Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP.net:
PHP 5.6.18 & 5.5.32 Released
Feb 05, 2016 @ 09:49:31

On the main PHP.net site they've officially announced the release of the latest versions in the 5.6.x and 5.5.x series: PHP 5.6.18 and PHP 5.5.32.

The PHP development team announces the immediate availability of PHP [5.5.32 and 5.6.18]. This is a security release. Several security bugs were fixed in this release. All PHP [5.5 and 5.6] users are encouraged to upgrade to this version.

As always you can download this latest release from either the main downloads page or from windows.php.net for the Windows binaries. If you'd like to see exactly what was fixed in these releases, check out the full Changelog.

tagged: language version security bugfix upgrade

Link: http://php.net/archive/2016.php#id2016-02-04-3

Rasmus Lerdorf:
Upgrading PHP on the EdgeRouter Lite
Jan 26, 2016 @ 10:30:33

Rasmus Lerdorf has shared a post to his site detailing how he upgraded his EdgeRouter Lite router (hardware) to use PHP 7 for the uI handling and processing, upgrading it from the PHP 5.4 it came installed with.

After nearly 7 years of service I retired my Asus RT-16 router, which wasn't really a router, but a re-purposed wifi access point running AdvancedTomato. In its place I got a Ubiquiti EdgeRouter Lite. It is Debian-based and has a dual-core 500MHz 64-Bit MIPS CPU (Cavium Octeon+), 512M of ram and a 4G removable onboard USB stick for < $100. The router is completely open and, in fact, any advanced configuration has to be done from the command line. The Web UI has been improving, but there are still many things you can't do in it. In other words, exactly the type of device I prefer.

He made use of the open platform the router has to upgrade both the PHP installation and a bit of the web UI code to make things work happily with PHP 7. There's just three steps in his process:

  • Getting a Big-Endian MIPS64 build of PHP 7
  • Configuration (php.ini)
  • Fixing broken stuff

The "broken stuff" in this last item was only a few small changes that needed to be made to the web UI code for raw POST data fetching and session writes. He ends the post with a little summary of the performance post-changes and some about the opcode handling and memory use per request.

tagged: router edgerouter ui version language install upgrade configuration bigendian mips64 php7

Link: https://toys.lerdorf.com/archives/59-Upgrading-PHP-on-the-EdgeRouter-Lite.html

Lorna Mitchell:
Upgrade To Better Passwords in PHP
Jan 11, 2016 @ 09:44:55

In a new post to her site Lorna Mitchell encourages you to upgrade to better passwords by using either the built-in password hashing (since PHP 5.5) or by using the userland implementation (that works for >=PHP 5.3.7).

The password features in PHP aren't exactly new, but I see lots of applications from "before" which aren't being migrated to better practices. I have some strategies for doing these migrations so I thought I'd share my main approach, plus a similar-but-different one I saw in the wild (OK it was in CakePHP, so not too wild!).

She offers a few steps to follow to upgrade your application to use the bcrypt solution instead of your current format:

  • Update Login Code (change SQL to just fetch the password, not evaluate it)
  • Hash existing passwords
  • Update registration code (for new passwords to use the new method)
  • Migrate users with old passwords hashes once they've verified their current login

She also mentions alternatives to these approaches including forcing the user to change their password on login.

tagged: password hash bcrypt userland passwordcompat upgrade rehash tutorial

Link: http://www.lornajane.net/posts/2016/upgrade-better-passwords-php

Laravel News:
Automatically upgrade your Laravel app with Shift
Jan 06, 2016 @ 10:24:52

On the Laravel News site they've posted an interview with Jason McCreary, the lead developer behind the Laravel Shift service, a product that helps you keep your Laravel applications up to date with the latest versions of the framework.

Laravel Shift is a new project aimed at automatically upgrading out of date Laravel apps up to the current version. The way it works is you sign-in with either Github or BitBucket, purchase a shift (an upgrade package), and then review the pull request it automatically creates.

I had a chance to speak with Jason, the lead developer on the project and what follows is a Q&A about Shift.

They talk about where the idea for Laravel Shift came from originally and how the upgrade process happens (hint: it's automated). Jason also answers questions about what kinds of applications it will work on and how it's handled if there's an application that can't be upgraded. He also mentions the process for upgrading from a very old version, noting that it would be required to "shift" multiple times to achieve the correct results.

tagged: laravel shift service upgrade automatic application laravelnews

Link: https://laravel-news.com/2016/01/automatically-upgrade-your-laravel-app-with-shift/

PHP.net:
PHP 7.0.1 Released
Dec 17, 2015 @ 09:21:50

The latest release in the PHP 7.0.x series has been released today, the first one following the major milestone of PHP 7: PHP 7.0.1.

The PHP development team announces the immediate availability of PHP 7.0.1. Several bugs have been fixed. All PHP 7.0 users are encouraged to upgrade to this version.

