Class properties now support type declarations. ]]> The above example will enforce that $user->id can only be assigned int values and $user->name can only be assigned string values. Arrow functions provide a shorthand syntax for defining functions with implicit by-value scope binding. $n * $factor, [1, 2, 3, 4]); // $nums = array(10, 20, 30, 40); ?> ]]> The following code will now work: ]]> Full variance support is only available if autoloading is used. Inside a single file only non-cyclic type references are possible, because all classes need to be available before they are referenced. ]]> ]]> Numeric literals can contain underscores between digits. ]]> Weak references allow the programmer to retain a reference to an object that does not prevent the object from being destroyed. Throwing exceptions from __toString() is now permitted. Previously this resulted in a fatal error. Existing recoverable fatal errors in string conversions have been converted to Error exceptions. CURLFile now supports stream wrappers in addition to plain file names, if the extension has been built against libcurl >= 7.56.0. The FILTER_VALIDATE_FLOAT filter now supports the min_range and max_range options, with the same semantics as FILTER_VALIDATE_INT. FFI is a new extension, which provides a simple way to call native functions, access native variables, and create/access data structures defined in C libraries. Added the IMG_FILTER_SCATTER image filter to apply a scatter filter to images. Added crc32c hash using Castagnoli's polynomial. This CRC32 variant is used by storage systems, such as iSCSI, SCTP, Btrfs and ext4. Added the mb_str_split function, which provides the same functionality as str_split, but operating on code points rather than bytes. Support for preloading code has been added. The preg_replace_callback and preg_replace_callback_array functions now accept an additional flags argument, with support for the PREG_OFFSET_CAPTURE and PREG_UNMATCHED_AS_NULL flags. This influences the format of the matches array passed to the callback function. The username and password can now be specified as part of the PDO DSN for the mysql, mssql, sybase, dblib, firebird and oci drivers. Previously this was only supported by the pgsql driver. If a username/password is specified both in the constructor and the DSN, the constructor takes precedence. It is now possible to escape question marks in SQL queries to avoid them being interpreted as parameter placeholders. Writing ?? allows sending a single question mark to the database and e.g. use the PostgreSQL JSON key exists (?) operator. PDOStatement::getColumnMeta is now available. PDOStatement::getAttribute(PDO::SQLITE_ATTR_READONLY_STATEMENT) allows checking whether the statement is read-only, i.e. if it doesn't modify the database. PDO::setAttribute(PDO::SQLITE_ATTR_EXTENDED_RESULT_CODES, true) enables the use of SQLite3 extended result codes in PDO::errorInfo and PDOStatement::errorInfo. Added SQLite3::lastExtendedErrorCode to fetch the last extended result code. Added SQLite3::enableExtendedResultCodes($enable = true), which will make SQLite3::lastErrorCode return extended result codes. strip_tags now also accepts an array of allowed tags: instead of strip_tags($str, '<a><p>') you can now write strip_tags($str, ['a', 'p']). A new mechanism for custom object serialization has been added, which uses two new magic methods: __serialize and __unserialize. ]]> The new serialization mechanism supersedes the Serializable interface, which will be deprecated in the future. array_merge and array_merge_recursive may now be called without any arguments, in which case they will return an empty array. This is useful in conjunction with the spread operator, e.g. array_merge(...$arrays). proc_open now accepts an array instead of a string for the command. In this case the process will be opened directly (without going through a shell) and PHP will take care of any necessary argument escaping. ]]> proc_open now supports redirect and null descriptors. &1 on the shell proc_open($cmd, [1 => ['pipe', 'w'], 2 => ['redirect', 1]], $pipes); // Like 2>/dev/null or 2>nul on the shell proc_open($cmd, [1 => ['pipe', 'w'], 2 => ['null']], $pipes); ?> ]]> password_hash now has the argon2i and argon2id implementations from the sodium extension when PHP is built without libargon.