30 Essential WordPress & PHP Interview Questions (Every Developer Should Know) – Part 1

decembrie 2, 2025 by

Andy

IT&C

Whether you’re freelancing, applying for a dev job, or working with agencies, technical interviews often include a bunch of quick-fire questions. Many are simple once you understand the core concepts — but brutal when you freeze or blank out.

This article covers 30 foundation-level WordPress and PHP interview questions, phrased the way real interviewers ask them.

WORDPRESS QUESTIONS

1. What is a “hook” in WordPress?

A hook is a mechanism that lets you run custom code at specific points.
There are two types:

  • Actionsdo something
  • Filtersmodify data

2. What is the difference between an Action and a Filter?

  • Action: Executes custom code at a specific event.
  • Filter: Receives some data → returns modified data.

3. Where do you put custom hooks in a theme?

In functions.php, or in a custom plugin if you want clean separation.

4. What is the difference between a Theme and a Plugin?

  • Theme: Controls presentation.
  • Plugin: Adds functionality
    Plugins should never control layout, and themes should not store important logic.

5. What is the WordPress Loop?

It’s the main mechanism WP uses to output posts:






if ( have_posts() ) {
    while ( have_posts() ) {
        the_post();
    }
}











6. What is a Child Theme?





A theme that inherits from another theme (the parent).
Used to safely override templates and functions.










7. What is WP_Query?





A class for custom queries to fetch posts manually.










8. What’s the difference between WP_Query, query_posts, and get_posts?





    

  • WP_Query: The official flexible way.
    • 




  • query_posts: Modifies the main query (discouraged).
    • 




  • get_posts: Returns a simplified array of posts.
    • 











9. What is the REST API in WordPress?





A JSON-based API for retrieving and sending data using endpoints like:










/wp-json/wp/v2/posts











10. How do you enqueue scripts/styles properly?





Using:










wp_enqueue_script();
wp_enqueue_style();






Never hard-code <script> tags in templates.










11. What is a nonce in WordPress?





A security token used to validate actions (e.g., form submissions).










12. What is the purpose of sanitize_text_field, esc_html, esc_url?





Used to prevent XSS by sanitizing and escaping output/input.










13. How do you create a custom post type?





Using register_post_type() inside init.










14. How do you add custom fields to a post type?





Options:





    

  • ACF
    • 




  • Meta Box
    • 




  • Gutenberg block metadata
    • 




  • Native WP functions (add_post_meta, etc.)
    • 











15. What is the Template Hierarchy?





The priority list WP uses to decide which file to load (single.php, page.php, etc.).















PHP QUESTIONS










16. What is the default PHP session timeout?





1440 seconds (24 minutes) — controlled by:










session.gc_maxlifetime











17. What are the major PHP data types?





String, Integer, Float, Boolean, Array, Object, NULL, Resource.










18. What is the difference between == and === in PHP?





    

  • == → compares values
    • 




  • === → compares value and type
    • 











19. What is an associative array?





An array with named keys instead of numeric indexes.










20. Explain include vs require





    

  • include: Warning on failure
    • 




  • require: Fatal error on failure
    • 











21. Difference between include and include_once?





_once prevents the file from being loaded twice.










22. What are Sessions in PHP?





A server-side storage mechanism that persists data between page requests.










23. What is PDO?





PHP Data Objects — a modern, secure database access layer that supports prepared statements.










24. What is a prepared statement?





A secure way to run queries that protects against SQL injection.










25. Explain OOP basics in PHP





    

  • Class
    • 




  • Object
    • 




  • Properties
    • 




  • Methods
    • 




  • Inheritance
    • 




  • Encapsulation
    • 




  • Polymorphism
    • 











26. What is the difference between public, private, protected?





    

  • public: accessible everywhere
    • 




  • private: only inside the class
    • 




  • protected: inside class + subclasses
    • 











27. What is Composer?





PHP’s dependency manager (like npm for JavaScript).










28. What is autoloading?





Automatically loading classes without manual include calls — using PSR-4 via composer.










29. What is the difference between GET and POST?





    

  • GET: URL parameters, visible, cached
    • 




  • POST: Hidden, used for forms, larger data
    • 











30. What are common PHP security practices?





    

  • Escape output
    • 




  • Sanitize input
    • 




  • Use prepared statements
    • 




  • Validate file uploads
    • 




  • Disable dangerous functions
    • 




  • Use HTTPS
    • 





				
 


				
 	
	


				
 
	

	


			

		


		

			

				


					«