1.Considering the code below, which of these statements are true?
<?php ini_set("allow_url_fopen", "1"); $page = file_get_contents("http://www.codepunker.com"); if($page!=FALSE) echo "Successfully fetched website contents"; else echo "An error has occurred";
The correct setting for loading web pages from a script is "allow_url_include"
The "allow_url_fopen" option can not be changed through ini_set. It can only be set in php.ini for security reasons
The if statement should be "if($page!==FALSE)" because "file_get_contents" can return non boolean values which evaluate to false
2.What happens when you run the following MySQL Query ?
CREATE TABLE PRIMARY (ID int);
Syntax Error - PRIMARY is reserved in MySQL and should be quoted to be used as a table name
Syntax Error - PRIMARY is reserved in MySQL and can not be used as a table name
A table called PRIMARY containing a column called ID is created
3.What is the output of the following script ?
<?php function generate() { for ($i = 1; $i <= 3; $i++) yield $i; } $generator = generate(); if(is_array($generator)) echo "Is Array"; elseif(is_object($generator)) echo "Is Object"; else echo "Is none of the above"; ?>
Is Array
Is Object
Is none of the above
4.What is the output of the code below ?
$now = new DateTime(); $now2 = new DateTime(); $ago = new DateInterval('P4Y10M3W'); $ago2 = new DateInterval('P4Y10M2W7D'); $then = $now->sub($ago); $date1 = $then->format('Y-m-d'); $then2 = $now2->sub($ago2); $date2 = $then2->format('Y-m-d'); var_dump ($date1 === $date2);
bool(false) - because the '2W' part in $ago2 will get overwritten by the '7D' part and therefor the second date interval will be 2 Weeks shorter than the first interval.
bool(false)
$ago2
bool(true) - because the two interval definitions are equivalent.
bool(true)
bool(false) and the script will throw a notice because the date/time interval notation in the $ago2 variable is wrong.
5.Which of th following statements about object serialization are true ?
After serializing an object, a programmer can fully recreate that object in another file by calling unserialize() even if the class definition doesn't exist.
unserialize()
Static class properties can be serialized, but can not be unserialized.
Static class properties can not be serialized.
6.What happens if you execute the code below ?
<?php class someclass { public $someprop; function __construct() { $this->someprop = 1; } } function somefunc(&$instance) { unset($instance); } $instance = new someclass; somefunc($instance); var_dump($instance);
NULL
object(someclass)#1 (1) { ["someprop"]=> int(1) }
Warning (Only variables can be passed by refence) NULL
7.What is the output of the following PHP script?
<?php $a = 1; $b = 2.5; $c = 0xFF; $d = $b + $c; $e = $d * $b; $f = ($d + $e) % $a; print ($f + $e);
643.75
432
643
257
432.75
8.How do you access standard I/O and error streams ?
Use stdin(), stdout() and stderr() functions
PHP::STDIN, PHP::STDOUT and PHP::STDERR class constants
Use PHP::stdin(), PHP::stdout() and PHP::stderr() class functions
STDIN, STDOUT and STDERR constants
9.Which from the following list is not an appropriate use of an array?
Which from the following list is not an appropriate use of an array?
As a list
All of these uses are valid
As a Lookup Table
A Stack
As a hash table
10.What is the output of the following PHP code? define("FOO", 10); $array = [10 => FOO,"FOO" => 20]; print $array[$array[FOO]] * $array["FOO"];
What is the output of the following PHP code? define("FOO", 10); $array = [10 => FOO,"FOO" => 20]; print $array[$array[FOO]] * $array["FOO"];
FOO
100
200
20
10
11.Which technique should be used to speed up joins without changing their results?
Which technique should be used to speed up joins without changing their results?
Add an index on joined columns
Add a WHERE clause
Add a LIMIT clause
Use an inner join
12.What is the best way to ensure that a user-defined function is always passed an object as its single parameter?
What is the best way to ensure that a user-defined function is always passed an object as its single parameter?
function myfunction(stdClass $a)
function myfunction($a = stdClass)
Use is_object() within the function
There is no way to ensure the parameter will be an object.
function myfunction(Object $a)
13.What does the following function do, when passed two integer values for $p and $q? function magic($p, $q) { return ($q == 0) ? $p: magic($q, $p % $q); }
What does the following function do, when passed two integer values for $p and $q? function magic($p, $q) { return ($q == 0) ? $p: magic($q, $p % $q); }
Loops infinitely.
Switches the values of $p and $q.
Determines if they are both even or odd?
Determines the greatest common divisor between them.
Calculates the modulus between the two.
14.What would go in place of ?????? below to make this script execute without a fatal error? $a = 1; $b = 0; /* ?????? */ $c = $a / $b;
What would go in place of ?????? below to make this script execute without a fatal error? $a = 1; $b = 0; /* ?????? */ $c = $a / $b;
quit();
die();
stop();
__halt_compiler();
exit();
15.What is the output of the following function? function &find_variable(&$one, &$two, &$three) { if($one > 10 && $one < 20) return $one; if($two > 10 && $two < 20) return $two; if($three > 10 && $three < 20) return $three; } $one = 2; $two = 20; $three = 15; $var = &find_variable($one, $two, $three); $var++; print "1: $one, 2: $two, 3: $three";
What is the output of the following function? function &find_variable(&$one, &$two, &$three) { if($one > 10 && $one < 20) return $one; if($two > 10 && $two < 20) return $two; if($three > 10 && $three < 20) return $three; } $one = 2; $two = 20; $three = 15; $var = &find_variable($one, $two, $three); $var++; print "1: $one, 2: $two, 3: $three";
1: 2, 2: 20, 3: 15
1: 3, 2: 21, 3: 16
1: 2, 2: 21, 3: 15
1: 3, 2: 20, 3: 15
1: 2, 2: 20, 3: 16
16.How does one access standard input/output and error streams in PHP 5?
