[Zend PHP5 Cerification] Mock exam -2

NOTE : The answers That I am NOT sure are marked with "*"

 

Useful website: http://zend-php.appspot.com/

 

81. Consider the following code-snippet, which is taken from a larger application:

<?php

for(/* empty */; mysqli_more_results($link); mysqli_next_result($link))

{

    if($result = mysqli_store_result($link))

    {

        while($row = mysqli_fetch_array($result, MYSQLI_ASSOC))

        {   

            foreach($row as $value)

            {

                print "$value\n";

            }

        }

        mysqli_free_result($result);

    }

}

?>

This is an example of doing what using the new MySQLi extension?

A. Performing a multi-query statement

B. Performing a transaction

C. Using an unbuffered queries

D. Prepared Statements

E. Using buffered queries

Answer: D

82. Consider the following code block:

<?php

function &myFunction()

{

    $string = "MyString";

    var_dump($string);

    return ($undefined);

}

for($i = 0; $i < 10; $++)

{

    $retval = myFunction();

}

?>

This code block's behavior has changed between PHP 4 and PHP 5, Why?

A. None of the above

B. This could would cause an auto matic segmentation fault in PHP 4

C. This code would throw a syntax error in PHP 4

D. Returning an undefined variable by reference in PHP 4 would cause eventual memory corruption 

E. You could not return undefined variables by reference in PHP 4

Answer: D 

http://www.sitepoint.com/blogs/2005/07/30/php-44-minor-gotcha/ 

83. When an object is serialized, which method will be called, auto matically, providing your object with an opportunity to close any resources or otherwise prepare to be serialbzed?

A. __destroy()

B. __serialize()

C. __destruct()

D. __shutdown()

E. __sleep()

Answer: E (I choose is for the reason that from http://www.php.net/manual/en/function.serialize.php)

84. What is the primary benefit of a SAX-based XML parser compared to DOM?

A. All of the above

B. Faster then DOM methods

C. Requires less memory then DOM

D. Easier to develop parsers

Answer: C *

85. Setting a HTTP cookie on the client which is not URL-encoded is done how in PHP 5?

A. Use the setrawcookie() function

B. Set the cookies.urlencode INI directive to false

C. Use urldecode() on the return value of setcookie()

D. Setting the $no_encode parameter of setcookie() to a boolean 'true'

E. All cookies must be URL encoded

Answer: A (See the details of function "setrawcookie()")

86. If you would like to store your session in the database, you would do which of the following?

A. It requires a custom PHP extension to change the session handler

B. Implement the session_set_save_handler() function

C. Create functions for each session handling stop and use session_set_save_handler() to override PHP's internal settings

D. Configure the session.save_handler INI directive to your session class

Answer: C

http://cn2.php.net/manual/en/function.session-set-save-handler.php 

open,close,read,write,destroy,gc functions

87. During an HTTP authentication, how does one determine the username and password provided by the browser?

A. Parse the HTTP headers manually using http_get_headers()

B. Use the get_http_username() and get_http_password() functions

C. Use the $_SERVER['HTTP_USER'] and $_SERVER['HTTP_PASSWORD'] variables

D. Use teh $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] variables

E. Parse the $_SERVER['REQUEST_URI'] variable

Answer: D

88. The Decorator pattern is used to ...

A. Change the behavior of a class without modifying the original class

B. Used in XSLT transfromations in OO design

C. Used to map HTML structures to objects

D. A type of view in an MVC pattern

Answer: A

89. Consider the following function:

<?php

function redirect($url)

{

    //check to make sure we haven't alreadly sent the header;

    if(????)

    {

        header("Location: $url");

    }

}

?>

What conditional should replace the ???? above?

