Wim Godden, profile picture
Uploaded byWim Godden
23,157 views

The why and how of moving to PHP 5.5/5.6

The document discusses the reasons and methods for upgrading to PHP versions 5.5 and 5.6, highlighting new features, performance improvements, and the importance of compatibility. It emphasizes the necessity for developers to consider modernization due to security vulnerabilities and the end-of-life status of older PHP versions. Additionally, it provides information on automated tools for detecting compatibility issues during the upgrade process.

Technology
Related topics:
Test Automation Tools

Embed presentation

Download as PPTX
The Why and How of moving to PHP 5.5/5.6
Who am I ? Wim Godden (@wimgtr) Founder of Cu.be Solutions (http://cu.be) Open Source developer since 1997 Developer of OpenX, PHPCompatibility, PHPConsistent, ... Speaker at Open Source conferences
Why vs How Part 1 : why upgrade ? Bad reasons : It's cool to have the latest version Annoy sysadmins Oh cool, a new toy ! Part 2 : how to upgrade ? The nightmare of compatibility The joy of automation No miracles here !
Show of hands 3 / 4 5.0 5.1 5.2 5.3 5.4 5.5 5.6 6.0 7.0
The numbers W3Techs (http://w3techs.com/technologies/details/pl-php/all/all) Now Nov 2013 Aug 2013 May 2013 PHP 4 : 1.8% 2.7% 2.9% 2.7% PHP 5 : 98.2% 97.3% 97.1% 97.3% 5.0 : < 0.1% 0.1% 0.1% 0.1% 5.1 : 1.2% 2.0% 2.2% 2.6% 5.2 : 19.2% 37.6% 40.2% 43.5% 5.3 : 45.5% 52.0% 51.7% 49.7% 5.4 : 26.9% 7.9% 5.7% 4.1% 5.5 : 6.3% 0.5% 0.1 % < 0.1% 5.6 : 0.5% < 0.1% 5.7 : < 0.1% 5.27 : < 0.1%
5.3 quick recap Namespaces () Late static binding Closures Better garbage collection Goto Mysqlnd Performance gain
5.4 quick recap Short array syntax Function array dereferencing Traits Built-in webserver SessionHandler File upload extension Binary notation register_globals and magic_quotes_gpc removed :-) Safe mode removed :-)
5.3 – people are not even using it ! 19.2% still on PHP 5.2 No : Symfony 2 Zend Framework 2 Other frameworks that need namespaces Problematic for developers
PHP 5.5/5.6 – what's changed ? New features Performance and memory usage Improved consistency Some things removed
New things – Generators (5.5) Simple way of implementing iterators Simply put : foreach over a function Say what ?
Generators - example <?php function returnAsciiTable($start, $end) { for ($i = $start; $i <= $end; $i++) { yield $i => chr($i); } } foreach (returnAsciiTable(97, 122) as $key => $value) { echo $key . " - " . $value . "n"; } Output : 97 - a 98 - b 99 - c 100 - d 101 - e 102 - f 103 - g 104 - h 105 - i 106 - j 107 - k 108 - l 109 - m 110 - n 111 - o 112 - p 113 - q 114 - r 115 - s 116 - t 117 - u 118 - v 119 - w 120 - x 121 - y 122 - z
Finally : finally (5.5) Exception handling Until now : try {} catch() {} Now : <?php try { doSomething(); } catch (Exception $e) { echo 'Caught exception: ', $e->getMessage(), "n"; } finally { echo "We're always going here !"; }
Beware : finally + return <?php function footest() { try { return 1; } catch (Exception $e) { return 2; } finally { return 10; } } echo footest(); Will return 10 !
Password hashing (5.5) To create : $hash = password_hash($password, PASSWORD_DEFAULT); To verify : password_verify($password, $hash); Currently only supports Blowfish Also has password_needs_rehash() → check if hash was strong enough
Zend Optimizer+ (5.5) Name in PHP 5.5 : OPcache Opcode cache (like APC, Xcache, ...) APC users : no userland (variable) caching in OPcache → Use APCu
Variadic functions function sumNumbers($base, ...$params) { foreach ($params as $param) { $base += $param; } return $base; } sumNumbers(5); // returns 5 sumNumbers(5, 2); // returns 7 sumNumbers(5, 2, 3); // returns 10
Argument unpacking function add($a, $b, $c) { return $a + $b + $c; } $params = array(2, 3); echo add(5, ...$params); // returns 10
Other changes in 5.6 json_decode() strictness : true, false, null values Constant expressions : const ONE = 1; const TWO = ONE * 2; Exponent operator (**) printf("2 ** 4 == %dn", 2 ** 4); → Output = 2 ** 4 == 16 use function and use const Default charset is now UTF-8 → set in ini default_charset __debuginfo() magic method for use with var_dump() SSL/TLS security improvements (peer certificate verification, TLS renegotiation attacks, …) phpdbg : interactive debugger
Removed features in PHP 5.5 php_logo_guid() php_egg_logo_guid() php_real_logo_guid() zend_logo_guid() Windows XP and 2003 support
Removed features in PHP 5.6 $HTTP_RAW_POST_DATA and ini setting always_populate_raw_post_data iconv and mbstring encoding settings → default_charset in ini
Performance and memory usage from 5.3 to 5.6 Performance : 10 – 30% How ? Core optimizations New internal caches (functions, constants, …) Better (un)serialization Inlining often-used code paths … Reduced memory usage : up to 50% ! Big impact on large frameworks Even bigger impact on codebases such as Drupal
So... Should you upgrade today ?
Upgrade : yes / no Yes No Using removed extensions x Using removed functions x Need extra performance / reduced memory x Really need new feature x Want to use recent framework x No unit tests x No package available (.rpm, .deb, ...) x
