Hypertext Preprocessor is a general-purpose programming language!

PHP for Mac

PHP for Mac

  -  20.62 MB  -  Open Source
PHP for Mac is a popular general-purpose scripting language that is especially suited to web development. Fast, flexible and pragmatic, PHP for macOS powers everything from your blog to the most popular websites in the world.

PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML.

Instead of lots of commands to output HTML (as seen in C or Perl), pages contain HTML with embedded code that does "something" (in this case, output "Hi, I'm a PHP script!"). The code is enclosed in special start and end processing instructions that allow you to jump into and out of "PHP mode."

What distinguishes PHP for macOS from something like client-side JavaScript is that the code is executed on the server, generating HTML which is then sent to the client. The client would receive the results of running that script, but would not know what the underlying code was. You can even configure your web server to process all your HTML files with PHP, and then there's really no way that users can tell what you have up your sleeve.

The best things in using PHP are that it is extremely simple for a newcomer, but offers many advanced features for a professional programmer. Don't be afraid reading the long list of PHP's features. You can jump in, in a short time, and start writing simple scripts in a few hours.

Also Available: Download PHP for Windows

What's new in this version:

BcMath:
- [RFC] Add bcfloor, bcceil and bcround to BCMath
- Improve performance
- Adjust bcround()'s $mode parameter to only accept the RoundingMode enum
- Fixed LONG_MAX in BCMath ext
- Fixed bcdiv() div by one
- [RFC] Support object types in BCMath
- bcpow() performance improvement
- ext/bcmath: Check for scale overflow
- [RFC] ext/bcmath: Added bcdivmod
- Fix GH-15968 (Avoid converting objects to strings in operator calculations)
- Fixed bug GH-16265 (Added early return case when result is 0)
- Fixed bug GH-16262 (Fixed a bug where size_t underflows)
- Fixed GH-16236 (Fixed a bug in BcMath\Number::pow() and bcpow() when raising negative powers of 0)

