Other Changes

Curl

  • Removed support for disabling the CURLOPT_SAFE_UPLOAD option. All curl file uploads must use the curl_file / CURLFile APIs.

Date

  • Removed $is_dst parameter from mktime() and gmmktime().

DBA

  • dba_delete() now returns false if the key was not found for the inifile handler, too.

GMP

  • Requires libgmp version 4.2 or newer now.
  • gmp_setbit() and gmp_clrbit() now return FALSE for negative indices, making them consistent with other GMP functions.

Intl

  • Removed deprecated aliases datefmt_set_timezone_id() and IntlDateFormatter::setTimeZoneID(). Use datefmt_set_timezone() and IntlDateFormatter::setTimeZone() instead.

libxml

  • Added LIBXML_BIGLINES parser option. It’s available starting with libxml 2.9.0 and adds suppport for line numbers >16-bit in the error reporting.

Mcrypt

  • Removed deprecated mcrypt_generic_end() alias in favor of mcrypt_generic_deinit().
  • Removed deprecated mcrypt_ecb(), mcrypt_cbc(), mcrypt_cfb() and mcrypt_ofb() functions in favor of mcrypt_encrypt() and mcrypt_decrypt() with an MCRYPT_MODE_* flag.

Session

  • session_start() accepts all INI settings as array. e.g. [‘cache_limiter’⇒‘private’] sets session.cache_limiter=private. It also supports ‘read_and_close’ which closes session data immediately after read data.
  • Save handler accepts validate_sid(), update_timestamp() which validates session ID existence, updates timestamp of session data. Compatibility of old user defined save handler is retained.
  • SessionUpdateTimestampHandlerInterface is added. validateSid(), updateTimestamp() is defined in the interface.
  • session.lazy_write(default=On) INI setting enables only write session data when session data is updated.

Opcache

  • Removed opcache.load_comments configuration directive. Now doc comments loading costs nothing and always enabled.

OpenSSL

  • Removed the “rsa_key_size” SSL context option in favor of automatically setting the appropriate size given the negotiated crypto algorithm.
  • Removed “CN_match” and “SNI_server_name” SSL context options. Use automatic detection or the “peer_name” option instead.

PCRE:

  • Removed support for /e (PREG_REPLACE_EVAL) modifier. Use preg_replace_callback() instead.

PDO_pgsql:

  • Removed PGSQL_ATTR_DISABLE_NATIVE_PREPARED_STATEMENT attribute in favor of ATTR_EMULATE_PREPARES.

Standard:

  • Removed string category support in setlocale(). Use the LC_* constants instead.
  • Removed set_magic_quotes_runtime() and its alias magic_quotes_runtime().

JSON:

  • Rejected RFC 7159 incompatible number formats in json_decode string - top level (07, 0xff, .1, -.1) and all levels ([1.], [1.e1])
  • Calling json_decode with 1st argument equal to empty PHP string or value that after casting to string is empty string (NULL, FALSE) results in JSON syntax error.

Stream:

  • Removed set_socket_blocking() in favor of its alias stream_set_blocking().

XSL:

  • Removed xsl.security_prefs ini option. Use XsltProcessor::setSecurityPrefs() instead.