If you want to develop a secure web application, you need to make sure your cookies are locked down tight.
Because web applications use the client-server model, they are stateless. So we use sessions to persist data from one request to the next. The most common method for identifying a session is to create a unique session ID. Obviously this ID is stored on the server, either directly on the filesystem or in a database. But how will it be stored on the client side? That's where cookies come in... Read more.
If you've ever applied to a web development position, then you've probably been asked to define MVC.
My answer usually goes something like this:
- M is for model. That's your data layer. A model is a class that allows you to interact with the data source and perform CRUD operations. Most often the data source is a MySQL database, but ideally the framework will provide support for different types of data sources.
- V is for view. This is a type of UI layer. It's the page that is displayed to the end user.
- C is for controller. This is also a type of UI layer. It is responsible for receiving a request and returning a response. That is, it returns the appropriate view based on the path of the request (the URL to which the user navigated) and possibly input such as form data. It is considered a best practice to keep your controllers as lean as possible. So your controllers should be relatively devoid of business logic, which should be handled in its own layer. A common approach is to put business logic in "service" classes (e.g. SaleHandler).
Obviously I think this is a good definition, otherwise I wouldn't give it in an interview... Read more.