PHP 4 ChangeLog

Version 4.3.10

14-Dec-2004

Added the %F modifier to *printf to render a non-locale-aware representation of a float with the . as decimal separator.
Fixed a bug in addslashes() handling of the '\0' character.
Backported Marcus' foreach() speedup patch from PHP 5.x.
Fixed potential problems with unserializing invalid serialize data.
Fixed bug #31034 (Problem with non-existing iconv header file).
Fixed bug #31024 (Crash in fgetcsv() with negative length).
Fixed bug #31019 (Logic error mssql library checking).
Fixed bug #30995 (snmp extension does not build with net-snmp 5.2).
Fixed bug #30990 (allow popen() on *NIX to accept 'b' flag).
Fixed bug #30826 (Certain reference relations cannot be unserialized properly).
Fixed bug #30750 (Meaningful error message when upload directory is not accessible).
Fixed bug #30739 (imagefill does not set back alphablending mode).
Fixed bug #30672 (Problem handling exif data in jpeg images at unusual places).
Fixed bug #30658 (Ensure that temporary files created by GD are removed).
Fixed bug #30654 (oci8 persistent connection is deleted from hash if there was exclusive connection with the same credentials).
Fixed bug #30613 (Prevent infinite recursion in url redirection).
Fixed bug #30587 (array_multisort doesn't separate zvals before changing them).
Fixed bug #30475 (curl_getinfo() may crash in some situations).
Fixed bug #30442 (segfault when parsing ?getvariable[][ ).
Fixed bug #30388 (rename across filesystems loses ownership and permission info).
Fixed bug #30282 (segfault when using unknown/unsupported session.save_handler and/or session.serialize_handler).
Fixed bug #30281 (Prevent non-wbmp images from being detected as such).
Fixed bug #30276 (Possible crash in ctype_digit on large numbers).
Fixed bug #30229 (imagerectangle and imagefilledrectangle do work well with alpha channel, corners are drawn twice).
Fixed bug #30224 (Sybase date strings are sometimes not null terminated).
Fixed bug #30133 (get_current_user() crashes on Windows).
Fixed bug #30057 (did not detect IPV6 on FreeBSD 4.1).
Fixed bug #30027 (Possible crash inside ftp_get()).
Fixed bug #29805 (HTTP Authentication Issues).
Fixed bug #29418 (double free when openssl_csr_new fails)..
Fixed bug #28598 (Lost support for MS Symbol fonts).
Fixed bug #28325 (Circular references not properly serialized).
Fixed bug #28228 (NULL decimal separator is not being handled correctly).
Fixed bug #27469 (serialize() objects of incomplete class).

There is a separate announcement available for this release.

Version 4.3.9

22-Sep-2004

GPC input processing fixes.
Implemented periodic PCRE compiled regexp cache cleanup, to avoid memory exhaustion.
Fixed bug with raw_post_data not getting set.
Fixed a file-descriptor leak with phpinfo() and other 'special' URLs.
Rewritten UNIX and Windows install help files.
Updated PCRE to provide better error handling in certain cases.
NSAPI: added "bucket" parameter to list of non-php.ini-keys of php4_execute for doing performance stats without warnings in server-log.
Fixed leap year checking with idate().
Fixed strip_tags() to correctly handle '\0' characters.
Fixed funny forking effect in FastCGI when PHP_FCGI_CHILDREN was not set.
Fixed bug #30050 (Possible crash inside php_shutdown_config()).
Fixed bug #29882 (isset crashes on arrays).
Fixed bug #29753 (mcal_fetch_event() allows 2nd argument to be optional).
Fixed bug #29727 (Added missing CURL authentication directives).
Fixed bug #29719 (fgetcsv() has problem parsing strings ending with escaped enclosures).
Fixed bug #29607 (highlighting code with HEREDOC produces invalid output).
Fixed bug #29599 (domxml_error segfaults another apache module).
Fixed bug #29594 (Use PHP's own tmpfile() implementation).
Fixed bug #29581 (Typo inside php.ini comments for mysql.trace_mode).
Fixed bug #29493 (extract(array, EXTR_REFS) misbehaves with elements referred twice or more times).
Fixed bug #29443 (Sanity check for wbmp detection).
Fixed bug #29369 (Uploaded files with ' or " in their names get their names truncated at those characters).
Fixed bug #29349 (imagecreatefromstring() crashes with external GD library).
Fixed bug #29333 (output_buffering+trans_sess_id can corrupt output).
Fixed bug #29226 (ctype_* functions missing validation of numeric string representations).
Fixed bug #29209 (imap_fetchbody() doesn't check message index).
Fixed bug #29116 (Zend constant warning uses memory after free).
Fixed bug #29114 (Potential double free in php_stat).
Fixed bug #29075 (strnatcmp() incorrectly handles whitespace).
Fixed bug #29049 (array sorting via user function/method does not validate it).
Fixed bug #29038 (extract() with EXTR_PREFIX_SAME prefixes empty strings).
Fixed bug #29034 (wordwrap() returns a boolean when passed empty string).
Fixed bug #28974 (overflow in array_slice(), array_splice(), substr, substr_replace(), strspn(), strcspn()).
Fixed bug #28897 (ibase: -1 returned as -0.000 for 64-bit scaled int).
Fixed bug #28879 (Implicit/Explicit array creation inconsistency when using Resources, Arrays, or Objects as indices).
Fixed bug #28878 (Setting of inikey's in obj.conf fails).
Fixed bug #28868 (Internal wrapper registry not thread safe).
Fixed bug #28818 (Apache 2 sapis do not export st_dev).
Fixed bug #28800 (strings beginning with "inf" improperly converted).
Fixed bug #28723 (Fixed mbstring config.m4 to work on OSes where test command does not support -e parameter).
Fixed bug #28692 (\0 in Authenticate header passed via safe_mode).
Fixed bug #28670 (WWW-Authentication header mangling with PCRE in safe_mode adds extra spaces).
Fixed bug #28668 (glob() does not work with relative paths on Windows).
Fixed bug #28649 (Proper glob() return value on Linux when there are no matches).
Fixed bug #28633 (sprintf incorrectly adding padding to floats).
Fixed bug #28627 (When multiple MySQL links are used default link is leaked).
Fixed bug #28525 (gmp_powm() does not work with hexadecimal string modulo represented as a string).
Fixed bug #28512 (Allocate enough space to store MSSQL data).
Fixed bug #28466 (mbstring_convert_variables() array separation problem).
Fixed bug #28175 (Allow bundled GD to compile against freetype 2.1.2).

There is a separate announcement available for this release.

Version 4.3.8

13-Jul-2004

Fixed strip_tags() to correctly handle '\0' characters. (Stefan)
Improved stability during startup when memory_limit is used. (Stefan)
Replace alloca() with emalloc() for better stack protection. (Ilia)
Added missing safe_mode checks inside ftok and itpc. (Ilia)
Fixed bug #28963 Fixed address allocation routine in IMAP extension. (Ilia)
Fixed bug #28632 Prevent open_basedir bypass via MySQL's LOAD DATA LOCAL. (Ilia)

There is a separate announcement available for this release.

Version 4.3.7

03-Jun-2004

Upgraded bundled GD library to 2.0.23. (Ilia)
Changed user error handler mechanism to relay to built-in error handler if it returns false. (Andrei)
Fixed command line escaping routines for win32. (Ilia)
Fixed problems with *printf() functions and '%f' formatting. (Marcus)
Fixed possible crash inside pg_copy_(to|from) function if delimiter is more then 1 character long. (Ilia)
Fixed crash inside cpdf_place_inline_image() when working with true-color images. (Ilia)
Fixed handling of return values from stored procedures in mssql_execute() with multiple result sets returned. (Frank)
Fixed logic bug in session_register() which allowed registering _SESSION and/or HTTP_SESSION_VARS. (Sara)
Fixed bug #28597 (xmlrpc_encode_request() incorrectly encodes chars in 200-210 range). (fernando dot nemec at folha dot com dot br, Ilia)
Fixed bug #28569 (informix connection id is not thread safe). (novicky at aarongroup dot cz, Ard)
Fixed bug #28564 (Problem building informix as a shared extension). (roques at mti dot ag, Ilia)
Fixed bug #28508 (Do not make hypot() available if not supported by libc). (Ilia)
Fixed bug #28506 (Allow negative start angle in imagearc and imagefilledarc). (Pierre)
Fixed bug #28456 (Problem with enclosed / in uploaded files). (Antony)
Fixed bug #28386 (wordwrap() wraps lines 1 character too soon). (Ilia)
Fixed bug #28374 (Possible unterminated loop inside _php_pgsql_trim_message()). (Ilia)
Fixed bug #28355 (glob() does not return error on Linux when it does not have permission to open the directory). (Ilia)
Fixed bug #28289 (incorrect resolving of relative paths by glob() in windows). (Ilia)
Fixed bug #28229 (run-tests tripped up by spaces in names). (Marcus)
Fixed bug #28228 (number_format() does not allow empty decimal separator). (Ilia)
Fixed bug #28196 (missing error constants in cURL extension). (Ilia)
Fixed bug #28187 (parse_url() not handling embedded IPv6 in URLs). (Sara)
Fixed bug #28175 (build problem for people using FreeType 2.1.0-2.1.2). (Ilia)
Fixed bug #28147 (Crash with drawing anti-aliased lines). (Derick)
Fixed bug #28122 (dba_open db3: Permission denied). (Marcus)
Fixed bug #28112 (sqlite_query() crashing apache on malformed query). (Ilia, Marcus)
Fixed bug #28055 (timeout duration too long in feof()/pfsockopen() liveness checks). (Wez)
Fixed bug #28087 (Do not force mysql.trace_mode to 0 on every request). (Ilia)
Fixed bug #28042 (greek letters in html to entity mapping not correct). (Derick)
Fixed bug #28007 (compile mssql extension with old versions of FreeTDS fails). (Frank)
Fixed bug #27995 (imagefilltoborder() stops the fill process prematurely). (Ilia)
Fixed bug #27810 (don't use php's pemalloc in ext/pcre). (Joe Orton)
Fixed bug #23220 (SSL: fatal protocol error when talking to IIS). (Wez)

There is a separate announcement available for this release.

Version 4.3.6

15-Apr-2004

Updated bundled PDFLib library to version 5.0.3p1 in Windows distribution. (Edin)
Synchronized bundled GD library with GD 2.0.22. (Ilia)
Fixed a crash in multi-threaded environments when a thread is shutdown by the web server. (Stas)
Fixed a bug that prevented building of the GD extension against external GD lib 1.X. (Ilia, Edin, Nick Talbott).
Fixed bug #27963 (Session lifetime setting may leak between requests). (Ilia)
Fixed bug #27849 (configure craps out on trivial syntax error). (Derick)
Fixed bug #27822 (is_resource() returns TRUE for closed resources). (Derick)
Fixed bug #27819 (problems returning reference to a reference parameter). (Ilia)
Fixed bug #27809 (ftp_systype returns null on some ftp servers). (Ilia)
Fixed bug #27802 (default number of children to 8 when PHP_FCGI_CHILDREN is not defined). (Ilia)
Fixed bug #27780 (strtotime(+1 xxx) returns a wrong date/time). (Derick)
Fixed bug #27769 (domxml_xmltree crashes). (Rob)
Fixed bug #27764 (Get return value from a stored procedure not returning any result sets). (Frank)
Fixed bug #27762 (SCO Openserver doesn't have S_ISSOCK). (Wez)
Fixed bug #27743 (Make sure Money types are converted and returned correctly). (Frank)
Fixed bug #27732 (Fixed compilation bug inside php_sab_info.h). (Ilia)
Fixed bug #27731 (error_reporting() inside @ block fails to set error_reporting level). (Ilia)
Fixed bug #27719 (mktime issues on and around DST changeover). (Rasmus)
Fixed bug #27717 (Test Failures when compiled on 64-bit mode). (Ard, Derick)
Fixed bug #27687 (Bug Adding Default Charset to 'text/*' Content-Type Header). (Marcus)
Fixed bug #27663 (compile failure with cURL 7.11.1). (Ilia)
Fixed bug #27646 (Cannot serialize/unserialize non-finite numeric values). (Marcus)
Fixed bug #26757 (session.save_path default is bogus for win32). (Wez)
Fixed bug #26589 (Crash inside mssql extension when selecting many columns of type money). (Frank)
Fixed bug #25547 (error_handler and array index with function call). cschneid at cschneid dot com)

There is a separate announcement available for this release.

