2. Introduction
● Ferenc Kovacs
○ DevOps guy from Budapest, Hungary
○ Infrastructure Engineer at http://www.ustream.tv/
○ Volunteer for the PHP project since 2011
○ Release Manager for PHP 5.6 with Julien Pauli
3. History of PHP 5.6
● 2012-11-09: First commit
● 2013-11-06: PHP-5.6 branched out
● 2014-01-23: PHP-5.6.0alpha1(rfc freeze)
● 2014-04-11: PHP-5.6.0beta1(feature freeze)
● 2014-06-19: PHP-5.6.0RC1
● 2014-08-28: PHP-5.6.0
4. Some stats about the changes
Version Released Commits Authors LOC added LOC deleted
5.3.0 2009-06-30 5339 83 1575768 756904
5.4.0 2012-03-01 18779 135 3701590 2150397
5.5.0 2013-06-20 2842 113 287785 164481
5.6.0 2014-08-28 2013 107 496200 1235336
7.0 N/A 3671 90 531825 1315925
5. Release Process
https://wiki.php.net/rfc/releaseprocess
tl;dr:
● yearly release schedule(timeboxing), 2+1
year support cycle.
● guidelines about what is allowed in a
major/minor/micro version.
● resulting smaller, more predictable releases
which are easier to upgrade to.
6. Changes in 5.6
1. BC breaks
2. New features
3. Deprecated features
7. BC breaks
● json_decode() only accepts lowercase for
true/false/null to follow the JSON spec.
● Stream wrappers now verify peer certificates
and host names by default when using
SSL/TLS.
● GMP resources are now objects.
● Mcrypt functions now require valid keys and
IVs.
8. BC breaks
● unserialize() now validates the serialize
format for classes implementing Serializable.
○ class Foo
■ O:3:"Foo":0:{}
○ class Foo implements Serializable
■ C:3:"Foo":4:{r:1;}
○ Can be a problem if you handcrafting the strings
(PHPUnit, Doctrine) or storing those somewhere and
the class definition changes(Horde).
9. BC breaks
● using the @file syntax for curl file uploads
are only supported if option
CURLOPT_SAFE_UPLOAD is set to false.
CURLFile should be used instead.
10. BC breaks
<?php
class C {
const ONE = 1;
public $array = [
self::ONE => 'foo',
'bar',
'quux',
];
}
count((new C)->array); // 2 on <=5.5 but 3 on >=5.6
?>
11. New features
The big ones
● Constant scalar expressions
● Variadic functions
● Argument unpacking
● Power operator
● use function and use const
● phpdbg
● SSL/TLS improvements
12. Constant scalar expressions
<?php
const ONE = 1;
const TWO = ONE * 2;
class C {
const THREE = TWO + 1;
const ONE_THIRD = ONE / self::THREE;
const SENTENCE = 'The value of THREE is '.self::THREE;
public function f($a = ONE + self::THREE) {
return $a;
}
}
echo (new C)->f()."n"; // 4
echo C::SENTENCE; // The value of THREE is 3
?>
13. Variadic functions
<?php
function f($req, $opt = null, ...$params) {
// $params is an array containing the remaining arguments.
printf('$req: %d; $opt: %d; number of params: %d'."n",
$req, $opt, count($params));
}
f(1); // $req: 1; $opt: 0; number of params: 0
f(1, 2); // $req: 1; $opt: 2; number of params: 0
f(1, 2, 3); // $req: 1; $opt: 2; number of params: 1
f(1, 2, 3, 4); // $req: 1; $opt: 2; number of params: 2
f(1, 2, 3, 4, 5); // $req: 1; $opt: 2; number of params: 3
?>
16. use function and use const
<?php
namespace NameSpace {
const FOO = 42;
function f() { echo __FUNCTION__."n"; }
}
namespace {
use const NameSpaceFOO;
use function NameSpacef;
echo FOO."n"; // 42
f(); // NameSpacef
}
?>
17. phpdbg
New SAPI for debugging php scripts
● really handy for debugging cli scripts or
debugging without an IDE.
● no out-of-the-box solution for debugging web
requests(WIP).
● no IDE integration yet(WIP).
● those familiar with gdb will probably like it.
18. phpdbg features
● list source for line/function/method/class
● show info about current
files/classes/functions/etc.
● print opcodes for classes/functions/current
execution context, etc.
● traverse and sho information about
stackframes
19. phpdbg features
● show the current backtrace.
● set execution context.
● run the current execution context.
● step through the execution.
● continue the execution until the next
breakpoint/watchpoint.
● continue the execution until the next
breakpoint/watchpoint after the given line.
20. phpdbg features
● continue the execution skipping any
breakpoint/watchpoint until the current frame
is finished.
● continue the execution skipping any
breakpoint/watchpoint to right before we
leave the current frame.
21. phpdbg features
● set a conditional expression on the target
where execution will break if the expression
evaluates true.
● set a watchpoint on variable.
● clear breakpoints.
● clean up the execution environment(remove
constant/function/class definitions).
22. phpdbg features
● set the phpdbg configuration.
● source a phpdbginit script.
● register a phpdbginit function as an alias.
● shell a command.
● evaluate some code.
● quit.
23. SSL/TLS improvements
● Stream wrappers now verify peer certificates
and host names by default when using
SSL/TLS.
● Added support SAN x509 extension
matching for verifying host names in
encrypted streams.
● New SSL context options for improved
stream server security.
24. SSL/TLS improvements
● Added support for Server Name Indication.
● Added protocol-specific encryption stream
wrappers (tlsv1.0://, tlsv1.1:// and tlsv1.2://).
● Added support for managing SPKAC/SPKI.
25. Other features
● __debugInfo() magic method for intercepting
var_dump();
● php://input is reusable
● Large file uploads (>2GB) are now accepted.
● The new GMP objects now support operator
overloading.
● hash_equals() for constant time string
comparison.
26. Other features
● gost-crypto hash algo was added.
● PostgreSQL async support
○ pg_connect($dsn, PGSQL_CONNECT_ASYNC);
○ pg_connect_poll();
○ pg_socket();
○ pg_consume_input();
○ pg_flush();
● ReflectionClass::
newInstanceWithoutConstructor() can
instantiate almost everything.
27. Other features
● The default value for default_charset
changed to UTF-8, html* iconv* and
mbstring* function will use this value when
no explicit encoding is set/passed.
● New fetching mode for mysqlnd, controlled
via mysqlnd.fetch_data_copy.
○ Will use less memory but do more copying.
28. Deprecated features
● Calls from incompatible context will now emit
E_DEPRECATED instead of E_STRICT
● always_populate_raw_post_data now have
a new value(-1), which completely disables
the population of
$HTTP_RAW_POST_DATA, setting it
anything else will emit an E_DEPRECATED.
29. Deprecated features
● The following settings are all deprecated in
favor of default_charset:
○ iconv.input_encoding
○ iconv.output_encoding
○ iconv.internal_encoding
○ mbstring.http_input
○ mbstring.http_output
○ mbstring.internal_encoding
30. Thanks for your attention!
Slides will be here:
http://www.slideshare.net/Tyrael
If you have any questions:
tyrael@php.net
@Tyr43l