"Fossies" - the Fresh Open Source Software Archive

Member "php-7.4.1/UPGRADING" (17 Dec 2019, 33699 Bytes) of package /linux/www/php-7.4.1.tar.xz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "UPGRADING": 7.4.0_vs_7.4.1.

    1 PHP 7.4 UPGRADE NOTES
    2 
    3 1. Backward Incompatible Changes
    4 2. New Features
    5 3. Changes in SAPI modules
    6 4. Deprecated Functionality
    7 5. Changed Functions
    8 6. New Functions
    9 7. New Classes and Interfaces
   10 8. Removed Extensions and SAPIs
   11 9. Other Changes to Extensions
   12 10. New Global Constants
   13 11. Changes to INI File Handling
   14 12. Windows Support
   15 13. Migration to pkg-config
   16 14. Other Changes
   17 15. Performance Improvements
   18 
   19 
   20 ========================================
   21 1. Backward Incompatible Changes
   22 ========================================
   23 
   24 - Core:
   25   . Trying to use values of type null, bool, int, float or resource as an
   26     array (such as $null["key"]) will now generate a notice. This does not
   27     affect array accesses performed by list().
   28     RFC: https://wiki.php.net/rfc/notice-for-non-valid-array-container
   29   . get_declared_classes() no longer returns anonymous classes that haven't
   30     been instantiated yet.
   31   . "fn" is now a reserved keyword. In particular, it can no longer be used as a
   32     function or class name. It can still be used as a method or class constant
   33     name.
   34   . Passing the result of a (non-reference) list() assignment by reference is
   35     consistently disallowed now. Previously this worked if the right-hand side
   36     was a simple (CV) variable and did not occur as part of the list().
   37   . `<?php` at the end of the file (without trailing newline) will now be
   38     interpreted as an opening PHP tag. Previously it was interpreted either as
   39     `<? php` and resulted in a syntax error (with short_open_tag=1) or was
   40     interpreted as a literal `<?php` string (with short_open_tag=0).
   41   . When using include/require on a stream, stream_set_option() will be invoked
   42     with the STREAM_OPTION_READ_BUFFER option. Custom stream wrapper
   43     implementations may need to implement the stream_set_option() method to
   44     avoid a warning (always returning false is a sufficient implementation).
   45   . The "creating default object from empty value" warning is now consistently
   46     thrown if a falsy value is promoted into an stdClass object. Previously some
   47     cases like `$null->prop[0] = $val` missed this warning.
   48   . Previously get_declared_classes() always returned parent classes before
   49     child classes. This is no longer the case. No particular order is guaranteed
   50     for the get_declared_classes() return value.
   51 
   52 - BCMath:
   53   . BCMath functions will now warn if a non well-formed number is passed, such
   54     as "32foo". The argument will be interpreted as zero (as before).
   55 
   56 - Curl:
   57   . Attempting to serialize a CURLFile class will now generate an exception.
   58     Previously the exception was only thrown on unserialization.
   59   . Using CURLPIPE_HTTP1 is deprecated, and is no longer supported as of cURL
   60     7.62.0.
   61   . The $version parameter of curl_version() is deprecated. If any value not
   62     equal to the default CURLVERSION_NOW is passed, a warning is raised and the
   63     parameter is ignored.
   64 
   65 - Date:
   66   . Calling var_dump() or similar on a DateTime(Immutable) instance will no
   67     longer leave behind accessible properties on the object.
   68   . Comparison of DateInterval objects (using ==, < and so on) will now generate
   69     a warning and always return false. Previously all DateInterval objects were
   70     considered equal, unless they had properties.
   71 
   72 - Intl:
   73   . The default parameter value of idn_to_ascii() and idn_to_utf8() is now
   74     INTL_IDNA_VARIANT_UTS46 instead of the deprecated INTL_IDNA_VARIANT_2003.
   75 
   76 - MySQLi:
   77   . The embedded server functionality has been removed. It was broken since
   78     at least PHP 7.0.
   79   . The undocumented mysqli::$stat property has been removed in favor of
   80     mysqli::stat().
   81 
   82 - Openssl:
   83   . The openssl_random_pseudo_bytes() function will now throw an exception in
   84     error situations, similar to random_bytes(). In particular, an Error is
   85     thrown if the number of requested bytes is less than *or equal to* zero,
   86     and an Exception is thrown if sufficient randomness cannot be gathered.
   87     The $crypto_strong output argument is guaranteed to always be true if the
   88     function does not throw, so explicitly checking it is not necessary.
