Представлен первый бета-релиз новой версии открытого языка PHP — 5.1. Среди новшеств в PHP 5.1: — PDO (PHP Data Objects) — новая абстрактная прослойка (abstraction layer) для работы с БД (обещается высокая производительность, простота использования и гибкость); — значительные улучшения в производительности (в т.ч. новая архитектура исполнения Zend Engine II); — расширение регулярных выражений PCRE обновлено до PCRE 5.0; — многочисленные улучшения, новые возможности и исправления ошибок (особенно в областях SOAP, потоков и SPL). Home_http://ru.php.net
SpiderX, 28.06.2005 - 11:42
Настройка PHP 5.1 под Win
1) Качаем пакет PHP (8-ми меговый) 2) Качаем пакет PECL модулей. 3) Распаковываем PECL в папку \ext где установлен PHP. 4) Редактируем в php.ini параметр extension_dir (записываем полный путь до каталога \ext, например, extension_dir = "c:\Apache\php\ext\") 5) Заменяем блок Dynamic Extensions на такой:
Бывает, что после установки PHP 5 полностью рабочие скрипты не работают. Обычно (95% случаев) на работоспособность влияют две опции php.ini:
CODE
register_globals = Off short_open_tag = Off
Первая опция запрещает использовать глобальные переменные (запрет появился в PHP 5, для повышения безопасности), вторая запрещает использовать короткие тэги ?> (вместо ) В редких случаях мешает опция
CODE
register_long_arrays = Off
Можно заранее после установки задать значение On всем вышеперечисленным параметрам.
А некоторые скрипты написанные для 4 версии на 5 не работают. По этому на большенстве серверо до сих пор стоит 4.
DarkWire, 17.09.2005 - 17:28
Я являюсь администратором Игровой Зоны и с переходом на PHP 5 возникло 2 проблемы, которые вынудили обратно уйти на PHP 4.4.0:
1. Не работает мониторинг Counter-Strike 2. Не работает online игра Легенда о Зеленом Драконе
SpiderX, 17.09.2005 - 19:26
Ничего удивительного нет. Перепортируй скрипты под пятую версию и всё будет ОК. Конечно возня, но imho дело того стоит. Тем более кодовые различия будут не такие уж и большие.
ЭЖД, 1.11.2005 - 21:42
PHP 4.4.1
Обнаружено несколько неприятных проблем с безопасностью в версиях PHP ниже 4.4.1 и 5.0.6 (который еще не вышел).
Проблемы: Возможность (при register_globals=on) подмены значений в массиве "GLOBALS" через "multipart/form-data" запрос или функции extract(), import_request_variables(); Ошибка в функции parse_str(), которая может привести к активации настройки register_globals; "Cross-Site Scripting" - атакующий может сформировать ссылку на скрипт с phpinfo(), подставив свой HTML код; Возможность выхода за пределы директории, заданной в open_basedir и safe_mode, через модули "ext/curl" и "ext/gd" или вызов virtual() под apache 2 SAPI; Целочисленное переполнение в pcrelib; Исправлено более 30 ошибок не касающихся безопасности. ChangeLog_http://www.php.net/ChangeLog-4.php#4.4.1 Downloads (~4.0 Mb)_http://www.php.net/ge.../from/a/mirror
ЭЖД, 27.11.2005 - 3:42
PHP 5.1.0
Вышел первый официальный релиз PHP 5.1. Пользователям PHP 5.0 рекомендуется срочно обновиться, так как в PHP 5.1 исправлен ряд серьезных ошибок связанных с безопасностью.
