25 Essential PHP Interview Questions

Both include and require serve the same purpose, i.e. evaluate and include the requested file. The difference is that if an error occurs require will throw a fatal error and stop the execution of the script, while include will generate a warning and proceed with the execution of the code after.

Unset is used for destroying a variable(s), while unlink is used for deleting a file from the file system.

The value of both x and y will be '37'. By doing $y = &$x, we set y to a reference of x, not the value of x as we would do with $y = $x. That means that x and y are like aliases of each other and whenever we change any of them, it will alter the other one as well.

An exception can be thrown and is intended to be caught using a try-catch block. A PHP error on the other hand is non recoverable and can stop the whole execution of the program.

• GET appends the submitted data to the URL and is saved in the browser history, unlike POST which doesn’t show the submitted parameters in the URL and is never saved in history. That makes GET less secure and bad choice when dealing with sensitive data.
• GET has a length restriction, POST doesn’t.
• GET requests should only be used to retrieve data.

=== is used for strict comparison and checks both the value and the type of the operands. == on the other hand converts the operands to comparable types before checking, so it only takes the value into account. That makes === faster, because it doesn’t have to initiate a conversion operation.
Example: 1 == true will return true, while 1 === true will return false.

The operation returns false.
A leading 0 indicates that the number is in the octal system, so the operation above means we are comparing an octal 42 with a decimal 42. That would translate to 34 == 42, which returns false.

They are the same. [] is a short syntax for array and acts as an alias. It’s introduced in PHP 5.4, so using it in any older version of PHP will fail with an error.

Using double quotes allows for parsing a variable inside the string, while that's not possible with single quotes. Because of the additional operation of looking for a variable inside the string and getting its value, using single quotes is faster if you don't need this added functionality.
E.g.

$name = 'John Doe';
echo "I am $name"; /* prints I am John Doe */
echo 'I am $name'; /* prints I am $name */

&& has precedence over AND and it has precedence over =. AND, on the other hand does not have a precedence over =. That means that when using AND in an assignment operation, the assignment will execute before the comparison.
E.g.

$x = true && false; /* $x is equal to false. Explanation: && executes first, so the operation on the right side of the = is calculated first (equals to false) and then assigned to $x. */
$x = true AND false; /* $x is equal to true. Explanation: = has precedence over AND, so it executes first, meaning that $x is assigned to true. Then, the AND is executed in the form of $x AND false, which returns false but is not assigned to anything. */

echo doesn’t return anything, while print returns 1 to indicate the operation was successful. You can pass multiple strings to echo separated by a comma and it will print all of them. With print you can only send one parameter at a time.

This will return false. strpos looks for the position of 'PHP' inside the defined string. Since 'PHP' is at the beginning of the string, its position is 0. If 'PHP' didn't exist in the string, it would return false.
Now, because the check is not done with strict comparison, this goes directly to the else and returns false. Doing it like if (strpos($str, 'PHP') === false) would fix the problem.

This warning is triggered when trying to modify the HTTP headers (by setting a session, cookie, response type, doing a redirect etc.) after already displaying something on the screen (echoing something, starting html, unnoticed white space before the php open tag, PHP error etc.).

The __construct() method is called immediately after a new instance of the class is being created and it's used to initialize class properties. If the __construct() method is not implemented by the class itself, a built in constructor is called which creates the class instance. Similarly, the __destruct() method is called for destroying the created object when the script execution stops. The default built in destructor will be used if the class doesn't implement its own.

• Private – Visible only in its own class
• Public – Visible to any other code accessing the class
• Protected – Visible only to classes parent(s) and classes that extend the current class

When a class method is defined as final (prefixing the method definition with the final keyword) it means that the child classes can not override that method.
If a class is defined as final, it means that it can not be extended.

PHP doesn't support multi inheritance. Traits are introduced as a workaround for this in both PHP and other single inheritance languages.

Traits are a mechanism that allows code reuse in languages like PHP that don't support multi inheritance. It is intended to group given functionality in a consistent way. It's very similar to a class, but it can't be instantiated on its own - it's only used inside a given class to extend its functionality.

An interface specifies the methods that the class must implement, without defining how those methods are handled. A class implements an interface.
Abstract classes are classes that have at least one abstract method. They can’t be instantiated, only extended and all abstract methods have to be implemented in the child class. The class extends an abstract class.
Unlike with interfaces, with abstract classes you can have predefined methods that the child class can use.

When we use self in a class method, we reference the class that method was defined in. With static, we can reference the class that was called at runtime.
E.g.

class A {
public static function who() {
echo __CLASS__;
}
public static function test() {
self::who();
}
}
class B extends A {
public static function who() {
echo __CLASS__;
}
}
B::test();

We use self to call the who method and no matter that we called the test method on B, the self keyword looks for the static method in the same class where the call is located (the parent class - A). So, the snippet above will output A.
Now, if we replace the test method in A with:

public static function test() {
static::who();
}

B::test(); will output B. That’s because the static keyword doesn't look into the class it's located in, but the class the call was made on.

SQL Injection is a technique where an attacker creates or alters existing SQL queries to execute dangerous commands on the database. This happens when the application is taking user input to build a database query and if there's no proper validation on the input values, the attacker can mess up the whole application.
To prevent it, developers should always check and escape all user input before passing it to the database query.

PSR stands for PHP Standard Recommendation and is a coding standard for PHP developers to adhere. It's accepted by most popular frameworks and makes the code consistent, clean and easy for people to understand and follow.
The most popular PSR standards are PSR4 for autoloading (mapping namespaces to file paths) and PSR2 (and its previous version PSR1) for standardizing coding style.

Composer is a tool for dependency management in PHP. It allows you to declare the libraries you want to use in the project and it will install, update and autoload them for you.

The main goal of the Repository Design Pattern is to separate application from the database logic so that the database source can be easily changed without affecting the business logic at all.
According to the Repository Design Pattern, the application should communicate with the data sources using a repository interface. Every data source (MySQL, PostgreSQL etc.) has its own Repository class that implements the interface.
The controller class calls the methods from the repository interface, so it doesn't know which source the data is fetched from. That makes it very easy to change the source or make a big structural change. We would simply bind the interface to a different repository class and everything would continue working properly as long as all methods from the interface are still being implemented.

This is a broad question and the goal is to see whether the candidate has experience with design patterns and modern coding practices. They can explain their favorite design pattern and the use cases in which it's applicable.
Some examples:

• Facade Design Pattern - used to provide a simple interface for a more complex code base;
• Strategy Design Pattern - used to change the algorithm at runtime by instantiating a different object depending on the user input;
• Singleton Design Pattern - used when you need to make sure that no more than one instance of a given class can be created;