Core:
- Added zend_call_stack_get implementation for NetBSD, DragonFlyBSD, Solaris and Haiku
- Enabled ifunc checks on FreeBSD from the 12.x releases
- Changed the type of PHP_DEBUG and PHP_ZTS constants to bool
- Fixed bug GH-13142 (Undefined variable name is shortened when contains \0)
- Fixed bug GH-13178 (Iterator positions incorrect when converting packed array to hashed)
- Fixed zend fiber build for solaris default mode (32 bits)
- Fixed zend call stack size for macOs/arm64
- Added support for Zend Max Execution Timers on FreeBSD
- Ensure fiber stack is not backed by THP
- Implement GH-13609 (Dump wrapped object in WeakReference class)
- Added sparc64 arch assembly support for zend fiber
- Fixed GH-13581 no space available for TLS on NetBSD
- Added fiber Sys-V loongarch64 support
- Adjusted closure names to include the parent function's name
- Improve randomness of uploaded file names and files created by tempnam()
- Added gc and shutdown callbacks to zend_mm custom handlers
- Fixed bug GH-14650 (Compute the size of pages before allocating memory)
- Fixed bug GH-11928 (The --enable-re2c-cgoto doesn't add the -g flag)
- Added the #[\Deprecated] attribute
- Fixed GH-11389 (Allow suspending fibers in destructors)
- Fixed bug GH-14801 (Fix build for armv7)
- Implemented property hooks RFC
- Fix GH-14978 (The xmlreader extension phpize build)
- Throw Error exception when encountering recursion during comparison, rather than fatal error
- Added missing cstddef include for C++ builds
- Updated build system scripts config.guess to 2024-07-27 and config.sub to 2024-05-27
- Fixed bug GH-15240 (Infinite recursion in trait hook)
- Fixed bug GH-15140 (Missing variance check for abstract set with asymmetric type)
- Fixed bug GH-15181 (Disabled output handler is flushed again)
- Passing E_USER_ERROR to trigger_error() is now deprecated
- Fixed bug GH-15292 (Dynamic AVX detection is broken for MSVC)
- Using "_" as a class name is now deprecated
- Exiting a namespace now clears seen symbols
- The exit (and die) language constructs now behave more like a function. They can be passed liked callables, are affected by the strict_types declare statement, and now perform the usual type coercions instead of casting any non-integer value to a string. As such, passing invalid types to exit/die may now result in a TypeError being thrown
- Fixed bug GH-15438 (Hooks on constructor promoted properties without visibility are ignored)
- Fixed bug GH-15419 (Missing readonly+hook incompatibility check for readonly classes)
- Fixed bug GH-15187 (Various hooked object iterator issues)
- Fixed bug GH-15456 (Crash in get_class_vars() on virtual properties)
- Fixed bug GH-15501 (Windows HAVE_<header>_H macros defined to 1 or undefined)
- Implemented asymmetric visibility for properties
- Fixed bug GH-15644 (Asymmetric visibility doesn't work with hooks)
- Implemented lazy objects RFC
- Fixed bug GH-15686 (Building shared iconv with external iconv library)
- Fixed missing error when adding asymmetric visibility to unilateral virtual property
- Fixed bug GH-15693 (Unnecessary include in main.c bloats binary)
- Fixed bug GH-15731 (AllowDynamicProperties validation should error on enums)
- Fixed bug GH-16040 (Use-after-free of object released in hook)
- Fixed bug GH-16026 (Reuse of dtor fiber during shutdown)
- Fixed bug GH-15999 (zend_std_write_property() assertion failure with lazy objects)
- Fixed bug GH-15960 (Foreach edge cases with lazy objects)
- Fixed bug GH-16185 (Various hooked object iterator issues)
- Fixed bug OSS-Fuzz #371445205 (Heap-use-after-free in attr_free)
- Fixed missing error when adding asymmetric visibility to static properties
- Fixed bug OSS-Fuzz #71407 (Null-dereference WRITE in zend_lazy_object_clone)
- Fixed bug GH-16574 (Incorrect error "undefined method" messages)
- Fixed bug GH-16577 (EG(strtod_state).freelist leaks with opcache.preload)
- Fixed bug GH-16615 (Assertion failure in zend_std_read_property)
- Fixed bug GH-16342 (Added ReflectionProperty::isLazy())
- Fixed bug GH-16725 (Incorrect access check for non-hooked props in hooked object iterator)

Curl:
- Deprecated the CURLOPT_BINARYTRANSFER constant
- Bumped required libcurl version to 7.61.0
- Added feature_list key to the curl_version() return value
- Added constants CURL_HTTP_VERSION_3 (libcurl 7.66) and CURL_HTTP_VERSION_3ONLY (libcurl 7.88) as options for CURLOPT_HTTP_VERSION (Ayesh Karunaratne
- Added CURLOPT_TCP_KEEPCNT to set the number of probes to send before dropping the connection
- Added CURLOPT_PREREQFUNCTION Curl option to set a custom callback after the connection is established, but before the request is performed
- Added CURLOPT_SERVER_RESPONSE_TIMEOUT, which was formerly known as CURLOPT_FTP_RESPONSE_TIMEOUT
- The CURLOPT_DNS_USE_GLOBAL_CACHE option is now silently ignored
- Added CURLOPT_DEBUGFUNCTION as a Curl option
- Fixed bug GH-16359 (crash with curl_setopt* CURLOPT_WRITEFUNCTION without null callback)
- Fixed bug GH-16723 (CURLMOPT_PUSHFUNCTION issues)

Date:
- Added DateTime[Immutable]::createFromTimestamp
- Added DateTime[Immutable]::[get|set]Microsecond
- Constants SUNFUNCS_RET_TIMESTAMP, SUNFUNCS_RET_STRING, and SUNFUNCS_RET_DOUBLE are now deprecated
- Fixed bug GH-13773 (DatePeriod not taking into account microseconds for end date)

DBA:
- Passing null or false to dba_key_split() is deprecated

Debugging:
- Fixed bug GH-15923 (GDB: Python Exception <class 'TypeError'>: exceptions must derive from BaseException)