Version 4.3.5

26-Mar-2004

Fixed possible crash using an invalid color index with a palette image in imagecolortransparent (Pierre)
Fixed php-cgi to not ignore command-line switches when run in a web context. This fixes our test cases allowing INI with GET sections to work (Rasmus)
Fixed getopt() so it works without $_SERVER (Rasmus, bfrance)
Fixed crash in php_ini_scanned_files() when no additional INI files were actually parsed. (Jon)
Fixed possible crashes inside socket extension, due to missing check inside allocation functions. (Ilia)
Fixed zero bytes memory allocation when no extra ini files are found in the --with-config-file-scan-dir specified directory. (Eric Colinet, Derick)
Changed "allow_url_fopen" php.ini option to be PHP_INI_SYSTEM. (Sara)
Improved the sybase_ct module: (Timm)

Added ability to define a message handler not only globally, but also per connection.
Added "sybct.packet_size" php.ini option.
Changed "sybct.login_timeout" php.ini option changeable at runtime.
Fixed memory leak in sybase_set_message_handler().

Synchronized bundled GD library with GD 2.0.17
Upgraded PCRE library to version 4.5. (Andrei)
Updated bundled PostgreSQL library to version 7.4 in Windows distribution. (Edin)
Added support for --program-prefix and --program-suffix configure options. (Jani)
Added a warning when creating temp stream fails with ftp_(n)list(). (Sara)
Fixed header handler in NSAPI SAPI module (header->replace was ignored, send_default_content_type now sends value from php.ini). (Uwe Schindler)
Fixed bug #27633 (Incorrect EOL translation by ftp_get() in ASCII mode). (Ilia)
Fixed bug #27600 (GCC 3.0.4 does not like __attribute__ directive). (Sascha)
Fixed bug #27590 (crash during shutdown when freeing persistent resources in ZTS mode). (Ilia)
Fixed bug #27582 (possible crashes in imagefilltoborder()). (Pierre)
Fixed bug #27580 (pre-initialization errors in ap2 handler are not being written to vhost error log). (Ilia)
Fixed bug #27559 (Corrected open_basedir resolving logic). (Ilia)
Fixed bug #27530 (broken http auth when safe_mode is on and PCRE is disabled). (Ilia)
Fixed bug #27509 (broken getaddrinfo() causes fsockopen() error). (Sara)
Fixed bug #27505 (htmlentities() does not handle BIG5 correctly). (Ilia, ywliu at hotmail dot com)
Fixed bug #27498 (bogus safe_mode error on nonexistent directories for chdir() and opendir() functions). (Ilia)
Fixed bug #27460 (base64_decode() does not handle extra padding). (Ilia, naish at klanen dot net)
Fixed bug #27443 (defined() returns wrong type). (Derick)
Fixed bug #27437 (wrong freetype include inside GD library). (Ilia)
Fixed bug #27424 (headers missing on flush() in apache 2 SAPIs). (Ilia)
Fixed bug #27421 (mbstring.func_overload should be system ini setting). (Ilia)
Fixed bug #27384 (unpack() misbehaves with 1 char string). (GeorgeS)
Fixed bug #27383 (Potential crash inside fopen_wrapper, while parsing response code). (Ilia)
Fixed bug #27354 (Modulus operator crashes PHP). (Derick)
Fixed bug #27341 (HEAD requests fail to return data). (Ilia)
Fixed bug #27337 (missing sapi_shutdown() in sapi/isapi causes memory leak). (Jani, msisolak at yahoo dot com)
Fixed bug #27328 (ftp extension relies on 32-bit longs). (Sara)
Fixed bug #27300 (Improved regex for pg_convert()). (benjcarson at digitaljunkies dot ca, Ilia)
Fixed bug #27295 (memory leak inside sscanf()). (Ilia)
Fixed bug #27293 (two crashes inside image2wbmp()). (Ilia)
Fixed bug #27291 (get_browser matches browscap.ini patterns incorrectly). (Jay)
Fixed bug #27278 (*printf() functions treat arguments as if passed by reference). (Ilia)
Fixed bug #27238 (iptcparse() function misses some fields). (Pierre)
Fixed bug #27235 (Interbase NUMERIC x.0 field returns empty string on 0). (Ard)
Fixed bug #27196 (Missing content_length initialization in apache 2 sapis). (Ilia, pdoru at kappa dot ro)
Fixed bug #27183 (userland stream wrapper segfaults on stream_write). (Moriyoshi)
Fixed bug #27175 (tzset() is not being called by PHP on startup). (Ilia, sagawa at sohgoh dot net)
Fixed bug #27172 (Possible floating point exception in gmp_powm()). (Ilia)
Fixed bug #27171 (crash inside gmp_hamdist()). (Jani)
Fixed bug #27157 (Compile Failure on Solaris 8). (Timm)
Fixed bug #27149 (broken CLOB support in oci8 extension). (Antony)
Fixed bug #27135 (Possible crash inside mb_strlen()). (Moriyoshi)
Fixed bug #27104 (CLI/CGI SAPI module variable name conflict). (Marcus)
Fixed bug #27058 (crash in sybase_connect() with 2 arguments). (Ilia)
Fixed bug #27056 (ints used instead of longs inside some GD functions). (Ilia)
Fixed bug #27040 (passing an array of form-fields to CURLOPT_POSTFIELDS does not work). (Ilia, Jani)
Fixed bug #27037 (fixed possible crash in apache2handler output code). (Ilia)
Fixed bug #27026 (Added "cgi.nph" php.ini option to allow forcing of the 'Status: 200' header that is not normally needed). (Ilia)
Fixed bug #27011 (64bit int/long confusion in preg_match*() functions). (Ilia)
Fixed bug #27007 (missing connection closure when connect fails in pgsql). (Ilia)
Fixed bug #26974 (rename() doesn't check the destination file against safe_mode/open_basedir). (Ilia)
Fixed bug #26973 (*printf() '+' modifier broken). (Jani)
Fixed bug #26969 (--with-openssl=shared build fails). (Jani)
Fixed bug #26968 (Segfault with Interbase module built as shared). (Ard)
Fixed bug #26949 (rand(min,max) always returns min when ZTS enabled). (Jani)
Fixed bug #26937 (Warning in xml.c). (Jani)
Fixed bug #26927 (preg_quote() does not escape \0). (Ilia)
Fixed bug #26923 (ext/imap: pam and crypt libraries missing when build as shared extension). (Jani)
Fixed bug #26909 (crash in imap_mime_header_decode() when no encoding is used). (Ilia)
Fixed bug #26896 (ext/ftp does not work as shared extension). (Jani)
Fixed bug #26892 (ORA-21301 in ocinewcollection() call). (Antony)
Fixed bug #26878 (problem with multiple references to the same variable with different types). (Ilia)
Fixed bug #26864 (pg_(update|delete) ignore PGSQL_DML_EXEC option). (Ilia)
Fixed bug #26862 (ob_flush() followed by output_reset_rewrite_vars() may result in data loss). (Ilia, scottmacvicar at ntlworld dot com)
Fixed bug #26847 (memory leak in mail() when to/subject contain only spaces). (Ilia)
Fixed bug #26814 (When included file has a parse error, terminate script execution). (Ilia)
Fixed bug #26777 (ext/interbase: Let DB handle NULL params). (Ard)
Fixed bug #26772, #26967 (file operations return NULL instead of FALSE). (Wez, Ilia)
Fixed bug #26758 (FastCGI exits immediately with status 255). (Ilia, tcarter at noggin dot com dot au)
Fixed bug #26755 (CLI now overrides php.ini settings and switches off output buffering). (Edin)
Fixed bug #26753 (zend_fetch_list_dtor_id() doesn't check NULL strings). (Jani, Markus dot Lidel at shadowconnect dot com)
Fixed bug #26752 (Silent unterminated loop when length parameter for fgets(), fread() and fgetss() is 0). (Ilia)
Fixed bug #26751 (PHP can't find the MySQL socket on a case sensitive file system). (Derick)
Fixed bug #26703 (Certain characters inside strings incorrectly treated as keywords). (vrana [at] php [dot] net, Ilia)
Fixed bug #26699 (mbstring doesn't identify "binary" as a valid encoding). (nirva-php at ishiboo dot com, Moriyoshi)
Fixed bug #26667 (Added safety checks to ip2long()). (Ilia)
Fixed bug #26653 (open_basedir incorrectly resolved on win32). (Ilia, scottmacvicar at ntlworld dot com)
Fixed bug #26639 (mb_convert_variables() clutters variables beyond the references). (Moriyoshi)
Fixed bug #26635 (fixed look up for fonts in the current directory w/ZTS). (Ilia)
Fixed bug #26625 (pg_convert sets NULL incorrectly for character data types). (Ilia)
Fixed bug #26604 (Apache2 SAPIs implicitly disable Keep-Alive). (Ilia)
Fixed bug #26595 (ext/domxml: XSLT_NAMESPACE undeclared). (Christian)
Fixed bug #26565 (strtotime("this month") resolving to the wrong month). (Jani)
Fixed bug #26564 (ncurses5 has headers in PREFIX/include/ncurses/). (Jani)
Fixed bug #26548 (ext/session: Malformed HTTP dates headers). (Derick)
Fixed bug #26531 (ext/domxml: get_elements_by_tag_name() wildcard fails). (Rob Richards)
Fixed bug #26488 (Missing declaration of CRTSCTS in ext/dio/dio.c). (Jani)
Fixed bug #26467 (flock() does not force the "wouldblock" parameter to be passed by reference). (Wez)
Fixed bug #26463 (Incorrect handling of semicolons after heredoc). (Ilia)
Fixed bug #26462 (phpize + ext/bcmath -> compile error). (Jani)
Fixed bug #26461 (-lssl missing from LIBS). (Jani)
Fixed bug #26458 (var_dump(), var_export(), debug_zval_dump() not binary safe for array keys). (Ilia)
Fixed bug #26447 (--with-openssl=shared causes compile errors). (Jani)
Fixed bug #26446 (domxml_open_file() returns an empty error-Array). (Rob)
Fixed bug #26440 (MFH missing context options). (Ilia)
Fixed bug #26438 (error in thttpd SAPI installation). (Jani)
Fixed bug #26415 (Updated bundled OpenSSL DLLs in the Windows distribution to 0.9.7c). (Edin)
Fixed bug #26407 (Result set fetching broken around transactions). (Timm)
Fixed bug #26391 (parse_url() destroys strings that contain a character in range of \x80-\xff)). (Moriyoshi)
Fixed bug #26384 (crash in domxslt->process()). (Christian)
Fixed bug #26381 (rand() without srand() doesn't work with certain php.ini). (Jani)
Fixed bug #26376 (typo in ext/odbc/config.m4: DBMaker test fails). (Jani)
Fixed bug #26355 (flock() doesn't initialize the wouldblock argument). (Ilia)
Fixed bug #26309 (Fixed argument parsing for imageftbbox()). (Ilia)
Fixed bug #26304 (Unexpected data loss when opening dba file). (Marcus)
Fixed bug #26285 (escapeshellarg() uses wrong quotes on windows). (Ilia)
Fixed bug #26267 (gmp_random() leaks memory and does not produce random numbers). (Jani)
Fixed bug #26253 (ext/tokenizer: build as shared extension fails). (Jani)
Fixed bug #26235 (yp_first/yp_next do not specify correct key length). (Ilia)
Fixed bug #26216 ("getimagesize(): stream does not support seeking" when using remote files). (Marcus)
Fixed bug #26201 (crash in ibase_trans() on invalid link handle). (Ilia)
Fixed bug #26198 (strtotime() handling of M/F Y date format). (Ilia)
Fixed bug #26194 (iconv() not properly defined with libiconv). (Steph, Frank, Moriyoshi)
Fixed bug #26176 (Fixed handling of numeric keys in INI files). (Ilia)
Fixed bug #26168 (shtool availability check in phpize). (robbat2 at gentoo dot org, Ilia)
Fixed bug #26148 (Print the notice before modifying variable on type mismatch). (morten-bugs dot php dot net at afdelingp dot dk, Ilia)
Fixed bug #26128 (mbstring prints out wrong information on phpinfo()). (Moriyoshi)
Fixed bug #26113 (remove leftover local file when ftp_get/ftp_nb_get fails). (Ilia)
Fixed bug #26105 (Compile failure on GCC version 3.0.X). (Ilia)
Fixed bug #26103 (ext/mime_magic causes compile failure in ext/mssql). (Jani)
Fixed bug #26097 (gdImageColorClosestAlpha() returns incorrect results). (sprice at wisc dot edu, Ilia)
Fixed bug #26042 (memory leak if mcrypt_generic_deinit() is not called after every mcrypt_generic_init() call). (Ilia)
Fixed bug #26025 (Segfault on glob() without GLOB_NOCHECK or GLOB_NOMAGIC under *BSD platforms). (Moriyoshi)
Fixed bug #26005 (Random "cannot change the session ini settings" errors). (Jani, jsnajdr at kerio dot com)
Fixed bug #26003 (Make fgetcsv() binary safe). (Ilia, Moriyoshi)
Fixed bug #25963 (PostgreSQL error message include \n characters). (Marcus, Ilia)
Fixed bug #25939 (feof() not working correctly for sockets). (Wez)
Fixed bug #25916 (get_browser() -> PHP Fatal error: Nesting level too deep - recursive dependency?). (Uwe Schindler)
Fixed bug #25794 (Cannot open existing hash db3 file with write" ext/dba). (Marcus)
Fixed bug #25753 (php.ini settings "leak" from vhosts/.htaccess files). (Patch by: rover at tob dot ru)
Fixed bug #25694 (round() and number_format() give inconsistent results). (Ilia)
Fixed bug #25664 (calling ITypeInfo::Invoke with bogus params). (Wez)
Fixed bug #25581 (getimagesize () return incorrect values on bitmap (os2) files). (Marcus)
Fixed bug #25329 (sqlite_create_function with method and reference to $this). (Marcus).
Fixed bug #24773 (unsetting string as array causes a crash). (Sara)
Fixed bug #24773 (Unsetting string offsets crashes PHP). (Moriyoshi, Sara)
Fixed bug #24582 (extensions can't be loaded dynamically in Solaris/iPlanet). (Jani)
Fixed bug #23467 (date('T') outputs incorrect Time Zone). (Jani, scottmacvicar at ntlworld dot com)
Fixed bug #22403 (PHP crashes when executing a sql procedure without parameters). (Timm)
Fixed bug #22127 (Invalid response code when force-cgi-redirect safety mechanism is triggered). (Ilia, scottmacvicar at ntlworld dot com)
Fixed bug #21760 (Use of uninitialized pointer inside php_read()). (Ilia, uce at ftc dot gov)
Fixed bug #21513 (shutdown functions not executed if timed out). (Zeev)
Fixed bug #21070 (ftp_genlist/ANSI-tmpfile() fail w/ some platform). (Sara)

