Get the Preplance app for a seamless learning experience. Practice offline, get daily streaks, and stay ahead with real-time interview updates.
Get it on
Google Play
4.9/5 Rating on Store
PHP · Question Set
Forms, Requests & Superglobals interview questions for placements and exams.
Questions
14
Included in this set
Subject
PHP
Explore more sets
Difficulty
Mixed
Level of this set
Go through each question and its explanation. Use this set as a focused practice pack for PHP.
$_SERVER contains server and execution environment information like REQUEST_METHOD, PHP_SELF, and SERVER_NAME.
echo $_SERVER['PHP_SELF'];
For complete preparation, combine this set with full subject-wise practice for PHP. You can also explore other subjects and sets from the links below.
To prevent CSRF, generate a random token, store it in the session, and include it as a hidden form field. Verify the token when the form is submitted. If it doesn’t match, reject the request.
// Generate token $_SESSION['token']=bin2hex(random_bytes(16));
PHP has several predefined superglobals like $_GET, $_POST, $_SERVER, $_SESSION, but there is no $_DATA variable.
The GET method appends form data to the URL, making it visible in the address bar. It is used for non-sensitive data requests.
The $_POST superglobal is used to collect form data sent using the POST method. It is safer for confidential data.
$_REQUEST collects data from both $_GET and $_POST depending on PHP configuration. It is used for flexible form handling.
The $_FILES array stores information about uploaded files like name, type, size, and temporary location.
echo $_FILES['myfile']['name'];
setcookie() is used to send a cookie from the server to the client. Cookies store small data on the user's browser.
setcookie('user','John',time()+3600);session_start() initializes session tracking in PHP. It must be called before any output is sent.
session_start(); $_SESSION['user']='John';
To delete a cookie, set it again with an expired time using setcookie. PHP has no delete_cookie() function.
setcookie('user','',time()-3600);GET sends data through the URL, has length limits, and is visible in the address bar. POST sends data in the request body, making it safer for confidential data like passwords.
You can validate data using functions like empty(), isset(), filter_var(), and regular expressions. Always sanitize inputs to prevent attacks like SQL injection.
if(empty($_POST['name'])) echo 'Name required';
To end a session, use session_unset() to remove variables and session_destroy() to delete the session file on the server.
session_unset(); session_destroy();
Use POST instead of GET for sensitive data, validate and sanitize inputs, use HTTPS, limit file types on upload, and use tokens to prevent CSRF. Also, escape outputs to prevent XSS.