Object Oriented Programming | CPP | JAVA | C# | PHP

We can imagine our universe made of different objects like sun, earth, moon etc. Similarly we can imagine our car made of different objects like wheel, steering, gear etc. Same way there is object oriented programming concepts which assume everything as an object and implement a software using different objects.

Object Oriented Concepts

Before we go in detail, lets define important terms related to Object Oriented Programming.

  • Class − This is a programmer-defined data type, which includes local functions as well as local data. You can think of a class as a template for making many instances of the same kind (or class) of object.
  • Object − An individual instance of the data structure defined by a class. You define a class once and then make many objects that belong to it. Objects are also known as instance.
  • Member Variable − These are the variables defined inside a class. This data will be invisible to the outside of the class and can be accessed via member functions. These variables are called attribute of the object once an object is created.
  • Member function − These are the function defined inside a class and are used to access object data.
  • Inheritance − When a class is defined by inheriting existing function of a parent class then it is called inheritance. Here child class will inherit all or few member functions and variables of a parent class.
  • Parent class − A class that is inherited from by another class. This is also called a base class or super class.
  • Child Class − A class that inherits from another class. This is also called a subclass or derived class.
  • Polymorphism − This is an object oriented concept where same function can be used for different purposes. For example function name will remain same but it take different number of arguments and can do different task.
  • Overloading − a type of polymorphism in which some or all of operators have different implementations depending on the types of their arguments. Similarly functions can also be overloaded with different implementation.
  • Data Abstraction − Any representation of data in which the implementation details are hidden (abstracted).
  • Encapsulation − refers to a concept where we encapsulate all the data and member functions together to form an object.
  • Constructor − refers to a special type of function which will be called automatically whenever there is an object formation from a class.
  • Destructor − refers to a special type of function which will be called automatically whenever an object is deleted or goes out of scope.

Defining PHP Classes

The general form for defining a new class in PHP is as follows −

   class phpClass {
      var $var1;
      var $var2 = "constant string";
      function myfunc ($arg1, $arg2) {

Here is the description of each line −

  • The special form class, followed by the name of the class that you want to define.
  • A set of braces enclosing any number of variable declarations and function definitions.
  • Variable declarations start with the special form var, which is followed by a conventional $ variable name; they may also have an initial assignment to a constant value.
  • Function definitions look much like standalone PHP functions but are local to the class and will be used to set and access object data.


Here is an example which defines a class of Books type −

   class Books {
      /* Member variables */
      var $price;
      var $title;
      /* Member functions */
      function setPrice($par){
         $this->price = $par;
      function getPrice(){
         echo $this->price ."<br/>";
      function setTitle($par){
         $this->title = $par;
      function getTitle(){
         echo $this->title ." <br/>";

The variable $this is a special variable and it refers to the same object ie. itself.

Creating Objects in PHP

Once you defined your class, then you can create as many objects as you like of that class type. Following is an example of how to create object using newoperator.

$physics = new Books;
$maths = new Books;
$chemistry = new Books;

Here we have created three objects and these objects are independent of each other and they will have their existence separately. Next we will see how to access member function and process member variables.

Calling Member Functions

After creating your objects, you will be able to call member functions related to that object. One member function will be able to process member variable of related object only.

Following example shows how to set title and prices for the three books by calling member functions.

$physics->setTitle( "Physics for High School" );
$chemistry->setTitle( "Advanced Chemistry" );
$maths->setTitle( "Algebra" );

$physics->setPrice( 10 );
$chemistry->setPrice( 15 );
$maths->setPrice( 7 );

Now you call another member functions to get the values set by in above example −


This will produce the following result −

Physics for High School
Advanced Chemistry

Constructor Functions

Constructor Functions are special type of functions which are called automatically whenever an object is created. So we take full advantage of this behaviour, by initializing many things through constructor functions.

PHP provides a special function called __construct() to define a constructor. You can pass as many as arguments you like into the constructor function.

Following example will create one constructor for Books class and it will initialize price and title for the book at the time of object creation.

function __construct( $par1, $par2 ) {
   $this->title = $par1;
   $this->price = $par2;

Now we don’t need to call set function separately to set price and title. We can initialize these two member variables at the time of object creation only. Check following example below −

$physics = new Books( "Physics for High School", 10 );
$maths = new Books ( "Advanced Chemistry", 15 );
$chemistry = new Books ("Algebra", 7 );

/* Get those set values */


This will produce the following result −

  Physics for High School
  Advanced Chemistry


Like a constructor function you can define a destructor function using function __destruct(). You can release all the resources with-in a destructor.


PHP class definitions can optionally inherit from a parent class definition by using the extends clause. The syntax is as follows −

class Child extends Parent {
   <definition body>

The effect of inheritance is that the child class (or subclass or derived class) has the following characteristics −

  • Automatically has all the member variable declarations of the parent class.
  • Automatically has all the same member functions as the parent, which (by default) will work the same way as those functions do in the parent.

Following example inherit Books class and adds more functionality based on the requirement.

class Novel extends Books {
   var $publisher;
   function setPublisher($par){
      $this->publisher = $par;
   function getPublisher(){
      echo $this->publisher. "<br />";

Now apart from inherited functions, class Novel keeps two additional member functions.

Function Overriding

Function definitions in child classes override definitions with the same name in parent classes. In a child class, we can modify the definition of a function inherited from parent class.

In the following example getPrice and getTitle functions are overridden to return some values.

function getPrice() {
   echo $this->price . "<br/>";
   return $this->price;
function getTitle(){
   echo $this->title . "<br/>";
   return $this->title;

Public Members

Unless you specify otherwise, properties and methods of a class are public. That is to say, they may be accessed in three possible situations −

  • From outside the class in which it is declared
  • From within the class in which it is declared
  • From within another class that implements the class in which it is declared

Till now we have seen all members as public members. If you wish to limit the accessibility of the members of a class then you define class members as private or protected.

Private members

By designating a member private, you limit its accessibility to the class in which it is declared. The private member cannot be referred to from classes that inherit the class in which it is declared and cannot be accessed from outside the class.

A class member can be made private by using private keyword infront of the member.

class MyClass {
   private $car = "skoda";
   $driver = "SRK";
   function __construct($par) {
      // Statements here run every time
      // an instance of the class
      // is created.
   function myPublicFunction() {
      return("I'm visible!");
   private function myPrivateFunction() {
      return("I'm  not visible outside!");

When MyClass class is inherited by another class using extends, myPublicFunction() will be visible, as will $driver. The extending class will not have any awareness of or access to myPrivateFunction and $car, because they are declared private.

Protected members

A protected property or method is accessible in the class in which it is declared, as well as in classes that extend that class. Protected members are not available outside of those two kinds of classes. A class member can be made protected by using protected keyword in front of the member.