Postponing upgrades End-Of-Life In the past : we'll see Now : minor release + 2 = out → EOL 5.5 = OUT → 5.3 = EOL 5.6 = OUT → 5.4 = EOL Critical security patches : 1 year No bugfixes Framework support Developer motivation
So you want to upgrade... Option 1 : run your unit tests Option 2 : visit each page (good luck !) + check error_log Or : record visits, then replay log on test environment Option 3 : automated static analysis
Unit tests on different PHP versions Vagrant boxes Integrate into your CI Use Travis CI (http://travis-ci.org)
Why make it so hard ? A best-case scenario... Development environment : 5.6 Production environment : 5.6 All is well, right ? End 2015 : PHP 7 arrives How can you test compatibility ? → Set up your test environment today → Even for new projects
Back in 2010... PHP Architect @ Belgian Railways 8 years of legacy code 40+ different developers 40+ projects Challenge : migrate all projects from PHP 5.1.x (on Solaris) to PHP 5.3.x (on Linux)
The idea Automate it How ? → Use the CI environment Which tool ? → PHP_CodeSniffer
PHP_CodeSniffer PEAR package (pear install PHP_CodeSniffer) Detect coding standard violations Supports multiple standards Static analysis tool → Runs without executing code → Splits code in tokens Ex. : T_OPEN_CURLY_BRACKET T_FALSE T_SEMICOLON
PHP_CodeSniffer Let's see what it looks like
PHPCompatibility New PHP_CodeSniffer standard Only purpose : find compatibility issues Detects : Deprecated functions Deprecated extensions Deprecated php.ini settings and ini_set() calls Prohibited function names, class names, … … Works for PHP 5.0 and above
PHPCompatibility – making it work Via Composer : wimg/php-compatibility From Github : Download : http://github.com/wimg/PHPCompatibility Install in <pear_dir>/PHP/CodeSniffer/Standards Run : phpcs --standard=PHPCompatibility <path>
PHPCompatibility Let's see what it looks like
Important notes Large directories → can be slow ! Use --extensions=php,phtml No point scanning .js files Static analysis Doesn't run code Can not detect every single incompatibility Provides filename and line number
The result Zend Framework 1.7 app PHP 5.2 : working fine PHP 5.3 : fail ! function goto()
Some common apps – phpBB (latest) FILE: /usr/src/phpBB3/adm/index.php -------------------------------------------------------------------------------- FOUND 0 ERROR(S) AND 2 WARNING(S) AFFECTING 1 LINE(S) -------------------------------------------------------------------------------- 48 | WARNING | INI directive 'safe_mode' is deprecated in PHP 5.3 and forbidden in PHP 5.4. 48 | WARNING | INI directive 'safe_mode' is deprecated in PHP 5.3 and forbidden in PHP 5.4. --------------------------------------------------------------------------------
Common apps - MediaWiki FILE: /usr/src/mediawiki-1.19.8/includes/GlobalFunctions.php -------------------------------------------------------------------------------- FOUND 0 ERROR(S) AND 1 WARNING(S) AFFECTING 1 LINE(S) -------------------------------------------------------------------------------- 2705 | WARNING | The use of function dl is discouraged in PHP version 5.3 and | | discouraged in PHP version 5.4 and discouraged in PHP version | | 5.5 --------------------------------------------------------------------------------
Common apps – Wordpress (latest) FILE: /usr/src/wordpress/wp-admin/includes/class-pclzip.php -------------------------------------------------------------------------------- FOUND 2 ERROR(S) AFFECTING 2 LINE(S) -------------------------------------------------------------------------------- 5340 | ERROR | The use of function set_magic_quotes_runtime is discouraged in | | PHP version 5.3 and forbidden in PHP version 5.4 and forbidden | | in PHP version 5.5 5371 | ERROR | The use of function set_magic_quotes_runtime is discouraged in | | PHP version 5.3 and forbidden in PHP version 5.4 and forbidden | | in PHP version 5.5 -------------------------------------------------------------------------------- FILE: /usr/src/wordpress/wp-includes/SimplePie/Item.php -------------------------------------------------------------------------------- FOUND 0 ERROR(S) AND 1 WARNING(S) AFFECTING 1 LINE(S) -------------------------------------------------------------------------------- 125 | WARNING | INI directive 'zend.ze1_compatibility_mode' is deprecated in | | PHP 5.3 and forbidden in PHP 5.4. -------------------------------------------------------------------------------- FILE: /usr/src/wordpress/wp-includes/wp-db.php -------------------------------------------------------------------------------- FOUND 16 ERROR(S) AFFECTING 16 LINE(S) -------------------------------------------------------------------------------- 641 | ERROR | Extension 'mysql_' is deprecated since PHP 5.5 - use mysqli | | instead. 646 | ERROR | Extension 'mysql_' is deprecated since PHP 5.5 - use mysqli | | instead.
Conclusion No 100% detection But : 95% automation = lots of time saved ! First : PHPCompatibility on local machine Then : use your CI/test environment and run unit tests Start upgrading !
Questions ?
Questions ?
We're hiring ! Looking for a challenge ? Want to do more than just code all day ? → Come visit our booth ! We've got chocolate ;-)
Thanks ! Please rate my talk at http://joind.in/13113

