DReade83

Well-Known Member
Oct 20, 2006
196
0
166
Cheshire, UK
It's been released? Apparently so! But it's not listed anywhere on the PHP site, nor in WHM's Apache Update area. Read the subscription email from the PHP team below...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The PHP development team is proud to announce the immediate release of PHP 5.2.0. This release is a major improvement in the 5.X series, which includes a large number of new features, bug fixes and security enhancements.

The key features of PHP 5.2.0 include:

* New memory manager for the Zend Engine with improved performance and a more accurate memory usage tracking.
* Input filtering extension was added and enabled by default.
* JSON extension was added and enabled by default.
* ZIP extension for creating and editing zip files was introduced.
* Hooks for tracking file upload progress were introduced.
* Introduced E_RECOVERABLE_ERROR error mode.
* Introduced DateTime and DateTimeZone objects with methods to manipulate date/time information.
* Upgraded bundled SQLite, PCRE libraries.
* Upgraded OpenSSL, MySQL and PostgreSQL client libraries for Windows installations.
* Many performance improvements.
* Over 200 bug fixes.

Security Enhancements and Fixes in PHP 5.2.0:

* Made PostgreSQL escaping functions in PostgreSQL and PDO extension keep track of character set encoding whenever possible.
* Added allow_url_include, set to Off by default to disallow use of URLs for include and require.
* Disable realpath cache when open_basedir and safe_mode are being used.
* Improved safe_mode enforcement for error_log() function.
* Fixed a possible buffer overflow in the underlying code responsible for htmlspecialchars() and htmlentities() functions.
* Added missing safe_mode and open_basedir checks for the cURL extension.
* Fixed overflow is str_repeat() & wordwrap() functions on 64bit machines.
* Fixed handling of long paths inside the tempnam() function.
* Fixed safe_mode/open_basedir checks for session.save_path, allowing them to account for extra parameters.
* Fixed ini setting overload in the ini_restore() function.
All users of PHP, especially those using earlier PHP 5 releases are advised to upgrade to this release as soon as possible. This release also obsoletes the 5.1 branch of PHP.

For users upgrading from PHP 5.0 and PHP 5.1 there is an upgrading guide available at http://www.php.net/UPDATE_5_2.txt, detailing the changes between those releases and PHP 5.2.0.

For a full list of changes in PHP 5.2.0, see the ChangeLog (http:// www.php.net/ChangeLog-5.php#5.2.0).


Ilia Alshanetsky
5.2 Release Manager


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)

iD8DBQFFSjUoLKekh381/CERAkbWAJ9sYFdxCO3XSBi6TsCx1mec+lgJPACcCPtz
aYsI1OpWDYZOBvXu9iHNVWk=
=DQx2
-----END PGP SIGNATURE-----

--
PHP Announcements Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
All the links provided above either '404' or simply don't list PHP 5.2.0!

cPanel Staff: How do I add PHP 5.2.0 to my list of available PHP versions when updating Apache?
 

kuwaitnt

Well-Known Member
Oct 13, 2003
75
0
156
it is bad news if they stop php 4 :(

there are alot of our hosting client use php4 scripts
 

Olate

Active Member
Aug 1, 2003
42
0
156
I don't see them stopping PHP 4. This is just adding 5.2 to the options. Most scripts will actually work fine with PHP 5 anyway. At least they should do if they're written properly. Any decent 3rd party apps will also support PHP 5 now too. We upgraded our servers to PHP 5.1 ages ago and have had no complaints from customers.
 

d_t

Well-Known Member
Sep 20, 2003
243
1
168
Bucharest
The problem is: why PHP didn't come with a new version for PHP 4.x, to solve the latest security problem? However, PHP4 is still listed in http://snaps.php.net/

There are some incompatibilities between PHP 4 and 5 (especially for classes) so an upgrade to php5 on a server that contains several hundred websites is not an easy task.

PHP 5.2.0 can be compiled and installed over PHP 5.1.6, even on a server with cPanel (from ssh console). Is better to have a copy of the previous php version /usr/local/apache/libexec/libphp5.so just in case apache is not starting.
 

viptexting

Well-Known Member
Sep 19, 2005
74
0
156
The problem is: why PHP didn't come with a new version for PHP 4.x, to solve the latest security problem? However, PHP4 is still listed in http://snaps.php.net/

There are some incompatibilities between PHP 4 and 5 (especially for classes) so an upgrade to php5 on a server that contains several hundred websites is not an easy task.

PHP 5.2.0 can be compiled and installed over PHP 5.1.6, even on a server with cPanel (from ssh console). Is better to have a copy of the previous php version /usr/local/apache/libexec/libphp5.so just in case apache is not starting.
If your PHP 4 classes are well written you will have no problems with upgrading to PHP 5
 

takeover

Member
Apr 29, 2003
18
0
151
How long is it going to take cPanel to add this?!!!

It's been out 4 days already!!!
i can't imagine how anoying this stuff is for the cpanel staff

4 days is nothing, it's out now, but to give that amount of exclimation points after something has been out for 4 days is rediculous. if you want to be an early adopter cpanel probably isn't for you, if you want stability, maybe it is.
 

dreamwiz

Well-Known Member
Aug 28, 2003
93
0
156
If you are still running PHP4... you really shouldn't. We upgraded to PHP 5 already in summer 2005 without any issues and this was done in multiple servers. Just let your users know about the update good time in advance. If the code is done properly you really shouldn't have any issues and almost all software works with PHP5 now. If it doesnt, it's just badly outdated or bad programming.

Let's face it, PHP6 is on it's way and support for PHP4 will come to an end sooner or later.


P.S. You dont have to wait for cPanel to get PHP 5.2.0 - you can install it manually and have it running right away.