PHP 5.4: Major Features

PHP 5.4 adds horizontal reuse via traits, makes arrays lighter with [], lets you dereference function return values immediately, brings $this into closures, ships a built-in CLI web server for development, and introduces a callable type hint for interoperability. It is also a cleanup release: magic quotes, register_globals, and safe_mode are removed—the biggest security footguns of the PHP 4 era are gone, which breaks legacy apps that relied on them.

Use migration54 as the table of contents for new features, BC breaks, and deprecations.

Table of Contents

• Traits
• Short array syntax []
• Callable type hint
• $this in closures
• Built-in web server
• Other syntax (binary literals, traits & use)
• Practical recipes
• Backward incompatible changes
• Deprecated
• Other notes

---

Traits

Traits mix reusable method groups into classes without classical multiple inheritance:

trait Timestampable
{
    public function touch(): void
    {
        $this->updatedAt = new \DateTime();
    }
}

class Post
{
    use Timestampable;
}

Resolve conflicts with insteadof and as per the manual.

Short array syntax []

$rows = [['id' => 1], ['id' => 2]];

Old array(...) remains valid; pick one style per codebase for consistency.

Callable type hint

function registerHandler(callable $fn): void {}

Accepts function names, [$obj, 'method'], closures, etc.—see is_callable() rules.

$this in closures

Closures defined inside object scope can bind $this automatically when created in object context—simplifies callbacks that need the current instance.

Built-in web server

php -S localhost:8080 -t public/

Not for production—routing, timeouts, and security are your responsibility—but ideal for local demos and integration tests.

Other syntax (binary literals, traits & use)

• Binary integer literals: 0b101010.
• Function array dereferencing: foo()[0] works without a temp variable.
• Trait adaptation keywords as above.

Practical recipes

Replace superglobals reliance

If code expected register_globals, explicitly $_GET / $_POST / $_REQUEST and validate—there is no automatic variable import anymore.

Kill magic quotes

Strip any stripslashes() “fixes” added for magic quotes; input is now raw as it should be.

Backward incompatible changes

Critical (details: migration54 incompatible):

• magic_quotes_gpc and related INI removed—SQL escaping must use prepared statements or explicit escaping.
• register_globals removed—attack surface and implicit variables gone; refactor includes and configs.
• safe_mode removed—use OS-level permissions and sane deployment.
• break/continue no longer accept variable arguments in the same way in all contexts—audit loops that relied on quirky behavior.
• mysql extension deprecated (removed in PHP 7)—move to mysqli or PDO.
• Short open tag <?: still tied to short_open_tag INI—do not assume <?= is always available on shared hosts (though <?= became always-on later in PHP 5.4 for templates in many builds—verify your distribution).

Deprecated

• mysql_* functions—plan migration.
• split()—use preg_split() or explode().
• mcrypt generic deprecation path begins—long-term prefer openssl (and later Sodium in PHP 7.2+).

See migration54 deprecated.

Other notes

• Session handling and serialization saw fixes—retest “remember me” and flash message flows.
• Intl and OPcache (when enabled later in your stack) pair well with traits for cleaner i18n and performance work.

---

Closing thoughts

PHP 5.4 rewards refactoring: traits and [] improve readability, while removed globals/magic quotes force healthier input handling—exactly what you want before adopting generators and password APIs in 5.5 and variadics in 5.6.