   89     RFC: http://php.net/manual/de/function.openssl-random-pseudo-bytes.php
   90 
   91 - Pcntl:
   92   . The $restart_syscalls flag for pcntl_signal() will now be respected for
   93     SIGALARM. Previously it was hardcoded to false. To reduce the backwards
   94     compatibility impact, the default for SIGALARM will remain false however.
   95 
   96 - PCRE:
   97   . When PREG_UNMATCHED_AS_NULL mode is used, trailing unmatched capturing
   98     groups will now also be set to null (or [null, -1] if offset capture is
   99     enabled). This means that the size of the $matches will always be the same.
  100 
  101 - PEAR:
  102   . Installation of PEAR (including PECL) is no longer enabled by default. It
  103     can be explicitly enabled using --with-pear. This option is deprecated and
  104     may be removed in the future.
  105 
  106 - PDO:
  107   . Attempting to serialize a PDO or PDOStatement instance will now generate
  108     an Exception rather than a PDOException, consistent with other internal
  109     classes which do not support serialization.
  110 
  111 - Reflection:
  112   . Reflection objects will now generate an exception if an attempt is made
  113     to serialize them. Serialization for reflection objects was never
  114     supported and resulted in corrupted reflection objects. It has been
  115     explicitly prohibited now.
  116   . The signature of the ReflectionMethod::getClosure() method changed to
  117     account for existing behavior with static methods:
  118         Before: ReflectionMethod::getClosure($object)
  119         After: ReflectionMethod::getClosure($object = null)
  120     The new signature is also (LSP) compatible with older PHP versions.
  121 
  122 - SPL:
  123   . Calling get_object_vars() on an ArrayObject instance will now always return
  124     the properties of the ArrayObject itself (or a subclass). Previously it
  125     returned the values of the wrapped array/object unless the STD_PROP_LIST
  126     flag was specified. Other affected operations are:
  127 
  128      * ReflectionObject::getProperties()
  129      * reset(), current(), etc. Use Iterator methods instead.
  130      * Potentially others working on object properties as a list.
  131      * Other internal functions that iterate over an array, but which
  132        previously silently accepted an ArrayObject as well; eg curl_setopt()
  133        when used with an option that expects an array.
  134 
  135     (array) casts are *not* affected. They will continue to return either the
  136     wrapped array, or the ArrayObject properties, depending on whether the
  137     STD_PROP_LIST flag is used.
  138   . SplPriorityQueue::setExtractFlags() will throw an exception if zero is
  139     passed. Previously this would generate a recoverable fatal error on the
  140     next extraction operation.
  141   . ArrayObject, ArrayIterator, SplDoublyLinkedList and SplObjectStorage now
  142     support the __serialize() + __unserialize() mechanism in addition to the
  143     Serializable interface. This means that serialization payloads created on
  144     older PHP versions can still be unserialized, but new payloads created by
  145     PHP 7.4 will not be understood by older versions.
  146 
  147 - Standard:
  148   . The "o" serialization format has been removed. As it is never produced by
  149     PHP, this may only break unserialization of manually crafted strings.
  150   . Password hashing algorithm identifiers are now nullable strings rather
  151     than integers.
  152 
  153      * PASSWORD_DEFAULT was int 1; now is null
  154      * PASSWORD_BCRYPT was int 1; now is string '2y'
  155      * PASSWORD_ARGON2I was int 2; now is string 'argon2i'
  156      * PASSWORD_ARGON2ID was int 3; now is string 'argon2id'
  157 
  158     Applications correctly using the constants PASSWORD_DEFAULT,
  159     PASSWORD_BCRYPT, PASSWORD_ARGON2I, and PASSWORD_ARGON2ID will continue to
  160     function correctly.
  161   . htmlentities() will now throw a notice (instead of a strict standards
  162     warning) if it is used with an encoding for which only basic entity
  163     substitution is supported, in which case it is equivalent to
  164     htmlspecialchars().
  165   . fread() and fwrite() will now return false if the operation failed.
  166     Previously an empty string or 0 was returned. EAGAIN/EWOULDBLOCK are not
  167     considered failures.
  168   . fread() and fwrite() on plain files will now throw a notice on failure,
  169     such as when trying to write to a read-only file resource.
  170   . The stream_read() and stream_write() methods on stream wrappers now
  171     interpret "false" as a failure return values. If no data is available, but
  172     no error occurred, an empty string should be returned instead.
  173   . round(-0.0) will now return -0.0 rather than +0.0.
  174 
  175 - Tokenizer:
  176   . token_get_all() will now emit a T_BAD_CHARACTER token for unexpected
  177     characters instead of leaving behind holes in the token stream.