There is a separate announcement available for this release.

Version 4.3.4

03-Nov-2003

Made MCVE extension available on win32. (Jani)
Upgraded bundled libfcgi and made FastCGI support viable on Win32. (Sascha)
Added apache_get_version() function. (Ilia)
Fixed disk_total_space() and disk_free_space() under FreeBSD. (Jon Parise)
Fixed crash bug when non-existing save/serializer handler was used. (Jani)
Fixed memory leak in gethostbynamel() if an error occurs. (Sara)
Fixed FastCGI being unable to bind to a specific IP. (Sascha)
Fixed multibyte regex engine to properly handle ".*" pattern under POSIX compatible mode. (K.Kosako , Moriyoshi)
Fixed bug #25955 (Compile failure on MacOSX 10.3 Panther). (Marko, Dan)
Fixed bug #25923 (mail() modifies the to & subject arguments). (Ilia)
Fixed bug #25922 (Crash in error handler when 5th argument is modified). (Ilia)
Fixed bug #25918 (Possible crash in mime_content_type()). (Ilia)
Fixed bug #25900 (document->get_elements_by_tag_name with default xmlns). (Rob)
Fixed bug #25895 (Incorrect detection of safe_mode limited ini options). (Ilia)
Fixed bug #25888 (Crash of php.exe when xpath_eval of a namespace). (Rob)
Fixed bug #25836 (last key of multi-dimensional array passed via GPC not being escaped when magic_quotes_gpc is on). (Ilia)
Fixed bug #25825 (tzset() was not called to reset libc environment on request shutdown). (Wez)
Fixed bug #25814 (Make flock() return correct value when 3rd argument is used). (Ilia)
Fixed bug #25800 (parse_url() could not parse urls with empty port). (Ilia)
Fixed bug #25780 (ext/session: invalid "session.cookie_lifetime" makes session_start() to crash in win32). (Jani)
Fixed bug #25777 (Do not rtrim() of text fields fetched from mssql). (Ilia)
Fixed bug #25770 (Segfault with PHP and bison 1.875). (eggert@gnu.org, Marcus)
Fixed bug #25764 (ldap_get_option() crashes with unbound ldap link). (Jani)
Fixed bug #25758 (var_export does not escape ' & \ inside array keys). (Ilia)
Fixed bug #25752 (ext/ncurses: ncurses.h instead of curses.h with BSD). (Jani)
Fixed bug #25746 (Do not bail out when unable to chdir original dir on systems with broken getcwd()). (Ilia)
Fixed bug #25745 (ctype functions fail with non-ascii characters). (Moriyoshi)
Fixed bug #25744 (make ZTS build of ext/sybase compile). (Ilia)
Fixed bug #25738 (alloca() related issues on the Darwin platform). (Moriyoshi)
Fixed bug #25708 (extract($GLOBALS, EXTR_REFS) mangles $GLOBALS). (Moriyoshi)
Fixed bug #25707 (html_entity_decode() over-decodes <). (Moriyoshi)
Fixed bug #25703 (openssl configure check failed). (Jani)
Fixed bug #25701 (On flush() set headers_sent in apache2handler). (Ilia)
Fixed bug #25671 (str_replace() corrupts subarrays). (Sara)
Fixed bug #25669 (eregi() with non-ascii characters). (Moriyoshi)
Fixed bug #25665 (var_dump() hangs on Nan and INF). (Ilia)
Fixed bug #25648 (xslt_set_encoding() not detected correctly). (Jani)
Fixed bug #25636 (SNMP Session not closed on success). (Ilia, patch by: nesslage at mwsc dot edu)
Fixed bug #25635 (Make "make tests" to fail due to invalid include_path). (Ilia)
Fixed bug #25604 (HAVE_SNMP_PARSE_OID undefined with phpize build). (Jani)
Fixed bug #25583 (Incorrect handling of paths starting with "/" on win32 inside glob() function). (Ilia)
Fixed bug #25570 (Possible crash in apache2handler when zend_bailout called outside of zend_try {} block). (Ilia)
Fixed bug #25558 (ext/dbase: reverted fix for bug #23463). (Vlad)
Fixed bug #25530 (checkdate() incorrectly handles floats). (Ilia)
Fixed bug #25525 (ldap_explode_dn() crashes when passed invalid dn). (Sara, patch by: mikael dot suvi at trigger dot ee)
Fixed bug #25504 (pcre_match_all() crashes when passed only 2 parameters). (Jani)
Fixed bug #25483 (ext/informix: bogus -469 error from ifx_query()). (Jani, patch by: denisov at kubsu dot ru)
Fixed bug #25463 (ext/cpdf: compile failure with bundled GD)
Fixed bug #25429 (fix copying of stdin using copy() function). (Ilia)
Fixed bug #25424 (ext/informix: lvarchar not supported in win32). (Jani)
Fixed bug #25404 (ext/pgsql: open transactions not closed when script ends). (Marcus)
Fixed bug #25385 (ob_gzhandler(): typo in sapi_add_header_ex() call). (Jani)
Fixed bug #25378 (unserialize() crashes with invalid data). (Jani)
Fixed bug #25372 (sscanf() does not work with %X). (Jani)
Fixed bug #25348 ("make install" fails with --enable-short-tags). (Jani)
Fixed bug #25343 (is_dir() gives warning on FreeBSD). (Jani)
Fixed bug #25333 (Possible body corruption & crash in win32 mail()). (Ilia)
Fixed bug #25316 (Possible infinite loop inside _php_stream_write()). (Ilia)
Fixed bug #25314 (FTP_ASCII mode behaving like binary from Win->Unix). (Sara)
Fixed bug #25308 (php -m crashes when zend extensions are loaded). (Stas)
Fixed bug #25307 (Crash with WDDX serializer). (Sascha, Jani)
Fixed bug #25295 (QNX6: php_ini.c:414: 'alphasort' undeclared). (Jani)
Fixed bug #25294 (ext/ftp: NLST failure leads to crash on exit). (Sara, Rob)
Fixed bug #25293 (Output correct EOL to error_log). (Ilia)
Fixed bug #25239 (ftp_fopen_wrapper not RFC compliant). (Sara)
Fixed bug #25218 ("deflate" compressed pages had a gzip header). (Stefan)
Fixed bug #25211 (image.c compile failure with AIX). (Marcus)
Fixed bug #25166 (WDDX serializer handler missing in win32). (Jani)
Fixed bug #25109 (Possible crash when fetching field names in pgsql). (Ilia)
Fixed bug #25106 (Added more stringent checks on bzopen() mode). (Ilia)
Fixed bug #25070 (unlock session files on win32 before closing them). (Ilia)
Fixed bug #24402 (Compile failure with gettext 0.12.x). (Jani)
Fixed bug #23488 (zlib.output_compression overrides Vary header). (Stefan)
Fixed bug #23326 (ext/domxml: Attributes via append_child not supported). (Melvyn)
Fixed bug #21220 (Wrong Apache version shown in phpinfo() output). (Jani)
Fixed bug #18534 (ifx_close() leaves open session). (nobbie@php.net)
Fixed bug #14049 (realpath() returns invalid results for non-existent paths). (Ilia)

There is a separate announcement available for this release.

