PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? ????, PHP 7.4.0alpha1
+?? ??? ????, PHP 8.0.0alpha1
- Core:
- . Implemented request #76148 (Add array_key_exists() to the list of
- specially compiled functions). (Majkl578)
-
-- CURL:
- . Fixed bug #76480 (Use curl_multi_wait() so that timeouts are respected).
- (Pierrick)
-
-- Date:
- . Fixed bug #75232 (print_r of DateTime creating side-effect). (Nikita)
-
-- FFI:
- . Added FFI extension. (Dmitry)
-
-- FPM:
- . Implemented FR #72510 (systemd service should be hardened). (Craig Andrews)
-
-- GD:
- . Fixed bug #73291 (imagecropauto() $threshold differs from external libgd).
- (cmb)
- . Fixed bug #76324 (cannot detect recent versions of freetype with
- pkg-config). (Eli Schwartz)
- . The bundled libgd behaves now like system libgd wrt. IMG_CROP_DEFAULT never
- falling back to IMG_CROP_SIDES.
- . The default $mode parameter of imagecropauto() has been changed to
- IMG_CROP_DEFAULT; passing -1 is now deprecated.
- . Added support for aspect ratio preserving scaling to a fixed height for
- imagescale(). (Andreas Treichel)
-
-- Hash:
- . The hash extension is now an integral part of PHP and cannot be disabled
- as per RFC: https://wiki.php.net/rfc/permanent_hash_ext. (Kalle)
-
-- Intl:
- . Raised requirements to ICU ≥ 50.1. (cmb)
- . Changed default of $variant parameter of idn_to_ascii() and idn_to_utf8().
- (cmb)
-
-- Opcache:
- . Implemented preloading RFC: https://wiki.php.net/rfc/preload. (Dmitry)
-
-- OpenSSL:
- . Added openssl_x509_verify function. (Ben Scholzen)
- . openssl_random_pseudo_bytes() now throws in error conditions.
- (Sammy Kaye Powers)
-
-- PDO_OCI:
- . Implemented FR #76908 (PDO_OCI getColumnMeta() not implemented).
- (Valentin Collet, Chris Jones, Remi)
-
-- PDO_SQLite:
- . Implemented sqlite_stmt_readonly in PDO_SQLite. (BohwaZ)
- . Raised requirements to SQLite 3.5.0. (cmb)
-
-- Sockets:
- . Fixed bug #67619 (Validate length on socket_write). (thiagooak)
-
-- SQLite3:
- . Unbundled libsqlite. (cmb)
- . Raised requirements to SQLite 3.7.4. (cmb)
- . Forbid (un)serialization of SQLite3, SQLite3Stmt and SQLite3Result. (cmb)
- . Added support for the SQLite @name notation. (cmb, BohwaZ)
- . Added SQLite3Stmt::getSQL() to retrieve the SQL of the statement. (Bohwaz)
-
-- SPL:
- . Fixed bug #77518 (SeekableIterator::seek() should accept 'int' typehint as
- documented). (Nikita)
-
-- Standard:
- . Fixed bug #74764 (Bindto IPv6 works with file_get_contents but fails with
- stream_socket_client). (Ville Hukkamäki)
- . Implemented FR #38301 (field enclosure behavior in fputcsv). (cmb)
- . Implemented FR #51496 (fgetcsv should take empty string as an escape). (cmb)
-
-- Reflection:
- . Fixed bug #76737 (Unserialized reflection objects are broken, they
- shouldn't be serializable). (Nikita)
-
-- Tidy:
- . Added TIDY_TAG_* constants for HTML5 elements. (cmb)
+ . Fixed bug #NNNNN (Summary). (Author)
<<< NOTE: Insert NEWS from last stable release here prior to actual release! >>>
-PHP 7.4 UPGRADE NOTES
+PHP 8.0 UPGRADE NOTES
1. Backward Incompatible Changes
2. New Features
10. New Global Constants
11. Changes to INI File Handling
12. Windows Support
-12. Migration to pkg-config
-14. Other Changes
-15. Performance Improvements
+13. Other Changes
+14. Performance Improvements
========================================
========================================
- Core:
- . Referencing parent:: inside a class that does not have a parent will now
- generate a compile-time error. Previously the error was only emitted at
- run-time.
