PHP interviews blend language fundamentals, web mechanics, security, and framework awareness (often Laravel). Practice concise answers with trade-offs—not trivia lists.
Core topics to rehearse
- Request lifecycle, superglobals, GET vs POST
- Sessions, cookies, headers, PRG redirect pattern
- OOP: visibility, interfaces, traits, type hints
- PDO, prepared statements, SQL injection prevention
- XSS, CSRF, password_hash, escaping output
- Composer, PSR-4, autoloading, namespaces
- PHP 8+ features: named args, match, union types, attributes
Sample questions
- Q: How does PHP differ from Node in deployment?
A: Traditional model is request-per-process with OPcache; Node event loop is long-lived—both can run behind Nginx, but scaling and state patterns differ. - Q: == vs ===?
A: Strict comparison avoids type coercion surprises—use === in almost all application code. - Q: How do you structure a small app without a framework?
A: Front controller, router, controllers, PDO repository layer, templates with escaping, Composer autoload—frameworks formalize these pieces. - Q: Laravel vs raw PHP?
A: Laravel adds routing, Eloquent ORM, migrations, auth, queues—raw PHP suits learning or tiny scripts; Laravel suits product velocity and team conventions.
Whiteboard habit
Sketch a login form POST: browser → PHP → validate → session_start → redirect. Mark where escaping, CSRF, and password_verify happen.
Self-check
- Can you explain prepared statements in 30 seconds?
- Can you name three superglobals and their roles?
Interview: Practice sketching the POST login flow with CSRF, password_verify, session_regenerate_id, and redirect—common whiteboard prompt.
Interview prep
- Must-know PHP interview topics?
Request cycle, superglobals, sessions, PDO/prepared statements, XSS/CSRF, OOP basics, Composer, and PHP 8 typing—explain trade-offs, not trivia.