В новом релизе PHP 5.1 были обнаружены серьёзные ошибки, поэтому всем рекомендуют обновиться. * Native date class is withdrawn to prevent namespace conflict with PEAR's date package. * Fixed fatal parse error when the last line of the script is a PHP comment. * eval() hangs when the code being evaluated ends with a comment. * Usage of \{$var} in PHP 5.1.0 resulted in the output of {$var} instead of the $var variable's value enclosed in {}. * Fixed inconsistency in the format of PHP_AUTH_DIGEST between Apache 1 and 2 sapis. * Improved safe_mode/open_basedir checks inside the cURL extension. ChangeLog_http://www.php.net/ChangeLog-5.php#5.1.1 Source Code (~5.9 Mb)_http://ru.php.net/dis...-5.1.1.tar.bz2 Windows Binaries zip (~8.6 Mb)_http://ru.php.net/dis....1.1-Win32.zip exe (~2.5 Mb)_http://ru.php.net/dis...-installer.exe
ЭЖД, 13.01.2006 - 14:22
PHP 5.1.2
Из новшеств может отметить: Помещение в состав поставки PHP расширений "hash" и XMLWriter. В интерфейс к библиотеке GD добавлена возможность генерации PNG в сжатом виде. SQLite библиотека обновлена с версии 2.8.17 до 3.2.8. В бинарную версию для платформы Win32 включены библиотеки libxml2-2.6.22 и libxslt-1.1.15. ChangeLog_http://www.php.net/ChangeLog-5.php#5.1.2 Downloads (~6,1 Mb)_http://ru2.php.net/ge...php.net/mirror
Вышла новая версия PHP - 5.2.0 В ней исправлено около 200 ошибок, оптимизировано выполнение многих функций, улучшенны OpenSSL, SNMP, CURL,PCRE, PDO расширения и добавлено ZIP расширение. Оптимизирован менеджер памяти Zend, добавилась возможность его тонкой настройки. Также оптимизирован FastCGI SAPI. Обновлены многие библиотеки для версии под Windows. Source Code (~6,6 Mb)_http://www.php.net/ge.../from/a/mirror Windows Binaries (~9,4 Mb)_http://ru2.php.net/ge...om/this/mirror
Security Fixes Fixed an integer overflow inside chunk_split() (by Gerhard Wagner, CVE-2007-2872) Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche, CVE-2007-2756) Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan Esser, CVE-2007-1900) Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath()) (by bugs dot php dot net at chsc dot dk) Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib. Added mysql_set_charset() to allow runtime altering of connection encoding. Changed CGI install target to php-cgi and 'make install' to install CLI when CGI is selected. (Jani) Changed JSON maximum nesting depth from 20 to 128. (Rasmus) Improved compilation of heredocs and interpolated strings. (Matt, Dmitry) Optimized out a couple of per-request syscalls. (Rasmus) Optimized digest generation in md5() and sha1() functions. (Ilia) Upgraded bundled SQLite 3 to version 3.3.17. (Ilia) Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007. (Stas) Added a 4th parameter flag to htmlspecialchars() and htmlentities() that makes the function not encode existing html entities. (Ilia) Added PDO::FETCH_KEY_PAIR mode that will fetch a 2 column result set into an associated array. (Ilia) Added CURLOPT_TIMEOUT_MS and CURLOPT_CONNECTTIMEOUT_MS cURL constants. (Sara) Added --ini switch to CLI that prints out configuration file names. (Marcus) Implemented FR Fixed bug #41416 (getColumnMeta() should also return table name). (Tony) Fixed filetype() and linkinfo() processing of symlinks on ZTS systems. (Oliver Block, Tony, Dmitry) Fixed SOAP extension's handler() to work even when "always_populate_raw_post_data" is off. (Ilia) Fixed altering $this via argument named "this". (Dmitry) Fixed PHP CLI usage of php.ini from the binary location. (Hannes) Fixed segfault in strripos(). (Tony, Joxean Koret) Fixed gd build when used with freetype 1.x (Pierre, Tony) Fixed bug #41525 (ReflectionParameter::getPosition() not available). (Marcus) Fixed bug #41511 (Compile failure under IRIX 6.5.30 building md5.c). (Jani) Fixed bug #41504 (json_decode() incorrectly decodes JSON arrays with empty string keys). (Ilia) Fixed bug #41477 (no arginfo about SoapClient::__soapCall()). (Ilia) Fixed bug #41455 (ext/dba/config.m4 pollutes global $LIBS and $LDFLAGS). (mmarek at suse dot cz, Tony) Fixed bug #41442 (imagegd2() under output control). (Tony) Fixed bug #41430 (Fatal error with negative values of maxlen parameter of file_get_contents()). (Tony) Fixed bug #41423 (PHP assumes wrongly that certain ciphers are enabled in OpenSSL). (Pierre) Fixed bug #41421 (Uncaught exception from a stream wrapper segfaults). (Tony, Dmitry) Fixed bug #41403 (json_decode cannot decode floats if localeconv decimal_point is not '.'). (Tony) Fixed bug #41401 (wrong unary operator precedence). (Stas) Fixed bug #41394 (dbase_create creates file with corrupted header). (Tony) Fixed bug #41390 (Clarify error message with invalid protocol scheme). (Scott) Fixed bug #41378 (fastcgi protocol lacks support for Reason-Phrase in "Status:" header). (anight at eyelinkmedia dot com, Dmitry) Fixed bug #41374 (whole text concats values of wrong nodes). (Rob) Fixed bug #41358 (configure cannot determine SSL lib with libcurl >= 7.16.2). (Mike) Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input). (Ilia) Fixed bug #41351 (Invalid opcode with foreach ($a[] as $b)). (Dmitry, Tony) Fixed bug #41347 (checkdnsrr() segfaults on empty hostname). (Scott) Fixed bug #41337 (WSDL parsing doesn't ignore non soap bindings). (Dmitry) Fixed bug #41326 (Writing empty tags with Xmlwriter::WriteElement[ns]) (Pierre) Fixed bug #41321 (downgrade read errors in getimagesize() to E_NOTICE). (Ilia) Fixed bug #41304 (compress.zlib temp files left). (Dmitry) Fixed bug #41293 (Fixed creation of HTTP_RAW_POST_DATA when there is no default post handler). (Ilia) Fixed bug #41291 (FastCGI does not set SO_REUSEADDR). (fmajid at kefta dot com, Dmitry) Fixed bug #41287 (Namespace functions don't allow xmlns definition to be optional). (Rob) Fixed bug #41283 (Bug with deserializing array key that are doubles or floats in wddx). (Ilia) Fixed bug #41257 (lookupNamespaceURI does not work as expected). (Rob) Fixed bug #41236 (Regression in timeout handling of non-blocking SSL connections during reads and writes). (Ilia) Fixed bug #41134 (zend_ts_hash_clean not thread-safe). (marco dot cova at gmail dot com, Tony) Fixed bug #41097 (ext/soap returning associative array as indexed without using WSDL). (Dmitry) Fixed bug #41004 (minOccurs="0" and null class member variable). (Dmitry) Fixed bug #39542 (Behavior of require/include different to < 5.2.0). (Dmitry) Linux (~7,2 Mb)_http://ru.php.net/dis...-5.2.3.tar.bz2 Windows installer (~21,9 Mb)_http://ru.php.net/dis...-installer.msi Windows zip package (~9,6 Mb)_http://ru.php.net/dis....2.3-Win32.zip
ЭЖД, 1.09.2007 - 9:42
PHP 5.2.4
Security Enhancements and Fixes in PHP 5.2.4: Fixed a floating point exception inside wordwrap() (Reported by Mattias Bengtsson) Fixed several integer overflows inside the GD extension (Reported by Mattias Bengtsson) Fixed size calculation in chunk_split() (Reported by Gerhard Wagner) Fixed integer overflow in str[c]spn(). (Reported by Mattias Bengtsson) Fixed money_format() not to accept multiple %i or %n tokens. (Reported by Stanislav Malyshev) Fixed zend_alter_ini_entry() memory_limit interruption vulnerability. (Reported by Stefan Esser) Fixed INFILE LOCAL option handling with MySQL extensions not to be allowed when open_basedir or safe_mode is active. (Reported by Mattias Bengtsson) Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378) (Reported by Maksymilian Arciemowicz) Fixed a possible invalid read in glob() win32 implementation (CVE-2007-3806) (Reported by shinnai) Fixed a possible buffer overflow in php_openssl_make_REQ (Reported by zatanzlatan at hotbrev dot com) Fixed an open_basedir bypass inside glob() function (Reported by dr at peytz dot dk) Fixed a possible open_basedir bypass inside session extension when the session file is a symlink (Reported by c dot i dot morris at durham dot ac dot uk) Improved fix for MOPB-03-2007. Corrected fix for CVE-2007-2872. Linux (~7,4 Mb)_http://ru.php.net/dis...-5.2.4.tar.bz2 Windows Installer (~22 Mb)_http://ru.php.net/dis...-installer.msi Windows zip package (~9,7 Mb)_http://www.php.net/di....2.4-Win32.zip
scorpio, 13.11.2007 - 0:38
PHP 5.2.5
08-November-2007
Security Fixes -Fixed dl() to only accept filenames. reported by Laurent Gaffie. -Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887). -Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences. -Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie. -Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications reported by SecurityReason. -Fixed bug #42869 (automatic session id insertion adds sessions id to non-local forms). -Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()).