-
-- Curl:
- . Attempting to serialize a CURLFile class will now generate an exception.
- Previously the exception was only thrown on unserialization.
-
-- Date:
- . Calling var_dump() or similar on a DateTime(Immutable) instance will no
- longer leave behind accessible properties on the object.
-
-- Intl:
- . The default parameter value of idn_to_ascii() and idn_to_utf8() is now
- INTL_IDNA_VARIANT_UTS46 instead of the deprecated INTL_IDNA_VARIANT_2003.
-
-- Openssl:
- . The openssl_random_pseudo_bytes() function will now throw an exception in
- error situations, similar to random_bytes(). In particular, an Error is
- thrown if the number of requested bytes is smaller *or equal* than zero,
- and an Exception is thrown is sufficient randomness cannot be gathered.
- The $crypto_strong output argument is guaranteed to always be true if the
- function does not throw, so explicitly checking it is not necessary.
- RFC: http://php.net/manual/de/function.openssl-random-pseudo-bytes.php
-
-- PDO:
- . Attempting to serialize a PDO or PDOStatement instance will now generate
- an Exception rather than a PDOException, consistent with other internal
- classes which do not support serialization.
-
-- Reflection:
- . Reflection objects will now generate an exception if an attempt is made
- to serialize them. Serialization for reflection objects was never
- supported and resulted in corrupted reflection objects. It has been
- explicitly prohibited now.
-
-- SPL:
- . Calling get_object_vars() on an ArrayObject instance will now always return
- the properties of the ArrayObject itself (or a subclass). Previously it
- returned the values of the wrapped array/object unless the STD_PROP_LIST
- flag was specified. Other affected operations are:
-
- * ReflectionObject::getProperties()
- * reset(), current(), etc. Use Iterator methods instead.
- * Potentially others working on object properties as a list.
-
- (array) casts are *not* affected. They will continue to return either the
- wrapped array, or the ArrayObject properties, depending on whether the
- STD_PROP_LIST flag is used.
- . SplPriorityQueue::setExtractFlags() will throw an exception if zero is
- passed. Previously this would generate a recoverable fatal error on the
- next extraction operation.
-
-- Standard:
- . The "o" serialization format has been removed. As it is never produced by
- PHP, this may only break unserialization of manually crafted strings.
+ . TBD
========================================
2. New Features
========================================
-- Core:
- . Added support for typed properties. For example:
-
- class User {
- public int $id;
- public string $name;
- }
-
- This will enforce that $user->id can only be assigned integer and
- $user->name can only be assigned strings. For more information see the
- RFC: https://wiki.php.net/rfc/typed_properties_v2
- . Added support for coalesce assign (??=) operator. For example:
-
- $array['key'] ??= computeDefault();
- // is roughly equivalent to
- if (!isset($array['key'])) {
- $array['key'] = computeDefault();
- }
-
- RFC: https://wiki.php.net/rfc/null_coalesce_equal_operator
-
-- FFI:
- . A new extension which provides a simple way to call native functions, access
- native variables and create/access data structures defined in C libraries.
- RFC: https://wiki.php.net/rfc/ffi
-
-- OPcache:
- . Support for preloading code has been added.
- RFC: https://wiki.php.net/rfc/preload
-
-- PDO_OCI:
- . PDOStatement::getColumnMeta() is now available
-
-- PDO_SQLite:
- . PDOStatement::getAttribute(PDO::SQLITE_ATTR_READONLY_STATEMENT) allows to
- check whether this statement is read-only, i.e. whether it doesn't modify
- the database.
