PHP 7.4
Changes
@ThomasWeinert
About Me
- dimensional GmbH
- Application Developer
- PHP >= 20 years
- XML Fanatic
- Brompton Rider
Syntax Features
Typed Properties
- Enforced - depending on strict_types
- Nullable
Arrow Functions
- Single Expression
- Automatic binding
- Nesting
- Static
Type Covariance
- Less Specific Argument Type
- More Specific Return Type
- Needs Autoloading
https://wiki.php.net/rfc/covariant-returns-and-contravariant-parameters
Null coalescing assignment operator
Unpacking inside arrays
Numeric literal separator
BC Breaks
New Keyword: fn
fn is now a reserved keyword. In particular, it can no longer be used as a function or class name. It can still be used as a method or class constant name.
<?php tag at end of file
<?php at the end of the file (without trailing newline) will now be interpreted as an opening PHP tag.
Array Access
Trying to use values of type null, bool, int, float or resource as an array (such as $null["key"]) will now generate a notice.
https://wiki.php.net/rfc/notice-for-non-valid-array-container
get_declared_classes()
The get_declared_classes() function no longer returns anonymous classes that have not been instantiated yet.
https://wiki.php.net/rfc/notice-for-non-valid-array-container
Password algorithm constants
- PASSWORD_DEFAULT was int 1; now is NULL
- PASSWORD_BCRYPT was int 1; now is string '2y'
- PASSWORD_ARGON2I was int 2; now is string 'argon2i'
- PASSWORD_ARGON2ID was int 3; now is string 'argon2id'
Include On Stream Wrappers
htmlentities()
htmlentities() will now raise a notice (instead of a strict standards warning) if it is used with an encoding for which only basic entity substitution is supported, in which case it is equivalent to htmlspecialchars().
fread() and fwrite()
fread() and fwrite() will now return FALSE if the operation failed. Previously an empty string or 0 was returned. EAGAIN/EWOULDBLOCK are not considered failures.
These functions now also raise a notice on failure, such as when trying to write to a read-only file resource.
BCMATH
BCMath functions will now warn if a non well-formed number is passed, such as "32foo". The argument will be interpreted as zero, as before.
CURL
Attempting to serialize a CURLFile class will now generate an exception. Previously the exception was only thrown on unserialization.
Using CURLPIPE_HTTP1 is deprecated, and is no longer supported as of cURL 7.62.0.
The $version parameter of curl_version() is deprecated. If any value not equal to the default CURLVERSION_NOW is passed, a warning is raised and the parameter is ignored.
Date and Time
Calling var_dump() or similar on a DateTime or DateTimeImmutable instance will no longer leave behind accessible properties on the object.
Comparison of DateInterval objects (using ==, <, and so on) will now generate a warning and always return FALSE. Previously all DateInterval objects were considered equal, unless they had properties.
Intl
The default parameter value of idn_to_ascii() and idn_to_utf8() is now INTL_IDNA_VARIANT_UTS46 instead of the deprecated INTL_IDNA_VARIANT_2003.
MySQLi
The embedded server functionality has been removed. It was broken since at least PHP 7.0.
The undocumented mysqli::$stat property has been removed in favor of mysqli::stat().
OpenSSL
The openssl_random_pseudo_bytes() function will now throw an exception in error situations, similar to random_bytes(). In particular, an Error is thrown if the number of requested bytes is less than or equal to zero, and an Exception is thrown if sufficient randomness cannot be gathered. The $crypto_strong output argument is guaranteed to always be TRUE if the function does not throw, so explicitly checking it is not necessary.
PCRE
When PREG_UNMATCHED_AS_NULL mode is used, trailing unmatched capturing groups will now also be set to NULL (or [null, -1] if offset capture is enabled). This means that the size of the $matches will always be the same.
PDO
Attempting to serialize a PDO or PDOStatement instance will now generate an Exception rather than a PDOException, consistent with other internal classes which do not support serialization.
Reflection
Reflection objects will now generate an exception if an attempt is made to serialize them. Serialization for reflection objects was never supported and resulted in corrupted reflection objects. It has been explicitly prohibited now.
SPL: ArrayObject
Calling get_object_vars() on an ArrayObject instance will now always return the properties of the ArrayObject itself (or a subclass). Previously it returned the values of the wrapped array/object unless the ArrayObject::STD_PROP_LIST flag was specified.
SPL: SplPriorityQueue
SplPriorityQueue::setExtractFlags() will throw an exception if zero is passed. Previously this would generate a recoverable fatal error on the next extraction operation.
SPL: Serialization
ArrayObject, ArrayIterator, SplDoublyLinkedList and SplObjectStorage now support the __serialize() and __unserialize() mechanism in addition to the Serializable interface. This means that serialization payloads created on older PHP versions can still be unserialized, but new payloads created by PHP 7.4 will not be understood by older versions.
Tokenizer
token_get_all() will now emit a T_BAD_CHARACTER token for unexpected characters instead of leaving behind holes in the token stream.
Deprecated
Deprecated I
- The real type
- Magic quotes legacy
- array_key_exists() with objects
- FILTER_SANITIZE_MAGIC_QUOTES filter
- Reflection export() methods
- mb_strrpos() with encoding as 3rd argument
- implode() parameter order mix
Deprecated II
- Unbinding $this from non-static closures
- hebrevc() function
- convert_cyr_string() function
- money_format() function
- ezmlm_hash() function
- restore_include_path() function
- allow_url_include ini directive
Ternary Operator
Unparenthesized `a ? b : c ? d : e` is deprecatedcurly brace array access
Array and string offset access syntax with
curly braces is deprecatedhttps://wiki.php.net/rfc/deprecate_curly_braces_array_access
(Re)Moved
ext/interbase
ext/wddx
Web Distributed Data eXchange
ext/recode
Conversion between different character sets/encodings.
Features
Exceptions from __toString()
Concatenation Operator Precedence
Weak References
Reference Reflection
FFI
- Foreign Function Interface
- LuaJTI/FFI, Python/CFFI
Object Serialization
OPCache: Preloading
- Preloader Script
- Limits
- Top level
- Completely resolvable
- Windows Only - no internal class ancestor
ext/hash
Always available
Extensible Password API
Allow extensions to register additional hashing mechanisms. Provide argon2i(d) implementations from ext/sodium.
https://wiki.php.net/rfc/password_registry
https://wiki.php.net/rfc/sodium.argon.hash
CURL: Stream wrappers
CURLFile now supports stream wrappers in addition to plain file names, if the extension has been built against libcurl >= 7.56.0.
Filter: FILTER_VALIDATE_FLOAT
The FILTER_VALIDATE_FLOAT filter now supports the min_range and max_range options, with the same semantics as FILTER_VALIDATE_INT.
PCRE: Replace Callback Flags
MBSTRING: mb_str_split()
PDO: Escape Placeholder
GD: IMAGE_FILTER_SCATTER
