Zend PHP5 Certification
Upcoming SlideShare
Loading in...5
×
 

Zend PHP5 Certification

on

  • 5,739 views

 

Statistics

Views

Total Views
5,739
Views on SlideShare
5,369
Embed Views
370

Actions

Likes
5
Downloads
331
Comments
0

12 Embeds 370

http://www.osscube.com 92
http://www.osscube.in 88
http://staging.osscube.com 81
http://staging.osscube.com 81
http://p1kumar.page.tl 8
http://a0.twimg.com 4
http://druposs.osscube.com 3
http://dev.osscube.com 3
http://dev3qa.osscube.co.uk 3
http://localhost 3
http://www.osscube.co.uk 2
http://dev3qa.osscube.co.in 2
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Zend PHP5 Certification Zend PHP5 Certification Presentation Transcript

  • Zend PHP5 Certification Presented by – Rakesh Kumar, Rajul Gupta, and Ankur Aeran OSSCube
  • Who we are?• Rakesh Kumar – Senior project manager – PHP and related frameworks/Products, Senior consultant and trainer – MySQL, Started as PHP Developer• Rajul Gupta – Senior consultant – CRM – PHP evangelist and ZCE• Ankur Aeran – Tech Lead – Drupal – ZCE, First Zend Framework Certified (India) Zend PHP5 Certification, OSIdays 2010 Chennai
  • Why certification?• Industry-wide standard and a measure of distinction• Certification is recognition of a set of capabilities that the person taking the test has developed• ZCE certification helps other people (e.g., potential• employers) answer questions like: – “How predictably is the person likely to perform when applying PHP 5 technology to a business problem?” – “Has this applicant reached a pre-defined minimum standard of experience to undertake professional quality work?” Zend PHP5 Certification, OSIdays 2010 Chennai
  • Preparation tools• Instructor lead Online training – Register via website http://www.zend.com/ – Includes certification voucher• Instructor lead classroom training – Authorized training partners• Zend PHP5 Certification Study Guide• Zend PHP5 Certification online practice exam• http://www.zend.com/en/services/certification/php-5-ce Zend PHP5 Certification, OSIdays 2010 Chennai
  • About the exam• Composed of ~70 randomly generated questions• Allowed 90 minutes to answer the questions• Questions cover twelve different topic areas• Questions vary in their degree of difficulty• Encompasses curriculum specified by the Zend PHP Education Advisory Board – Completely neutral – Exam excludes references or questions related to Zend‘s products Zend PHP5 Certification, OSIdays 2010 Chennai
  • Taking the exam• Exam administered at a Pearson VUE training center ( http://www.pearsonvue.com/)• Register for the exam via telephone or email – May differ by country; please check online• Bring two IDs, one must have your photo (and both must have your signature)• You will receive “scratch“ paper or an eraseable board for calculations at the time you take the test• You are not permitted to bring any materials into the room with you Zend PHP5 Certification, OSIdays 2010 Chennai
  • Questions & Strategies• There are several different types of questions, which we will discuss:• Multiple choice, only one answer is correct – Try to eliminate wrong answers – It makes no difference whether you incorrectly answer a question, or do not answer it at all, so... – Guess! Zend PHP5 Certification, OSIdays 2010 Chennai
  • Questions & Strategies• Multiple choice, several answers may be correct – Most of the time you are told the number of answers to select – Based on the number of correct answers, you may be able to eliminate some choices Zend PHP5 Certification, OSIdays 2010 Chennai
  • Questions & StrategiesFreetext• Most of the time, questions are of this type: – What is the output of the following code? – What is the name of the function/setting/constant/… that does X-Y-Z?• Be careful when entering the answer! – No whitespace, explanations, comments, ... – Use lowercase letters with functions Zend PHP5 Certification, OSIdays 2010 Chennai
  • Testing software• You can mark questions for review – Be sure to check whether there are any questions marked for review before you submit your test• You can mark questions for comment – If there is something you would like the committee to know about a particular question, please use the Comment option to communicate back with Zend• You can easily navigate back to questions you have marked, but not the others, so remember this feature Zend PHP5 Certification, OSIdays 2010 Chennai
  • At the end• You’ll immediately get your test result from the testing center; usually printed out – Passed/Failed• No detailed score – If you fail, you will receive feedback about how you did in each topic area (weak -> strong) Zend PHP5 Certification, OSIdays 2010 Chennai