-
-- Standard:
- . strip_tags() now also accepts an array of allowed tags: Instead of
- strip_tags($str, '<a><p>') you can now write strip_tags($str, ['a', 'p']).
-
========================================
3. Changes in SAPI modules
========================================
4. Deprecated Functionality
========================================
-- Core:
- . Unbinding $this of a non-static method through a combination of
- ReflectionMethod::getClosure() and closure rebinding is deprecated. Doing
- so is equivalent to calling a non-static method statically, which has been
- deprecated since PHP 7.0.
-
========================================
5. Changed Functions
========================================
-- SPL:
- . SplFileObject::fputcsv(), ::fgetcsv() and ::setCsvControl() now accept an
- empty string as $escape argument, which disables the propriertary PHP
- escaping mechanism. SplFileObject::getCsvControl() now may also return an
- empty string for the third array element, accordingly.
-
-- Standard:
- . fputcsv() and fgetcsv() now accept an empty string as $escape argument,
- which disables the propriertary PHP escaping mechanism. The behavior of
- str_getcsv() has been adjusted accordingly (formerly, an empty string was
- identical to using the default).
-
========================================
6. New Functions
========================================
-- OpenSSL:
- . Added openssl_x509_verify(mixed cert, mixed key) function that verifies the
- signature of the certificate using a public key. A wrapper around the
- OpenSSL's X509_verify() function.
- See <https://github.com/php/php-src/pull/3624>.
-
-- SQLite3:
- . Added SQLite3Stmt::getSQL() to retrieve the SQL of the statement. If TRUE is
- passed as parameter, query parameters will be replaced in the return value
- by their currently bound value, if libsqlite ≥ 3.14 is used.
-
========================================
7. New Classes and Interfaces
========================================
9. Other Changes to Extensions
========================================
-- GD:
- . The behavior of imagecropauto() in the bundled libgd has been synced with
- that of system libgd:
- * IMG_CROP_DEFAULT is no longer falling back to IMG_CROP_SIDES
- * Threshold-cropping now uses the algorithm of system libgd
- . The default $mode parameter of imagecropauto() has been changed to
- IMG_CROP_DEFAULT; passing -1 is now deprecated.
- . imagescale() now supports aspect ratio preserving scaling to a fixed height
- by passing -1 as $new_width.
-
-- Hash:
- . The hash extension cannot be disabled anymore and is always an integral
- part of any PHP build, similar to the date extension.
-
-- Intl:
- . The Intl extension now requires at least ICU 50.1.
-
-- Libxml:
- . All libxml based extensions now require libxml 2.7.6 or newer.
-
-- Reflection:
- . Numeric value of class, property, function and constant modifiers was
- changed. Don't filter methods and properties through
- ReflectionClass::getMethods() and ReflectionClass::getProperties(), or test
- results of Reflection...::getModifiers(), using hard-coded numeric values.
- Use corresponding constants instead (e.g. ReflectionMethod::IS_PUBLIC).
-
-- SQLite3:
- . The bundled libsqlite has been removed. To build the SQLite3 extension
- a system libsqlite3 ≥ 3.7.4 is now required. To build the PDO_SQLite
- extension a system libsqlite3 ≥ 3.5.0 is now required.
- . (Un)serialization of SQLite3, SQLite3Stmt and SQLite3Result is now explicitly
- forbidden. Formerly, serialization of instances of these classes was
- possible, but unserialization yielded unusable objects.
- . The @param notation can now also be used to denote SQL query parameters.
-
-- Zip:
- . The bundled libzip library has been removed. A system libzip >= 0.11 is now
- necessary to build the extension.