Version 4.3.3

25-Aug-2003

Synchronized bundled GD library with GD 2.0.15. (Ilia)
Upgraded the bundled Expat library to version 1.95.6. (Jani)
Upgraded the bundled PCRE library to version 4.3. (Andrei)
Improved the engine to use POSIX/socket IO where feasible. (Sascha)
Improved the NSAPI SAPI module (Uwe Schindler)
- php4_init (magnus.conf): new parameter to set alternate path to php.ini. (php_ini="/path/to/php.ini")
- php4_execute (obj.conf): support for additional php.ini values. Allows different settings per virtual server. (See sapi/nsapi/nsapi-readme.txt for more information)
- Added support for virtual().
- Added nsapi_request_headers() and nsapi_response_headers() with aliases for apache compatibility.
- Added "nsapi.read_timeout" php.ini option.
- Synced $_SERVER variables to be similar to Apache variables.
- Added possibility to use PHP to generate HTTP error pages (404 Not Found..)
- Added possibility to use PHP to generate directory listings for directories without index.html
Improved the IMAP extension (Ilia)
- Added imap_timeout() function. (bug #24161)
- Added optional 'charset' parameter to imap_search() and imap_sort(). (bug #22505)
Improved the InterBase extension (Daniela)
- Added transaction constants: IBASE_REC_VERSION, IBASE_REC_NO_VERSION, IBASE_WRITE, IBASE_WAIT and IBASE_CONCURRENCY. (bugs #8797, #23887)
- Made numeric/decimal datatype handling work on any platform.
Added DBA handler 'inifile' to support ini files. (Marcus)
Added a "DEBUG" note to 'php -v' output when --enable-debug is used. (Derick)
Added long options into CLI & CGI (e.g. --version). (Marcus)
Added a new parameter to preg_match*() that can be used to specify the starting offset in the subject string to match from. (Andrei)
Fixed possible integer overflows in:
- base64_encode(). (Moriyoshi)
- bundled GD library. (Ilia)
Fixed "mysql.connect_timeout" php.ini option to be settable with ini_set(). (Rasmus)
Fixed ext/yaz to not log if "yaz.log_file" php.ini option is not set. (Adam)
Fixed a bug in bundled libmysql (mysql bug 564). (Georg)
Fixed ext/exif to honor "magic_quotes_runtime" php.ini option. (Marcus)
Fixed FastCGI IIS document root problem. (Shane)
Fixed corruption of multibyte character including 0x5c as second byte in multipart/form-data. (Rui)
Fixed possible crash in imagerotate() when an invalid color index is used for background color. (Pierre-Alain Joye)
Fixed a bug that under certain circumstances could invalidate safe_mode. (Ilia)
Fixed certificate version and allowed setting of the serial number in openssl_csr_sign(). (Stefan Roehrich)
Fixed each() to be binary safe for keys. (Zeev)
Fixed bug #25093 (Various leaks due to non-freed queries). (Ilia)
Fixed bug #25084 (Make refer check not dependant on register_globals). (Ilia)
Fixed bug #25081 (odbc_fetch_array() may mangle numeric fields). (Ilia)
Fixed bug #25044 (header("Location:") changing HTTP status). (Marcus)
Fixed bug #25037 (Possible infinite loop inside SendText()). (Ilia)
Fixed bug #25007 (rand() & mt_rand() seed RNG every call). (Jani)
Fixed bug #24989 (external libexpat conflicts with bundled libexpat). (Jani)
Fixed bug #24980 (array_reduce() uses first element as default running total). (Ilia)
Fixed bug #24977 (Revert mysql_select_db optimization). (Ilia)
Fixed bug #24958 (Incorrect handling of 404s). (Ilia, Justin)
Fixed bug #24951 (ob_flush() needlessly destroys output handler). (Ilia)
Fixed bug #24936 (ext/fdf not linked properly as shared extension). (Jani)
Fixed bug #24909 (Bad random numbers with ZTS builds on Solaris). (Ilia)
Fixed bug #24897 (inconsistent behavior of shuffle() & array_multisort()). (Ilia, Jani)
Fixed bug #24883 (variables_order and gpc_order being ignored). (Ilia)
Fixed bug #24873 (incorrect handling of / inside open_basedir). (Ilia)
Fixed bug #24871 (methods misidentified as constructors). (Ilia)
Fixed bug #24827 (ob_gzhandler overrides Vary header). (Ilia)
Fixed bug #24792 (--enable-zend-multibyte causes random segfaults with ZTS). (fujimoto)
Fixed bug #24783 (foreach($ar as $key => $val), $key not binary safe). (Zeev)
Fixed bug #24760 (non-default SNMP port number not working). (Jani)
Fixed bug #24752 (Unhandled "uniqueidentifier" field type). (Ilia, s.sonnenberg[at]coolspot.de)
Fixed bug #24710 (Crash when $obj->{0} is used). (Zeev)
Fixed bug #24663 (\n. sequences were not being escaped). (Ilia)
Fixed bug #24640 (var_export() and var_dump() can not output large floats). (Marcus)
Fixed bug #24629 (FreeBSD select() does not like large microseconds values). (Mirco Bauer).
Fixed bug #24609 (ext/domxml: segfault when using replace node across different docs). (Rob Richards)
Fixed bug #24594 (Rewrite of the imagefill() function). (Pierre-Alain Joye)
Fixed bug #24592 (NULL related crash in session extension). (Sascha)
Fixed bug #24573 (debug_backtrace() crashes if $this set to null). (Jani)
Fixed bug #24560 (parse_url() incorrectly handling certain file:// based schemas). (Ilia)
Fixed bug #24557 (make fclose() respect refcount on the resource). (Wez, Ilia)
Fixed bug #24537 (apache2 compile misses some include directories). (Jani)
Fixed bug #24535 (ext/mysql: crash when retrieving data from unbuffered result after the original connection has been changed). (Ilia)
Fixed bug #24519 (aggregate_methods_by_list() does not increment refcount).
Fixed bug #24313 (file_exists() warning on non-existent files when open_basedir is used). (Ilia)
Fixed bug #24312 (base64_decode() does not skip 0xF0-0xFF characters). (gereon.steffens[at]onvista.de, Ilia)
Fixed bug #24284 (Fixed memory leak inside pg_ping()). (Ilia)
Fixed bug #24249 (fdf_add_doc_javascript() not available on Windows). (Edin)
Fixed bug #24224 (ibase_blob_get() overflow). (Ard)
Fixed bug #24223 (missing variable initialization in bundled gd). (Ilia)
Fixed bug #24220 (range() didn't handle numeric strings correctly). (Ilia)
Fixed bug #24210 (not detecting assume_default_colors - typo). (Sara)
Fixed bug #24198 (Invalid recursion detection in array_merge_recurcive()). (Ilia)
Fixed bug #24177 (Status not set correctly after flush() in Apache 2). (Ilia)
Fixed bug #24155 (gdImageRotate270 incorrectly use x parameter for y axis). (tom@gksystems.com, Ilia)
Fixed bug #24150 (crash in imap_fetch_overview() & imap_rfc822_write_address()). (Ilia)
Fixed bug #24142 (workaround for a gcc bug affecting round()). (Marcus, Ilia)
Fixed bug #24063 (serialize() missing 0 after the . on scientific notation). (Marcus, Ilia)
Fixed bug #24063 (scientific notation broken in *printf()). (Ilia)
Fixed bug #24060 (ncurses_del_panel() causes segfault). (Georg)
Fixed bug #24054 (Integer overflow failure with GCC/x86 for *=). (Sascha)
Fixed bug #24028 (Reading raw post message by php://input failed). (Jani)
Fixed bug #24009 (FastCGI handling of file not found). (Shane)
Fixed bug #24007 (Problem with register_globals & arrays). (Ilia)
Fixed bug #23951 (constants in static initializers clobbered by inheritance). (Wez, Zend Engine)
Fixed bug #23936 (ext/interbase: fail to select and fetch). (Ard)
Fixed bug #23913 (make rename() work across partitions on *nix). (Ilia)
Fixed bug #23912 (Invalid CSS in phpinfo() output). (Ilia)
Fixed bug #23902 (NULL in CGI header output). (Shane)
Fixed bug #23898 (Proper handling of NULLs in odbc_result, odbc_fetch_into and odbc_result_all). (Ilia)
Fixed bug #23897 (Fixed a check for mbfilter_ru.h). (aleks@m2media.ru, Ilia)
Fixed bug #23894 (sprintf() decimal specifiers problem). (Moriyoshi)
Fixed bug #23888 (Missing input validation for flags parameter). (Ilia)
Fixed bug #23808 (broken imagecopymerge()). (Pierre-Alain Joye)
Fixed bug #23798 (Spaces were not being stripped from Bcc header). (Ilia)
Fixed bug #23792 (imagerotate() problems with limited pallet, the function will always return true color image from now on). (Pierre-Alain Joye)
Fixed bug #23779 (mysql_connect(): disable local infile option if php.ini option "open_basedir" is set). (Georg)
Fixed bug #23769 (In FreeBSD glob() gives wrong result when pattern not found). (Hartmut)
Fixed bug #23733 (Coredump on startup with Oracle 9+). (Edin)
Fixed bug #23685 (fake values returned when OID value is an empty string). (Jani)
Fixed bug #23664 (FastCGI socket listening). (Shane)
Fixed bug #23509 (exit code lost when exit() called from register_shutdown_function()). (Ilia)
Fixed bug #23463 (added Dbase2 version check). (Vlad Krupin)
Fixed bug #23285 (Potential Stack overflow in zendlex). (Wez)
Fixed bug #23104 (hash position of static arrays not being reset). (Ilia)
Fixed bug #23038, #23574 (aggregate() related leaks and crashes). (Andrei)
Fixed bug #22947 (Ack() inside win32/sendmail.c may stall in certain situations). (Ilia)
Fixed bug #22690 (ob_start() did not work with create_function() callbacks). (Marcus)
Fixed bug #22592 (Cascading assignments to strings with curly braces broken). (Stas)
Fixed bug #22245 (References inside $_SESSION not being handled). (Ilia)
Fixed bug #22154 (Possible crash when memory_limit is reached and output buffering in addition to session.use_trans_sid is used). (Ilia)
Fixed bug #22072 (Apache2 sapis do not detect aborted connections). (Ilia)
Fixed bug #21958 (workaround for unusual realpath() on AIX & Tru64). (Ilia)
Fixed bug #21957 (serialize() mangles objects with __sleep). (Ilia)
Fixed bug #21918 (strange behavior of mixed type in array-keys). (Marcus)
Fixed bug #21855 (Threading issue on HP-UX). (Roshan Naik, Andi, Moriyoshi)
Fixed bug #21611 (version_compare() does not support "p" as suffix). (Stefan Walk)
Fixed bug #21074 (Apache2: "ErrorDocument xxx /error.php" broken). (Jani)
Fixed bug #20896 (-s -w modes with php-cli cause php to hang). (Ilia)
Fixed bug #19613 (putenv("VAR=") does not empty VAR on win32). (Zeev)
Fixed bug #18744 (blob_add() has max limit of 64k). (Ard)
Fixed bug #18291 (escapeshellcmd() can now handle quoted arguments). (Ilia)
Fixed bug #17414 (pthreads bug workaround). (timo.teras[at]iki.fi)
Fixed bug #13142 (strtotime not handling "M d H:i:s Y" format). (Ilia)
Fixed bug #11924 (ibase_query(), ibase_execute() mangled passed parameters). (Jani)
Fixed bug #7014 (crash in _php_ibase_error() after request shutdown). (Ard)

More information on this release on our Releases page.