  • Basic exam information• You do not have to code large portions for the exam• You do have to answer freetext questions which may contain variable names, small snippets of code, etc.• You do NOT have to memorize the PHP manual – Technically, there are some places where you do, such as remembering which order the parameters for a given function are• You must analyze PHP code• You must know important PHP functions Zend PHP5 Certification, OSIdays 2010 Chennai
  • System information• The certification is independent of the operating system and a specific database• A general understanding of related technologies like HTTP or SQL is required• Questions refer to a virtual PHP system with the recommended configuration: – register_globals is Off, magic quotes are off, error reporting is set to E_ALL – errors are displayed (unless otherwise noted) Zend PHP5 Certification, OSIdays 2010 Chennai
  • About this session• We will give overview of all 12 topic areas• Major session focus is on some complex questions and how to deal with them• Obviously there is not enough time to cover every detail• But there is enough time to give bird’s eye view and briefly describe what is required for passing the exam Zend PHP5 Certification, OSIdays 2010 Chennai
  • The topic areas• PHP Basics • Web Features• Functions • PHP 4/5 Differences• Arrays • Files, Streams, Network• OOP • XML and Web Services• Strings and Regular • Database Expressions • Security• Design and Theory Zend PHP5 Certification, OSIdays 2010 Chennai
  • Embedding PHPThere are several options to embed PHP code in anHTML document<?php<?<%<script language="php"><?=Do all of these work well in any of the environments? Zend PHP5 Certification, OSIdays 2010 Chennai
  • QuizWhat is the output for the following code?<?php $a=10; ?><?php=$a?>a)Fatal errorb)Parser errorc)Warningd)Noticee)10 Zend PHP5 Certification, OSIdays 2010 Chennai
  • Basic PHP ElementsVariable (case-sensitive)${‘foo’}Variable Variables$bar = “My Value”;$foo = “bar”;$$foo;Constantsdefine(myPHPVER2, 5.1.0, true); //case insensitiveCan we undefine a contstant? Zend PHP5 Certification, OSIdays 2010 Chennai
  • QuizWhat is the output of the following code?echo strlen(‘anb’) * strlen(“anb”);Is the following statement correct?${"function(){ this is a truely awful name for a variable }"}Is there any difference between echo() and print()? Zend PHP5 Certification, OSIdays 2010 Chennai
  • Bitwise OperatorsLeft shift: <<o Multiply by 2, x times (x is the operand after <<)o 3 << 4 == 48 (3 * 2^4 = 3 * 16)Right shift: >>o Divide by 2, x times (x is the operand after <<)o 4 >> 2 == 1 (4 / 2^2 = 4 / 4)• Negate bits: ~ Turns 0s into 1s, 1s into 0s Zend PHP5 Certification, OSIdays 2010 Chennai
  • QuizWhat is the output of the following code?<?php$a = 12;Echo ++$a + $a++ +$a;?> Zend PHP5 Certification, OSIdays 2010 Chennai
  • Quizclass test{ public function abc() { global $x; $x = 15; echo "In ABC -".$x; } public function pqr() { echo " In PQR -".$x; //Notice x is undefined. }}$testObj = new test();$testObj->abc();$testObj->pqr();echo " Out ".$x;*/ Zend PHP5 Certification, OSIdays 2010 Chennai
  • Quizclass test{ global $x; public function abc() { $this->x = 15; echo "In ABC -".$this->x; } public function pqr() { echo " In PQR -".$this->x; }}$testObj = new test();$testObj->abc();$testObj->pqr();echo " Out ".$x;*/ Zend PHP5 Certification, OSIdays 2010 Chennai
  • QuizWhat is the output of the following code?<?php$a = 6;echo ($a % 2) ? ($a%3) : ($a % 4);?> Zend PHP5 Certification, OSIdays 2010 Chennai
  • Declare FunctionsWith (optional) parameters and (optional) return valuefunction myFunction($p) {// do somethingreturn $p;}$x = myFunction("ABC"); //$x == "ABC"$x = myFunction(); //warning!If warning then what is the solution? Zend PHP5 Certification, OSIdays 2010 Chennai
  • Function ParametersAccessing parametersfunc_num_args(): Number of parametersfunc_get_arg(nr): Parameter number nrfunc_get_args(): All parameters as an arrayfunction addValues() {$sum = 0;for ($i = 0; $i < func_num_args(); $i++) {$sum += func_get_arg($i);}return $sum;} Zend PHP5 Certification, OSIdays 2010 Chennai
  • Variable functionsVariable functions work just like variable variablesfunction xyz() {echo "XYZ";}$d = "abc";$abc = "xyz";$$d(); // $$d() ==${"abc"}() ==$abc() ==xyz() Zend PHP5 Certification, OSIdays 2010 Chennai
  • ArraysZend PHP5 Certification, OSIdays 2010 Chennai