-
========================================
10. New Global Constants
========================================
-- Tidy:
- . TIDY_TAG_ARTICLE
- . TIDY_TAG_ASIDE
- . TIDY_TAG_AUDIO
- . TIDY_TAG_BDI
- . TIDY_TAG_CANVAS
- . TIDY_TAG_COMMAND
- . TIDY_TAG_DATALIST
- . TIDY_TAG_DETAILS
- . TIDY_TAG_DIALOG
- . TIDY_TAG_FIGCAPTION
- . TIDY_TAG_FIGURE
- . TIDY_TAG_FOOTER
- . TIDY_TAG_HEADER
- . TIDY_TAG_HGROUP
- . TIDY_TAG_MAIN
- . TIDY_TAG_MARK
- . TIDY_TAG_MENUITEM
- . TIDY_TAG_METER
- . TIDY_TAG_NAV
- . TIDY_TAG_OUTPUT
- . TIDY_TAG_PROGRESS
- . TIDY_TAG_SECTION
- . TIDY_TAG_SOURCE
- . TIDY_TAG_SUMMARY
- . TIDY_TAG_TEMPLATE
- . TIDY_TAG_TIME
- . TIDY_TAG_TRACK
- . TIDY_TAG_VIDEO
-
========================================
11. Changes to INI File Handling
========================================
12. Windows Support
========================================
-- stat:
- . The stat implementation has been refactored.
- - An inode number is delivered and is based on the NTFS file index.
- - The device number is now based on the volume serial number.
-
- Note, that both values derived from the system and provided as is on 64-bit
- systems. On 32-bit system, these values might overflow the 32-bit integer in
- PHP, so they're a fake.
-
-========================================
-13. Migration to pkg-config
-========================================
-
-A number of extensions have been migrated to exclusively use pkg-config for
-the detection of library dependencies. Generally, this means that instead of
-using --with-foo-dir=DIR or similar only --with-foo is used. Custom library
-paths can be specified either by adding additional directories to
-PKG_CONFIG_PATH or by explicitly specifying compilation options through
-FOO_CFLAGS and FOO_LIBS.
-
-The following extensions are affected:
-
-- Curl:
- . --with-curl no longer accepts a directory.
-
-- Intl:
- . --with-icu-dir has been removed. If --enable-intl is passed, then libicu is
- always required.
-
-- OpenSSL:
- . --with-openssl no longer accepts a directory.
-
-- PCRE:
- . --with-pcre-regex has been removed. Instead --with-external-pcre is provided
- to opt into using an external PCRE library, rather than the bundled one.
-
-- GD:
- . --with-gd becomes --enable-gd (whether to enable the extension at all) and
- --with-external-gd (to opt into using an external libgd, rather than the
- bundled one).
- . --with-png-dir has been removed. libpng is required.
- . --with-zlib-dir has been removed. zlib is required.
- . --with-freetype-dir becomes --with-freetype.
- . --with-jpeg-dir becomes --with-jpeg.
- . --with-webp-dir becomes --with-webp.
- . --with-xpm-dir becomes --with-xpm.
-
========================================
-14. Other Changes
+13. Other Changes
========================================
========================================
-15. Performance Improvements
+14. Performance Improvements
========================================
-- Core:
- . A specialized VM opcode for the array_key_exists() function has been added,
- which improves performance of this function if it can be statically
- resolved. In namespaced code, this may require writing \array_key_exists()
- or explicitly importing the function.
-PHP 7.4 INTERNALS UPGRADE NOTES
+PHP 8.0 INTERNALS UPGRADE NOTES
1. Internal API changes
- a. php_sys_symlink() and php_sys_link()
- b. zend_lookup_class_ex() and zend_fetch_class_by_name()
- c. Function/property/class flags
- d. Removed zend_check_private()
- e. php_win32_error_to_msg() memory management
- f. get_properties_for() handler / Z_OBJDEBUG_P
- g. Required object handlers
- h. Immutable classes and op_arrays
- i. php_fgetcsv() and php_fputcsv()
- j. Removed add_get_assoc_*() and add_get_index_*()
- k. Class declaration opcodes
- l. HASH_FLAG_INITIALIZED
- m. write_property return value
- n. Assignments to references
+ a. TBD
2. Build system changes
a. Abstract
c. Windows build system changes
3. Module changes
- a. ext/xml
- b. ext/hash
========================
1. Internal API changes
========================
- a. php_sys_symlink() and php_sys_link() portability macros have been
- added, which behave like POSIX's symlink() and link(), respectively, on
- POSIX compliant systems and on Windows.
