PHP 7.1 : elegance of our legacy
•
3 recomendaciones•1,056 vistas
PHP 7.1 is all ready to replace 7.0, adding even more features and goodness to the ground-breaking previous version. Visibility for class constant, key specifications for list, void return type, mcrypt() deprecation, negative offset and warning for integer conversion. We'll cover new features, deprecated ones and incompatibilities, so you're ready for your next migration.
![PHP 7.1
ELEGANCE OF OUR LEGACY
010 PHP, Rotterdam, Netherlands, October 2016
[RC4]](https://image.slidesharecdn.com/010php-eleganceofourlegacy-161014091337/85/PHP-7-1-elegance-of-our-legacy-1-320.jpg)
Recomendados
Recomendados
Más contenido relacionado
La actualidad más candente
La actualidad más candente (20)
Destacado
Destacado (16)
Similar a PHP 7.1 : elegance of our legacy
Similar a PHP 7.1 : elegance of our legacy (20)
Más de Damien Seguy
Más de Damien Seguy (20)
Último
Último (20)
PHP 7.1 : elegance of our legacy
- 1. PHP 7.1 ELEGANCE OF OUR LEGACY 010 PHP, Rotterdam, Netherlands, October 2016 [RC4]
- 2. AGENDA • PHP 7.0 is already on the way out • PHP 7.1 • RC4 at the moment, so 2 more weeks to wait • What's new in this version • What is incompatible with the previous version • How to do migration
- 3. SPEAKER • Damien Seguy • Exakat CTO • Ik ben een boterham • Static analysis of PHP code • Get a full report of compliance for your code with the exakat engine
- 5. DONEC QUIS NUNC LIVING ON THE BLEEDING EDGE http://php.net/manual/en/migration71.php https://github.com/php/php-src/blob/master/UPGRADING https://github.com/php/php-src/blob/master/NEWS https://wiki.php.net/rfc http://bugs.php.net/
- 6. QUAM UT PRÆPARATE PRO AGENTIBUS HOW TO PREPARE FOR MIGRATION • Code knowledge • lint • Grep / Search • Static analysis • Logs / error_reporting • You know your code • php -l on every file • Fast, universal, false positives • Exakat, phan • Run the tests, check logs
- 7. QUAM UT PRÆPARATE PRO AGENTIBUS HOW TO PREPARE FOR MIGRATION • Code knowledge • lint • Grep / Search • Static analysis • Logs / error_reporting • You know your code • php -l on every file • Fast, universal, false positives • Exakat, phan • Run the tests, check logs
- 11. MCRYPT IS DEPRECATED • "libmcrypt is a dead project, unmaintained for ~8 years, last version 2.5.8 was released in February 2007!" • It emits a E_DEPRECATED notice • Switch to OpenSSL for serious cryptography • phpseclib (http://phpseclib.sourceforge.net/)
- 12. $THIS IS NOT A WARNING ANYMORE <?php function foo($this) { /**/ } // Fatal error: Cannot use $this as parameter ?> • Parameter • Static variable • Global variable • Foreach variable • Catch'ed variable • Variable variable • Reference • Result of extract() or parse_str
- 13. RAND() IS NOW AN ALIAS OF MT_RAND() • RAND() is on its way out • Since PHP 7.0, use random_int() and random_bytes() • They provide CSPRN • Throws exception if it can't • RAND() is replaced by mt_rand(), better random • In case the order of the serie is important, beware!
