PHP-MySQL Interview Questions – 2

Q:81 What is ‘float’ property in CSS?
A:81 The float property sets where an image or a text will appear in another element.
Q:82 What is descendant structure in CSS?
A:82 Descendant selectors are used to select elements that are descendants of another element in the document tree.For example, you may wish to target a specific <em> element on the page, but not all <em> elements. A sample document could contain the following code: <body>
<h1>Heading <em>here</em> </h1>
<p>Lorem ipsum dolor <em>sit</em> amet.</p>
The document tree diagram (with the <em> element to be targeted) would be:Document tree showing descendant selectorsIf you use a type selector like the example below, you will select all <em> elements on the page:

em {color: blue; } However, if you use a descendant selector, you can refine the <em> elements that you select. The rule below will only select <em> elements that are descendants of <p> elements. If this rule is applied, the <em> element within the <h1> will not be colored blue.

p em {color: blue; } You can also jump levels in the document tree structure to select descendants. For example, the following code:

<p>Lorem ipsum dolor <em>sit</em> amet.</p>
<li>item 1</li>
<li>item 2</li>
<li><em>item 3</em></li>
The document tree (with a third-level <em> element highlighted) would be:

Document tree showing descendant selectors

Using the following rule you can isolate any <em> element inside a <ul> element, without having to describe the <li> element. If this rule is applied, any <em> element within a <ul> element will be colored blue. However, the <em> element within the <p> will not be colored blue:

ul em {color: blue; } Descendant selectors are well supported across standards-compliant browsers.

Q:83 What is Child Descendant structure in CSS?

Child selectors

A child selector is used to select an element that is a direct child of another element (parent). Child selectors will not select all descendants, only direct children.

For example, you may wish to target an <em> that is a direct child of a <div>, but not other <em> elements that are descendants of the <div>. A sample document could contain the following code:

<h1>Heading <em>text</em></h1>
This is some <em>text</em>
<p>This is a paragraph of <em>text</em></p>
The document tree (highlighting the <em> that is a child of the <div>) would be:

Document tree showing child selector

Using the following rule you can target any <em> element that is a child of the <div>. Other <em> elements that are descendants but not direct children of the <div> will not be targeted.

div > em { color: blue; }


div>em { color: blue; }
Child selectors are not supported by Windows Internet Explorer 5, 5.5 and 6, but are supported by most other standards-compliant browsers.

Q:84 How to create a class in JavaScript?
A:84 Classes can seem off-putting at first, but once you see the point of them, their use can be invaluable.We have already met objects. A computer object is a representation of a real object. For an estate agent the object may be a house, including information about the number of rooms and the price.An estate agent may have a lot of houses available. These houses all have different characteristics, and as objects they all go through the same processes. They are viewed, surveyed and bought, and so on.A full estate agent program would be difficult to demonstrate here, but we can introduce the use of classes.In this example, we have the house class. The house class produces house objects, all with object properties, such as number of rooms and price, and all having access to the same methods, such as sold and bought.

So a class can create objects with a group of properties and methods.

JavaScript doesn’t have a keyword specific to class, so we must go back to basics and develop classes in a different way. This isn’t very difficult.

Class Properties

Let us examine a very small estate agent program.

<TITLE>Estate Agent</TITLE>
function House(rooms,price,garage) {
house1=new House(4,100000,false);
house2=new House(5,200000,true);
with (house1) document.write(‘House 1 has ‘+rooms+’ rooms, ‘+(garage?’a’:’no’)+’ garage, and costs £’+price+'<BR>’);
with (house2) document.write(‘House 2 has ‘+rooms+’ rooms, ‘+(garage?’a’:’no’)+’ garage, and costs £’+price+'<BR>’);

We define a House function that takes three parameters, rooms, price and garage. The function uses the this keyword to create an object.

When we call the House function, we assign the result to our variable, which becomes an object.

So, identical code would be:

house1=new Object();

We would have to type this in for all houses, which would be very tedious and is why we use the class structure instead.

When we display the details for a house, I have introduced the ternary operator, ‘?:’. The ternary operator is a compacted version of:

if (garage) str=’a’; else str=’no’;

(garage?’a’:’no’) means if garage is true, return ‘a’ else return ‘no’. Using the ternary operator removes a line of code, and avoids having to create a new variable.

Class Methods

The House class we have so far defined only contains object properties. We could add a method to replace the document.write() action we used before. (See example)

<TITLE>Estate Agent 2</TITLE>
function House(name,rooms,price,garage) {;
function view() {
with (this) document.write(name+’ has ‘+rooms+’ rooms, ‘+(garage?’a’:’no’)+’ garage, and costs £’+price+'<BR>’);
house1=new House(‘House 1’,4,100000,false);
house2=new House(‘Big House’,5,200000,true);

Much better!