Version 4.3.2

29-May-2003

Syncronized bundled GD library with GD 2.0.12. (Ilia)
Removed support for GDLIB version 1.x.x (php_gd.dll) on Windows. (Edin)
Enabled read-only GIF support in the bundled GDLIB (php_gd2.dll) on Windows. (Sebastian, Edin)
Improved dba extension (Marcus)
- Added support for internal error handling of Berkeley db libraries.
- Disallowed Berkeley db versions 4.1.0 to 4.1.24 due to locking problems.
- Disallowed linkage of Berkeley db submodules against libraries with different major versions.
- Disallowed configuring of more than one Berkeley db handler.
- Reenabled dba_popen() with new persistent STDIO streams.
Added a new Apache 2.0 SAPI module (sapi/apache2handler) based on the old version (sapi/apache2filter). (Ian Holsman, Justin Erenkrantz)
Added "disable_classes" php.ini option to allow administrators to disable certain classes for security reasons. (Harald)
Added man page for CLI version of PHP. (Marcus)
Added --clean option into phpize. (Jani)
Added --ldflags option into php-config. (Jani)
Added imagesavealpha() and imageistruecolor() functions. (Pierre)
Added XBM support for bundled GD library. (Marcus)
Added session_regenerate_id() function. (Sascha)
Added zlib_get_coding_type() function which returns the coding type used for output compression. (Moriyoshi)
Added OCIPasswordChange() which allows renewing expired Oracle users. (Maxim)
Added memory_get_usage(). Only available when PHP is configured with --enable-memory-limit. (Andrey)
Added improved JPEG 2000 support for getimagesize(). (Marcus, Adam Wright)
Added XBM and WBMP support for getimagesize(). (Marcus)
Added KOI8-R, CP866, and CP1251 support for htmlentities(). (Antony Dovgal, Moriyoshi)
Added domdocument->free() to free XML-documents from memory. (Rob Richards)
Fixed a bug in error reporting with the CLI for start-up errors. (Derick)
Fixed spurious fsync calls during socket communication. (Sascha)
Fixed a possible vhost issue in thttpd. (Sascha, dgl@dgl.cx)
Fixed including from HTTP URLs. (Sascha)
Fixed a lot of memory leaks in domxml. (Rob Richards, Chregu)
Fixed a bug in GD's truecolor TTF handling. (Derick)
Fixed several 64-bit problems. (Dave)
Fixed several errors in hwapi extension. Objects weren't handled properly. (Uwe)
Fixed bug #23788 (str|preg_replace() clobber the array elements). (Ilia)
Fixed bug #23765 (file uploads ignored due to case sensitivity). (Sara)
Fixed bug #23738 (ifx_copy_blob() crash). (Jani)
Fixed bug #23661 (mysql_fetch_array() gives no warning when an invalid argument was passed as result_type). (Derick)
Fixed bug #23619 (set_error_handler() registered handler not called for object instances). (Jani, waboring@qualys.com)
Fixed bug #23606 (Unable to build --with-db4 (db4.1.25)). (Marcus)
Fixed bug #23567 (pfsockopen() returns dead connections). (Wez)
Fixed bug #23539 (curl_exec() produces strange results). (daniel@haxx.se)
Fixed bug #23527 (PostScript Type 1 fonts do not render properly). (nid@home.se, Ilia)
Fixed bug #23402 (crash with improper use of mssql_bind()). (Frank)
Fixed bug #23371 (configure falsely detects c-client using SSL). (Jani)
Fixed bug #23340 (fopen on multiple URLs causes memory corruption). (Wez)
Fixed bug #23298 (serialize cuts off floats & doubles). (Ilia, Marcus)
Fixed bug #23232 (safe_mode does not honor PHP_AUTH_* in apache2). (Ilia)
Fixed bug #23225 (money_format() didn't handle erroneous return of strfmon). (Ilia, marcot@tabini.ca)
Fixed bug #23201 (set_file_buffer() crashes with stdio streams). (Ilia)
Fixed bug #23188 (CDB databases created with 'c' mode do not work). (Marcus)
Fixed bug #23187 (memory leaks in sybase_connect/sybase_pconnect). (Ilia)
Fixed bug #23162 (user_error() crashs if error message > 1024 bytes). (Jay, Marcus, Moriyoshi)
Fixed bug #23152 ($http_response_header empty on invalid URLs). (Ilia)
Fixed bug #23102 (integer overflow in exif_iif_add_value()). (Ilia)
Fixed bug #23099 (ext/interbase: libgds.so: undefined reference to 'crypt'). (Jani)
Fixed bug #23093 (highlight_string() crashed with __FUNCTION__). (Jani)
Fixed bug #23080 (socket_strerror() crashes on win32). (Moriyoshi)
Fixed bug #23071 (when DST in effect, date("T") crashed PHP). (Scott MacVicar, Jani)
Fixed bug #23069 (tempnam creates readonly file [win32]). (Wez)
Fixed bug #23009 (pg_select with timestamp). (Marcus, Jay)
Fixed bug #23008 (ldap_start_tls() not available on Windows). (Edin)
Fixed bug #23004 (When ftp_close() is called, send QUIT to the ftp server). (Ilia)
Fixed bug #22989 (sendmail not found by configure). (igyu@ionsphere.org)
Fixed bug #22987 (missing perror() check in configure). (Jani)
Fixed bug #22965 (Crash in gd lib's ImageFillToBorder()). (Ilia)
Fixed bug #22939 (crash in imap_header_info()). (Ilia)
Fixed bug #22844 (Changing bool value via -d or ini_set(), On would be Off). (Ilia)
Fixed bug #22786 (Crash when trying to call DomAttribute's set_namespace method). (Chregu)
Fixed bug #22775 (Fatal errors exit with status 0 with CGI/CLI). (Jani)
Fixed bug #22774 (PHP crashes when exiting (long XML doc)). (Rob Richards)
Fixed bug #22751 (Compile error in gdcache.c when external libgd is used). (Jani)
Fixed bug #22721 (Poor file() performance on systems without mmap). (Wez)
Fixed bug #22709 (Crash in interbase when database unavailable). (Vladimir Michl)
Fixed bug #22681 (Crash when reading from invalid file pointer). (Ilia)
Fixed bug #22672 (User not logged under Apache2). (Ian)
Fixed bug #22616 (Wrong order of -lssl and -lcrypto with IMAP). (Jani)
Fixed bug #22613 (imagettfbox() does not add the kerning distance to the running position). (Ilia)
Fixed bug #22585 (Do not terminate the script on minor errors). (Ilia)
Fixed bug #22550 (overflow protection for upload_max_filesize ini option). (Ilia)
Fixed bug #22544 (writing transparency to truecolor png images). (Ilia)
Fixed bug #22538 (failed stat on stdio/stdin/stderr streams). (Wez, Ilia)
Fixed bug #22530 (append_child does not unlink node). (Chregu)
Fixed bug #22520 (mcrypt_generic_deinit() was not available on Windows). (Edin)
Fixed bug #22508 (Added protection against circular HTML redirects). (Ilia)
Fixed bug #22473 (ISAPI Secure Server variables not available). (Christian Swoboda)
Fixed bug #22402 (opening of ftp for read/write could fail due to invalid return code handling). (Ilia)
Fixed bug #22384 (FNM_CASEFOLD is not available). (Hartmut)
Fixed bug #22382 (fgetcsv() did not handle \" correctly). (Ilia)
Fixed bug #22376 (wrong httpd.conf modified when using INSTALL_ROOT). (Jani)
Fixed bug #22363 (combinations of fwrite(), fread() and fseek() produce unexpected results). (Wez)
Fixed bug #22355 (PHP would remove folding from Subject & To fields). (Ilia)
Fixed bug #22330 (overloaded strrpos() gives wrong results). (david@santinoli.com, Moriyoshi)
Fixed bug #22312 (crash on failed connection when curl_getinfo() was called). (Phil Oleson <poleson@verio.net>)
Fixed bug #22308 (optimized passthru, code is now ~40 times faster). (Ilia)
Fixed bug #22306 (pg_lo_seek($h, 0, PGSQL_SEEK_SET) succeeds but returns false). (Jani)
Fixed bug #22301 (htmlspecialchars() crashes Apache on Tru64). (Ilia)
Fixed bug #22299 (gethostbyname() with non-existing domain crashed on MacOSX). (Jani)
Fixed bug #22283 (possible crash when opening relative URLs). (Ilia)
Fixed bug #22238 (stream_select() clobbers fifos under win9x). (Wez)
Fixed bug #22234 (copy() fails if source file has 0 length). (Moriyoshi)
Fixed bug #22227 (printf() field limiters broke between 4.2.3 and 4.3.0). (Moriyoshi)
Fixed bug #22224 (implode() changes object references in array). (Moriyoshi)
Fixed bug #22221 (bad rows count in the result object for postgresql). (Marc)
Fixed bug #22207 (e notation in *printf would be missing a 0 when there is no exponent). (Ilia)
Fixed bug #22220 ("php_admin_value open_basedir none" does not work). (Jani)
Fixed bug #22191 (frontbase build broken with old version of frontbase). (Ilia)
Fixed bug #22187 (spprintf function did not handle floats correctly). (Ilia)
Fixed bug #22149 (incorrect insertion of session id when tabs are used to separate tag elements). (Ilia)
Fixed bug #22141 (removed undocumented Boyer str_replace() method). (Sara)
Fixed bug #22103 (Added gdImageEllipse and replaced old gdImageFilledEllipse with a better implementation). (Pierre)
Fixed bug #22088 (array_shift() left next index to be +1 too much). (Jani)
Fixed bug #22083 (MySQL charset directory problem on Windows). (Edin)
Fixed bug #22059 (ftp_chdir() causes segfault). (Sara)
Fixed bug #22048 (crash in imap_header() when the e-mail contains an abnormally large number of special characters). (Ilia)
Fixed bug #22042 (pg_result_seek() would never seek to the 1st row in the result due to always seeking to row next to the one requested). (Ilia)
Fixed bug #22031 (Made curl_write() & curl_write_header() binary safe). (Ilia)
Fixed bug #22022 (Crash in imap_mail_compose() if the body is an empty array). (Ilia)
Fixed bug #22017 (date() does not support negative timestamps on win32). (Ilia)
Fixed bug #22008 (strip_tags() eliminates too much). (Moriyoshi)
Fixed bug #22004 (Overload extension and _call() breaks classes). (Shane)
Fixed bug #21998 (array_pop() did not reset the current array position). (Jani)
Fixed bug #21978, #21036 (win32 mail(), bcc: gets interpreted as cc:). (Sara)
Fixed bug #21885 (move_uploaded_file() does not ignore open_basedir). (Wez)
Fixed bug #21820 ("$arr['foo']" generates bogus E_NOTICE, should be E_PARSE). (Jani)
Fixed bug #21815 (fpassthru() ignored buffered data but complained anyway). (Wez)
Fixed bug #21809 (select would not always timeout during socket shutdown). (Wez)
Fixed bug #21751 (default output buffer could not be deleted). (Marcus)
Fixed bug #21725 (return behaviour differs between include and require). (Zeev)
Fixed bug #21713 (include remote files leaks descriptors on Solaris). (Wez)
Fixed bug #21708 (ucwords() trouble again). (Moriyoshi)
Fixed bug #21689 (fgetcsv() suppresses some characters before a separator). (Masahiro, Moriyoshi)
Fixed bug #21912, #21676 (getimagesize() failed for remote files). (Wez)
Fixed bug #21597 (made glob() understand Windows paths). (Edin)
Fixed bug #21549 (problem with Ingres II persistent connections). (Jani)
Fixed bug #21544 (Extended checks for where FreeTDS is installed). (Frank)
Fixed bug #21534 (typo in gmp_gcdext() causes incorrect results). (Sara)
Fixed bug #21531 (file_exists() and other filestat functions report errors when the requested file/directory does not exists). (Sara)
Fixed bug #21529 (memory corruption by fsockopen()). (Ilia)
Fixed bug #21525 (bind_textdomain_codeset() now available on Windows). (Edin)
Fixed bug #21523 (number_format() could cause a memory allocation for a negative memory size in situations where the sprintf implementation of the host system generated less decimal places than were requested). (Wez)
Fixed bug #21518 (imagecreatefromstring() crashed with invalid image files). (Ilia)
Fixed bug #21511 (config.status warning). (Jani)
Fixed bug #21498 (mysql_pconnect connection problems). (Georg)
Fixed bug #21453 (improper handling of non-terminated < by strip_tags()). (Ilia)
Fixed bug #21445 (gd unable to open fonts). (Ilia)
Fixed bug #21443 (improper handling of ? surrounded by spaces in get_browser()). (Ilia)
Fixed bug #21442 (crash in mail() on Windows when 1st parameter is empty). (Edin)
Fixed bug #21410 (fixed handling of NULL or "" files on Win32). (Ilia)
Fixed bug #21378 (COM code crashes after update 4.2.1 to 4.3.0). (Harald)
Fixed bug #21338 (html_entity_decode() crashed when "" is passed). (Ilia)
Fixed bug #21310 (Solaris has issues with getcwd() needing read permissions on directories instead of just execute). (Wez, jflemer)
Fixed bug #21297 (in CLI/CGI on the #! it would leave a \n when the code encounters \r\n). (Ilia)
Fixed bug #21268 (session_decode() returned FALSE on success). (Ilia)
Fixed bug #21267 (opening URLs that result in redirection to a relative path was failing). (Ilia)
Fixed bug #21229 (missing 3rd argument to php_module_startup). (Ilia)
Fixed bug #21228 (broken check for ob_gzhandler and made ob_start() return the correct value). (Ilia)
Fixed bug #21226 (parse_url handling of urls without a path). (Ilia)
Fixed bug #21224 (apache configure fails when using --enable-versioning). (Jani)
Fixed bug #21169 (Compile Failure and lots of warnings on UnixWare). (Derick)
Fixed bug #21131 (fopen() with mode 'a+' and rewind() doesn't work). (Wez)
Fixed bug #21007 (html_errors off text-only output in phpinfo). (Marcus)
Fixed bug #20857 (snmpset() failed always, patch by: rs@epost.de). (Jani)
Fixed bug #20802 (PHP would die silently when memory limit reached). (Ilia)
Fixed bug #20715 (odbc could not be compiled as shared extension). (Jani)
Fixed bug #20641 (Numeric/decimal datatype overflow in ext/interbase on Win32). (Daniela)
Fixed bug #20503 (imagesetbrush() not available on Windows). (Edin)
Fixed bug #20282 (COM memory leak). (Harald)
Fixed bug #20256 (snprintf() not defined on some systems). (Jani)
Fixed bug #19919 (crash in sapi_apache_header_handler under heavy load). (George)
Fixed bug #19795 (Problems with strnatcmp() / strnatcasecmp()). (Moriyoshi)
Fixed bug #17868 (multiple  used to include PHP files crashes). (Ilia)
Fixed bug #17448 (Print the message when OCI_SUCCESS_WITH_INFO is returned). (Maxim)
Fixed bug #17098 (make Apache2 aware that PHP scripts should not be cached). (Ilia)
Fixed bug #16798 (Compile failure with LOB support for Oracle version < 8.1). (Maxim)
Fixed bug #14532 (fixed connection_status() to return 2 for timeouts). (Jani)
Fixed bug #14245 ('make install' fails on AIX when using --with-apxs). (Jani)
Fixed bug #13757 (CGI: passing query string on command line broken). (Shane)
Fixed bug #13561 (--without-pear disabled phpize/php-config install). (Jani)
Fixed bug #13551 (bcmath functions applying scale incorrectly). (Sara)

More information on this release on our Releases page.