More Related Content

ODP
The why and how of moving to php 5.4/5.5
byWim Godden
 
PPTX
PHP 5.6 New and Deprecated Features
byMark Niebergall
 
ODP
The why and how of moving to PHP 5.4/5.5
byWim Godden
 
ODP
Is your code ready for PHP 7 ?
byWim Godden
 
ODP
The why and how of moving to php 5.4
byWim Godden
 
PDF
How to deploy node to production
bySean Hess
 
ODP
Caching and tuning fun for high scalability @ FrOSCon 2011
byWim Godden
 
ODP
Nginx and friends - putting a turbo button on your site
byWim Godden
 
The why and how of moving to php 5.4/5.5
byWim Godden
 
PHP 5.6 New and Deprecated Features
byMark Niebergall
 
The why and how of moving to PHP 5.4/5.5
byWim Godden
 
Is your code ready for PHP 7 ?
byWim Godden
 
The why and how of moving to php 5.4
byWim Godden
 
How to deploy node to production
bySean Hess
 
Caching and tuning fun for high scalability @ FrOSCon 2011
byWim Godden
 
Nginx and friends - putting a turbo button on your site
byWim Godden
 

What's hot

ODP
Php in 2013 (Web-5 2013 conference)
byjulien pauli
 
ODP
PHP5.5 is Here
byjulien pauli
 
PDF
Profiling php5 to php7
byjulien pauli
 
PDF
Mysqlnd, an unknown powerful PHP extension
byjulien pauli
 
PPT
2016年のPerl (Long version)
bycharsbar
 
PDF
PHP7 is coming
byjulien pauli
 
ODP
Beyond php - it's not (just) about the code
byWim Godden
 
PPT
The Php Life Cycle
byXinchen Hui
 
PDF
Quick tour of PHP from inside
byjulien pauli
 
KEY
Zend Framework Study@Tokyo #2
byShinya Ohyanagi
 
PDF
What you need to remember when you upload to CPAN
bycharsbar
 
PPT
typemap in Perl/XS
bycharsbar
 
PDF
An introduction to PHP 5.4
byGiovanni Derks
 
PPTX
Php 7 hhvm and co
byPierre Joye
 
PDF
Key features PHP 5.3 - 5.6
byFederico Damián Lozada Mosto
 
PPTX
PHP 7 Crash Course - php[world] 2015
byColin O'Dell
 
PDF
PHP7 - Scalar Type Hints & Return Types
byEric Poe
 
PDF
eZ Publish Caching Mechanisms
byKaliop-slide
 
ODP
PHP Tips for certification - OdW13
byjulien pauli
 
PPT
On UnQLite
bycharsbar
 
Php in 2013 (Web-5 2013 conference)
byjulien pauli
 
PHP5.5 is Here
byjulien pauli
 
Profiling php5 to php7
byjulien pauli
 
Mysqlnd, an unknown powerful PHP extension
byjulien pauli
 
2016年のPerl (Long version)
bycharsbar
 
PHP7 is coming
byjulien pauli
 
Beyond php - it's not (just) about the code
byWim Godden
 
The Php Life Cycle
byXinchen Hui
 
Quick tour of PHP from inside
byjulien pauli
 
Zend Framework Study@Tokyo #2
byShinya Ohyanagi
 
What you need to remember when you upload to CPAN
bycharsbar
 
typemap in Perl/XS
bycharsbar
 
An introduction to PHP 5.4
byGiovanni Derks
 
Php 7 hhvm and co
byPierre Joye
 
Key features PHP 5.3 - 5.6
byFederico Damián Lozada Mosto
 
PHP 7 Crash Course - php[world] 2015
byColin O'Dell
 
PHP7 - Scalar Type Hints & Return Types
byEric Poe
 
eZ Publish Caching Mechanisms
byKaliop-slide
 
PHP Tips for certification - OdW13
byjulien pauli
 
On UnQLite
bycharsbar
 

Viewers also liked

PPTX
PHP slides
byFarzad Wadia
 
PDF
PHP traits, treat or threat?
byNick Belhomme
 
PDF
Php tutorial
byNiit
 
ODP
Your app lives on the network - networking for web developers
byWim Godden
 
ODP
My app is secure... I think
byWim Godden
 
PPTX
Performance Comparison of PHP 5.6 vs. 7.0 vs HHVM
byJani Tarvainen
 
DOCX
Php
byAmrisha Sinha
 
PPT
Php basics
byhamfu
 
DOCX
RESUME (2)
byAabhishek Tuteja
 
PPTX
Engaging Students Virtually Throughout the Enrollment Cycle
byMarty Bennett
 
PPTX
Understanding Product/Market Fit
byGabor Papp
 
PDF
Go言語
byna_o_ys
 
PDF
Letter s presentatie
bycmagarry
 
PDF
Il Web E Le Reti Di Vendita
byGagliano Giuseppe
 
PPSX
Happy New Year
byMinh Anh Nguyen
 
PDF
Modified maximum tangential stress criterion for fracture behavior of zirconi...
bydentalid
 
PDF
Márkaépítés a fogyasztói kontroll korában 2.0
byIsobar Budapest
 
PPT
DALLA DELUSIONE ALLA SPERANZA
bySimone Tranquilli
 
PDF
LR KONKURENCIJOS TARYBOS (KT) 2015 m. VEIKLOS ATASKAITA
byArunas Vizickas ✔
 
DOCX
Program rada i financijski plan 2015.
bystipepetrina
 
PHP slides
byFarzad Wadia
 
PHP traits, treat or threat?
byNick Belhomme
 
Php tutorial
byNiit
 
Your app lives on the network - networking for web developers
byWim Godden
 
My app is secure... I think
byWim Godden
 
Performance Comparison of PHP 5.6 vs. 7.0 vs HHVM
byJani Tarvainen
 
Php
byAmrisha Sinha
 
Php basics
byhamfu
 
RESUME (2)
byAabhishek Tuteja
 
Engaging Students Virtually Throughout the Enrollment Cycle
byMarty Bennett
 
Understanding Product/Market Fit
byGabor Papp
 
Go言語
byna_o_ys
 
Letter s presentatie
bycmagarry
 
Il Web E Le Reti Di Vendita
byGagliano Giuseppe
 
Happy New Year
byMinh Anh Nguyen
 
Modified maximum tangential stress criterion for fracture behavior of zirconi...
bydentalid
 
Márkaépítés a fogyasztói kontroll korában 2.0
byIsobar Budapest
 
DALLA DELUSIONE ALLA SPERANZA
bySimone Tranquilli
 
LR KONKURENCIJOS TARYBOS (KT) 2015 m. VEIKLOS ATASKAITA
byArunas Vizickas ✔
 
Program rada i financijski plan 2015.
bystipepetrina
 

Similar to The why and how of moving to PHP 5.5/5.6

ODP
The why and how of moving to php 7.x
byWim Godden
 
ODP
The why and how of moving to php 7.x
byWim Godden
 
PDF
The why and how of moving to php 7
byWim Godden
 
PDF
The why and how of moving to php 8
byWim Godden
 
PPT
Php ppt
bySanmuga Nathan
 
PDF
The new features of PHP 7
byZend by Rogue Wave Software
 
PDF
The new features of PHP 7 - Enrico Zimuel - Codemotion Milan 2016
byCodemotion
 
