ZCE Sample questions

18 Jan

1. Which of the following functions will sort an array in ascending order by value, while preserving key associations?

asort()

usort()

krsort()

ksort()

sort()

2. A fingerprint of a string can be determined using which of the following?

md5()

hash()

fingerprint()

None of the above

3. Consider the following XML document

<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE html
 PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
  <title>XML Example</title>
 </head>
 <body>
  <p>
   Moved to <<a href="http://example.org/">http://www.example.org/</a>.>
   <br>
  </p>
 </body>
</html>

What is wrong with this document, and how can it be corrected?

The document is completely valid

All special XML characters must be represented as entities within the content of a node

All tags must be closed

You cannot specify a namespace for the attribute

The DOCTYPE declaration is malformed

<?php
$a = array(
  1 => 'red',
  'green',
  'blue',
  'purple' => array(
    'house' => 'dog',
    'food' => 'meal',
    'here' => 'gone',
    'hello' => array(
      5 => 'goodbye',
      8 => 'something',
      'correct')));
?>

Which of the following print statements will output the string “correct”?

print $a[‘purple][4][3];

print $a[‘purple’][‘hello’][9];

print $a[2][4][3];

print $a[2][4][9];

print $a[4][‘hello’][9];

5. If you would like to store your session in the database, you would do which of the following?

It requires a custom PHP extension to change the session handler

Implement the session_set_save_handler() function

Create functions for each session handling step and use session_set_save_handler() to override PHP’s internal settings

Configure the session.save_handler INI directive to your session class

6. Consider the following PHP script:

get_socket($host1, $port1),
‘data’ => str_pad(“”, 500000, “A”));
$write_map[] = array(‘fr’ => get_socket($host2, $port2),
‘data’ => str_pad(“”, 500000, “B”));
$write_map[] = array(‘fr’ => get_socket($host3, $port3),
‘data’ => str_pad(“”, 500000, “C”));

do {
$write_sockets = array();

foreach($write_map as $data) {
$write_sockets[] = $data[‘fr’];
}

$num_returned = stream_select($r = null, $write_sockets, $e = null, 30);

if($num_returned) {
foreach($write_sockets as $fr) {
foreach($write_map as $index => $data) {
if($data[‘fr’] === $fr) {
$len = fwrite($fr, $data[‘buf’]);

if($len) {
$data[‘buf’] = substr($data[‘buf’], $len);

if(empty($data[‘buf’])) {
fclose($data[‘fr’]);

unset($write_map[$index]);
}
}
}
}
}
}
} while(??????????);
?>

What should go in the ??????? above for this script to function properly?

Answer…
$num_returned > 0
$len > 0
!empty($data[‘buf’])
count($write_sockets)
count($write_map)

7. Using flock() to lock a stream is only assured to work under what circumstances?

Answer…
When running in a Linux environment local filesystem
When accessing the stream of the local filesystem
When running in a Windows environment and accessing a share
When accessing a bi-directional stream
When accessing a read-only stream

8. Which PCRE regular expression will match the string PhP5-rocks?

Answer…
/^[hp1-5]*\-.*/i
/[hp1-5]*\-.?/
/[hp][1-5]*\-.*/
/[PhP]{3}[1-5]{2,3}\-.*$/
/[a-z1-5\-]*/

9. The ______ keyword is used to indicate an incomplete class or method, which must be further extended and/or implemented in order to be used.

Answer…

	final
	protected
	incomplete
	abstract
	implements

10. What is the output of?

function apple($apples = 4)
{
  $apples = $apples / 2;
  return $apples;
}
$apples = 10;
apple($apples);
echo $apples;

Answer...

	2
	4
	5
	10

11 . Which of the following is the best way to split a string on the “-=-” pattern?

Answer…

	They all are equally proper methods
	str_split($string, strpos($string, “-=-“))
	preg_split(“-=-“, $string);
	explode(“-=-” $string);

12. Consider the following PHP script fragment:

createElement(‘title’);

$node = ????????

$title->appendChild($node);
$head->appendChild($title);

What should ??????? be replaced with to add a node with the value of Hello, World!

