate how the segment should be
displayed (for instance, if it should be represented as an attachment) and Content-ID is a unique identifier optionally assigned to the content in the segment.
|
|
Which MIME content type would be used to send an e-mail that contains HTML, rich text,
and plain text versions of the same message so that the e-mail client will choose the most
appropriate version?
A. multipart/mixed
B. multipart/alternative
C. multipart/default
D. multipart/related
E. Not possible using content-types
|
The correct answer is B. This special MIME content type is used to define a segment which contains sub-segments representing multiple versions of the same content. For instance, a multipart/alternative segment may have two segments within it of types text/plain and text/html. It is then left to the e-mail client to choose the most appropriate format and display that to the user. As a general rule of thumb, it is always a good idea to put the easiest to read (i.e. plain text) versions first in the event that the mail is read from a non MIME-compatible e-mail client.
|
|
What do you need to do in order for the mail function to work under Windows, assuming that sendmail is not installed on your machine?
A. Install a sendmail server
B. Install Microsoft Exchange
C. Install any mailserver on your computer
D. Change your php.ini configuration
E. Write a script that connects to a public e-mailing service
|
On a UNIX-like system, PHP relies on the sendmail application to handle its e-mailing (even if sendmail itself is not installed on the server and it’s emulated by a different Mail Transport Agent). On Windows machines, however, the mail function actually performs an SMTP transaction against the server specified in the SMTP INI setting, unless a sendmail wrapper is used. Therefore, Answer D is correct.
|
|
Which of the following measures will help prevent cross-site attacks on a form that sends a pre-defined text-only e-mail to a user-provided e-mail address? (Choose 2)
A. Enforcing the use of GET parameters only
B. Calling htmlentities() on the e-mail address
C. Enforcing the use of POST parameters only
D. Calling htmlentities() on the body of the e-mail
E. Ensuring that the e-mail address field contains no newline characters
|
The use of htmlentities() on a plain-text e-mail does nothing to help prevent cross-site
attacks—in fact, it may cause it to become unreadable for the recipient. Enforcing the use of POST variables only makes it harder for a would-be hacker to spoof your form (although not impossible), while ensuring that the e-mail field (which will become the To: header in the email) does not contain newline characters helps prevent a malicious user from adding his own e-mail address to that of the user and receiving a copy of the e-mail. Therefore, Answers C and E are correct.
|
|
How would you manipulate an array so that it can be sent as an attachment to an e-mail and
then reconstructed when the e-mail is received?
A. By transforming it into a string with serialize() and then encoding it with
htmlentities()
B. By saving it to a file and then encoding it with base64_encode()
C. By transforming it into a string with serialize()
D. By transforming it into a string with serialize() and encoding it with base64_encode()
E. By saving it to a file and then encoding it with convert_uuencode()
|
Serializing an array is the correct way of transforming it into a string—the first step towards making it transportable across the e-mail network. Next, you’ll need to encode it so that it can be safely sent across; the easiest way to do so in PHP 4 is to use the base64_encode function, which transforms it into a format that only uses 7 bits per character. Therefore, Answer D is correct.
|
|
Which of the following is the best way to determine the content type of a file that you want to embed in a MIME/multipart e-mail?
A. By hardcoding it in your script
B. By creating a manual list of MIME types and selecting from it based on the file’s
extension
C. By writing a stochastic function capable of determining the file’s data type based on
its contents
D. By using the mime_content_type function
E. By uploading the file to an external web service.
|
The mime_content_type function is the easiest and safest way to determine the MIME type of a file. Answer D is, therefore, correct. Note that this function is part of a deprecated extension—but there’s still a fair chance you’ll find it in legacy code.
|
|
In an UNIX environment that makes use of a local sendmail installation, how would you ensure that your script will be able to arbitrarily set the sender’s name and address in an email? (Choose 3)
A. By adding a From header to the message
B. By passing -f as one of the extra parameters
C. By adding a Reply-to header to the message
D. By ensuring that the user under which Apache runs is marked as privileged in the
sendmail configuration
E. By ensuring the Apache process runs as root
|
Adding a From header is not sufficient to ensure that sendmail won’t rewrite your sender address when sending the message. In fact, you have to specify the envelope sender of the email using the -f extra parameter to sendmail. These two steps, on their own, are not necessarily sufficient, however; you also have to ensure that the user under which Apache runs has the privilege of changing the envelope From header. Therefore, the correct answers are A, B and D.
|