Here is different version of MyClass −

class MyClass {
   protected $car = "skoda";
   $driver = "SRK";

   function __construct($par) {
      // Statements here run every time
      // an instance of the class
      // is created.
   function myPublicFunction() {
      return("I'm visible!");
   protected function myPrivateFunction() {
      return("I'm  visible in child class!");


Interfaces are defined to provide a common function names to the implementers. Different implementors can implement those interfaces according to their requirements. You can say, interfaces are skeletons which are implemented by developers.

As of PHP5, it is possible to define an interface, like this −

interface Mail {
   public function sendMail();

Then, if another class implemented that interface, like this −

class Report implements Mail {
   // sendMail() Definition goes here


A constant is somewhat like a variable, in that it holds a value, but is really more like a function because a constant is immutable. Once you declare a constant, it does not change.

Declaring one constant is easy, as is done in this version of MyClass −

class MyClass {
   const requiredMargin = 1.7;
   function __construct($incomingValue) {
      // Statements here run every time
      // an instance of the class
      // is created.

In this class, requiredMargin is a constant. It is declared with the keyword const, and under no circumstances can it be changed to anything other than 1.7. Note that the constant’s name does not have a leading $, as variable names do.

Abstract Classes

An abstract class is one that cannot be instantiated, only inherited. You declare an abstract class with the keyword abstract, like this −

When inheriting from an abstract class, all methods marked abstract in the parent’s class declaration must be defined by the child; additionally, these methods must be defined with the same visibility.

abstract class MyAbstractClass {
   abstract function myAbstractFunction() {

Note that function definitions inside an abstract class must also be preceded by the keyword abstract. It is not legal to have abstract function definitions inside a non-abstract class.

Static Keyword

Declaring class members or methods as static makes them accessible without needing an instantiation of the class. A member declared as static can not be accessed with an instantiated class object (though a static method can).

Try out following example −

   class Foo {
      public static $my_static = 'foo';
      public function staticValue() {
         return self::$my_static;
   print Foo::$my_static . "\n";
   $foo = new Foo();
   print $foo->staticValue() . "\n";

Final Keyword

PHP 5 introduces the final keyword, which prevents child classes from overriding a method by prefixing the definition with final. If the class itself is being defined final then it cannot be extended.

Following example results in Fatal error: Cannot override final method BaseClass::moreTesting()


   class BaseClass {
      public function test() {
         echo "BaseClass::test() called<br>";
      final public function moreTesting() {
         echo "BaseClass::moreTesting() called<br>";
   class ChildClass extends BaseClass {
      public function moreTesting() {
         echo "ChildClass::moreTesting() called<br>";

Calling parent constructors

Instead of writing an entirely new constructor for the subclass, let’s write it by calling the parent’s constructor explicitly and then doing whatever is necessary in addition for instantiation of the subclass. Here’s a simple example −

class Name {
   var $_firstName;
   var $_lastName;
   function Name($first_name, $last_name) {
      $this->_firstName = $first_name;
      $this->_lastName = $last_name;
   function toString() {
      return($this->_lastName .", " .$this->_firstName);
class NameSub1 extends Name {
   var $_middleInitial;
   function NameSub1($first_name, $middle_initial, $last_name) {
      Name::Name($first_name, $last_name);
      $this->_middleInitial = $middle_initial;
   function toString() {
      return(Name::toString() . " " . $this->_middleInitial);

In this example, we have a parent class (Name), which has a two-argument constructor, and a subclass (NameSub1), which has a three-argument constructor. The constructor of NameSub1 functions by calling its parent constructor explicitly using the :: syntax (passing two of its arguments along) and then setting an additional field. Similarly, NameSub1 defines its non constructor toString() function in terms of the parent function that it overrides.

NOTE − A constructor can be defined with the same name as the name of a class. It is defined in above example.

how whatsapp qr code works

It uses something like below.

  1. Whatsapp web application is opened by user via web browser.
  2. Server creates a UNIQUE token (number) and embeds that number in QR-Code
  3. Whatsapp phone application reads QR-Code and decodes token.
  4. Whatsapp phone application sends information about its current user and this newly read token to whatsapp server.
  5. Whatsapp server matches token (+ phone app user information) with web browser.
  6. It automatically authenticates user and open new web page with his/her information on it.


When most of us think of the internet, we imagine day-to-day activities like watching a video, checking the news or booking a vacation online. However, under the surface lies a shadowy corner of the web where terrorists, criminals, and whistleblowers lurk.

The Deep Web has been heralded by many as the last bastion of internet privacy in an increasingly intrusive age, while others consider it one of the evilest places on the internet.


The Deep Web refers to any website that cannot be readily accessed through any conventional search engine such as Google or Yahoo! Search The reason for this is because the content has not been indexed by the search engine in question.

In layman’s terms, the Deep Web is just another ‘level’ of the internet. Residing below the “surface,” it is the deepest level of the internet.

Web Indexing Explained

Indexing is best explained through contemporary search engine Google and its robust, high-performance system of indexing. Google’s indexing methods rely largely on a process referred to as “crawling,” which is akin to a virtual spider crawling amongst the multitude of pages on a website that is readily accessed by clicked links.

A cursory scan is implemented, thus rendering the pages’ content to a format that can be sent to Google’s massive index servers, at which point the data is contextually organized and entered into a collective of algorithms that comprise the search engine.

If a website is not indexec by a search engine, it can only be accessed by navigating directly to the URL via a link or typing in the exact web address in to a web browser.


There is a wide range of people that benefit from the Deep Web’s capability to allow anonymous use and communication. Listed below are individuals or groups who have benefitted from the Deep Web in the past and whom also continue to benefit from its existence today.

  • Journalists and Whistleblowers
  • Political Protesters, and Anti-Censorship Advocacy Groups
  • Residents of Oppressive Political Regimes

Journalists and Whistleblowers

Former military, government, and corporate employees are coming together en masse to report widespread (and largely unknown) corruption within their respective fields. Working in conjunction with investigative reporters, these individuals can communicate top-secret and classified information to the media to expose corruption under a modicum of protection.

Political Protesters, and Anti-Censorship Advocacy Groups

Anonymity is of paramount importance for these figures, who utilize the Dark Web as an application to conduct communication measures safely and privately.

Residents of Oppressive Political Regimes

Citizens living in countries ruled by oppressive regimes often do not have ready access to news, information, and critically important data pertaining to the health and sustainability of society as a collective whole. The Deep Web offers members of society living under oppressive political regimes a relatively safe way to garner crucial information for their own needs, in addition to exporting it out of the country.


