Everyone please donate so he doesn't give up!
http://hardened-php.net/donate.45.html
(also: suhosin github page https://github.com/stefanesser/suhosin/issues )
http://stackoverflow.com/questions/568609/why-isnt-suhosin-p...
That was "only" six months ago so it's not forever.
Unless you do not use any third party code and have your own code audited, it's foolish not to run with suhosin.
I'm still trying to get over the naked feeling of running without magic quotes in 5.4 when using third-party code.
Why are people still using this?
One negative aspect of open source is that it prevents failed technologies from disappearing.
yeah. Why? What particular items makes you laugh?
Well, that sucks. And everybody was laughing/bitching/both at MS for dropping support for them with VS 2012.
It comes with well working Apache and IIS bindings by default; the Windows package contains a large number of compiled extensions; a fair set of Windows-specific extensions are enabled by default (including support for COM and .NET interfacing, for instance); command-line PHP (for e.g. Composer or Symfony) works just fine; most if not all posix-ish builtin functions have good Windows implementations.
Also, the built-in HTTP server that was added in PHP 5.4 works just fine on Windows. Really, I have no idea what you're talking about.
That said, I've never looked into whether PHP is as performant or secure on Windows.
With the new breed of popular languages (Ruby, Python, Scala, Clojure etc.) heavily influenced by functional programming, it seems as if the incumbents are desperate to remain relevant by adding comparable features with little consideration for their impact on the language as a whole.
For me, PHP has become (quite some time ago actually) a "kitchen sink" of a language; if another language has it, it's a fair bet that PHP will try to add it at some point in the future.
But is that a problem? I've not seen the fancy new features that PHP added in the last years clash with one another yet.
The only con might be that PHP has become a relatively "big" language. Closures (but weirdly done), references, 2 styles of classes, object literals, namespaces, half-assed reflection with support for magic comments, constants that are slower than variables, some magic functions and methods here and there, half of which have lecacy history. That's a fair lot to take in at once.
But once you've taken it in, it simply allows you to write better PHP code, more productively, than 4 years ago. How can that be bad?
"goto" in PHP is another example of this. I've heard from many people "well, just don't use it!" but... 6 months from now, I'll be handed a codebase that is replete with goto and other stuff that not only do I not use, but the original author didn't really know how to use either.
Adding more features adds more stuff we all have to be aware of, whether or not you use it.
array/string de-referencing will help write less useless lines of code.
Interesting thing to say given that php.net itself runs a development version of PHP.
There are obviously going to be substantially fewer changes between 5.4.8 - 5.4.9 and 5.4.8 - 5.5.0
5.4.9 final will be tagged next week, November 19th and released on Thursday the 22nd.
Changelog:
