Tag Archives: PHP

Updates Coming in PHP 8.5: What to Expect from the Next Iteration

PHP continues to evolve with every release, bringing in new features, performance improvements, and syntactic sugar that modern developers have come to appreciate. As we look toward PHP 8.5, currently in active development with an anticipated release in November 2025, let’s explore some of the exciting updates and changes coming our way.

1. Improved Performance with JIT Enhancements

The Just-In-Time (JIT) compiler introduced in PHP 8 has been gradually refined, and PHP 8.5 is expected to bring further performance optimizations. While not every PHP application sees a dramatic boost from JIT, computationally heavy tasks—like those in scientific or data-heavy applications—stand to benefit more with the latest refinements.

2. Readonly Classes

After the success of readonly properties in PHP 8.1, PHP 8.5 introduces readonly classes. Declaring an entire class as readonly means all properties in the class are implicitly readonly, reducing boilerplate and improving code clarity.

readonly class Config {
    public string $appName;
    public string $version;

    public function __construct(string $appName, string $version) {
        $this->appName = $appName;
        $this->version = $version;
    }
}

3. Asynchronous Signal Handling

PHP 8.5 is expected to support better asynchronous signal handling—especially useful for long-running CLI scripts. This allows developers to trap OS-level signals like SIGINT or SIGTERM and handle graceful shutdowns or restarts more effectively.


pcntl_async_signals(true);

pcntl_signal(SIGINT, function() {
    echo "Gracefully stopping...\n";
    exit;
});

4. Better Type Safety with Explicit Variance

PHP 8.5 is likely to enforce and clarify variance rules (covariance and contravariance) for parameters and return types. This will enhance type safety in inheritance chains and interfaces, helping catch more issues at development time rather than runtime.

5. New Functions and Enhancements

Several new built-in functions and improvements to existing ones are expected. While the exact list is still being finalized, the community has proposed:

  • str_starts_one_of() and str_ends_one_of() for multiple prefix/suffix checks.

  • Better DateTime support for time zones and intervals.

  • Enhanced array utility functions like array_partition().

6. Better Error Messages

Following the trend started in PHP 8.0, PHP 8.5 is expected to continue refining error messages to be more descriptive, especially in areas like type mismatches, undefined variables, and deprecated feature usage. This should help developers debug faster and write more robust code.

7. Deprecations and Backward Compatibility

As with every major update, a few older features may be deprecated. Some possibilities include:

  • Legacy INI settings being removed.

  • Deprecated functions from earlier PHP versions becoming unavailable.

  • Warnings for dynamic property creation without explicit declaration.

It’s important to start testing your codebase with pre-release versions of PHP 8.5 to catch any compatibility issues early.

Final Thoughts

PHP 8.5 may not be as revolutionary as PHP 8.0, but it’s shaping up to be a solid evolutionary step. With performance tweaks, better syntax, and enhanced developer ergonomics, it’s another sign of PHP’s active development and vibrant ecosystem.

To stay ahead, keep your environment updated, follow RFCs, and test early with RC builds. The future of PHP continues to look bright—and PHP 8.5 is a great step forward.

Tips for Preventing WordPress Websites from Hackers

WordPress is one of the most popular content management systems (CMS) used for building websites. While its popularity brings numerous advantages, it also makes WordPress websites a prime target for hackers. However, with the right security measures in place, you can significantly reduce the risk of your WordPress website falling victim to cyberattacks. In this article, we will explore essential tips for preventing hackers from compromising your WordPress website’s security.

1. Keep WordPress Updated:

Regularly updating your WordPress installation, themes, and plugins is crucial for maintaining a secure website. Updates often include security patches that address vulnerabilities discovered in previous versions. Enable automatic updates or regularly check for available updates in your WordPress dashboard.

2. Use Strong and Unique Passwords:

Creating strong, unique passwords is a fundamental aspect of website security. Avoid using common passwords or easily guessable combinations. Utilize a combination of uppercase and lowercase letters, numbers, and special characters. Consider using a password manager to securely store your passwords.

3. Limit Login Attempts:

Hackers often use brute-force attacks to gain access to WordPress websites by repeatedly attempting different username and password combinations. Implement a plugin or security feature that limits login attempts and blocks IP addresses after a certain number of failed login attempts.

4. Implement Two-Factor Authentication (2FA):

Enabling two-factor authentication adds an extra layer of security to your WordPress website. With 2FA, users are required to provide a second verification method, such as a temporary code sent to their mobile device, in addition to their password.

5. Choose Reliable Themes and Plugins:

Only download themes and plugins from reputable sources, such as the official WordPress repository or trusted developers. Regularly update your themes and plugins to ensure you have the latest security patches. Remove any unused or outdated themes and plugins, as they can be potential entry points for hackers.

6. Secure Your wp-config.php File:

The wp-config.php file contains sensitive information, including your database credentials. Move this file to a higher level directory than the default location or use security plugins to protect it from unauthorized access.

