PHP Pen Questions

1. The difference between double quotation marks and single quotation marks

• Double quote explanatory variable, single quote not explanatory variable
• Double quotation marks in single quotes, where there are variables in single quotes, the variable interpretation
• The variable name of double quotes must be followed by a special character that is not a number, a letter, an underscore, or a variable enclosed in {}, otherwise the part after the variable name is treated as a whole, causing a syntax error
• Double quotes interpret escape characters, single quotes do not interpret escape characters, but explain ' \ and \ \
• The single quote character can be used as much as possible single quotation marks, the efficiency of single quotation marks is higher than double quotation marks (because the double quotation marks to go through, to determine if there are no variables, and then the operation, and single quotation marks do not need to judge)

2, commonly used super-global variables (8)

• $_get----->get Transfer Mode
• $_post----->post Transfer Mode
• $_request-----> can receive values for get and post two ways
  ***
• $GLOBALS-----> All the variables are in there.
• $_file-----> Upload files using

• $_server-----> System Environment variables
  * **
• $_cookie-----> Session control will be used.

• $_session-----> Session control will be used.

3. The difference between post, GET, PUT, delete in HTTP

HTTP defines a different approach to interacting with the server, the most basic is the post, get, put, DELETE, and its more than the full name of the URL is a resource descriptor, we can understand that: the URL describes a resource on the network, and post, get, put, Delegate is to this resource to increase, delete, change, check the operation!

3.1 Differences in how get and post are submitted in the form

• Get is the URL where the parameter data queue is added to the Action property of the submission form, and the value corresponds to the field one by one in the form, which is visible from the URL; Post is through the httppost mechanism, The user cannot see this procedure by preventing the fields in the form from being routed to the URL address in the HTML's head, which is referred to by the Action property.
• For Get mode, the server side uses Request.QueryString to get the value of the variable, and for post, the server uses Request.Form to get the submitted data.
• The amount of data sent by the get is small, the amount of data sent by the post is large and is generally not restricted by default, but in theory, the maximum IIS4 in 80KB,IIS5 is 1000k,get security is very low, post security is high

3.2

• A GET request sends a request for data to the database to obtain information, which, like a database's select operation, simply queries the data, does not modify, add data, and does not affect the contents of the resource, that is, the request does not have side effects. The results are the same no matter how many times you do it.
• Unlike get, a put request is a change of information by sending data to the server, which, like the database update operation, modifies the contents of the data, but does not increase the type of data, that is, the result is not different regardless of the number of put operations.
• A POST request, like a put request, sends data to the server, but the request alters resources such as the type of data, and creates new content just like the insert operation for a database. Almost all of the current commit operations are requested by post.
• The delete request, as its name implies, is used to delete a resource, which is like a database delete operation.

4. Introduction to PHP

Hypertext Preprocessor----Hypertext preprocessor

Personal Home Page Original name

Purpose: allows Web developers to quickly write dynamically generated Web pages, compared to other pages, PHP is to embed the program into the HTML document to execute, more efficient than the fully generated HTML editing CGI much higher

HTML: Hypertextmarkup Language

founder: Ramsler Loedorf Rasmus lerdorf,1968, University of Waterloo, Canada

Lodorf was initially designed to maintain personal web pages, wrote maintenance programs in Prel language, and then rewritten with C, eventually deriving Php/fi

Time axis:

• 1995.06.08 to release Php/fi publicly
• 1995 php2.0, added support for MySQL
• 1997 php3.0
• php4.0
• php5.0
• Since php6.0 does not fully resolve Unicode encoding, there is basically no application on the production line, basically just a concept product, many features have been implemented on php5.3.3 and php5.3.4

Common IDE (intergrateddevelopment environment): Integrated development environment

• Coda (MAC)
• Phpstrom
• Adobe Dreamweaver
• NetBeans

A common text editor with code highlighting:

• nodepad++
• Sublimetext

PHP Advantages

PHP Features:

• PHP has a unique mix of C,java,prel and PHP's self-created syntax
• Can be faster than CGI or Prel to execute Dynamic Web pages, and other become a language, PHP is a program embedded in the HTML document to execute, the efficiency is more efficient than the full generation of HTML editing CGI is much higher, all CGI can be implemented
• Support for almost all popular databases and operating systems
• PHP can use c,c++ to extend the program

