Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Viva64.com:
Analysis of PHP7
Apr 29, 2016 @ 12:15:56

On the Viva64.com site they've posted the results of their own evaluation of PHP 7 in terms of both the source of the language itself and the libraries it makes use of.

Sometimes checking a project one more time can be quite amusing. It helps to see which errors were fixed, and which ones got into the code since the time it was last checked. My colleague has already written an article about PHP analysis. As there was a new version released, I decided to check the source code of the interpreter once again, and I wasn't disappointed - the project had a lot of interesting fragments to look at.

They start with a brief look at PHP 7 including when it was released, some of the features/functionality included and the tool they used to do the analysis. They talk about some of the difficulties in the analysis process and how the widespread user of macros tripped it up a bit. They includes some code examples from PHP's source and the warnings that their PVS-Studio returned. The post ends with a brief look at the third-party libraries PHP uses and the responsibility the project takes in including them.

tagged: php7 analysis language source scanner pvsstudio results

Link: http://www.viva64.com/en/b/0392/#ID0EWECK

PHP.net:
PHP 5.5.35, 5.6.21 and 7.0.6 Released
Apr 29, 2016 @ 08:29:36

On the main PHP.net site they've announced the latest releases of all currently supported versions of the language: PHP 5.5.35, 5.6.21 and 7.0.6. These are bugfix released with, among several others, security related corrections.

The PHP development team announces the immediate availability of PHP [5.5.35, 5.6.21 and 7.0.6]. This is a security release. Several security bugs were fixed in this release.

The PHP 7 release fixes two newly identified vulnerabilities: CVE-2016-3078 (Zip handling) and CVE-2016-3074 (GD functionality). As these are security releases it is highly recommended that you upgrade your current installations as soon as possible. You can get these latest versions from the main PHP.net downloads page or from windows.php.net for the Windows binaries.

tagged: language release bugfix security php55 php56 php7

Link: http://php.net

Phillip Shipley:
Docker makes upgrading to PHP7 easy
Apr 25, 2016 @ 11:13:07

In this post to his site Phillip Shipley talks about Docker and how using it for your PHP deployments can make it much easier to upgrade to PHP 7.

Last year at php[tek] 2015 during the hack time I messed around and created a Docker image to run and test PHP7. It was surprisingly easy and I quickly learned that the app I was working on at the time ran fine in PHP7, good deal. So since then I’ve been awaiting the general availability release of PHP7 to move forward with upgrading my apps.

The main thing holding me back was I just didn’t want to maintain an image based on compiling from source. Not that it’s a problem, it just didn’t feel as clean and simple as using supported packages.

He points out that Ubuntu 16.04 was released and that does now have PHP 7 as a standard package so he's happily upgrading. He gets into a bit of detail about how upgrade process and some of the smaller issue he faced along the way. He also includes the update to his Dockerfile he made to change to PHP 7 (only a few characters) to rebuild with PHP 7.0.4.

tagged: upgrade php7 docker ubuntu package official release

Link: http://www.phillipshipley.com/2016/04/docker-makes-upgrading-to-php7-easy/

Christian Weiske:
Fixing PHP4 constructors for PHP7
Apr 12, 2016 @ 12:07:42

Christian Weiske has posted a quick guide for those still dealing with PHP 4-style constructors in their code and how to upgrade them for PHP 7 (as it's completely deprecated now).

PHP 7 deprecates PHP4-style constructors. In PHP4, class constructor methods had the same name as the class. This was bad when switching base classes; you did not only have to change the class' extends declaration, but also calls to the parent constructor. PHP5 then introduced the generic __construct method name for class constructors, which solved the problem. ?

PHP7 will output a deprecation message when a class with a PHP4-style constructor is loaded

He suggests that a "quick fix" is to just rename the method to __construct and let PHP handle things as expected. However, dependencies in other classes (calling them in a PHP 4 way) could break because of this. He suggests a "real fix" that can be put in place until the remainder of the code is migrated - a method named the same as the old constructor but just calling __construct internally.

tagged: php4 constructor php7 fix named workaround

Link: http://cweiske.de/tagebuch/php4-constructors-php7.htm

Zeev Suraski:
PHP 7 Is Gaining Momentum
Apr 04, 2016 @ 11:56:17

In his new post to his site Zeev Suraski talks about the momentum growing behind PHP 7 and some of the recent articles about companies making the move and the overall impression of the new version.

We’re now a few months since PHP 7 came out, and if you’ve been following what’s going on in the PHP world, things are looking pretty exciting! [...] First, InfoWorld gave PHP 7 the 2016 Technology of the Year Award, which is quite remarkable. Remarkable is also how InfoWorld chose to describe the performance gains that are promised by PHP 7 – and I absolutely agree.

[...] As more and more people are trying PHP 7 out, we’re seeing more and more evidence that the promise of 2x performance is being realized, big time. Most recently, Badoo published an article detailing their experience migrating for PHP 5.6 to 7.0

He gets into a bit more detail about the numbers that Badoo published and gives a quick "thank you" to Dmitry Stogov for helping to spearhead the effort to get PHP 7 out the door from Zend. Finally, he points out that there's a Zend Server version that already runs on PHP 7 if you'd like to try it out.

tagged: php7 momentum infoworld award badoo performance memory zendserver

Link: http://zsuraski.blogspot.com/2016/03/php-7-is-gaining-momentum.html

Three Devs & A Maybe:
Episode 92 - Where is the Value? with Joe Watkins
Apr 01, 2016 @ 10:13:42

The Three Devs & a Maybe podcast has published their latest episode, Episode #92 - Where is the Value? with Joe Watkins. This time hosts Michael Budd, Fraser Hart, Lewis Cains and Edd Mann are joined again by Joe Watkins, a core developer on the PHP language.

