PHP 7.3.5

PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML.

24.2 MB
4.4 51 votes

PHP is an open source general-purpose server-side scripting language originally designed for Web development to produce dynamic Web pages. It is one of the first developed server-side scripting languages to be embedded into an HTML source document rather than calling an external file to process data. The code is interpreted by a Web server with a PHP processor module which generates the resulting Web page. It also has evolved to include a command-line interface capability and can be used in standalone graphical applications.

If you are new to PHP and want to get some idea of how it works, try the introductory tutorial.

After that, check out the online manual.

What's New:


  • Fixed bug #77589 (Core dump using parse_ini_string with numeric sections).
  • Fixed bug #77329 (Buffer Overflow via overly long Error Messages).
  • Fixed bug #77494 (Disabling class causes segfault on member access).
  • Fixed bug #77498 (Custom extension Segmentation fault when declare static property).
  • Fixed bug #77530 (PHP crashes when parsing `(2)::class`).
  • Fixed bug #77546 (iptcembed broken function).
  • Fixed bug #77630 (rename() across the device may allow unwanted access during processing).


  • Fixed bug #77621 (Already defined constants are not properly reported).
  • Fixed bug #77626 (Persistence confusion in php_com_import_typelib()).


  • Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF).
  • Fixed bug #77540 (Invalid Read on exif_process_SOFn).
  • Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE).
  • Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE).


  • Fixed bug #77514 (mb_ereg_replace() with trailing backslash adds null byte).


  • Disabled LOCAL INFILE by default, can be enabled using php.ini directive mysqli.allow_local_infile for mysqli, or PDO::MYSQL_ATTR_LOCAL_INFILE attribute for pdo_mysql.


  • Fixed bug #77390 (feof might hang on TLS streams in case of fragmented TLS records).


  • Support Oracle Database tracing attributes ACTION, MODULE, CLIENT_INFO, and CLIENT_IDENTIFIER.


  • Fixed bug #77396 (Null Pointer Dereference in phar_create_or_parse_filename).
  • Fixed bug #77586 (phar_tar_writeheaders_int() buffer overflow).


  • Fixed bug #76596 (phpdbg support for display_errors=stderr).


  • Fixed bug #51068 (DirectoryIterator glob:// don't support current path relative queries).
  • Fixed bug #77431 (openFile() silently truncates after a null byte).


  • Fixed bug #77552 (Unintialized php_stream_statbuf in stat functions).
  • Fixed bug #77612 (setcookie() sets incorrect SameSite header if all of its options filled).

Previous versions: