[ci skip] NEWS and UPGRADING

Closes GH-13466.

Fix GH-13603 ext/sockets: properly initialised address info data.

Led to random characters visible on socket id on macOs.

Close GH-13606

Singular DateTime::[get|set]Microsecond & no tentative return type (#13486)

* Singular DateTime::[get|set]Microsecond & no tentative return type

* Added missing getMicrosecond to Da

Singular DateTime::[get|set]Microsecond & no tentative return type (#13486)

* Singular DateTime::[get|set]Microsecond & no tentative return type

* Added missing getMicrosecond to DateTimeInterface

show more ...

[ci skip] NEWS and UPGRADING

[ci skip]

ext/gettext: dcgettext/dcngettext sigabrt on macOs.

the man page states `the locale facet is determined by the category argument, which should be
one of the LC_xxx constants defined

ext/gettext: dcgettext/dcngettext sigabrt on macOs.

the man page states `the locale facet is determined by the category argument, which should be
one of the LC_xxx constants defined in the <locale.h> header, excluding LC_ALL`,
since the 0.22.5 release, sanity checks had been strenghtened leading to
an abort with the Zend/tests/arginfo_zpp_mismatch.phpt test setting the
category to 0 which is LC_ALL on macOs.

close GH-13555

show more ...

NEWS

Fixed handshake response charset. (#13470)

The character set ID included in the handshake data at the time of connection
actually only includes the lower 8 bits of the ID, so if try to

Fixed handshake response charset. (#13470)

The character set ID included in the handshake data at the time of connection
actually only includes the lower 8 bits of the ID, so if try to use this to specify
a character set, the corresponding character set may not exist.

In case of an invalid character set, the default character set is now used
without an error.

Fixes #13452
Closes #13470

show more ...

[skip ci] Fixed NEWS

Added validation of `\n` in $additional_headers of mail()

When $additional_headers of mail() is an array, the same validation as
`\r\n` is now applied to `\n` alone too.

ext/gettext: bind_textdomain_codeset should not accept empty domains.

the man page specifies that for bind_textdomain_codeset, like
bindtextdomain, the domain should not be an empty stri

ext/gettext: bind_textdomain_codeset should not accept empty domains.

the man page specifies that for bind_textdomain_codeset, like
bindtextdomain, the domain should not be an empty string.

close GH-13571

show more ...

Fix GH-11808: Live filesystem modified by tests (security)

There's a test that tries to make /etc world-writable, and asserts that
it fails. Although this test is guarded by a root user

Fix GH-11808: Live filesystem modified by tests (security)

There's a test that tries to make /etc world-writable, and asserts that
it fails. Although this test is guarded by a root user check, there are
situations where you don't need to be root to be able to do this.
This may thus have unwanted effects on your live filesystem.

The simple solution is to remove that part of the test. It doesn't
really add value anyway: we're trying to test the chmod error path, but
that exact same error path can be reached with any failure condition
that the kernel gives. For example, trying to chmod a non-existent file
will trigger the same code path.

While at it, also prefix the test path for the non-existent file such
that we don't accidentally modify the filesystem.

The chroot now has a better root-user check, that will not modify the
filesystem.

Other root-modifying mkdir tests were removed because they added no
value either.

Closes GH-13566.

show more ...

random: Fix unknown `mt_srand()` compatibility for unknown modes (#13544)

PHP 8.1 and below interpreted unknown modes as `MT_RAND_MT19937`, but PHP 8.2+
interprets them as `MT_RAND_PHP`.

random: Fix unknown `mt_srand()` compatibility for unknown modes (#13544)

PHP 8.1 and below interpreted unknown modes as `MT_RAND_MT19937`, but PHP 8.2+
interprets them as `MT_RAND_PHP`.

Align the behavior with PHP 8.1 and below, because folks should be steered
towards the standard mode.

show more ...

Add http_(get|clear)_last_reponse_headers() functions (#12500)

This is to provide an alternative to the $http_response_header magic variable

RFC: https://wiki.php.net/rfc/http-last-

Add http_(get|clear)_last_reponse_headers() functions (#12500)

This is to provide an alternative to the $http_response_header magic variable

RFC: https://wiki.php.net/rfc/http-last-response-headers

show more ...

