Features

Question 1

How can you use PHP to send an “Authentication Required” box to the browser?

Answer 1

Use the header() function. The username, password, and authentication type will be placed in PHP_AUTH_USER, PHP_AUTH_PW, and AUTH_TYPE, in the $_SERVER AND $HTTP_SERVER_VARS arrays. Both basic and digest authentication methods are supported.

Question 2

When using PHP to do browser-based authentication, what do you need to do to guarantee maximum compatibility?

Answer 2

The keyword “Basic” should be written with an uppercase “B”, the realm string must be enclosed in double quotes (not single), and exactly one space should precede the 401 code in the HTTP/1.0 401 header line. For buggy IE browsers, send the WWW-Authenticate header before the HTTP/4.01 header.

Question 3

How does PHP determine if external authentication is in effect?

Answer 3

It uses the presence of the AuthType directive.

Question 4

How can you set cookies?

Answer 4

With setcookie() or setrawcookie().

Question 5

When must setcookie() be called?

Answer 5

Before any output is sent to the browser (the same limitation that header() has). You can use the output buffering functions to delay the script output until you have decided whether or not to set any cookies or send any headers.

Question 6

Where are client cookies placed?

Answer 6

They are automatically included into a $_COOKIE auto-global array if variables_order contains “C”.

Question 7

How can you assign multiple values to a single cookie?

Answer 7

Just add [] to the cookie name.

Question 8

What are XForms?

Answer 8

They’re a variation on traditional webforms which allow them to be used on a wider variety of platforms. The form details are sent as XML formatted data.

Question 9

With XForms, where is the browser-generated XML document stored?

Answer 9

$HTTP_RAW_POST_DATA

Question 10

When using XForms, how can you get your data loaded into the traditional $_POST variable?

Answer 10

Instruct the client browser to send it as application/x-www-form-urlencoded by changing the method attribute to urlencoded-post.

Question 11

From what can PHP receive file uploads?

Answer 11

Any RFC-1867 compliant browser.

Question 12

In a form, where can the MAX_FILE_SIZE hidden field be placed?

Answer 12

It must precede the file input field.

Question 13

How reliable is the MAX_FILE_SIZE field?

Answer 13

Not at all. It’s simply a convenience feature to notify the user prior to attempting to transfer a large file. It’s easy to fool on the browser side.

Question 14

What attribute do you need in a form for uploading files?

Answer 14

enctype=”multipart/form-data”

Question 15

Where are uploaded files placed?

Answer 15

In the server’s default temporary directory, unless another location has been given with the upload_tmp_dir directive in php.ini.

Question 16

Can you set upload_tmp_dir with putenv()?

Answer 16

No; it won’t work.

Question 17

If no file is selected for upload in your form, what will PHP return?

Answer 17

$_FILES[‘userfile’][‘size’] as 0, and $_FILES[‘userfile’][‘tmp_name’] as none.

Question 18

When is an uploaded file deleted from the temporary directory?

Answer 18

At the end of the request, if it has not been moved away or renamed.

Question 19

Where are file upload errors found?

Answer 19

$_FILES[‘userfile’][‘error’]

Question 20

What is the limit on MAX_FILE_SIZE?

Answer 20

It cannot specify a file size greater than the file size that has been set in the upload_max_filesize directive in php.ini. The default is 2 megabytes. memory_limit must also be set large enough, as well as max_execution_time, post_max_size, and max_file_uploads.

Question 21

What does max_execution_time affect?

Answer 21

Only the execution time of the script itself. Any time spent on activity that happens outside the execution of the script such as system calls using system(), the sleep() function, database queries, time taken by the file upload process, etc. is not included.

Question 22

What types of files may not be handled properly?

Answer 22

Files with exotic names (like those containing spaces).

Question 23

Can you mix normal input fields and file upload fields in the same form variable?

Answer 23

No.

Question 24

Can multiple files be uploaded simultaneously?

Answer 24

Yes. Just use the same array submission syntax in the HTML form as you do with multiple selects and checkboxes.

Question 25

How do you use the PUT method for uploading files?

Answer 25

First tell your webserver that you want a certain PHP script to handle the request (in Apache you do this with the Script directive).

Question 26

What do you need to do to be able to use HTTP and FTP urls with most of the functions that take a filename as a parameter?

Answer 26

Enable allow_furl_open in php.ini.

Question 27

Can you use urls with include, include_once, require, and require_once?

Answer 27

Yes.

Question 28

Can you overwrite an existing file on an FTP server with fopen?

Answer 28

No, but you can create new files.

Question 29

How do connect to FTP as a user other than anonymous?

Answer 29

You need to specify the username and password within the url (same syntax as for accessing files via HTTP when they require basic authentication).

Question 30

What are the 4 possible internal connection statuses in PHP?

Answer 30

0 - NORMAL
1 - ABORTED
2 - TIMEOUT
3 - ABORTED AND TIMEOUT

Question 31

When is the TIMEOUT state flag turned on?

Answer 31

When the PHP imposed time limit is hit.

Question 32

What is the default behavior for when a remote client disconnects from a PHP script?

Answer 32

The script enters ABORTED state. This behavior can be adjusted via the ignore_user_abort php.ini directive, or the ignore_user_abort Apache httpd.conf directive, or with the ignore_user_abort() function.

Question 33

What is the connection_aborted function?

Answer 33

It returns TRUE when a connection is aborted.

Question 34

What is the default timeout?

Answer 34

30 seconds. It can be changed using the max_execution_time php.ini directive, the max_execution Apache httpd.conf directive, or the set_time_limit() function.

Question 35

How can you check to see if a timeout caused a shutdown, within a shutdown function?

Answer 35

connection_status() will return a 2 if a timeout caused the shutdown function to be called.

Question 36

Can both the ABORTED and TIMEOUT states be active at the same time?

Answer 36

Yes. This is possible if you tell PHP to ignore user aborts.

Question 37

What are persistent database connections?

Answer 37

Database connections that don’t close when the execution of your script ends.

Question 38

Does PHP re-use persistent connections?

Answer 38

Yes. When a persistent connection is requested, PHP checks if there’s already an identical persistent connection, and if it exists, PHP uses it.

Question 39

What constitutes an “identical” PHP database connection?

Answer 39

• opened on the same host
• same username
• same password

Question 40

What are the three ways in which your web server can utilize PHP to generate web pages?

Answer 40

1. CGI wrapper. Run like this, an instance of the PHP interpreter is created and destroyed for every page request. So, persistent connections aren’t possible.
2. Apache module. Persistent connections work here.
3. Plugin for multithreaded web server. Persistent connections work here.

Question 41

What are persistent connections good for?

Answer 41

Efficiency. Reduced overhead when creating a link to the SQL server. If connection overhead is high, persistent connections help significantly.

Question 42

What are two caveats to keep in mind when using persistent connections?

Answer 42

1. When using table locking on a persistent connection, if the script cannot release the lock, subsequent scripts using the same connection will block indefinitely.
2. When using transactions, a transaction block will also carry over to the next script which uses that connection if script execution ends before the transaction block does.

You can use register_shutdown_function() to register a simple cleanup function to unlock your tables or roll back your transactions.