PHP 5.2 RC1 is out
As there doesn't seem to be an official ChangeLog available yet, I just copied the README.UPGRADING file here.
Upgrading
- Changed E_ALL error reporting mode to includes E_RECOVERABLE_ERROR. (Marcus)
This changes means that the value of the E_ALL constant had changed to 6143
from its previous value of 2047. If you are setting your error reporting mode
inside the Apache config file or the .htaccess files you will need to adjust
the value of error_reporting INI setting accordingly.
- Added new error mode E_RECOVERABLE_ERROR. (Derick, Marcus, Tony)
This changes a few E_ERROR conditions to something that you can now catch
using a user error handler. If the user error handler does not grab these
kind of error they behave as fatal errors just like in any PHP version prior
to 5.2. Errors of this type are logged as 'Catchable fatal error'.
- Added support for constructors in interfaces to force constructor signature
checks in implementations. (Marcus)
Starting with PHP 5.2 interfaces can have constructors. If you use this
feature then all implementing classes must implement constructors with a
matching signature, while normally constructors do not need to follow any
base class or interface constructor signature. (Signature is the name for
the parameter and return type definition which captures count, reference or
not and any type hints).
- Changed __toString to be called whereever applicable. (Marcus)
The magic object method __toString() is now called whenever an object is used
as a string. The function must not throw an exception or the script will be
terminated. The PHP 5.0/%51 fallback to return a string containing the object
idetifier has been dropped. Note that the object identifier is never unique.
That measn that if you have used this feature your application has been
flawed. Nonetheless it will now be a catchable fatal error (see above).
- Added RFC2397 (data: stream) support. (Marcus)
Under windows this can mean a very rare change of behavior. If you are using
NTFS filesystem and making use of meta streams in your application this does
no longer work for a file with the name 'data' accessed without any path. IF
you need to do so you have to prefix the filename with the "file:" protocol.
For the functionality itself look here http://www.faqs.org/rfcs/rfc2397.html.
- Added allow_url_include ini directive to complement allow_url_fopen. (Rasmus)
With this option one can now distinguish between standard file operations on
remote files and inclusion of remote files. While the former is usually
desired, the latter implies security risks if used naivly. Starting with
PHP-5.2 it is now possible to allow standard file operations while
dissalowing inclusion of remote files, which will also be the default
configuration.
The __toString change finally makes this magic method useful. It wasn't before, because the only case where it would be called was when directly used a parameter for echo() or print(), not in a string concatenation operation.
The second very important addition is imho the new allow_url_include setting. It will prevent some servers from being hacked. At least in the long run. Perhaps. Security-aware coding still can't be surrogated by new settings. And it will also take some (haha) time till all servers are upgraded to a PHP version supporting the new setting.
Anyways, great job PHP team, keep up the good work!
Download
Update 9/14/2006
Last edited by Ingmar on Thursday, September 14th 2006 21:17:00 CEST