  178 
  179 ========================================
  180 2. New Features
  181 ========================================
  182 
  183 - Core:
  184   . Added support for typed properties. For example:
  185 
  186         class User {
  187             public int $id;
  188             public string $name;
  189         }
  190 
  191     This will enforce that $user->id can only be assigned integers and
  192     $user->name can only be assigned strings. For more information see the
  193     RFC: https://wiki.php.net/rfc/typed_properties_v2
  194 
  195   . Added support for arrow functions with implicit by-value scope binding.
  196     For example:
  197 
  198         $factor = 10;
  199         $nums = array_map(fn($num) => $num * $factor, $nums);
  200 
  201     RFC: https://wiki.php.net/rfc/arrow_functions_v2
  202 
  203   . Added support for limited return type covariance and argument type
  204     contravariance. The following code will now work:
  205 
  206         class A {}
  207         class B extends A {}
  208 
  209         class Producer {
  210             public function method(): A {}
  211         }
  212         class ChildProducer extends Producer {
  213             public function method(): B {}
  214         }
  215 
  216     Full variance support is only available if autoloading is used. Inside a
  217     single file only non-cyclic type references are possible, because all
  218     classes need to be available before they are referenced.
  219     RFC: https://wiki.php.net/rfc/covariant-returns-and-contravariant-parameters
  220 
  221   . Added support for coalesce assign (??=) operator. For example:
  222 
  223         $array['key'] ??= computeDefault();
  224         // is roughly equivalent to
  225         if (!isset($array['key'])) {
  226             $array['key'] = computeDefault();
  227         }
  228 
  229     RFC: https://wiki.php.net/rfc/null_coalesce_equal_operator
  230 
  231   . Added support for unpacking inside arrays. For example:
  232 
  233         $arr1 = [3, 4];
  234         $arr2 = [1, 2, ...$arr1, 5];
  235         // $arr2 == [1, 2, 3, 4, 5]
  236 
  237     RFC: https://wiki.php.net/rfc/spread_operator_for_array
  238 
  239   . Added support for underscore separators in numeric literals. Some examples:
  240 
  241         6.674_083e-11; // float
  242         299_792_458;   // decimal
  243         0xCAFE_F00D;   // hexadecimal
  244         0b0101_1111;   // binary
  245 
  246     RFC: https://wiki.php.net/rfc/numeric_literal_separator
  247 
  248   . Support for WeakReferences has been added.
  249     RFC: https://wiki.php.net/rfc/weakrefs
  250 
  251   . Throwing exceptions from __toString() is now permitted. Previously this
  252     resulted in a fatal error. Existing recoverable fatals in string conversions
  253     have been converted to Error exceptions.
  254     RFC: https://wiki.php.net/rfc/tostring_exceptions
  255 
  256 - CURL:
  257   . CURLFile now supports stream wrappers in addition to plain file names, if
  258     the extension has been built against libcurl >= 7.56.0.  The streams may
  259     need to be seekable.
  260 
  261 - Filter:
  262   . The FILTER_VALIDATE_FLOAT filter now supports the min_range and max_range
  263     options, with the same semantics as FILTER_VALIDATE_INT.
  264 
  265 - FFI:
  266   . A new extension which provides a simple way to call native functions, access
  267     native variables and create/access data structures defined in C libraries.
  268     RFC: https://wiki.php.net/rfc/ffi
  269 
  270 - GD:
  271   . Added the "scatter" image filter (IMG_FILTER_SCATTER) to apply a scatter
  272     filter to images. This filter has the following prototype:
  273 
  274         imagefilter($im, IMG_FILTER_SCATTER, int $sub, int $plus, array $colors = []);
  275 
  276     The $colors array can be populated with a set of indexed colors to
  277     apply the scatter pixel shifting on.
  278 
  279     Note, the result of this filter is always random.
  280 
  281 - Hash:
  282   . Added "crc32c" hash using Castagnoli's polynomial. This crc32 variant is
  283     used by storage systems, such as iSCSI, SCTP, Btrfs and ext4.
  284 
  285 - Mbstring:
  286   . Added mb_str_split() function, which provides the same functionality as
  287     str_split(), but operating on code points rather than bytes.
  288     RFC: https://wiki.php.net/rfc/mb_str_split
  289   . Added mbstring.regex_retry_limit ini setting defaulting to 1000000. It
  290     limits the amount of backtracking that may be performed during one mbregex
  291     match and thus protects against exponential backtracking attacks (ReDOS).
  292     This setting only takes effect when linking against oniguruma >= 6.8.0.
  293 
  294 - OPcache:
  295   . Support for preloading code has been added.
  296     RFC: https://wiki.php.net/rfc/preload
  297 
  298 - PCRE:
  299   . The preg_replace_callback() and preg_replace_callback_array() functions now
  300     accept an additional $flags argument, with support for the
  301     PREG_OFFSET_CAPTURE and PREG_UNMATCHED_AS_NULL flags. This influences the
  302     format of the matches array passed to the callback function.
  303 
  304 - PDO:
  305   . The username and password can now be specified as part of the PDO DSN for
  306     the mysql, mssql, sybase, dblib, firebird and oci drivers. Previously this
  307     was only supported by the pgsql driver. If a username/password is specified
  308     both in the constructor and the DSN, the constructor takes precedence.
  309 
  310         new PDO("mysql:host=xxx;port=xxx;dbname=xxx;user=xxx;password=xxx");
  311 
  312 - PDO_OCI:
  313   . PDOStatement::getColumnMeta() is now available
  314 
  315 - PDO_SQLite:
  316   . PDOStatement::getAttribute(PDO::SQLITE_ATTR_READONLY_STATEMENT) allows
  317     checking whether the statement is read-only, i.e. if it doesn't modify
  318     the database.
  319   . PDO::setAttribute(PDO::SQLITE_ATTR_EXTENDED_RESULT_CODES, true) enables the
  320     use of SQLite3 extended result codes in errorInfo().
  321 
  322 - SQLite3:
  323   . Added SQLite3::lastExtendedErrorCode() to fetch the last extended result
  324     code.
  325   . Added SQLite3::enableExtendedResultCodes($enable = true), which will make
  326     SQLite3::lastErrorCode() return extended result codes.
  327 
  328 - Standard:
  329   . strip_tags() now also accepts an array of allowed tags: Instead of
  330     strip_tags($str, '<a><p>') you can now write strip_tags($str, ['a', 'p']).
  331 
  332   . A new mechanism for custom object serialization has been added, which
  333     uses two new magic methods:
  334 
  335         // Returns array containing all the necessary state of the object.
  336         public function __serialize(): array;
  337 
  338         // Restores the object state from the given data array.
  339         public function __unserialize(array $data): void;
  340 
  341     The new serialization mechanism supersedes the Serializable interface,
  342     which will be deprecated in the future.
  343 
  344     RFC: https://wiki.php.net/rfc/custom_object_serialization
  345 
  346   . A new 'max_depth' option for unserialize(), as well as an
  347     unserialize_max_depth ini setting have been added. These control the
  348     maximum depth of structures permitted during unserialization, and are
  349     intended to prevent stack overflows. The default depth limit is 4096 and
  350     can be disabled by setting unserialize_max_depth=0.
  351 
  352   . array_merge() and array_merge_recursive() may now be called without any
  353     arguments, in which case they will return an empty array. This is useful
  354     in conjunction with the spread operator, e.g. array_merge(...$arrays).
  355 
  356   . proc_open() now accepts an array instead of a string for the command. In
  357     this case the process will be opened directly (without going through a
  358     shell) and PHP will take care of any necessary argument escaping.
  359 
  360         proc_open(['php', '-r', 'echo "Hello World\n";'], $descriptors, $pipes);
  361 
  362   . proc_open() now supports "redirect" and "null" descriptors. For example:
  363 
  364         // Like 2>&1 on the shell
  365         proc_open($cmd, [1 => ['pipe', 'w'], 2 => ['redirect', 1]], $pipes);
  366         // Like 2>/dev/null or 2>nul on the shell
  367         proc_open($cmd, [1 => ['pipe', 'w'], 2 => ['null']], $pipes);
  368 
  369   . password_hash() has argon2i(d) implementations from ext/sodium when PHP is
  370     built without libargon.
  371 
  372     RFC: https://wiki.php.net/rfc/sodium.argon.hash
  373 
  374 ========================================
  375 3. Changes in SAPI modules
  376 ========================================
  377 
  378 ========================================
  379 4. Deprecated Functionality
  380 ========================================
  381 
  382 - Core:
  383   . Nesting ternary operators without explicit parentheses is deprecated:
  384 
  385         // Code like
  386         $a ? $b : $c ? $d : $e
  387         // should be replaced by (current interpretation)
  388         ($a ? $b : $c) ? $d : $e
  389         // or (likely intended interpretation)
  390         $a ? $b : ($c ? $d : $e)
  391 
  392     RFC: https://wiki.php.net/rfc/ternary_associativity
  393   . The array and string offset access syntax using curly braces is deprecated.
  394     Use $str[$idx] instead of $str{$idx}.
  395     RFC: https://wiki.php.net/rfc/deprecate_curly_braces_array_access
  396   . The (real) cast is deprecated, use (float) instead.
  397   . Unbinding $this of a non-static method through a combination of
  398     ReflectionMethod::getClosure() and closure rebinding is deprecated. Doing
  399     so is equivalent to calling a non-static method statically, which has been
  400     deprecated since PHP 7.0.
