Slashdot Mirror

← Back to Stories (view on slashdot.org)

PHP 7.3 Brings C Inlining and Speed Improvements (techrepublic.com)

Posted by EditorDavid on from the do-you-C-what-I-C? dept.

An anonymous reader quotes TechRepublic: PHP 7.3, the newest update to the widespread server-side web development language, was released on Thursday, bringing with it a handful of new features, modernizations, and modest speed improvements.... The largest improvements in 7.3 include support for Foreign Function Interface (FFI), allowing programmers to write inline C code inside PHP scripts. Though this feature does not presently provide the same level of performance as native PHP code, it can under certain circumstances be used to reduce the memory footprint of a given task.

PHP 7.3 also includes flexible heredoc and nowdoc syntax, now no longer requiring closing markers to be followed by a semicolon or new line. The feature proposal for this notes that the previous rigid requirements "caused them to be, in-part, eschewed by developers because their usage in code can look ugly and harm readability...." PHP 7.3 does bring some backward incompatible changes and deprecated functions. The use of case-insensitive constraints is now deprecated, as is the use of case-insensitive constants with a case that differs from the declaration.
Phoronix reports that PHP 7.3 is nearly 10% faster than version 7.2, while it's 31% faster than PHP 7.0 and nearly three times faster than PHP 5.6.

36 comments

  1. i cant wait to not upgrade to this by Anonymous Coward · · Score: 0, Flamebait

    staying with whatever vulnerable version of 5 i have now until i die
    im not updating this code

    1. Re:i cant wait to not upgrade to this by Anonymous Coward · · Score: 1

      You could use it for new projects only.

    2. Re: i cant wait to not upgrade to this by Anonymous Coward · · Score: 0

      same time thread pooling with preverify tests is that possible

  2. Return to slashdot by grubert · · Score: 4, Funny

    Used to come here a lot ten years ago, and I know it's not as "popular" as it used to be, but it seems like the smartest people stayed. Really enjoying the commentary.

    1. Re:Return to slashdot by Anonymous Coward · · Score: 1

      I don't expect much intelligence in this thread. Queue the PHP haters armed with tales of C injection.

    2. Re:Return to slashdot by DCFusor · · Score: 1

      Seems like they're handing out more mod points to old timers these days...which is why I'm AC right now.
      Could have something to do with it?

      --
      Why guess when you can know? Measure!
    3. Re: Return to slashdot by Anonymous Coward · · Score: 0

      There is no way to differentiate between trolls and nontrolls. Leading experts pin the ratio at 14 :1

    4. Re:Return to slashdot by Anonymous Coward · · Score: 0

      Now C injection is built-in.

    5. Re:Return to slashdot by Anonymous Coward · · Score: 0

      Let's just do away with the PHP-idiocy and keep the C. I expect it'll be lots safer that way. Not safe, exactly, but safer.

    6. Re:Return to slashdot by Anonymous Coward · · Score: 2, Interesting

      That's not the danger. The danger is allowing C object code to run that wasn't compiled BY that system. I'm not sure who asked for it, but it's certainly a way to destroy any sandboxing the php software setup for the scripting. This is as stupid as WASM in javascript.

      The second you allow code to run unvetted, because it's been compiled a certain way, you open the hardware up to every single exploit that would be available had an idiot user just ran a random malware binary. Fortunately most PHP systems are linux or freebsd, so it's a bit of a fools errand to produce polyfill rootkits that would actually work. But they have been made before, and often rootkits get into the system because php/ruby/javscript/node.js/perl/flavor-language-of-the-year needs to be operating as root.

      A great solution to this is stupidity is to "safe defaults" that does not turn on such features by default, and only on a per-site basis. This means the feature will get no use, by design, and a site has to justify to it's users that some potentially dangerous feature is needed, most won't use it.

    7. Re: Return to slashdot by DCFusor · · Score: 1

      Probably correct, but you don't have to care if you judge by post content alone.

      --
      Why guess when you can know? Measure!
    8. Re:Return to slashdot by Anonymous Coward · · Score: 0

      That's so funny. Did you reschool to comedian during the years you were gone? This place has turned into a anti-world, pro-American echo chamber, filled with racism and hate speech, and the new owners are happily letting that commentary stink in the threads, presumably because it reflects their own views.

    9. Re:Return to slashdot by Anonymous Coward · · Score: 0

      No, actually thats all in your head. One or two non-Group-Think posters who have the temerity to be Pro-American or not Trump-bashers simply cause many here to flip.

    10. Re:Return to slashdot by Anonymous Coward · · Score: 0

      Yes and if you locked yourself in an armoured, padded room away from the dangers of the world, you would be safer.

      If cowards like you had their way, humanity would still be living in caves.

    11. Re:Return to slashdot by Anonymous Coward · · Score: 0

      *cue. ;-)

  3. WHERE? by Anonymous Coward · · Score: 0

    I asked this question last time and no one answered. Where are the docs for this FFI thing? The only thing I could find was some unmaintained deprecated precursor pcre external. No docs there either.

    The announcement doesn't even list it.

    Where the hell are all these reporters getting this information from if not from the announcement and there are no docs?

    Bueller?

    1. Re:WHERE? by The+Original+CDR · · Score: 0

      A Google search turned up this. If I'm reading it right, this is a replacement for FFI as it requires PHP 7.4. Go figure.

    2. Re:WHERE? by Anonymous Coward · · Score: 0

      Your latest videos suck as much as the first 100. I thought everyone knew the first 100 videos suck, and that this automatically means the next videos will be better?

  4. Developer quality by iTrawl · · Score: 3, Insightful

    Yes! C code in PHP code. It's all ever wanted.

