09 May 2010

what is new in php6

PHP 6.0 looks to be an exciting release. Nothing is absolutely fixed yet, but it looks like it will see the demise of three of my pet peeves: register_globals, magic_quotes_gpc and safe_mode. The first was just a big security hole, the second messed with the data and made changing environments potentially nightmarish, while the third was a misnomer that nobody really understood, and provided a false sense of security. There's also quite a lot of work scheduled to do with Unicode. Here are some of the changes:

  • The register_globals, safe_mode and the various magic quotes options will be removed.
  • The ereg extension is removed, while the XMLReader, XMLWriter and Fileinfo extensions are added to the core, and by default are on.
  • Another addition I find particularly exciting is that APC (Alternative PHP Cache) will be added to the core, though will be off by default. APC can provide serious performance benefits.
  • All E_STRICT messages will be merged into E_ALL, another positive change that will encourage good programming practice.
  • ASP style <% tags will no longer be supported.
  • Addition of a new 64-bit integers. The current integer type remains as is, 32 or 64-bit dependent on the platform.
  • Use of foreach with multi-dimensional arrays, for example foreach($array as $k => list($a, $b)).
  • A new switch in php.ini will allow you to disable Unicode semantics (by default they will be on).
  • There will also be various string improvements related to Unicode.
  • The microtime() function will return the full floating point number, rather than microseconds unix_timestamp, as at present, probably making the function more readily useful for most people.
  • The {} notation for string indexes will no longer be supported, while the [] version will get added substr() and array_slice() functionality. Previously [] was deprecated, but most developers, including myself, seem to use [].
  • FastCGI will always be enabled for the CGI SAPI, and will not be able to be disabled.
  • The ancient HTTP_*_VARS globals will no longer be supported. Everyone should have had more than enough time to remove any traces of these.
  • var will alias publicvar was permitted with PHP4 classes, but in PHP 5 this raised a warning. In PHP 6 var will simply be an alias for public, so no warning is necessary.
  • The ze1 compatibility mode, which tried to retain PHP 4 behaviour but had some bugs, will be removed.
  • Dynamic functions will no longer be permitted to be called with static syntax.

PHP Engine Additions

64 bit integers
A new 64 bit integer will be added (int64). There will be no int32 (it is assumed unless you specify int64)
No 'goto' command will be added, but the break keyword will be extended with a static label - so you could do 'break foo' and it'll jump to the label foo: in your code.
It looks like we won't be seeing this one, which is a shame. But instead the ?: operator will have the 'middle parameter' requirement dropped, which means you'd be able to do something like this: "$foo = $_GET['foo'] ?: 42;" (i.e. if foo is true, $foo will equal 42). This should save some code, but I personally don't think it is as 'readable' as ifsetor would have been.
foreach multi-dim arrays
This is a nice change - you'll be able to foreach through array lists, i.e. "foreach( $a as $k => list($a, $b))".
{} vs []
You can currently use both {} and [] to access string indexes. But the {} notation will raise an E_STRICT in PHP5.1 and will be gone totally in PHP6. Also the [] version will gain substr and array_slice functionality directly - so you could do "[2,]" to access characters 2 to the end, etc. Very handy.

OO changes

Static Binding
A new keyword will be created to allow for late static binding - static::static2(), this will perform runtime evaluation of statics.
It looks like this one is still undecided - if they do implement namespaces it will be using their style only. My advice? Don't hold your breath!
Type-hinted Return Values
Although they decided against allowing type-hinted properties (becaue it's "not the PHP way") they will add support for type-hinted return values, but have yet to decide on a syntax for this. Even so, it will be a nice addition.
Calling dynamic functions as static will E_FATAL
At the moment you can call both static and dynamic methods, whether they are static or not. Calling a dynamic function with the static call syntax will raise an E_FATAL.

Additions to PHP

APC to be in the core distribution
The opcode cache APC will be included in the core distribution of PHP as standard, it will not however be turned on by default (but having it there saves the compilation of yet another thing on your server, and web hosts are more likely to allow it to be enabled)
Hardened PHP patch
This patch implements a bunch of extra security checks in PHP. They went over it and the following changes will now take place within PHP: Protection against HTTP Response Splitting will be included. allow_url_fopen will be split into two: allow_url_fopen and allow_url_include. allow_url_fopen will be enabled by default. allow_url_include will be disabled by default.
E_STRICT merges into E_ALL
Wow, this is quite a serious one! E_STRICT level messages will be added to E_ALL by default. This shows a marked move by the PHP team to educate developers on 'best practises' and displaying language-level warnings in a "Hey, you're doing it the wrong way".
Farewell <%
They will remove support for the ASP style tags, but the PHP short-code tag will remain (<?) - so to those on php general who reckon the short-tag is 'depreceated' - hah! ;)