- 14. RAND() TO MT_RAND() TO MT_RAND() * <?php srand(10); print rand()."n"; print rand()."n"; print rand()."n"; ?> 1215069295 1311962008 1086128678 1656398468 641584702 44564466 502355954 641584702 2112621188 mt_srand(10, MT_RAND_PHP); PHP 7.1 PHP 7.1 PHP 7.0 RAND MT_RAND PHP 7.0
- 15. MISSING ARG IS EXCEPTION <?php function test($param){} test(); PHP Warning: Missing argument 1 for test() Fatal error: Uncaught ArgumentCountError: Too few arguments to function test(), 0 passed PHP 7.0 PHP 7.1
- 16. CAN'T BE CALLED DYNAMICALLY ANYMORE • extract() • compact() • get_defined_vars() • func_get_args() • func_get_arg() • func_num_args() • parse_str() with one argument • mb_parse_str() with one argument • assert() with a string argument Creates too many variables, in too many different ways
- 17. <?php namespace { function test($a, $b, $c) { var_dump(call_user_func('func_num_args')); } test(1, 2, 3); } namespace Foo { function test($a, $b, $c) { var_dump(call_user_func('func_num_args')); } test(1, 2, 3); } ?> PHP 7.0 : int(3) PHP 7.1 : int(1) PHP 7.0 : int(1) PHP 7.1 : int(1)
- 18. __DESTRUCTOR ONLY WHEN OBJECT IS COMPLETE <?php function throwme($arg) { throw new Exception; } try { $bar = new foo; } catch(Exception $exc) { echo "Caught exception!n"; } ?> Inside constructor Caught exception! Inside constructor Inside destructor Caught exception! https://bugs.php.net/bug.php?id=29368
- 19. MODERNIZATION
- 20. VOID TYPE • New pseudo-type for functions that don't return a value • Not for type hint <?php function fooEmpty ($arg) : void { return ; } function foo ($arg) : void { } function fooWithNull ($arg) : void { return NULL; // not OK : explicit } ?>
- 21. ITERABLE TYPE <?php function bar($option): iterable { if ($option == 'array') { return [1, 2, 3]; } else { return new ArrayAccessClass([1,2,3]); } } ?> • New pseudo-type that represents arrays and ArrayAccess • Both may be given to a foreach() loop • This doesn't work on Closure nor Generators
- 22. NULLABLE TYPES <?php function foo(): ?int { return null; //ok return 3; //ok return "3"; //ok, no strict return "no"; //never OK } function bar(): ?void { } ?> • Accepts ? before the type hint • This means that null is accepted Fatal error: Void type cannot be nullable
- 23. NULLABLE TYPES AND DEFAULT <?php function bar(?string $msg = “default”) { if ($msg!== null) { echo $msg; } } bar("ok") ; // OK bar(4) ; // OK, cast to string bar(null) ; // OK, displays nothing bar() ; // OK, display 'default' bar([1,2,3]) ; // Not OK ?>
- 25. EVEN MORE CATCHING EXCEPTIONS Federate error catching in catch clause Only for Catch no Type Hint, no Return Type Hint, no instanceof <?php try { attemptSomething(); } catch (RuntimeException| InvalidArgumentException $e) { fixSomething(); } catch (BadFunctioncallException $e) { fixSomethingElse(); }
- 26. OCTAL SEQUENCES • Octal sequences that are beyond 377 are now reported <?php print "123n"; // Prints S print "523n"; // Prints S too ?> Octal escape sequence overflow 523 is greater than 377
- 27. STRING SEQUENCES REMINDER • 0, x, u{} <?php echo "123"; echo "x53"; echo chr(83); echo "xe4xbaxba"; echo "u{4EBA}"; S
- 28. ARITHMETIC NOTICE <?php ‘1’ + 3 === 4; ‘1 elephpant’ + 3 === 4; ?> Notice: A non well formed numeric string encountered
- 29. ARITHMETIC NOTICE <?php $a = "12.00 $CAD" + 1; $b = "1 023,45" + 2; $c = " 234 " + 4; // Don't filter with + 0 ! $amount = abs($_GET['amount']) + 0 ; // Unless it is scientific notation echo "1.2345e9" + 0; echo (int) "1.2345e9"; ?>
- 30. SESSION ID SIZE • Session ID are not hashed anymore • Speed bump! • Session ID size is now session.sid_length. sid_length is CSPRN • 22 to 256 chars; 32 as default; 48 recommended. • session.sid_bits_per_character specifies 4/5/6 bits characters : (hexa, [0-9a-v], [0-9a-zA-Z-,]) • Recommended settings : 48 / 5 • Beware about your filters and storages
- 31. SESSION ID ERRORS ARE CATCHABLE <?php try{ session_regenerate_id (); } catch (Error $e) { // Log error // deal with missing session ID } ?> • When generated ID are not strings, an Error is emitted • Catch them to be safe
- 33. MB_EREGI?_REPLACE ALSO DROPS /E IN 7.1 <?php $code = "abc de"; echo mb_eregi_replace( ' ', '"ren";', $code, 'e'); abcrende
- 34. FUNCTIONS CHANGES • getenv(), without argument : === $_ENV • parse_url() now checks that user and pass have no @ chars. • ext/filter has now FILTER_FLAG_EMAIL_UNICODE, to filter unicode email, like üser@[IPv6:2001:db8:1ff::a0b:dbd0] • imap now checks that email is not larger than 16385 bytes • pg_last_notice() gets 3 constants : PGSQL_NOTICE_LAST, PGSQL_NOTICE_ALL, and PGSQL_NOTICE_CLEAR
- 35. NEW FEATURES
- 38. LIST() WITH KEYS <?php class foo { private $a, $b = [1]; private static $c; public function __construct(array $bar) { list( "a" => $this->a, "b" => $this->b[], "c" => static::$c ) = $bar; } } ?>
- 39. LIST() WITHOUT LIST <?php class foo { private $a, $b = [1]; private static $c; public function __construct(array $bar) { [ "a" => $this->a, "b" => $this->b[], "c" => static::$c ] = $bar; } } ?>
- 40. NEW TRICKS WITH LIST <?php $points = [ ["x" => 1, "y" => 2], ["x" => 2, "y" => 1] ]; list(list("x" => $x1, "y" => $y1), list("x" => $x2, "y" => $y2)) = $points; // repeated usage [ 4 => $a, 4 => $b, 4 => $c] = [ 4 => 5, 6 => 7]; // $a, $b and $c, all, contain 5 $a = $b = $c = [ 4 => 5, 6 => 7][4]; ?>
- 41. NEGATIVE OFFSET FOR STRINGS <?php echo substr("abcde", 1, 1) ; // display b echo substr("abcde", -1, 1) ; // display d echo "abcde"[1]; // display b echo "abcde"[-1]; // display d echo "$a[-1]"; // Fatal error echo "{$a[-1]}"; // display d ?>
- 42. NEW FUNCTIONS • mb_ord() and mb_chr() : multi-byte version of ord/chr • mb_scrub() : cleans a string of gremlins • curl_share_strerror(), curl_multi_errno() and curl_share_errno() : access to various kind of errors • pcntl_async_signals() for asynchronous signal handling, with pcntl_signal() <?php pcntl_async_signals(1); pcntl_signal(SIGTERM, function ($signo echo "Start!n"; posix_kill(posix_getpid(), SIGTERM); $i = 0; // dummy echo "Done!n";
- 43. CLASS CONSTANT VISIBILITY • Constants may only be used inside the class or its children • Interfaces' constants are still public only • trait's constants are still science-fiction <?php class Foo { // PHP 7.0 behavior. Nothing changes. const PUBLIC_CONST = 0; // Explicit visibilities private const PRIVATE_CONST = 1; protected const PROTECTED_CONST = 2; public const PUBLIC_CONST_TWO = 3, PUBLIC_CONST_THREE = 4; } ?>
- 46. DONEC QUIS NUNC TEST PHP 7.1 NOW • https://github.com/php/php-src • RC4 : compile, run unit tests, fix your bugs or report PHP's • Test online : https://3v4l.org/ • Compile your current code with it • Use static analysis • Watch out for PHP.Next : PHP 7.2 or PHP 8.0 • Exit with PEAR and PECL, in with composer/Pickle • Class Friendship, __autoload() deprecations, Automatic SQL injection protection, INI get/set aliases…