-
- b. zend_lookup_class_ex() and zend_fetch_class_by_name() prototypes were
- changed to accept optional lower-case class name as zend_string*,
- instead of zval*.
-
- c. Function/property/class flags changes
- - ZEND_ACC_CTOR and ZEND_ACC_DTOR are removed. It's possible to check if
- method is a constructor/destructor using the following condition
- (func->common.scope->constructor == func).
- - ZEND_ACC_IMPLEMENTED_ABSTRACT is removed (it was used only internally
- during inheritance).
- - ZEND_ACC_IMPLICIT_PUBLIC is removed (it was used only for reflection)
- - ZEND_ACC_SHADOW property flag is removed. Instead of creating shadow
- clone, now we use the same private property_info, and should also
- check property_info->ce (in the same way as with methods).
- - ZEND_ACC_ANON_BOUND is replaced with ZEND_ACC_LINKED. This flag is set
- not only during anonymous classes declaration, but also during any
- run-time or compile-time class declaration.
- - ZEND_ACC_NO_RT_ARENA renamed into ZEND_ACC_HEAP_RT_CACHE. Now it's used
- not only for closures, but also for pseudo-main op_arrays.
- - ZEND_ACC_... flags are re-numbered.
-
- d. zend_check_private() is removed. Use (func->common.scope == scope) instead.
-
- e. Pointers returned by php_win32_error_to_msg() have to be freed using
- php_win32_error_msg_free(). Same regarding php_win_err() vs.
- php_win_err_free().
-
- f. A new, optional object handler with the signature
-
- HashTable *get_properties_for(zval *obj, zend_prop_purpose purpose)
-
- has been introduced, where zend_prop_purpose (currently) takes one of:
-
- ZEND_PROP_PURPOSE_DEBUG // var_dump etc.
- ZEND_PROP_PURPOSE_ARRAY_CAST // (array) $obj
- ZEND_PROP_PURPOSE_SERIALIZE // "O"-format serialization (__wakeup)
- ZEND_PROP_PURPOSE_VAR_EXPORT // var_export (__set_state)
- ZEND_PROP_PURPOSE_JSON // json_encode
-
- The handler returns a non-null HashTable with increased refcounted, and
- the return value must be released using zend_release_properties().
-
- This handler serves the same general function as get_properties(), but
- provides more control over different property uses, while also making
- it possible to return a temporary property table.
-
- get_properties() is still used in cases where none of the above purposes
- apply, but overloading get_properties() is generally discouraged. If you
- want to provide purposes for general usage rather than just debugging or
- serialization, please prefer using properly declared properties.
-
- get_debug_info() is superseded by get_properties_for() with the
- ZEND_PROP_PURPOSE_DEBUG purpose, but remains available for backwards-
- compatibility reasons. However, while it is fine to define this handler,
- it should never be directly called by consuming code.
-
- The Z_OBJDEBUG_P macro has been removed. It should be replaced by calls to
- zend_get_properties_for() with the ZEND_PROP_PURPOSE_DEBUG purpose:
-
- // OLD
- int is_temp;
- HashTable *ht = Z_OBJDEBUG_P(obj, is_temp);
- // ...
- if (is_temp) {
- zend_hash_destroy(ht);
- FREE_HASHTABLE(ht);
- }
-
- // NEW
- HashTable *ht = zend_get_properties_for(obj, ZEND_PROP_PURPOSE_DEBUG);
- // ...