Upgraded PCRE to version 7.3 (Nuno) Added optional parameter $provide_object to debug_backtrace(). (Sebastian) Added alpha support for imagefilter() IMG_FILTER_COLORIZE. (Pierre) Added ability to control memory consumption between request using ZEND_MM_COMPACT environment variable. (Dmitry) Improved speed of array_intersect_key(), array_intersect_assoc(), array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and array_udiff_assoc(). (Dmitry) Fixed move_uploaded_file() to always set file permissions of resulting file according to UMASK. (Andrew Sitnikov) Fixed possible crash in ext/soap because of uninitialized value. (Zdash Urf) Fixed regression in glob() when enforcing safe_mode/open_basedir checks on paths containing '*'. (Ilia) Fixed PDO crash when driver returns empty LOB stream. (Stas) Fixed iconv_*() functions to limit argument sizes as workaround to libc bug (CVE-2007-4783, CVE-2007-4840 by Laurent Gaffie). (Christian Hoffmann, Stas) Fixed missing brackets leading to build warning and error in the log. Win32 code. (Andrey) Fixed leaks with multiple connects on one mysqli object. (Andrey) Fixed endianness detection on MacOS when building universal binary. (Uwe Schindler, Christian Speich, Tony) Fixed imagerectangle regression with 1x1 rectangle (libgd #106). (Pierre) Fixed bug #43196 (array_intersect_assoc() crashes with non-array input). (Jani) Fixed bug #43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with fetchAll()). (Ilia) Fixed bug #43137 (rmdir() and rename() do not clear statcache). (Jani) Fixed bug #43130 (Bound parameters cannot have - in their name). (Ilia) Fixed bug #43099 (XMLWriter::endElement() does not check # of params). (Ilia) Fixed bug #43020 (Warning message is missing with shuffle() and more than one argument). (Scott) Fixed bug #42976 (Crash when constructor for newInstance() or newInstanceArgs() fails) (Ilia) Fixed bug #42943 (ext/mssql: Move *timeout initialization from RINIT to connect time). (Ilia) Fixed bug #42917 (PDO::FETCH_KEY_PAIR doesn't work with setFetchMode). (Ilia) Fixed bug #42890 (Constant "LIST" defined by mysqlclient and c-client). (Andrey) Fixed bug #42818 ($foo = clone(array()); leaks memory). (Dmitry) Fixed bug #42817 (clone() on a non-object does not result in a fatal error). (Ilia) Fixed bug #42785 (json_encode() formats doubles according to locale rather then following standard syntax). (Ilia) Fixed bug #42783 (pg_insert() does not accept an empty list for insertion). (Ilia) Fixed bug #42773 (WSDL error causes HTTP 500 Response). (Dmitry) Fixed bug #42772 (Storing $this in a static var fails while handling a cast to string). (Dmitry) Fixed bug #42767 (highlight_string() truncates trailing comment). (Ilia) Fixed bug #42739 (mkdir() doesn't like a trailing slash when safe_mode is enabled). (Ilia) Fixed bug #42703 (Exception raised in an iterator::current() causes segfault in FilterIterator) (Marcus) Fixed bug #42699 (PHP_SELF duplicates path). (Dmitry) Fixed bug #42654 (RecursiveIteratorIterator modifies only part of leaves) (Marcus) Fixed bug #42643 (CLI segfaults if using ATTR_PERSISTENT). (Ilia) Fixed bug #42637 (SoapFault : Only http and https are allowed). (Bill Moran) Fixed bug #42629 (Dynamically loaded PHP extensions need symbols exported on MacOSX). (jdolecek at NetBSD dot org) Fixed bug #42627 (bz2 extension fails to build with -fno-common). (dolecek at netbsd dot org) Fixed bug #42596 (session.save_path MODE option does not work). (Ilia) Fixed bug #42590 (Make the engine recognize \v and \f escape sequences). (Ilia) Fixed bug #42587 (behavior change regarding symlinked .php files). (Dmitry) Fixed bug #42579 (apache_reset_timeout() does not exist). (Jani) Fixed bug #42549 (ext/mysql failed to compile with