1. Tell me what Kind of Things have you Done on the Social Side?

A pretty broad question as there are no right or wrong answers. Its more about what works. This question is purposely open ended as I just want to know what the interviewee has worked on in the past. The answer, for me is not based on how well you know Facebook and Twitter, but simply given the opportunity, do you have enough knowledge to be able to leverage social platforms to achieve a particular goal.

2. Explain what are PSRs? Choose 1 and briefly describe it?

PSRs are PHP Standards Recommendations that aim at standardising common aspects of PHP Development.

An example of a PSR is PSR-2, which is a coding style guide. More info on PSR-2 here.

3. Tell me can the value of a constant change during the script's execution?

No, the value of a constant cannot be changed once it's declared during the PHP execution.

4. Explain me what is the w3c?

Standards compliance in web development is where everything is (hopefully?) going. Don't ask them to recite the w3c's mission statement or anything, but they should at least have a general idea of who they are.

5. Do you know what are Traits?

Traits are a mechanism that allows you to create reusable code in languages like PHP where multiple inheritance is not supported. A Trait cannot be instantiated on its own.

It's important that a developer know the powerful features of the language (s)he is working on, and Trait is one of such features.

6. Explain do you use Composer? If yes, what benefits have you found in it?

A: Using Composer is a tool for dependency management. You are able to declare the libraries your product relies on and Composer will manage the installation and updating of the libraries. The benefit is a consistent way of managing the libraries you depend on and you will spend less time managing the libraries you depend on in your project.

7. Explain briefly about a Search-friendly Site Looks Like?

Pretty basic I know, but I'm looking to find out whether or not the applicant has updated what he or she knows about on-site optimisation. Keyword research, title tags, urls, content, alt tags, site structure, navigation, internal linking, site maps, subdomains are all part of what I'm expecting to hear. However, what I don't what to hear is:

☛ Google can't crawl javaScript
☛ Google can't follow JavaScript links
☛ Keyword density must be X percent
☛ Google can't read Ajax
☛ Meta keywords are very important and should spend time including them
☛ Meta descriptions are not so important

If I'm still hearing this kind of things in 2012 it is most likely they may not be right for the top job.

8. Explain what is Memcache?

Memcache is a technology that caches objects in memory such that your web application can get to them really fast. It is used by sites such as Digg.com, Facebook.com and NowPublic.com and is widely recognized as an essential ingredient in scaling any LAMP.

9. Do you know what is Zend Engine?

☛ Zend Engine is used internally by PHP as a compiler and runtime engine. PHP Scripts are loaded into memory and compiled into Zend opcodes.
☛ These opcodes are executed and the HTML generated is sent to the client.
☛ The Zend Engine provides memory and resource management, and other standard services for the PHP language. Its performance, reliability and extensibility played a significant role in PHP's increasing popularity.

10. Tell me what are SQL Injections, how do you prevent them and what are the best practices?

SQL injections are a method to alter a query in a SQL statement send to the database server. That modified query then might leak information like username/password combinations and can help the intruder to further compromise the server.

To prevent SQL injections, one should always check & escape all user input. In PHP, this is easily forgotten due to the easy access to $_GET & $_POST, and is often forgotten by inexperienced developers. But there are also many other ways that users can manipulate variables used in a SQL query through cookies or even uploaded files (filenames). The only real protection is to use prepared statements everywhere consistently.

Do not use any of the mysql_* functions which have been deprecated since PHP 5.5 ,but rather use PDO, as it allows you to use other servers than MySQL out of the box. mysqli_* are still an option, but there is no real reason nowadays not to use PDO, ODBC or DBA to get real abstraction. Ideally you want to use Doctrine or Propel to get rid of writing SQL queries all together and use object-relational mapping which binds your rows from the database to objects in your application.

Download Interview PDF