Hello PHP Version 6!
So it finally came to my attention that the “hackers” over at The PHP Group are back at it again. PHP version 6 is in full production swing and looks as though to be heading down the path of least resistance when it comes to when it will be ready to use professionally. Now, if you know me you know how much I’m in love with PHP and can fully realize how excited I am about this. So, I’ve decided to chat a bit about what they’ve done so far and plan to do with the upcoming release of PHP version 6.
Goodbye <%
I was wondering even why they implemented this funny Microsoft-style tag in the first place. ASP-style tags have been removed from PHP as of version 6!
Goodbye Register Globals
One of the largest security holes PHP has ever had will now finally say farewell. Register Globals will no longer be an ini file setting, and if found will raise an E_CORE_ERROR flag, directing you to the documentation where they explain why it’s “bad”. This means that all scripts written which utilize “Global Arrays” will brake indefinitely and the developers will have no choice but to either ditch them entirely or re-code them the right way.
Goodbye Register Long Arrays
Gone are the days when you can utilize something like $sess_vars = $HTTP_SESSION_VARS; You must now use, and only use, non-global variables. $HTTP_SESSION_VARS will now be simply $_SESSION. This goes the same for all the rest of the super global arrays.
Goodbye Magic Quotes
Another one of PHP’s largest security holes is saying goodbye in PHP6, and like Register Globals, will raise an E_CORE_ERROR flag if found. This means the use of the following functions is now deprecated: magic_quotes, magic_quotes_sybase and magic_quotes_gpc.
Goodbye Safe Mode
The magical and almost mystical “PHP Is Safe” setting is being removed, because by its use it implies that it makes PHP “safe”, when in fact it does not.
Hello Mr. Visibility Keyword public
With Objects (see PHP - OOP) the visibility keyword var has been given a helping hand. The visibility keywords public, private, and protected have been completely implemented and now you won’t get an E_ERROR when using var. While you can still use the keyword var in classes and methods, it will be redundant as it means exactly the same thing now as the keyword public. Bottom line: no more E_ERROR when using var instead of public and they both are the same now.
These are just a few of the many changes and improvements the PHP Group has done with the future version of PHP. I will with no doubt post a lot more about the future release of PHP in the near future so stay tuned.
To download the most unstable release of PHP6 visit PHP Snapshots.
Leave a Reply
You must be logged in to post a comment.