Note how we must add another property, name, so that we can identify the house in question. This offers more flexibility than re-using the variable name, and the variable name is inaccessible anyway, i.e. it is very difficult, if not impossible, to get the view() function to use the string ‘house1’.

Q:85 Are namespaces are there in JavaScript?
A:81 A namespace is a container and allows you to bundle up all your functionality using a unique name. In JavaScript, a namespace is really just an object that you’ve attached all further methods, properties and objects. But it is not always necessary to use namespace.
Q:86 What is JSON? What are the notations used in JSON?
A:86 JSON (JavaScript Object Notation) is a lightweight data-interchange format. It is easy for humans to read and write. It is easy for machines to parse and generate. It is based on a subset of the JavaScript Programming Language, Standard ECMA-262 3rd Edition – December 1999. JSON is a text format that is completely language independent but uses conventions that are familiar to programmers of the C-family of languages, including C, C++, C#, Java, JavaScript, Perl, Python, and many others. These properties make JSON an ideal data-interchange language.
Q:87 How to get Query String in PHP for http request?
A:87 $_GET[] and $_REQUEST[]
Q:88 How to get the http Request in PHP?
A:88 When PHP is used on a Web server to handle a HTTP request, it converts information submitted in the HTTP request as predefined variables:

  • $_GET – Associate array of variables submitted with GET method.
  • $_POST – Associate array of variables submitted with POST method.
  • $_COOKIE – Associate array of variables submitted as cookies.
  • $_REQUEST – Associate array of variables from $_GET, $_POST, and $_COOKIE.
  • $_SERVER – Associate array of all information from the server and the HTTP request.
Q:89 How you provide security for PHP application?
A:89 There are many ways to accomplish the security tasks but the most common 7 ways are1. Validate Input. Never trust your user and always filter input before taking it to any operation.2. Provide access control.3. Session ID protection4. preventing Cross Site Scripting (XSS) flaws

5. SQL injection vulnerabilities.

6. Turning off error reporting and exposing to the site for hackers. Instead use log file to catch exceptions

7. Effective Data handling

Q:90 What is SQL Injection in PHP security?
A:90 SQL injection attacks are extremely simple to defend against, but many applications are still vulnerable. Consider the following SQL statement:

$sql = "INSERT
        INTO   users (reg_username,
        VALUES ('{$_POST['reg_username']}',

This query is constructed with $_POST, which should immediately look suspicious.

Assume that this query is creating a new account. The user provides a desired username and an email address. The registration application generates a temporary password and emails it to the user to verify the email address. Imagine that the user enters the following as a username:

bad_guy', 'mypass', ''), ('good_guy

This certainly doesn’t look like a valid username, but with no data filtering in place, the application can’t tell. If a valid email address is given (, for example), and 1234 is what the application generates for the password, the SQL statement becomes the following:


$sql = "INSERT
        INTO   users (reg_username,
        VALUES ('bad_guy', 'mypass', ''), 
                '')"; ?>

Rather than the intended action of creating a single account (good_guy) with a valid email address, the application has been tricked into creating two accounts, and the user supplied every detail of the bad_guy account.

While this particular example might not seem so harmful, it should be clear that worse things could happen once an attacker can make modifications to your SQL statements.

For example, depending on the database you are using, it might be possible to send multiple queries to the database server in a single call. Thus, a user can potentially terminate the existing query with a semicolon and follow this with a query of the user’s choosing.

MySQL, until recently, does not allow multiple queries, so this particular risk is mitigated. Newer versions of MySQL allow multiple queries, but the corresponding PHP extension (ext/mysqli) requires that you use a separate function if you want to send multiple queries (mysqli_multi_query() instead of mysqli_query()). Only allowing a single query is safer, because it limits what an attacker can potentially do.