The hidden world of the Deep Web contains a plethora of data, information, and a wealth of possibilities, including but not limited to the following:

  1. The internal sites of major companies, associations, and trade organizations
  2. The school, college, and university intranet systems
  3. Access to online databases
  4. Password-protected websites with members-only access
  5. Paywall enshrouded pages
  6. Timed access pages such as those found on online test-taking sites
  7. Circumventing paywalls for blocked digital content
  8. An individual’s personal account for social media, email, banking, and more


What the above all have in common is that their information is not intended for public consumption. The owners of the content may go to great lengths to render the information inaccessible by ensuring it doesn’t show up in internet browser search results.

It is worth noting that the Deep Web is not always illegal and there are plenty of activities taking place that are entirely within the context of the law. Activities such as those listed below are commonplace on the Deep Web, with a membership often comprised of in-the-know internet users well-versed in accessing the Deep Web.

  • Social Media, Blogging, Text and Voice Chat
  • International tournament-style games such as Chess and Backgammon
  • Survivalist-type, end-of-world groups
  • Book clubs, fan clubs, video game clubs
  • Hidden Answers – a popular Deep Web version of Yahoo Answers
  • Public records and certificates, library system indexes
  • Communicating via encrypted use to ensure privacy and protection
  • Karaoke and Singing Competitions
  • Conspiracy theorist groups and preferred “home” bases
  • Computer and technology skills classes and courses


Known throughout the world as the Dark Net, the Dark Internet, or most commonly, the Dark Web, this corner of the internet lies within the deepest points of the internet abyss.

Accessing the Dark Web requires a certain degree of savvy internet prowess, with a required list of steps that must be taken to not only enter this enshrouded world while maintaining the utmost privacy.

How to Access The Dark Web

In an effort to maintain privacy, Dark World visitors commonly utilize specialized anonymity software such as Tor to mask their identity. Traditionally, when an internet user visits any site that exists on the world wide web, they are tracked via their Internet Protocol (IP) address.

In stark contrast, surfing the Dark Web is an entirely different matter altogether, with masking software used to render a personal computer anonymous while masking identity, location, IP address, and more.

Who Uses The Dark Web?

The Dark Web has historically been a realm that has been accessed by a small minority of internet users. Out of the billions of internet users accessing the internet on an everyday basis, Dark Web use remains around3 percent.

While usage of the Dark Web may seemingly be minuscule, the network’s individuals, businesses, and various trafficking organizations have rendered it a highly powerful force that has resulted in countless internet users desperately wanting to access the Dark Web and to ultimately become a part of its anonymous user base.

What is Available on The Dark Web?

The Dark Web remains incredibly attractive to internet users for a wide range of reasons. The enshrouded nature and complex methodology required to access this world have effectively made it a secret world, full of salacious activity, black markets, sights, and perks limited to a select few.

Listed below is a sampling of the many things to be found using Dark Web links:

Credit card numbers

Stolen credit card numbers are a big business on the Dark Web. Typically sold in bulk lots of a hundred or more, credit card numbers can be had at low prices and ready for the most illicit of uses.

Fake passports

Popular Dark Website “Fake Documents” specializes in selling top-notch replica documents from every nation in the world. A United States passport can be had for as little as 1,000dollars.


Every strain, potency, and type of Marijuana can be found on the Dark Web. Meanwhile, prices are often lower than those typically found in the “regular” market.

Traditional internet browsers such as Google can amass up to a million daily hits for “how to buy marijuana on the Deep Web,” indicating a mammoth interest in entering the hidden world.

Stolen/Hacked Accounts

On the Dark Web, it is very easy to procure stolen/hacked accounts to popular websites and services such as Netflix, Spotify, Uber, and PayPal

Commonly stolen accounts include Netflix at just one dollar, hacked Uber accounts for the purposes of evading law enforcement, Spotify accounts for pennies on the dollar, and PayPal accounts that buyers can empty out at will.

Bitcoin Lottery Tickets

Bitcoin is the singular currency used on the Dark Web and is favored by users for its anonymity. The cryptocurrency is often used for gambling and other similarly illicit activities, and bitcoins are widely used today in conjunction with a cottage industry of bitcoin lottery tickets.

Fake Coupons

Fake coupons offering savings ranging from fifty cents to substantial discounts exceeding twenty percent off are a booming business on the Dark Web. The counterfeit coupons are used at businesses such as Home Depot, Lowes, and other major companies to fraudulently obtain major discounts via seemingly legitimate bar code printing on coupons.

Recently, a magnate of the counterfeit coupon industry on the Dark Web was indicted by the Federal Government for stealing more than one million dollars via fraudulent coupons.

Fake College Degrees

Any name and any institution are for sale on the Dark Web. Whether you are interested in purchasing a degree in your name from Harvard, Yale, or Stanford, these official looking documents can be quickly and cheaply had.

Ricin and other poisons

Recently popularized by its presence on the mega-hit TV show Breaking Bad, Ricin is a deadly poison that can swiftly kill people.

Recently available for purchase at a site on the Dark Web called Black Market Reloaded, Ricin could be purchased in mass quantities.

Black Market Reloaded has since been shut down, with its operator sent to federal prison for his part in manufacturing the illicit substance.

Despite the closure of Black Market Reloaded, Ricin can still be found throughout the Dark Web along with a host of other deadly chemicals.

3D printing services

Business Insider recently reported the story of entrepreneurial-minded individuals using printing technology to create counterfeit money, card skimmer apparatuses and more. As printing technology continues to advance, many individuals are taking advantage of it by creating official-looking documents that can be used in a vast array of mediums.

A Pocket-style EMP Generator

Selling miniature, pocket-sized electromagnetic pulse generator devices are a popular market on the Dark Web in China. Capable of “frying” nearby electronic devices and rendering them dead, the applications for this tool are endless. Savvy users have gone as far as using the generator to add mass amounts of credits to slot machines at casinos and gambling halls to cheat their way to guaranteed winnings.

Murder for hire/Assassination

Murder for hire is perhaps the most famed notion associated with the Dark Web. According to reports, there are legions of contract killers available for hire hiding within the murky depths of the Dark Web.

However, there is a large collective insisting that hitmen do not truly exist on the Dark Web and that anyone foolish enough to employ the services of these types of individuals is merely setting themselves up in a trap to be arrested for conspiracy to murder.

Whether you believe in the existence of contract killers or consider it a hoax, there exists a very real community on the Dark Web with a plethora of individuals claiming they can kill for money. Whether that individual is a teenage prankster or a serious killer is a question which remains unknown.

Plastic Explosives

If Ricin and cocaine aren’t enough to quell your thirst for illicit compounds, you may be surprised to hear about the existence of authentic C4 plastic explosives available on the Dark Net in mass quantities.

