Upcoming PHP6 Additions & Changes

By  on  

Seeing technologies you love move forward is an exciting feeling. Another version brings hope of better integrated tools, increased security, and faster ways to complete core tasks, thus making your web application quicker. PHP6's improvements and and updates are sure to make PHP6 the best version yet.

register_globals, safe_mode, and quote options Removed

register_globals, being the most significant removal, presents a giant security risk as it allows users to modify the querysting to add, change, and remove variable values. It's highly recommended that you turn this value off on your present PHP build. Magic quotes functions, most notable magic_quotes_gpc() and magic_quotes(), affect GET, POST, and COOKIE variables. I recommend turning this setting off as well.

Integrated Alternative PHP Cache (APC)

Though this setting will default to off, APC's caching can significantly increase the speed of your web application. There are currently some great PHP caching libraries available but integrated support can make the system run faster. You can find more information on APC at http://pecl.php.net/package/APC.

E_STRICT Messages Merged with E_ALL

This move will encourage better programming practices. Of course, you will need to set your error_reporting()< level to E_ALL. My websites use E_ALL while on my development server but I change to level 0 (show no errors) when moving then to their hosting server (so that if there is an error, the user can't see the error).

String Indexes: {} Removed, [] Becomes Standard Use

As of PHP6, you will no longer be able to use {} to reference the value of a String's character at a specified position -- the standard array position syntax, [], will become the only usage.

ASP Style Tags Removed (<% %>)

I have no idea why these were ever implemented. I've never used them, nor will I ever.

Increased Unicode Support

PHP does not presently provide adequate Unicode support and PHP6 aims to fix that. Unicode is treated on a per-request basis and cannot be used globally throughout PHP's functionality -- Unicode in PHP becomes inconsistent in usage and takes up more resources.

Other PHP6 Changes:

  • 'var' will become an alias of 'public' without an E_STRICT warning.
  • GD1 and FreeType1 versions will be removed.
  • Fast CGI will always be on.
  • HTTP_*_VARS variable will be removed.
  • XMLReader and XMLWriter will be integrated.
  • 64-bit integers will be added.
  • Ternary '?' valuable will not be required ($myvar = $_POST['myvar'] ?: 'myvalue'; )
  • foreach multidimensional arrays work (foreach($a as $k=>list($b,$c)); )
  • Type-hinted return values (syntax not yet solidified)
  • Hardened PHP patch will be added for increased security.

We'll continue to eagerly monitor PHP6's progress!

Recent Features

Incredible Demos

Discussion

  1. Very nice summary of the improvements on PHP 6.
    Personally, it is a must to have unicode support.

  2. Ryan Zec

    the {} to [] is a little confusing, not sure what they gain and i am sure some people use is quite a bit. I am going to need to go through my framework and convert and {} to [] even tho there should not be that many, i usually use single quotes anyways. Other than that, it is more good news.

  3. I like every change in PHP6. This is great! Thanks for this summary.

  4. DamionKutaeff

    Hello everybody, my name is Damion, and I’m glad to join your conmunity,
    and wish to assit as far as possible.

  5. Ryan, i think you’re mistaken. {} isn’t going completely away, just for referencing string position. You don’t have to remove {} everywhere…

  6. Thanks for the summary. Looks like i’m just one of the few who think this update is annoying with removal of several big things just for ‘security’ reasons….

    The biggest issue in my mind is the removal op mysql_* functions in PHP6. It’s like the biggest function that people use with PHP and now they remove it. Why? Because the other function, like PDO is safer? It’s just a repositioning of the problem and nothing more.

    Whats next, the removal of echo and print?

    • The use of mysql_* functions are very insecure and obsolete. I created an extended PDO Class and I must say it kicks ass. I know you can escape strings with sprintf when you use mysql_query, but it’s redundant and annoying. Let PDO do it for you.

      OOP is a good practice and I’m glad PHP is heading more towards that direction. It helps make PHP more of a respected language in the enterprise world.

  7. “Ternary ‘?’ valuable will not be required ($myvar = $_POST['myvar'] ?: 'myvalue'; )

    Actually, this was implemented (and thus works) in PHP 5.3.

  8. Ivan

    loop.. switch.. continue..

    When will it be fixed?? It’s been a DECADE since this glitch was reported!
    Who did this fundamental keyword ever hurt to deserve this blasphemy??
    Why must PHP “continue 2 break” it’s fundamental meaning?…
    What is next? Reverse the syntax for post an pre increments???
    Where does this madness end!?

    Rasmus Lerdorf… you have the power to fix it!

Wrap your code in <pre class="{language}"></pre> tags, link to a GitHub gist, JSFiddle fiddle, or CodePen pen to embed!