using sched_getcpu under the hood (Linux and FreeBSD).
Returns the current cpu id for the current process.
For Linux, we need to see beyond the sole presence of the symbol
to consider it.
Mostly useful, for now, in the cpu affinity context since
the os can migrate processes as it sees fits otherwise.
Clos GH-13908
For now, working on Linux, FreeBSD >= 13.x and DragonFlyBSD.
Handy wrapper to assign an array of cpu ids or to retrieve the cpu ids
assigned to a given process.
pcntl_setaffinity inserts valid unique cpu ids (within the range of available
cpus).
Close GH-13893
There are two depth limiting parameters for XSLT templates.
1) maxTemplateDepth
This corresponds to the recursion depth of a template. For very
complicated templates this can be hit.
2) maxTemplateVars
This is the total number of live variables. When using recursive
templates with lots of parameters you can hit this limit.
This patch introduces two new properties to XSLTProcessor that
corresponds to the above variables.
Useful to control how many SYN packets the client will send to the
server before giving up establishing a connection if the server does
not respond (usually 5 or 6 by default).
Close GH-13816
Bumps the minimum required OpenSSL version from 1.0.2 to 1.1.1.
OpenSSL 1.1.1 is an LTS release, but has reached[^1] EOL from upstream. However, Linux distro/OS vendors
continue to ship OpenSSL 1.1.1, so 1.1.1 was picked as the minimum. The current minimum 1.0.2 reached
EOL in 2018.
Bumping the minimum required OpenSSL version makes it possible for ext-openssl to remove a bunch of
conditional code, and assume that TLS 1.3 (shipped with OpenSSL 1.1.1) will be supported everywhere.
- Debian buster: 1.1.1[^2]
- Ubuntu 20.04: 1.1.1[^3]
- CentOS/RHEL 7: 1.0.2
- RHEL 8/Rocky 8/EL 8: 1.1.1
- Fedora 38: 3.0.9 (`openssl11` provides OpenSSL 1.1 as well)
RHEL/CentOS 7 reaches EOL mid 2024, so for PHP 8.4 scheduled towards the end of this year, we can safely
bump the minimum OpenSSL version.
[^1]: https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/index.html
[^2]: https://packages.debian.org/buster/libssl-dev
[^3]: https://packages.ubuntu.com/focal/libssl-dev
Adds support for "Caseless restricted" matching added in PCRE2lib
10.43 with the "r" modifier.
This is `PCRE2_EXTRA_CASELESS_RESTRICT` in PCRE2. This is an "extra"
option, which means it is not possible to pass this option as
pcre2_compile() function parameter.
This option is passed in a pcre2_set_compile_extra_options() call.
Previously, these extra options are set at php_pcre_init_pcre2(),
but after this change, it is possible to customize the options
by adding bits to `eoptions` in pcre_get_compiled_regex_cache_ex().
The tests for this change are ported from upstream test suite[^1].
[^1]: https://github.com/PCRE2Project/pcre2/commit/c13d54f6581#diff-8c8312e4eb2d35bb16485404b7b5cc0eaef0bca1aa95ff5febf6a1890048305c
- Moved curl_version()['feature_list'] to New Features
- Moved NumberFormatter::ROUND_HALFODD to New Features
- Removed contributor names (this pattern only used in the `NEWS` file)
- Removed "Fixed setAttribute and getAttribute" as it is covered in another change record
Setting the recovery option by using a hardcoded value (1) worked
already for SimpleXML. For DOM, a small change is necessary because
otherwise the recover field overwrites the recovery option.
From a quick search on GitHub [1] it looks like this won't clash with
existing PHP code as no one seems to define (or use) a constant with
such a name.
[1] https://github.com/search?q=LIBXML_RECOVER+language%3APHP&type=code&l=PHP
This never resulted in a working XPath object anyway, as trying to query
or evaluate anything resulted in an "Invalid XPath context" error.
Supporting this is more trouble than it's worth, so just block the clone
operation.
The `phpinfo()` section of the Curl extension lists individual features
supported by the particular ext-Curl + libcurl build. However, the
`curl_version()` function return values do not indicate the same level of
details.
