PHP Interview Questions and answers

Face to face technical interviews, questions related to sessions and cookies will pop up regularly. Since most of the developers are familiar with these sort of basic php questions they tend to ask more tricky questions, but if you have the correct idea then it is easy to answer any of those tricky questions. Let’s have a look on potential questions,

Where is the sessions are stored?

Sessions are stored in server side and it is accessed by a unique id which is known as the session-id where each user/visitor is assigned when they access your website.

How the session-id is propagated within your website?

Basically, there are 2 methods either store it in a cookie or propagated in the URL.

Session security questions will not be asked in an entry level interviews but, if an advanced level candidate who has experience in developing robust and secured application must know about the vulnerabilities.

Leaking out an existing session-id to a third party is very risky if the session is filled with more important information.
Main two methods of vulnerabilities are,
- When the session-id is carrying in URLs
If an external link from your site, a URL with the id might be stored in the external site’s referrer log.

- Active attacker might listen to network traffic
While the session-id flows over the network and if it is not encrypted an active listener might grab it. The best solution is to implement SSL and make it a must for all the users.

Here is a list of php question areas that might be asked in an add-hoc oral technical interview.

First of all they will focus on some more basic questions,
- Difference between GET and POST
- Echo and print
- Language constructors and so on…

Then most likely they would focus on,
- The behaviors of sessions and cookies
- Ways of a session ID can be passed
- Db connection strings and how can it be centralized and stuff like that.
- Difference between normal connection and a persistent connection etc..

Then obviously the interviewer will have to asses on your knowledge in Object Oriented Programming techniques,
- Simply what is a class or object?
- Some definitions on OOP techniques like, Encapsulation, overloading, inheritance.

Also design pattern questions will be asked here.
- Which OOP pattern implements a class that must be instantiated only once in a life span of a script?
- Some more questions on design patterns mostly real world scenarios.
- How design patterns can be used as a mix of more than one pattern?
- Some more discussions related to MVC, Abstract factory, and singleton.

Last but not least they will focus on your knowledge about the security issues, best practices, probably about register global issues and so on. Then the interviewers will focus on more into your CV and about the Frameworks and CMS’s you have been exposed to.

We will be discussing all of above points one by one in later posts stay tuned.

Cheers !