Answer…
$dom->createTextNode(“Hello, World”);
$dom->appendElement($title, “text”, “Hello, world!”);
$dom->appendTextNode($title, “Hello, World!”);
$dom->createElement(‘text’, “Hello, World”);
None of the above

13. Implementing your own PDO class requires which steps from the list below?

Answers: (choose 3)
Extending the PDOStatement Class
Set the PDO::ATTR_STATEMENT_CLASS parameter
Call the PDO::setStatementClass() method
Extend the PDO class
Set the PDO::ATTR_USE_CLASS paramater

14. Which from the following list is not an approrpiate use of an array?

Answers: (choose 1)
As a list
All of these uses are valid
As a Lookup Table
A Stack
As a hash table
15. What variable reference would go in the spots indcated by ????? in the code segment below?

Answer…
$msg{$i}
ord($msg);
chr($msg);
substr($msg, $i, 2);

16. When is it acceptable to store sensitive information in an HTTP cookie?

Answer…
Only under extremely controlled situations
When the cookie is sent over a secure HTTP request
When it is encrypted
It is always acceptable

17. Consider the following PHP string representing an SQL statement:

$query = “UPDATE users SET password=’$password’ WHERE username=’$username'”;

Which of the following values for $username or $password would change the behavior of this query when executed?

Answer…
None of the above
$username = “foobar\’ WHERE username=’admin'”;
$password = “foobar’ WHERE username=’admin’ –:”;
$username = “foobar\’ WHERE username=’admin'”;
$password = “\”foobar\” WHERE username=\”admin\””;

18. When attempting to prevent a cross-site scripting attack, which of the following is most important?

Answer…
Not writing Javascript on the fly using PHP
Filtering Output used in form data
Filtering Output used in database transactions
Writing careful Javascript
Filtering all input

19. In a situation where you want one and only one instance of a particular object, the ________ design pattern should be used.

20. Which of the following list of potential data sources should be considered trusted?

Answers: (choose 1)
None of the above
$_ENV
$_GET
$_COOKIE
$_SERVER

21. Which of the following php.ini directives should be disabled to improve the outward security of your application?

Answers: (choose 4)
safe_mode
magic_quotes_gpc
register_globals
display_errors
allow_url_fopen

22. The _______ method will be called automatically when an object is represented as a string.

Answer…
getString()
__get()
__value()
__toString()
__getString()

23. Which functions would be needed to translate the following string:

I love PHP 5

to the following?

5 PHP EVOL I

Answers: (choose 2)
mirror()
strtoupper()
toupper()
str_reverse()
strrev()

24. When embedding PHP into XML documents, what must you ensure is true in order for things to function properly?

Answer…
Disabling of the short_tags PHP.ini directive
Enabling the asp_tags PHP.ini directive
That you have XPath support enabled in PHP 5
That your XML documents are well-formed
None of the above, PHP can be embedded in XML in all cases.

25. _______ can be used to add additional functionality to a stream, such as implementation of a specific protocol on top of a normal PHP stream implementation.

Answer…
Buffered
Buckets
Wrappers
Filters

26. What is the output of the following?

Answer…
50
5
95
10
100

27. SQL Injections can be best prevented using which of the following database technologies?

Answers: (choose 1)
All of the above
Prepared Statements
Persistent Connections
Unbuffered Queries
Query escaping

28. What is the output of the following?

Answer…
I have 6 apples and 6 oranges
I have 6 apples and 5 oranges
I have 5 apples and 6 oranges
I have 5 apples and 5 oranges

29. What is the best approach for converting this string:

$string = “a=10&b[]=20&c=30&d=40+50”;

Into this array?

array(4) {
[“a”]=>
string(2) “10”
[“b”]=>
array(1) {
[0]=>
string(2) “20”
}
[“c”]=>
string(2) “30”
[“d”]=>
string(5) “40 50”
}

Answer…
Write a parser completely by hand, it’s the only way to make sure it’s 100% accurate
Use the parse_str() function to translate it to an array()
Pass the variable to another PHP script via an HTTP GET request and return the array as a serialized variable
Just call unserialize() to translate it to an array()
Write a string parser using strtok() and unserialize() to convert it to an array

30. What is the output of the following code?

Answer…
Error; function declarations can not be split over multiple PHP segments.
Nothing
1
2

31. To destroy one variable within a PHP session you should use which method in PHP 5?

Answer…
Unset the variable in $HTTP_SESSION_VARS
Use the session_destroy() function
Use the session_unset() function
unset the variable in $_SESSION using unset()
Any of the above are acceptable in PHP 5

32. What is the best measure one can take to prevent a cross-site request forgery?

Answer…
Disallow requests from outside hosts
Add a secret token to all form submissions
Turn off allow_url_fopen in php.ini
Filter all output
Filter all input

33. Given the following PHP script:

<?php

$xmldata = <<< XML

XML Example

Hello, World!

