PHP development teams have released the PHP 7.2.12 version and we will see what are the new features included in the new version.

Core Improvements

Argument type declarations

Since PHP 5 we are allowed to specify in a function’s declaration the argument type that is expected to be passed. If the given value is of an incorrect type, then PHP throws an error.

Object return type declarations

If argument type declarations specify the expected type for a function’s arguments, return type declarations specify the expected type of the returning value.

Parameter Type Widening

PHP currently does not concede any variation of parameter types among child classes and their parent classes or interfaces.

Trailing commas in list syntax

A following comma after the closing item in arrays is valid syntax in PHP, and sometimes it’s encouraged in order to easily append new items and avoid parse errors due to a missing comma. Since PHP 7.2 we are allowed to use trailing commas in grouped namespaces.

Security Improvements

1. Argon2 is a password hash

Argon2 is a powerful hashing algorithm that was selected as the winner of the Password Hashing Competition(2015), and PHP 7.2 will produce it to us as a secure alternative to the Bcrypt algorithm.
The new PHP version introduces the PASSWORD_ARGON2I constant, which can now be used in password_* functions.

2. Libsodium as part of PHP Core

Starting from version 7.2, PHP includes the Sodium library into the core. Libsodium is a new, easy-to-use software library for signatures, encryption, decryption, password hashing, and more.
The library was previously available through PECL.

For a documented list of Libsodium purposes, connect to the library Quick Start Guide.
See also PHP 7.2: The First Programming Language to Add Modern Cryptography to its Standard Library.

Deprecations

Here is a list of PHP 7.2 deprecated functions and features.  

The __autoload function has been superseded by spl_autoload_register in PHP 5.1. Now a deprecation notice would be thrown when it’s encountered during compilation.

The $php_errormsg variable is created in the local scope when a non-fatal error is thrown. Since PHP 7.2 error_get_last and error_clear_last should be used instead.

create_function() allows the creation of a function with a generated function name, a list of arguments, and body code provided as arguments. Due to safety issues and bad production, it has been marked as deprecated and the practice of enclosures is supported instead.

mbstring.func_overload in setting set to a non-zero value has been marked as deprecated.

(unset) a cast is an expression that always returns null and is considered useless.

parse_str() parses a query string into an array if the second argument is provided, or into the local representative table if it is not applied. As dynamically setting variables in function’s scope are discouraged for security reasons, the use of parse_str() without the second argument will throw a deprecation notice.

gmp_random() is considered to be platform dependent and will be deprecated. Use gmp_random_bits() and gmp_random_rage() instead.

each() is used to iterate over an array much like foreach(), but foreach() is preferable for several reasons, including being 10 times faster. Now a depreciation will be thrown on the first call in a loop.

The assert() function checks the given assertion and takes appropriate actions if the result is FALSE. The usage of assert() with a string argument is now deprecated as it opens an RCE vulnerability. The Zend.assertion is an option that can be utilized to limit the evaluation of assertion expressions.

$errcontext is an array comprising the local variables existing at the time an error is caused. It’s passed as the last argument to error handlers set with the set_error_handler() function.

Conclusions

Are you ready to switch to PHP 7.2? Hopefully, by now you have at least made the transition to PHP 7. If you haven’t, it is a good time to start testing. So, update your scripts, examine your code and let us know your opinions of PHP 7.2.

For More Information please click here.

Related Posts:

Powered by Contextual Related Posts