A. !in_array("Location: $url", headers_list())

B. !header_exists("Location: $url")

C. !header_location($url)

D. $_SERVER['HTTP_LOCATION'] != $url

Answer: A

90. Identify the best approach to compare to variables in a binary-safe fashion

A. Both strcmp() and $a === $b

B. $a == $b

C. $a === $b

D. str_compare()

E. strstr()

Answer: A

91. What is the output of the following code block?

<?php

$array = array(1=>0, 2, 3, 4);

array_splice($array, 3, count($array), array_merge(array('x'), array_slice($array, 3)));

print_r($array);

?>

A. 1=>1, 2=>2, 3=>x, 4=>4

B. 0=>1, 2=>2, 3=>3, 4=>4, x=>3

C. 0=>0, 1=>2, 3=>3, 3=>x, 4=>4

D. 0=>x, 1=>0, 2=>1, 3=>2, 4=>3

E. 1=>1, 3=>x, 2=>2, 4=>4

Answer: C

92. For an arbitrary string $mystring, which of the following checks will correctly determine if the string PHP exists within it?

A. if(strpos($mystring, "PHP") !== flase)

B. if(!strpos($mystring, "PHP"))

C. if(strpos($mystring, "PHP") == true)

D. if(strloc($mystring, "PHP") == true)

E. if(strloc($mystring, "php"), === false)

Answer: A

93. Why is it important from a security perspective to never display PHP error messages directly to the end user, yet always log them? (choose 2)

A. Error messages will contain sensitive session information

B. Error messages can contain cross site scripting attacks

C. Security risks involved in logging are hanlded by PHP

D. Error messages give the perception of insecurity to the user

E. Error messages can contain data useful to a potential attacker

Answer: AE *

94. Which of the following extensions are no longer part of PHP 5 and have been moved to PECL? (choose 2)

A. tidy

B. mysql

C. w32api

D. curl

E. dio

Answer: AC

95. Which of the following is not valid syntax for creating a new array key?

A. $a[] = "value";

B. $a{} = "value";

C. $a[0] = "value";

D. $a{0} = "value";

E. $a[$b = 0] = "value";

Answer: B

96. Consider the following simple PHP script:

<?php

$dom = new DomDocument();

$dom->load("test.xml");

$xpath = new DomXPath($dom);

$nodes = $xpath->query(????, $dom->documentElement);

echo $nodes->item(0)->getAttributeNode('bgcolor')->value . "\n";

?>

What XPath query should go in the ???? above to display the "bgcolor" attribute of teh first "body" node in the XML document?

A. "*[local-name()='body']"

B. "/body[0]/text"

C. "/body/body[0]"

D. "name='body'"

E. "*[lname()='body']"

Answer: A

97. Unlike a database such as MySQL, SQLite columns are not explicitly typed. Instead, SQLite catagorizes data into which of the following catagories?

A. textual

B. unicode

C. numeric

D. binary

E. constant

Answer: AC

98. A ____ key is particularly useful for maintaining data integrity within your database, and has the potential to ease the complexity of yor PHP scripts by allowing the database to manage cascading deletes of data.

Answer: FOREIGN

99. Which two internal PHP interfaces provide functionality which allow you to treat an object linke an array?

A. iteration

B. arrayaccess

C. objectarray

D. iterator

E. array

Answer: BD

100. The ____ function is used to generate a file resource in the file system with a randomly-generated filename to be used as temporary storage.

Answer: tempnam

101. Type-hinting and the instanceof keyword can be used to check what types of things about variables? (choose 3)

A. If a particular child class extends from it

B. If they are an instance of a particular interface

C. if they are an abstract class

D. If they have a particular parent class

E. If they are an instance of a particular class

Answer: BDE

102. When embedding PHP into XML documents, what must you ensure is true in order for things to funciton properly?

A. Disabling of the short_tags PHP.ini diretive

B. Enabling the asp_tags PHP.ini directive

C. That you have XPath support enabled in PHP5

D. That your XML documents are well-formed

E. None of the above, PHP can be embedded in XML in all cases.

Answer: A * (maybe it is short_open_tag in PHP.ini)