PDF
Last train to php 7
byDamien Seguy
 
PDF
Php 5.6 From the Inside Out
byFerenc Kovács
 
PDF
Start using PHP 7
byOscar Merida
 
PDF
Php 7 compliance workshop singapore
byDamien Seguy
 
PDF
Damien seguy php 5.6
byDamien Seguy
 
PPTX
Migrating to PHP 7
byJohn Coggeshall
 
PDF
Preparing for the next PHP version (5.6)
byDamien Seguy
 
PPT
ZendCon 08 php 5.3
bywebhostingguy
 
KEY
Let's creating your own PHP (tejimaya version)
byKousuke Ebihara
 
PDF
What's new in PHP 5.5
byTom Corrigan
 
PDF
Modern PHP
bySimon Jones
 
PDF
PHP 5.4 - So what?!
byflagbit
 
PDF
PHP 5.4 - Begin your love affair with traits
byGraham Weldon
 
The why and how of moving to php 7.x
byWim Godden
 
The why and how of moving to php 7.x
byWim Godden
 
The why and how of moving to php 7
byWim Godden
 
The why and how of moving to php 8
byWim Godden
 
Php ppt
bySanmuga Nathan
 
The new features of PHP 7
byZend by Rogue Wave Software
 
The new features of PHP 7 - Enrico Zimuel - Codemotion Milan 2016
byCodemotion
 
Last train to php 7
byDamien Seguy
 
Php 5.6 From the Inside Out
byFerenc Kovács
 
Start using PHP 7
byOscar Merida
 
Php 7 compliance workshop singapore
byDamien Seguy
 
Damien seguy php 5.6
byDamien Seguy
 
Migrating to PHP 7
byJohn Coggeshall
 
Preparing for the next PHP version (5.6)
byDamien Seguy
 
ZendCon 08 php 5.3
bywebhostingguy
 
Let's creating your own PHP (tejimaya version)
byKousuke Ebihara
 
What's new in PHP 5.5
byTom Corrigan
 
Modern PHP
bySimon Jones
 
PHP 5.4 - So what?!
byflagbit
 
PHP 5.4 - Begin your love affair with traits
byGraham Weldon
 

More from Wim Godden

PDF
My app is secure... I think
byWim Godden
 
ODP
Your app lives on the network - networking for web developers
byWim Godden
 
ODP
Building interactivity with websockets
byWim Godden
 
ODP
The promise of asynchronous php
byWim Godden
 
PDF
Bringing bright ideas to life
byWim Godden
 
ODP
Practical git for developers
byWim Godden
 
ODP
My app is secure... I think
byWim Godden
 
ODP
Beyond php - it's not (just) about the code
byWim Godden
 
ODP
Beyond php - it's not (just) about the code
byWim Godden
 
PDF
Beyond php - it's not (just) about the code
byWim Godden
 
ODP
The promise of asynchronous php
byWim Godden
 
ODP
My app is secure... I think
byWim Godden
 
ODP
My app is secure... I think
byWim Godden
 
ODP
My app is secure... I think
byWim Godden
 
ODP
My app is secure... I think
byWim Godden
 
PDF
Building interactivity with websockets
byWim Godden
 
ODP
My app is secure... I think
byWim Godden
 
ODP
My app is secure... I think
byWim Godden
 
PDF
My app is secure... I think
byWim Godden
 
PDF
Bringing bright ideas to life
byWim Godden
 
My app is secure... I think
byWim Godden
 
Your app lives on the network - networking for web developers
byWim Godden
 
Building interactivity with websockets
byWim Godden
 
The promise of asynchronous php
byWim Godden
 
Bringing bright ideas to life
byWim Godden
 
Practical git for developers
byWim Godden
 
My app is secure... I think
byWim Godden
 
Beyond php - it's not (just) about the code
byWim Godden
 
Beyond php - it's not (just) about the code
byWim Godden
 
Beyond php - it's not (just) about the code
byWim Godden
 
The promise of asynchronous php
byWim Godden
 
My app is secure... I think
byWim Godden
 
My app is secure... I think
byWim Godden
 
My app is secure... I think
byWim Godden
 
My app is secure... I think
byWim Godden
 
Building interactivity with websockets
byWim Godden
 
My app is secure... I think
byWim Godden
 
My app is secure... I think
byWim Godden
 
My app is secure... I think
byWim Godden
 
Bringing bright ideas to life
byWim Godden
 

Recently uploaded

PDF
Supercharging Android Apps with On-Device AI: Gemini Nano
bydinoykraj
 
PDF
Building a Multi-Tenant OpenShift Platform with HyperShift
byTosin Akinosho
 
PDF
Supervised Machine Learning Approaches for Log-Based Anomaly Detection: A Cas...
byMohammed BEKKOUCHE
 
PDF
Build an AI/ML-driven image archive processing workflow: Image archive, analy...
bywesley chun
 
PDF
Linux Professional Institute LPIC-1 Exam.pdf
byLinuxCert Guru
 
PDF
UiPath DevConnect 2025: UiPath ScreenPlay - The Future of Human-Like Automation
byDianaGray10
 
PPTX
AI: Beyond Generative AI and LLM | Harrie de Groot (harrie.dev)
byHarrie de Groot
 
PDF
LVM Management and Disaster Recovery.pdf
byLinuxCert Guru
 
PDF
IDSECCONF2025 - Budi Rahardjo - Cyber Security and AI.pdf
byidsecconf
 
PDF
SELinux Basics: Managing SELinux Modes and Context - RHCSA+.pdf
byLinuxCert Guru
 