How does one access standard input/output and error streams in PHP 5?
17.In PHP 5 you can use the ______ operator to ensure that an object is of a particular type. You can also use _______ in the function declaration.
In PHP 5 you can use the ______ operator to ensure that an object is of a particular type. You can also use _______ in the function declaration.
instanceof, is_a
instanceof, type-hinting
type, instanceof
===, type-hinting
===, is_a
18.How can you modify the copy of an object during a clone operation?
How can you modify the copy of an object during a clone operation?
Put the logic in the object's constructor to alter the values
Implment your own function to do object copying
Implement the object's __clone() method
Implement __get() and __set() methods with the correct logic
Implement the __copy() method with the correct logic
19.The ______ keyword is used to indicate an incomplete class or method, which must be further extended and/or implemented in order to be used.
The ______ keyword is used to indicate an incomplete class or method, which must be further extended and/or implemented in order to be used.
final
protected
incomplete
abstract
implements
20.The _______ method will be called automatically when an object is represented as a string.
The _______ method will be called automatically when an object is represented as a string.
getString()
__get()
__value()
__toString()
__getString()
21.Consider the following code: session_start(); if(!empty($_REQUEST['id']) && !empty($_REQUEST['quantity'])) { $id = scrub_id($_REQUEST['id']); $quantity = scrub_quantity($_REQUEST['quantity']) $_SESSION['cart'][] = array('id' => $id, 'quantity' => $quantity) } /* .... */ What potential security hole would this code snippet produce?
Consider the following code: session_start(); if(!empty($_REQUEST['id']) && !empty($_REQUEST['quantity'])) { $id = scrub_id($_REQUEST['id']); $quantity = scrub_quantity($_REQUEST['quantity']) $_SESSION['cart'][] = array('id' => $id, 'quantity' => $quantity) } /* .... */ What potential security hole would this code snippet produce?
Cross-Site Scripting Attack
There is no security hole in this code
Code Injection
SQL Injection
Cross-Site Request Forgery
22.What is the best measure one can take to prevent a cross-site request forgery?
What is the best measure one can take to prevent a cross-site request forgery?
Disallow requests from outside hosts
Add a secret token to all form submissions
Turn off allow_url_fopen in php.ini
Filter all output
Filter all input
23.When comparing two strings, which of the following is acceptable?
When comparing two strings, which of the following is acceptable?
$a === $b;
strcasecmp($a, $b);
strcmp($a, $b);
$a == $b;
str_compare($a, $b);
24.A fingerprint of a string can be determined using which of the following?
A fingerprint of a string can be determined using which of the following?
md5()
hash()
fingerprint()
None of the above
25.To destroy one variable within a PHP session you should use which method in PHP 5?
To destroy one variable within a PHP session you should use which method in PHP 5?
Unset the variable in $HTTP_SESSION_VARS
Use the session_destroy() function
Use the session_unset() function
unset the variable in $_SESSION using unset()
Any of the above are acceptable in PHP 5
26.If you would like to store your session in the database, you would do which of the following?
If you would like to store your session in the database, you would do which of the following?
It requires a custom PHP extension to change the session handler
Implement the session_set_save_handler() function
Create functions for each session handling step and use session_set_save_handler() to override PHP's internal settings
Configure the session.save_handler INI directive to your session class
27.If you would like to change the session ID generation function, which of the following is the best approach for PHP 5?
If you would like to change the session ID generation function, which of the following is the best approach for PHP 5?
Set the session.hash_function INI configuration directive
Use the session_set_id_generator() function
Set the session id by force using the session_id() function
Use the session_regenerate_id() function
Implement a custom session handler
28.Consider the following HTML fragment: <select name="???????" multiple> <option value="1">Item #1</option> <!-- ... more options ... --> </select> Which of the following name attributes should be used to capture all of the data from the user in PHP?
Consider the following HTML fragment: <select name="???????" multiple> <option value="1">Item #1</option> <!-- ... more options ... --> </select> Which of the following name attributes should be used to capture all of the data from the user in PHP?
myselectbox=array()
myselectbox[]
myselectbox['multiple']
myselectbox{'multiple'}
myselectbox
29.To force a user to redirect to a new URL from within a PHP 5 script, which of the following should be used?
To force a user to redirect to a new URL from within a PHP 5 script, which of the following should be used?
Send a HTTP "Location:" header
Use the HTML <redirect> Tag
Send a HTTP "Forward:" header
Use the redirect() function
30.Setting a HTTP cookie on the client which is not URL-encoded is done how in PHP 5?
Setting a HTTP cookie on the client which is not URL-encoded is done how in PHP 5?
Use the setrawcookie() function
Set the cookies.urlencode INI directive to false
Use urldecode() on the return value of setcookie()
Setting the $no_encode parameter of setcookie() to a boolean 'true'
All cookies must be URL encoded
