Another breaking change involves opening the special "php://input" stream for decompression. In PHP 5.5, the following code would allow PHP to decode a gzip'd request input stream:
<?php
// Open the input stream for requests with Content-Encoding: gzip.
$input = gzopen('php://input','r');
// This has the same effect as fopen('compress.zlib://php://input','r').
// Get the decompressed request body.
var_dump(stream_get_contents($input));
?>
However in PHP 5.6 this does not work. Instead PHP gives the following warning: gzopen(): cannot represent a stream of type Input as a File Descriptor.
It is unclear whether this is a bug or intentional, backward-incompatible change.
Backward incompatible changes
Although most existing PHP 5 code should work without changes, please take note of some backward incompatible changes:
Array keys won't be overwritten when defining an array as a property of a class via an array literal
Previously, arrays declared as class properties which mixed explicit and implicit keys could have array elements silently overwritten if an explicit key was the same as a sequential implicit key. For example:
<?php
class C {
const ONE = 1;
public $array = [
self::ONE => 'foo',
'bar',
'quux',
];
}
var_dump((new C)->array);
?>
O exemplo acima irá imprimir no PHP 5.5:
array(2) {
[0]=>
string(3) "bar"
[1]=>
string(4) "quux"
}
O exemplo acima irá imprimir no PHP 5.6:
array(3) {
[1]=>
string(3) "foo"
[2]=>
string(3) "bar"
[3]=>
string(4) "quux"
}
json_decode() strictness
json_decode() now rejects non-lowercase variants of the
JSON literals true, false and
null at all times, as per the JSON specification, and
sets json_last_error() accordingly. Previously, inputs
to json_decode() that consisted solely of one of these
values in upper or mixed case were accepted.
This change will only affect cases where invalid JSON was being passed to json_decode(): valid JSON input is unaffected and will continue to be parsed normally.
Stream wrappers now verify peer certificates and host names by default when using SSL/TLS
Todos os streams criptografados agora tem verificação de peer ativado por padrão. Assim, a coleção de CAs padrão do OpenSSL será utilizado para verificar o certificado do peer. Na maioria dos casos, não será necessário modificações para se comunicar com servidores com certificados válidos pois as distribuições geralmente configuram o OpenSSL com boas coleções de CA.
A coleção de CAs padrão pode ser substituída globalmente configurando-se
as diretivas openssl.cafile ou openssl.capath, ou
por requisição utilizando-se as ações
cafile ou
capath
no parâmetro contexto.
Embora não recomendado no geral, é possível desabilitar a verificação de certificado
do peer numa requisição configurando-se a opção de contexto
verify_peer
para false, e até desabilitar a verificação do nome do peer configurando-se a opção
verify_peer_name
para false false.
GMP resources are now objects
GMP resources are now objects. The functional API implemented in the GMP extension has not changed, and code should run unmodified unless it checks explicitly for a resource using is_resource() or similar.
Mcrypt functions now require valid keys and IVs
mcrypt_encrypt(), mcrypt_decrypt(), mcrypt_cbc(), mcrypt_cfb(), mcrypt_ecb(), mcrypt_generic() and mcrypt_ofb() will no longer accept keys or IVs with incorrect sizes, and block cipher modes that require IVs will now fail if an IV isn't provided.
add a note
User Contributed Notes 1 note
Roger ¶
6 years ago