PHP Advantages:

• Open Source Code
• Free Sex
• Quick Sex
• Cross-platform Strong
• High efficiency
• Graphics processing
• Object oriented
• Professional focus

PHP Technical Application:

• Static page Generation
• Database Cache
• Procedure Cache
• DIV+CSS Standard
• Heavy Duty
• Distributed
• Flex
• Support MVC
• Smarty Module engine

PHP Authentication Level

• Junior Ife:index Front Engineer front-end engineer
• Intermediate ipe:index php Engineer PHP Engineer
• Senior Iae:index Architecture Engineer Architecture Engineer

6. The difference between echo, Print_r, print, Var_dump

echo 、 print 是php 语句，var_dump 和 Print_r是函数

Echo输出一个或多个字符串，中间以逗号隔开，没有返回值是语言结构而不是真正的函数，因此不能作为表达式的一部分使用

Print 也是php  只能打印出简单类型变量的值( 如int ，string) ，如果字符串显示成功则返回 true ，否则返回 false

Print  可以打印出复杂类型变量的值( 如数组、对象）以列表的形式显示，并以array 、object 开头，但 print _r 输出布尔值和NULL 的结果没有意义，因为都是打印 "\ n"，因此var_dump()函数更适合调试

判断一个变量的类型和长度，并输出变量的数值

7. HTTP Status Code

Click here to see an explanation of HTTP status code

the common HTTP Status Code:

• 200-Successful request
• 301-Resources (Web pages, etc.) are permanently escaped to other URLs
• 404-The requested resource (Web page, etc.) does not exist
• 505-Internal Server error

HTTP Status Code classification:

• 1**-Information, requests received by the server that require the requestor to continue to perform the operation
• 2**-Successful, the operation is successfully received and processed
• 3**-redirect, requires further action to complete the request
• 4**-Client error, request contains syntax error or unable to complete request
• 5** Server error, the server is processing the request process
  An error occurred in

8. What is Magic Quotes

Magic Quotes are a process that automatically escapes data into a PHP script, preferably not escaped while encoding and escaped as needed at run time

9, how to obtain the client's IP (requires an int) and the server IP code

Client:$_SERVER["REMOTE_ADDR"];或者getenv(‘REMOTE_ADDR‘)
ip2long进行转换
Server-side:gethostbyname(‘www.baidu.com‘)

10. Use those tools for version control

CVS, SVN, VSS, git

11. Ways to optimize the database eight ways to optimize MySQL database (classic must-see) Click to get

• Select the most applicable field properties, minimize the width of the field as much as possible, and set the field to Notnull, such as ' Province ', ' gender ', best for enum
• Use connection (join) instead of subquery
• Apply Union (Union) instead of manually created temporary table
• Transaction processing
• Lock table, optimize transaction processing
• Apply foreign key, optimize lock table
• Build an index
• Refine query statements

12. Have you used a template engine? What is the name of the template engine used?

Smarty: Smarty is a very old PHP template engine, it was my first choice to use this language template. Although its update is not frequent and lacks some of the features of the next-generation template engine, it is still worth seeing.

13, for the large-flow site, the use of what method to solve the problem of access volume

• Verify that the server hardware is capable of supporting current traffic
• Database reading and writing separation, optimizing data table
• program function rules, prohibit external hotlinking
• Control the download of large files
• Divert primary traffic with different hosts

14. What is the difference between statement include and require? To avoid including the same file multiple times, you can use the (?) Statements instead of them

• Require is an unconditional inclusion, that is, if a process joins require, whether or not the condition will be executed first require, when the file does not exist or cannot be opened, will prompt the error, and will terminate the program execution
• Include has a return value, and require does not (possibly because this require faster than include), if the contained file does not exist, then will prompt an error, but the program will continue to execute

Note: Require is fatal when the include file does not exist or is syntactically incorrect, and include is not

• Require_once indicates that it is included only once to avoid repeating the inclusion

15, talk about the understanding of MVC

Applications that are completed by models, views, and controllers, emitted by the model to implement the functions to the Controller, the controller receives the organizational functions passed to the view

16. Explain the difference between the value and the reference in PHP, and explain when the value of the transfer is quoted?