PDF
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
PPTX
Opening Plenary - Esri UK Welsh Conference 2025
byEsri UK
 
PDF
KMWorld - KM & AI Bring Collectivity, Nostalgia, & Selectivity
byJonathan Ralton
 
PDF
Top Crypto Supers 15th Report November 2025
byStephen Perrenod
 
PPTX
Explaining ourselves – people, computers and AI
byAlan Dix
 
PPTX
Agentic AI presentation with Python Exercises
byParth Mane
 
PDF
PMI PMBOK8 Released on November 13, 2025
byScott M. Graffius
 
PPTX
The power of Slack and MuleSoft | Bangalore MuleSoft Meetup #60
byshyamraj55
 
PPTX
Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]
byUiPathCommunity
 
PDF
AWS Cloud Technical Essentials - AWS Certificate
byVICTOR MAESTRE RAMIREZ
 
Supercharging Android Apps with On-Device AI: Gemini Nano
bydinoykraj
 
Building a Multi-Tenant OpenShift Platform with HyperShift
byTosin Akinosho
 
Supervised Machine Learning Approaches for Log-Based Anomaly Detection: A Cas...
byMohammed BEKKOUCHE
 
Build an AI/ML-driven image archive processing workflow: Image archive, analy...
bywesley chun
 
Linux Professional Institute LPIC-1 Exam.pdf
byLinuxCert Guru
 
UiPath DevConnect 2025: UiPath ScreenPlay - The Future of Human-Like Automation
byDianaGray10
 
AI: Beyond Generative AI and LLM | Harrie de Groot (harrie.dev)
byHarrie de Groot
 
LVM Management and Disaster Recovery.pdf
byLinuxCert Guru
 
IDSECCONF2025 - Budi Rahardjo - Cyber Security and AI.pdf
byidsecconf
 
SELinux Basics: Managing SELinux Modes and Context - RHCSA+.pdf
byLinuxCert Guru
 
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
Opening Plenary - Esri UK Welsh Conference 2025
byEsri UK
 
