Аз съм в онлайн системата на телерик от пролетната академия.Кандидатсвтах на няколко места за работа и ми се обадиха като ми казаха ,че може да започна стаж но първо трябва да направя дадени ми задачи.Като гледам тези задачи и не съм сигурен какво трябва да направя.Молбата ми е ако може някой да ги погледне и да ми каже за коя какво да уча ще е много добре или с няколко изречения какво точно трябва да направя ,дали да търся материали от академията и какво точно? Ето го и заданието:
Task1 (Database) Duplicate data
"Sheet 2 ""Duplicate Data"" contains a list of data with entries into a competition. The competition rules only allow a user to enter once and only the first entry will be allowed.
1.) Import the data into MS SQL Server including duplicates.
2.) Write a query to give a summary of each email address and how many times this email address was entered sorted alphabetically by email address.
3.) Write a query which extracts all records but only the most recent record of a duplicate.
4.) Write a query which extracts all records but only the first record if the record is one of a duplicate set.
Task2 (Code) Upload & Basic Database work & validation
Our clients often require us to build some basic data handling and upload forms
1.) Create a page which allows the user to select a file from their desktop and upload the file.
2.) When uploading the file all files will live in the same directory on the server. The file name created on the server should be automatically created and should always be unique.
3.) The user should also be forced to create a name, description and category for the document they upload which should be saved in a sql database table.
4.) Validation - the user should be forced to create a name for the document and also a category.
Task3 (Code & UI) Listing page, paging and sort
The data in task 2 we expect the user to upload thousands of items which needs to be easily manageable.
1.) Create a grid listing page which list all the fields in the database and the unique file name for the uploaded file.
2.) Create a Alphabetic link list (A-Z , "123" & "ALL") . When a user clicks on a letter the grid will filter only listing the items with the names starting with the letter they have selected
3.) Limit the page to 10 items per page and add paging << < Page 1 > >> to the page to cycle through the data.
4.) If the filter in Task3.2 is selected, the paging should only page through the filtered data.
5.) Add a drop down box (Combo box) with all the database field names and allow the user to select a field. If a field is selected the list should be sorted by that field. Any filter applied to the dataset before the filter is selected should not be changed and the sort should only be applied on the filtered data.
Task 4 (Code Security) Review some code
Security is important when we build pages and we should always be vigilant in our procedures when we build code. Please answer all questions in English as if you were explaining it to a client in an email . Assume the client is a technical project manager - with coding experience so you can use Jargon.
1.) Review the code in Sheet 3 "PHP Code" Page A . We have become aware this page is a weak and vulnerable page (In particular this page can be used to get data from the database or to create a false login). Answer the below questions:
a.) Why is this page vulnerable from a code perspective?
b.) How would you fix it? (Make changes to the code) Why would this help?
2.) Review code in Sheet 3 "PHP Code" - Page 2. Assume this page lists sensitive data. Assuming this page is secured by the code for Task4.1 and that the code in Task4.1 is now fixed.
a.)Why would this page be vulnerable/accessible?
b.) How would you fix it?
3.) Assuming the code above is on a normal IIS server and all traffic runs over normal HTTP port 80. The customer is concerned they login information may be hijacked and stolen.
a.) What can be done without changing the code to harden the request /response process between the browser and the server?
b.) Explain in why this would mitigate the problem.
4.) We have a database table called USER. The table stores the Username and Password for the users in our site. All data is stored in clear text in the database.
"a.) How could we limit the data a potential hacker sees in the database in particular the password.
(Assume the hacker has managed to pass the firewalls and can query the data in the database directly but has no access to the file system yet) "