All the Easter Eggs in PHP

Published On2022-09-30

All the Easter Eggs in PHP

PHP used to pack quite a few Easter Eggs back in the day. Until PHP 5.5, calling a URL with a special string returned various bits of PHP information and images such as the PHP logo, credits, Zend Engine logo, and a quirky PHP Easter Egg logo.

  • https://example.com/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP Logo
  • https://example.com/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP Credits
  • https://example.com/?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: Zend Engine logo
  • https://example.com/?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP Logo Easter Egg

In addition to the special URLs, Colin Viebrock made a change back in 2000 so that the standard PHP logo shown in the phpinfo() output changes to the Easter Egg logo only on April 1st.

Calling PHP web site URLs with query parameters above revealed a lot of information about the PHP version the sites were running, opening information disclosure vulnerabilities unless the sites were configured with expose_php=off PHP INI directive. There were hundreds of questions on StackOverflow and hundreds of blog posts and articles on turning off these URLs. The unexpected outcome of this was that attackers could target PHP web sites en-masse by snooping on the exact PHP version web sites use.

These magic URLs were removed in PHP 5.5 and those special URLs no longer have any special functionality. However, even to this date, PHP continues its last Easter Egg in its phpinfo() page.

In phpinfo() output, there is a special PHP logo visible only on April 1st.

phpinfo() pages reveal a lot of information about the PHP setup, and should not be visible outside visitors of a web site. The last of PHP Easter Eggs are placed in the Top right logo section of the phpinfo() HTML output.


Normal phpinfo header
Standard phpinfo PHP logo header

Normal phpinfo header
PHP Logo with an ElePHPant only on April 1st


The April 1st PHP logo shown above has not always been the same. Occasionally, PHP developers change the logo with a new fun and quirky logo.

Here are all the Easter Egg logos PHP had from the beginning:

Logo PHP Version Description
PHP 4.2 Easter Egg Logo PHP 4.0 Thies C. Arntzen
PHP 4.0 Easter Egg Logo PHP 4.3 Stig Bakken's dog named "Nadia"
PHP 5.0 Easter Egg Logo PHP 4.4 Zeev Surask's dog named "Scotch"
PHP 5.4 Easter Egg Logo PHP 5.1
PHP 5.5 Easter Egg Logo PHP 5.3
PHP 5.6 Easter Egg Logo PHP 5.6
PHP 7 Easter Egg Logo PHP 7.0 to 7.4 Featuring a PHP 7 ElePHPant, by Andrea Faulds
PHP 8 Easter Egg Logo PHP 8.0 to current Featuring InPHPinity, by Noriko Yamamoto

Expires: Thu, 19 Nov 1981 08:52:00 GMT

PHP's session extension sends an Expires HTTP header with value Thu, 19 Nov 1981 08:52:00 GMT when the session cookie expiration date needs to be in the past (which essentially invalidates the cookie).

This seemingly random number is actually the birthday of Sascha Schumann, who worked on that part of the code at the time.

Recent Articles on PHP.Watch

All ArticlesFeed 
How to install/upgrade PHP 8.2 on Debian and Ubuntu systems

How to install/upgrade PHP 8.2 on Debian and Ubuntu systems

A detailed and a quick-start guide on installing and upgrading PHP 8.2 on Debian and Ubuntu systems
Laragon: Simple, Flexible, and Modern Development Server Environment for Windows

Laragon: Simple, Flexible, and Modern Development Server Environment for Windows

Laragon is a modern, simple, and flexible Windows Development Environment that provides support for multiple PHP, Apache, and MySQL versions, with quick HTTPS setup, Quick-app templates, Composer, npm, and more
Testing Randomness of PHP Random Number Functions

Testing Randomness of PHP Random Number Functions

Visualizing and testing various Random Number Generators available in PHP.
Subscribe to PHP.Watch newsletter for monthly updates

You will receive an email on last Wednesday of every month and on major PHP releases with new articles related to PHP, upcoming changes, new features and what's changing in the language. No marketing emails, no selling of your contacts, no click-tracking, and one-click instant unsubscribe from any email you receive.