dimarts, 23 d’agost del 2011

PHP 5.2 discontinued

Good news for the PHP community, Johannes Schlüter says:

All PHP users should note that the PHP 5.2 series is NOT supported
anymore. All users are strongly encouraged to upgrade to PHP 5.3.8.

If you are currently in 5.2 and plans to go to 5.3, read the Migrating guide... previously :)

Why is a good choice upgrade to 5.3.x?

  • Support for namespaces

  • Late static binding

  • Lambda Functions and Closures

  • Syntax additions: NOWDOC, ternary short cut "?:" and jump label (limited goto), __callStatic()

  • Under the hood performance improvements

  • Optional garbage collection for cyclic references

  • Optional mysqlnd PHP native replacement for libmysql

  • Improved Windows support including VC9 and experimental X64 binaries as well as portability to other supported platforms

  • More consistent float rounding

  • Deprecation notices are now handled via E_DEPRECATED (part of E_ALL) instead of the E_STRICT error level

  • Several enhancements to enable more flexiblity in php.ini (and ini parsing in general)

  • New bundled extensions: ext/phar, ext/intl, ext/fileinfo, ext/sqlite3, ext/enchant

  • Over 140 bug fixes and improvements to PHP, in particular to: ext/openssl, ext/spl and ext/date

  • Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion.

  • Added missing sanity checks around exif processing.

  • Fixed a safe_mode bypass in tempnam().

  • Fixed a open_basedir bypass in posix_mkfifo().

  • Improved LCG entropy. (Rasmus, Samy Kamkar)

  • Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al.

  • Methods with the same name as the last element of a namespaced class name will no longer be treated as constructor. This change doesn't affect non-namespaced classes.

  • Added ability to connect to HTTPS sites through proxy with basic authentication using stream_context/http/header/Proxy-Authorization.

  • Added options to debug backtrace functions.

  • Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)

  • And more Key and Security Enhancements and Fixes.