  401   . Unbinding $this of a non-static closure that uses $this is deprecated.
  402   . Using "parent" inside a class without a parent is deprecated, and will throw
  403     a compile-time error in the future. Currently an error will only be
  404     generated if/when the parent is accessed at run-time.
  405   . The allow_url_include ini directive is deprecated. Enabling it will generate
  406     a deprecation notice at startup.
  407 
  408 - COM:
  409   . Importing type libraries with case-insensitive constant registering has been
  410     deprecated.
  411 
  412 - Filter:
  413   . FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES
  414     instead.
  415 
  416 - Mbstring:
  417   . Passing a non-string pattern to mb_ereg_replace() is deprecated. Currently
  418     non-string patterns are interpreted as ASCII codepoints. In PHP 8 the
  419     pattern will be interpreted as a string instead.
  420   . Passing the encoding as 3rd parameter to mb_strrpos() is deprecated. Instead
  421     pass a 0 offset and encoding as 4th parameter.
  422 
  423 - LDAP:
  424   . ldap_control_paged_result_response and ldap_control_paged_result are
  425     deprecated. Pagination controls can be sent along with ldap_search instead.
  426 
  427 - Reflection:
  428   . Calls to ReflectionType::__toString() now generate a deprecation notice.
  429     This method has been deprecated in favor of ReflectionNamedType::getName()
  430     in the documentation since PHP 7.1, but did not throw a deprecation notice
  431     for technical reasons.
  432   . The export() methods on all Reflection classes are deprecated. Construct a
  433     Reflection object and convert it to string instead:
  434 
  435         // ReflectionClass::export(Foo::class, false) is:
  436         echo new ReflectionClass(Foo::class), "\n";
  437         // $str = ReflectionClass::export(Foo::class, true) is:
  438         $str = (string) new ReflectionClass(Foo::class);
  439 
  440 - Socket:
  441   . The AI_IDN_ALLOW_UNASSIGNED and AI_IDN_USE_STD3_ASCII_RULES flags for
  442     socket_addrinfo_lookup() are deprecated, due to an upstream deprecation in
  443     glibc.
  444 
  445 - Standard:
  446   . Passing invalid characters to ''base_convert()'', ''bindec()'', ''octdec()''
  447     and ''hexdec()'' will now generate a deprecation notice. The result will
  448     still be computed as if the invalid characters did not exist. Leading and
  449     trailing whitespace, as well as prefixes of type 0x (depending on base)
  450     continue to be allowed.
  451   . Using array_key_exists() on objects is deprecated. Instead either isset()
  452     or property_exists() should be used.
  453   . The is_real() function is deprecated, use is_float() instead.
  454   . The get_magic_quotes_gpc() and get_magic_quotes_runtime() functions are
  455     deprecated. They always return false.
  456   . The hebrevc() function is deprecated. It can be replaced with
  457     nl2br(hebrev($str)), or preferably the use of Unicode RTL support.
  458   . The convert_cyr_string() function is deprecated. It can be replaced by one
  459     of mb_convert_string(), iconv() or UConverter.
  460   . The money_format() function is deprecated. It can be replaced by the
  461     intl NumberFormatter functionality.
  462   . The ezmlm_hash() function is deprecated.
  463   . The restore_include_path() function is deprecated. It can be replaced by
  464     ini_restore('include_path').
  465   . Passing parameters to implode() in reverse order is deprecated, use
  466     implode($glue, $parts) instead of implode($parts, $glue).
  467 
  468 ========================================
  469 5. Changed Functions
  470 ========================================
  471 
  472 - SPL:
  473   . SplFileObject::fputcsv(), ::fgetcsv() and ::setCsvControl() now accept an
  474     empty string as $escape argument, which disables the proprietary PHP
  475     escaping mechanism. SplFileObject::getCsvControl() now may also return an
  476     empty string for the third array element, accordingly.
  477 
  478 - Standard:
  479   . fputcsv() and fgetcsv() now accept an empty string as $escape argument,
  480     which disables the proprietary PHP escaping mechanism. The behavior of
  481     str_getcsv() has been adjusted accordingly (formerly, an empty string was
  482     identical to using the default).
  483   . proc_open() on Windows can be passed a "create_process_group" option. It
  484     is required, if the child process is supposed to handle CTRL events.
  485   . password_hash() now accepts nullable string and int as $algo argument.
  486   . password_needs_rehash() now accepts nullable string and int as $algo
  487     argument.