Revert "Fix GH-13519: PGSQL_CONNECT_FORCE_RENEW with persistent connections."

This reverts commit b9a9790be0657249fa5e6687883b43570b0a3f1f.

Fix GH-13531: Unable to resize SplfixedArray after being unserialized in PHP 8.2.15

When unserializing, the cached_resize field was not reset to -1
correctly, causing the setSize() metho

Fix GH-13531: Unable to resize SplfixedArray after being unserialized in PHP 8.2.15

When unserializing, the cached_resize field was not reset to -1
correctly, causing the setSize() method to think we were inside of a
resize operation.

Closes GH-13543.

show more ...

Fix GH-13517: Multiple test failures when building with --with-expat

The reflection failure is because the XML extension is used to check the
module dependency information, but that exte

Fix GH-13517: Multiple test failures when building with --with-expat

The reflection failure is because the XML extension is used to check the
module dependency information, but that extension can be configured to
not depend on ext/libxml, resulting in a different output. The solution
is to check another extension instead.

The test failures in ext/xml/tests are because of different behaviour
between libxml2 and Expat error handling. These are expected differences
and the solution is to split the tests.

Closes GH-13522.

show more ...

ext/pdo: Fix various PDORow bugs

- Add tests
- NULL derefencing in read_dimension handler
- Fix isset()
- Fix empty() with column numbers as offsets
- Refactoring to use comm

ext/pdo: Fix various PDORow bugs

- Add tests
- NULL derefencing in read_dimension handler
- Fix isset()
- Fix empty() with column numbers as offsets
- Refactoring to use common functions

show more ...

PHP-8.2 is now for PHP 8.2.18-dev

Fix GH-13519: PGSQL_CONNECT_FORCE_RENEW with persistent connections.

persistent connections did not take in account this flag, after the
usual link sanity checks, we remove its entry.

Fix GH-13519: PGSQL_CONNECT_FORCE_RENEW with persistent connections.

persistent connections did not take in account this flag, after the
usual link sanity checks, we remove its entry.

Close GH-13519

show more ...

Fix reference access in dimensions for DOMNodeList and DOMNodeMap

Closes GH-13511.

ext/intl: Refactor ResourceBundle get and dimension access (#13503)

Fix detection of image formats in system gd library

- Use gdFontCacheShutdown() to detect freetype
Currently we look for gdImageStringFT() to determine whether or not gd
has free

Fix detection of image formats in system gd library

- Use gdFontCacheShutdown() to detect freetype
Currently we look for gdImageStringFT() to determine whether or not gd
has freetype support... but that function always exists. This leads
PHP to believe that gd has freetype support when it does not, and can
lead to build failures.

The gdFontCacheShutdown() function, on the other hand, is only present
when gd was built with freetype support. Let's use that instead.

- Fix GD image format detection
We currently check for, say, AVIF support by attempting to link a
program that calls libgd's gdImageCreateFromAvif() function. But
perversely, that function always exists in libgd; moreover when AVIF
support is missing it emits a warning and returns normally. Thus
our straightforward link test becomes not so straightforward.

This commit adds a new macro PHP_GD_CHECK_FORMAT that compiles, links,
and runs a test program instead. The test program overrides that "emit
a warning" handler so that the program actually fails if the format
we're looking for is not supported. This fixes detection of AVIF and
the other formats we check for in an external libgd.

- ext/gd/tests/bug77391.phpt: skip if gd lacks BMP support
I don't actually know how to remove BMP support from libgd, but PHP
has a ./configure test for it, so we should probably treat it as
optional.

Closes GH-12019

show more ...

Add LIBXML_RECOVER (#13504)

Setting the recovery option by using a hardcoded value (1) worked
already for SimpleXML. For DOM, a small change is necessary because
otherwise the recove

Add LIBXML_RECOVER (#13504)

Setting the recovery option by using a hardcoded value (1) worked
already for SimpleXML. For DOM, a small change is necessary because
otherwise the recover field overwrites the recovery option.

From a quick search on GitHub [1] it looks like this won't clash with
existing PHP code as no one seems to define (or use) a constant with
such a name.

[1] https://github.com/search?q=LIBXML_RECOVER+language%3APHP&type=code&l=PHP

show more ...

[ci skip] NEWS and UPGRADING for DOMXPath::quote()

See commit 2f9320c00f.