Malformed dynamically-generated web pages, and web script crashes, are common errors, and they seriously impact usability of web applications. Current tools for web-page validation cannot handle the dynamically-generated pages that are ubiquitous on today's Internet. In this work, we adapt a dynamic test generation technique, based on combined concrete and symbolic execution, to the domain of PHP web applications. The technique generates tests automatically and uses an output oracle to find bugs. It also minimizes its output to reduce duplication and make the bug reports small and easy to understand. The technique is implemented in Apollo, an automated tool that found dozens of bugs in real PHP applications. Apollo generates test inputs for the web application, monitors the application for crashes, and validates that the output conforms to the HTML specification. This paper presents Apollo's algorithms and implementation, and an experimental evaluation of Apollo on PHP web applications.