DOM:
- Added DOMNode::compareDocumentPosition()
- Implement #53655 (Improve speed of DOMNode::C14N() on large XML documents)
- Fix cloning attribute with namespace disappearing namespace
- Implement DOM HTML5 parsing and serialization RFC
- Fix DOMElement->prefix with empty string creates bogus prefix
- Handle OOM more consistently
- Implemented "Improve callbacks in ext/dom and ext/xsl" RFC
- Added DOMXPath::quote() static method
- Implemented opt-in ext/dom spec compliance RFC
- Fixed bug #79701 (getElementById does not correctly work with duplicate definitions)
- Implemented "New ext-dom features in PHP 8.4" RFC
- Fixed GH-14698 (segfault on DOM node dereference)
- Improve support for template elements
- Fix trampoline leak in xpath callables
- Throw instead of silently failing when creating a too long text node in (DOM)ParentNode and (DOM)ChildNode
- Fixed bug GH-15192 (Segmentation fault in dom extension (html5_serializer))
- Deprecated DOM_PHP_ERR constant
- Removed DOMImplementation::getFeature()
- Fixed bug GH-15331 (Element::$substitutedNodeValue test failed)
- Fixed bug GH-15570 (Segmentation fault (access null pointer) in ext/dom/html5_serializer.c)
- Fixed bug GH-13988 (Storing DOMElement consume 4 times more memory in PHP 8.1 than in PHP 8.0)
- Fix XML serializer errata: xmlns="" serialization should be allowed
- Fixed bug GH-15910 (Assertion failure in ext/dom/element.c)
- Fix unsetting DOM properties
- Fixed bug GH-16190 (Using reflection to call Dom\Node::__construct causes assertion failure)
- Fix edge-case in DOM parsing decoding
- Fixed bug GH-16465 (Heap buffer overflow in DOMNode->getElementByTagName)
- Fixed bug GH-16594 (Assertion failure in DOM -> before)

Fileinfo:
- Update to libmagic 5.45
- Fixed bug #65106 (PHP fails to compile ext/fileinfo)

FPM:
- Implement GH-12385 (flush headers without body when calling flush())
- Added DragonFlyBSD system to the list which set FPM_BACKLOG_DEFAULT to SOMAXCONN
- /dev/poll events.mechanism for Solaris/Illumos setting had been retired
- Added memory peak to the scoreboard / status page

FTP:
- Removed the deprecated inet_ntoa call support
- Fixed bug #63937 (Upload speed 10 times slower with PHP)

GD:
- Fix parameter numbers and missing alpha check for imagecolorset()
- imagepng/imagejpeg/imagewep/imageavif now throw an exception on invalid quality parameter
- Check overflow/underflow for imagescale/imagefilter
- Added gdImageClone to bundled libgd

Gettext:
- bind_textdomain_codeset, textdomain and d(*)gettext functions now throw an exception on empty domain

GMP:
- The GMP class is now final and cannot be extended anymore
- RFC: Change GMP bool cast behavior

Hash:
- Changed return type of hash_update() to true
- Added HashContext::__debugInfo()
- Deprecated passing incorrect data types for options to ext/hash functions
- Added SSE2 and SHA-NI implementation of SHA-256
- Fix GH-15384 (Build fails on Alpine / Musl for amd64)
- Fixed bug GH-15742 (php_hash_sha.h incompatible with C++)

IMAP:
- Moved to PECL

Intl:
- Added IntlDateFormatter::PATTERN constant
- Fixed Numberformatter::__construct when the locale is invalid, now throws an exception
- Added NumberFormatter::ROUND_TOWARD_ZERO and ::ROUND_AWAY_FROM_ZERO as aliases for ::ROUND_DOWN and ::ROUND_UP
- Added NumberFormatter::ROUND_HALFODD
- Added PROPERTY_IDS_UNARY_OPERATOR, PROPERTY_ID_COMPAT_MATH_START and PROPERTY_ID_COMPAT_MATH_CONTINUE constants
- Added IntlDateFormatter::getIanaID/intltz_get_iana_id method/function
- Set to C++17 standard for icu 74 and onwards
- resourcebundle_get(), ResourceBundle::get(), and accessing offsets on a ResourceBundle object now throw: - TypeError for invalid offset types - ValueError for an empty string - ValueError if the integer index does not fit in a signed 32 bit intege
- ResourceBundle::get() now has a tentative return type of: ResourceBundle|array|string|int|nul
- Added the new Grapheme function grapheme_str_split
- Added IntlDateFormatter::parseToCalendar
- Added SpoofChecker::setAllowedChars to set unicode chars ranges