Social Security Numbers

A site on the Dark Web called Black Bank offers what they call “fresh” social security numbers featuring credit scores topping out over 750 at affordable prices and with free shipping.


Drugs are a booming market on the Dark Web. Home to every drug imaginable, the Dark Web offers consumers marijuana, heroin, ecstasy, shrooms, LSD, cocaine, crack, meth and more.

Pharmaceuticals are also abundantly available with many consumers swapping up prescription meds for pennies on the dollar. Common examples include painkillers, Ritalin, Adderall, and Dextroamphetamine.


Frighteningly enough, the Dark Web features a website called the Armory where consumers can readily purchase weapons such as replica AK-47s, rocket-propelled grenade launchers, IED missiles, and more. Despite their terrifying product list, The Armory insists that it refuses to sell to terrorist groups.

SWAT-style body armor

SWAT-style body armor is in common use during military campaigns and is rarely found outside that specific application. On the Armory site, consumers can pick and choose from gun and weapons packages complete with SWAT-grade armor for the ultimate in protection.


Even Uranium Ore can allegedly be sourced on the Dark Web. For those not in the know, Uranium Ore is a chemical, that once refined, can be made into atomic material at the weapons-grade level.

Hacked Government Data

Hacked government data is a big business on the Dark Web with many consumers looking to purchase lists of thousands of emails, social security numbers, and a host of other sensitive data.

Luxury Goods Counterfeit and Replica Market

Tor Project Screenshot

The counterfeit market on the Dark Web is massive. Any replica of any brand can be found from Louis Vuitton, Christian Dior, Prada, Tag Heuer, Rolex, Gucci and far more. Consumers seeking a designer handbag, watch, or other luxury items can procure replicas for incredibly low prices.


Deep Web and Dark Web are understood by many to be interchangeable terms that both describe a host of illicit online activities. However, this is untrue and many activists have fought to stop the tandem use of the terms and to bring to light the distinct ways in which each concept exists in the online world today.

Here is a table comparing both platforms along with the surface web, which is the internet most of us use daily.

How to AccessTraditional search engineRequires password, encryption, or specialty softwareRequires Tor Project or similar to view
IncludesAll indexed web pagesAll unindexed webpagesSubset of unindexed webpages inside the deep web
SizeApproximately 4.47 billion pagesMassive, likely 4-5x larger than the Surface webA subset of the Deep Web, but unmeasurable in size
UsesEmail, social media, video, legitimate business websites, etc.Usually used for legit purposes that require anonymitySometimes used for illegal activities
Who uses it?Anyone with an internet connectionWhistleblowers, journalists, etc.Hackers, sellers & buyers of illegal merchandise
Can be browsed anonymously?No, nearly all activity can be seen by your ISP.Usually, especially if you use a VPN to access.With precautions, yes.


Popular website Gizmodo released an article this March titled “The Dark Web is Disappearing.” The author, Bryan Menegus, starts off by stating that the Dark Web is now mostly full of useless garbage and that Tor is on its way to obscurity.

He illustrates this claims via comprehensive search probes conducted by Onionscan to query a database of upwards of thirty thousand Tor sites. Onionscan’s findings showed that only a little over four thousand sites (15%) were actually online and operating.

The lack of sites has led many, including Menegus, to believe that Tor and its counterparts are on the way to obscurity, with an increasing number of users ditching the services and its many drawbacks. The idea that Tor is headed towards obscurity in stark contrast to a press release that they released just last month where they claimed they had made great strides in growth and progress.

Former Dark Web Service Giants

These opposing statements can make it impossible to accurately gauge what’s really going on. However, we can predict Tor’s possible demise by looking at the untimely disappearances of two associated services: SIGAINT and Freedom Hosting II. If these two giant companies failed and disappeared, Tor can very well be headed towards the same downward path.

The Fate of Freedom Hosting II

Freedom Hosting II’s fate was sealed when it was accused of hosting child pornography sites. An activist or activist group hacked Freedom Hosting II, and the site crashed in a short time, taking over ten thousand hosted websites with it.

The Fate of SIGAINT

SIGAINT was a player on the Dark Web as well and was considered to be among the most popular and ubiquitous dark web email servers, favored by many individuals with an array of illicit interests.

Despite its immense popularity, SIGAINT had a shoddy performance record and was intermittently available, creating widespread frustration amongst users. The lackluster performance of SIGAINT went on for months and finally culminated in a period of downtime from which it never returned. With its demise, SIGAINT took with it millions of email correspondence that has been rendered lost forever.

Since SIGAINT’s disappearance from the Dark Web, other companies have taken its place and are lauded by users for providing the kind of consistent, reliable service that SIGAINT lacked.

The tandem loss of SIGAINT and Freedom Hosting II sent waves around the Dark Web community and has led many to speculate that Tor may very well shut down its operation and be replaced with a more viable contender without the many drawbacks found in using Tor.


The Deep Web will always exist, as it is merely a “locale” within the internet that holds all the hidden content that isn’t crawled by Google and similar web search engines.

While the Dark Web is highly associated with illicit, illegal, and immoral activities, itis often more generic in nature and is loosely defined by its collective of hidden sites, accessed by various individuals, many of them with innocuous reasons such as maintaining privacy, security, and safety.

Browsing the Deep Web is now easier than ever.

The Tor web browser is one of the leading ways to access the Deep Web today. Many users are now also Tor along with VPN tunnels for heightened security and privacy.

There are also a number of Tor-style plug-ins that can be used with major web browsers. It’s worth noting that using Tor or a Tor-style plug-in is something necessary to access the deep and dark web.


Tor is software that provides individuals the ability to communicate anonymously. The name Tor is actually an acronym derived from its original namesake: “The Onion Router.” Users herald Tor browsers as the ultimate means to travel through the expansive internet anonymously.


Tor makes it difficult to track a person’s online presence and comprehensively provides a cover for the purposes of visiting websites, dark web links, making online posts, sending instant messages, and nearly all other forms of electronic communication.

As such, Tor users proclaim that their freedoms are upheld in a way that is incomparable to traditional programs with their tracking and modicum of data surveillance. It is worth noting, however, that Tor does not completely resolve anonymity issues on the net by erasing a user’s surfing footprint. Rather, it functions to reduce the possibility for various sites to track a user’s actions and send crucial information back to the inquiring parts.


Tor is used by an enormous aggregate of people and their individual interests. Below is a list of web users who may use the Tor Project online.

  • Bloggers
  • Government Agencies
  • Criminals
  • Whistleblowers
  • Journalists
  • Activists
  • Dark Web Users

Today, Tor’s user base is comprised of chatters, bloggers, social media posters, and other individuals with perfectly benign interests who wish to surf the net in a secure and wholly private fashion.