libmysql 3.23). (Scott) Fixed bug #42523 (PHP_SELF duplicates path). (Dmitry) Fixed bug #42512 (ip2long('255.255.255.255') should return 4294967295 on 64-bit PHP). (Derick) Fixed bug #42506 (php_pgsql_convert() timezone parse bug) (nonunnet at gmail dot com, Ilia) Fixed bug #42462 (Segmentation when trying to set an attribute in a DOMElement). (Rob) Fixed bug #42453 (CGI SAPI does not shut down cleanly with -i/-m/-v cmdline options). (Dmitry) Fixed bug #42452 (PDO classes do not expose Reflection API information). (Hannes) Fixed bug #42468 (Write lock on file_get_contents fails when using a compression stream). (Ilia) Fixed bug #42488 (SoapServer reports an encoding error and the error itself breaks). (Dmitry) Fixed bug #42378 (mysqli_stmt_bind_result memory exhaustion). (Andrey) Fixed bug #42359 (xsd:list type not parsed). (Dmitry) Fixed bug #42326 (SoapServer crash). (Dmitry) Fixed bug #42214 (SoapServer sends clients internal PHP errors). (Dmitry) Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime values). (Ilia) Fixed bug #42139 (XMLReader option constants are broken using XML()). (Rob) Fixed bug #42086 (SoapServer return Procedure '' not present for WSIBasic compliant wsdl). (Dmitry) Fixed bug #41822 (Relative includes broken when getcwd() fails). (Ab5602, Jani) Fixed bug #39651 (proc_open() append mode doesn't work on windows). (Nuno)
Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion. (Ilia) Added missing sanity checks around exif processing. (Ilia) Added error constant when json_encode() detects an invalid UTF-8 sequence. (Scott) Added support for ACL on Windows for thread safe SAPI (Apache2 for example) and fix its support on NTS. (Pierre) Upgraded bundled sqlite to version 3.6.19. (Scott) Updated timezone database to version 2009.17 (2009q). (Derick) Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre) Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (Rasmus) Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (Rasmus) Fixed certificate validation inside php_openssl_apply_verification_policy (Ryan Sleevi, Ilia) Fixed crash in SQLiteDatabase::ArrayQuery() and SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe) Fixed crash when instantiating PDORow and PDOStatement through Reflection. (Felipe) Fixed sanity check for the color index in imagecolortransparent. (Pierre) Fixed scandir/readdir when used mounted points on Windows. (Pierre) Fixed zlib.deflate compress filter to actually accept level parameter. (Jani) Fixed leak on error in popen/exec (and related functions) on Windows. (Pierre) Fixed possible bad caching of symlinked directories in the realpath cache on Windows. (Pierre) Fixed atime and mtime in stat related functions on Windows. (Pierre) Fixed spl_autoload_unregister/spl_autoload_functions wrt. Closures and Functors. (Christian Seiler) Fixed open_basedir circumvention for "mail.log" ini directive. (Maksymilian Arciemowicz, Stas) Fixed signature generation/validation for zip archives in ext/phar. (Greg) Fixed memory leak in stream_is_local(). (Felipe, Tony) Fixed BC break in mime_content_type(), removes the content encoding. (Scott) Changed ini file directives [PATH=](on Win32) and [HOST=](on all) to be case insensitive (garretts) Restored shebang line check to CGI sapi (not checked by scanner anymore). (Jani) Improve symbolic, mounted volume and junctions support for realpath on Windows. (Pierre) Improved readlink on Windows, suppress ?? and use the drive syntax only. (Pierre) Improved dns_get_record() AAAA support on windows. Always available when IPv6 is support is installed, format is now the same than on unix. (Pierre) Improved the DNS functions on OSX to use newer APIs, also use Bind 9 API where available on other platforms. (Scott) Improved