`curl_version()` has a `protocols` key that returns an array of all protocols
supported by the build. But the `features` key is a bitmask of all the features.
Checking the availability of certain feature requires knowing the corresponding
`CURL_VERSION` constant, and checking the availability of the constant and a
bitmask check for it in the `features` value.
For example, to determine HTTP2 support, it requires evaluating:
```php
defined('CURL_VERSION_HTTP2') && (curl_version()['features'] & CURL_VERSION_HTTP2 === CURL_VERSION_HTTP2)
```
To make feature availability checks more intuitive, this adds a new
`feature_list` key to `curl_version()` output array.
With it, checking for individual features availability is easier, and does
not require inspecting the availability of the `CURL_VERSION` constant and
the `features` key.
```php
!empty(curl_version()['feature_list']['HTTP2']);
```
RFC: https://wiki.php.net/rfc/rfc1867-non-post
This function allows populating the $_POST and $_FILES globals for non-post
requests. This avoids manual parsing of RFC1867 requests.
Fixes#55815
Closes GH-11472
Fixed an error in the result due to "pre-rounding" of the round function.
"Pre-rounding" has been abolished and the method of comparing numbers has
been changed.
Closes GH-12268.
Bumps the minimum required libcurl version to 7.61.0.
Please also see #4917, which bumped minimum libcurl version to the current >= 7.29.0.
This bumps the minimum requirement to Curl 7.61.0 (released 2018 Sept).
Ubuntu, Debian, RHEL, and RHEL derivatives have major and LTS version bumps this year. Following are the
libcurl-dev/libcurl-devel versions available in the oldest supported (LTS or otherwise) in major OSs.
- Debian buster: [7.64](https://packages.debian.org/buster/libcurl4-openssl-dev)
- Ubuntu 20.04: [7.68](https://packages.ubuntu.com/focal/libcurl-dev)
- CentOS/RHEL 7: 7.29
- RHEL 8/Rocky 8/EL 8: 7.61
- Fedora 38: 7.87
RHEL/CentOS 7 reaches EOL mid 2024, so for PHP 8.4 scheduled towards the end of this year, we can safely
bump the minimum libcurl version.
7.61.0 was selected as the new minimum because RHEL and derivatives have libcurl-devel version 7.61. RHEL 8 is
a current and supported RHEL version.
* Remove ext/imap — it has been moved to PECL
https://pecl.php.net/package/imap
* Remove files related to IMAP
* Remove IMAP CI files and set up
* Also disable IMAP on Circle CI
* Update CREDITS file
* Remove IMAP entry from CODEOWNERS
* Revert "Remove files related to IMAP"
This reverts commit a05ffd6c97.
* Mark IMAP is being removed
* Revert "Remove IMAP CI files and set up"
This reverts commit 82e5ba9910.
* Revert "Also disable IMAP on Circle CI"
This reverts commit e83827b0b2.
* Don't try to build imap extension with CI
* Restore test setup files
* Remove mention of imap in labeler, EXTENSIONS, and sample php.ini files
It needs to be "object".
This is because first- and third-party extension can register custom
node types using `php_libxml_register_export`. So we don't know upfront
what types can be expected.
This also changes the error to a TypeError everywhere.
The NumberFormatter::ROUND_HALFEVEN constant exists in PHP already, but its counterpart ROUND_HALFODD was missing.
This adds it, using `UNUM_ROUND_HALF_ODD`
Close GH-13191
If no router script is used, the built-in webserver will now look for a fallback
index file recursively in all cases, including URLs with a period.
Fixes GH-12604
Closes GH-12992
Also re-establishing exception throwing on IntlDateFormatter constructor
overwritten by accident most likely so postponing it for next major
release.
Close GH-12868
This is a continuation of commit c2a58ab07d, in which several OOM error
handling was converted to throwing an INVALID_STATE_ERR DOMException.
Some places were missed and they still returned false without an
exception, or threw a PHP_ERR DOMException.
Convert all of these to INVALID_STATE_ERR DOMExceptions. This also
reduces confusion of users going through documentation [1].
Unfortunately, not all node creations are checked for a NULL pointer.
Some places therefore will not do anything if an OOM occurs (well,
except crash).