Version 4.3.1

17-Feb-2003

Fixed serious security vulnerability in CGI SAPI. (Shane)

More information on this release on our Releases page.

Version 4.3.0

27-Dec-2002

If you don't specify building any other SAPI "make install" will install the CGI SAPI binary in {PREFIX}/bin/php. If you want to install CLI SAPI in that location use "make install-cli" after "make install" or add --disable-cgi to your configure options. In the Windows distribution CLI SAPI is included in the "cli" folder. (Edin)
Removed extensions: (Jan, Jani, Sebastian)
- ext/aspell
- ext/ccvs
- ext/cybercash
- ext/icap
- sapi/fastcgi
- sapi/fhttpd
Moved extensions to PECL (http://pear.php.net/): (James, Derick)
- ext/vpopmail
- ext/cybermut
Make PHP_AUTH_* variables not available in safe mode under Apache when an external basic auth mechanism is used. (Philip)
Added sha1() and sha1_file() for US Secure Hash Algorithm 1. (Stefan Esser)
Aliased dba_popen() to dba_open() until 4.3.2 when persistent STDIO streams are introduced. (Andrei)
Fixed a security bug in the bundled MySQL library. (Georg, Stefan)
ZLIB extension is now built-in in the Windows distribution. External extension (php_zlib.dll) has been removed. (Edin)
Fixed a bug in ISO-8601 week calculation
Fixed a crash when using invalid color index with imagecolortransparent() (Pierre-Alain Joye).
Fixed bug #20987 (no handling for client certificates). (Ilia)
Fixed bug #21039 (crash when not supplying an IV to mcrypt_generic_init). (Derick)
Fixed bug #20936 (openssl_pkey_get was broken). (jeroen@derks.it, Wez)
Fixed bug #20927 (wordwrap crash). (Ilia)
Fixed bug #20796 (when register_globals is on & arrays with same names are passed via get/post/cookie the data inside $_GET/$_POST/$_COOKIE can would be corrupted). (Ilia)
Fixed bug #20725 (if the upload directory cannot be written to, the POST data after the uploaded file is lost). (Ilia)
Fixed bug #20865 (array_key_exists() fails to find NULL key). (Ilia)
Fixed bug #20812 (ftp_get returned NULL on success, instead of TRUE). (Ilia)
Fixed bug #20785 (crash when using pdf_open_memory_image() to load a true-color image). (Ilia)
Fixed a crash when converting between true-color images (png/jpeg) and gd1/gd2 image formats, png/jpeg -> gd1/gd2 -> png/jpeg conversion now works correctly. (Ilia, Pierre-Alain Joye).
Fixed a memory leak in the bundled GD library inside gdImageTrueColorToPalette(). (Ilia)
Fixed bug #12776 (array_walk crash). (Moriyoshi)
Fixed bug #20934 (htmlspecialchars returns latin1 from UTF-8). (Moriyoshi)
Fixed bugs #20270, #15702, #18600 (segfaults in ext/java). (Tony J. White)
Made bcmath extension thread safe. (Sander)
Fixed bug #19566 (get_declared_classes() segfaults). (Moriyoshi, Marcus, Andi)
Fixed bug #20381 (array_merge_recursive mangles input arrays). (Moriyoshi)
Added -n command switch to cli and cgi version which allows to skip php.ini parsing at startup. (Marcus, Wez)
Fixed bug #19689 (absolute paths like /test/dir/ not working correctly). (Ilia)
Added "neutral" language entry to mbstring spec. (Moriyoshi)
Changed bundled gd library to consider php.ini option memory_limit. (Marcus)
Modified log() to accept multiple bases. (Jason)
Fixed bugs #16190/#18746xt/db: flatfile support with windows). (Marcus)
Added gd_info() which returns an array of gd support information. (Marcus)
Implemented features/changes requested in Bug #16960 (Timm):
- Added a new function sybase_unbuffered_query()
- Added a new function sybase_fetch_assoc()
- Added sybase_set_message_handler() which enables users to handle server messages in a callback function
- Added an ini entry for deadlock retries - retrying deadlocks can cause transaction state to break (sybct.deadlock_retry_count, defaults to -1 "forever").
- Fixed sybase_fetch_object() not to return objects with numeric members
- Fixed issues with identical fieldnames
- Made sybase_fetch_*() functions return correct datatypes
- Made phpinfo() section more verbose
- Made sybase_query() error messages more verbose
Fixed bug #19935 (made OpenSSL file system operations abide by safe_mode & open_basedir restrictions). (Ilia)
Fixed bug #18868 (improved the check for availability of realpath()). (Ilia)
Fixed width/height detection of bmp images using getimagesize() function on big endian systems and added code to retrieve bmp bit depth. (Ilia)
Fixed bug #20035 (line counting error when script starts with #! in cgi/cli/fastcgi sapis). (Ilia)
Fixed bug #20235 (incorrect handling of symlinks on ZTS build). (Ilia)
Added sanity checks to headers_sent() & image_type_to_mime_type(). (Ilia)
Added an aditional parameter to the jdtojewish() function which makes the function return the symbolic hebrew name. (Moshe Doron, Derick)
Fixed bug #20169 (implode() clobbers first argument). (Moriyoshi)
Improved dba extension (Marcus)
- Added dba_handlers() that returns an array of installed handlers and dba_list() that returns an associative array of open database files.
- Added bundled cdb support wich can be activated by --with-cdb without a path. The bundled version supports cdb_make that allows writing cdb files.
- Added optional skip parameter to dba_fetch() to support multiple key-value pairs with the same key for cdb handler.
- Added locking for those handlers that do not have their own locking.
- Added support for magic_quotes_runtime php.ini option.
- Added flatfile support what finally makes ext/db deprecated.
Added imagerotate() which is available only when bundled libgd is used. (Pierre-Alain Joye, Ilia)
Fixed bug #17497 (mssql extension crashes if magic_quotes_runtime is on). (Sterling)
Remove $_FILES from $_REQUEST (import_request_variables is not modified), this didn't work properly in the first place, and added confusion. (Sterling)
Fix the socket_read() function on win32 to work in normal mode (reading to the end of a line), as well as binary mode. (Sterling)
Fixed bug #20110 (added sanity check to prevent include/require functions from trying to include directories). (Ilia)
Fixed bug #20108 (segmentation fault on printf("%1.1s", "string")). (Ilia)
Added dbx_escape_string() function to dbx module. (Marc)
Added Oracle (oci8) support to dbx module. (Marc)
Updated FDF extension to work with Adode fdftk 5.0. (Hartmut)
Added mb_strtolower() and mb_strtoupper(). (Moriyoshi)
Fixed an infinite loop in setlocale() when only invalid locale names were passed in the array. (patch by Pal Loberg, pallo[at]initio.no)
Fixed bugs #19156 and #19544 (COM extension leaks memory and keeps components referenced). (Harald)
Added fribidi_get_charsets() and fribidi_charset_info() functions. (Tal)
Added Oracle TIMESTAMP type to oci8 extension. (Thies)
Fixed fgets($fp) to read until EOL when length parameter is not set. (Wez)
Changed registry entries under "HKLM\SOFTWARE\PHP\Per Directory Values" to work also with administrative directives such as safe_mode, open_basedir, etc. (Claudio Felber)
Added str_word_count() function which counts words inside a string. (Ilia)
Added PGSQL_CONNECT_FORCE_NEW option to pg_connect() (Yasuo)
Added ICONV_IMPL and ICONV_VERSION constants to iconv extension to indicate which iconv implementation is used. (Moriyoshi)
Fixed bug #4232 (Added %e & %E support to printf/sprintf). (Ilia)
Fixed bug #17580 (Allow ini parser to parse files >16K). (Ilia)
Fixed bug #19649 (Sanity checks for browscap.ini parser). (Ilia)
Added experimental patch to address problem with floats on various locales. (Bug #17079). (Ilia)
Fixed bug #19280 (imap_header fails with many To: addresses). (Ilia)
Added mb_regex_set_options(). The Options parameters of various mbregex functions are now deprecated. (Moriyoshi)
Fixed bug #19482 (Segfault with PCRE and locale). (Andrei)
Made ImageTruecolorToPalette() in bundled GD2 library actually work. (Rasmus)
Fixed ImageCopy() in bundled GD2 library to handle copying from truecolor to palette-based. (Wez, Rasmus)
Added read-only GIF support for bundled GD2 library. (Rasmus)
Made several adjustments to xslt extension (David Viner, Lehnar, Melvyn)
- Added xslt_set_object and xslt_setopt function
- Changed backend interaction with Sablotron library
- Fixed leak with error_print
- Made xslt_make_array() always set NULL on last index to signal array end.
Changed the glue argument in implode() to be optional. If not specified, defaults to "". (Sterling)
Fixed fields argument to contain correct info for xslt_set_error_handler(). (Patch by Lenar Lohmus)
Added --with-config-file-scan-dir compile-time switch which specifies a directory which will be scanned for *.ini files. (Rasmus)
Added ob_get_clean() and ob_get_flush(). (Yasuo)
Added ftp_ssl_connect() to ext/ftp for FTP over SSL support. (Stefan Esser)
Made a few additions and changes to Apache 2 sapi. (Ilia)
- Added apache_response_headers(), apache_note(), apache_getenv() and apache_setenv() functions.
- Added more detailed error reporting to apache_lookup_uri() and virtual().
- Renamed getallheaders() to apache_request_headers() and made an alias for BC.
- Added php_apache_sapi_getenv() and php_apache_sapi_get_stat().
- Added syntax-highlighting handling (.phps)
Fixed strstr(), strchr() and strrchr() to be binary safe. (Andrey)
Added array_diff_assoc() and array_intersect_assoc(). (Andrey)
Fixed bug #17825 (ob_start() chunk size option didn't work well). (Yasuo)
Fixed output buffer infinite loop when buffer_size became 0. (Marcus, Wez)
Added getopt() for parsing command line options and arguments. (Jon)
Added pg_fetch_assoc(), pg_fetch_all(), pg_ping(), pg_meta_data(), pg_convert(), pg_insert(), pg_select(), pg_update(), pg_delete(), pg_result_seek(), pg_unescape_bytea(), pg_get_notify() and pg_get_pid(). (Yasuo)
Fixed bug #17281 (Sanity checks for encoding sessions). (Ilia)
Fixed bug #16995 and #19392 (Prevent crash if $HTTP_SESSION_VARS != ARRAY). (Ilia)
Fixed bug #19292 (open_basedir restriction problem). (Rasmus)
Fixed bug #19366 (gdImageFill crashes when x & y are outside of the image's boundries). (Ilia)
Fixed bug #13936 (__FILE__ constant didn't contain full path). (Ilia)
PHP now has a new stream system that allows it to do some clever stuff with fopen() and fsockopen(). As a result:
- URL wrappers natively supports https:// URLs if you have compiled OpenSSL support into PHP (shared extension does not support this).
- Added support for fopen("ftps://...", ...) which allows to connect to FTP servers via SSL. (Stefan Esser)
- fsockopen() adds support for ssl:// and tls:// connections via TCP/IP
- copy($srcfilename, $destfilename) can now be used with URL wrappers
- zlib wrappers/streams can be used even on systems without fopencookie()
- Changed 'zlib:' fopen wrapper to 'compress.zlib://' and deprecate 'zlib:' to avoid ambiguities when filenames have ':' characters. (Wez)
- Added 'compress.bzip2://' stream and wrapper support.
- Added user-space streams - it is now possible to define a class in PHP code and register it as a URL wrapper. (stream_register_wrapper)
- Most extensions now support streams when passing files, which means that those extensions will now also support URL wrappers. (Wez)
- Added URL-wrapper support to exif. (Marcus)
- Added memory stream support. (Marcus)
- Renamed:
  - socket_set_timeout() -> stream_set_timeout()
  - socket_set_blocking() -> stream_set_blocking()
  - set_file_buffer() -> stream_set_write_buffer()
  - socket_get_status() -> stream_get_meta_data()
  As these functions can (in theory) work on any type of stream. (Wez)
- Raw POST data is now available as "php://input" stream. (Hartmut)
- fopen("php://output", "wb") returns a stream that writes to the output buffer (like echo and print). (Wez)
- Added stream_context_create(), stream_context_set_params() and stream_context_set_option and added an optional fourth parameter to fopen() which accepts a stream context. Contexts allow sharing of information between streams (a kind of "session") and setting notification callbacks. (Wez)
- Made the "User-Agent" header sent by http:// and https:// wrappers configurable in php.ini or via a stream context. (Sterling)
- Added stream_filter_prepend() and stream_filter_append() which apply a filter to either the top or the bottom of a stream filter stack. Implemented "string.rot13" filter as an example; more filters are expected to follow in later releases and other extensions. (Wez)
- Added stream_select() which works like socket_select but works on streams returned by fopen(), fsockopen() and pfsockopen() instead. (Wez)
- Added STDIN, STDOUT and STDERR constants for CLI sapi reflecting opened streams to their respective standard I/O counterparts. (Edin)
- Added php.ini option "auto_detect_line_endings" which enables PHP to detect Macintosh, Unix and Dos end-of-line characters in fgets() and file(). Fixes bugs #16521 and #16708. (Wez)
- Fixed include(), require() and GD functions to work with remote files under win32.
- Fixed bug #18609 (ImageCreateFromJPEG can't fetch from a URL). (Wez)
Fixed bug #18022 (fopen does not work with php://stdin anymore on Solaris). (Wez)
Added php.ini option "default_socket_timeout" to set the timeout limit for PHP network streams. (kalowsky, ilia@prohost.org, Wez)
Added file_get_contents() which returns the contents of a file as a string. This function also supports the URL wrappers. (Wez)
Fixed bug #19595 (Missing functions for GD2 format handling). (Edin)
Fixed bug #19633 (Wrong directories in ext/ldap/config.m4). (Derick)
Fixed bugs #17274 and #19627 (segfault in sem_remove). (Wez)
Added mb_convert_case() function to the mbstring extension which can convert strings between upper, lower and title case using Unicode mappings. Fixed bug #19257 (strtolower & strtoupper does not work for UTF-8 strings). (Wez)
Fixed bug #18521 (htmlentities didn't warn about unsupported charsets). (Wez)
Fixed bug #11643 (Session related, fix SID redefinition). (Ilia)
Fixed bug #18556 (Scripting Engine, problem with locales like tr_TR). (Ilia)
Changed y2k_compliance to default to 1 now. (Sascha)
Added platform independent socket error constants for better error handling. (Jason)
Update output of phpinfo() to use more CSS to reduce the file size, do proper HTML escaping, and make it XHTML compliant. (Colin)
Fixed compile errors in the FriBidi extension (Bug #16414). (Tal)
Fixed bugs #7472, #12120 and #12989 as well as other potential problems with strip_tags() function. (Ilia)
Fixed bugs #17570 and #17957 (Regexps related). (Andrei, Ilia)
Fixed bugs #18167 and #16859 (SEGV with session_decode). (Ilia)
Fixed bugs #19573 and #13472 (Session, XHTML compliance and trans_sid). (Sascha)
Fixed bug #19570 (last character was missing in get_html_translation_table). (Wez)
Upgraded PCRE to version 3.9. (Wez)
Fixed bug in OCIResult() which returned garbage when called on empty result-sets. (Thies)
Added ability to use Perl-style ${n} subpattern references in the replacement string for preg_replace() (bug #18442). (Andrei)
Fixed array_merge_recursive() to avoid problems with merging cyclical arrays (bug #16064). (Andrei)
Made function_exists() work properly with disabled functions. (Andrei)
Added ability to extract() variables as references via OR'able EXTR_REFS flag. (Andrei)
Fixed a build failure with the OCI8 extension on Tru64. (Patch by Michael Mauch, micahel.mauch@gmx.de)
Added --disable-all configure option. (Jani)
Backported debug_backtrace() from ZendEngine2. (Thies)
Added html-free phpinfo() output for CLI. (Jan)
Fixed socket_recvfrom() to be binary safe. (Jason)
Changed mail() to use escape_shell_cmd() to allow multiple extra parameters to the invocation of the mailer as used in the fifth parameter. (Derick)
Changed cURL extension to require cURL version 7.9.8 (Derick)
Added zend_execute_internal which is called like zend_execute but for internal functions. (Thies)
Changed pg_connection_status(), pg_connection_reset(), pg_connection_busy(), pg_result_status() and pg_result_error() to silently return FALSE when resource is not passed to them. (Yasuo)
Fixed some mysql compile failures on 64 bit-OS. (Georg)
Added warnings for deprecated mysql functions:
- mysql_create_db()
- mysql_drop_db()
- mysql_escape_string()
Added XsltObject-<result_dump_mem($result) for returning xslt-result directly into a string and XsltObject-<result_dump_file($result,$file[,$compression]) for dumping into a file. (morus.walter@web.de, chregu)
Made mime_magic and ZIP extensions available on Windows. (Edin)
Added xslt_backend_version() and xslt_backend_name() for getting information about the processor backend. (chregu)
Added ImageColorMatch() and ImageLayerEffect() functions which are only available when using the bundled GD library. (ttoohey)
Made major improvents to the pcntl extension. (Jason)
- Greatly improved performance (signal callback mechanism uses ticks)
- Implemented object signal callback ability by using array($obj, $method)
- Added a restart parameter to pcntl_signal, which allows you to disable the default of system call restarting
Changed DomNode->next_sibling() and DomNode->previous_sibling() to return NULL instead of false (W3C specs). (chregu)
Changed DomNode->insert_before() and DomNode->append_child() to conform to W3C specs (moving not copying nodes, accepting NULL as 2nd param). (chregu)
Added DomNode->set_namespace(uri[,prefix]) (chregu)
Fixed shuffle() to properly generate all possibilities. (Patch provided by Adam <adam@trachtenberg.com>)
Fixed DomNode->insert_before() to behave according to W3C spec ie. new_child is moved, not copied. (chregu)
Added some namespace support with DomNode->add_namespace(uri, prefix) and DomDocument->create_element_ns(uri, nodename) (chregu)
Added optional parameter to DomElement->node_name() for retrieving fully qualified name (ie. namespace prefix). (chregu)
Changed DomNode->child_nodes() to return empty array instead of false if no child nodes are found. (chregu)
Fixed a bug with handling the Expect header. (Patch by ilia@prohost.org)
Fixed a bug in ODBC where closing the module caused a crash in the Windows executable. (kalowsky)
Fixed memory leaks in pack() and unpack(). (Patch by ilia@prohost.org)
Added URLs to error messages which direct to a page describing the error or function in question. (Derick, Wez, Marcus)
Added odbc_data_source() functionality to identify DB ServerName, and a description of it gathered from the DSN. (kalowsky)
Fixed copy() to return TRUE with 0 byte files. (Patch by ilia@prohost.org)
Added ob_list_handlers() which returns an array of all active output handlers. (Marcus)
Added mbstring encoding/decoding "HTML-ENTITIES". (Marcus)
Added parameter 'L' for mb_http_input() to retrieve input encoding as a comma separated string. (Marcus)