LDAP:
- Added LDAP_OPT_X_TLS_PROTOCOL_MAX/LDAP_OPT_X_TLS_PROTOCOL_TLS1_3 constants

LibXML:
- Added LIBXML_RECOVER constant
- libxml_set_streams_context() now throws immediately on an invalid context instead of at the use-site
- Added LIBXML_NO_XXE constant

MBString:
- Added mb_trim, mb_ltrim and mb_rtrim
- Added mb_ucfirst and mb_lcfirst
- Updated Unicode data tables to Unicode 15.1
- Fixed bug GH-15824 (mb_detect_encoding(): Argument $encodings contains invalid encoding "UTF8")
- Updated Unicode data tables to Unicode 16.0

Mysqli:
- The mysqli_ping() function and mysqli::ping() method are now deprecated, as the reconnect feature was removed in PHP 8.2
- The mysqli_kill() function and mysqli::kill() method are now deprecated. If this functionality is needed a SQL "KILL" command can be used instead
- The mysqli_refresh() function and mysqli::refresh() method are now deprecated. If this functionality is needed a SQL "FLUSH" command can be used instead
- Passing explicitly the $mode parameter to mysqli_store_result() has been deprecated. As the MYSQLI_STORE_RESULT_COPY_DATA constant was only used in conjunction with this function it has also been deprecated

MySQLnd:
- Fixed bug GH-13440 (PDO quote bottleneck)
- Fixed bug GH-10599 (Apache crash on Windows when using a self-referencing anonymous function inside a class with an active mysqli connection)

Opcache:
- Added large shared segments support for FreeBSD
- If JIT is enabled, PHP will now exit with a fatal error on startup in case of JIT startup initialization issues
- Increased the maximum value of opcache.interned_strings_buffer to 32767 on 64bit archs
- Fixed bug GH-13834 (Applying non-zero offset 36 to null pointer in zend_jit.c)
- Fixed bug GH-14361 (Deep recursion in zend_cfg.c causes segfault)
- Fixed bug GH-14873 (PHP 8.4 min function fails on typed integer)
- Fixed bug GH-15490 (Building of callgraph modifies preloaded symbols)
- Fixed bug GH-15178 (Assertion in tracing JIT on hooks)
- Fixed bug GH-15657 (Segmentation fault in dasm_x86.h)
- Added opcache_jit_blacklist() function
- Fixed bug GH-16009 (Segmentation fault with frameless functions and undefined CVs)
- Fixed bug GH-16186 (Assertion failure in Zend/zend_operators.c)
- Fixed bug GH-16572 (Incorrect result with reflection in low-trigger JIT)
- Fixed GH-16839 (Error on building Opcache JIT for Windows ARM64)

OpenSSL:
- Fixed bug #80269 (OpenSSL sets Subject wrong with extraattribs parameter)
- Implement request #48520 (openssl_csr_new - allow multiple values in DN)
- Introduced new serial_hex parameter to openssl_csr_sign
- Added X509_PURPOSE_OCSP_HELPER and X509_PURPOSE_TIMESTAMP_SIGN constants
- Bumped minimum required OpenSSL version to 1.1.1
- Added compile-time option --with-openssl-legacy-provider to enable legacy provider
- Added support for Curve25519 + Curve448 based keys
- Fixed bug GH-13343 (openssl_x509_parse should not allow omitted seconds in UTCTimes)
- Bumped minimum required OpenSSL version to 1.1.0
- Implement GH-13514 PASSWORD_ARGON2 from OpenSSL 3.2

