Summary of the latest PHP classic interview topics (next article)

PHP Junior Classic Interview Topic summary (the previous article)

17, Isset, empty, is_null the difference

Isset determines whether a variable is defined or is empty

  Variable exists return ture, otherwise return false  variable definition does not assign value returns false  unset a variable, return false  variable assignment is null, return False

Empty: Determines whether the value of the variable is empty, is null to convert to False, returns true for NULL, and returns false instead.

    "", 0, "0", Null,false are considered null, returns True    without any property that the object is considered to be empty

Is_null: Detects if the value passed in (value, variable, expression) is null

    Defined, but the assignment is null    defined, but there is no assignment    unset a variable

18, the front-end debugging tools

• Firefox's Firebug

• Chrome's development tools

• Emmet

• JSON Format Validation Tool

19. Simple description of MySQL, index, primary key, unique index, the difference between the Federated index, the performance of the database (from both reading and writing) (Sina Technology Department)

An index is a special kind of file (an index on a InnoDB data table is an integral part of a table space), and they contain reference pointers to all records in the datasheet.
The only task for a normal index (an index defined by the keyword key or index) is to speed up access to the data.
A normal index allows the indexed data column to contain duplicate values. If you can determine that a data column will contain only values that are different from each other, you should define it as a unique index with the keyword unique when creating an index for that data column. In other words, a unique index guarantees the uniqueness of the data record.
A primary key, which is a special unique index that can define only one primary key index in a table, and a primary key that uniquely identifies a record and uses the keyword PRIMARY key to create it.
An index can overwrite multiple data columns, such as index (ColumnA, COLUMNB), which is the federated index.
Indexes can greatly improve the query speed of your data, but it reduces the speed of inserting, deleting, and updating tables, because when you perform these writes, you also manipulate the index files.

20. What are the transactions in the database?

A transaction (transaction) is an ordered set of database operations as a unit. If all operations in the group are successful, the transaction is considered successful and the transaction is unsuccessful even if only one operation fails. If all operations are completed, the transaction commits and its modifications are made to all other database processes. If an operation fails, the transaction is rolled back, and the effect of the firm's operations is canceled. ACID four characteristics, atomicity, isolation, consistency, durability.

21. Understand XSS attacks? How to prevent?

XSS is a cross-site scripting attack, first using a cross-site scripting vulnerability to execute an attacker-constructed script in a privileged mode, and then take advantage of an unsafe ActiveX control to perform malicious behavior.
Use the Htmlspecialchars () function to filter the contents of the submission so that the special symbols inside the string are manifested.

Why is the 22.SQL injection vulnerability generated? How to prevent?

The cause of SQL injection: In the process of program development, we do not pay attention to the specification of writing SQL statements and filtering special characters, which causes the client to submit some SQL statements through the global variables post and get to execute normally.

ways to prevent SQL injection:

1. To open MAGIC_QUOTES_GPC and magic_quotes_runtime settings in a configuration file

2. SQL statement conversion using addslashes when executing SQL statements

3. SQL statement writing try not to omit double and single quotes.

4. Filter out some of the keywords in the SQL statement: UPDATE, INSERT, delete, select, *.

5. To improve the naming techniques of database tables and fields, some important fields are named according to the characteristics of the program, which are not easily guessed.

6. Set register_globals to OFF in PHP configuration file, turn off global variable registration

7. Control error messages, do not print error messages on the browser, and write error messages to the log file.

What are the main ways to attack 23.PHP websites?

1. Command Injection (injection)

2. Eval Injection (eval injection)

3. Client-side scripting attacks (script insertion)

4. Cross-site scripting attacks (crossing site Scripting, XSS)

5. SQL injection attacks (SQL injection)

6. Cross site request forgery attack
   Forgeries, CSRF)

7. Session hijacking (Sessions hijacking)

8. Session fixed attack (session fixation)

9. HTTP response split Attack (HTTP Response splitting)

10. Document upload Vulnerability (file Upload Attack)

11. Directory traversal Vulnerability (directory traversal)

12. Remote file contains attacks (remotes inclusion)

13. Dynamic function injection Attack (Variable
    Evaluation)

14. URL attack (URL attack)

15. Form submission Spoofing attack (spoofed form
    Submissions)

16. HTTP request Spoofing Attack (spoofed HTTP requests)

24. What are the advantages and disadvantages of single entry and multi-entry in the framework?

1. Multi-port is the completion of user requests by accessing different files. Single entry only Web applications all requests are directed to a script file.

2. A single portal makes it easier to control permissions, allowing for security checks on HTTP requests.
   Cons: URLs look less beautiful, especially unfriendly to search engines.

25, for the relational database, index is quite important concept, please answer some questions about the index:

A), what is the purpose of the index?

1. Fast access to specific information in a data table for improved retrieval speed

2. Create a unique index that guarantees the uniqueness of each row of data in a database table.

3. Accelerating the connection between tables and tables

4. When you use group and sort clauses for data retrieval, you can significantly reduce the time to group and sort in a query

b), what is the negative impact of the index on the database system?

Negative impact:
It takes time to create indexes and maintain indexes, which increases as the amount of data increases; The index needs to occupy physical space, not only the table needs to occupy the data space, each index also needs to occupy the physical space, when the table is incremented, deleted, changed, the index should be maintained dynamically, which reduces the data maintenance speed.

c), what are the principles for indexing a data table?

1. Index the most frequently used fields to narrow the scope of the query.

2. Indexing on frequently used fields that need to be sorted

D), under what circumstances should not be indexed?

1. It is not appropriate to index columns that are rarely involved in a query or that have more duplicate values.

2. For some special data types, it is not appropriate to set up indexes, such as text fields.

26. Brief description of the differences between MyISAM and InnoDB in MySQL database

The most important feature that distinguishes it from other databases is its plug-in table storage engine. Remember: The storage engine is table-based, not a database.