However, there is definitely a more illicit population of Tor users who use the cloaking capacities of Tor to hide their criminal and illegal endeavors and illegitimate enterprises.

Tor users aren’t simply defined by dual populations of illicit and licit users, as there are plenty of groups worth mentioning who comprise the user base. Law enforcement agencies can be regularly found on Tor, as well as “hacktivism” groups various governmental agencies, whistleblowers, and informants.

Public Perception of The Tor Project

Recently, The Tor Project sent out a press statement claiming they had a broad population of “normal users” who simply desired the privacy and cybersecurity afforded by Tor and had no inclination towards criminal or illicit activity. Clearly, this was an effort on Tor’s part to defend their services in light of burgeoning interest and awareness of Tor along with the Deep and Dark Webs.

Despite the intermittent public relations attempts thatTor finds itself having to put out, they have nevertheless enjoyed a robust user base that is consistently growing with each passing year. As of 2013, Tor had a user base of just over four million. Today, their user base is estimated at just under six million and is comprised of a wide variety of individuals with a range of interests and intents.


However, there are many drawbacks of Tor that must be fully understood before using the service.

  • Autonomous system – Also Known as Eavesdropping
  • Exit Node Eavesdropping
  • Lack of Boundary Traffic Monitoring

Autonomous system – Also Known as Eavesdropping

In the event that an autonomous system is found on dual paths via the client to entry directionality, the autonomous system can then implement statistical correlation upon the entry traffic, in addition to existing pathways.

The resulting harm is the ability to make an inference in regard to the original destination from which the user made communication. Hugely problematic for Tor users, this matter came to a head in 2012, when the Lastor group created and proposed a method of interference via statistical prediction that would remedy the issue.

Exit Node Eavesdropping

The term ‘exit node eavesdropping’ became widely known when a Swedish IT Security Consultant named Dan Egerstad informed news agencies that he had single-handedly intercepted a huge collecting of usernames and passwords for email accounts.

Egerstad accomplished this by monitoring and eavesdropping on Tor’s exit nodes. Tor is incapable of encrypting traffic via exit nodes and target servers, each and every exit node is thusin a strategic position to “capture: traffic not utilizing end-to-end style encryption SSLtechnology.

Exit node eavesdropping doesn’t pose a specific breach of anonymity; however, the intercepted traffic can reveal a wealth of information (e.g., passwords) via data from protocols and payloads.

Lack of Boundary Traffic Monitoring

Similar to most other anonymity networks, Tor does not attempt to protect the monitoring of Tor boundary traffic with respect to incoming and outgoing traffic. It is worth mentioning, however, that Tor does provide a modicum of protection against traffic exposure to data analysis, it makes no further attempt to prevent what’s referred to as end-to-end correlation, also known as traffic confirmation.

Tor’s weaknesses and drawbacks are widely known through its collective user base. Still yet, the number of Tor users surges each year, as it far and wide considered to be among the most powerful and resilient anonymity sites available online.

Tor, along with its competitor Java Anon Proxy, is heralded by users as more robust than fingerprinting procedures on websites in relation to alternative tunneling protocols and much more.

The Tor Project Today

Tor sent out a press statement in early 2017 stating that while the “free and open internet was under attack in 2017… Tor was there to fight for privacy and security every step of the way.” Adding that they had achieved amazing growth over a period of the year, Tor let its user and fan base know that they had released what they proclaimed was a next-gen onion-style service featuring high-tech algorithms along with significantly improved authentication schemes.

Tor Project Updates

Tor also indicated that they released one of the biggest updates to the Tor browser ever, which included a host of significant cybersecurity advances capable of isolating attacks on their software, thus ensuring further protections against not only Tor but also its user base.

Tor explained that this all-new process is referred to as “sandboxing,” and functions via the separation of multiple network processes from the remaining components of a user’s computer, thus thwarting any illicit attempts from others to gain IP address information, documents, files, and other data.


Today, countless internet users try to gain entry into the Deep Web and the Dark Web. Some are looking for something in particular that simply can’t be sourced on the regular internet, others are simply curious.

The Deep Web, the Dark Web, and tools such as Tor hold mass appeal due to their secretive natures. Despite their relatively recent invention, the appeal they hold is as old as time itself. It is human nature to be intrigued by that which we don’t understand or cannot easily access.

aws mysql remote access | aws phpmyadmin use as remote database

If this is the case then you can easily open up the port for the security group in a few button clicks:

1) Log into you AWS Console and go to ‘EC2’

2) On the left hand menu under ‘Network & Security’ go to ‘Security Groups’

3) Check the Security Group in question

4) Click on ‘Inbound tab’

5) Choose ‘MYSQL’ from drop down list and click ‘Add Rule’

  • START MYSQL using admin user
    • mysql -u admin-user -p (ENTER PASSWORD ON PROMPT)
  • Create a new user:
    • CREATE USER ‘newuser’@’%’ IDENTIFIED BY ‘password’; (% -> anyhost)
  • Grant Privileges:
    • GRANT SELECT,DELETE,INSERT,UPDATE ON db_name.* TO ‘newuser’@’%’;

If you are running EC2 instance don’t forget to add the inbound rules in security group with MYSQL/Aurura.

Update the mysql binding address

Edit the file /etc/mysql/my.cnf, and change the binding address to

bind-address =

then restart mysql server

sudo /etc/init.d/mysqld restart

login to MySQL:

mysql -u root -p mysql (enter password after this)

Now write following commands:

CREATE USER 'foo'@'%' IDENTIFIED BY 'your-awesome-pass';

# grant privileges to table(s)

How to keep SSH connections alive putty

How to keep SSH connections alive putty


Depending on your hardware and software configuration, you may experience SSH connectivity issues. For example, some types of firewalls may preemptively close connections after a certain amount of time has elapsed.

To work around these types of problems, you can adjust your SSH client’s settings. Follow the appropriate procedure below for your own operating system.