Output:
- Clear output handler status flags during handler initialization
- Fixed bug with url_rewriter.hosts not used by output_add_rewrite_var()

PCNTL:
- Added pcntl_setns for Linux
- Added pcntl_getcpuaffinity/pcntl_setcpuaffinity
- Updated pcntl_get_signal_handler signal id upper limit to be more in line with platforms limits
- Added pcntl_getcpu for Linux/FreeBSD/Solaris/Illumos
- Added pcntl_getqos_class/pcntl_setqos_class for macOs
- Added SIGCKPT/SIGCKPTEXIT constants for DragonFlyBSD
- Added FreeBSD's SIGTRAP handling to pcntl_siginfo_to_zval
- Added POSIX pcntl_waitid
- Fixed bug GH-16769: (pcntl_sigwaitinfo aborts on signal value as reference)

PCRE:
- Upgrade bundled pcre2lib to version 10.43
- Add "/r" modifier
- Upgrade bundled pcre2lib to version 10.44
- Fixed GH-16189 (underflow on offset argument)
- Fix UAF issues with PCRE after request shutdown

PDO:
- Fixed setAttribute and getAttribute
- Implemented PDO driver-specific subclasses RFC
- Added support for PDO driver-specific SQL parsers
- Fixed bug GH-14792 (Compilation failure on pdo_* extensions)
- mysqlnd: support ER_CLIENT_INTERACTION_TIMEOUT
- The internal header php_pdo_int.h is no longer installed; it is not supposed to be used by PDO drivers
- Fixed bug GH-16167 (Prevent mixing PDO sub-classes with different DSN)
- Fixed bug GH-16314 ("Pdo\Mysql object is uninitialized" when opening a persistent connection)

PDO_DBLIB:
- Fixed setAttribute and getAttribute
- Added class Pdo\DbLib

PDO_Firebird:
- Fixed setAttribute and getAttribute
- Feature: Add transaction isolation level and mode settings to pdo_firebird
- Added class Pdo\Firebird
- Added Pdo\Firebird::ATTR_API_VERSION
- Added getApiVersion() and removed from getAttribute()
- Supported Firebird 4.0 datatypes
- Support proper formatting of time zone types
- Fixed GH-15604 (Always make input parameters nullable)

PDO_MYSQL:
- Fixed setAttribute and getAttribute
- Added class Pdo\Mysql
- Added custom SQL parser
- Fixed GH-15949 (PDO_MySQL not properly quoting PDO_PARAM_LOB binary data)

PDO_ODBC:
- Added class Pdo\Odbc

PDO_PGSQL:
- Fixed GH-12423, DSN credentials being prioritized over the user/password PDO constructor arguments
- Fixed native float support with pdo_pgsql query results
- Added class Pdo\Pgsql
- Retrieve the memory usage of the query result resource
- Added Pdo\Pgsql::setNoticeCallBack method to receive DB notices
- Added custom SQL parser
- Fixed GH-15986 (Double-free due to Pdo\Pgsql::setNoticeCallback())
- Fixed GH-12940 (Using PQclosePrepared when available instead of the DEALLOCATE command to free statements resources)
- Remove PGSQL_ATTR_RESULT_MEMORY_SIZE constant as it is provided by the new PDO Subclass as Pdo\Pgsql::ATTR_RESULT_MEMORY_SIZE

PDO_SQLITE:
- Added class Pdo\Sqlite
- Fixed bug #81227 (PDO::inTransaction reports false when in transaction)
- Added custom SQL parser

PHPDBG:
- array out of bounds, stack overflow handled for segfault handler on windows
- Fixed bug GH-16041 (Support stack limit in phpdbg)

PGSQL:
- Added the possibility to have no conditions for pg_select
- Persistent connections support the PGSQL_CONNECT_FORCE_RENEW flag
- Added pg_result_memory_size to get the query result memory usage
- Added pg_change_password to alter an user's password
- Added pg_put_copy_data/pg_put_copy_end to send COPY commands and signal the end of the COPY
- Added pg_socket_poll to poll on the connection
- Added pg_jit to get infos on server JIT support
- Added pg_set_chunked_rows_size to fetch results per chunk
- pg_convert/pg_insert/pg_update/pg_delete ; regexes are now cached