  • QuizWhat is the output of the following code?<?php$a = array(“1” => 10, 1=> ‘B’, “C”, 2=>’D’);echo count($a);?> Zend PHP5 Certification, OSIdays 2010 Chennai
  • QuizWhat is the output of the following code?<?php$a = array();For ($i = 0; $i < 20; $i++) { $a[$i/10] = $i;}echo count($a);?> Zend PHP5 Certification, OSIdays 2010 Chennai
  • QuizWhat is the output of the following code?<?phpecho count ( range( 5.0, 3.0, 0.25));?> Zend PHP5 Certification, OSIdays 2010 Chennai
  • Built-in function• Remember names and arguments – Commonly used array function (e.g. array_shift, in_array,is_array) – Checking for value functions – Sorting functions Zend PHP5 Certification, OSIdays 2010 Chennai
  • OOP• Class declaration• Inheritance• Interface• Abstract classes• Autoloading• Magic methods• Cloning Zend PHP5 Certification, OSIdays 2010 Chennai
  • QuizWhich of these may be declared as final?1.Class2.Method,3.Variable Zend PHP5 Certification, OSIdays 2010 Chennai
  • Converting Objects Into Strings - Quizclass myClass {function __toString() { echo ABC; }}$c = new myClass();echo $c; // ABC• Only works when directly called using echo/print Zend PHP5 Certification, OSIdays 2010 Chennai
  • AutoloadingIf a non-existing class is instantiated, PHP executes the__autoload() function, if availableParameter: Name of the missing classfunction __autoload($c) {include_once "./classes/class_$c.php";}$c = new myClass();//loads ./classes/class_myClass.php Zend PHP5 Certification, OSIdays 2010 Chennai
  • Copying Objects• Objects are always passed by reference• Cloning an object causes the object itself to be copiedinstead of passing the reference• Keyword clone$c1 = new myClass();$c2 = clone $c1;• PHP executes the special method __clone() uponcloning (if available) Zend PHP5 Certification, OSIdays 2010 Chennai
  • Serializing Objects• Serializing objects and arrays with serialize()$s = serialize(array(1, 2, 3));// $s == a:3:{i:0;i:1;i:1;i:2;i:2;i:3;}‘• De-serializing strings with unserialize()$a = unserialize(a:3:{i:0;i:1;i:1;i:2;i:2;i:3;});// $a == array(1, 2, 3)• Upon serialization, the special method __sleep() isexecuted (if available)• Upon de-serialization, the special method __wakeup() isexecuted (if available) Zend PHP5 Certification, OSIdays 2010 Chennai
  • STRINGZend PHP5 Certification, OSIdays 2010 Chennai
  • Looking For StringsThe strpos() function returns the position of the firstoccurrence – or false. strpos(haystack, needle) strpos(haystack, needle, starting offset)Pay attention to the data type of the return value!0 means that there was a match at position zeroFalse means no match was made Zend PHP5 Certification, OSIdays 2010 Chennai
  • QuizWhat is the output of the following code?<?php$url = ‘http://myDomain.com/script.php’;$pattern = ‘http://’If (strpos($url, $pattern)) { echo ‘URL Found’;} Else { echo ‘URL not found’;}?> Zend PHP5 Certification, OSIdays 2010 Chennai
  • Substringssubstr(string, start, length)Returns a substringNegative start value: Counting starts at the end of thestringWhat is the output of the following code?<?phpEcho substr(‘123456’,-4,-2);?> Zend PHP5 Certification, OSIdays 2010 Chennai
  • Comparing Strings• Operator ==: Comparison including data type conversion• Operator ===: Comparison including data type check• strcmp(): Case-sensitive comparison• strcasecmp(): Case-insensitive comparison• Return value of str*cmp(): 0 if equal Not 0 if inequal($a == $b) * strcmp($a, $a) is equal to ??? Zend PHP5 Certification, OSIdays 2010 Chennai
  • Counting Strings• Number of characters strlen(string) Do not confuse with count() (array function)!• Number of words str_word_count(string) str_word_count(strings, true) yields array with allsingle words Zend PHP5 Certification, OSIdays 2010 Chennai
  • Strings And Arrays• explode(split string, string) Converts a string into an array• implode(glue string, string) Converts an array into a stringWhat is the return value of the following code?<?phpEcho count(implode(‘.’,’3 … 2 … 1 … stillthinking!’);?> Zend PHP5 Certification, OSIdays 2010 Chennai
  • Formatted Output• printf(): Prints a formatted string• sprintf(): Returns a formatted string• vprintf(): Prints a formatted string, placeholder valuessupplied as an array• vsprintf():Returns a formatted string, placeholder valuessupplied as an array• fprintf(): Sends a formatted string to a resource Zend PHP5 Certification, OSIdays 2010 Chennai