Windows operating systems

Microsoft Windows operating systems use the PuTTY program to establish SSH connections. If you experience connectivity issues, you can adjust PuTTY’s configuration to help keep connections alive. To do this, follow these steps:

  1. Start PuTTY.
  2. Load your connection session.
  3. In the Category pane, click Connection.
  4. Under Sending of null packets to keep session active, in the Seconds between keepalives, type 240.
    With this configuration, PuTTY sends a packet to the server every 240 seconds (4 minutes) to keep the connection alive.
  5. In the Category pane, click Session.
  6. Click Save.
  7. Connect to your account and monitor the connection. If it stil drops, gradually decrease the keepalive interval until the connection is stable.
Linux and Mac OS X operating systems

On Linux and Apple Mac OS X operating systems, the ~/.ssh/config file enables you to specify many SSH settings, including those that keep alive an SSH connection. To do this, follow these steps:

  1. Use your preferred text editor to open the ~/.ssh/config file on your local computer.
    If the .ssh directory or the config file do not exist, create them.
  2. Add the following lines to the config file. The Host value can be any name you want; it is simply a label for the other settings. The Hostname value is the remote host you want to access; replace example.com with your domain name. Replace usernamewith your own A2 Hosting account username:
    Host example
        Hostname example.com
        Port 7822
        User username
        ServerAliveInterval 240
        ServerAliveCountMax 2

    • With this configuration, the SSH client sends a packet to the server every 240 seconds (4 minutes) to keep the connection alive. If the client does not receive a response after two tries (as specified by the ServerAliveCountMax setting), it closes the connection.
    • For detailed information about all of the SSH configuration settings available, type man ssh_config at the command line.
  3. Save the changes to the config file.
  4. Connect to your account using SSH. To do this, simply type ssh example where example represents the Host value you specified in step 2.
  5. Monitor the connection. If it still drops, gradually decrease the ServerAliveIntervalsetting in the config file until the connection is stable.

Default .htaccess file for WordPress?

Default .htaccess file for WordPress?

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

How to host a Node.Js application in shared hosting

How to host a Node.Js application in shared hosting

In short you first install NVM, then you install the Node version of your choice with NVM.

wget -qO- https://cdn.rawgit.com/creationix/nvm/master/install.sh | bash

Your restart your shell (close and reopen your sessions). Then you

nvm install stable

to install the latest stable version for example. You can install any version of your choice. Check node --version for the node version you are currently using and nvm list to see what you’ve installed.

In bonus you can switch version very easily (nvm use <version>)

What’s the version of my OS?



What’s my OS?

What’s an OS?
OS is an abbreviation for the word Operating System. An Operating System is the software that tells a computer how to operate. It controls hardware, executes programs, manages tasks and resources, and provides the user with an interface to the computer.
What’s the version of my OS?


  • Windows 10 or Windows Server 2016 – Go to Start, enter About your PC, and then select About your PC. Look under PC for Edition to find out your version and edition of Windows.
  • Windows 8.1 or Windows Server 2012 R2 – Swipe in from the right edge of the screen, tap Settings, and then tap Change PC settings. (If you’re using a mouse, point to the lower-right corner of the screen, move the mouse pointer up, click Settings, and then click Change PC settings.). Next, Tap or click PC and devices, and then tap or click PC info. Look under Windows for the version and edition.
  • Windows 8 or Windows Server 2012 – On the Start screen, type Computer, press and hold or right-click Computer, and then tap or click Properties. Then look under Windows edition for the version.
  • Windows 7 and Windows Server 2008 R2 – Click Start or the Windows logo right click Computer then click Properties. Look in System.
  • Windows Vista and Windows Server 2008 – Click Start or the Windows logo depending on what you have then click Control Panel->System and Maintenance->System.You could also try Clicking Start or the Windows logo then if you have a “Start Seach” field type winver then Double-click winver.exe from the results. If you had a run box instead of search just click Run type winver click OK.
  • Windows NT, Windows 2000, Windows XP and Windows Server 2003 – Click Start -> RunType winver then click OK. You could also try typing msinfo32 or sysdm.cpl or winmsd if you like. Lastly you might try typing dxdiag. Windows might prompt you to verify drivers click No.
  • Windows 95/98/ME – Click Start-> Settings->Control Panel double-click System click General tab. Locate version number under system heading. Click here for chart to match version number to release.
  • Windows CE – Click StartSettings Control Panelclick the System applet. If that does not work you might just have to look in the General Tab or somewhere in the System Tab.You can also find out if your computer is running a 32-bit or 64-bit version of Windows in the same areas listed above.


  • OS X (Mac OS X) – Click the Apple menu at the top of your screen then click About this Mac. To get more detailed information after that click More Info -> Software. Note: Apple has changed the name of it’s OS to OS X from Mac OS X.
  • iOS (iPhoneOS) – On your iPhone touch Settings -> General -> About. Look under version. Note: Apple has changed the name of it’s OS to iOS from iPhoneOS.


  • Open a terminal program (get to a command prompt) and type uname -a. This will give you your kernel version, but might not mention the distribution your running. To find out what distribution of linux your running (Ex. Ubuntu) try lsb_release -a or cat /etc/*release or cat /etc/issue* or cat /proc/version.


  • Open a terminal program (get to a command prompt) and type uname -a. This will tell you the version (release) and type of BSD your running.

Android Phone

  • Go to the Home Screen (push the home button or just keep pressing the left facing triangle (back button)). Then push the Applications button (looks like little squares or like 3 colons :::). Find and touch the Settings icon. Scroll to the bottom of the list. then touch About Phone. Look for lines that say Firmware version or Android version.

Blackberry (RIM OS)

  • Go to the Options menu and choose About. If that does not work try the Tools icon then click on Settings then About.

Solaris (SunOS)

  • Open a terminal program (get to a command prompt) and type uname -a or for lots of info (on newer Solaris machines) type showrev -a.


  • Open a terminal program (get to a command prompt) and type oslevel -r or uname -a or lslpp -h bos.rte.

IOS (Cisco)

  • On the command line in enabled mode (enable) type show version.

XOS (Extreme Networks)

  • On the command line at an administrator privilege level type show version.

IronWare OS (Foundry)

  • On the command line at an administrator privilege level type show version. For more Foundry commands look here.
Do I have a 32-bit or 64-bit OS?


  • Follow the instructions above in the What’s the version of my OS? section to find out if your OS is 32-bit or 64-bit. The page with the version info usually has something that says if it is 32-bit or 64-bit. Only Windows XP and later could possibly be 64-bit. If you don’t see something that says “64-bit” somewhere on the version page, it is likely you have a 32-bit version of Windows. Also, more info here or here.


  • Mac OS X – Click About this Mac from the Apple menu at the top of your screen. Then click More Info -> Software.Mac OS X 10.5 (or greater) can run 64-bit applications. Any processor that says: Intel Core 2 Duo, Intel Xeon, or PowerPC G5 are 64-bit processors. All currently shipping Macs ship with OS X and a 64-bit processor. 10.6 still boots a 32-bit kernel by default. It’s possible to boot at 64-bit kernel. Read all about it here.


  • Open a command prompt and type uname -a. If you see x86_64 or ia64 then your OS is 64-bit. If you see i386 or i486 or i586 or i686 then your OS is 32-bit.


  • Open a command prompt and type uname -a. If you see amd64 then you are running a 64-bit OS. If you see i386 your running a 32-bit OS.

