PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 28 Nov 2019, PHP 7.4.0 - Core: . Implemented RFC: Deprecate curly brace syntax for accessing array elements and string offsets. https://wiki.php.net/rfc/deprecate_curly_braces_array_access (Andrey Gromov) . Implemented RFC: Deprecations for PHP 7.4. https://wiki.php.net/rfc/deprecations_php_7_4 (Kalle, Nikita) . Fixed bug #52752 (Crash when lexing). (Nikita) . Fixed bug #60677 (CGI doesn't properly validate shebang line contains #!). (Nikita) . Fixed bug #71030 (Self-assignment in list() may have inconsistent behavior). (Nikita) . Fixed bug #72530 (Use After Free in GC with Certain Destructors). (Nikita) . Fixed bug #75921 (Inconsistent: No warning in some cases when stdObj is created on the fly). (David Walker) . Implemented FR #76148 (Add array_key_exists() to the list of specially compiled functions). (Majkl578) . Fixed bug #76430 (__METHOD__ inconsistent outside of method). (Ryan McCullagh, Nikita) . Fixed bug #76451 (Aliases during inheritance type checks affected by opcache). (Nikita) . Implemented FR #77230 (Support custom CFLAGS and LDFLAGS from environment). (cmb) . Fixed bug #77345 (Stack Overflow caused by circular reference in garbage collection). (Alexandru Patranescu, Nikita, Dmitry) . Fixed bug #77812 (Interactive mode does not support PHP 7.3-style heredoc). (cmb, Nikita) . Fixed bug #77877 (call_user_func() passes $this to static methods). (Dmitry) . Fixed bug #78066 (PHP eats the first byte of a program that comes from process substitution). (Nikita) . Fixed bug #78151 (Segfault caused by indirect expressions in PHP 7.4a1). (Nikita) . Fixed bug #78154 (SEND_VAR_NO_REF does not always send reference). (Nikita) . Fixed bug #78182 (Segmentation fault during by-reference property assignment). (Nikita) . Fixed bug #78212 (Segfault in built-in webserver). (cmb) . Fixed bug #78220 (Can't access OneDrive folder). (cmb, ab) . Fixed bug #78226 (Unexpected __set behavior with typed properties). (Nikita) . Fixed bug #78239 (Deprecation notice during string conversion converted to exception hangs). (Nikita) . Fixed bug #78335 (Static properties/variables containing cycles report as leak). (Nikita) . Fixed bug #78340 (Include of stream wrapper not reading whole file). (Nikita) . Fixed bug #78344 (Segmentation fault on zend_check_protected). (Nikita) . Fixed bug #78356 (Array returned from ArrayAccess is incorrectly unpacked as argument). (Nikita) . Fixed bug #78379 (Cast to object confuses GC, causes crash). (Dmitry) . Fixed bug #78386 (fstat mode has unexpected value on PHP 7.4). (cmb) . Fixed bug #78396 (Second file_put_contents in Shutdown hangs script). (Nikita) . Fixed bug #78406 (Broken file includes with user-defined stream filters). (Nikita) . Fixed bug #78438 (Corruption when __unserializing deeply nested structures). (cmb, Nikita) . Fixed bug #78441 (Parse error due to heredoc identifier followed by digit). (cmb) . Fixed bug #78454 (Consecutive numeric separators cause OOM error). (Theodore Brown) . Fixed bug #78460 (PEAR installation failure). (Peter Kokot, L. Declercq) . Fixed bug #78531 (Crash when using undefined variable as object). (Dmitry) . Fixed bug #78535 (auto_detect_line_endings value not parsed as bool). (bugreportuser) . Fixed bug #78604 (token_get_all() does not properly tokenize FOOstat modifies $dbc->affected_rows). (Derick) . Fixed bug #76809 (SSL settings aren't respected when persistent connections are used). (fabiomsouto) . Fixed bug #78179 (MariaDB server version incorrectly detected). (cmb) . Fixed bug #78213 (Empty row pocket). (cmb) - MySQLnd: . Fixed connect_attr issues and added the _server_host connection attribute. (Qianqian Bu) . Fixed bug #60594 (mysqlnd exposes 160 lines of stats in phpinfo). (PeeHaa) - ODBC: . Fixed bug #78473 (odbc_close() closes arbitrary resources). (cmb) - Opcache: . Implemented