Phar:
- Fixed bug GH-12532 (PharData created from zip has incorrect timestamp)

POSIX:
- Added POSIX_SC_CHILD_MAX and POSIX_SC_CLK_TCK constants
- Updated posix_isatty to set the error number on file descriptors

PSpell:
- Moved to PECL

Random:
- Fixed bug GH-15094 (php_random_default_engine() is not C++ conforming)
- lcg_value() is now deprecated

Readline:
- Fixed readline_info, rl_line_buffer_length/rl_len globals on update
- Fixed bug #51558 (Shared readline build fails)
- Fixed UAF with readline_info()

Reflection:
- Implement GH-12908 (Show attribute name/class in ReflectionAttribute dump)
- Make ReflectionGenerator::getFunction() legal after generator termination
- Added ReflectionGenerator::isClosed()
- Fixed bug GH-15718 (Segfault on ReflectionProperty::get{Hook,Hooks}() on dynamic properties)
- Fixed bug GH-15694 (ReflectionProperty::isInitialized() is incorrect for hooked properties)
- Add missing ReflectionProperty::hasHook[s]() methods
- Add missing ReflectionProperty::isFinal() method
- Fixed bug GH-16122 (The return value of ReflectionFunction::getNamespaceName() and ReflectionFunction::inNamespace() for closures is incorrect)
- Fixed bug GH-16162 (No ReflectionProperty::IS_VIRTUAL) (DanielEScherzer
- Fixed the name of the second parameter of ReflectionClass::resetAsLazyGhost()

Session:
- INI settings session.sid_length and session.sid_bits_per_character are now deprecated
- Emit warnings for non-positive values of session.gc_divisor and negative values of session.gc_probability
- Fixed bug GH-16590 (UAF in session_encode())

SimpleXML:
- Fix signature of simplexml_import_dom()

SNMP:
- Removed the deprecated inet_ntoa call support

SOAP:
- Add support for clark notation for namespaces in class map
- Mitigate #51561 (SoapServer with a extented class and using sessions, lost the setPersistence())
- Fixed bug #49278 (SoapClient::__getLastResponseHeaders returns NULL if wsdl operation !has output)
- Fixed bug #44383 (PHP DateTime not converted to xsd:datetime)
- Fixed bug GH-11941 (soap with session persistence will silently fail when "session" built as a shared object)
- Passing an int to SoapServer::addFunction() is now deprecated. If all PHP functions need to be provided flatten the array returned by get_defined_functions()
- The SOAP_FUNCTIONS_ALL constant is now deprecated
- Fixed bug #61525 (SOAP functions require at least one space after HTTP header colon)
- Implement request #47317 (SoapServer::__getLastResponse())

Sockets:
- Removed the deprecated inet_ntoa call support
- Added the SO_EXECLUSIVEADDRUSE windows constant
- Added the SOCK_CONN_DGRAM/SOCK_DCCP netbsd constants
- Added multicast group support for ipv4 on FreeBSD
- Added the TCP_SYNCNT constant for Linux to set number of attempts to send SYN packets from the client
- Added the SO_EXCLBIND constant for exclusive socket binding on illumos/solaris
- Updated the socket_create_listen backlog argument default value to SOMAXCONN
- Added the SO_NOSIGPIPE constant to control the generation of SIGPIPE for macOs and FreeBSD
- Added SO_LINGER_SEC for macOs, true equivalent of SO_LINGER in other platforms
- Add close-on-exec on socket created with socket_accept on unixes
- Added IP_PORTRANGE* constants for BSD systems to control ephemeral port ranges
- Added SOCK_NONBLOCK/SOCK_CLOEXEC constants for socket_create and socket_create_pair to apply O_NONBLOCK/O_CLOEXEC flags to the newly created sockets
- Added SO_BINDTOIFINDEX to bind a socket to an interface index

