What is the difference between double quotes and single quotes?
Key exam questions, almost every interview will be tested
Double quotes explain variables, single quotes do not explain variables
Insert single quotation marks in double quotation marks. If there are variables in single quotation marks, the variables will be explained
Double-quoted variable names must be followed by a special character other than numbers, letters, or underscores, or use {} to surround the variable, otherwise the part after the variable name will be treated as a whole, causing grammatical errors
Double quotes explain escape characters, single quotes do not explain escape characters, but explain'\ and \\
Use single quotation marks as much as possible for single quotation marks. Single quotation marks are more efficient than double quotation marks (because double quotation marks need to be traversed first to determine whether there are variables in them, and then perform operations, while single quotation marks do not need to be judged)
The difference between POST, GET, PUT, and DELETE in HTTP
HTTP defines different methods of interacting with the server. The most basic ones are POST, GET, PUT, and DELETE. Rather than the indispensable full name of the URL is the resource descriptor, we can understand it like this: URL describes a resource on the network, and Post, get, put, and delete are the operations of adding, deleting, modifying, and checking this resource!
The difference between get and post submission methods in the form
Get is to add the parameter data queue to the URL pointed to by the action attribute of the submitted form, and the value corresponds to each field in the form one-to-one, which can be seen from the URL; post uses the HTTPPOST mechanism to prevent each field in the form from its content. In the head of the HTML, the URL address pointed to by the action attribute is sent together, and the user cannot see this process.
For the get method, the server side uses Request.QueryString to get the value of the variable. For the post method, the server side uses Request.Form to get the submitted data.
The amount of data transmitted by get is small, and the amount of data transmitted by post is large. Generally, it is not limited by default, but in theory, the maximum amount is 80kb in IIS4 and 1000k in IIS5. The security of get is very low, and the security of post is relatively low. high
A GET request will send a request for data to the database to obtain information. The request is just like the select operation of the database. It is only used to query the data. It will not modify or increase the data, and will not affect the content of the resource, that is, the request There are no side effects. No matter how many operations are performed, the result is the same.
Unlike GET, the PUT request sends data to the server to change the information. The request is like the update operation of the database. It is used to modify the content of the data, but it does not increase the type of data, which means that no matter what How many PUT operations are performed, and the results are not different.
A POST request is similar to a PUT request in that both send data to the server, but the request will change the type of data and other resources, just like the insert operation of the database, it will create new content. Almost all submission operations currently use POST requests.
The DELETE request, as the name implies, is used to delete a certain resource. The request is like the delete operation of the database.
The difference between echo, print_r, print, var_dump
* Echo and print are php statements, var_dump and print_r are functions
* Echo outputs one or more strings separated by commas. No return value is a language structure rather than a real function, so it cannot be used as part of an expression
* print is also a keyword of php. It can only print out the value of simple type variables (such as int, string) if there is a return value. If the string is displayed successfully, it will return true, otherwise it will return false. * print_r can print out the value of complex type variables. (Such as arrays, objects) are displayed in the form of a list, and start with array, object, but the results of print_r output boolean and NULL are meaningless, because they print "\n", so var_dump() function is more suitable for debugging
* var_dump() judges the type and length of a variable, and outputs the value of the variable
What is the difference between the statement include and require? To avoid including the same file multiple times, you can use (?) statements instead of them
Require is included unconditionally, that is, if require is added to a process, the require will be executed first regardless of whether the condition is met or not. When the file does not exist or cannot be opened, an error will be prompted and the program execution will be terminated.
Include has a return value, but require does not (maybe because require is faster than include). If the included file does not exist, an error will be prompted, but the program will continue to execute
注意:包含文件不存在或者语法错误的时候require是致命的,而include不是
require_once表示了只包含一次,避免了重复包含
说明php中传值与传引用的区别,并说明传值什么时候传引用?
变量默认总是传值赋值,那也就是说,当将一个表达式的值赋予一个变量时,整个表达式的值被赋值到目标变量,这意味着:当一个变量的赋予另外一个变量时,改变其中一个变量的值,将不会影响到另外一个变量
php也提供了另外一种方式给变量赋值:引用赋值。这意味着新的变量简单的引用(换言之,成为了其别名或者指向)了原始变量。改动的新的变量将影响到原始变量,反之亦然。使用引用赋值,简单地将一个&符号加到将要赋值的变量前(源变量)
对象默认是传引用
对于较大是的数据,传引用比较好,这样可以节省内存的开销
isset、empty、is_null的区别
isset 判断变量是否定义或者是否为空
1 2 3 |
变量存在返回ture,否则返回false 变量定义不赋值返回false unset一个变量,返回false 变量赋值为null,返回false |
empty:判断变量的值是否为空,能转换为false的都是空,为空返回true,反之返回false。
1 2 |
"",0,"0",NULL,FALSE都认为为空,返回true 没有任何属性的对象都认为是空 |
is_null:检测传入的值(值、变量、表达式)是否为null
1 2 |
定义了,但是赋值为Null 定义了,但是没有赋值 unset一个变量 |
防止SQL注入的方式:
开启配置文件中的magic_quotes_gpc 和 magic_quotes_runtime设置
执行sql语句时使用addslashes进行sql语句转换
Sql语句书写尽量不要省略双引号和单引号。
过滤掉sql语句中的一些关键词:update、insert、delete、select、 * 。
提高数据库表和字段的命名技巧,对一些重要的字段根据程序的特点命名,取不易被猜到的。
Php配置文件中设置register_globals为off,关闭全局变量注册
控制错误信息,不要在浏览器上输出错误信息,将错误信息写到日志文件中。
框架中什么是单一入口和多入口 , 单一入口的优缺点?
多口就是通过访问不同的文件来完成用户请求。单一入口只 web 程序所有的请求都指向一个脚本文件的。
单一入口更容易控制权限,方便对 http 请求可以进行安全性检查。
缺点:URL 看起来不那么美观,特别是对搜索引擎来说不友好。
什么是静态路由,其特点是什么?什么是动态路由,其特点是什么?
静态路由是由系统管理员设计与构建的路由表规定的路由。适用于网关数量有限的场 合,且网络拓朴结构不经常变化的网络。其缺点是不能动态地适用网络状况的变化,当 网络状况变化后必须由网络管理员修改路由表。
动态路由是由路由选择协议而动态构建的,路由协议之间通过交换各自所拥有的路由信 息实时更新路由表的内容。动态路由可以自动学习网络的拓朴结构,并更新路由表。其 缺点是路由广播更新信息将占据大量的网络带宽。