Last checked and updated on 10 Jun 2026
What Is New in PHP 5.4
PHP 5.4 delivers a significant upgrade with a focus on modern language features, performance, and security. The update removes several legacy items to streamline the language. Here's a quick overview of the key changes.
| Category | Key Changes |
|---|---|
| New Features | Traits, Short Array Syntax, Function array dereferencing, Built-in web server |
| Improvements | Improved performance, reduced memory footprint, support |
| Deprecated/Removed | Safe mode, register_globals, magic_quotes, break/continue $var syntax |
| Security | Default charset, Session upload progress, default change |
What new syntax features were introduced?
PHP 5.4 added several syntax enhancements that make code more concise and expressive. The most notable is support for traits, which enable horizontal code reuse.
You can now use the short array syntax, which is cleaner than the traditional array() construct. Function array dereferencing allows you to directly access array elements returned from a function call.
Code Examples
// Traits
trait Greeter {
public function hello() { return "Hello"; }
}
class MyClass {
use Greeter;
}
// Short array syntax
$newArray = [1, 2, 3];
// Function array dereferencing
function getArray() { return [1, 2, 3]; }
echo getArray()[0]; // outputs 1
How did performance improve in this release?
The engine received optimizations that significantly reduce memory consumption and improve performance. In practice, this means applications can handle more traffic with the same hardware.
These improvements are due to internal refactoring and optimizations within the Zend Engine. The memory savings are especially noticeable in large, long-running applications.
What security-related changes were made?
Several legacy features known for causing security issues were completely removed. The default charset for the htmlspecialchars() and htmlentities() functions is now UTF-8.
Session upload progress provides a way to track file uploads without relying on external extensions. This matters because it simplifies implementing progress bars for uploads.
// Session upload progress tracking
<form action="upload.php" method="POST" enctype="multipart/form-data">
<input type="hidden" name="" value="123">
<input type="file" name="file1">
<input type="submit">
</form>
What was removed or deprecated?
PHP 5.4 removed several infamous features that were long deprecated. Safe mode, register_globals, and magic_quotes are completely gone, which is a win for code clarity and security.
The ability to pass a variable to break and continue statements was also removed. This cleanup helps prevent ambiguous code and potential bugs.
- Safe mode removed
- register_globals removed
- magic_quotes removed
break $varandcontinue $varsyntax removed
Is there a built-in web server?
Yes, PHP 5.4 includes a built-in CLI web server for development and testing purposes. This is incredibly useful for quick testing without needing to configure a full Apache or Nginx setup.
You can start it from the command line by navigating to your project directory and running a simple command. It supports basic routing and static file serving.
# Start the built-in web server
php -S localhost:8000
# With a router script
php -S localhost:8000 router.php
FAQ
What are traits and when should I use them?
Traits are a mechanism for code reuse that avoids the limitations of single inheritance. Use them when you need to share methods across several classes that don't belong in the same class hierarchy.
Why was the short array syntax added?
The short syntax [] was added for consistency with other languages like JavaScript and because it's less verbose than array(). It makes code cleaner, especially for nested arrays.
Is the built-in web server production-ready?
No, the CLI web server is strictly for development use. It's not designed to handle the security or performance requirements of a production environment.
What should I use instead of magic_quotes?
You should use proper context-aware escaping functions. For HTML output, use htmlspecialchars(). For database queries, use prepared statements with PDO or MySQLi.
How much performance improvement can I expect?
Benchmarks showed up to 20% reduction in memory usage and improved performance on many applications. The exact improvement depends on your specific codebase and workload.