XML;

$sxe = simplexml_load_string($xmldata);

$p = $sxe->body->p;

$string = ????????

print $string;
?>

What should go in place of ????? above to print the string Hello, World! (with no leading/trailing whitespace or markup)?

Answer…
trim(($p[1]));
trim(strip_tags(($p->asText())));
trim(strip_tags(($p->asXML())));
trim(($p->asXML()));
strip_tags(($p->asXML()));

34. When working with a database, which of the following can be used to mitigate the possibility of exposing your database credientials to a malicious user?

Answers: (choose 3)
Moving all database credentials into a single file
Moving all database credentials outside of the document root
Restricting access to files not designed to be executed independently
Setting creditial information as system environment variables
Using PHP constants instead of variables to store credentials

35. Which of the following are valid PHP variables?

Answers: (choose 4)
@$foo
&$variable
${0x0}
$variable
$0x0

36. Is this code valid only in PHP 4, in PHP 5, or both?

Answer…
Both
PHP 5
PHP 4

37. Which of the following aspects of the MVC pattern is used in conjunction with the database?

Answer…
Model
Schema
Validation
Controller
View

38. To ensure that a given object has a particular set of methods, you must provide a method list in the form of an ________ and then attach it as part of your class using the ________ keyword.

Answer…
array, interface
interface, implements
interface, extends
instance, implements
access-list, instance

39. What is the best way to ensure the distinction between filtered / trusted and unfiltered / untrusted data?

Answer…
None of the above
Never trust any data from the user
Enable built-in security features such as magic_quotes_gpc and safe_mode
Always filter all incoming data
Use PHP 5’s tainted mode

40. The ______ pattern is extremely useful for creating objects which watch the state of other objects and respond to those changes.

41. Which two internal PHP interfaces provide functionality which allow you to treat an object like an array?

Answers: (choose 2)
iteration
arrayaccess
objectarray
iterator
array
42. What is the output of the following PHP code?

FOO,
“FOO” => 20);

print $array[$array[FOO]] * $array[“FOO”];

Answer…
FOO
100
200
20
10

43. When an object is serialized, which method will be called, automatically, providing your object with an opportunity to close any resources or otherwise prepare to be serialized?

Answer…
__destroy()
__serialize()
__destruct()
__shutdown()
__sleep()

44. The ____ construct is particularly useful to assign your own variable names to values within an array.

Answer…
array_get_variables
current
each
import_variables
list

45. In an application which will be under high load, SQLite could be useful for what sort of tasks?

Answer…
As your primary database
SQL shouldn’t be used in a high load environment
SQLite should only be used for in-memory databases in this environment
Session Management
Read-only databases

46. Which of the following is not a valid default stream wrapper for PHP 5, assuming OpenSSL is enabled?

Answer…
ftps://
ftp://
sftp://
https://
http://

47. What is the output of the following PHP script?

Answer…
643.75
432
643
257
432.75

48. What would you replace ??????? with, below, to make the string Hello, World! be displayed?

Answer…
There is no way to do this
$string = $argv[1];
$string = $_ARGV[0];
list($string) = func_get_args();
$string = get_function_args()

49. SimpleXML objects can be created from what types of data sources?

Answers: (choose 3)
A String
An array
A DomDocument object
A URI
A Database resource

50. What is the output of the following code?

function pears(Array $pears)
{
if (count($pears) > 0)
{
echo array_pop($pears);
pears($pears);
}
}
$fruit = array(“Anjo”, “Bartlet”);
pears($fruit);

Answer…
Bartlet
Anjo
BartletAnjo
AnjoBartlet
None / There is an Error

51. What should be replaced in the string ??????? below to open the archive myarchive.gz located in the document root of the http://www.example.com server and decompress it?

52. Consider the following function:

What conditional should replace the ????? above?