103. Which of the following is not a valid default stream wrapper for PHP 5, assuming OpenSSL is enabled?

A. ftps://

B. ftp://

C. sftp://

D. https://

E. http://

Answer: C

104. What kind of information is acquired when profiling a PHP script? (choose 2)

A. A list of all of the op-codes executed by the engine

B. The files and functions and/or parameters which were executed furing the PHP script 

C. The execution times of files and functiosn during the PHP script

D. A list of all the variables used in a PHP script

E. A list of error which have occurred

Answer: BC

105. Which from the following list is not an appropiate use of an array? (choose 1)

A. As a list

B. All of these used are valid

C. As a lookup Table

D. A Stack

E. As a hash table

Answer: B

106. What is teh best approach for converting this string:

$string = "a=10&b[]=20&c=30&d=40+50";

Into this array?

array(4)

{

    ['a']=>string(2) "10"

    ['b']=>array(1)

    {

        [0]=>string(2) "20"

    }

    ['c']=>string(2) "30"

    ['d']=>string(5) "40 50"

}

A. Write a parser completely by hand, it's the only way to make sure it's 100% accurate

B. Use the parse_str() function to translate it to an array()

C. Pass the varialbe to another PHP script via an HTTP GET request and return the array as a serialized variable

D. Just call unserialize() to translate it to an array()

E. Write a string parser using strtok() and unserialize() to convert it to an array

Answer: B

<?php

$string = "a=10&b[]=20&c=30&d=40+50";

parse_str($string, $array);

var_dump($array);

?> 

107. One can ensure that headers can always be sent from a PHP script by doing what?

A. Enable header buffering in PHP5

B. Set the header.force INI directive to true

C. Enable output buffering in PHP 5

D. There is no way to ensure that headers can always be set, they must always be checked

E. None of the above

Answer: E * 

<?php

header("location: 1.html");

echo "send data";

header("location: 2.html"); //1.html already sent

?>

Wrapping the previous example in an output buffer actually changes the behavior of the script! This is because headers aren't sent until the output buffer is flushed.

<?php

ob_start();

header("location: 1.html");

echo "send data";

header("location: 2.html"); //replaces 1.html

ob_end_flush(); //now the headers are sent

?>

108. One can determine if it is possible to send HTTP headers from within your PHP script using which of the following functions?

A. apache_headers_enable()

B. is_headers_enable()

C. is_headers_sent()

D. headers_sent()

E. headers_enabled()

Answer: D

109. What would go in place of ???? below to make this script execute without a fatal error? (choose 3)

<?php

$a = 1;

$b = 0;

????

$c = $a / $b;

?>

A. quit();

B. die();

C. stop();

D. __halt_compiler();

E. exit();

Answer: BDE

110. Which of the following methods are used to fetch data from a PDO Statement?

A. fetchColumn()

B. fetchObject()

C. fetch()

D. fetchClass()

E. fetchRow()

Answer: ABC

111. Implementing your own PDO class requires which steps from the list below? (choose 3)

A. Extending the PDOStatement Class

B. Set the PDO::ATTR_STATEMENT_CLASS parameter

C. Call the PDO::setStatementClass() method

D. Extend the PDO class

E. Set the PDO::ATTR_USE_CLASS paramater

Answer: ABD

112. What should go in the ???? assignment below to create a Zlib-compressed file foo.gz with a compression level of 9?

<?php

$file = '????';

$fr = fopen($file, 'wb9');

fwrite($fr, $data);

fclose($fr);

?>

A. gzip://foo.gz?lever=9

B. compress.zip://foo.gz?lever=9

C. compress.zlib://foo.gz

D. compress.gzip://foo.gz?lever=9

E. zlib://foo.gz

Answer: C

113. When writing CLI scripts it is often useful to access the standard streams available to the operating system such as standard input/output and error. How does one access these streams in PHP 5?

A. Use stdin(), stdout() and stderr() functions

B. PHP::STDIN, PHP::STDOUT, PHP::STDERR class constants in PHP 5

C. STDIN, STDOUT, and STDERR constants in PHP 5

D. use the php::stdin(), php::stdout(), and php::stderr() class methods

Answer: C

114. When is it important to validate data coming from an HTML form?

A. Only when the fields are required

B. Only when accepting file uploads

C. Everywhere, except cookies

D. Only when accepting forms using an input type of text or a <text area> field

E. None of the above

Answer: E *

115. The ____ constant in a CLI script is an auto matically provided file resource representing standard input of the terminal.