KMWorld - KM & AI Bring Collectivity, Nostalgia, & Selectivity
byJonathan Ralton
 
Top Crypto Supers 15th Report November 2025
byStephen Perrenod
 
Explaining ourselves – people, computers and AI
byAlan Dix
 
Agentic AI presentation with Python Exercises
byParth Mane
 
PMI PMBOK8 Released on November 13, 2025
byScott M. Graffius
 
The power of Slack and MuleSoft | Bangalore MuleSoft Meetup #60
byshyamraj55
 
Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]
byUiPathCommunity
 
AWS Cloud Technical Essentials - AWS Certificate
byVICTOR MAESTRE RAMIREZ
 

The why and how of moving to PHP 5.5/5.6

  • 1.
    The Why andHow of moving to PHP 5.5/5.6
  • 2.
    Who am I? Wim Godden (@wimgtr) Founder of Cu.be Solutions (http://cu.be) Open Source developer since 1997 Developer of OpenX, PHPCompatibility, PHPConsistent, ... Speaker at Open Source conferences
  • 3.
    Why vs How Part1 : why upgrade ? Bad reasons : It's cool to have the latest version Annoy sysadmins Oh cool, a new toy ! Part 2 : how to upgrade ? The nightmare of compatibility The joy of automation No miracles here !
  • 4.
    Show of hands 3/ 4 5.0 5.1 5.2 5.3 5.4 5.5 5.6 6.0 7.0
  • 5.
    The numbers W3Techs (http://w3techs.com/technologies/details/pl-php/all/all) NowNov 2013 Aug 2013 May 2013 PHP 4 : 1.8% 2.7% 2.9% 2.7% PHP 5 : 98.2% 97.3% 97.1% 97.3% 5.0 : < 0.1% 0.1% 0.1% 0.1% 5.1 : 1.2% 2.0% 2.2% 2.6% 5.2 : 19.2% 37.6% 40.2% 43.5% 5.3 : 45.5% 52.0% 51.7% 49.7% 5.4 : 26.9% 7.9% 5.7% 4.1% 5.5 : 6.3% 0.5% 0.1 % < 0.1% 5.6 : 0.5% < 0.1% 5.7 : < 0.1% 5.27 : < 0.1%
  • 6.
    5.3 quick recap Namespaces() Late static binding Closures Better garbage collection Goto Mysqlnd Performance gain
  • 7.
    5.4 quick recap Shortarray syntax Function array dereferencing Traits Built-in webserver SessionHandler File upload extension Binary notation register_globals and magic_quotes_gpc removed :-) Safe mode removed :-)
  • 8.
    5.3 – peopleare not even using it ! 19.2% still on PHP 5.2 No : Symfony 2 Zend Framework 2 Other frameworks that need namespaces Problematic for developers
  • 9.
    PHP 5.5/5.6 –what's changed ? New features Performance and memory usage Improved consistency Some things removed
  • 10.
    New things –Generators (5.5) Simple way of implementing iterators Simply put : foreach over a function Say what ?
  • 11.
    Generators - example <?php functionreturnAsciiTable($start, $end) { for ($i = $start; $i <= $end; $i++) { yield $i => chr($i); } } foreach (returnAsciiTable(97, 122) as $key => $value) { echo $key . " - " . $value . "n"; } Output : 97 - a 98 - b 99 - c 100 - d 101 - e 102 - f 103 - g 104 - h 105 - i 106 - j 107 - k 108 - l 109 - m 110 - n 111 - o 112 - p 113 - q 114 - r 115 - s 116 - t 117 - u 118 - v 119 - w 120 - x 121 - y 122 - z
  • 12.
    Finally : finally(5.5) Exception handling Until now : try {} catch() {} Now : <?php try { doSomething(); } catch (Exception $e) { echo 'Caught exception: ', $e->getMessage(), "n"; } finally { echo "We're always going here !"; }
  • 13.
    Beware : finally+ return <?php function footest() { try { return 1; } catch (Exception $e) { return 2; } finally { return 10; } } echo footest(); Will return 10 !
  • 14.
    Password hashing (5.5) Tocreate : $hash = password_hash($password, PASSWORD_DEFAULT); To verify : password_verify($password, $hash); Currently only supports Blowfish Also has password_needs_rehash() → check if hash was strong enough
  • 15.
    Zend Optimizer+ (5.5) Namein PHP 5.5 : OPcache Opcode cache (like APC, Xcache, ...) APC users : no userland (variable) caching in OPcache → Use APCu
  • 16.
    Variadic functions function sumNumbers($base,...$params) { foreach ($params as $param) { $base += $param; } return $base; } sumNumbers(5); // returns 5 sumNumbers(5, 2); // returns 7 sumNumbers(5, 2, 3); // returns 10