  • Regular Expressions• A regular expression describes a pattern• Looking for patterns is more powerful than looking for(static) strings, though it comes at a cost to performance• Boundaries ^ (start of a line, though not necessarily start of the string) $ (end of a line , though not necessarily end of the string) A (start of the string) Z (end of the string) b (start or end of a word) B (not start or end of a word) Zend PHP5 Certification, OSIdays 2010 Chennai
  • Built-in character classesd (digit)D (no digit)s (whitespace)S (no whitespace)w (letter, digit, underscore)W (no letter or digit or underscore). (any character) Zend PHP5 Certification, OSIdays 2010 Chennai
  • Quantifier* (any number of times) + (any number of times, at least once) ? (0 or 1) {n} (n times) {n,} (at least n times) {,m} (at max m times) {n,m} (at least n times, at max m times) Zend PHP5 Certification, OSIdays 2010 Chennai
  • Pattern matching• preg_match(pattern, string)• Return value: Number of matches But: Search ends after the first match Therefore return value 0 or 1• Match details: third parameterpreg_match($pattern, $string, &$matches)o $matches[0]: Complete matcho $matches[1]: First submatch and so on Zend PHP5 Certification, OSIdays 2010 Chennai
  • Preg Functionspreg_match_all($pattern, $string, $matches): Returns allmatchespreg_replace(search pattern, replace pattern,string) Zend PHP5 Certification, OSIdays 2010 Chennai
  • Design and Theory Zend PHP5 Certification, OSIdays 2010 Chennai
  • Problem 1Problem: Object access to a (relational) databaseSolution: Active Record• ORM: Object-Relational Mapping Use objects during development The system in the background takes care of thecommunication with the database Typically, a row in the database would be mapped to anObjectExample in the PHP world: Doctrine, Propel Zend PHP5 Certification, OSIdays 2010 Chennai
  • Problem 2• Problem: Create complex objects in a simple way• Solution: Factory• Old code:$db = new MySQLiConnection(); //several times• Hard to migrate to another DBMS!New code:• static function factoryDB() {return new DBConnection(MySQLi);}• factoryDB() is the factory Zend PHP5 Certification, OSIdays 2010 Chennai
  • Problem 3• Problem: Architectural model for web applications• Solution: MVC• Model Encapsulates business logic and application data• View Outputs model data• Controller Controls the application flow Zend PHP5 Certification, OSIdays 2010 Chennai
  • Problem 4• Problem: Indirect access to an object• Solution: Proxy• Used with many web services implementations$s = new SOAPClient(http://example.com/xy.wsdl);$s->method();• The local object behaves like the remote object• The background implementation takes care ofcommunication, etc. Zend PHP5 Certification, OSIdays 2010 Chennai
  • Problem 5• Problem: Only one instance of an object shall be used atany time• Solution: Singletonclass SingletonPattern { static $conn = null; static function getConnection() { if ($conn == null) { SingletonPattern::$conn = factoryDB(MySQLi); } return SingletonPattern::$conn; } Zend PHP5 Certification, OSIdays 2010} Chennai
  • Web Features• Where is form data put with a GET HTTP request? * Where is form data put with a POST HTTP request?• In the following list, the elements "one" and "three" get selected.•• When submitting the form, which values will be found in $_GET or $_POST? Zend PHP5 Certification, OSIdays 2010 Chennai
  • File Uploads•* HTML element: <input type="file" />•* Required attribute in the <form> element: enctype="multipart/form-data"•* $_FILES ( Array keys are name, type, size, tmp_name, error)•* Uploads will be deleted after script execution  Copy away using copy_uploaded_file()  Move away using move_uploaded_file()  Check using is_uploaded_file()
  • Quiz• When opening a file in writing mode using FTP handler, what must be done so that file will still be written to the server in the event it previously exists? – Provide contest for fopen() using stream_context_create() – You must delete the file first before uploading a new file – Configure this behavior in php.ini using ftp.overwrite directive – Open the file using w+ mode Zend PHP5 Certification, OSIdays 2010 Chennai
  • Cookies•Cookies with PHP  Setcookie (Cookie value is encoded automatically)  Setrawcookie (Cookie value is not encoded)How many HTTP requests are required to determine, without JavaScript, whether aclient supports cookies or not?
  • PHP 4/5 Differences•New Error Level E_STRICT•Object Oriented Programming  Public, private, protected  Constructor (__construct)  Destructor (__destruct)  No assignments to $this within a class!  Clone (copy of object  $new = $old (Create reference)  == (Compare all object properties  === (Compare whether two objects are same object)