preloading RFC: https://wiki.php.net/rfc/preload. (Dmitry) . Add opcache.preload_user INI directive. (Dmitry) . Added new INI directive opcache.cache_id (Windows only). (cmb) . Fixed bug #78106 (Path resolution fails if opcache disabled during request). (Nikita) . Fixed bug #78175 (Preloading segfaults at preload time and at runtime). (Dmitry) . Fixed bug #78202 (Opcache stats for cache hits are capped at 32bit NUM). (cmb) . Fixed bug #78271 (Invalid result of if-else). (Nikita) . Fixed bug #78341 (Failure to detect smart branch in DFA pass). (Nikita) . Fixed bug #78376 (Incorrect preloading of constant static properties). (Dmitry) . Fixed bug #78429 (opcache_compile_file(__FILE__); segfaults). (cmb) . Fixed bug #78512 (Cannot make preload work). (Dmitry) . Fixed bug #78514 (Preloading segfaults with inherited typed property). (Nikita) . Fixed bug #78654 (Incorrectly computed opcache checksum on files with non-ascii characters). (mhagstrand) - OpenSSL: . Added TLS 1.3 support to streams including new tlsv1.3 stream. (Codarren Velvindron, Jakub Zelenka) . Added openssl_x509_verify function. (Ben Scholzen) . openssl_random_pseudo_bytes() now throws in error conditions. (Sammy Kaye Powers) . Changed the default config path (Windows only). (cmb) . Fixed bug #78231 (Segmentation fault upon stream_socket_accept of exported socket-to-stream). (Nikita) . Fixed bug #78391 (Assertion failure in openssl_random_pseudo_bytes). (Nikita) . Fixed bug #78775 (TLS issues from HTTP request affecting other encrypted connections). (Nikita) - Pcntl: . Fixed bug #77335 (PHP is preventing SIGALRM from specifying SA_RESTART). (Nikita) - PCRE: . Implemented FR #77094 (Support flags in preg_replace_callback). (Nikita) . Fixed bug #72685 (Repeated UTF-8 validation of same string in UTF-8 mode). (Nikita) . Fixed bug #73948 (Preg_match_all should return NULLs on trailing optional capture groups). . Fixed bug #78338 (Array cross-border reading in PCRE). (cmb) . Fixed bug #78349 (Bundled pcre2 library missing LICENCE file). (Peter Kokot) - PDO: . Implemented FR #71885 (Allow escaping question mark placeholders). https://wiki.php.net/rfc/pdo_escape_placeholders (Matteo) . Fixed bug #77849 (Disable cloning of PDO handle/connection objects). (camporter) . Implemented FR #78033 (PDO - support username & password specified in DSN). (sjon) - PDO_Firebird: . Implemented FR #65690 (PDO_Firebird should also support dialect 1). (Simonov Denis) . Implemented FR #77863 (PDO firebird support type Boolean in input parameters). (Simonov Denis) - PDO_MySQL: . Fixed bug #41997 (SP call yields additional empty result set). (cmb) . Fixed bug #78623 (Regression caused by "SP call yields additional empty result set"). (cmb) - PDO_OCI: . Support Oracle Database tracing attributes ACTION, MODULE, CLIENT_INFO, and CLIENT_IDENTIFIER. (Cameron Porter) . Implemented FR #76908 (PDO_OCI getColumnMeta() not implemented). (Valentin Collet, Chris Jones, Remi) - PDO_SQLite: . Implemented sqlite_stmt_readonly in PDO_SQLite. (BohwaZ) . Raised requirements to SQLite 3.5.0. (cmb) . Fixed bug #78192 (SegFault when reuse statement after schema has changed). (Vincent Quatrevieux) . Fixed bug #78348 (Remove -lrt from pdo_sqlite.so). (Peter Kokot) - Phar: . Fixed bug #77919 (Potential UAF in Phar RSHUTDOWN). (cmb) - phpdbg: . Fixed bug #76596 (phpdbg support for display_errors=stderr). (kabel) . Fixed bug #76801 (too many open files). (alekitto) . Fixed bug #77800 (phpdbg segfaults on listing some conditional breakpoints). (krakjoe) . Fixed bug #77805 (phpdbg build fails when readline is shared). (krakjoe) - Recode: . Unbundled the recode extension. (cmb) - Reflection: . Fixed bug #76737 (Unserialized reflection objects are broken, they shouldn't be serializable). (Nikita) . Fixed bug #78263 (\ReflectionReference::fromArrayElement() returns null while item is a