PHP 6

The PHP world is really excited about the upcoming release of PHP 6.0. Amongst all the uncertainties in any new release, PHP 6.0 seems to be getting rid of three of the earlier troublesome features: register_globals, magic_quotes_gpc and safe_mode. The first was a big security hole, the second messed with the data and made changing environments quite difficult, while the third was usually misread, and provided a false sense of security. There’s also quite a lot of work scheduled to do with Unicode. Read more for some of the changes:

  • The register_globals, safe_mode and various quotes options will be removed.

  • The ereg extension is removed, while the XMLReader, XMLWriter and Fileinfo extensions are added to the core, and by default are on.

  • Another addition I find particularly exciting is that APC (Alternative PHP Cache) will be added to the core, though will be off by default. APC can provide serious performance benefits.

  • All E_STRICT messages will be merged into E_ALL, another positive change that will encourage good programming practice.

  • ASP style <% tags will no longer be supported.

  • A new switch in php.ini will allow you to disable Unicode semantics (by default they will be on).

  • There will also be various string improvements related to Unicode.

  • The microtime() function will return the full floating point number, rather than microseconds unix_timestamp, as at present, probably making the function more readily useful.

  • The {} notation for string indexes will no longer be supported, while the [] version will get added to substr() and array_slice() functionality.

  • FastCGI will always be enabled for the CGI SAPI, and will not allow it to be disabled.
    The ancient HTTP_*_VARS globals will no longer be supported.

  • var will alias public. var was permitted with PHP4 classes, but in PHP 5 this raised a warning. In PHP 6 var will simply be an alias for public, so no warning is necessary.

  • zend.ze1 always tried to retain old PHP4 behaviour, but apparently it “doesn’t work 100%” anyway, so it will be removed totally and throw an E_CORE_ERROR if detected

  • Dynamic functions will no longer be permitted, to be called with static syntax.

  • Both ‘$foo =& new StdClass()’ and ‘function &foo’ will now raise an E_STRICT error.

  • Support for both Freetype 1 and GD 1 support will be removed.Let us await the exiting GD3 soon

  • The FastCGI code will be cleaned up and always enabled for the CGI SAPI, it will not be able to be disabled.

PHP Engine Additions

  • 64 bit integers-A new 64 bit integer will be added (int64). There will be no int32 (it is assumed unless you specify int64)
  • Goto- No ‘goto’ command will be added, but the break keyword will be extended with a static label - so you could do ‘break foo’ and it’ll jump to the label foo: in your code.
  • ifsetor()- It looks like we won’t be seeing this one, which is a shame. But instead the ?: operator will have the ‘middle parameter’ requirement dropped, which means you’d be able to do something like this: “$foo = $_GET[’foo’] ?: 42;” (i.e. if foo is true, $foo will equal 42). This should save some code, but I personally don’t think it is as ‘readable’ as ifsetor would have been.
  • foreach multi-dim arrays-This is a nice change - you’ll be able to foreach through array lists, i.e. “foreach( $a as $k => list($a, $b))”.
  • {} vs []-You can currently use both {} and [] to access string indexes. But the {} notation will raise an E_STRICT in PHP5.1 and will be gone totally in PHP6. Also the [] version will gain substr and array_slice functionality directly - so you could do “[2,]” to access characters 2 to the end, etc. Very handy.

OO changes

  • Static Binding-A new keyword will be created to allow for late static binding - static::static2(), this will perform runtime evaluation of statics.
  • Namespaces-It looks like this one is still undecided - if they do implement namespaces it will be using their style only. My advice? Don’t hold your breath!
  • Type-hinted Return Values-Although they decided against allowing type-hinted properties (becaue it’s “not the PHP way”) they will add support for type-hinted return values, but have yet to decide on a syntax for this. Even so, it will be a nice addition.
  • Calling dynamic functions as static will E_FATAL-At the moment you can call both static and dynamic methods, whether they are static or not. Calling a dynamic function with the static call syntax will raise an E_FATAL.

Additions

  • APC to be in the core distribution-The opcode cache APC will be included in the core distribution of PHP as standard, it will not however be turned on by default (but having it there saves the compilation of yet another thing on your server, and web hosts are more likely to allow it to be enabled)
  • Hardened PHP patch-This patch implements a bunch of extra security checks in PHP. They went over it and the following changes will now take place within PHP: Protection against HTTP Response Splitting will be included. allow_url_fopen will be split into two: allow_url_fopen and allow_url_include. allow_url_fopen will be enabled by default. allow_url_include will be disabled by default.

PHP6 is taking an interesting move in my mind - it’s as if the PHP developers want to now educate developers about the right way to code something, and remove those lingering issues with “Well you SHOULD be doing it this way, but you can still do it the old way”. This will not be the case any longer. Removing totally the likes of register globals, magic quotes, long arrays, {} string indexes and call-time-pass-by-references will force developers to clean up their code.

For more details:

http://php6dev.blogspot.com/#unicode

http://www.corephp.co.uk/archives/19-Prepare-for-PHP-6.html


Php

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)