PHP Overview: Review Questions

Self-Study & Discussion

These questions cover the 5 sections of the PHP overview and are organized into 3 topic clusters. No answers are provided — the goal is to test your understanding of PHP's execution model, its syntax and superglobals, and how it fits into the server-side ecosystem.

The questions mix conceptual understanding, technical reasoning, and cross-reference connections to other overviews.

Cluster 1: Language Identity & Execution Model (Sections 1–2)

  1. The overview states PHP's defining characteristic is that "it's designed to be embedded directly in HTML." Using the code example (<?php echo date('H:i:s'); ?>), explain how the server processes PHP blocks. What does the browser actually receive? Why does the overview call PHP "a templating language as much as a programming language"?
  2. The mod_php diagram shows four steps: Read, Parse, Execute, Generate HTML output. Trace a request for /index.php through this flow. What role does Apache play? What role does the PHP interpreter play? How does this differ from a Node.js server handling the same request?
  3. The overview states "Each PHP request starts fresh. Variables don't persist between requests." Explain what this means for a shopping cart application. How does the overview say you solve this problem ("that's what sessions and databases are for")? How does this relate to the State Management overview's discussion of statelessness?
  4. The overview mentions two ways PHP runs: "as an Apache module (mod_php) or via PHP-FPM (FastCGI Process Manager)." The diagram shows mod_php with PHP inside Apache. What is the significance of PHP running inside the web server rather than being the web server? Compare this to the Node.js overview's statement that "Node.js IS the server."
  5. The overview says "The server processes the <?php ... ?> blocks, replacing them with their output." What happens if a PHP file contains no <?php tags — just plain HTML? What does this tell you about PHP's relationship with HTML? Why is this different from how Node.js generates HTML output?

Cluster 2: Why PHP & Market Position (Section 3)

  1. The overview cites three statistics: "~77% of websites with a known server-side language use PHP," "WordPress (43% of all websites) is built on PHP," and "Wikipedia, Facebook (originally)" use PHP. What does this market dominance tell you about PHP's strengths? Why hasn't Node.js or Python displaced it despite being newer?
  2. The overview lists four reasons PHP is excellent for learning server-side concepts: URL-to-file mapping, superglobals, built-in sessions, and no build step. For each, explain what it means and why it lowers the learning barrier compared to Node.js (where routing is code, request data is on req objects, sessions need middleware, and you need npm install).
  3. The overview mentions "Easy deployment: Just upload .php files." Compare this to deploying a Node.js application (which requires npm install, node app.js, and a process manager). Why is PHP's deployment model simpler? What trade-off does this simplicity involve?
  4. The overview says PHP makes "the connection between URL and file clear (/cart.phpcart.php)." How does Apache's mod_php achieve this mapping automatically? How does the URL overview's discussion of URL structure relate? Why don't Node.js/Express applications have this automatic mapping?
  5. Despite PHP's dominance, the Node.js overview says Node.js is "Best for: APIs, real-time apps, microservices." Using the execution model differences (per-request vs persistent), explain why each language suits its niche. Could you build a real-time chat app in PHP? What would be the challenge?

Cluster 3: Syntax, Superglobals & Ecosystem (Sections 4–5)

  1. The superglobals table lists $_GET, $_POST, $_SESSION, $_COOKIE, and $_SERVER. These are "special arrays that are always available." Why are they called "superglobals"? How does $_GET['id'] from ?id=42 relate to the URL overview's discussion of query strings? Compare $_GET['id'] to Node.js's req.query.id.
  2. The Quick Reference shows $username = htmlspecialchars($username, ENT_QUOTES, 'UTF-8'). Why is this function critical for security? What attack does it prevent? The Foundations overview discusses security concerns — how does output escaping relate to the broader principle of "never trust user input"?
  3. The Quick Reference shows header('Content-Type: application/json'); echo json_encode(['status' => 'ok']); for returning JSON. Compare this to Node.js Express's res.json({ status: 'ok' }). What does PHP require that Express handles automatically? How does the REST overview's discussion of content types relate?
  4. The overview lists PHP's modern ecosystem: Composer, Laravel/Symfony, Eloquent/Doctrine, PHPUnit, PHP 8+. Compare Composer to npm (from the Node.js comparison table). How do frameworks like Laravel change PHP development from "just upload files" to a more structured workflow? Why does the overview say "the fundamentals apply regardless of framework choice"?
  5. The Quick Reference shows session_start(); $_SESSION['user_id'] = 42; and setcookie('theme', 'dark', time() + 3600, '/'). How do sessions and cookies work together? The State Management overview explains that sessions use cookies to store a session ID. Trace the full flow: what does session_start() do, what cookie does it set, and how does $_SESSION persist data across the stateless HTTP protocol?