  • 17.
    Argument unpacking function add($a,$b, $c) { return $a + $b + $c; } $params = array(2, 3); echo add(5, ...$params); // returns 10
  • 18.
    Other changes in5.6 json_decode() strictness : true, false, null values Constant expressions : const ONE = 1; const TWO = ONE * 2; Exponent operator (**) printf("2 ** 4 == %dn", 2 ** 4); → Output = 2 ** 4 == 16 use function and use const Default charset is now UTF-8 → set in ini default_charset __debuginfo() magic method for use with var_dump() SSL/TLS security improvements (peer certificate verification, TLS renegotiation attacks, …) phpdbg : interactive debugger
  • 19.
    Removed features inPHP 5.5 php_logo_guid() php_egg_logo_guid() php_real_logo_guid() zend_logo_guid() Windows XP and 2003 support
  • 20.
    Removed features inPHP 5.6 $HTTP_RAW_POST_DATA and ini setting always_populate_raw_post_data iconv and mbstring encoding settings → default_charset in ini
  • 21.
    Performance and memoryusage from 5.3 to 5.6 Performance : 10 – 30% How ? Core optimizations New internal caches (functions, constants, …) Better (un)serialization Inlining often-used code paths … Reduced memory usage : up to 50% ! Big impact on large frameworks Even bigger impact on codebases such as Drupal
  • 22.
  • 23.
    Upgrade : yes/ no Yes No Using removed extensions x Using removed functions x Need extra performance / reduced memory x Really need new feature x Want to use recent framework x No unit tests x No package available (.rpm, .deb, ...) x
  • 24.
    Postponing upgrades End-Of-Life In thepast : we'll see Now : minor release + 2 = out → EOL 5.5 = OUT → 5.3 = EOL 5.6 = OUT → 5.4 = EOL Critical security patches : 1 year No bugfixes Framework support Developer motivation
  • 25.
    So you wantto upgrade... Option 1 : run your unit tests Option 2 : visit each page (good luck !) + check error_log Or : record visits, then replay log on test environment Option 3 : automated static analysis
  • 26.
    Unit tests ondifferent PHP versions Vagrant boxes Integrate into your CI Use Travis CI (http://travis-ci.org)
  • 27.
    Why make itso hard ? A best-case scenario... Development environment : 5.6 Production environment : 5.6 All is well, right ? End 2015 : PHP 7 arrives How can you test compatibility ? → Set up your test environment today → Even for new projects
  • 28.
    Back in 2010... PHPArchitect @ Belgian Railways 8 years of legacy code 40+ different developers 40+ projects Challenge : migrate all projects from PHP 5.1.x (on Solaris) to PHP 5.3.x (on Linux)
  • 29.
    The idea Automate it How? → Use the CI environment Which tool ? → PHP_CodeSniffer
  • 30.
    PHP_CodeSniffer PEAR package (pearinstall PHP_CodeSniffer) Detect coding standard violations Supports multiple standards Static analysis tool → Runs without executing code → Splits code in tokens Ex. : T_OPEN_CURLY_BRACKET T_FALSE T_SEMICOLON
  • 31.
  • 32.
    PHPCompatibility New PHP_CodeSniffer standard Onlypurpose : find compatibility issues Detects : Deprecated functions Deprecated extensions Deprecated php.ini settings and ini_set() calls Prohibited function names, class names, … … Works for PHP 5.0 and above
  • 33.
    PHPCompatibility – makingit work Via Composer : wimg/php-compatibility From Github : Download : http://github.com/wimg/PHPCompatibility Install in <pear_dir>/PHP/CodeSniffer/Standards Run : phpcs --standard=PHPCompatibility <path>
  • 34.
  • 35.
    Important notes Large directories→ can be slow ! Use --extensions=php,phtml No point scanning .js files Static analysis Doesn't run code Can not detect every single incompatibility Provides filename and line number
