Skip to main content

Questions for mid-level PHP developer candidates


I often get CV's from developers applying for positions. Some colleges give people a certificate without really giving the candidate any problem solving skills or real understanding of theory. Here are some standard questions that I ask candidates to complete with pen and paper without access to Google. They cover basic OOP theory, logic, basic PHP syntax, and try to get some idea of the candidates passion for learning.

In the rare occasion that a candidate actually bothers to investigate the company and finds my blog they will naturally be expected to do well on this quiz.  I guess that's bonus marks for being prepared :p

PHP quiz
========

1)  Explain what SQL injection is and give TWO ways to combat it
2)  If you type hint an interface name in a function argument what sort of variables can you pass?
3)  What is an abstract class?
4)  How would you call the construct method of a parent class inside 
a child of that class?
5)  Given two variables $a and $b which contain integer numbers.  
Swap the values of $a and $b without declaring a third variable and using 
only the mathematical functions +,*,-,/
6)  Define a class called House that has an owner property and a method 
called sell that accepts a string parameter which changes the owner
7)  Explain call by value and call by reference.  Which method does PHP5 
use when passing primitive variable types and objects?
8)  What does AJAX stand for?  Write a jQuery AJAX call to 'weather.php' 
which updates the contents of with the results from that file
9)  What is the safest PHP function to use to filter output to prevent XSS?
10) What is the difference between GET and POST?
11) What is your approach to unit and integration testing?
12) What are traits used for and how would you include one in your class?
13) What design patterns are you familiar with?  What do you think about 
the use of the Singleton pattern in PHP?
14) Write a program to roll two six-sided dice 10,000 times.  Sum the two
values on each roll.  At the end of the program run output the average sum 
of all the rolls.
15) What is the value of $a if $a = ( '42' === 42 ) ? 'answer one' : 'answer two';

Feel free to use any or all of these questions if you like them.  They're awkwardly formatted on the blog because of the template I'm using.  I have shared a raw copy on Google Docs.

I have seen question number 5 done in a single line by the way (usually it takes three).

Comments

  1. good help but i have never worked with php on any project yet seem to know\meet almost every question. Does it mean that i can be middle php programmer? :D

    also, if not too hard, could you explain what should junior php developer know? what should middle php developer know? I am largely confused about this. hope you read this...

    ReplyDelete
    Replies
    1. I didn't focus on syntax questions because Google and php.net are available while you code. Also you get taught this stuff in college and I've found that some people I interview who have done a college course in PHP don't really know how to program even if they do know basic syntax.

      I don't think many PHP developers will claim to know the syntax of every single command. In my opinion it's more important that you show general programming ability rather than specific syntax knowledge. When judging the answers provided it should be clear whether the person actually knows PHP as a language and will be proficient enough to code in it.

      If you know the answers to the questions then I'm guessing you're already a programmer in another language. Syntactically PHP is similar to C and so if you know any of the C type languages you'll pick PHP up quite quickly. Translating your existing programming knowledge to PHP should be a question of answering the question "how do I do this in PHP" because you've already answered the question of "how do I do this".

      There are of course a number of best practices and important security considerations that you have to know before coding in PHP. I would argue that if a mid-level developer knows both ways of securing a SQL statement then you can verbally go through some of the other issues ( CSRF, XSS, and other attack vectors ) to make sure they won't code sloppily.

      Programming languages are just tools and not every tool is best for every job. If you already know a couple of languages then adding PHP for web development won't be a stretch for you.

      For me the difference between a junior developer and a mid-level developer is their ability to problem-solve or debug. Mid-level PHP developers will of course be more familiar with PHP and its syntax but I expect them to be more proficient in their ability to analyze and solve problems.

      Delete

Post a Comment

Popular posts from this blog

Separating business logic from persistence layer in Laravel

There are several reasons to separate business logic from your persistence layer.  Perhaps the biggest advantage is that the parts of your application which are unique are not coupled to how data are persisted.  This makes the code easier to port and maintain. I'm going to use Doctrine to replace the Eloquent ORM in Laravel.  A thorough comparison of the patterns is available  here . By using Doctrine I am also hoping to mitigate the risk of a major version upgrade on the underlying framework.  It can be expected for the ORM to change between major versions of a framework and upgrading to a new release can be quite costly. Another advantage to this approach is to limit the access that objects have to the database.  Unless a developer is aware of the business rules in place on an Eloquent model there is a chance they will mistakenly ignore them by calling the ActiveRecord save method directly. I'm not implementing the repository pattern in all its ...

Using Azure Active directory as an OAuth2 provider for Django

Azure Active Directory is a great product and is invaluable in the enterprise space. In this article we'll be setting it up to provide tokens for the OAuth2 client credentials grant. This authorization flow is useful when you want to authorize server-to-server communication that might not be on behalf of a user. This diagram, by Microsoft, shows the client credentials grant flow. From Microsoft documentation  The flow goes like this: The client sends a request to Azure AD for a token Azure AD verifies the attached authentication information and issues an access token The client calls the API with the access token. The API server is able to verify the validity of the token and therefore the identity of the client. The API responds to the client Setting up Azure AD as an OAuth2 identity provider The first step is to create applications in your AD for both your API server and the client. You can find step-by-step instructions on how to register the applications o...

"Word of the Day" PHP script (with word list)

I was looking around for a way to generate a word of the day on the web and didn't find anything. So I coded a quick and dirty script to do it. Just in case anybody does a Google search and manages to find my blog: here is my Word of the Day PHP script : Copy this code snippet into a wordoftheday.php file: $file = fopen("interesting_words.txt","r"); $raw_string = fread($file,filesize("interesting_words.txt")); fclose($file); $words_array = explode("|",$raw_string); echo $words_array[array_rand($words_array)]; Of course the real issue I had was finding a list of interesting words in the right format. Here is the list of interesting words that I used: Copy this into a file called interesting_words.txt : ubiquitous : being or seeming to be everywhere at the same time; omnipresent| ecdysiast : a striptease artist| eleemosynary : of, relating to, or dependent on charity| gregious : c...