We're having a PHP freelancer come by next week, and are assuming he knows his way around PHP. But of course, we would like to make sure. What questions would you ask a candidate in a PHP job interview?
Would you have them write some sort of bubblesort op paper, without the aid of a computer? Would you ask array-specific questions, OOP or SQL? I'd be interested to know how to pick out the good (PHP) programmer, without scaring them off with too many detailed questions.
I would initially concentrate on security related features. If they don't understand the following then they've no place developing PHP code:
Why is register_globals bad?
What is a SQL injection attack
How do you avoid them?
What are some of the shortcomings of PHP that you've experienced and how did you deal with it?
I would definately also ask for security related questions such as how to execute intrusion safe SQL queries, prevent XSS attacks etc.
He should better also know his way around in modern frameworks and know good coding practices, such as Model-View-Controller and some design patterns that are relevant to PHP developers (Singleton, Registry, ...)
You should also make sure, that the developer has a solid foundation in HTML, CSS and JS. Even if they develop PHP most of the time they almost always have to do some HTML, CSS and eventually JS, so these are some things you can also ask for:
Did a little searching:
PHP Questions from Yahoo Interview: http://www.nickhalstead.com/2007/05/23/php-interview-questions-from-yahoo/
Others: http://vijaymodi.wordpress.com/2008/01/25/php-interview-questions-and-answers/ http://www.geekinterview.com/Interview-Questions/Programming/PHP
When have you created your own OO code in PHP? (The answer will help you learn not only if the interviewee understands OO, but if they understand its limitations in the context of PHP.)
What optimization runtimes do you use with PHP? Can one combine them? Do you?
What was the single biggest bottleneck you removed from PHP code, and how did you find it?
When is it appropriate to shove PHP code into the template (e.g., Smarty) layer of the app.
What is an SQL injection? How do you avoid it?
Tell me your favorite IE6 nightmare story and how you solved it.
For me, I'd ask the following:
Just a few ideas, but hope that helps. :)
Ok, a more serious answer.
The truth is, you don't need to do much to test his knowledge of PHP in specific. Understanding PHP is arguably a rather small part of being able to write robust and sound web applications.
What you really need is someone who understands how networks (especially TCP/IP) work, how web serving functions, the basic communication protocols that the web are built on, the dangers of accepting data from unverified (and verified!) sources, etc.
In other words, you want someone with coding experience who understands the underlying mechanisms by which the internet functions. Someone with web design experience can rattle off a list of potential security vulnerabilities. Only someone with a thorough understanding of how web communication functions can identify new vulnerabilities.
(And frankly, with any sufficiently advanced web program, chances are you'll create a new vulnerability. Sure, it'll be a new coat of paint on an age-old issue. But only someone with deeper understanding sees past the paint job.)
Also can be asked about:
"What are some of the shortcomings of PHP that you've experienced and how did you deal with it?"
This is the BY FAR best question to ask I've ever heard since it shows that the candidate (if he can answer) knows more about system development then his "last PHP book"...
And the reason is that only a "thinking" person (and experienced in more than one programming language - which should be a qualification) can answer that question...
Though since few programmers will be able to give great answers to such a question, I wouldn't necessarily dismiss the candidate based on his inability to answer it, but I'd definitely prefer one being able to answer ;)
A few weeks ago i was in a similiar situation and the following link helped me to ask the right questions: The Guerrilla Guide to Interviewing
It is my opinion that what should be accomplished in an interview is not an A to Z question and answer session trying to find every tidbit of PHP knowledge one has. There should be some well thought-out technical questions, not designed to show their flashy skills, but designed to expose the interviewee's thinking power.
For example:
Ask the interviewee to solve a technical problem, such as, "Given an array of integers from 1 to 1 million, write a function to determine which integer is missing in the range." At this point, give them a pen and paper (or white-board) and let them actually try to solve the problem. Don't rush them for time (but don't let them take all day either). You can prod them with ways to go about it, but above all make sure they are solving the problem. You can learn a lot about a programmer by how they deal with seemingly trivial problems, and how they deal with writing code under pressure.
Once you have finished that portion, ask them to optimize the code for speed and efficiency. If they had to cut the processing time by 25% or even 50%, how would they do it. At this point, it could just be conceptual. You may not even have a way to solve it yourself immediately, but this is irrelevant. Make the programmer THINK! I've found that when you ask questions that make a person step back and think, you learn much more about them than their resume or a "tell me why you're a good programmer" question will ever reveal.
As a side note, one question I have yet to ask in an interview (but can't wait to get the chance) is this:
"Having seen Google Maps, how would you duplicate or enhance the software design (objects, data structures, web services)?"
It's a super abstract question, and the actual answer doesn't really matter, I'm more interested in how they approach it.
Thanks everyone, all of these answers were really useful - too bad you can only tag one as the "solution". I greatly appreciate it, this will come in handy. :-)