1.What is the default value for the "max_execution_time" setting when running PHP as a CLI SAPI ?

Whatever is set as the value for "max_execution_time" in php.ini

0 (Zero) which stands for infinite

There is no "max_execution_time" setting if running PHP as a CLI SAPI

2.What happens when the script below is executed ?

  <?php
    namespace CustomArea;
    error_reporting(E_ALL);
    ini_set("display_errors", "on");
    function var_dump($a)
    {
      return str_replace("Weird", $a, "Weird stuff can happen");
    }
    $a = "In programming";
    echo var_dump($a);
  ?>

PHP Fatal error: Cannot redeclare var_dump()

Weird stuff can happen

In programming stuff can happen

3.Assuming that the code below is in a file named "test.php" and that PHP has full rights over the file, what happens if the file is executed from the command line without any arguments ?

  exec("rm -f " . dirname(__FILE__) . "/" .  $argv[0]);

The script exits without doing anything

The file test.php is deleted

A notice is thrown because $argv[0] is not defined and the script fails.

4.What is the output of the code below ?

  
    <?php
    $a = array('one'=>'php', 'two'=>'javascript', 'three'=>'python');
    $b = array('python', 'javascript', 'php');

    if(array_values(array_reverse($a)) === $b)
      echo 'true';
    else
      echo 'false';
  

Fatal error: Can't use function return value in write context

false

true

5.When dealing with cloned objects in PHP, which of the following statements are true ?

The programmer can make use of the __clone() magic method to stop an object from being cloned.

As of PHP 7.0.0, members of cloned objects can be accessed in a single expression without any assignments... Like this:
(clone new DateTime())->format('Y');

The __clone() magic method of a class is called before the actual cloning of the object occurs allowing the programmer to alter values before the cloning process begins.

6.What is the best way to store and verify passwords in PHP ?

Using a hashing algorithm like md5 or sha256 and then, when verifying compare the stored hash with the hash of the string submitted by the user

Using the built in password_create() and password_verify() functions in PHP

Using the strongest to date hashing algorithm combined with a salt to avoid dictionary attacks.

7.Which of the following is not valid syntax for creating a new array key?

$a[] = "value";

$a{} = "value";

$a[0] = "value";

$a{0} = "value";

$a[$b = 0] = "value";

8.Which of the following functions will sort an array in ascending order by value, while preserving key associations?

asort()

usort()

krsort()

ksort()

sort()

9.Which function would you use to add an element to the beginning of an array?

array_shift()

array_push()

$array[0] = "value";

array_unshift()

array_pop()

10.What should go in the missing line ????? below to produce the output shown? $array_one = array(1,2,3,4,5); $array_two = array('A', 'B', 'C', 'D', 'E'); ??????? print_r($array_three); Result: Array ( [5] => A [4] => B [3] => C [2] => D [1] => E )

$array_three = array_merge(array_reverse($array_one), $array_two);

$array_three = array_combine($array_one, $array_two);

$array_three = array_combine(array_reverse($array_one), $array_two);

$array_three = array_merge($array_one, $array_two);

$array_three = array_reverse($array_one) + $array_two;

11.Transactions are used to...

guarantee high performance

secure data consistency

secure access to the database

reduce the database server overhead

reduce code size in PHP

12.How does one access standard input/output and error streams in PHP 5?

STDIN, STDOUT and STDERR constants

Use stdin(), stdout() and stderr() functions

PHP::STDIN, PHP::STDOUT and PHP::STDERR class constants

Use PHP::stdin(), PHP::stdout() and PHP::stderr() class functions

13.What are the three access modifiers that you can use in PHP objects?

protected

public

static

private

final

14.When checking to see if two variables contain the same instance of an object, which of the following comparisons should be used?

if($obj1->equals($obj2) && ($obj1 instanceof $obj2))

if($obj1->equals($obj2))

if($obj1 instanceof $obj2)

if($obj1 === $obj2)

15.In PHP 5 you can use the ______ operator to ensure that an object is of a particular type. You can also use _______ in the function declaration.

instanceof, is_a

instanceof, type-hinting

type, instanceof

===, type-hinting

===, is_a

16.What is the primary difference between a method declared as static and a normal method?

Static methods can only be called using the :: syntax and never from an instance

Static methods do not provide a reference to $this

Static methods cannot be called from within class instances

Static methods don't have access to the self keyword

There is no functional difference between a static and non-static method

17.Type-hinting and the instanceof keyword can be used to check what types of things about variables?

If a particular child class extends from it

If they are an instance of a particular interface

If they are an abstract class

If they have a particular parent class

If they are an instance of a particular class

18.What three special methods can be used to perform special logic in the event a particular accessed method or member variable is not found?

__get($variable)

__call($method, $params)

__destruct()

__set($variable, $value)

__call($method)

19.Which php.ini directive should be disabled to prevent the execution of a remote PHP script via an include or require construct?

You cannot disable remote PHP script execution

curl.enabled

allow_remote_url

allow_url_fopen

allow_require

20.Which of the following php.ini directives should be disabled to improve the outward security of your application?

safe_mode

magic_quotes_gpc

register_globals

display_errors

allow_url_fopen

21. Which of the following list of potential data sources should be considered trusted?

$_ENV

$_GET

$__COOKIE

$_SERVER

None of the above

22.What is the best measure one can take to prevent a cross-site request forgery?

Disallow requests from outside hosts

Add a secret token to all form submissions

Turn off allow_url_fopen in php.ini

Filter all output

Filter all input

23.Consider the following code: header("Location: {$_GET['url']}\"); Which of the following values of $_GET['url'] would cause session fixation?

Session Fixation is not possible with this code snippet

http://www.zend.com/?PHPSESSID=123

PHPSESSID%611243

Set-Cookie%3A+PHPSESSID%611234

http%3A%2F%2Fwww.zend.com%2F%0D%0ASet-Cookie%3A+PHPSESSID%611234

24.Which of the following is the best way to split a string on the "-=-" pattern?

They all are equally proper methods

str_split($string, strpos($string, "-=-"))

preg_split("-=-", $string);

explode("-=-", $string);

25.Which function is best suited for removing markup tags from a string?

strip_markup

strip_tags

str_replace

preg_replace

preg_strip

26.Which PCRE regular expression will match the string PhP5-rocks

/^[hp1-5]*\-.*/i

/[hp1-5]*\-.?/

/[hp][1-5]*\-.*/

/[PhP]{3}[1-5]{2,3}\-.*$/

/[a-z1-5\-]*/

27.If you would like to store your session in the database, you would do which of the following?

It requires a custom PHP extension to change the session handler

Implement the session_set_save_handler() function

Create functions for each session handling step and use session_set_save_handler() to override PHP's internal settings

Configure the session.save_handler INI directive to your session class

28.Consider the following HTML fragment: <select name="???????" multiple> <option value="1">Item #1</option> <!-- ... more options ... --> </select> Which of the following name attributes should be used to capture all of the data from the user in PHP?

myselectbox=array()

myselectbox[]

myselectbox['multiple']

myselectbox{'multiple'}

myselectbox

29.Setting a HTTP cookie on the client which is not URL-encoded is done how in PHP 5?

Use the setrawcookie() function

Set the cookies.urlencode INI directive to false

Use urldecode() on the return value of setcookie()

Setting the $no_encode parameter of setcookie() to a boolean 'true'

All cookies must be URL encoded

30.One can ensure that headers can always be sent from a PHP script by doing what?

Enable header buffering in PHP 5

Set the header.force INI directive to true

Enable output buffering in PHP 5

There is no way to ensure that headers can always be set, they must always be checked

None of the above