- zend_release_properties(ht);
-
- g. The following object handlers are now required (must be non-NULL):
-
- * free_obj
- * dtor_obj
- * read_property
- * write_property
- * read_dimension
- * write_dimension
- * get_property_ptr_ptr
- * has_property
- * unset_property
- * has_dimension
- * unset_dimension
- * get_properties
- * get_method
- * get_constructor
- * get_class_name
- * get_gc
-
- It is recommended to initialize object handler structures by copying the
- std object handlers and only overwriting those you want to change.
-
- h. Opcache may make classes and op_arrays immutable. Such classes are marked
- by ZEND_ACC_IMMUTABLE flag, they are not going to be copied from opcache
- shared memory to process memory and must not be modified at all.
- Few related data structures were changed to allow addressing mutable data
- structures from immutable ones. This access is implemented through
- ZEND_MAP_PTR... abstraction macros and, basically, uses additional level of
- indirection. op_array->run_time_cache, op_array->static_variables_ptr and
- class_entry->static_members_table now have to be accessed through
- ZEND_MAP_PTR... macros.
- It's also not allowed to change op_array->reserved[] handles of immutable
- op_arrays. Instead, now you have to reserve op_array handle using
- zend_get_op_array_extension_handle() during MINIT and access its value
- using ZEND_OP_ARRAY_EXTENSION(op_array, handle).
-
- i. The type of the escape parameter of php_fgetcsv() and php_fputcsv() has
- been changed from char to int. This allows to pass the new constant macro
- PHP_CSV_NO_ESCAPE to this parameter, to disable PHP's proprietary escape
- mechanism.
-
- j. add_get_assoc_*() and add_get_index_*() are removed. Use add_assoc*(),
- add_index*() or zend_hash_*() API functions instead.
-
- k. Complex class declaration opcodes ZEND_ADD_INTERFACE, ZEND_ADD_TRAIT,
- ZEND_BIND_TRAITS and ZEND_VERIFY_ABSTRACT_CLASS were removed. Information
- about interfaces and traits is kept in zend_class_entry structure and
- actual linked performed by ZEND_DECLARE_...CLASS... opcode(s).
- Linked classes have ZEND_ACC_LINKED flag set.
-
- l. HASH_FLAG_INITIALIZED was reverted into HASH_FLAG_UNINITIALIZED.
- Special HT_IS_INITIALIZED() and HT_INVALIDATE() macro were introduced
- to hide implementation details.
-
- m. The write_property() object handler now returns the assigned value (after
- possible type coercions) rather than void. For extensions, it should
- usually be sufficient to return whatever was passed as the argument.
-
- n. Assignments to references now need to ensure that they respect property
- types that affect the reference. This means that references should no
- longer be directly assigned to, and instead a set of specialized macros
- of the form ZEND_TRY_ASSIGN* needs to be used. You can find detailed
- porting instructions as well as a compatibility shim in the wiki:
- https://wiki.php.net/rfc/typed_properties_v2#assignments_to_references
+ a. TBD
========================
2. Build system changes
========================
a. Abstract
- - The hash extension is now always available, meaning the --enable-hash
- configure argument has been removed.
b. Unix build system changes
- - configure --help now also outputs --program-suffix and --program-prefix
- information by using the Autoconf AC_ARG_PROGRAM macro.
- - Obsolescent macros AC_FUNC_VPRINTF and AC_FUNC_UTIME_NULL have been
- removed. Symbols HAVE_VPRINTF and HAVE_UTIME_NULL are no longer defined
- since they are not needed on the current systems.
c. Windows build system changes
3. Module changes
========================
- a. ext/xml
- - The public (internal) API of the ext/xml extension has been removed. All
- functions and structures are private to the extension now.
-
- b. ext/hash
- - The hash extension is now always available, allowing extensions to rely
- on its functionality to be available without compile time checks.
projects / php / commitdiff