Answer…
!in_array(“Location: $url”, headers_list())
!header_exists(“Location: $url”)
!header_location($url)
$_SERVER[‘HTTP_LOCATION’] != $url

53. Consider the following code snippet:

Assuming this snippet is a smaller part of a correctly written script, what actions must occur in place of the ????? in the above code snippet to insert a row with the following values: 10, 20.2, foo, string ?

Answer…
A transaction must be begun and the variables must be assigned
Each value must be assigned prior to calling mysqli_bind_param(), and thus nothing should be done
Use mysqli_bind_value() to assign each of the values
Assign $myinteger, $mydouble, $myblob, $myvarchar the proper values

54. When uploading a file using HTTP, which variable can be used to locate the file on PHP’s local filesystem?

Answer…
None of the above
$_FILES[‘fieldname’][‘tmp_name’]
$_FILES[‘fieldname’]
$_FILES[‘fieldname’][0][‘filename’]
$_FILES[‘fieldname’][‘filename’]

55. What is the output of the following code?

something(); } catch(AnotherException $e) { $a->somethingElse(); } catch(MyException $e) { print “Caught Exception”; }} catch(Exception $e) { print “Didn’t catch the Exception!”;}?>

Answer…
“Caught Exception” followed by “Didn’t catch the Exception!”
A fatal error for an uncaught exception
“Didn’t catch the Exception!”
“Didn’t catch the Exception!” followed by a fatal error
“Caught Exception”

56. How can you modify the copy of an object during a clone operation?

Answer…
Put the logic in the object’s constructor to alter the values
Implment your own function to do object copying
Implement the object’s __clone() method
Implement __get() and __set() methods with the correct logic
Implement the __copy() method with the correct logic

57. If you would like to store your session in the database, you would do which of the following?

Answer…
It requires a custom PHP extension to change the session handler
Implement the session_set_save_handler() function
Create functions for each session handling step and use session_set_save_handler() to override PHP’s internal settings
Configure the session.save_handler INI directive to your session class

58. Which of the following functions were added to PHP 5 for dealing with arrays?

Answers: (choose 2)
array_intersect_key()
array_unshift()
array_diff_key()
array_merge()
array_slice()

59. Creating new nodes in XML documents using PHP can be done using which XML/PHP 5 technologies?

Answers: (choose 2)
XQuery
XPath
SimpleXML
DOM
SAX

60. In databases that do not support the AUTO_INCREMENT modifier, you must use a _________ instead to auto-generate a numeric incrementing key

61. The following could be better represented as what?

Answer…
A switch statement without break statements
A foreach statement
A while statement
A switch statement
Multiple if statements

62. The following is a common XML structure used in service oriented architectures, what does it represent?

myMethod

HI!

Answer…
None of the above
A fragment of a complete SOAP request
XML-RPC
REST
SOAP

63. Setting a HTTP cookie on the client which is not URL-encoded is done how in PHP 5?

Answer…
Use the setrawcookie() function
Set the cookies.urlencode INI directive to false
Use urldecode() on the return value of setcookie()
Setting the $no_encode parameter of setcookie() to a boolean ‘true’
All cookies must be URL encoded

64. Consider the following code-snippet, which is taken from a larger application:

This is an example of doing what using the new MySQLi extension?

Answer…
Performing a multi-query statement
Performing a transaction
Using an unbuffered queries
Prepared Statements
Using buffered queries

65. What are the three access modifiers that you can use in PHP objects?

Answers: (choose 3)
protected
public
static
private
final

66. What is wrong with the following code?

setValue(10);
$a_copy->setValue(20);

Answer…
You must use return &$newObj instead
There is nothing wrong with this code
duplicate() must accept its parameter by reference
You must use the clone operator to make a copy of an object
duplicate() must return a reference

67. Which of the following functions will trim leading and/or trailing white space from a string?

Answers: (choose 3)
ltrim()
rtrim()
wtrim()
trim()
str_replace()

68. What is wrong with the following code valid in PHP 4 but invalid in PHP 5?

reassign($b);

Answer…
Reassigning $this in PHP 5 throws a fatal error
It is missing access restrictions (public,private,protected) required in PHP 5
Classes need to implement the OverLoad interface for this behavior in PHP 5
$b is now an object handle and the reassign() method needs to be declared pass-by-reference

69. Consider the following PHP script: