1. Backward Incompatible Changes
========================================
-- Core:
- . gettype() will now return "resource (closed)" instead of "unknown type" for
- closed resources.
- . is_object() will now return true for objects of class
- __PHP_Incomplete_Class.
- . Support for Netware operating systems has been removed.
- . Casting arrays to objects (with (object) or settype()) will now convert
- integer keys to string property names. This fixes the behaviour of previous
- versions, where integer keys would become inaccessible properties with
- integer names.
- . Casting objects to arrays (with (array) or settype()), and retrieving
- object properties in an array with get_object_vars(), will now convert
- numeric string property names (that is, property names of the format
- /^(0|(-?[1-9][0-9]*))$/ where PHP_INT_MIN <= n <= PHP_INT_MAX) to integer
- keys. This fixes the behaviour of previous versions, where numeric string
- property names would become inaccessible string keys.
- . Unqualified references to undefined constants now generate a Warning instead
- of a notice. They will generate an Error in a future version of PHP.
- (https://wiki.php.net/rfc/deprecate-bareword-strings)
- . Minimum supported Windows versions are Windows 7/Server 2008 R2.
- . Initial trait property value compatibility check will no longer perform
- any casts. (Bug #74269)
- . "object" (in any case) can no longer be used as a class name.
-
-- BCMath:
- . The bcmod() function no longer truncates fractional numbers to integers. As
- such, its behavior now follows fmod() rather than the `%` operator. For
- example `bcmod('4', '3.5')` now returns '0.5' instead of '1'.
-
-- Hash:
- . The hash_hmac(), hash_hmac_file(), hash_pbkdf2() and hash_init() (with
- HASH_HMAC) functions no longer accept non-cryptographic hashes.
-
-- JSON
- . The json_decode() option JSON_OBJECT_AS_ARRAY is used if the second
- parameter (assoc) is null. Previously JSON_OBJECT_AS_ARRAY was always
- ignored.
-
-- Session:
- . Removed register_globals related code and "!" can be used as $_SESSION key name.
- . Session is made to manage session status correctly and prevents invalid operations.
- Only inappropriate codes are affected by this change. If you have problems with this,
- it means you have problem in your code.
- . Functions are made to set or return correct session status.
- session_start(), session_status(), session_regenerate_id()
- . Functions are made to return bool from null. These functions have void parameter
- and void parameter is checked.
- session_unset(), session_write_close()/session_commit(), session_abort(),
- session_reset()
- . Functions prohibit invalid operations with regard to session status and
- HTTP header status, returns correct bool return value.
- session_start(), session_set_cookie_params(), session_name(), session_module_name(),
- session_set_save_handler(), session_regenerate_id(), session_cache_limiter(),
- session_cache_expire(), session_unset(), session_destroy(),
- session_write_close()/session_commit(), session_reset()
- . INI value change by ini_set() returns update status correctly. Invalid INI modifications
- are checked and made to fail.
- session.name, session.save_path, session.cookie_lifetime, session.cookie_path,
- session.cookie_domain, session.cookie_httponly, session.cookie_secure,
- session.use_cookies, session.use_only_cookies, session.use_strict_mode,
- session.referer_check, session.cache_limiter, session.cache_expire,
- session.lazy_write, session.save_handler, session.serialize_handler,
- session.gc_probability, session.gc_divior, session.gc_maxlifetime,
- . Some E_ERRORs are changed to E_WARNING since session status is managed correctly.
- session_start()
- . Session no longer initialize $_SESSION for invalid and useless session.
- session_start()
- . When headers are already sent and try to set new INI values, session_name(),
- session_module_name(), session_save_path(), session_cache_limiter() and
- session_cache_expire() are no longer works. Older PHPs accepts new values even
- if new values will not be effective.
- This new corrected behavior may affect command line mode CLI scripts that manage
- sessions. Use output buffer just like web applications to resolve problems on
- CLI scripts.
-
-- Standard:
- . Sequences generated by mt_rand() and rand() for a specific seed may differ
- from PHP 7.1 on 64-bit machines. This change was necessary to resolve a
- modulo bias bug in the implementation.
-
-- IMAP:
- Starting with 7.2.13, rsh/ssh logins are disabled by default. Use
- imap.enable_insecure_rsh if you want to enable them. Note that the IMAP
- library does not filter mailbox names before passing them to rsh/ssh
- command, thus passing untrusted data to this function with rsh/ssh enabled
- is insecure.
+Core:
+ . The ext_skel utility has been completely redesigned with new options and
+ some old options removed. This is now written in PHP and has no external
+ dependencies.
+ . Support for BeOS has been dropped.
+ . Exceptions thrown due to automatic conversion of warnings into exceptions
+ in EH_THROW mode (e.g. some DateTime exceptions) no longer populate
+ error_get_last() state. As such, they now work the same way as manually
+ thrown exceptions.
+ . TypeError now reports wrong types as `int` and `bool` instead of `integer`
+ and `boolean`.
+ . Due to the introduction of flexible heredoc/nowdoc syntax (see New Features
+ section), doc strings that contain the ending label inside their body may
+ cause syntax errors or change in interpretation. For example in
+
+ $str = <<<FOO
+ abcdefg
+ FOO
+ FOO;
+
+ the indented occurrence of "FOO" did not previously have any special
+ meaning. Now it will be interpreted as the end of the heredoc string and
+ the following "FOO;" will cause a syntax error. This issue can always be
+ resolved by choosing an ending label that does not occur within the contents
+ of the string.
+ . "continue" statements targeting "switch" control flow structures will now
+ generate a warning. In PHP such "continue" statements are equivalent to
+ "break", while they behave as "continue 2" in other languages.
+
+ while ($foo) {
+ switch ($bar) {
+ case "baz":
+ continue;
+ // Warning: "continue" targeting switch is equivalent to
+ "break". Did you mean to use "continue 2"?
+ }
+ }
+
+ . Array accesses of type $obj["123"], where $obj implements ArrayAccess and
+ "123" is an integer string literal will no longer result in an implicit
+ conversion to integer, i.e., $obj->offsetGet("123") will be called instead
+ of $obj->offsetGet(123). This matches existing behavior for non-literals.
+ The behavior of arrays is not affected in any way, they continue to
+ implicitly convert integeral string keys to integers.
+ . In PHP, static properties are shared between inheriting classes, unless the
+ static property is explicitly overridden in a child class. However, due to
+ an implementation artifact it was possible to separate the static properties
+ by assigning a reference. This loophole has been fixed.
+
+ class Test {
+ public static $x = 0;
+ }
+ class Test2 extends Test { }
+
+ Test2::$x = &$x;
+ $x = 1;
+
+ var_dump(Test::$x, Test2::$x);
+ // Previously: int(0), int(1)
+ // Now: int(1), int(1)
+
+ . References returned by array and property accesses are now unwrapped as
+ part of the access. This means that it is no longer possible to modify the
+ reference between the access and the use of the accessed value:
+
+ $arr = [1];
+ $ref =& $arr[0];
+ var_dump($arr[0] + ($arr[0] = 2));
+ // Previously: int(4), Now: int(3)
+
+ This makes the behavior of references and non-references consistent. Please
+ note that reading and writing a value inside a single expression remains
+ undefined behavior and may change again in the future.
+
+ . Argument unpacking stopped working with Traversables with non-integer keys.
+ The following code worked in PHP 7.0-7.2 by accident.
+
+ function foo(...$args) {
+ var_dump($args);
+ }
+ function gen() {
+ yield 1.23 => 123;
+ }
+ foo(...gen());
+
+ Now it generates an exception.
+
+BCMath:
+ . All warnings thrown by BCMath functions are now using PHP's error handling.
+ Formerly some warnings have directly been written to stderr.
+ . bcmul() and bcpow() now return numbers with the requested scale. Formerly,
+ the returned numbers may have omitted trailing decimal zeroes.
+
++IMAP:
++ rsh/ssh logins are disabled by default. Use imap.enable_insecure_rsh if you want
++ to enable them. Note that the IMAP library does not filter mailbox names before
++ passing them to rsh/ssh command, thus passing untrusted data to this function
++ with rsh/ssh enabled is insecure.
++
+MBString:
+ . Due to added support for named captures, mb_ereg_*() patterns using named
+ captures will behave differently. In particular named captures will be part
+ of matches and mb_ereg_replace() will interpret additional syntax. See
+ "New Features" section for more information.
+
+mysqli:
+ . Prepared statements now properly report the fractional seconds for DATETIME/
+ TIME/TIMESTAMP columns with decimals specifier (e.g. TIMESTAMP(6) when using
+ microseconds). Formerly, the fractional seconds part was simply omitted from
+ the returned values.
+
+PDO/MySQL:
+ . Prepared statements now properly report the fractional seconds for DATETIME/
+ TIME/TIMESTAMP columns with decimals specifier (e.g. TIMESTAMP(6) when using
+ microseconds). Formerly, the fractional seconds part was simply omitted from
+ the returned values.
+ Please note that this only affects the usage of PDO_MYSQL with emulated
+ prepares turned off (e.g. using the native preparation functionality).
+ Statements using connections having PDO::ATTR_EMULATE_PREPARES=true (which
+ is the default) were not affected by the bug fixed and have already been
+ getting the proper fractional seconds values from the engine.
+
+Reflection:
+ . Reflection export to string now uses `int` and `bool` instead of `integer`
+ and `boolean`.
+
+SPL:
+ . If an SPL autoloader throws an exception, following autoloaders will not be
+ executed. Previously all autoloaders were executed and exceptions were
+ chained.
+
+SimpleXML:
+ . Mathematic operations involving SimpleXML objects will now treat the text as
+ an integer or float, whichever is more appropriate. Previously values were
+ treated as integers unconditionally.
+
+Standard:
+ . Undefined variables passed to compact() will now be reported as a notice.
+ . getimagesize() and related functions now report the mime type of BMP images
+ as image/bmp instead of image/x-ms-bmp, since the former has been registered
+ with the IANA (see RFC 7903).
+ . stream_socket_get_name() will now return IPv6 addresses wrapped in brackets.
+ For example "[::1]:1337" will be returned instead of "::1:1337".
========================================
2. New Features
projects / php / commitdiff