    Yep, giving the power of C to people who can't code PHP properly to begin with. Best idea ever.

    --
    "Everybody's naked underneath" -- The Doctor
    1. Re: Developer quality by Anonymous Coward · · Score: 0

      That should be able to call the web apis with session IDs is this now supported in an event driven immediate callback?

    2. Re:Developer quality by Anonymous Coward · · Score: 0

      I'm inclined to simply say nothing, and stock up on popcorn :-)

    3. Re:Developer quality by i.r.id10t · · Score: 1

      The "issue" with PHP is that it is dirt easy to get going, supported by hosting providers, and so both cost of entry and knowledge needed are minimal. And there is a lot of crap tutorial and demo code out there to be found and copy/pasted

      Think the biggest challenge for anyone who wants to learn good PHP today is that there have been lots of changes and improvements (PDO/mysqli vs. mysql for example) but there are a TON of old tutorials, copy/paste code examples, etc. out there that are full of code that was acceptable 10-15 years ago but is just outdated and potentially/probably dangerous now.

      Unfortunately until you get to enterprise level groups that can host/support things like Java servlets there aren't a lot of choices out there other than PHP for server-side processing. And even with Java while the language provides more/stronger protection, it is still possible to write bad/dangerous code and do stupid things. You don't see it in the wild due to the "cost" of getting it out there, but some of the stuff I see grading or tutoring is enough to send shivers down your spine.

      --
      Don't blame me, I voted for Kodos
    4. Re:Developer quality by Anonymous Coward · · Score: 0

      Having started doing web dev on PHP a long time ago, I'm a big fan of Python (usually with Django) now. It's also not strongly-typed, but it's not so poorly designed that the easy thing to do is shoot yourself in the foot like in PHP. That said, I don't do a whole lot of web dev of any kind these days, so I'm not up on the latest and greatest.

  5. Greg by Anonymous Coward · · Score: 0

    Good news

  6. and screwed 14000 lines of my code doing it by Anonymous Coward · · Score: 0

    and screwed 14000 lines of my code doing it...im done with that code .....

  7. And it will be SLOWER THAN PHP! by Anonymous Coward · · Score: 0

    So you truly get ALL the downsides.

    Insecurity and error-proneness of the low-level language C,
    in the messy vagueness and slowness of the scripting language PHP,
    with even more slowness on top of that!

    Yeah, sounds perfectly suited to the average PHP "programmer" I've met.
    (And I used to be one, as my day job. So I know. ... [Moved on to Python, Haskell, and a few others I knew from before, since then.])

    P.S.: What the hell does "code PHP properly" even mean? ^^ I still know PHP very very well, and that would simply make it not PHP anymore. PHP isn't proper by the very definition of its language and libraries. Even as just a scripting language.

  8. PHP == the webs SSI workhorse by Qbertino · · Score: 3, Insightful

    I don't like PHP all that much but it pays my bills and gets the job done. Say what you want but it's the only domain specific language in widespread use that has a proven record of delivering. I also like the document driven approach. PHP doesn't memory leak, it simply timeouts. Most of the time that is. A simpleton can program and add some logic to his documents within minutes and it's powerful enough to build large applications that work as advertised.
    I will be sticking with PHP as a main PL for the time being and PHP 7.3 once again looks like a promising and useful update.

    My 2 eurocents.

    --
    We suffer more in our imagination than in reality. - Seneca
    1. Re:PHP == the webs SSI workhorse by Anonymous Coward · · Score: 0

      the only domain specific language in widespread use that has a proven record of delivering

      What about ASP? Classic ASP is still supported and retains the document-style model. Not so say there aren't "better" ways of coding apps now but for quick and dirty it works.

    2. Re:PHP == the webs SSI workhorse by Anonymous Coward · · Score: 0

      But why documents style/templating mode? MVC is better, and RESTful is even better, as both decouple the logic from view which making maintenance easier, and the latter agnostic to web and mobile apps

    3. Re:PHP == the webs SSI workhorse by Anonymous Coward · · Score: 0

      PHP doesn't memory leak, it simply timeouts.

      But with the new inline C feature, it will now.

    4. Re:PHP == the webs SSI workhorse by RuiFRibeiro · · Score: 1

      I had an ISP gigs a decade ago...supposedly to fix their servers, or so they said. It seems also their customer provision app was pretty much brain damaged.
      In no time to learn PHP properly, and doing yet another expected role in the project, I just designed the web pages in some graphical too in my Mac, and wrote all the web frontend for Apache and backend in C+MySQL.
      It worked pretty well, and it was fast, and it has been working until now.
      Ironically, I can pretty much migrate that system without worrying about incompatibilities about the API/calls I used...

    5. Re:PHP == the webs SSI workhorse by Anonymous Coward · · Score: 0

      asp is garbage, period

  9. So FFI, or inline foreign code? by K.+S.+Kyosuke · · Score: 1

    Foreign Function Interface (FFI), allowing programmers to write inline C code inside PHP scripts.

    It's not FFI that allows to write inline code. With an FFI, you can access foreign object code. So which one is it? Does it have an FFI, or inline foreign code?

    --
    Ezekiel 23:20
    1. Re:So FFI, or inline foreign code? by Anonymous Coward · · Score: 0

      Foreign Function Interface (FFI), allowing programmers to write inline C code inside PHP scripts.

      It's not FFI that allows to write inline code. With an FFI, you can access foreign object code. So which one is it? Does it have an FFI, or inline foreign code?

      Well, you see, actually it has a great big níggerdick in your fucking mouth shooting jism all up in there. Thank you for your inquiry.