In this week’s episode we start off discussion with a recent PHP RFC Joe has been working on in-regard to typed properties, bringing up the value (if any) surrounding getters and setters. We then move on to Joe’s views on designing a programming language, and his mind-set that there should be no defined scope surrounding the features that the language should adopt. Finally, we wrap up the show with an update on how stabilisation of uopz is going for PHP 7, along with a reflection on the ‘Hacking on PHP 7’ screencasts we released earlier this month.

You can listen to this latest episode either through the in-page audio player or by downloading the mp3 of the show. You can also subscribe to their feed if you'd like this and other episodes (past and future) delivered right to your client of choice.

tagged: threedevsandamaybe podcast ep92 value joewatkins rfc uopz php7

Link: http://threedevsandamaybe.com/where-is-the-value-with-joe-watkins/

Freek Van der Herten:
Converting PHP 7 code to equivalent PHP 5 code
Apr 01, 2016 @ 09:50:56

Freek Van der Herten has a post to his site about another new library he's worked on (along with two others) to help convert PHP 7 code back to PHP 5 code - 7to5.

In the JavaScript world converting modern code to an older syntax is quite common. In the PHP world you don’t see that happen often. Symfony provides a few [polyfills](https://github.com/symfony/polyfill), but a full fledged conversion isn’t available. At the meetup of [our local PHP user group](http://www.meetup.com/phpantwerp/) [Jens Segers](https://twitter.com/jenssegers), [Hannes Van de Vreken](https://twitter.com/hannesvdvreken) and I were toying around with the idea of converting PHP 7 code to equivalent PHP 5 code automatically.

Today our little hobby project called 7to5 was tagged 1.0.0. You can view the repo on GitHub.

He starts by talking about what the library does to backport the code from PHP 7 to PHP 5 and how to install/use the command line tool. He then gets into things "behind the curtains" with a sample PHP 7 class and the resulting PHP 5 code. They made use of the PHP Parser tool for processing the PHP code provided. It does matching on certain element types and performs the token replacement. He gives examples of this with the null coalesce operator replacement and scalar type hinting.

tagged: convert php7 php5 code tool 7to5 introduction library

Link: https://murze.be/2016/03/converting-php-7-code-equivalent-php-5-code/

Laravel News:
Has your company upgraded to PHP7 yet?
Mar 31, 2016 @ 10:28:34

On the Laravel News site they share the results of a Twitter poll asking developers and companies of they'd switched to PHP 7 yet.

Yesterday I ran a Twitter poll to see how many have moved to PHP7. With 650 votes here are the results. [...] tagged: upgrade php7 company twitter poll results

Link: https://laravel-news.com/2016/03/company-upgraded-php7-yet/

AppDynamics PHP Blog:
Predicting the Future of PHP Security – Part 3
Mar 24, 2016 @ 09:30:15

On the AppDynamics blog there's a post from Omed Habib where he looks at the current state of security in the PHP language and makes predictions about the future of it in PHP and where the language might be heading.

In some ways security is an infinite game of chess on a board the size of the world. For every move you make, the hackers have a countermove ready. They are highly motivated to take what you have, so the game never ends; it just switches players once in awhile. In this final blog in the series, we are going to review the game board, with a look at the most recent changes to security in PHP 7 and earlier supported versions. Then, we’ll try to look a few moves ahead with predictions for the future of PHP security.

In the article he talks about PHP's popularity and how it has somewhat worked against it and its reputation when it comes to secure development. He covers PHP 7 and some of the security-related updates that came with it including:

  • whitelisting classes on unserialize
  • the cryptographically secure random number generator
  • patches for buffer overflows and memory leaks

He ends the post looking at a possible future of the language based on comments made in this other article., suggesting that one possible place for the language to head is into the IoT (Internet of Things) space and interacting with the devices on the other end.

tagged: predictions security language php7 features patches iot direction

Link: https://blog.appdynamics.com/php/predicting-the-future-of-php-security/

Carlos Buenosvinos:
First tests with #PHP7 in production at @AtrapaloEng
Mar 18, 2016 @ 11:15:45

On his site Carlos Buenosvinos has a new post talking about the experience they had at @AtrapaloEng with PHP 7 and shares some of the improvements they've already seen so far.

On Monday, Badoo blogged about its migration to PHP7 (https://techblog.badoo.com/blog/2016/03/14/how-badoo-saved-one-million-dollars-switching-to-php7/). Those are great results! At @AtrapaloEng, we’re running already tests in production to perform the same step. We could have started some months before, but we’ve been struggling with the php-msgpack extension and its (un)support for PHP7. We hope to deploy PHP7 in all our server during this week but we would like to share with you what we have seen so far.

They share some graphs showing the changes when PHP 7 was deployed on their systems for both memory consumption and overall load average. They also talk about the boost in performance as far as response times and, an often not reported statistic, how it sped up their unit test runs too.

tagged: test php7 atrapaloeng performance results graph unittest

Link: https://carlosbuenosvinos.com/first-tests-with-php7-in-production-at-atrapaloeng/