On the one hand it's nice to handle these OOM cases.
On the other hand, this adds some complexity and it's very unlikely to
happen in the real world. But then again, "unlikely" situations have
caused trouble before. Ideally all cases should be checked.
[1] https://github.com/php/doc-en/issues/1741
mbfl_name2encoding() uses a linear loop through the encodings, comparing
the name one by one, which is very slow. For the benchmark [1] just
looking up the name takes about 50% of run-time.
By using perfect hashing instead, we no longer have to loop over the
list, and the number of string comparisons is reduced to just a single
one. The perfect hashing table is generated using GNU gperf and amended
manually to fit in with mbstring and manually changed to reduce the
cache size.
[1] https://github.com/php/php-src/issues/12684#issuecomment-1813799924
* Split function and use _new variant to avoid redundant checks
* Precompute better array size to avoid rehashing
* Use new function to add into array instead of merging into, preventing temporary memory allocations
* Convert to regex without separate copy + lowering
We're already doing a character-wise loop after lowering, so just lower
it character by character instead of looping over it twice and
allocating memory.
* Use HASH_MAP loop because htab can never be packed
This saves additional checks.
* Move destructor to more sensible place
* Remove now unused browscap_zval_copy_ctor
* Use zend_string_release_ex variant where possible
* Implement dedicated greedy wildcard matching algorithm
This avoids compiling, allocating and caching regexes and should run in
the same complexity.
* Cache previous length instead of repeatedly recomputing it
* Add additional optimization to wildcard * matching
* Move cheap checks to the callsite
The function prologue and epilogue have a stupidly high overhead for
those 2 simple checks at the start.
We can't always-inline the reg_compare function because it contains
alloca, and the alloca is really important for performance.
Instead, move those cheap checks to the call site.
* Use specialised loop to avoid unnecessary conversions and checks
* Optimize counting loop by taking into account the prefix
* Precompute the hash values of known keys
* [ci skip] UPGRADING
* Code style
* Add a note why we have the early-skip checks in the loop
Adding pg_send_flush_request.
Fix freeze after next execute pg_send_* on PQgetResult in _php_pgsql_link_has_results.
Set nonblocking for pipelining mode.
No flush client buffer in pg_send_* for pipelining mode.
Close GH-12644
The datetime stored in the DOS time fields, which is what zip standard
uses, is local time without a timezone. There's an extension to the zip
file format since '97 that allows storing a unix timestamp (in UTC) in
the header for both the central directory and the local entries.
This patch adds support for this.
Closes GH-12548.
Similar to the fast, specialized mb_strcut implementation for UTF-8
in 1f0cf133db, this new implementation of mb_strcut for UTF-16 strings
just examines a few bytes before each cut point.
Even for short strings, the new implementation is around 2x faster.
For strings around 10,000 bytes in length, it comes out about 100-500x
faster in my microbenchmarks.
The new implementation behaves identically to the old one on valid
UTF-16 strings; a fuzzer was used to help verify this.
To get proper errors and sensible behaviour, as the current behaviour is somewhat insane and part of it should be axed ASAP.
The behaviour is mostly intact with some minor BC breaks which are mentioned in UPGRADING.
Co-authored-by: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
The current implementation uses a nested loop (for + goto), which has
complexity O(|s1| * |s2|). If we instead use a lookup table, the
complexity drops to O(|s1| + |s2|).
This is conceptually the same strategy that common C library
implementations such as glibc and musl use.
The variation with a bitvector instead of a table also gives a speed-up,
but the table variation was about 1.34x faster.
On microbenchmarks this easily gave a 5x speedup.
This can bring a 1.4-1.5% performance improvement in the Symfony
benchmark.
Closes GH-12431.
* Define doXInclude for XSLTProcessor, and test the property
This was added in 8d1427dd98, but never defined on the stub.
It was more or less fine when dynamic properties were not deprecated,
but now they throw a deprecation warning. To fix it, define on the stub.
This should also help discoverability of the functionality.
* Define cloneDocument for XSLTProcessor, and test the property
This was introduced in 5c039bbad9, but never defined on the stub.