Solaris (SunOS)

  • Open a command prompt and type isainfo -v. This will show you if your OS is capable of running 32-bit and 64-bit applications. If that does not work you can try typing uname -a. This will show you the version of Solaris your using. All versions after 5.7 are 64-bit compliant.Sun’s platforms transitioned to 64-bit over a period of time, which makes identifying the platform for 64-bit compliance tricky.


  • Open a command prompt and type getconf -a | grep KERN. If that does not work try bootinfo -K. Also, try looking at some libraries by typing file /usr/lib/boot/unix*. If you see mention of 64-bit then the OS is 64-bit capable.
How do you know what my OS is?
Black magic. Just kidding. When you visit a site with your web browser it sends a little nugget of information to that site called a “User Agent”. The user agent has a few minor pieces of information about your browser, platform, and OS version. Using this information a guess can be made about what Operating System your using.


Why is it a guess? The user agent your browser sends to the website can be changed very easily. It’s not to be trusted in any way, shape, or form as the truth, but most people generally use browsers who’s user agents have not been changed.

Why is it only generally? Sometimes the people that provide your internet access will modify this user agent so the website can not tell what your browser is or will set the user agent to a general browser type so the site will render the same for everyone. This is not the norm so don’t fret to much.

Why does the site not display my OS version or displays the wrong version?
Most browsers do not put the version number of the OS in the user agent string but some do. Apple products are a good example. The browsers that put OS version information in the user agent string are usually the browsers come with the OS or are created (compiled) by the vendor. The vendors built-in browser will provide the most information to this site for it to render the most accurate guess. For example Apple’s built-in browser Safari provides the full version of the OS in the user agent string, but Firefox on the same Apple computer only provdes a portion of the version number.
Why does it say my OS is “Unknown”?
First, read the section called “How do you know what my OS is?”. Now that you know how we go about guessing your OS you might have an idea on why we can’t. The most likely answer is that there might not be enough information in your user agent string to render a good guess or since the user agent is so easily changed yours could have been changed to something that is not normal or is so obscure that a guess could not even be rendered. It’s a good chance it’s nothing you did so don’t worry. Go through the “What’s the version of my OS” section above and see if you notice anything mentioned there. It’s likely you have an idea what OS your using your just not sure.
Why did the site guess my OS incorrectly?
Guessing an Operating System by just using a user agent is not as easy as it looks. There are so many little differences between each one. Words are not always in the same spot. Some things are spelled differently. The list goes on and on. This site is constantly being monitored, updated, and tweaked to fix errors. If it got your OS incorrect one day come back later and it might be correct in the future. If your OS was guessed incorrectly submit your user agent and your correct os to os at whatsmyos.com. It will be looked into and if possible fixed.
What is up with the “or possibly Windows Server…” in some of the windows lines?
Microsoft decided that they would share OS version numbers between desktop and server releases of their Operating Systems. That means the server and desktop user agents look almost exactly the same. It is possible that you are using a server version of Windows, but very unlikely if you are just a regular home user. Usually if your running Windows server you know it. Use the ways above to help you verify your Windows version.
What does my user agent look like?
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36

25 PHP Interview Questions and Answers You Should Know

25 PHP Interview Questions and Answers You Should Know

PHP Interview Question #1

What’s the difference between the include() and require()functions?

They both include a specific file but on require the process exits with a fatal error if the file can’t be included, while include statement may still pass and jump to the next step in the execution.

PHP Interview Question #2

How can we get the IP address of the client?

This question might show you how playful and creative the candidate is because there are many options. $_SERVER["REMOTE_ADDR"]; is the easiest solution, but the candidate can write x line scripts for this question.

PHP Interview Question #3

What’s the difference between unset() and unlink()

unset() sets a variable to “undefined” while unlink() deletes a file we pass to it from the file system.

PHP Interview Question #4

What is the output of the following code:

$a = '1';
$b = &$a;
$b = "2$b";
echo $a.", ".$b;

PHP Interview Question #5

What are the main error types in PHP and how do they differ?

In PHP there are three main type of errors:

  • Notices – Simple, non-critical errors that are occurred during the script execution. An example of a Notice would be accessing an undefined variable.
  • Warnings – more important errors than Notices, however the scripts continue the execution. An example would be include() a file that does not exist.
  • Fatal – this type of error causes a termination of the script execution when it occurs. An example of a Fatal error would be accessing a property of a non-existent object or require() a non-existent file.

Understanding the error types is very important as they help developers understand what is going on during the development, and what to look out for during debugging.

PHP Interview Question #6

What is the difference between GET and POST?

  • GET displays the submitted data as part of the URL, during POST this information is not shown as it’s encoded in the request.
  • GET can handle a maximum of 2048 characters, POST has no such restrictions.
  • GET allows only ASCII data, POST has no restrictions, binary data are also allowed.
  • Normally GET is used to retrieve data while POST to insert and update.

Understanding the fundamentals of the HTTP protocol is very important to have for a PHP developer, and the differences between GET and POST are an essential part of it.

PHP Interview Question #7

How can you enable error reporting in PHP?

Check if “display_errors” is equal “on” in the php.ini or declare “ini_set('display_errors', 1)” in your script.
Then, include “error_reporting(E_ALL)” in your code to display all types of error messages during the script execution.

Enabling error messages is very important especially during the debugging process as one can instantly get the exact line that is producing the error and can see also if the script in general is behaving correctly.

PHP Interview Question #8

What are Traits?

Traits are a mechanism that allows you to create reusable code in languages like PHP where multiple inheritance is not supported. A Trait cannot be instantiated on its own.

It’s important that a developer knows the powerful features of the language (s)he is working on, and Trait is one of such features.

PHP Interview Question #9

Can the value of a constant change during the script’s execution?

No, the value of a constant cannot be changed once it’s declared during the PHP execution.

PHP Interview Question #10

Can you extend a Final defined class?

No, you cannot extend a Final defined class. A Final class or method declaration prevents child class or method overriding.

PHP Interview Question #11

What are the __construct() and __destruct() methods in a PHP class?

All objects in PHP have Constructor and Destructor methods built-in. The Constructor method is called immediately after a new instance of the class is being created, and it’s used to initialize class properties. The Destructor method takes no parameters.

Understanding these two in PHP means that the candidate knows the very basics of OOP in PHP.

PHP Interview Question #12

How we can get the number of elements in an array?

The count() function is used to return the number of elements in an array.

Understanding of arrays and array related helper functions is important for any PHP developer.

PHP Interview Question #13

How would you declare a function that receives one parameter name hello?
If hello is true, then the function must print hello, but if the function doesn’t receive hello or hello is false the function must print bye.

function showMessage($hello=false){
  echo ($hello)?'hello':'bye';

In this question, you can evaluate if the developer knows how to declare a function and how they would manage the fact of the parameter can or cannot be on the function call. You can also evaluate if the developer knows the if syntax and how to print text(echo function).