  488 
  489 ========================================
  490 6. New Functions
  491 ========================================
  492 
  493 - Core:
  494   . Added get_mangled_object_vars($object) function, which returns the mangled
  495     object properties. It returns the same result as (array) $object, with the
  496     exception that it ignores overloaded array casts, such as used by
  497     ArrayObject.
  498 
  499 - GD:
  500   . Added imagecreatefromtga() function, which allows reading images in TGA
  501     format. TGA support is now also indicated by gd_info() and imagetypes().
  502     Note that TGA images are not recognized by imagecreatefromstring() and
  503     getimagesize().
  504 
  505 - OpenSSL:
  506   . Added openssl_x509_verify(mixed cert, mixed key) function that verifies the
  507     signature of the certificate using a public key. A wrapper around the
  508     OpenSSL's X509_verify() function.
  509     See <https://github.com/php/php-src/pull/3624>.
  510 
  511 - Pcntl:
  512   . Added bool pcntl_unshare(int flags) function which allows dissociating
  513     parts of the process execution context which are currently being shared with
  514     other processes. Explicitly, it allows you to unshare the mount, IPC, UTS,
  515     network, PID, user and cgroup namespaces.
  516 
  517 - SQLite3:
  518   . Added SQLite3Stmt::getSQL() to retrieve the SQL of the statement. If true is
  519     passed as $expanded argument, query parameters will be replaced in the
  520     return value by their currently bound value, if libsqlite ≥ 3.14 is used.
  521   . Added SQLite3::backup() to create database backups via the SQLite3 online
  522     backup API.
  523 
  524 - Standard
  525   . bool sapi_windows_set_ctrl_handler(callable handler, [, bool add = true]) -
  526     set or remove a handler function upon receiving a CTRL event. The handler
  527     function is expected to have this signature: "function handler(int $event)".
  528   . bool sapi_windows_generate_ctrl_event(int type, int pid) - send a CTRL event
  529     to another process.
  530   . array password_algos() - return a complete list of all registered password
  531     hashing algorithms. For more details see the RFC:
  532     https://wiki.php.net/rfc/password_registry
  533 
  534 ========================================
  535 7. New Classes and Interfaces
  536 ========================================
  537 
  538 - Reflection:
  539   . A new ReflectionReference class has been added, which allows detecting
  540     references and comparing them for identity. For more details see the RFC:
  541     https://wiki.php.net/rfc/reference_reflection
  542 
  543 ========================================
  544 8. Removed Extensions and SAPIs
  545 ========================================
  546 
  547 - Interbase:
  548   . The interbase extension has been moved to PECL. Access to an InterBase
  549     and/or FireBird based database is still available with the PDO_Firebird
  550     extension. For more details see the RFC:
  551     https://wiki.php.net/rfc/deprecate-and-remove-ext-interbase
  552 
  553 - Recode:
  554   . The recode extension has been moved to PECL. For character set/encoding
  555     conversion the iconv or mbstring extensions could be used instead.
  556     RFC: https://wiki.php.net/rfc/unbundle_recode
  557 
  558 - WDDX:
  559   . The WDDX extension has been deprecated and moved to PECL.
  560     RFC: https://wiki.php.net/rfc/deprecate-and-remove-ext-wddx
  561 
  562 ========================================
  563 9. Other Changes to Extensions
  564 ========================================
  565 
  566 - GD:
  567   . The behavior of imagecropauto() in the bundled libgd has been synced with
  568     that of system libgd:
  569      * IMG_CROP_DEFAULT is no longer falling back to IMG_CROP_SIDES
  570      * Threshold-cropping now uses the algorithm of system libgd
  571   . The default $mode parameter of imagecropauto() has been changed to
  572     IMG_CROP_DEFAULT; passing -1 is now deprecated.
  573   . imagescale() now supports aspect ratio preserving scaling to a fixed height
  574     by passing -1 as $new_width.
  575 
  576 - Filter:
  577   . The filter extension no longer exposes --with-pcre-dir for Unix builds and
  578     can now reliably be built as shared when using ./configure once more.
  579 
  580 - Hash:
  581   . The hash extension cannot be disabled anymore and is always an integral part
  582     of any PHP build, similar to the date extension.
  583 
  584 - Intl:
  585   . The Intl extension now requires at least ICU 50.1.
  586   . ResourceBundle now implements Countable.
  587 
  588 - Ldap:
  589   . Support for nsldap has been removed.
  590   . Support for umich_ldap has been removed.
  591 
  592 - Libxml:
  593   . All libxml based extensions now require libxml 2.7.6 or newer.
  594 
  595 - Mbstring:
  596   . The oniguruma library is no longer bundled with PHP, instead libonig needs
  597     to be available on the system. Alternatively --disable-mbregex can be used
  598     to disable the mbregex component.
  599 
  600 - OPcache:
  601   . The --disable-opcache-file|--enable-opcache-file configure options have been
  602     removed in favor of the opcache.file_cache INI directive.
