PHP 6, the next major revision of the popular Web application development language, looms on the horizon and promises many changes. It isn’t yet available as a pre-built package, but you can download and install a development snapshot of PHP 6 now to check out the new features and verify your scripts remain functional. Since it removes some backwards-compatibility features you should test your existing code thoroughly.
To compile, install, and run PHP 6, you must have the GNU make utility, a compiler such as gcc, some additional libraries to power new PHP features, and a Web server. Compiling and installing PHP 6 requires:
- Apache with development headers, such as apache-prefork-dev. The threaded MPM version of Apache is not recommended for use by the PHP group for production use.
- An International Component for Unicode (ICU) library, like libicu-dev
- The XML2 development headers, libxml2-dev
Since PHP 6 removes some backwards compatibility features, your main concern is to make sure that your PHP scripts are up to date before upgrading your system. Following the tips in this section—like discontinuing the use of register_globals and magic_quotes—will not only help you get ready for PHP 6 but will also help you to make your code more secure.
In PHP versions prior to version 6, the register_globals setting allowed you to register “EGPCS” (Environment, GET, POST, Cookie, and Server) variables as global variables. For many reasons, using register_globals is a poor security practice that could lead to cross-site scripting holes. An attacker could populate a variable using a query string parameter (GET) where your script was originally looking for cookie values or POST variables. As a developer, you should be sure where your variables are coming from, whether it’s from a GET or POST method or from a cookie. As of PHP 5.3.0, the register_globals feature is deprecated, and as of PHP 6 it is completely removed.
PHP 6 offers Unicode support for Unicode characters in input, output, processing files, and for PHP scripts themselves. The most common of the Unicode encodings is UTF-8, which is the default encoding for many of the PHP 6 functions.
In addition to function changes, PHP 6 will not support compatibility for the PHP 4 object model. If you have objects in your PHP code, make sure they’re PHP 5 objects. The PHP 4 object model compatibility was only available after 5.0.0 and was removed in PHP 5.3.0, so any object that works in 5.3 later versions will work fine in PHP 6.
More information about installing and configuring the yet not officially released version of PHP 6 you can visit the following link: Get ready for PHP 6 on linux-mag.com.