  • 36.
    The result Zend Framework1.7 app PHP 5.2 : working fine PHP 5.3 : fail ! function goto()
  • 37.
    Some common apps– phpBB (latest) FILE: /usr/src/phpBB3/adm/index.php -------------------------------------------------------------------------------- FOUND 0 ERROR(S) AND 2 WARNING(S) AFFECTING 1 LINE(S) -------------------------------------------------------------------------------- 48 | WARNING | INI directive 'safe_mode' is deprecated in PHP 5.3 and forbidden in PHP 5.4. 48 | WARNING | INI directive 'safe_mode' is deprecated in PHP 5.3 and forbidden in PHP 5.4. --------------------------------------------------------------------------------
  • 38.
    Common apps -MediaWiki FILE: /usr/src/mediawiki-1.19.8/includes/GlobalFunctions.php -------------------------------------------------------------------------------- FOUND 0 ERROR(S) AND 1 WARNING(S) AFFECTING 1 LINE(S) -------------------------------------------------------------------------------- 2705 | WARNING | The use of function dl is discouraged in PHP version 5.3 and | | discouraged in PHP version 5.4 and discouraged in PHP version | | 5.5 --------------------------------------------------------------------------------
  • 39.
    Common apps –Wordpress (latest) FILE: /usr/src/wordpress/wp-admin/includes/class-pclzip.php -------------------------------------------------------------------------------- FOUND 2 ERROR(S) AFFECTING 2 LINE(S) -------------------------------------------------------------------------------- 5340 | ERROR | The use of function set_magic_quotes_runtime is discouraged in | | PHP version 5.3 and forbidden in PHP version 5.4 and forbidden | | in PHP version 5.5 5371 | ERROR | The use of function set_magic_quotes_runtime is discouraged in | | PHP version 5.3 and forbidden in PHP version 5.4 and forbidden | | in PHP version 5.5 -------------------------------------------------------------------------------- FILE: /usr/src/wordpress/wp-includes/SimplePie/Item.php -------------------------------------------------------------------------------- FOUND 0 ERROR(S) AND 1 WARNING(S) AFFECTING 1 LINE(S) -------------------------------------------------------------------------------- 125 | WARNING | INI directive 'zend.ze1_compatibility_mode' is deprecated in | | PHP 5.3 and forbidden in PHP 5.4. -------------------------------------------------------------------------------- FILE: /usr/src/wordpress/wp-includes/wp-db.php -------------------------------------------------------------------------------- FOUND 16 ERROR(S) AFFECTING 16 LINE(S) -------------------------------------------------------------------------------- 641 | ERROR | Extension 'mysql_' is deprecated since PHP 5.5 - use mysqli | | instead. 646 | ERROR | Extension 'mysql_' is deprecated since PHP 5.5 - use mysqli | | instead.
  • 40.
    Conclusion No 100% detection But: 95% automation = lots of time saved ! First : PHPCompatibility on local machine Then : use your CI/test environment and run unit tests Start upgrading !
  • 41.
  • 42.
  • 43.
    We're hiring ! Lookingfor a challenge ? Want to do more than just code all day ? → Come visit our booth ! We've got chocolate ;-)
  • 44.
    Thanks ! Please ratemy talk at http://joind.in/13113

Editor's Notes

  • #4 part 2 look at difficulties you might encounter in upgrading. I&amp;apos;ll provide solutions not a magician can&amp;apos;t solve everything ;-)
  • #6 5.3.3 = Debian Squeezy = 12% Wait a second... that means people aren&amp;apos;t even on 5.3 ? And there was 3 year gap between the release of 5.2 and 5.3, so 5.3 brought a lot of cool things.
  • #19 - Compression disabled by default (CRIME attack) - Ciphers have been updated - Possible to select specific SSL/TLS version