  603 
  604 - PDO:
  605   . It is now possible to escape question marks in SQL queries to avoid them
  606     being interpreted as parameter placeholders. Writing "??" allows sending
  607     a single question mark to the database and e.g. use the PostgreSQL JSON key
  608     exists "?" operator. For more details see the RFC:
  609     https://wiki.php.net/rfc/pdo_escape_placeholders
  610 
  611 - PDO_Firebird:
  612   . The extension now also support dialect 1 in addition to dialect 3.
  613 
  614 - Reflection:
  615   . Numeric value of class, property, function and constant modifiers was
  616     changed. Don't filter methods and properties through
  617     ReflectionClass::getMethods() and ReflectionClass::getProperties(), or test
  618     results of Reflection...::getModifiers(), using hard-coded numeric values.
  619     Use corresponding constants instead (e.g. ReflectionMethod::IS_PUBLIC).
  620 
  621 - SimpleXML:
  622   . SimpleXMLElement now implements Countable.
  623 
  624 - SQLite3:
  625   . The bundled libsqlite has been removed. To build the SQLite3 extension a
  626     system libsqlite3 ≥ 3.7.4 is now required. To build the PDO_SQLite extension
  627     a system libsqlite3 ≥ 3.5.0 is now required.
  628   . (Un)serialization of SQLite3, SQLite3Stmt and SQLite3Result is now
  629     explicitly forbidden. Formerly, serialization of instances of these classes
  630     was possible, but unserialization yielded unusable objects.
  631   . The @param notation can now also be used to denote SQL query parameters.
  632 
  633 - Zip:
  634   . The bundled libzip library has been removed. A system libzip >= 0.11 is now
  635     necessary to build the extension.
  636 
  637 ========================================
  638 10. New Global Constants
  639 ========================================
  640 
  641 - Mbstring:
  642   . MB_ONIGURUMA_VERSION specifies the version of the oniguruma library against
  643     which mbregex has been built.
  644 
  645 - Socket:
  646   . Added FreeBSD-specific socket options:
  647   . SO_LABEL
  648   . SO_PEERLABEL
  649   . SO_LISTENQLIMIT
  650   . SO_LISTENQLEN
  651   . SO_USER_COOKIE
  652 
  653 - Standard:
  654   . PHP_WINDOWS_EVENT_CTRL_C
  655   . PHP_WINDOWS_EVENT_CTRL_BREAK
  656 
  657 - Tidy:
  658   . TIDY_TAG_ARTICLE
  659   . TIDY_TAG_ASIDE
  660   . TIDY_TAG_AUDIO
  661   . TIDY_TAG_BDI
  662   . TIDY_TAG_CANVAS
  663   . TIDY_TAG_COMMAND
  664   . TIDY_TAG_DATALIST
  665   . TIDY_TAG_DETAILS
  666   . TIDY_TAG_DIALOG
  667   . TIDY_TAG_FIGCAPTION
  668   . TIDY_TAG_FIGURE
  669   . TIDY_TAG_FOOTER
  670   . TIDY_TAG_HEADER
  671   . TIDY_TAG_HGROUP
  672   . TIDY_TAG_MAIN
  673   . TIDY_TAG_MARK
  674   . TIDY_TAG_MENUITEM
  675   . TIDY_TAG_METER
  676   . TIDY_TAG_NAV
  677   . TIDY_TAG_OUTPUT
  678   . TIDY_TAG_PROGRESS
  679   . TIDY_TAG_SECTION
  680   . TIDY_TAG_SOURCE
  681   . TIDY_TAG_SUMMARY
  682   . TIDY_TAG_TEMPLATE
  683   . TIDY_TAG_TIME
  684   . TIDY_TAG_TRACK
  685   . TIDY_TAG_VIDEO
  686 
  687 ========================================
  688 11. Changes to INI File Handling
  689 ========================================
  690 
  691 - zend.exception_ignore_args
  692   . New INI directive to include or exclude arguments from stack traces
  693     generated for exceptions.
  694 
  695 - opcache.preload_user
  696   . New INI directive to specify the user account under which preloading code
  697     is executed, if it was to be run as root otherwise (which is not allowed
  698     for security reasons).
  699 
  700 ========================================
  701 12. Windows Support
  702 ========================================
  703 
  704 - stat:
  705   . The stat implementation has been refactored.
  706     - An inode number is delivered and is based on the NTFS file index.
  707     - The device number is now based on the volume serial number.
  708 
  709   Note that both values are derived from the system and provided as is on 64-bit
  710   systems. On 32-bit systems, these values might overflow the 32-bit integer in
  711   PHP, so they're fake.
  712 
  713 - CTRL+C and CTRL+BREAK on console can be caught by setting a handler function
  714   with sapi_windows_set_ctrl_handler().