shared extension loading on OSX to use the standard Unix dlopen() API. (Scott) Fixed bug #50063 (safe_mode_include_dir fails). (Johannes, christian at elmerot dot se) Fixed bug #50052 (Different Hashes on Windows and Linux on wrong Salt size). (Pierre) Fixed bug #49910 (no support for ././@LongLink for long filenames in phar tar support). (Greg) Fixed bug #49908 (throwing exception in __autoload crashes when interface is not defined). (Felipe) Fixed bug #49847 (exec() fails to return data inside 2nd parameter, given output lines >4095 bytes). (Ilia) Fixed bug #49809 (time_sleep_until() is not available on OpenSolaris). (Jani) Fixed bug #49757 (long2ip() can return wrong value in a multi-threaded applications). (Ilia, Florian Anderiasch) Fixed bug #49738 (calling mcrypt after mcrypt_generic_deinit crashes). (Sriram Natarajan) Fixed bug #49732 (crashes when using fileinfo when timestamp conversion fails). (Pierre) Fixed bug #49698 (Unexpected change in strnatcasecmp()). (Rasmus) Fixed bug #49630 (imap_listscan function missing). (Felipe) Fixed bug #49572 (use of C++ style comments causes build failure). (Sriram Natarajan) Fixed bug #49531 (CURLOPT_INFILESIZE sometimes causes warning "CURLPROTO_FILE cannot be set"). (Felipe) Fixed bug #49517 (cURL's CURLOPT_FILE prevents file from being deleted after fclose). (Ilia) Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). (Ilia) Fixed bug #49447 (php engine need to correctly check for socket API return status on windows). (Sriram Natarajan) Fixed bug #49391 (ldap.c utilizing deprecated ldap_modify_s). (Ilia) Fixed bug #49361 (wordwrap() wraps incorrectly on end of line boundaries). (Ilia, code-it at mail dot ru) Fixed bug #49372 (segfault in php_curl_option_curl). (Pierre) Fixed bug #49306 (inside pdo_mysql default socket settings are ignored). (Ilia) Fixed bug #49289 (bcmath module doesn't compile with phpize configure). (Jani) Fixed bug #49286 (php://input (php_stream_input_read) is broken). (Jani) Fixed bug #49269 (Ternary operator fails on Iterator object when used inside foreach declaration). (Etienne, Dmitry) Fixed bug #49236 (Missing PHP_SUBST(PDO_MYSQL_SHARED_LIBADD)). (Jani) Fixed bug #49223 (Inconsistency using get_defined_constants). (Garrett) Fixed bug #49193 (gdJpegGetVersionString() inside gd_compact identifies wrong type in declaration). (Ilia) Fixed bug #49183 (dns_get_record does not return NAPTR records). (Pierre) Fixed bug #49144 (Import of schema from different host transmits original authentication details). (Dmitry) Fixed bug #49142 (crash when exception thrown from __tostring()). (David Soria Parra) Fixed bug #49986 (Missing ICU DLLs on windows package). (Pierre) Fixed bug #49132 (posix_times returns false without error). (phpbugs at gunnu dot us) Fixed bug #49125 (Error in dba_exists C code). (jdornan at stanford dot edu) Fixed bug #49122 (undefined reference to mysqlnd_stmt_next_result on compile with --with-mysqli and MySQL 6.0). (Jani) Fixed bug #49108 (2nd scan_dir produces segfault). (Felipe) Fixed bug #49098 (mysqli segfault on error). (Rasmus) Fixed bug #49095 (proc_get_status['exitcode'] fails on win32). (Felipe) Fixed bug #49092 (ReflectionFunction fails to work with functions in fully qualified namespaces). (Kalle, Jani) Fixed bug #49074 (private class static fields can be modified by using reflection). (Jani) Fixed bug #49072 (feof never returns true for damaged file in zip). (Pierre) Fixed bug #49065 ("disable_functions" php.ini option does not work on Zend extensions). (Stas) Fixed bug #49064 (--enable-session=shared does not work: undefined symbol: php_url_scanner_reset_vars). (Jani) Fixed bug #49056 (parse_ini_file() regression in 5.3.0 when using non-ASCII strings as option