A. STDIN

B. __STDIN__

C. STDIO

D. PHP::STDIO

E. STD_IN

Answer: A

116. Prepared statements have which of the following advantages over tranditional SQL statements? (choose 3)

A. They use less bandwidth

B. They prevent syntax errors

C. They prevent SQL injection

D. They are faster when performing the same query multiple times

E. They allow you to use transactions

Answer: ACD

117. Setting a HTTP cookie on the client which is not URL-encodede is done how in PHP 5?

A. Use the setrawcookie() function 

B. Set the cookies.urlencode INI derective to false

C. Use urldecode() on the return value of setcookie()

D. Setting the $no_encode parameter of setcookie() to a boolean 'true'

E. All cookies must be URL encoded

Answer: A

118. Which of the following list of potential data sources should be considered trusted?

A. None of the above

B. $_ENV

C. $_GET

D. $_COOKIE

E. $_SERVER

Answer: A

119. Which of the following functions were added to PHP 5 for dealing with arrays? (choose 2)

A. array_intersect_key()

B. array_unshift()

C. array_diff_key()

D. array_merge()

E. array_slice()

Answer: AC

120. Which of the following functions allow you to introspect the call stack during execution of a PHP script?

A. get_backtrace()

B. get_function_stack()

C. debug_backtrace()

D. debug_print_backtrace()

E. print_backtrace()

Answer: CD

121. When opening a file in writing mode using the FTP handler, what must be done so that the file will still be written to the server in the event it previously exists?

A. Provide a context for fopen() using stream_context_create()

B. You must delete the file first before uploading a nwe file

C. Configure this behavior in the php.ini file using the ftp.overwrite directive

D. Open the file using the 'w+' mode

Answer: D

122. When implementing a permissions system for your Web site, what should always be done with regards to the session?

A. None of the above

B. You should not implement permission systems using sessions

C. Sessions should be cleared of all data and repopulated

D. The session key should be regenerated

E. The session should be destroyed

Answer: D

123. The following PHP script is an example of which design pattern?

<?php

interface HashAlgorithm

{

    public funciton hash($value);

}

class MyClass

{

    privae $value;

    public function __construct($value)

    {

        $this->value = $value;

    }

    public function hash(HashAlgorithm $a)

    {

        return $a->hash($this->value);

    }

}

class MD5Hash implement HashAlgorithm

{

    public function hash($value)

    {

        return md5($hash);

    }

}

?>

A. Controller

B. Strategy

C. Abstract Factory

D. Factory

E. Command Chain

Answer: B

124. The following is a common XML structure used in serveice oriented architectures, what does it represent?

<?xml version="1.0"?>

<methodCall>

    <methodName>myMethod</methodName>

    <params>

        <param>

            <value><string>HI!</string></value>

        </param>

    </params>

</methodCall>

A. None of the above

B. A fragment of a complete SOAP request

C. XML-RPC

D. REST

E. SOAP

Answer: C

125. Which of the following are examples of the new engine executor models available in PHP 5? (choose 3)

A. Switch 

B. Conditional

C. Goto

D. Call

E. Dynamic

Answer: ACD

126. How could the following PHP 4 code snippet be re-written in PHP 5?

<?php

$arr = array("foo"=>5, 2=>"hi", 6=>8);

foreach($arr as $key=>$value)

{

    if($key == 2)

    {

        $arr[$key] = 10;

    }

}

?>

A. $arr[$key] is no longer necessary, use $arr instead to modify a value

B. You cannot change array value types during interation in PHP 5

C. $value can be prepended with &, and modified directly

D. In PHP 5 you cannot modify an array during iteration using foreach()

E. None of the above

Anwser: C

127. Which of the following php.ini directives should be disabled to improve the outward security of your application? (choose 4)

A. safe_mode

B. magic_quotes_gpc

C. register_globals

D. display_errors

E. allow_url_fopen

Answer: BCDE

128. How can one take advantage of the time waiting for a lock during a stream access, to do other tasks using the following locking code as the base:

$retval = flock($fr, LOCK_EX);

A. Use flock_lazy() instead of flock()

B. Use LOCK_EX|LOCK_NB instead of LOCK_EX

C. Use LOCK_UN instead of LOCK_EX

D. Check the value of $retval to see if the lock was obtained

E. Check to see if $retval == LOCK_WAIT

Answer: B

129. To destroy a PHP session completely, one must which of the following? (choose 2)

A. Regenerate the session ID using session_regenerate_id()

B. If cookies are used, destroy it 

C. Use session_demolish() to completely destroy the session

D. Change the session name using session_name()

E. Destroy the session data using session_destroy()

Answer: BE

130. Which of the following is an example of Polymorphism?

A. All of the above

B. Classes that implement Design Patterns

C. Any class implementing an interface

D. Any class that extends from a parent class

E. A generic super class with specific child class implementations

Answer: E  *

131. Which statement will return the third parameter passed to a function?

A. $argv[3];

B. $argv[2];

C. func_get_args(3);

D. func_get_arg(2);

E. func_get_arg(3);

Answer: D

132. The MVC pattern in web development involves which of the following components? (choose 4)

A. View

B. Controller

C. Validation

D. Model

E. Front Controller

Answer: ABCD *

133. Which of the following aspects of the MVC pattern is used in conjunction with the database?

A. Model

B. Schema

C. Validation

D. Controller

E. View

Answer: A

134. Consider the following script:

<?php

$string = "<b>I like 'PHP' & I think it is \"cool\" </b>";

var_dump(htmlentities($string, ENT_QUOTES));

var_dump(print htmlspecialchars($string));

?>

In this script, do the two var_dump() calls produce the same string? Why or Why Not?

A. No, the htmlentities() call will translate quotes while the htmlspecialchars() call will not 

B. No, htmlentities() translate < and > symbols to theis HTML entity equivalents while htmlspecialchars() only does quotes

C. No, the htmlentities() call won't translate quotes to HTML entities while the htmlspecialchars() call will

D. Yes, htmlspecialchars() and htmlentities() with the ENT_QUOTES constants produce the same result

Answer: A

135. What would you replace ???? with, below, to make the string Hello, World! be displayed?

<?php

function myfunction()

{

    ????

    print $string;

}

myfunction("Hello, World!");

?>

A. There is no way to do this

B. $string = $argv[1];

C. $string = $_ARGV[0];

D. list($string) = func_get_args();

E. $string = get_function_args()

Answer: D

136. Unlike the old MySQL extension, the new MYSQLi extension requires that you provide what when performing a query when using the procedural interface?

A. The query identifier

B. The database name

C. All function parameters

D. The database handle

E. The statement handle

Answer: C

137. What is the best measure one can take to prevent a cross-site request forgery?

A. Disallow requests from outside hosts

B. Add a secret token to all from submissions

C. Turn off allow_url_fopen in php.ini

D. Filter all output

E. Filter all input

Answer: E

Filter all input: Cross-site request forgery ( CSRF )

Filter all output: Cross-site scripting ( XSS )

Add a secret token to all from submissions: Spoofed Forms

138. The following code block produces which output array?

<?php

$a = array(1=>"A", "B", "C");

$a[1] = "A";

$a[] = "B";

$a[] = "C";

print_r($a);

?>

A. A=>1, B=>2, C=>3, B=>4, C=>5

B. A=>1, B=>2, C=>3

C. 1=>A, 2=>B, 3=>C

D. 0=>A, 1=>B, 2=>C

E. 1=>A, 2=>B, 3=>C, 4=>B, 5=>C

Answer: E

139. What XML technology is used when you mis two different document types in a single XML document?

A. Validators

B. DTD

C. Transformations

D. Namespaces

Answer: B

140. What consistutes a View in the MVC pattern for PHP 5, in the following list? (choose 2)

A. Iterators

B. PDO

C. Classes

D. PHP

E. Smarty

Answer: DE  *

141. Conside the following code snippet:

<?php

$query = "SELECT first, last, phone FROM contacts WHERE first LIKE 'John%'";

$statement = mysqli_prepare($link, $query);

mysqli_execute($statement);

/* ???? */

while(($result = mysqli_stmt_fetch($statement)))

{

    print "Name: $first $last\n";

    print "Phone: $phone\n\n";

}

?>

Assuming this code snippet is part of a larger correct application, what must be done in place of the ??? above for the correct output to be displayed?