  715 
  716 - configure now regards additional CFLAGS and LDFLAGS set as environment
  717   variables.
  718 
  719 - OPcache now supports an arbitrary amount of separate caches per user via
  720   the INI directive opcache.cache_id. All processes with the same cache ID and
  721   user share an OPcache instance.
  722 
  723 - The OpenSSL default config path has been changed to 
  724   "C:\Program Files\Common Files\SSL\openssl.cnf" and
  725   "C:\Program Files (x86)\Common Files\SSL\openssl.cnf", respectively.
  726 
  727 ========================================
  728 13. Migration to pkg-config
  729 ========================================
  730 
  731 A number of extensions have been migrated to exclusively use pkg-config for the
  732 detection of library dependencies. Generally, this means that instead of using
  733 --with-foo-dir=DIR or similar only --with-foo is used. Custom library paths can
  734 be specified either by adding additional directories to PKG_CONFIG_PATH or by
  735 explicitly specifying compilation options through FOO_CFLAGS and FOO_LIBS.
  736 
  737 The following extensions and SAPIs are affected:
  738 
  739 - Curl:
  740   . --with-curl no longer accepts a directory.
  741 
  742 - Enchant:
  743   . --with-enchant no longer accepts a directory.
  744 
  745 - FPM:
  746   . --with-fpm-systemd now uses only pkg-config for libsystem checks. The
  747     libsystemd minimum required version is 209.
  748 
  749 - GD:
  750   . --with-gd becomes --enable-gd (whether to enable the extension at all) and
  751     --with-external-gd (to opt into using an external libgd, rather than the
  752     bundled one).
  753   . --with-png-dir has been removed. libpng is required.
  754   . --with-zlib-dir has been removed. zlib is required.
  755   . --with-freetype-dir becomes --with-freetype.
  756   . --with-jpeg-dir becomes --with-jpeg.
  757   . --with-webp-dir becomes --with-webp.
  758   . --with-xpm-dir becomes --with-xpm.
  759 
  760 - IMAP:
  761   . --with-kerberos no longer accepts a directory.
  762 
  763 - Intl:
  764   . --with-icu-dir has been removed. If --enable-intl is passed, then libicu is
  765     always required.
  766 
  767 - Ldap:
  768   . --with-ldap-sasl no longer accepts a directory.
  769 
  770 - Libxml:
  771   . --with-libxml-dir has been removed.
  772   . --enable-libxml becomes --with-libxml.
  773   . --with-libexpat-dir has been renamed to --with-expat and no longer accepts a
  774     directory.
  775 
  776 - LiteSpeed:
  777   . --with-litespeed becomes --enable-litespeed.
  778 
  779 - Mbstring:
  780   . --with-onig has been removed. Unless --disable-mbregex has been passed,
  781     libonig is required.
  782 
  783 - ODBC:
  784   . --with-iodbc no longer accepts a directory.
  785   . --with-unixODBC without a directory now uses pkg-config (preferred).
  786     Directory is still accepted for old versions without libodbc.pc.
  787 
  788 - OpenSSL:
  789   . --with-openssl no longer accepts a directory.
  790   . --with-kerberos no longer accepts a directory.
  791 
  792 - PCRE:
  793   . --with-pcre-regex has been removed. Instead --with-external-pcre is provided
  794     to opt into using an external PCRE library, rather than the bundled one.
  795 
  796 - PDO_SQLite:
  797   . --with-pdo-sqlite no longer accepts a directory.
  798 
  799 - Readline:
  800   . --with-libedit no longer accepts a directory.
  801 
  802 - Sodium:
  803   . --with-sodium no longer accepts a directory.
  804 
  805 - SQLite3:
  806   . --with-sqlite3 no longer accepts a directory.
  807 
  808 - XSL:
  809   . --with-xsl no longer accepts a directory.
  810 
  811 - Zip:
  812   . --with-libzip has been removed.
  813   . --enable-zip becomes --with-zip.
  814 
  815 ========================================
  816 14. Other Changes
  817 ========================================
  818 
  819 ========================================
  820 15. Performance Improvements
  821 ========================================
  822 
  823 - Core:
  824   . A specialized VM opcode for the array_key_exists() function has been added,
  825     which improves performance of this function if it can be statically
  826     resolved. In namespaced code, this may require writing \array_key_exists()
  827     or explicitly importing the function.
  828 
  829 - PCRE:
  830   . When preg_match() in UTF-8 mode ("u" modifier) is repeatedly called on the
  831     same string (but possibly different offsets), it will only be checked for
  832     UTF-8 validity once.