Friday, September 25, 2009

PHP5: Sending headers

Http headers can be sent only before any other output. This is a simple requirement and funny how big impact it may have on application architecture and how many tricky questions may be asked about it. Here is one from the Zend PHP 5 Certification Mock Exam.

You will find correct answer in bold.

One can ensure that headers can always be sent from a PHP script by doing what?
  • Enable header buffering in PHP 5
  • Set the header.force INI directive to true
  • Enable output buffering in PHP 5
  • There is no way to ensure that headers can always be set, they must always be checked
  • None of the above

The header documentation page says: "As of PHP 4, you can use output buffering to get around this problem". That obviously makes sense on the contrary to header buffering suggested by the first answer. Header buffering would not help because the troublemaker here is premature output.
According to PHP manual there is no such directive as header.force and does not seem to have much sense as well, which shoots off the second answer.
The third one has some potential but is not correct - output buffering has been avaiable since PHP4.
And as output buffering seems to combat the problem successfully, the fourth answer is there only to trick you.

Thursday, September 24, 2009

PHP: empty $_FILES array

This experience might be really time consuming. You get a simple form with a simple input field of type="file" and on the server side you get nothing. The $_FILES array is empty as a whistle.

You can get really frustrated after checking whether file_uploads = 1, upload_temp_dir is accessible and upload_max_filesize is big enough and everything seems fine.

In this case it's worth checking if the troublemaker is not... the form itself. If there is no enctype="multipart/form-data" in the form tag, you may want to try it. Here is an example of working file upload:

<form name="form" action="index.php" method="post" enctype="multipart/form-data">
<label>Upload file</label>
<input type="file" name="userfile" />
<input type="submit" value="OK" />

I have found a Nice thread about the above issue which you might be interested in as well.

Wednesday, September 16, 2009

Zend PHP 5 Certification Mock Exam: how to destroy a session

Here is another question about sessions from the Zend PHP 5 Certification Mock Exam. Good answers are in bold:
To destroy a PHP session completely, one must which of the following?
  • Regenerate the session ID using session_regenerate_id()
  • If cookies are used, destroy it
  • Use session_demolish() to completely destroy the session
  • Change the session name using session_name()
  • Destroy the session data using session_destroy()
A few words of explanation. To destroy a session we need to remove all the data associated with the session and try to prevent the client from requesting the session using the id. Usually the session id is stored on the client side as a cookie. In this case, we need to destroy the cookie, which means that the second answer is correct. To remove all the data stored associated with the session, we need to use session_destroy function, and this also means the last answer is correct. It is described briefly on the session_destroy manual page.

Regarding three remaining answers, regenerating session id is useful for preventing session fixation. There is not such a function as session_demolish() described in PHP manual. Changing session name does not remove the data, it simply changes the name of the cookie storing the session id.

Tuesday, September 1, 2009

Zend PHP 5 Certification Mock Exam: magic function

One of the Zend PHP 5 Certification Mock Exam questions shows recursive function called "magic". The question reads as follows (correct answer in bold):
What does the following function do, when passed two integer values for $p and $q?
function magic($p, $q) {
return ($q == 0)
? $p
: magic($q, $p % $q);
  • Loops infinitely
  • Switches the values of $p and $q
  • Determines if they are both even or odd
  • Determines the greatest common divisor between them
  • Calculates the modulus between the two
It turns out that the function is simply on of the Euclidean algorithm implementations. If you do not remember from your math class how it works, here is the the Euclidean algorithm procedure described.