PHP 8.3
Other Changes
Core changes
FFI
FFI::load() is now allowed during preloading when opcache.preload_user is the current system user. Previously, calling FFI::load() was not possible during preloading if the opcache.preload_user directive was set.
FPM
FPM CLI test now fails if the socket path is longer than supported by OS.
Opcache
In the CLI and phpdbg SAPIs, preloading does not require the opcache.preload_user directive to be set anymore when running as root. In other SAPIs, this directive is required when running as root because preloading is done before the SAPI switches to an unprivileged user.
Streams
Blocking fread() on socket connection returns immediately if there are any buffered data instead of waiting for more data.
A memory stream no longer fails if the seek offset is past the end. Instead, the memory will be increased on the next write and the data between the old end and the offset is filled with zero bytes, similar to how files work.
stat() access operations like file_exists() and similar will now use real path instead of the actual stream path. This is consistent with stream opening.
Changes in SAPI Modules
CLI
The STDOUT
, STDERR
and
STDIN
streams are no longer closed on resource
destruction which is mostly when the CLI finishes.
It is however still possible to explicitly close those streams using
fclose() and similar.
Changed Functions
Core
gc_status() has added the following 8 fields:
"running"
=> bool"protected"
=> bool"full"
=> bool"buffer_size"
=> int"application_time"
=> float: Total application time, in seconds (including collector_time)"collector_time"
=> float: Time spent collecting cycles, in seconds (including destructor_time and free_time)"destructor_time"
=> float: Time spent executing destructors during cycle collection, in seconds"free_time"
=> float: Time spent freeing values during cycle collection, in seconds
class_alias() now supports creating an alias of an internal class.
Setting open_basedir at runtime
using ini_set('open_basedir', ...);
no longer accepts paths
containing the parent directory (..
). Previously,
only paths starting with ..
were disallowed. This could
easily be circumvented by prepending ./
to the path.
User exception handlers now catch exceptions during shutdown.
The resultant HTML of highlight_string() and
highlight_file() has changed.
Whitespace between outer HTML tags is removed. Newlines and spaces
are no longer converted to HTML entities. The whole HTML is now wrapped in a
tag. The outer
tag has been merged with the
tag.
Calendar
easter_date() now supports years from 1970 to 2,000,000,000 on 64-bit systems, previously it only supported years in the range from 1970 to 2037.
Curl
curl_getinfo() now supports two new constants:
CURLINFO_CAPATH
and
CURLINFO_CAINFO
. If option is null
, the following
two additional keys are present:
"capath"
and "cainfo"
.
DOM
Changed DOMCharacterData::appendData() tentative return type to true.
DOMDocument::loadHTML(),
DOMDocument::loadHTMLFile(), and
DOMDocument::loadXML() now have a tentative
return type of bool. Previously, this was documented as having a return
type of DOMDocument|bool
, but, as of PHP 8.0.0,
DOMDocument
cannot be returned as it is no longer statically callable.
Gd
The signature of imagerotate() has changed.
The $ignore_transparent
parameter has been removed,
as it was ignored since PHP 5.5.0.
Intl
datefmt_set_timezone() (and its alias
IntlDateformatter::setTimeZone())
now returns true
on success, previously null
was returned.
IntlBreakiterator::setText() now returns false
on failure, previously null
was returned.
It now returns true
on success, previously null
was returned.
IntlChar::enumCharNames() is now returning a boolean.
Previously it returned null
on success and false
on failure.
IntlDateFormatter::__construct() throws an U_ILLEGAL_ARGUMENT_ERROR
exception when an invalid locale had been set.
MBString
mb_strtolower() and mb_convert_case()
implement conditional casing rules for the Greek letter sigma.
For mb_convert_case(),
conditional casing only applies to MB_CASE_LOWER
and MB_CASE_TITLE
modes, not to
MB_CASE_LOWER_SIMPLE
and
MB_CASE_TITLE_SIMPLE
.
mb_decode_mimeheader() interprets underscores in
QPrint-encoded MIME encoded words as required by RFC 2047; they are
converted to spaces.
Underscores must be encoded as "=5F"
in such MIME
encoded words.
In rare cases, mb_encode_mimeheader() will transfer-encode its input string where it would pass it through as raw ASCII in PHP 8.2.
mb_encode_mimeheader() no longer drops NUL (zero) bytes when QPrint-encoding the input string. This previously caused strings in certain text encodings, especially UTF-16 and UTF-32, to be corrupted by mb_encode_mimeheader.
mb_detect_encoding()'s "non-strict" mode now behaves
as described in the documentation.
Previously, it would return false
if the same byte (for example, the first
byte) of the input string was invalid in all candidate encodings.
More generally, it would eliminate candidate encodings from consideration
when an invalid byte was seen, and if the same input byte eliminated all
remaining encodings still under consideration, it would return false
.
On the other hand, if all candidate encodings but one were eliminated
from consideration, it would return the last remaining one without regard
for how many encoding errors might be encountered later in the string.
This is different from the behavior described in the documentation, which
says: "If strict is set to false, the closest matching encoding will be
returned."
mysqli
mysqli_fetch_object() now raises a
ValueError instead of an Exception
when the $constructor_args
argument is non empty with
the class not having constructor.
mysqli_poll() now raises a ValueError
when neither the $read
nor the $error
arguments are passed.
mysqli_field_seek() and mysqli_result::field_seek() now specify the return type as true instead of bool.
ODBC
odbc_autocommit() now accepts null
for the
$enable
parameter.
Passing null
has the same behaviour as passing only 1 parameter,
namely indicating if the autocommit feature is enabled or not.
PGSQL
pg_fetch_object() now raises a
ValueError instead of an Exception
when the $constructor_args
argument is non empty with
the class not having constructor.
pg_insert() now raises a ValueError
instead of a E_WARNING
when the table specified is invalid.
pg_insert() and pg_convert() raises
a ValueError or a TypeError
instead of a E_WARNING
when the value/type of a field
does not match properly with a PostgreSQL's type.
The $row
parameter of
pg_fetch_result(),
pg_field_prtlen(), and
pg_field_is_null() is now nullable.
Random
Changed mt_srand() and srand() to
not check the number of arguments to determine whether a random seed should
be used. Passing null
will generate a random seed, 0
will use zero as the seed. The functions are now consistent with
Random\Engine\Mt19937::__construct().
Reflection
Return type of ReflectionClass::getStaticProperties() is no longer nullable.
Standard
E_NOTICE
s emitted by unserialize()
have been promoted to E_WARNING
.
unserialize() now emits a new E_WARNING
if the input contains unconsumed bytes.
array_pad() is now only limited by the maximum number of elements an array can have. Before, it was only possible to add at most 1048576 elements at a time.
strtok() raises an E_WARNING
in the
case token is not provided when starting tokenization.
password_hash() will now chain the underlying
Random\RandomException
as the ValueError's $previous
Exception when salt generation fails.
If using an array as the $command
for proc_open(), it must now have at least one
non empty element. Otherwise a ValueError
is thrown.
proc_open() returns false if $command
array is invalid command instead of resource object that produces warning later.
This was already the case for Windows but it is now also the case if posix_spawn
implementation is in use (most Linux, BSD and MacOS platforms). There are still
some old platforms where this behavior is not changed as posix_spawn is not
supported there.
array_sum() and array_product() now warn when values in the array cannot be converted to int/float. Previously arrays and objects where ignored whilst every other value was cast to int. Moreover, objects that define a numeric cast (e.g. GMP) are now casted instead of ignored.
The $decimal
of number_format()
now properly handles negative integers.
Rounding with a negative value for $decimal
means
that $num
is rounded to $decimals
significant digits before the decimal point.
Previously negative $decimals
were silently
ignored and the number got rounded to zero decimal places.
A new $before_needle
argument has been added to
strrchr(). It behaves like its counterpart in the
strstr() or stristr() functions.
str_getcsv() and fgetcsv() now return an empty string instead of a string with a single null byte for the last field which only contains an unterminated enclosure.
Other Changes to Extensions
Core
Using the increment/decrement
operators (++
/--
) on values of type
bool now emit warnings.
This is because it currently has no effect, but will behave like
$bool += 1
in the future.
Using the decrement
operator (--
) on values of type null now emit warnings.
This is because it currently has no effect, but will behave like
$null -= 1
in the future.
Internal objects that implement an _IS_NUMBER cast but not a do_operator
handler that overrides addition and subtraction now can be incremented
and decrement as if one would do $o += 1
or $o -= 1
DOM
The DOM lifetime mechanism has been reworked such that implicitly removed nodes can still be fetched. Previously this resulted in an exception.
SQLite3
The SQLite3 class now throws SQLite3Exception (extends Exception) instead of Exception.
The SQLite error code is now passed in the exception error code instead of being included in the error message.
Changes to INI File Handling
-
The
If the value of the setting is equal to the default value, no deprecation notice is emitted. The zend.assertions INI setting should be used instead.assert.*
INI settings have been deprecated. This comprises the following INI settings: -
zend.max_allowed_stack_size is a new INI directive to set the maximum allowed stack size. Possible values are
0
(detect the process or thread maximum stack size),-1
(no limit), or a positive number of bytes. The default is0
. When it is not possible to detect the process or thread maximum stack size, a known system default is used. Setting this value too high has the same effect as disabling the stack size limit. Fibers use fiber.stack_size as maximum allowed stack size. An Error is thrown when the process call stack exceeds zend.max_allowed_stack_size-zend.reserved_stack_size bytes, to prevent stack-overflow-induced segmentation faults, with the goal of making debugging easier. The stack size increases during uncontrolled recursions involving internal functions or the magic methods __toString(), __clone(), __sleep(), __destruct(). This is not related to stack buffer overflows, and is not a security feature. -
zend.reserved_stack_size is a new INI directive to set the reserved stack size, in bytes. This is subtracted from the max allowed stack size, as a buffer, when checking the stack size.
Performance
DOM
Looping over a DOMNodeList now uses caching. Therefore requesting items no longer takes quadratic time by default.
Getting text content from nodes now avoids an allocation, resulting in a performance gain.
DOMChildNode::remove() now runs in O(1) performance.
Standard
The file() flags error check is now about 7% faster.
SPL
RecursiveDirectoryIterator now performs less I/O when looping over a directory.