PHP 7.2

Initial DCE and SCCP optimizations

Parameter Type Widening class Orig { public function fn(array $arg) { } } class Wider extends Orig { public function fn($arg) { } } In PHP 7.1 you would get: Warning: Declaration of Wider::fn($arg) should be compatible with Orig::fn(array $arg)

Allow trailing commas everywhere // Arrays (already possible) $array = [1, 2, 3,]; // Grouped namepaces use Foo\Bar\{ Foo, Bar, Baz, }; // Function/method arguments (call) fooCall($arg1, $arg2, $arg3,); use Foo\Bar\{ Foo, Bar, Baz, }; class Foo implements // Interface implementations on a class FooInterface, BarInterface, BazInterface, { // Trait implementations on a class use FooTrait, BarTrait, BazTrait, ; // Class member lists const A = 1010, B = 1021, C = 1032, D = 1043, ;

Object typehint function fn(object $obj): object { return json_decode('{}'); } fn("not an object"); Warning: Uncaught TypeError: Argument 1 passed to fn() must be an object, string given, called in php shell code on line 1 and defined in ...

Deprecate unquoted strings echo HELLO; Warning: Use of undefined constant HELLO - assumed 'HELLO' (this will throw an Error in a future version of PHP) in php shell code on line 1

extra headers array arg for mail() and mb_send_mail() $to = 'nobody@example.com'; $subject = 'the subject'; $message = 'hello'; $headers = ['From' => 'webmaster@example.com', 'Reply-To' => 'webmaster@example.com', 'X-Mailer' => 'PHP/' . phpversion() ]; mail($to, $subject, $message, $headers);

Argon2i added to password_hash() $options = [ 'memory_cost' => 2048, 'time_cost' => 10, 'threads' => 2 ]; echo password_hash("rasmuslerdorf", PASSWORD_ARGON2I, $options); $argon2i$v=19$m=2048,t=10,p=2$akUuWkoxRDlMSi5TVGhYLg$j0D1Cl4aR8UMHOGGx5JtZ1BmCApr8RmOJA9qFWm5mz8

Add Sodium Crypto Library // On Alice's computer: $msg = 'This comes from Alice.'; $signed_msg = sodium_crypto_sign($msg, $secret_sign_key); // On Bob's computer: $original_msg = sodium_crypto_sign_open($signed_msg, $alice_sign_publickey); if ($original_msg === false) { throw new Exception("Invalid signature"); } else { echo $original_msg; // Displays "This comes from Alice." } see: https://paragonie.com/book/pecl-libsodium