Workshop | Sams Teach Yourself PHP, MySQL and Apache All in One (3rd Edition)

The workshop is designed to help you anticipate possible questions, review what you've learned, and begin putting your knowledge into practice.

Quiz

1.	What are the advantages of database files over plain text files for storing user authentication information?
2.	Can you name some disadvantages of HTTP basic authentication?
3.	What function is designed to allow you to set a cookie on a visitor's browser?

Quiz Answers

1.	Database files are much more scalable because they can be indexed. This means that Apache does not need to read the file sequentially until a match is found for a particular user but rather can jump to the exact location.
2.	One disadvantage is that the information is transmitted in clear text over the network. This means that unless you are using SSL, it is possible for an attacker to read the packets your browser sends to the server and steal your password. Another disadvantage is that HTTP authentication does not provide a means for customizing the login (except the realm name). It is common for websites to implement custom login mechanisms using HTML forms and cookies.
3.	The `setcookie()` function allows you to set a cookie (although you could also output a `Set-Cookie` header using the `header()` function).

Activity

Practice using the various types of authenticationboth server-based and with PHPon your development server. Get a feel for the differences between basic HTTP authentication and something you devise on your own.