Variables are always assigned by default, that is, when a value of an expression is assigned to a variable, the value of the entire expression is assigned to the target variable, which means: when a variable is assigned to another variable, changing the value of one of the variables will not affect the other variable

PHP also provides another way to assign a value to a variable: reference assignment. This means that the new variable has a simple __ reference __( in other words, becomes its alias or points to) the original variable . Changes to the new variable will affect the original variable and vice versa. Use reference assignment to simply add a & symbol to the variable that will be assigned (source variable)

object is referenced by default
For larger data, it is better to pass the reference, which saves memory overhead

- , isset , Empty , Is_null the District Don't

Isset determines whether a variable is defined or is empty

Variable exists return ture, otherwise returns false

Variable definition does not assign a value to return false

unset a variable that returns false

Variable assignment is null, return False

Empty: Determines whether the value of the variable is empty, is null to convert to False, returns true for NULL, and returns false instead.

"", 0, "0", Null,false are considered null, return True

Objects that do not have any attributes are considered empty

Is_null: Detects if the value passed in (value, variable, expression) is null

Defined, but the assignment is null

defined, but not assigned

unset a variable

- , front-end Debug the Tools

• Firefox's Firebug
• Chrome's development tools
• Emmet
• JSON Format Validation Tool

Simple description mysql , index, primary key , unique index, indexed area , What is the impact on the performance of the data base (both in terms of reading and writing) (Sina Technique Department)

An index is a special kind of file (an index on a InnoDB data table is an integral part of a table space), and they contain reference pointers to all records in the datasheet.
The only task for a normal index (an index defined by the keyword key or index) is to speed up access to the data.
A normal index allows the indexed data column to contain duplicate values. If you can determine that a data column will contain only values that are different from each other, you should define it as a unique index with the keyword unique when creating an index for that data column. In other words, a unique index guarantees the uniqueness of the data record.
A primary key, which is a special unique index that can define only one primary key index in a table, and a primary key that uniquely identifies a record and is created using the keyword PRIMARYKEY.
An index can overwrite multiple data columns, such as index (COLUMNA,COLUMNB), which is the federated index.
Indexes can greatly improve the query speed of your data, but it reduces the speed of inserting, deleting, and updating tables, because when you perform these writes, you also manipulate the index files.

What is the business in the database ?

A transaction (transaction) is an ordered set of database operations as a unit. If all operations in the group are successful, the transaction is considered successful and the transaction is unsuccessful even if only one operation fails. If all operations are completed, the transaction commits and its modifications are made to all other database processes. If an operation fails, the transaction is rolled back, and the effect of the firm's operations is canceled. ACID four characteristics, atomicity, isolation, consistency, durability.

Learn about XSS attacks ? How to prevent?

XSS is a cross-site scripting attack, first using a cross-site scripting vulnerability to execute an attacker-constructed script in a privileged mode, and then take advantage of an unsafe ActiveX control to perform malicious behavior.
Use the Htmlspecialchars () function to filter the contents of the submission so that the special symbols inside the string are manifested.

22.SQL Injection Vulnerability Production the reason for the birth? How to prevent?

The cause of SQL injection: In the process of program development, we do not pay attention to the specification of writing SQL statements and filtering special characters, which causes the client to submit some SQL statements through the global variables post and get to execute normally.

Prevent SQL injected in the way:

1. To open MAGIC_QUOTES_GPC and magic_quotes_runtime settings in a configuration file
2. SQL statement conversion using addslashes when executing SQL statements
3. SQL statement writing try not to omit double and single quotes.
4. Filter out some of the keywords in the SQL statement: UPDATE, INSERT, delete, select, *.
5. To improve the naming techniques of database tables and fields, some important fields are named according to the characteristics of the program, which are not easily guessed.
6. Set register_globals to OFF in PHP configuration file, turn off global variable registration
7. Control error messages, do not print error messages on the browser, and write error messages to the log file.