The difference between InnoDB and MyISAM:

InnoDB Storage Engine: primarily for OLTP (online Transaction processing, on-line transaction processing) applications, the first fully-supported storage engine for ACID transactions (BDB the first transaction-enabled storage engine, has stopped developing).

Characteristics:

• Row lock design, support foreign key;

• Support similar to Oracle-style consistent non-lock read (i.e., the read operation does not generate a lock by default);

• InnoDB the data in a logical tablespace, which is managed by the InnoDB itself. Starting with the MySQL4.1 version, each table of the InnoDB storage engine can be stored separately in a separate IBD file;

• InnoDB achieves high concurrency by using MVCC (multiple versioning concurrency control: read does not block write, write, or block read), and implements 4 isolation levels for the SQL standard (default is repeatable level);

• InnoDB also provides high performance and high-availability features such as insert buffer, two write (double write), adaptive hash (Adaptive Hash Index), pre-read (read ahead), etc.

• InnoDB uses aggregation (clustered) to store the data in the table, each of which is stored in the order of the primary key (if you specify a primary key without an explicit build table, InnoDB generates a 6-byte rowid for each row, which is used as the primary key);

• The InnoDB table will have three hidden fields: In addition to the 6 byte db_row_id mentioned above, there are 6 bytes of db_tx_id (transaction ID) and 7 bytes of db_roll_ptr (pointing to the address of the corresponding rollback segment). This can be seen through InnoDB monitor;

MyISAM Storage Engine: MySQL is the official storage engine, mainly for OLAP (online analytical processing, on-line Analytical Processing) aspects of the application.
Characteristics:

• Transactions are not supported, table and full-text indexes are supported. Fast operation speed;

• The MyISAM Storage engine table consists of myd and myi, MyD used to hold data files and myi to store index files. The MySQL database caches only its index files, and the cache of the data files is given to the operating system itself;
  Starting with the MySQL5.0 version, MyISAM supports 256T of single-table data by default;

27. Explain the difference between MySQL external connection, inner connection and self-connection

The first thing to say is cross -linking: A cross join is also called a Cartesian product, which means that all records of one table and all records in another table are directly matched without using any conditions. One by one

An inner join is a conditional cross-join that filters out eligible records based on a condition, and records that do not meet the criteria do not appear in the result set, that is, the inner join connects only the matching rows.
outer joins its result set contains not only rows that meet the join criteria, but also left table, right table, or two tables
Of all the data rows, these three situations are called Left outer joins, right outer joins, and full outer joins in turn.

Left outer join, also known as Left JOIN, left table as Main table, all records in left table will appear in result set, for those records that do not match in right table, still want to display, the field value corresponding to the right is filled with null. Right outer join, also called Right join, right table is main table, all records in right table appear in result set. Left join and right connections are interchangeable, and MySQL currently does not support full-outer connections.

28, write out three kinds of MySQL database storage engine name (hint: case-insensitive)

MyISAM, InnoDB, BDB (BerkeleyDB), Merge, Memory (Heap), Example, Federated,
Archive, CSV, blackhole, MaxDB, etc. more than 10 engines

29. What is object-oriented? What are the main features? What are the major principles?

Object-oriented is a design pattern of program, it is advantageous to improve the reusability of program and make the program organization clearer. The main characteristics are: encapsulation, inheritance, polymorphism.
The five basic principles: Single duty principle, open closure principle, substitution principle, dependence principle, interface separation principle.

30, what is the static route, what is its characteristic? What is dynamic routing and what is its characteristic?

Reference Answer:
A static route is a route that is defined by a routing table that is designed and built by the system administrator. It is applicable to the network where the number of gateways is limited, and the network topology structure does not change frequently. The disadvantage is that the change of network condition cannot be applied dynamically, and the routing table must be modified by network administrator when the network condition changes.
Dynamic routing is dynamically constructed by routing protocols, and routing protocols update the contents of the routing table in real time by exchanging the routing information they own. Dynamic routing can automatically learn the topology of the network and update the routing table. The disadvantage is that the routing broadcast update information will occupy a large amount of network bandwidth.

31, used Memcache cache, if used, can simply describe how it works?

Memcahce is to keep all the data in memory, in the form of a hash table, each data is composed of key and value, each key is unique, when you want to access a value, the first to find the value, and then return the result.
MEMCAHCE uses the LRU algorithm to gradually erase outdated data.

32. List the popular Ajax frameworks? Explains what the Ajax implementation principle is and what does JSON do in Ajax?

The popular Ajax framework has jquery,prototype,dojo,mootools.

Ajax works by specifying that the location of a page can load all the output from another page, thus enabling a static page to retrieve the returned data information in the database. So Ajax technology enables a static Web page to communicate with the server without refreshing the entire page, reducing user latency while reducing network traffic and enhancing the friendliness of the customer experience.
When using Ajax, when it comes to data transfer, the server side and the client use different Footstep languages to process the data from the server to the client, which requires a common data format, XML and JSON are the two most common, and JSON is simpler than XML.

33. Overview of transaction rollback mechanisms in MYQL

A transaction is a user-defined sequence of database operations that either does or does not, is an indivisible unit of work, and the transaction rollback refers to the revocation of an update operation to the database that the transaction has completed.

To modify two different tables in the database at the same time, if they are not a transaction, and when the first table is modified, there may be an exception in the second table modification and no modification, and only the second table remains unchanged until the first table has been modified. And when you set them up as a transaction, when the first table is modified and the second table is modified with an exception and not modified, the first and second tables go back to the unmodified state, which is called transaction rollback.