  • Quiz• To destroy one variable within PHP session, you should use which method is PHP5 – Use session_destroy() function – Use session_unset() function – Unset the variables in $_SESSION using unset – Any of the above are applicable in PHP5 Zend PHP5 Certification, OSIdays 2010 Chennai
  • Files, Streams, Network Two type of file functions  Functions that works with file resource f* () (e.g. Fopen, fclose) Functions that works file name file* () (e.g. file_get_contents)  Which of file function does not exists?  file_get_contents  file_put_contents  file_appends_contents  filesize
  • FilesWhich PHP function is (more or less) emulated by this code?
  • Files What is the name of the PHP function that reads one line out of a file? File Operations  Copy  Rename  Unlink  Rmdir Sockets  Create sockets with fsockopen
  • XML and Web ServicesXML  eXtensible Markup Language  Simple rules: Must be well-formed and valid  Universal file format  Usually a special dialect is used in the real world
  • SimpleXML "simple" access to XML data from PHP OOP access for XML data  Elements become object properties  Attributes can be accessed via associative arrays  $xml = simplexml_load_string(<?xml...);  $xml = simplexml_load_file(file.xml);  $xml = new SimpleXMLElement(<?xml...);  simplexml_import_dom() converts a DOM node into a simpleXML object
  • Quiz• The method used to create a new node to be added into an XML document using DOM is the ____________ method. Zend PHP5 Certification, OSIdays 2010 Chennai
  • Web Services Technology for machine-to-machine communication Not a new idea, but standardization led to success in the real world Based on XML Some special formats and protocols exist
  • Web Services SOAP Request and Response in XML  WSDL  Web Services Description Language  XML format that contains all information about a web service  Where  Which methods  Data Types  Return values
  • Web Service Create a Web Service  Create class with business logic  Register with Soap Server  $soap = new SoapServer(file.wsdl);  $soap->setClass({class_name});  Consume web service  $soap = new SoapClient(file.wsdl);  Call methods by $soap->{method_name} or  $soap->__soapCall(myMethod, array(Hello!));
  • Databases Save Data  efficient storage efficient access  Querying using SQL Exam is database independent!  No special SQL dialect  No special SQL functions
  • Databases Primary keys Foreign keys  Primary key from another table  Enables relational databases Create Database Insert/Updat/Delete data Sorting/Grouping Aggregation Joins
  • Databases•tab1 contains the IDs 1 to 8. tab2 contains the IDs 5 to 10.•What is the output of the following SQL query?•SELECT COUNT(*) FROM tab1 INNER JOIN tab2 ON tab1.ID <>•tab2.ID
  • Security All input (from the outside) is (potentially) evil  Filter/validate input Escape output  Trust no data from the outside!  GET/POST data  Cookies  HTTP Headers
  • Security•Is there a potential security vulnerability in this code?
  • Security XSS  Cross-Site Scripting  Injection of HTML, CSS or script code into a page  Especially dangerous: JavaScript
  • Security CSRF  Cross-Site Request Forgeries  Creates HTTP requests  Website trusts logged-in users  Attacks are usually executed via iframes or via XMLHttpRequest requests or <script>, <object>, <embed>, <img>, ...  Attacker employs user‘s browser to execute requests on the attacker‘s behalf  <img src="http://shop.xy/buy.php?item_id=123&quantity=1" />  Countermeasures  Use unique token in the form  Require re-login before "dangerous" operations
  • Security•Is there a potential security vulnerability in this code?
  • Security SQL Injection  SQL code is injected into the SQL query  Countermeasures  Prepared statements  Database specific escape functions (mysqli_real_escape_string)
  • Security Sessions Attacks  Session Hijacking  Session ID is stolen  Session Fixation User gets a "fixed" session ID (usually via an specially crafted URL)  Countermeasures  Change session ID prior to "critical" operations using session_regenerate_id()  Short session timeout  Use PHP configuration setting session.use_only_cookies
  • Security Code Injection  allow_url_fopen = Off in php.ini Another type of code injection can be done when using dynamic data in calls to  system() et al. Secure Configuration  display_errors = Off  log_errors = On  error_reporting = E_ALL error_reporting = E_ALL | E_STRICT  Secure Password  Use md5 or sha1
  • Questions?
  • Thank you for your time and Attention!! Zend PHP5 Certification, OSIdays 2010 Chennai