Added the ability for declare() compiler modifications to occur globally by using an empty statement. (Jason, Zend Engine) i.e.

        //Globally enables the ticks modifier for the whole program
        declare (ticks=1);

        //Enables the ticks modifier for just the lexical block containing
        //"statement".
        declare (ticks=1) {
           statement;
        }

Brought strtotime() "next" keyword handling in line with documentation and its glibc cousin. (Rasmus)
Fixed str_rot13() to not mangle source string. (Rasmus)
Fixed imap_get_quota() to work with multiple returned resources as per the RFC 2087 and bug #14673. (kalowsky, Sander Steffann)
Added MarkerNote decoding to exif_read_data() for several Cameras. (Marcus)
Disabled zlib.output_compression for "image/" content-type headers which can be changed during script execution. (Stefan)
Added new asynchronous FTP functions. (Stefan)
Added optional 5th parameter to FTP functions to support resuming. (Stefan)
Added optional 2nd parameter to print_r() to make it return the variable representation instead of echoing it. (Derick)
Added mysql_ping(), mysql_real_escape_string(), mysql_character_set_name(), mysql_thread_id(), mysql_stat() and mysql_list_processes(). (Zak, Georg)
Added safe_mode & open_basedir checks for pg_lo_export(). (Yasuo)
Added open_basedir check for pg_lo_import(). (Yasuo)
Fixed infinite recursion crash bug in ticks. (Jason)
Added php.ini option "mysql.connect_timeout" to set the timeout limit for mysql_connect() and mysql_pconnect(). (Georg)
Added optional parameter "flags" to mysql_connect() and mysql_pconnect() which can be used to set usage of idle timeout and different protocols, SSL and compressed. (Georg)
Added automatic rollback to ext/mysql for non committed transactions. (Georg)
Fixed cases where preg_split() incorrectly terminated final element if it contained null bytes. (Andrei)
Added persistent connections/pipelining to thttpd. (Sascha)
Fixed two potential blocking issues in thttpd. (Sascha)
Fixed broken header file detection on Solaris. (Sascha)
Improved nss/socket-related symbol/library detection. (Jani, Sascha)
Made iconv() work well with both libiconv and libgconv. (Moriyoshi, Yasuo)
Fixed socket_set_timeout() on win32. (Jason, Edin, Jani)
Added domxml_node_namespace_uri(). (Rui Lopes)
Fixed win32 memory leak in /ext/sockets that would occur on any error condition. Also fixed host resolution error messages on win32. (Jason)
Added optional 3rd parameter 'recursive' to ftp_rawlist() which will do 'LIST -R' instead of 'LIST'. (Jani)
Changed getimagesize() to always set unknown fields to 0 and added support for iff imagetype. (Marcus)
Added runtime Apache2 thread check to ensure we don't run a non-threaded PHP inside a threaded Apache2 MPM. (Rasmus)
Made getimagesize() and exif_read_data() to return also the mime-type and exif_thumbnail() to return also the image-type. (Marcus)
Added image_type_to_mime_type() which converts image-types to mime-types. (Marcus)
Made GD functions to only exist if they are available in libgd. Now the availability can be tested with function_exists(). (Derick)
Added an optional parameter to the header() function which overrides the HTTP response code. (Derick)
Changed the order of which modules are unloaded to the reverse order of which they were loaded. (Derick, Zend Engine)
Added preliminary SAX-Input support. It's now possible to build a DomDocument with SAX-Events. (chregu)
Bundled GD library 2.0.1 with php (ext/gd/libgd) (Rasmus, Jani, Markus, Edin)
Fixed bzopen() crash in thread-safe mode. (Andrei)
Added better error-messages (3rd parameter) and validating of DTDs (2nd parameter) to domxml_open_mem() and domxml_open_file(). (Christian)
Added domxml_doc_validate() for validating existing DomDocuments with a DTD. (Christian)
Added ability to capture string offsets in preg_match_*() results. (David Brown, Andrei)
Fixed set_error_handler() to accept methods as callbacks and also report invalid callbacks. (Andrei)
Fixed a memory corruption bug in overload extension. (Andrei)
Fixed error handling in fsockopen() on win32. (Jason)
Added win32 support for the timeout parameter of fsockopen(). (Jason)
Fixed shuffle() to provide equal distribution of values. (Andrei)
Added --with-mysql-sock configure option which can be used to override the unix socket location. (e.g. NFS compiles, etc.) (James Cox)
Fixed is_a() to properly work on extension registered classes. (Andrei)
Added new constants: PHP_PREFIX and PHP_SHLIB_SUFFIX. (Stig)
Added pctnl_alarm() function. (Edin)
If zlib.output_compression is enabled and a page is compressed a "Vary: Accept-Encoding" header is now added. (Stefan)
Renamed getallheaders() to apache_request_headers() and kept getallheaders() as an alias to it. Also added apache_response_headers() which returns the current response headers from Apache. (Rasmus)
Added missing AddRef() calls in the COM extension. This should fix weird behaviour (in particular with ADODB). (Harald)
Fixed segfault in version_compare(). (Stig)
Added compressed Flash MX files support to getimagesize(). (Derick)
Added ability to capture string offsets in preg_split() results. (David Brown, Andrei)
Fixed a crash bug in token_get_all(). (Andrei)
Implemented glob() for Unix/Win32. (Hartmut, Edin, Markus)
Added domxml_doc_set_root() to change the root node. (Lukas Schroeder)
Fixed a crash bug in stripslashes() when working in sybase mode. (Rasmus)
Added experimental support for Simplified Chinese, Traditional Chinese and Korean encodings into mbstring. (Rui)
Misc. Win32 mail() enhancements: support 'From:' header (msisolak@yahoo.com), support Bcc header, case-insensitive headers, enhanced error reporting, automatic proper line ending conversion, fixed crash with Cc, fixed buffer overflows with $header. (Markus)
Improved IMAP extension performance. (adam.kauffman@mindspring.com, rjs3@andrew.cmu.edu, Jon)
Added optional 5th parameter to domxml_xslt_process(). When set, profiling information is saved to the specified file. (chregu)
Added MD5 support for crypt() on Windows. (Edin)
Fixed resource bug in LDAP extension. (Stig Venaas)
Fixed crash in output buffering when buffer is overwritten in a callback. (Yasuo)
Added output_add_rewrite_var() and output_remove_rewrite_var() to inject and remove variables from the URL-Rewriter. (Thies)
The Windows build can now be configured more comfortably, for example when dealing with built-in extensions. (Sebastian)
Added large OID value (2^31 to 2^32) support for pg_lo_import(), pg_lo_unlink(), pg_lo_open() and pg_lo_export(). (Yasuo)
Fixed mixing OCIPlogon() and OCINLogon() to not leak Oracle-Sessions. (Thies)
Added php.ini options for EXIF extension to encode and decode Unicode/JIS user comments. (Marcus)
Changed the "-c" CLI/CGI option to allow both 'filename' and 'path to php.ini'. (Yasuo)
Added version information to the .dll and .exe files created under Windows. (jtate)
Added __FUNCTION__ and __CLASS__ constants. (Jani, Zend Engine)
Added optional 2nd parameter for pg_result_status() to specify return type. (Yasuo)
Added "log_errors_max_len" php.ini option which controls maximum length for error messages. (Marcus)
Added "ignore_repeated_errors" and "ignore_repeated_source" php.ini options which can be used to disable logging of repeated error messages. (Marcus)
Made pg_last_notice() work correctly. (Yasuo)
Added "pgsql.ignore_notice" and "pgsql.log_notice" php.ini options. (Yasuo)
Added "zlib.output_compression_level" php.ini option. (Stig)
Added support for --with-apxs build on Mac OS X / Darwin. (markonen)
Added support for dynamically loaded extensions on OS X / Darwin. NOTE: This requires Apache 1.3.25 or later. (kalowsky, markonen)
Fixed CR/LF processing in quoted_printable_decode() on Win32. (kir)
Made crack extension available on Win32. Cracklib libraries for Win32 are available at http://www.jtatesoftware.com/cracklib/. (jtate)
Added mysql_info() function. (Jan)
Added mysql_list_processes() and mysql_stat() functions. (Georg)
Fixed memory allocation problem on systems that have iconv() support in libc. (Yasuo)
Made var_dump() handle recursive structures better. (Yasuo, Derick)
Added exif_imagetype() function. (Marcus)
New improved build system. Among other improvements, replaces the slow recursive make with one global Makefile and eases the integration of proper dependencies. Automake is only needed for its aclocal tool. The build process is now more portable and less resource-consuming. (Sascha)