A. None of the above

B. mysqli_fetch_columns($first, $last, $phone);

C. mysqli_stmt_bind_result($statement, $first, $last, $phone);

D. A while loop, fetching the row and assigning $first, $last, and $phone the proper value

Answer: C

142. ____ can be used to add additional functionality to a stream, such as implementation of a specific protocol on top of a normal PHP stream implementation.

A. Buffered

B. Buckets

C. Wrappers

D. Filters

Answer: C

143. What is the output of the following?

<?php

$a = 010;

$b = 0xA;

$c = 2;

print $a + $b + $c;

?>

A. 20

B. 22

C. 18

D. $a is an invalid value

E. 2

Answer: A

144. Consider the following script:

<?php

function func(&$arraykey)

{

    return $arraykey;

}

$array = array('a', 'b', 'c');

$z = array();

foreach(array_keys($array) as $key)

{

    $y = &func($array[$key]);

    $z[] = & $y;

}

var_dump($z);

?>

(choose 2)

A. array("a", "a", "b");

B. array("a", "b", "c");

C. array("c", "b", "a");

D. array("c", "c", "c");

E. array("b", "b", "b");

Answer: BD  * (The result in PHP 5 is D, but I am not sure whether is B in PHP 4)

145. What is the output of the following PHP script?

<?php

$a = 1;

$b = 2.5;

$c = 0xFF;

$d = $b+$c;

$e = $d * $b;

$f = ($d + $e) % $a;

print ($f + $e);

?>

A. 643.75

B. 432

C. 643

D. 257

E. 432.75

Answer: A (the result of $f is 0)

146. Name three new extensions in PHP 5 (choose 3)

A. tidy

B. soap

C. java

D. curl

E. mysqli

Answer: ABE

147. What is wrong with the following code valid in PHP 4 but invalid in PHP 5?

<?php

class MyClass

{

    function reassign($var)

    {

        $this = $var;

    }

}

$a = new MyClass();

$b = new MyClass();

$a->reassign($b);

?>

A. Reassigning $this in PHP 5 throws a fatal error

B. It is missiong access restrictions (public, private, protected) required in PHP 5

C. Classes need to implement the OverLoad interface for this behavior in PHP 5

E. $b is now an object handle and the reassign() method needs to be declared pass-by-reference

Answer: A

148. Consider the following code snippet:

<?php

$link = mysqli_connect("host", "username", "password");

if(!$link)

{

    $error = ????

    die("Could not connect to the database: $error");

}

?>

What would go in place of the ???? above for this script to function properly?

A. mysqli_connect_error();

B. mysqli_connect_error($link);

C. mysqli_error();

D. $_MySQL['connect_error']

E. mysqli_get_connect_error();

Answer: A (C should to be mysqli_error($link))

149. Consider the following code block:

<?php

function &myFunction()

{

    $string = "MyString";

    var_dump($string);

    return ($undefined);

}

for($i = 0; $i<10; $i++)

{

    $retval = myFunction();

}

?>

A. None of the above

B. This could would cause an automatic segmentation fault in PHP 4

C. This code would throw a syntax error in PHP 4

D. Returning an underfined variable by reference in PHP 4 would cause eventual memory corruption

E. You could not retur nundefined variables by reference in PHP 4

Answer: D  *

150.  What is the output of the following code?

<?php

$string = "111221";

for($i = 0; $i < strlen($string); $i++) {

$current = $string[$i];

$count = 1;

while(isset($string[$i + $count]) && ($string[$i + $count] == $current)) $count++;

$newstring .= "$count{$current}";

$i += $count-1;

}

print $newstring;