PHP Interview Question #14

The value of the variable input is a string 1,2,3,4,5,6,7. How would you get the sum of the integers contained inside input?

echo array_sum(explode(',',$input));

The explode function is one of the most used functions in PHP, so it’s important to know if the developer knows this function. There is no unique answer to this question, but the answer must be similar to this one.

PHP Interview Question #15

Suppose you receive a form submitted by a post to subscribe to a newsletter. This form has only one field, an input text field named email. How would you validate whether the field is empty? Print a message "The email cannot be empty" in this case.

  echo "The email cannot be empty";

In this question, the candidate should be evaluated on his/her knowledge about forms management and validation. There is not unique answer for this question, but it must be similar to this one.

PHP Interview Question #15

Suppose that you have to implement a class named Dragonball. This class must have an attribute named ballCount (which starts from 0) and a method iFoundaBall. When iFoundaBall is called, ballCount is increased by one. If the value of ballCount is equal to seven, then the message You can ask your wish is printed, and ballCount is reset to 0. How would you implement this class?

class dragonBall{
  private $ballCount;

  public function __construct(){

  public function iFoundaBall(){
      echo "You can ask for your wish.";

This question will evaluate a candidate’s knowledge about OOP.

PHP Interview Question #16

What are the 3 scope levels available in PHP and how would you define them?

Private – Visible only in its own class
Public – Visible to any other code accessing the class
Protected – Visible only to classes parent(s) and classes that extend the current class

This is important for any PHP developer to know because it shows an understanding that building applications is more than just being able to write code. One must also have an understanding about privileges and accessibility of that code. There are times protected variables or methods are extremely important, and an understanding of scope is needed to protect the integrity of the data in your application along with provide a clear path through the code.

PHP Interview Question #17

What are getters and setters and why are they important?

Getters and setters are methods used to declare or obtain the values of variables, usually private ones. They are important because it allows for a central location that is able to handle data prior to declaring it or returning it to the developer. Within a getter or setter one is able to consistently handle data that will eventually be passed into a variable or additional functions. An example of this would be a user’s name. If a setter is not being used and the developer is just declaring the $userName variable by hand, you could end up with results as such: "kevin""KEVIN""KeViN""", etc. With a setter, the developer can not only adjust the value, for example, ucfirst($userName), but can also handle situations where the data is not valid such as the example where "" is passed. The same applies to a getter – when the data is being returned, it can be modifyed the results to include strtoupper($userName) for proper formatting further up the chain.

This is important for any developer who is looking to enter a team-based / application development job to know. Getters and setters are often used when dealing with objects, especially ones that will end up in a database or other storage medium. Because PHP is commonly used to build web applications, developers will run across getters and setters in more advanced environments. They are extremely powerful yet not talked about very much. It is impressive if a developer shows that he/she knows what they are and how to use them early on.

PHP Interview Question #18

What does MVC stand for and what does each component do?

MVC stands for Model View Controller.
The controller handles data passed to it by the view and also passes data to the view. It’s responsible for interpretation of the data sent by the view and dispersing that data to the appropriate models awaiting results to pass back to the view. Very little, if any business logic should be occurring in the controller.

The model’s job is to handle specific tasks related to a specific area of the application or functionality. Models will communicate directly with your database or other storage system and will handle business logic related to the results.

The view is passed data by the controller and is displayed to the user.

Overall, this question is worth knowing as the MVC design pattern has been used a lot in the last few years and is a very good design pattern to know. Even with more advanced flows that go down to repositories and entities, they still are following the same basic idea for the Controller and View. The Model is typically just split out into multiple components to handle specific tasks related to database data, business logic etc. The MVC design pattern helps draw a better understanding of what is being used, as a whole, in the industry.

PHP Interview Question #19

How does one prevent the following Warning ‘Warning: Cannot modify header information – headers already sent’ and why does it occur in the first place?

The candidate should not output anything to the browser before using code that modifies the HTTP headers. Once the developer calls echoor any other code that clears the buffer, the developer can no longer set cookies or headers. That is also true for error messages, so if an error happens before using the header command and the INI directive display_errors is set, then that will also cause that error to show.

PHP Interview Question #20

What are SQL Injections, how do you prevent them and what are the best practices?

SQL injections are a method to alter a query in a SQL statement send to the database server. That modified query then might leak information like username/password combinations and can help the intruder to further compromise the server.

To prevent SQL injections, one should always check & escape all user input. In PHP, this is easily forgotten due to the easy access to $_GET & $_POST, and is often forgotten by inexperienced developers. But there are also many other ways that users can manipulate variables used in a SQL query through cookies or even uploaded files (filenames). The only real protection is to use prepared statements everywhere consistently.

Do not use any of the mysql_* functions which have been deprecated since PHP 5.5 ,but rather use PDO, as it allows you to use other servers than MySQL out of the box. mysqli_* are still an option, but there is no real reason nowadays not to use PDO, ODBC or DBA to get real abstraction. Ideally you want to use Doctrine or Propel to get rid of writing SQL queries all together and use object-relational mapping which binds rows from the database to objects in the application.

PHP Interview Question #21

What does the following code output?

$i = 016;
echo $i / 2;

The Output should be 7. The leading zero indicates an octal number in PHP, so the number evaluates to the decimal number 14 instead to decimal 16.

PHP Interview Question #22

Why would you use === instead of ==?

If you would want to check for a certain type, like an integer or boolean, the === will do that exactly like one would expect from a strongly typed language, while == would convert the data temporarily and try to match both operand’s types. The identity operator (===) also performs better as a result of not having to deal with type conversion. Especially when checking variables for true/false, one should avoid using == as this would also take into account 0/1 or other similar representation.

PHP Interview Question #23

What are PSRs? Choose 1 and briefly describe it.

PSRs are PHP Standards Recommendations that aim at standardising common aspects of PHP Development.

An example of a PSR is PSR-2, which is a coding style guide. More info on PSR-2.

PHP Interview Question #24

What PSR Standards do you follow? Why would you follow a PSR standard?

One should folow a PSR because coding standards often vary between developers and companies. This can cause issues when reviewing or fixing another developer’s code and finding a code structure that is different from yours. A PSR standard can help streamline the expectations of how the code should look, thus cutting down confusion and in some cases, syntax errors.

PHP Interview Question #25

Do you use Composer? If yes, what benefits have you found in it?

Using Composer is a tool for dependency management. The candidate can declare the libraries your product relies on and Composer will manage the installation and updating of the libraries. The benefit is a consistent way of managing the libraries depended on so less time is spent managing the libraries.