keys). (Jani) Fixed bug #49052 (context option headers freed too early when using --with-curlwrappers). (Jani) Fixed bug #49047 (The function touch() fails on directories on Windows). (Pierre) Fixed bug #49032 (SplFileObject::fscanf() variables passed by reference). (Jani) Fixed bug #49027 (mysqli_options() doesn't work when using mysqlnd). (Andrey) Fixed bug #49026 (proc_open() can bypass safe_mode_protected_env_vars restrictions). (Ilia) Fixed bug #49012 (phar tar signature algorithm reports as Unknown (0) in getSignature() call). (Greg) Fixed bug #49020 (phar misinterprets ustar long filename standard). (Greg) Fixed bug #49018 (phar tar stores long filenames wit prefix/name reversed). (Greg) Fixed bug #49014 (dechunked filter broken when serving more than 8192 bytes in a chunk). (andreas dot streichardt at globalpark dot com, Ilia) Fixed bug #49000 (PHP CLI in Interactive mode (php -a) crashes when including files from function). (Stas) Fixed bug #48994 (zlib.output_compression does not output HTTP headers when set to a string value). (Jani) Fixed bug #48980 (Crash when compiling with pdo_firebird). (Felipe) Fixed bug #48962 (cURL does not upload files with specified filename). (Ilia) Fixed bug #48929 (Double rn after HTTP headers when "header" context option is an array). (David Zülke) Fixed bug #48913 (Too long error code strings in pdo_odbc driver). (naf at altlinux dot ru, Felipe) Fixed bug #48912 (Namespace causes unexpected strict behaviour with extract()). (Dmitry) Fixed bug #48909 (Segmentation fault in mysqli_stmt_execute()). (Andrey) Fixed bug #48899 (is_callable returns true even if method does not exist in parent class). (Felipe) Fixed bug #48893 (Problems compiling with Curl). (Felipe) Fixed bug #48872 (string.c: errors: duplicate case values). (Kalle) Fixed bug #48854 (array_merge_recursive modifies arrays after first one). (Felipe) Fixed bug #48805 (IPv6 socket transport is not working). (Ilia) Fixed bug #48802 (printf() returns incorrect outputted length). (Jani) Fixed bug #48880 (Random Appearing open_basedir problem). (Rasmus, Gwynne) Fixed bug #48791 (open office files always reported as corrupted). (Greg) Fixed bug #48788 (RecursiveDirectoryIterator doesn't descend into symlinked directories). (Ilia) Fixed bug #48783 (make install will fail saying phar file exists). (Greg) Fixed bug #48774 (SIGSEGVs when using curl_copy_handle()). (Sriram Natarajan) Fixed bug #48771 (rename() between volumes fails and reports no error on Windows). (Pierre) Fixed bug #48768 (parse_ini_*() crash with INI_SCANNER_RAW). (Jani) Fixed bug #48763 (ZipArchive produces corrupt archive). (dani dot church at gmail dot com, Pierre) Fixed bug #48762 (IPv6 address filter still rejects valid address). (Felipe) Fixed bug #48757 (ReflectionFunction::invoke() parameter issues). (Kalle) Fixed bug #48754 (mysql_close() crash php when no handle specified). (Johannes, Andrey) Fixed bug #48752 (Crash during date parsing with invalid date). (Pierre) Fixed bug #48746 (Unable to browse directories within Junction Points). (Pierre, Kanwaljeet Singla) Fixed bug #48745 (mysqlnd: mysql_num_fields returns wrong column count for mysql_list_fields). (Andrey) Fixed bug #48740 (PHAR install fails when INSTALL_ROOT is not the final install location). (james dot cohen at digitalwindow dot com, Greg) Fixed bug #48733 (CURLOPT_WRITEHEADER|CURLOPT_FILE|CURLOPT_STDERR warns on files that have been opened with r+). (Ilia) Fixed bug #48719 (parse_ini_*(): scanner_mode parameter is not checked for sanity). (Jani) Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain components). (Ilia) Fixed bug #48681 (openssl signature verification for tar archives broken). (Greg) Fixed bug #48660 (parse_ini_*(): dollar sign as last