PHP是一种新型的CGI程序编写语言,易学易用,运行速度快,可以方便快捷地编写出功能强大,运行速度快,并可同时运行于 Windows、Unix、Linux平台的Web后台程序,内置了对文件上传、密码认证、Cookies操作、邮件收发、动态GIF生成等功能,PHP 直接为很多数据库提供原本的连接,包括Oracle、Sybase、Postgres、Mysql、Informix、Dbase、Solid、 Access等,完全支持ODBC接口,用户更换平台时,无需变换PHP代码,可即拿即用.

　　Version 5.2.5

　　08-November-2007

　　* Security Fixes

　　o Fixed dl() to only accept filenames. reported by Laurent Gaffie.

　　o Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).

　　o Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences.

　　o Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie.

　　o Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications reported by SecurityReason.

　　o Fixed bug #42869 (automatic session id insertion adds sessions id to non-local forms).

　　o Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()).

　　* Upgraded PCRE to version 7.3 (Nuno)

　　* Added optional parameter $provide_object to debug_backtrace(). (Sebastian)

　　* Added alpha support for imagefilter() IMG_FILTER_COLORIZE. (Pierre)

　　* Added ability to control memory consumption between request using ZEND_MM_COMPACT environment variable. (Dmitry)

　　* Improved speed of array_intersect_key(), array_intersect_assoc(), array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and array_udiff_assoc(). (Dmitry)

　　* Fixed move_uploaded_file() to always set file permissions of resulting file according to UMASK. (Andrew Sitnikov)

　　* Fixed possible crash in ext/soap because of uninitialized value. (Zdash Urf)

　　* Fixed regression in glob() when enforcing safe_mode/open_basedir checks on paths containing '*'. (Ilia)

　　* Fixed PDO crash when driver returns empty LOB stream. (Stas)

　　* Fixed iconv_*() functions to limit argument sizes as workaround to libc bug (CVE-2007-4783, CVE-2007-4840 by Laurent Gaffie). (Christian Hoffmann, Stas)

　　* Fixed missing brackets leading to build warning and error in the log. Win32 code. (Andrey)

　　* Fixed leaks with multiple connects on one mysqli object. (Andrey)

　　* Fixed endianness detection on MacOS when building universal binary. (Uwe Schindler, Christian Speich, Tony)

　　* Fixed imagerectangle regression with 1x1 rectangle (libgd #106). (Pierre)

　　* Fixed bug #43196 (array_intersect_assoc() crashes with non-array input). (Jani)

　　* Fixed bug #43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with fetchAll()). (Ilia)

　　* Fixed bug #43137 (rmdir() and rename() do not clear statcache). (Jani)

　　* Fixed bug #43130 (Bound parameters cannot have - in their name). (Ilia)

　　* Fixed bug #43099 (XMLWriter::endElement() does not check # of params). (Ilia)

　　* Fixed bug #43020 (Warning message is missing with shuffle() and more than one argument). (Scott)

　　* Fixed bug #42976 (Crash when constructor for newInstance() or newInstanceArgs() fails) (Ilia)

　　* Fixed bug #42943 (ext/mssql: Move *timeout initialization from RINIT to connect time). (Ilia)

　　* Fixed bug #42917 (PDO::FETCH_KEY_PAIR doesn't work with setFetchMode). (Ilia)

　　* Fixed bug #42890 (Constant "LIST" defined by mysqlclient and c-client). (Andrey)

　　* Fixed bug #42818 ($foo = clone(array()); leaks memory). (Dmitry)

　　* Fixed bug #42817 (clone() on a non-object does not result in a fatal error). (Ilia)

　　* Fixed bug #42785 (json_encode() formats doubles according to locale rather then following standard syntax). (Ilia)

　　* Fixed bug #42783 (pg_insert() does not accept an empty list for insertion). (Ilia)

　　* Fixed bug #42773 (WSDL error causes HTTP 500 Response). (Dmitry)

　　* Fixed bug #42772 (Storing $this in a static var fails while handling a cast to string). (Dmitry)

　　* Fixed bug #42767 (highlight_string() truncates trailing comment). (Ilia)

　　* Fixed bug #42739 (mkdir() doesn't like a trailing slash when safe_mode is enabled). (Ilia)

　　* Fixed bug #42703 (Exception raised in an iterator::current() causes segfault in FilterIterator) (Marcus)

　　* Fixed bug #42699 (PHP_SELF duplicates path). (Dmitry)

　　* Fixed bug #42654 (RecursiveIteratorIterator modifies only part of leaves) (Marcus)

　　* Fixed bug #42643 (CLI segfaults if using ATTR_PERSISTENT). (Ilia)

　　* Fixed bug #42637 (SoapFault : Only http and https are allowed). (Bill Moran)

　　* Fixed bug #42629 (Dynamically loaded PHP extensions need symbols exported on MacOSX). (jdolecek at NetBSD dot org)

　　* Fixed bug #42627 (bz2 extension fails to build with -fno-common). (dolecek at netbsd dot org)

　　* Fixed bug #42596 (session.save_path MODE option does not work). (Ilia)

　　* Fixed bug #42590 (Make the engine recognize \v and \f escape sequences). (Ilia)

　　* Fixed bug #42587 (behavior change regarding symlinked .php files). (Dmitry)

　　* Fixed bug #42579 (apache_reset_timeout() does not exist). (Jani)

　　* Fixed bug #42549 (ext/mysql failed to compile with libmysql 3.23). (Scott)

　　* Fixed bug #42523 (PHP_SELF duplicates path). (Dmitry)

　　* Fixed bug #42512 (ip2long('255.255.255.255') should return 4294967295 on 64-bit PHP). (Derick)

　　* Fixed bug #42506 (php_pgsql_convert() timezone parse bug) (nonunnet at gmail dot com, Ilia)

　　* Fixed bug #42462 (Segmentation when trying to set an attribute in a DOMElement). (Rob)

　　* Fixed bug #42453 (CGI SAPI does not shut down cleanly with -i/-m/-v cmdline options). (Dmitry)

　　* Fixed bug #42452 (PDO classes do not expose Reflection API information). (Hannes)

　　* Fixed bug #42468 (Write lock on file_get_contents fails when using a compression stream). (Ilia)

　　* Fixed bug #42488 (SoapServer reports an encoding error and the error itself breaks). (Dmitry)

　　* Fixed bug #42378 (mysqli_stmt_bind_result memory exhaustion). (Andrey)

　　* Fixed bug #42359 (xsd:list type not parsed). (Dmitry)

　　* Fixed bug #42326 (SoapServer crash). (Dmitry)

　　* Fixed bug #42214 (SoapServer sends clients internal PHP errors). (Dmitry)

　　* Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime values). (Ilia)

　　* Fixed bug #42139 (XMLReader option constants are broken using XML()). (Rob)

　　* Fixed bug #42086 (SoapServer return Procedure '' not present for WSIBasic compliant wsdl). (Dmitry)

　　* Fixed bug #41822 (Relative includes broken when getcwd() fails). (Ab5602, Jani)

　　* Fixed bug #39651 (proc_open() append mode doesn't work on windows). (Nuno)