Why do I need `fclose` after writing to a file in PHP?

Question

Why do I need to finish by using the fclose($handle) function after writing to a file using php? Doesn\'t the program automatically do this when it ends?

Answer 1

There are also security implications to leaving file descriptors open: http://cwe.mitre.org/data/definitions/403.html

Your program might execute a program with different privilege levels, and a leaked file descriptor may allow private information to cross a boundary between processes of two different trust levels:

http://osvdb.org/7559
CVE-2006-5397
CVE-2007-5159
CVE-2008-3914

The fun thing with security bugs is that it might be perfectly safe when you write the initial function, but a year or two later might become unsafe due to an innocent-looking change.