Scribd
Upload
18 views4 pages

EC3312 PracticalTest

This document is an assignment cover sheet for a Bachelor of Information Technology course, specifically for the Information Assurance Security module. It includes sections for individual or group declarations, lecturer comments, and feedback, along with a practical test related to website construction and security vulnerabilities. The document also outlines a solution to mitigate XSS attacks using the PHP htmlspecialchars() function.

Uploaded by

abikcasintern
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
18 views4 pages

EC3312 PracticalTest

This document is an assignment cover sheet for a Bachelor of Information Technology course, specifically for the Information Assurance Security module. It includes sections for individual or group declarations, lecturer comments, and feedback, along with a practical test related to website construction and security vulnerabilities. The document also outlines a solution to mitigate XSS attacks using the PHP htmlspecialchars() function.

Uploaded by

abikcasintern
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Bachelor of Information Technology (Hons)

Assignment Cover Sheet

CourseCode:_______EC3312___________ Course Title__Information Assurance Security____


AssignmentTitle: ___ Practical Test__________ Due Date: ________4/28/2024__________
Date Submitted: ________4/28/2024___________Lecturer Name: _________________________

To be completed if this is an individual assignment


I declare that this assignment is my individual work. I have not worked collaboratively nor have I
copied fromany other student’s work or from any other source except where due
acknowledgement is made explicitly in the text, nor has any part been written for me by another
person.

StudentName:__Ashim Ghemosu_____________ Student ID:_______00018837_________


Signature: ________________
To be completed if this is a group assignment
We declare that this is a group assignment and that no part of this submission has been copied
from any other student's work or from any other source except where due acknowledgement is
made explicitly in the text, nor has any part been written for us by another person.

Student ID Student Name Signature


_00018837 __ __Ashim Ghemosu______________________ __________
_________ __ ______________________________________ __________
_________ __ ______________________________________ ____ ______
_________ __ ______________________________________ __________

Lecturer's comments: _______________________________________________________


_________________________________________________________________________
Total Marks: ______________ Lecturer's Signature:_________________

Feedback to Student:
I/We acknowledged receiving feedback from the lecturer on this assignment.
Student’s Signature: ____________ _____________ _____________ ___________

Extension certification:
This assignment has been given an extension and is now due on _______________.
Lecturer’s Signature: _____________

1
Given code

Localhost setup
Construction of website from given codes

Injection And Execution


Possible Solution to Mitigate the Vulnerability
Sanitize and escape any user inputs before displaying them on the website to avoid XSS attacks. One
easy and efficient way to accomplish this is via the PHP htmlspecialchars() function.

htmlspecialchars(): Generates HTML entities from special characters (such as \, >, &, ', and ").
ENT_QUOTES: Guarantees conversion of single and double quotes.
UTF-8: Indicates the character encoding, guaranteeing security and compatibility.

Verification of the Fixes

You might also like