More information on this release on our Releases page.

Version 4.2.3

06-Sep-2002

Enable UTF8 modifier support for PCRE on win32. (Wez, Edin)
Enabled strcoll() on win32. (Markus)
Fixed possible ASCII control char injection in mail(). (Stefan Esser)
Fixed a potential crash bug in import_request_variables() (Zeev)
Fixed several problems with directory functions on Windows. (Steph)
Fixed xbithack bug in Apache module. (Rasmus)
Fixed a bug that prevented touch() from working on various platforms. (Steph)
Fixed ob_gzhandler()'s handling of requests that do have the Accept-Encoding header, but do not allow compression. (Zeev)
Fixed several bugs in the multithreaded version that could cause random parse errors, especially on machines with multiple CPUs. (Zeev, Zend Engine)
Fixed a build problem in bcmath. (Alan)
Fixed several bzip2 issues. (Andrei, kalowsky)
Fixed several COM issues. (Harald)
Various exif fixes. (Marcus)
Fixed domxml_xslt_process() and domxml_get_element_by_id() and several other issues in DOMXML. (Christian)
Fixed DOMXML crash on removing previously created attributes. (Christian)
Fixed crash when converting $GLOBALS to an object. (Zeev, Zend Engine)
Fixed ImageCreateFromGD2Part() (Jani)
Fixed a build issue in the IMAP extension under IRIX. (kalowsky)
Fixed a bug in imap_last_error() (Jani)
Various mbstring fixes. (Yasuo, Rui)
Fixed a build problem in the mcal extension. (Jani)
Made MySQL rollback open transactions when the request ends. (Georg)
Fixed a crash in the shutdown order of the ODBC module. (kalowsky)
Fixed PCRE build problems. (troels@arvin.dk)
Fixed a crash in pg_lo_write() (Yasuo)
Fixed posix_isatty() and posix_ttyname(). (Markus)
Fixed accidental pg_lo_import() API change. (Yasuo)
Fixed ereg_replace() crash when the backreference number was greater than the number of captured subpatterns. (oliver@billix.franken.de)
Fixed array_rand() on thread-safe platforms such as Windows. (Edin)
Report the right exit code after a call to exit(). (Edin)

More information on this release on our Releases page.

Version 4.2.2

22-Jul-2002

Fixed serious security vulnerability. (Stefan Esser)

More information on this release on our Releases page.

Version 4.2.1

13-May-2002

Added safe-mode checks to show_source(), parse_ini_file() and rmdir(). Also fixed security problems with safe_mode_include_dir directive. (Rasmus)
Changed HTTP upload code to accept 0 byte file uploads. (Zeev)
Major update of domxml. New functions, better DOM compliance and bug fixes:
- Changed the old $node->append_child() to $node->append_sibling() since the new append_child() behaves correctly (= W3C standard).
- Added domxml functions:
  - domxml_elem_get_elements_by_tagname()
  - domxml_doc_get_elements_by_tagname()
  - domxml_doc_get_element_by_id()
  - domxml_elem_remove_attribute()
  - domxml_elem_get_attribute_node()
- Fixed a segfault in domxml_unlink().
- Added formatting option to domxml_dump_mem().
(Uwe, jtate, Chregu)
Fixed a bug in socket_select() that could cause unexpected behavior when using a statement like $w = $e = array($sock); This change unfortunately prevents the use of constant values (e.g. NULL) for the socket array paramaters. Instead, use a temporary variable or an expression with the leftmost member being a temporary variable. ex.: socket_select($w, $r, $e = NULL, 10); (Jason)
Fixed crashes in the session serializer. (Stas)
Fixed malformed atime/mtime with touch(). (Yasuo)
Fixed a couple of bugs in array_sum() and array_merge(). (Andrei)
Fixed SJIS directory name handling under Windows. (Rui)
Fixed empty mb_output_handler() output when Content-Type is specified. (Yasuo)
Fixed the false logic in ext/session which made SID constant not to be defined when cookies are disabled. (Sascha)
Fixed possible crash bug in HTTP uploads. (Patch: Lucas Schroeder)
Fixed possible NULL-pointer dereferencing in the COM extension which caused 'Error in php_OLECHAR_to_char()' warnings on various places. Also modified the API to consistently return NULL in case of an error. (Alan, Harald)
Fixed a bug in the COM extension that caused outproc servers to 'hang' because of a missing Release() call. (Alan, Harald)

More information on this release on our Releases page.

Version 4.2.0

22-Apr-2002

ATTENTION!! register_globals defaults to 'off' now !!!
Note: Apache2 support is EXPERIMENTAL.
Moved ext/mailparse to PECL. See http://thebrainroom.com/opensource/php/ for more information and to download the extension. (Wez/Jim)
Fixed pg_last_notice() crash. (Yasuo)
Modified the mysql extension to disable 'LOAD LOCAL' when safe mode is enabled. (Jason)
Fixed HTTP file upload support to handle big files better. (Jani)
Major modifications to the Sockets Extension and its API (Jason):
- Fixed numerous bugs.
- Added automatic host lookup capability to all functions that take addr's. example: socket_connect($sock, 'www.yahoo.com', 80);
- Corrected and standardized host lookup errors
- Modified socket_recv() behavior. [$r=socket_recv($sock, $buf, $len, $flags)]
- Added socket_set_block() which changes a socket into blocking IO mode
- Modified socket_last_error() to not clear the last error
- Added socket_clear_error() which clears the last error on a socket
- Removed all code pertaining to fd_sets (socket_fd_*)
- Modified/Improved socket_select() to accept array of resources instead of fd_sets. example:
```
    <?php

    $wfds=$rfds=array($sock1, $sock2, $sock3, $sock7);

    $r=socket_select($rfds, $wfds, NULL, 1);

    print "Ready to read:\n"; var_dump($rfds);

    ?>

    
```
Fixed segfault in ibase_close() if user does not free the resultset. Bugs #15419, #15992. (daniela)
Fixed pg_last_notice() crash. (Yasuo)
Added optional 3rd parameter "int encoding_mode" to gzencode() and fixed parameters to conform documentation. (Stefan)
Changed read_exif_data() to be an alias of exif_read_data(). (Marcus)
Added exif_tagname() function which returns the names of tags and exif_thumbnail() function to extract embedded thumbnails. (Marcus)
Fixed iconv support with FreeBSD. (kalowsky)
Cleaned up the posix extension: (Markus)
- Removed unwanted warning messages
- Added posix_errno() and posix_strerror() for fetching error messages
- Changed the way posix_getgrnam() and posix_getgrgid() return their values (breaks BC but makes more sense)
- Does not include functions in symbol table which aren't supported on host system.
Added TIFF support for getimagesize() and read_exif_data(). (Marcus)
Changed the Velocis extension namespace to Birdstep to reflect new product name. Added aliases for BC. (James)
Added safe_mode checks for opendir(). (jflemer)
Changed the 2nd parameter in pgsql_fetch_*() functions to support NULL if all 3 parameters are supplied, but you do not want to provide a row number. (Derick)
Improved iconv() when using libc's iconv. (Yasuo)
Added PHP_SAPI constant which contains the name of running SAPI. (Edin)
Added ob_get_status() which returns an array of buffers with their status. (Yasuo)
Fixed a crash bug in ob_end_*() functions. ob_end_*() will not delete buffers that may not be deleted. (Yasuo)
Added 3rd parameter "bool erase" to ob_start(). If FALSE, the buffer may not be deleted until script finishes. (Yasuo)
Changed ob_*() functions to return TRUE for success, FALSE for failure. (Yasuo)
Added sybase_ct support to dbx module. (Marc)
Fixed error message handling with PostgreSQL 7.2. (Rui)
Added object aggregation capability, see aggregation_*() functions. (Andrei)
Added debug_zval_dump() which works similarly to var_dump, but displays extra internal information such as refcounts and true type names. (Jason)
Added Andrei's tokenizer extension. (Stig)
Fixed a bug in the COM extension which caused php to crash in php_COM_get_ids_of_names(). (Paul, Harald)
Removed ext/satellite. It is now part of PEAR. (eriksson)
Changed php.ini directive 'safe_mode_include_dir' to accept a (semi)colon separated path (like 'include_path') rather than a single directory. (jflemer)
Added is_a() function that can be used to test whether object is of a certain class or is derived from it. (Andrei, Zend Engine)
Added optional parameter to highlight_string() and highlight_file() which makes these functions to return a highlighted string instead of