PHP 7.2: What’s New in The New PHP Version

Table of Contents

2015 was an important year for PHP, after all, only eleven years after its version 5.0, a new main version was finally released! PHP 7 has brought many new language features and impressive performance gains. But did not stop there, in December 2016 was released the latest version, 7.1, which is the one we have available today.

Make your WordPress site’s Load Blazing Fast Just by moving to Nestify. Migrate your WooCommerce Store or WordPress Website NOW.

PHP is now focusing on language features that will help everyone write better code. This year in November, we had the release of version 7.2 (more details on the release calendar and all updates can be seen in the RFC and UPGRADE NOTES).

In this article, we’ll tell you a bit about the key changes proposed for this new release.

What will become obsolete in PHP 7.2

RFC Deprecations for PHP 7.2 shows some features in which the use will be discouraged as they will be removed or replaced in PHP. According to RFC, these features should be removed at the latest in version 8.0.

Here are some of the features that will become obsolete:

  • __autoload
  • $ php_errormsg
  • create_function ()
  • func_overload
  • (unset) cast
  • parse_str () without second argument
  • gmp_random ()
  • each ()
  • assert () with the string argument
  • $ errcontext argument of error handler

What’s new in PHP 7.2

PHP 7.2 was officially released in November of this year and brought several new features. Some of the main ones:

  • get_class () disables the null parameter
  • Prevent number_format () from returning zero negative
  • Argon2 Password Hash
  • Object typehint
  • libsodium

All other approved RFCs, which are being implemented in version 7.2, you can see here.

Below we’ll look at some of these news and small examples with code.

get_class () disables the null parameter

When null is passed as a parameter to get_class () within a class context, the behavior of the function can be highly surprising:

class Foo<font></font>
{<font></font>
 function bar($repository)<font></font>
 {<font></font>
 $result = $repository->find(100);<font></font>
 <font></font>
 echo get_class($result);<font></font>
 }<font></font>
}

If $ result contains a valid object, the result will be the return of the class name according to the passed object. If the $ result is null, the output will be in the context of the class where get_class () was called, in this case “Foo”.

This feature violates the Principle of least astonishment (POLA) principle: “If a required feature has a high astonishing factor, it may be necessary to redraw the feature.” This RFC proposes to allow null to be passed to the function as a valid parameter. If get_class () is called with null as a parameter, a warning is issued:

Warning: get_class () expects parameter 1 to be object, null given in %

Prevent number_format () from returning zero negative

Today, when executing number_format (-0.00), returns string (1) “0”. However, when you run number_format (-0.01), it returns the string (2) “-0”.

This RFC proposes to keep number_format () consistent and does not display the signal when a number is rounded to zero.

Argon2 Password Hash

Argon2 is the password hashing algorithm that won the 2015 Password Hashing Competition, so it is highly recommended to use it. Unlike Bcrypt, which only has a single cost factor, Argon2 is parameterized by three different factors:

  1. Runtime
  2. Memory required
  3. Degree of parallelism

This RFC proposes the implementation of Argon2i (v1.3) in the password_ * functions for use as a safe alternative to Bcrypt.

The password_hash () function is changed to accept PASSWORD_ARGON2I as the algorithm and accept the cost of memory, the cost of time, and the degree of parallelism as

options. The following example illustrates the new functionality:

// Argon2i com fatores de custo padrão<font></font>
password_hash('password', PASSWORD_ARGON2I);<font></font>
<font></font>
// Argon2i com fatores de custo personalizados<font></font>
password_hash('password', PASSWORD_ARGON2I, ['memory_cost' => 1<<17, 'time_cost' => 4, 'threads' => 2]);

Object typehint

PHP 7 introduced scalar types for parameters and also for declaring return types of functions.

However, it is currently not possible to declare that a function must receive an object as a parameter or declare that a function must return an object.

This RFC proposes that the object must be used as a parameter type and as a return type. Any object would pass the type check.

Example:

Parameter type:

function acceptsObject(object $obj) {<font></font>
...<font></font>
}<font></font>
<font></font>
// This code will be analyzed statically and is correct <font></ font>
acceptsObject(json_decode('{}'));<font></font>
<font></font>
// This code will be analyzed statically and is correct <font></ font>
acceptsObject(new \MyObject());<font></font>
<font></font>
// Here it will be analyzed statically and contains error <font></ font>
// and would throw a TypeError at runtime <font></ font>
acceptsObject ("This is not an object.");

Type of return:

// This function will be analyzed statically according to the <font> </ font>
// type returned <font> </ font>
function correctFunction (): object {<font> </ font>
     $ obj = json_decode ('{}'); <font> </ font>
  <font> </ font>
     return $ obj; <font> </ font>
} <font> </ font>
  <font> </ font>
// This function will be analyzed statically and contains error <font> </ font>
// that will result in runtime failure <font> </ font>
function errorFunction (): object {<font> </ font>
     return []; <font> </ font>
}

The first programming language to adopt modern cryptography

Another novelty that came with version 7.2 concerns modern cryptography, libsodium, which is part of the core extension of PHP 7.2.  Sodium is a library that facilitates the use of encryption, decryption, signatures, password hash and more. Its purpose is to provide all the basic operations necessary to create high-level cryptographic tools. More information can be found in the added RF Sodium RFC in PHP 7.2.

Source: https://github.com/jedisct1/libsodium

Concluding

According to data from packagist.org, the adoption of PHP version 7 already exceeded 5.6, as we can see in the comparison below, which was made based on data from November 2016 and May 2017:

Source: https://seld.be/notes/php-versions-stats-2017-1-edition

Are you still not using PHP 7? What is stopping you from doing the upgrade? At Nestify we use it on all new projects and we try to upgrade to old versions 7 whenever necessary.

And Nestify customers can also use it. We provide support for PHP 7.2 from the same day the community released.

In the RFC’s page, you will find complete documentation of all features, including examples. This version, of course, is not limited to new features. It is worth looking at each item changed.

Can I already test this new version? Yes, Release Candidate 5 Released is now available. You can already see what changes will go into this new version and test.

We can use Docker to easily test using the official PHP images available in the Docker Hub: PHP 7.2.0 Release Candidate.

That’s all for now, but if you come across other changes that are not mentioned here, leave a comment below. Thanks for reading.

Fully Managed WordPress Hosting

Nestify’s AWS powered dedicated CPU servers keep your sites fast, secure, and always up to date.

Want faster WordPress?

WordPress Speed Optimization

Try our AWS powered WordPress hosting for free and see the difference for yourself.

No Credit Card Required.

Whitelabel Web Hosting Portal Demo

Launching WordPress on AWS takes just one minute with Nestify.

Launching WooCommerce on AWS takes just one minute with Nestify.