?>

A. 312211

B. 3312212

C. 11221221

D. 221131

E. 3211122

Answer: A

151. Which of the following functions could be used to break a string into an array? (choose 3)

A. array_split()

B. split()

C. string_split()

D. preg_match_all()

E. explode()

Answer: BDE

152.  If you wanted a variable containing the letters A through Z, that allowed you to access each letter independently, which of the following approaches could you use? (choose 3)

A. $str = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";

B. range('A', 'Z');

C. explode("", "ABCDEFGHIJKLMNOPQRSTUVWXYZ");

D. You would use the ALPHA_ARRAY constant

E. None of the above

Answer: ABD  * (C will course an warning: explode() [function.explode]: Empty delimiter in XXX)

153. Which key will not be displayed from the following code block?

<?php

$array = array('a' => 'John',

               'b' => 'Coggeshall',

               'c' => array('d' => 'John',

                            'e' => 'Smith'));

                            

function display($item, $key) {

print "$key => $item\n";

}

array_walk_recursive($array, "display");

?>

A. d

B. c

C. b

D. a

E. They all will be displayed

Answer: B

154.  Which of the following are not valid ways to embed a variable into a string? (choose 2)

A. $a = "Value: $value->getValue()";

B. $a = "Value: {$value}";

C. $a = 'Value: $value';

D. $a = "Value: $value";

E. $a = "Value: {$value['val']}";

Answer: AC

155.  SQL Injections can be best prevented using which of the following database technologies?

A. All of the above

B. Prepared Statements

C. Persistent Connections

D. Unbuffered Queries

E. Query escaping

Answer: B

156.  Where should indirectly executed PHP scripts (i.e. include files) be stored in the file system?

A. Outside of the Document Root

B. In the document root

C. Anywhere you want

D. In the database

Answer: A

157. When migrating the following code from PHP 4 to PHP 5, what should be changed?

<?php

class MyClass {

function MyClass($param) {

$this->_doSomething($param);

}

// Private method to MyClass

function _doSomething($param) {

/* Do something with $param */

}

}

class AnotherClass extends MyClass {

var $param = "foo";

function AnotherClass() {

parent::MyClass($this->param);

}

}

?>

A. Access modifiers should be added to methods

B. The Constructors for the objects should both be renamed to __construct

C. The use of the parent keyword has changed to 'super'

D. Constructors must have the same parameter lists

Answer: AB  * (There is a function called func_get_args(), so D is not correct I think)

158. When connecting to a database using PDO, what must be done to ensure that database credentials are not compromised if the connection were to fail?

A. wrap the PDO DSN in a try/catch block to catch any connection exception

B. Use constants in the PDO DSN

C. Place the login credentials in the php.ini file

D. Disable E_STRICT and E_NOTICE error reporting levels

Answer: A

159.  Consider the following script:

<?php

try {

  $dbh = new PDO("sqlite::memory:");

} catch(PDOException $e) {

  print $e->getMessage();

}

$dbh->query("CREATE TABLE foo(id INT)");

$stmt = $dbh->prepare("INSERT INTO foo VALUES(:value)");

$value = null;

$data = array(1,2,3,4,5);

$stmt->bindParam(":value", $value);

/* ?????? */

try {

  foreach($data as $value) {

    /* ????? */

  }

} catch(PDOException $e) {

  /* ??????? */

}

/* ?????? */

?>

What lines of code need to go into the missing places above in order for this script to function properly and insert the data into the database safely?

A. $dbh->beginTransaction();

B. $dbh->commit();

C. $stmt->execute();

D. $dbh->rollback();

E. $dbh->query($stmt);

Answer: ABCD

160. What is wrong with the following code snippet? Assume default configuration values apply.

<?php

$fp = fsockopen('www.php.net', 80);

fwrite($fp, "GET / HTTP/1.0\r\nHost: www.php.net\r\n");

$data = fread($fp, 8192);

?>

A. The request is blocking and may cause fread() to hang

B. The HTTP request is malformed

C. This script should be re-written using fgets() instead of fread()

D. The request is non-blocking and fread() may miss the response

E. You cannot use fwrite() with fsockopen()

Answer: B