character of value fails). (Jani) Fixed bug #48645 (mb_convert_encoding() doesn't understand hexadecimal html-entities). (Moriyoshi) Fixed bug #48637 ("file" fopen wrapper is overwritten when using --with-curlwrappers). (Jani) Fixed bug #48608 (Invalid libreadline version not detected during configure). (Jani) Fixed bug #48400 (imap crashes when closing stream opened with OP_PROTOTYPE flag). (Jani) Fixed bug #48377 (error message unclear on converting phar with existing file). (Greg) Fixed bug #48247 (Infinite loop and possible crash during startup with errors when errors are logged). (Jani) Fixed bug #48198 error: 'MYSQLND_LLU_SPEC' undeclared. Cause for #48780 and #46952 both fixed too. (Andrey) Fixed bug #48189 (ibase_execute error in return param). (Kalle) Fixed bug #48182 (ssl handshake fails during asynchronous socket connection). (Sriram Natarajan) Fixed bug #48116 (Fixed build with Openssl 1.0). (Pierre, Al dot Smith at aeschi dot ch dot eu dot org) Fixed bug #48057 (Only the date fields of the first row are fetched, others are empty). (info at programmiernutte dot net) Fixed bug #47481 (natcasesort() does not sort extended ASCII characters correctly). (Herman Radtke) Fixed bug #47351 (Memory leak in DateTime). (Derick, Tobias John) Fixed bug #47273 (Encoding bug in SoapServer->fault). (Dmitry) Fixed bug #46682 (touch() afield returns different values on windows). (Pierre) Fixed bug #46614 (Extended MySQLi class gives incorrect empty() result). (Andrey) Fixed bug #46020 (with Sun Java System Web Server 7.0 on HPUX, #define HPUX). (Uwe Schindler) Fixed bug #45905 (imagefilledrectangle() clipping error). (markril at hotmail dot com, Pierre) Fixed bug #45554 (Inconsistent behavior of the u format char). (Derick) Fixed bug #45141 (setcookie will output expires years of >4 digits). (Ilia) Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre) Fixed bug #43510 (stream_get_meta_data() does not return same mode as used in fopen). (Jani) Fixed bug #42434 (ImageLine w/ antialias = 1px shorter). (wojjie at gmail dot com, Kalle) Fixed bug #40013 (php_uname() does not return nodename on Netware (Guenter Knauf) Fixed bug #38091 (Mail() does not use FQDN when sending SMTP helo). (Kalle, Rick Yorgason) Fixed bug #28038 (Sent incorrect RCPT TO commands to SMTP server) (Garrett) Fixed bug #27051 (Impersonation with FastCGI does not exec process as impersonated user). (Pierre) Fixed PECL bug #16842 (oci_error return false when NO_DATA_FOUND is raised). (Chris Jones)
• CLI server: • Fixed bug #67429 (CLI server is missing some new HTTP response codes). • Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
• Core: • Fixed bug #67428 (header('Location: foo') will override a 308-399 response code). • Fixed bug #67436 (Autoloader isn't called if two method definitions don't match). • Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 10.0). • Fixed bug #67497 eval with parse error causes segmentation fault in generator). • Fixed bug #67151 (strtr with empty array crashes). • Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server 2012).
• FPM: • Fixed bug #67530 (error_log=syslog ignored). • Fixed bug #67531 (syslog cannot be set in pool configuratio).
• Intl: • Fixed bug #66921 (Wrong argument type hint for function intltz_from_date_time_zone). • Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).
• OPCache: • Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault happen).
• pgsql: • Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756), which affected builds against libpq < 7.3).
• Phar: • Fixed bug #67587 (Redirection loop on nginx with FPM).
• SPL: • Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorting). • Fixed bug #67538 (SPL Iterators use-after-free) (CVE-2014-4670).