Protecting against SQL injection is easy:

  • Filter your data.This cannot be overstressed. With good data filtering in place, most security concerns are mitigated, and some are practically eliminated.
  • Quote your data.If your database allows it (MySQL does), put single quotes around all values in your SQL statements, regardless of the data type.
  • Escape your data.Sometimes valid data can unintentionally interfere with the format of the SQL statement itself. Use mysql_escape_string() or an escaping function native to your particular database. If there isn’t a specific one, addslashes() is a good last resort.
Q:91 What is cross site Scripting?
A:91 To understand what Cross Site Scripting is, let’s see a usual situation, common to many sites. Let’s say we are taking some information passed in on a querystring (the string after the (?) character within a URL), with the purpose of displaying the content of a variable, for example, the visitor’s name:
As we can see in this simple querystring, we are passing the visitor’s name as a parameter in the URL, and then displaying it on our “welcomepage.php” page with the following PHP code:


echo ‘Welcome to our site ’ . stripslashes($_GET[‘name’]);

The result of this snippet is shown below:

Welcome to our site John
This is pretty simple and straightforward. We’re displaying the content of the “name” variable, by using the $_GET superglobal PHP array, as we have done probably hundreds of times. Everything seems to be fine. Now, what’s wrong with this code? Nothing really. But let’s modify the querystring by replacing our visitor’s name passed in the URL:

with something like this:
<script language=javascript>alert
(‘Hey, you are going to be hijacked!’);</script>

Do you remember the PHP code included in our “welcome.php” page? Yes, you’re correct. When we modify the querystring, the following code is executed:


echo ‘Welcome to our site ‘ .
<script language=javascript> alert(‘Hey, you are going
to be hijacked!’);</script>

The output of this code is an alert JavaScript box telling you “Hey, you are going be hijacked!” after the “Welcome to our site” phrase.

Very ugly stuff, right? That’s a simple example of the Cross Site Scripting vulnerability. This means that any pasted JavaScript code into the URL will be executed happily with no complaints at all.

Q:92 Which method do you follow to get a record from a million records? (Searching, …. not from database, from an array in php)
A:92 use array_search(), array_keys(), array_values(), array_key_exists(), and in_array().
Q:93 Which sorting method is lowest time consumable?
A:93 HeapSort, Merge sort are the lowest time consumable sorting algorithm.
Q:94 Which sorting method is lowest memory consumable?

78 thoughts on “PHP-MySQL Interview Questions – 2

  1. Kenan KARA says:

    Hi there,

    i’m happy to meet you with this perfect paper,
    i try to translate these mysql tips to my own site

    mysql and php are the most popular development scripting language and db so that these papers are popular in my country, too.


    Kenan KARA

  2. shipra dhadwal says:

    hi ,
    this information is fabulous.its very excellent for interviewers who seek help in such kind of questions.u did agreat job to provide such help.these are the most common n popular question which are asked in interviews.also these ans n ques clear the confusions.

    Thanks and Regards
    Shipra Dhadwal

  3. naveen says:

    How can we print selected portion of text from html page ?more details about printing information from HTML pages pls?

  4. Zainul Abdin says:

    Mizan bhai
    I am very nuch pleased toview ur profile …
    How many ways we can redirect from one page to another page in php..I know the one by header(Location:filename);
    what are the other ways..

    Pls reply soon…

  5. Pravin says:

    There is some problem in the site… The right side characters are not visible. Some characters from right side is truncated on each line…

    Please check it.

  6. sameena says:

    hai Mizan

    ur idea was very good It will be more helpful for those people who are attending the interviews.

    ur interview questions was almost exactly same which most companies ask in written test exams.

  7. Nitin Pande says:

    Hello! there
    You did a fantastic job. You almost made my day!
    Now that i have all these questions, i can easily prepare for my interviews as well as practically perform everything in php.
    Thanks a lot for this stuff…

  8. vinod says:

    hey freind
    thanks its really help full to get the job in reputed company mainly every where every inteviewer ask these type of question thx for helping very one.
    vinod kumar

  9. Nani says:

    These questions are very useful to from freshers to experienced persons.
    thank to every one who provides all these information.

    From U r Nani(praveen)

  10. Ravi says:


    Thanks for the superb work.

    It really help us to clear up the things 🙂

    Keep it up and let me know if you required any help from me. I am a PHP and Joomla Developer.


  11. pattrick pollid says:

    The right side characters are not visible. Some characters from right side is truncated on each line…

    Please check it.

  12. hemali says:


    This is realy useful information and i like this information.

    i hope your information is useful to my interview.

    Keep it continue………….

  13. tasneem says:

    i read all 94 questions and find lots of knowledge. thanks.

    i am the beginner in php still studying php so it will be quite helpful to me .
    i hope you will provide the useful knowledge of php more and more .


  14. ganesh babu says:

    thank u sir,i have one year exp in php,then i am searching job in php,please post LAMP questions and answers and cake php..

  15. Ashok says:

    I really thank you to post this questions and i hope this questions will help full to beginners ….
    Keep on continue

  16. afreen says:

    Assalamo alaykum,……
    I m going to attend my first interview. I have too much intrest in php but unfortunately i dont’t have anyone to guide me regarding i dont have any practical experience in php… can u plz help me to learn php as well….

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s