It was more or less fine when dynamic properties were not deprecated,
but now they throw a deprecation warning. To fix it, define on the stub.
This should also help discoverability of the functionality.
This reimplements the parameter handling. Instead of quoting the strings
manually, adding them to an array, and passing that as input; use the
libxslt API to pass data verbatim to the processor.
This also simplifies the code a lot.
Closes GH-12331.
The XPath query is in accordance to spec [1]. However, we can do it in a
simpler way. We can use a custom callback function instead of a linear
search in XPath to check if a node is visible. Note that comment nodes
are handled internally by libxml2 already, so we do not need to
differentiate between node types. The callback will do an upwards
traversal of the tree until the root of the canonicalization is reached.
In practice this will speed up the application a lot.
[1] https://www.w3.org/TR/2001/REC-xml-c14n-20010315 section 2.1
Closes GH-12278.
This change makes the implementation much easier to understand, by explicitly
handling the various cases.
It fixes rounding for `0.49999999999999994`, because no loss of precision
happens by adding / subtracing `0.5` before turning the result into an integral
float. Instead the fractional parts are explicitly compared.
see GH-12143 (this fixes one of the reported cases)
Closes GH-12159 which was an alternative attempt to fix the rounding issue for
`0.49999999999999994`
This change makes checked and opened file consistent in a way that it is
using real path for stat operation in the same way like it is used for
open.
Closes GH-12067
This changes memory stream to allow seeking past end which makes it the
same as seeking on files. It means the position is allowed to be higher
than the string length. The size only increases if data is appended to
the past position. The space between the previous string and position
is filled with zero bytes.
Fixes GH-9441
Closes GH-12058
There are two linked issues:
- Conflicts couldn't be resolved by changing the prefix name.
- Lacking a prefix would shift the namespace as the default namespace,
causing elements to suddenly become part of the namespace instead of
the attributes.
The output could still be improved by removing redundant namespace
declarations, but that's another issue. At least the output is
correct now.
Closes GH-11777.
This method had some useless logic in it. It checked whether the child
node is a child of its parent, which is always true of course.
But I know where this check comes from, if you follow the spec closely
you'll find that the spec used to have explicit child and parent
arguments for the removal algorithm [1].
That's because that algorithm is written in a generic way, where the
parent and child arguments might not come from the same subtree.
However, in this particular case it *is* always the case that the child
is a child of its parent. The checks weren't needed back then for
DOMChildNode::remove(), and are still not needed today.
[1] e.g. https://web.archive.org/web/20180601092634/https://dom.spec.whatwg.org/#concept-node-remove
This feature has been broken at least since the tracing JIT and inheritance
cache have been introduced. The attempted fix (GH-10798) was too complex. We
have thus decided to remove this feature for now.
Closes GH-11832
These were both listed under "Backward Incompatible Changes", while, as far as I can see, these are "New Features".
Co-authored-by: jrfnl <jrfnl@users.noreply.github.com>
add missing PGSQL functions/constants
Follow up on 10868, which introduced these functions and constants.
add missing PGSQL visibility constants
Follow up on 10935, which introduced these constants.
Close GH-11838
* Add behavioural tests for incdec operators
* Add support to ++/-- for objects castable to _IS_NUMBER
* Add str_increment() function
* Add str_decrement() function
RFC: https://wiki.php.net/rfc/saner-inc-dec-operators
Co-authored-by: Ilija Tovilo <ilija.tovilo@me.com>
Co-authored-by: Arnaud Le Blanc <arnaud.lb@gmail.com>
This is supported in both the CLI and CGI modes. For CLI this required
little changes.
For CGI, the tricky part was that the options parsing happens inside the
loop. This means that options passed after the -l flag were previously
simply ignored. As we now re-enter the loop we would parse the options
again, and if they are handled but don't set the script name, then CGI
will think you want to read from standard in. To keep the same "don't
parse options" behaviour I simply wrapped the options handling inside an
if.
Closes GH-10024.
Closes GH-10710.