7. Implement a Web Application Firewall (WAF):

A web application firewall acts as a barrier between your website and potential threats. It filters out malicious traffic, detects and blocks suspicious activities, and provides an extra layer of protection against common attack vectors.

8. Regularly Backup Your Website:

Perform regular backups of your WordPress website to ensure you can quickly restore it in case of a security breach or any other unexpected event. Store backups on secure offsite locations or use trusted backup plugins.

9. Secure File Permissions:

Set appropriate file permissions for your WordPress files and directories. Restrict write access to essential files and folders, as excessive permissions can make it easier for hackers to modify critical files.

10. Use a Security Plugin:

Install a reliable security plugin specifically designed for WordPress. These plugins offer a wide range of security features, such as malware scanning, firewall protection, and login protection.

Conclusion:

Protecting your WordPress website from hackers requires a proactive approach to security. By following these essential tips, you can significantly reduce the risk of your website being compromised. Remember to stay vigilant, keep your website and its components up to date, and implement multiple layers of security. With the right precautions in place, you can safeguard your WordPress website and provide a secure experience for your visitors.

Run short-codes from a custom field

By default, WordPress treats the contents of custom fields as plain text and does not execute any shortcodes that may be included within them. This means that if you have a custom field containing a shortcode, such as `[shortcode] VALUE [/shortcode]`, the shortcode itself will not be processed, and the entire text, including the HTML tags, will be displayed as is.

To overcome this limitation and enable the execution of shortcodes within custom fields, you can use a code snippet in your template files. Here’s an elaboration of the process:

  1. Retrieve the custom field value: In your template file, you need to retrieve the value of the custom field using the appropriate WordPress function, such as `get_post_meta()` or `get_field()`, depending on whether you are using native custom fields or a plugin like Advanced Custom Fields.
  2. Process the content: Once you have obtained the custom field value, you can use the `do_shortcode()` function provided by WordPress to process and execute any shortcodes within the content. This function takes the custom field value as its parameter and returns the processed output.
  3. Display the processed content: Finally, you can echo or display the processed content on your website using the `echo` or `print` statements.

Here’s an example code snippet that demonstrates the process:


    $customFieldValue = get_post_meta(get_the_ID(), 'your_custom_field_name', true);
    $processedContent = do_shortcode($customFieldValue);
    echo $processedContent;

In the above code, `get_post_meta()` retrieves the value of the custom field with the specified name (`your_custom_field_name`), `do_shortcode()` processes the content, and `echo` displays the processed content on your website.

By using this snippet, you can run shortcodes from custom fields and have them executed properly, allowing you to incorporate dynamic functionality and display the desired output.

Calculate fortnight date using PHP

The following code will calculate a recurring fortnightly date from a given date, i.e. a star-date using PHP. The date format should be ‘Y-m-d’ for the following code. However, you can make updates in it as per requirements.

For example: The start date for the fortnight cycle date was set to be as “2018-01-10”. Then, as per current cycle, next will be Start Date: 2018-01-10 | Next Date: 2023-05-23.


    <?php /* Fortnight Calculation in JavaScript */ function getFortNightString(sDate) { var param = []; var objDate = new Date(); param.todayDate = objDate.getFullYear() + '-' + ("0" + (objDate.getMonth() + 1)).slice(-2) + '-' + ("0" + (objDate.getDate())).slice(-2); param.todayDate = new Date(param.todayDate).getTime(); param.sDate = new Date(sDate).getTime(); param.timeDiff = Math.abs(param.todayDate - param.sDate); param.diffDays = Math.ceil(param.timeDiff / (1000 * 3600 * 24)); if (param.diffDays > 0 && param.sDate > param.todayDate) {
            param.diffDays = (14 + (param.diffDays % 14));
        } else {
            param.diffDays = (14 - (param.diffDays % 14));
        }

        param.dayCount = param.diffDays - 1;
        objDate.setDate(objDate.getDate() + param.dayCount);
        objDate = objDate.getFullYear() + '-' + ("0" + (objDate.getMonth() + 1)).slice(-2) + '-' + ("0" + (objDate.getDate())).slice(-2);
        return " Start Date: " + sDate + " | Next Date: " + objDate;
    }

    
    /* Fortnight Calculation in PHP */    
    $sDate = "2018-02-05";
    $sDate = date_create($sDate);
    $today = date_create(date("Y-m-d")); // or your date as well
    $dateDiff = date_diff($sDate, $today)->format("%a");

    if($dateDiff > 0 && $sDate > $today){
        $dateDiff = (14 + ($dateDiff % 14));
    }else{
        $dateDiff = (14 - ($dateDiff % 14));
    }

    $dateDiff--;
    echo date('Y-m-d', strtotime("$dateDiff day", strtotime(date('Y-m-d'))));