reference). (Nikita) . Fixed bug #78410 (Cannot "manually" unserialize class that is final and extends an internal one). (Nikita) . Fixed bug #78697 (ReflectionClass::implementsInterface - inaccurate error message with traits). (villfa) . Fixed bug #78774 (ReflectionNamedType on Typed Properties Crash). (Nikita) - Session: . Fixed bug #78624 (session_gc return value for user defined session handlers). (bshaffer) - SimpleXML: . Implemented FR #65215 (SimpleXMLElement could register as implementing Countable). (LeSuisse) . Fixed bug #75245 (Don't set content of elements with only whitespaces). (eriklundin) - Sockets: . Fixed bug #67619 (Validate length on socket_write). (thiagooak) . Fixed bug #78665 (Multicasting may leak memory). (cmb) - sodium: . Fixed bug #77646 (sign_detached() strings not terminated). (Frank) . Fixed bug #78510 (Partially uninitialized buffer returned by sodium_crypto_generichash_init()). (Frank Denis, cmb) . Fixed bug #78516 (password_hash(): Memory cost is not in allowed range). (cmb, Nikita) - SPL: . Fixed bug #77518 (SeekableIterator::seek() should accept 'int' typehint as documented). (Nikita) . Fixed bug #78409 (Segfault when creating instance of ArrayIterator without constructor). (Nikita) . Fixed bug #78436 (Missing addref in SplPriorityQueue EXTR_BOTH mode). (Nikita) . Fixed bug #78456 (Segfault when serializing SplDoublyLinkedList). (Nikita) - SQLite3: . Unbundled libsqlite. (cmb) . Raised requirements to SQLite 3.7.4. (cmb) . Forbid (un)serialization of SQLite3, SQLite3Stmt and SQLite3Result. (cmb) . Added support for the SQLite @name notation. (cmb, BohwaZ) . Added SQLite3Stmt::getSQL() to retrieve the SQL of the statement. (Bohwaz) . Implement FR ##70950 (Make SQLite3 Online Backup API available). (BohwaZ) - Standard: . Implemented password hashing registry RFC: https://wiki.php.net/rfc/password_registry. (Sara) . Implemented RFC where password_hash() has argon2i(d) implementations from ext/sodium when PHP is built without libargon: https://wiki.php.net/rfc/sodium.argon.hash (Sara) . Implemented FR #38301 (field enclosure behavior in fputcsv). (cmb) . Implemented FR #51496 (fgetcsv should take empty string as an escape). (cmb) . Fixed bug #73535 (php_sockop_write() returns 0 on error, can be used to trigger Denial of Service). (Nikita) . Fixed bug #74764 (Bindto IPv6 works with file_get_contents but fails with stream_socket_client). (Ville Hukkamäki) . Fixed bug #76859 (stream_get_line skips data if used with data-generating filter). (kkopachev) . Implemented FR #77377 (No way to handle CTRL+C in Windows). (Anatol) . Fixed bug #77930 (stream_copy_to_stream should use mmap more often). (Nikita) . Implemented FR #78177 (Make proc_open accept command array). (Nikita) . Fixed bug #78208 (password_needs_rehash() with an unknown algo should always return true). (Sara) . Fixed bug #78241 (touch() does not handle dates after 2038 in PHP 64-bit). (cmb) . Fixed bug #78282 (atime and mtime mismatch). (cmb) . Fixed bug #78326 (improper memory deallocation on stream_get_contents() with fixed length buffer). (Albert Casademont) . Fixed bug #78346 (strip_tags no longer handling nested php tags). (cmb) . Fixed bug #78506 (Error in a php_user_filter::filter() is not reported). (Nikita) . Fixed bug #78549 (Stack overflow due to nested serialized input). (Nikita) . Fixed bug #78759 (array_search in $GLOBALS). (Nikita) - Testing: . Fixed bug #78684 (PCRE bug72463_2 test is sending emails on Linux). (cmb) - Tidy: . Added TIDY_TAG_* constants for HTML5 elements. (cmb) . Fixed bug #76736 (wrong reflection for tidy_get_head, tidy_get_html, tidy_get_root, and tidy_getopt) (tandre) - WDDX: . Deprecated and unbundled the WDDX extension. (cmb) - Zip: . Fixed bug #78641 (addGlob can modify given remove_path value). (cmb) <<< NOTE: Insert NEWS from last stable release here prior to actual release! >>>