PHP Interview - Advance Level
Q1) What are sessions in PHP?
A session is a way to store and pass the information from one page to another. It stores the data on a server rather than the computer of the user. PHP session creates a unique user ID (Session identifiers or SID) for each browser to recognize the user and avoid conflict between multiple browsers. A session ends when the user loses the browser or after leaving the site, the server will terminate the session after a predetermined period of time, commonly 30 minutes duration.
- A session is started with the session_start() function. It is recommended to put the call to session_start() at the beginning of the page.
- Store the data in a session to use the $_SESSION global variable.
- To remove all global session variables and destroy the session, use session_unset() and session_destroy(). This function does not need any argument and a single call can destroy all the session variables.
- To remove a single session variable then you can use the unset() function to unset a session variable.
Example 1: Start session
Example 2: Destroy the session
Q2) What is a cookie in PHP?
A cookie is a small text file with a maximum size of 4KB that stores on the user's computer by the server. A cookie is created on the server side and saved to the client browser. Each time when a client sends a request to the server, a cookie is embedded with the request.
A cookie can only be read from the domain that it has been issued from. Cookies are usually set in an HTTP header but JavaScript can also set a cookie directly on a browser.
Methods Of Cookie:
- setcookie(): It is used to create a cookie. It requires six arguments (name, value, expire, path, domain, secure, httponly) but Only the name parameter is required. All other parameters are optional.
- $_COOKIE: $_COOKIE is a superglobal variable and It is used for accessing a cookie value. It is an associative array that contains a record of all the cookies values sent by the browser in the current request.
- setcookie() for deletion: The setcookie() function can be used to delete a cookie. For deleting a cookie, the setcookie() function is called by passing the cookie name and other arguments empty strings but however this time, the expiration date is required to be set in the past.
Q3) What is the difference between sessions and cookies?
| Session | Cookie |
|---|---|
| Sessions are server-side files that store user information. | Cookies are client-side files that are stored on a local computer and contain user information. |
| The session ends when the user closes the browser or logs out of the program. | Cookies end on the lifetime set by the user. |
| It can store an unlimited amount of data. | It can only store a limited amount of data. |
| The session saves data in encrypted form. | Cookies store data in a text file. |
| Sessions are more secure compared to cookies, as they save data in encrypted form. | Cookies are not secure, as data is stored in a text file, and if any unauthorized user gets access to our system, he can temper the data. |
| In PHP, to destroy or remove the data stored within a session, we can use the session_destroy() function, and to unset a specific variable, we can use the unset() function. | We can set an expiration date to delete the cookie's data. It will automatically delete the data at that specific time. There is no particular function to remove the data. |
Q4) What is the difference between include and require in PHP?
| Include | Require |
|---|---|
| The include() function does not stop the execution of the script even if any error occurs. | The require() function will stop the execution of the script when an error occurs. |
| The include() function does not give a fatal error. | The require() function gives a fatal error. |
| The include() function is mostly used when the file is not required and the application should continue to execute its process when the file is not found. | The require() function is mostly used when the file is mandatory for the application. |
Q5) How many types of errors are in PHP?
An error is a mistake in a program that may be caused by writing incorrect syntax or incorrect code. An error message is displayed on your browser containing the filename along with the location, a message describing the error, and the line number in which the error has occurred.
There are various types of errors in PHP but it contains basically four main types of errors.
- Syntax Error or Parse Error: It is the type of error done by the programmer in the source code of the program.
- Fatal Error: This error occurred due to the use of the undefined function.
- Warning Error: The main reason for warning errors is including a missing file.
- Notice Error: It is similar to a warning error. It means that the program contains something wrong but it allows the execution of script. Notice error does not prevent the execution of the code. Generally, notice error occurs when we try to use or access a variable that is undefined.
Q6) What are filters in PHP?
PHP Filter is an extension that is used to validate and sanitize input data. It plays a crucial role in the security of a website, especially useful when the data originates from unknown or foreign sources like user-supplied input.
There are some predefined filter functions and constants used for sanitizing or validating the data.
Filter Functions:
- filter_var()
- filter_var_array()
- filter_has_var()
- filter_id()
- filter_list()
- filter_input()
- filter_input_array()
Validate filter constants:
- FILTER_VALIDATE_EMAIL,
- FILTER_VALIDATE_URL,
- FILTER_VALIDATE_IP,
- FILTER_VALIDATE_BOOLEAN,
- FILTER_VALIDATE_INT,
- FILTER_VALIDATE_FLOAT
Sanitize filter constants:
- FILTER_SANITIZE_EMAIL
- FILTER_SANITIZE_STRING
- FILTER_SANITIZE_URL
- FILTER_SANITIZE_SPECIAL_CHARS