23.PHP The main attack of the website hit What are the ways?

1. Command Injection (injection)
2. Eval Injection (eval injection)
3. Client-side scripting attacks (script insertion)
4. Cross-site scripting attacks (crossing site Scripting, XSS)
5. SQL injection attacks (SQL injection)
6. Cross site request forgery attack
   Forgeries, CSRF)
7. Session hijacking (Sessions hijacking)
8. Session fixed attack (session fixation)
9. HTTP response split Attack (HTTP Response splitting)
10. Document upload Vulnerability (file Upload Attack)
11. Directory traversal Vulnerability (directory traversal)
12. Remote file contains attacks (remotes inclusion)
13. Dynamic function injection Attack (Variable
    Evaluation)
14. URL attack (URL attack)
15. Form submission Spoofing attack (spoofed form
    Submissions)
16. HTTP request Spoofing Attack (spoofed HTTP requests)

- , what is in the framework single one entrance and multiple entrances , advantages and disadvantages of single entry ?

1. Multi-port is the completion of user requests by accessing different files. Single entry only Web applications all requests are directed to a script file.
2. A single portal makes it easier to control permissions, allowing for security checks on HTTP requests.
   Cons: URLs look less beautiful, especially unfriendly to search engines.

- , for relational databases, indexing is a fairly important concept, please answer a few questions about indexing :

a) , what is the purpose of the index?

1. Fast access to specific information in a data table for improved retrieval speed
2. Create a unique index that guarantees the uniqueness of each row of data in a database table.
3. Accelerating the connection between tables and tables
4. When you use group and sort clauses for data retrieval, you can significantly reduce the time to group and sort in a query

b) , Index the Data Library Department Integration of the Negative What is the surface impact?

Negative impact:
It takes time to create indexes and maintain indexes, which increases as the amount of data increases; The index needs to occupy physical space, not only the table needs to occupy the data space, each index also needs to occupy the physical space, when the table is incremented, deleted, changed, the index should be maintained dynamically, which reduces the data maintenance speed.

c) , to be The data table is indexed by the original the What are they?

1. Index the most frequently used fields to narrow the scope of the query.
2. Indexing on frequently used fields that need to be sorted

d) , under what circumstances should an index not be established?

1. It is not appropriate to index columns that are rarely involved in a query or that have more duplicate values.
2. For some special data types, it is not appropriate to set up indexes, such as text fields.

- , briefly on MySQL Data Library in MyISAM and the InnoDB the District Don't

The most important feature that distinguishes it from other databases is its plug-in table storage engine. Remember: The storage engine is table-based, not a database.

The difference between InnoDB and MyISAM:

InnoDB Storage Engine : primarily for OLTP (onlinetransaction processing, online transaction processing) applications, it is the first storage engine that fully supports acid transactions (BDB, the first transaction-enabled storage engine, has stopped developing).

Characteristics:

• Row lock design, support foreign key;
• Support similar to Oracle-style consistent non-lock read (i.e., the read operation does not generate a lock by default);
• InnoDB the data in a logical tablespace, which is managed by the InnoDB itself. Starting with the MySQL4.1 version, each table of the InnoDB storage engine can be stored separately in a separate IBD file;
• InnoDB achieves high concurrency by using MVCC (multiple versioning concurrency control: read does not block write, write, or block read), and implements 4 isolation levels for the SQL standard (default is repeatable level);
• InnoDB also provides high performance and high-availability features such as insert buffer, two write (double write), adaptive hash (Adaptive Hash Index), pre-read (read ahead), etc.
• InnoDB uses aggregation (clustered) to store the data in the table, each of which is stored in the order of the primary key (if you specify a primary key without an explicit build table, InnoDB generates a 6-byte rowid for each row, which is used as the primary key);
• The InnoDB table will have three hidden fields: In addition to the 6 byte db_row_id mentioned above, there are 6 bytes of db_tx_id (transaction ID) and 7 bytes of db_roll_ptr (pointing to the address of the corresponding rollback segment). This can be seen through InnoDB monitor;

MyISAM Storage Engine : MySQL is the official storage engine, mainly for OLAP (onlineanalytical processing, online analytical processing) applications.
Characteristics:

• Transactions are not supported, table and full-text indexes are supported. Fast operation speed;
• The MyISAM Storage engine table consists of myd and myi, MyD used to hold data files and myi to store index files. The MySQL database caches only its index files, and the cache of the data files is given to the operating system itself;
  Starting with the MySQL5.0 version, MyISAM supports 256T of single-table data by default;

- , Solution Interpretation MySQL outside even Access, internal even Connect with self even area to connect to Don't

first, what is cross-linking? : Cross join is also called Cartesian product, which means that all records of one table and all record one by one in another table are matched directly without using any conditions.

An inner join is a conditional cross-join that filters out eligible records based on a condition, and records that do not meet the criteria do not appear in the result set, that is, the inner join connects only the matching rows.
outer joins its result set contains not only rows that meet the join criteria, but also left table, right table, or two tables
Of all the data rows, these three situations are called Left outer joins, right outer joins, and full outer joins in turn.

Left outer join, also known as Left JOIN, left table as Main table, all records in left table will appear in result set, for those records that do not match in right table, still want to display, the field value corresponding to the right is filled with null. Right outer join, also called Right join, right table is main table, all records in right table appear in result set. Left join and right connections are interchangeable, and MySQL currently does not support full-outer connections.

- , write more than three types MySQL Data Library Save Storage name of engine (hint: case insensitive)

MyISAM, InnoDB, BDB (BerkeleyDB), Merge, Memory (Heap), Example, Federated,
Archive, CSV, blackhole, MaxDB, etc. more than 10 engines

in , what is facing the The elephant? What are the main features? What are the major original?

Object-oriented is a design pattern of program, it is advantageous to improve the reusability of program and make the program organization clearer. The main characteristics are: encapsulation, inheritance, polymorphism.
The five basic principles: Single duty principle, open closure principle, substitution principle, dependence principle, interface separation principle.

- , what is static State routing, what is its characteristic ? What is Dynamic routing, what is its characteristic ?

Reference Answer:
A static route is a route that is defined by a routing table that is designed and built by the system administrator. It is applicable to the network where the number of gateways is limited, and the network topology structure does not change frequently. The disadvantage is that the change of network condition cannot be applied dynamically, and the routing table must be modified by network administrator when the network condition changes.
Dynamic routing is dynamically constructed by routing protocols, and routing protocols update the contents of the routing table in real time by exchanging the routing information they own. Dynamic routing can automatically learn the topology of the network and update the routing table. The disadvantage is that the routing broadcast update information will occupy a large amount of network bandwidth.

to , using ever Memcache cache, if used, can simply describe the work of its original Management ? ?

Memcahce is to keep all the data in memory, in the form of a hash table, each data is composed of key and value, each key is unique, when you want to access a value, the first to find the value, and then return the result.
MEMCAHCE uses the LRU algorithm to gradually erase outdated data.

list of popular Ajax frameworks? What does the Ajax Implementation principle mean and what does json do in Ajax ?

The popular Ajax framework has jquery,prototype,dojo,mootools.

Ajax works by specifying that the location of a page can load all the output from another page, thus enabling a static page to retrieve the returned data information in the database. So Ajax technology enables a static Web page to communicate with the server without refreshing the entire page, reducing user latency while reducing network traffic and enhancing the friendliness of the customer experience.
When using Ajax, when it comes to data transfer, the server side and the client use different Footstep languages to process the data from the server to the client, which requires a common data format, XML and JSON are the two most common, and JSON is simpler than XML.

- , MYQL in the matter Services back Roll Mechanism Overview

A transaction is a user-defined sequence of database operations that either does or does not, is an indivisible unit of work, and the transaction rollback refers to the revocation of an update operation to the database that the transaction has completed.

To modify two different tables in the database at the same time, if they are not a transaction, and when the first table is modified, there may be an exception in the second table modification and no modification, and only the second table remains unchanged until the first table has been modified. And when you set them up as a transaction, when the first table is modified and the second table is modified with an exception and not modified, the first and second tables go back to the unmodified state, which is called transaction rollback.

PHP Pen Questions