不向后兼容的变更
PHP 核心中不向后兼容的变更
以数组形式访问非数组
尝试以数组方式访问 null,bool,
int,float 或 resource
(例如 $null["key"])将会抛出 notice 通知。
fn 关键词
fn 成为了保留关键词。需要特别注意,它不能再做为函数名或类名使用,但是仍然可以做为方法名和常量名存在。
文件尾部的 <?php 标签
文件尾部的 <?php
标签(不包含空行)将会被解释成一个 PHP 头标签。Previously it was interpreted
either as a short opening tag followed by literal php and
resulted in a syntax error (with short_open_tag=1)
or was interpreted as a literal <?php string
(with short_open_tag=0).
Serialization 序列化
序列化类型 o 被移除。因为它不是由 PHP
生成的,这可能会影响到之前项目中手动生成的序列化字符串。
密码算法常量
密码哈希算法标识符现在是可空字符串,而不再是整数。
-
PASSWORD_DEFAULT 之前是 int 1; 现在是 null
-
PASSWORD_BCRYPT 之前是 int 1; 现在是 string '2y'
-
PASSWORD_ARGON2I 之前是 int 2; 现在是 string 'argon2i'
-
PASSWORD_ARGON2ID 之前是 int 3; 现在是 string 'argon2id'
应用中如果正常使用了常量 PASSWORD_DEFAULT,PASSWORD_BCRYPT,PASSWORD_ARGON2I
和 PASSWORD_ARGON2ID 将不会受到影响。
htmlentities() will now raise a notice
(instead of a strict standards warning) if it is used with
an encoding for which only basic entity substitution is supported,
in which case it is equivalent to htmlspecialchars().
fread() 和 fwrite()
在操作失败的时候会返回 false。之前的版本中会返回空字符串或 0。EAGAIN/EWOULDBLOCK 不视为故障。
这些函数现在也会在失败时发出 NOTICE 通知,例如当试图写入一个只读文件资源时。
BCMath Arbitrary Precision Mathematics
BCMath functions will now warn if a non well-formed number is passed, such
as "32foo". The argument will be interpreted as zero, as before.
CURL
Attempting to serialize a CURLFile class will now
generate an exception. Previously the exception was only thrown on unserialization.
Using CURLPIPE_HTTP1 is deprecated, and is no longer
supported as of cURL 7.62.0.
The $version parameter of curl_version()
is deprecated. If any value not equal to the default CURLVERSION_NOW
is passed, a warning is raised and the parameter is ignored.
Date and Time
Calling var_dump() or similar on a
DateTime or DateTimeImmutable
instance will no longer leave behind accessible properties on the object.
Comparison of DateInterval objects
(using ==, <, and so on) will now generate
a warning and always return false. Previously all DateInterval
objects were considered equal, unless they had properties.
Intl
The default parameter value of idn_to_ascii() and
idn_to_utf8() is now INTL_IDNA_VARIANT_UTS46
instead of the deprecated INTL_IDNA_VARIANT_2003.
MySQLi
The embedded server functionality has been removed. It was broken since
at least PHP 7.0.
The undocumented mysqli::$stat property has been removed
in favor of mysqli::stat().
OpenSSL
The openssl_random_pseudo_bytes() function will now
throw an exception in error situations, similar to random_bytes().
In particular, an Error is thrown if the number of
requested bytes is less than or equal to zero, and an Exception
is thrown if sufficient randomness cannot be gathered.
The $crypto_strong output argument is guaranteed to always
be true if the function does not throw, so explicitly checking it is not necessary.
Regular Expressions (Perl-Compatible)
When PREG_UNMATCHED_AS_NULL mode is used, trailing
unmatched capturing groups will now also be set to null (or
[null, -1] if offset capture is enabled).
This means that the size of the $matches will always be the same.
PHP Data Objects
Attempting to serialize a PDO or
PDOStatement instance will now generate
an Exception rather than a PDOException,
consistent with other internal classes which do not support serialization.
Reflection
Reflection objects will now generate an exception if an attempt is made
to serialize them. Serialization for reflection objects was never
supported and resulted in corrupted reflection objects. It has been
explicitly prohibited now.
Standard PHP Library (SPL)
Calling get_object_vars() on an ArrayObject
instance will now always return the properties of the ArrayObject
itself (or a subclass). Previously it returned the values of the wrapped
array/object unless the ArrayObject::STD_PROP_LIST
flag was specified.
Other affected operations are:
-
ReflectionObject::getProperties()
-
reset(), current(), etc.
Use Iterator methods instead.
-
Potentially others working on object properties as a list.
(array) casts are not affected. They will continue to
return either the wrapped array, or the ArrayObject
properties, depending on whether the ArrayObject::STD_PROP_LIST
flag is used.
SplPriorityQueue::setExtractFlags() will throw
an exception if zero is passed. Previously this would generate a recoverable
fatal error on the next extraction operation.
ArrayObject, ArrayIterator,
SplDoublyLinkedList and SplObjectStorage
now support the __serialize() and __unserialize()
mechanism in addition to the Serializable interface.
This means that serialization payloads created on older PHP versions can still be
unserialized, but new payloads created by PHP 7.4 will not be understood by older versions.
Tokenizer
token_get_all() will now emit a
T_BAD_CHARACTER token for unexpected
characters instead of leaving behind holes in the token stream.
接收到的 Cookies
从 PHP 7.4.11 开始,为了安全考虑,接受到的 Cookie 中的 names 参数不再被
URL 编码。