Sodium:
- Add support for AEGIS-128L and AEGIS-256
- Enable AES-GCM on aarch64 with the ARM crypto extensions

SPL:
- Implement SeekableIterator for SplObjectStorage
- The SplFixedArray::__wakeup() method has been deprecated as it implements __serialize() and __unserialize() which need to be overwritten instead
- Passing a non-empty string for the $escape parameter of: - SplFileObject::setCsvControl() - SplFileObject::fputcsv() - SplFileObject::fgetcsv() is now deprecated

Standard:
- Implement GH-12188 (Indication for the int size in phpinfo())
- Partly fix GH-12143 (Incorrect round() result for 0.49999999999999994)
- Fix GH-12252 (round(): Validate the rounding mode)
- Increase the default BCrypt cost to 12
- Fixed bug GH-12592 (strcspn() odd behaviour with NUL bytes and empty mask)
- Removed the deprecated inet_ntoa call support
- Cast large floats that are within int range to int in number_format so the precision is not lost
- Add support for 4 new rounding modes to the round() function
- debug_zval_dump() now indicates whether an array is packed
- Fix GH-12143 (Optimize round)
- Changed return type of long2ip to string from string|false
- Fix GH-12143 (Extend the maximum precision round can handle by one digit)
- Added the http_get_last_response_headers() and http_clear_last_response_headers() that allows retrieving the same content as the magic $http_response_header variable
- Add php_base64_encode_ex() API
- Implemented "Raising zero to the power of negative number" RFC
- Added array_find(), array_find_key(), array_all(), and array_any()
- Change highlight_string() and print_r() return type to string|true
- Fix references in request_parse_body() options array
- Add RoundingMode enum
- Unserializing the uppercase 'S' tag is now deprecated
- Enables crc32 auxiliary detection on OpenBSD
- Passing a non-empty string for the $escape parameter of: - fputcsv() - fgetcsv() - str_getcsv() is now deprecated
- The str_getcsv() function now throws ValueErrors when the $separator and $enclosure arguments are not one byte long, or if the $escape is not one byte long or the empty string. This aligns the behaviour to be identical to that of fputcsv() and fgetcsv()
- php_uname() now throws ValueErrors on invalid inputs
- The "allowed_classes" option for unserialize() now throws TypeErrors and ValueErrors if it is not an array of class names
- Implemented GH-15685 (improve proc_open error reporting on Windows)
- Add support for backed enums in http_build_query()
- Fixed bug GH-15982 (Assertion failure with array_find when references are involved)
- Fixed parameter names of fpow() to be identical to pow()

Streams:
- Implemented GH-15155 (Stream context is lost when custom stream wrapper is being filtered)

Tidy:
- Failures in the constructor now throw exceptions rather than emitting warnings and having a broken object
- Add tidyNode::getNextSibling() and tidyNode::getPreviousSibling()

Windows:
- Update the icon of the Windows executables, e.g. php.exe
- Fixed bug GH-16199 (GREP_HEADER() is broken)

XML:
- Added XML_OPTION_PARSE_HUGE parser option
- Fixed bug #81481 (xml_get_current_byte_index limited to 32-bit numbers on 64-bit builds)
- The xml_set_object() function has been deprecated
- Passing non-callable strings to the xml_set_*_handler() functions is now deprecated

XMLReader:
- Declares class constant types
- Add XMLReader::fromStream(), XMLReader::fromUri(), XMLReader::fromString()
- Fixed bug GH-15123 (var_dump doesn't actually work on XMLReader)

XMLWriter:
- Add XMLWriter::toStream(), XMLWriter::toUri(), XMLWriter::toMemory()

XSL:
- Implement request #64137 (XSLTProcessor::setParameter() should allow both quotes to be used)
- Implemented "Improve callbacks in ext/dom and ext/xsl" RFC
- Added XSLTProcessor::$maxTemplateDepth and XSLTProcessor::$maxTemplateVars
- Fix trampoline leak in xpath callables

Zip:
- Added ZipArchive::ER_TRUNCATED_ZIP added in libzip 1.11