This is just a bugfix release with some smaller changes that were held off until after the main PHP 7.0 release came out. Bugs were fixed in the language core, the CLI server, OCI8 functionality and many others. PHP 7 users are encouraged to upgrade to this new release. You can download it as always from either the main php.net downloads page or windows.php.net for the Windows binaries.

tagged: php7 release language bugfix php701 upgrade download

Link: http://php.net/index.php#id2015-12-17-1

Davey Shafik:
PHP 7 ext/mysql Shim
Dec 07, 2015 @ 11:10:24

With the release of PHP 7 comes a major shift in how your programs may interact with databases - the removal of the mysql extension (in favor of mysqli or PDO). Depending on how your application is written, this can cause all sorts of headaches. Davey Shafik has offered a temporary solution in a post to his site today, a mysql shim library that can be used to mimic the older mysql functions until you can upgrade your application.

To help ease the transition from 5.6 to 7.0 I have created a simple package that acts as a shim between the newly removed ext/mysql and ext/mysqli. I was a little hesitant to even publish this as I don’t want to encourage the continued use of potentially insecure code, however, I want people to upgrade to 7.0 and don’t want this to be the blocker.

It does require 5.6 (though it would be possible to lower that) — however I suspect that most people who are upgrading to 7.0 are either coming from 5.6 or have the native ext/mysql. The primary reason for support 5.6 is to be able to compare the test suite results against native ext/mysql.

The library can be easily installed via Composer and, while useful in its current form, still has some work yet to be done on it to bring it up to fully compatible. If you'd like to help on the effort and make life a little easier for those upgrading to PHP 7 on older code, head over to the repository and think about contributing.

tagged: mysql extension php7 shim library backport upgrade

Link: https://daveyshafik.com/archives/69726-php-7-extmysql-shim.html

PHP.net:
PHP 5.6.16 is available
Nov 30, 2015 @ 10:15:08

The main PHP.net site has announced the release of the latest minor version in the PHP 5.6.x series: PHP 5.6.16:

The PHP development team announces the immediate availability of PHP 5.6.16. Several bugs have been fixed. All PHP 5.6 users are encouraged to upgrade to this version.

Changes in this release include updates to Mysqlnd, PDO and OCI8 bugfixes as well as changes in the SPL (ArrayObject) and a segfault with the ini_lex function. You can get this latest release as always from either the main download page (source) or from the Windows.php.net site (Windows binaries).

tagged: language release php56 bugfix version upgrade

Link: http://php.net/index.php#id2015-11-26-2

Davey Shafik:
Upgrading to PHP 7
Nov 12, 2015 @ 09:19:52

As Davey Shafik mentions in this post to his site, O'Reilly has just released a "mini-eBook" he's written up to help you migrate your current codebase up to PHP 7 compatibility.

Yesterday, O’Reilly published my report on Upgrading to PHP 7. This 80-page mini-eBook is available free (and DRM free) in ePub, Mobi, and PDF formats.

Grab it today or read more details here.

The book guides you through the updates and features that come along with PHP 7 including: "deprecated features, Unicode enhancements, changes in Object-Oriented programming, and other enhancements." You'll get more details on what to change to bring your code up to the level of PHP 7 and remove deprecated features and what to replace them with. The book is free so there's no reason not to pick up a copy and find out what the PHP 7 revolution is all about.

tagged: php7 upgrade ebook oreilly published released download free

Link: https://daveyshafik.com/archives/69401-upgrading-to-php-7.html

Laravel News:
Homestead now with PHP 7 support
Oct 02, 2015 @ 10:52:41

In a quick post on the Laravel News site they point out that the Laravel Homestead virtual machine now has support for PHP 7:

Laravel Homestead just received a new update with support for PHP 7 which is due out this month.

If you are already using the PHP 5.x Homestead box, you can upgrade your installation to PHP 7.0 by cloning the php-7 branch of the laravel/homestead repository into a new folder.

With two other simple steps you can quickly upgrade your box to be running PHP 7 - updating the Homestead.yml configuration and running a vagrant up. You can find out more information about this update in the official documentation.

tagged: laravel homestead php7 support upgrade configuration vagrant

Link: https://laravel-news.com/2015/10/homestead-now-with-php-7-support/

Symfony Blog:
Twig: How to upgrade to 2.0? Deprecation Notices to the Rescue
Aug 19, 2015 @ 10:55:58

The Symfony blog has posted a quick guide with a tip to upgrading to Twig 2.0 made simpler thanks to some built-in deprecation notices.

As Twig 2.0 is approaching fast now, it's time to focus on how to boost adoption of this new major version. [...] Also, the good news is that most of the time, it's possible to make your code work for both major versions (that's important for shared code like bundles). [...] How to make it easy? Like for Symfony, I've now added deprecation notices throughout the code to give Twig users an easy way to upgrade their code (this is available in the upcoming Twig 1.21 version).

The release of v1.21 comes with the deprecation notices already built-in making it easy to find the issues before making the jump up to v2.0. He also includes mentions of two other things included to make it easier: a deprecation collector to gather the issues in one place and a visitor base class diff that can make them compatible with both versions (1.21 and pre-1.21).

tagged: twig2 twig templating version upgrade deprecation notice

Link: http://symfony.com/blog/twig-how-to-upgrade-to-2-0-deprecation-notices-to-the-rescue