* Deprecate warnings in SQLite3, change returned exception class to SQLite3Exception
RFC: https://wiki.php.net/rfc/sqlite3_exceptions
Co-authored-by: Tim Düsterhus <timwolla@googlemail.com>
the old flag check was flawed and would miss some flags, for example:
file(__FILE__, FILE_APPEND);
is invalid, but the old flags error check would miss it: https://3v4l.org/b2W9u
Closes GH-11483
another level of context for pg_last_error/pg_result_error() to include
or not the context in those. PQSHOW_CONTEXT_ERRORS being the default.
Close GH-11395
This adds support for the completed event. Since the read handler could
be entered twice towards the end of the stream we remember what the eof
flag was before reading so we can emit the completed event when the flag
changes to true.
Closes GH-10505.
Fixes GH-11388.
Following https://wiki.php.net/rfc/horizontalreuse which introduced traits,
this should be allowed.
The implementation was refactored in 3f8c729. That commit is the first time
the "final" check appears AFAICT, but no reason was given for why. That
commit seems to have landed in 5.4.11 and the NEWS for that version doesn't
seem to mention something relevant to the behaviour change.
This patch removes the restriction of the final modifier.
Closes GH-11394.
PKCS7_NOOLDMIMETYPE to use Content-Type application/pkcs7-mime
OPENSSL_CMS_OLDMIMETYPE to use Content-Type application/x-pkcs7-mime
SMIME_write_PKCS7 and SMIME_write_CMS are using SMIME_write_ASN1_ex.
The Content-Type application/x-pkcs7-mime is generated with the flag SMIME_OLDMIME (0x400).[^1]
SMIME_write_PKCS7 set SMIME_OLDMIME by default.[^2]
SMIME_write_CMS does not.[^3]
I picked OPENSSL_CMS_OLDMIMETYPE over OPENSSL_CMS_NOOLDMIMETYPE because that's what the flag actually does.
[^1]: 9a2f78e14a/crypto/asn1/asn_mime.c (L248-L251)
[^2]: 9a2f78e14a/crypto/pkcs7/pk7_mime.c (L41-L43)
[^3]: 9a2f78e14a/crypto/cms/cms_io.c (L93)
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
- PGSQL_TRACE_SUPPRESS_TIMESTAMPS.
- PGSQL_TRACE_REGRESS_MODE to have a more verbose and observable
output to check possible regressions.
Close GH-11041
In NEWS, each 'news item' is suffixed with the name of the developer
who implemented the change. When adding entries to UPGRADING, I used
the same format as NEWS, without thinking about it much. However, it
has come to my attention that the standard format for entries in
UPGRADING does not include the developer's name.
We can't increase the refcount of internal classes during request time.
To work around this problem we simply don't refcount aliases anymore and
add a check in the destruction to skip aliases entirely.
There were also some checks which checked for an alias implicitly by
comparing the refcount, these have been replaced by checking the type of
the zval instead.
This fixes the oversight that an anonymous class should be able to be
readonly. Other identifiers such as final and abstract do not make
sense. As we still want nice errors for when users try to use these
modifiers, or use multiple modifiers, we introduce a new function
zend_add_anonymous_class_modifier that will perform verification for
anonymous class modifiers, just like zend_add_class_modifier does for
non-anonymous classes.
Closes GH-10381
The CSPRNG failing should be rare nowadays, but it *might* happen and without
this patch it's hard for the user to find out why the salt generation failed:
The error message is not actionable.
This patch will automatically set the CSPRNG exception to the `$previous`
exception of the ValueError that is thrown, allowing the developer to determine
the cause of the salt generation failure.
Before:
Fatal error: Uncaught ValueError: Unable to generate salt in php-src/test3.php:3
Stack trace:
#0 php-src/test3.php(3): password_hash(Object(SensitiveParameterValue), '2y')
#1 {main}
thrown in php-src/test3.php on line 3
After:
Fatal error: Uncaught Random\RandomException: Cannot open /dev/urandom: No such file or directory in php-src/test3.php:3
Stack trace:
#0 php-src/test3.php(3): password_hash(Object(SensitiveParameterValue), '2y')
#1 {main}
Next ValueError: Unable to generate salt in php-src/test3.php:3
Stack trace:
#0 php-src/test3.php(3): password_hash(Object(SensitiveParameterValue), '2y')
#1 {main}
thrown in php-src/test3.php on line 3