With PHP 5.6 out and many production environments still running 5.2 or 5.3, it's time to paint a clear picture on why everyone should move to 5.5 and 5.6 and how to get code ready for the latest version of PHP. In this talk, we'll look at some handy tools and techniques to ease the migration.

1. The Why and How of moving to PHP 5.5/5.6

2. Who am I ?
Wim Godden (@wimgtr)
Founder of Cu.be Solutions (http://cu.be)
Open Source developer since 1997
Developer of OpenX, PHPCompatibility, PHPConsistent, ...
Speaker at Open Source conferences

3. Why vs How
Part 1 : why upgrade ?
Bad reasons :
It's cool to have the latest version
Annoy sysadmins
Oh cool, a new toy !
Part 2 : how to upgrade ?
The nightmare of compatibility
The joy of automation
No miracles here !

4. Show of hands
3 / 4
5.0
5.1
5.2
5.3
5.4
5.5
5.6
6.0
7.0

5. The numbers
W3Techs (http://w3techs.com/technologies/details/pl-php/all/all)
Now Nov 2013 Aug 2013 May 2013
PHP 4 : 1.8% 2.7% 2.9% 2.7%
PHP 5 : 98.2% 97.3% 97.1% 97.3%
5.0 : < 0.1% 0.1% 0.1% 0.1%
5.1 : 1.2% 2.0% 2.2% 2.6%
5.2 : 19.2% 37.6% 40.2% 43.5%
5.3 : 45.5% 52.0% 51.7% 49.7%
5.4 : 26.9% 7.9% 5.7% 4.1%
5.5 : 6.3% 0.5% 0.1 % < 0.1%
5.6 : 0.5% < 0.1%
5.7 : < 0.1%
5.27 : < 0.1%

6. 5.3 quick recap
Namespaces ()
Late static binding
Closures
Better garbage collection
Goto
Mysqlnd
Performance gain

7. 5.4 quick recap
Short array syntax
Function array dereferencing
Traits
Built-in webserver
SessionHandler
File upload extension
Binary notation
register_globals and magic_quotes_gpc removed :-)
Safe mode removed :-)

8. 5.3 – people are not even using it !
19.2% still on PHP 5.2
No :
Symfony 2
Zend Framework 2
Other frameworks that need namespaces
Problematic for developers

9. PHP 5.5/5.6 – what's changed ?
New features
Performance and memory usage
Improved consistency
Some things removed

10. New things – Generators (5.5)
Simple way of implementing iterators
Simply put : foreach over a function
Say what ?

11. Generators - example
<?php
function returnAsciiTable($start, $end) {
for ($i = $start; $i <= $end; $i++) {
yield $i => chr($i);
}
}
foreach (returnAsciiTable(97, 122) as $key => $value) {
echo $key . " - " . $value . "n";
}
Output :
97 - a
98 - b
99 - c
100 - d
101 - e
102 - f
103 - g
104 - h
105 - i
106 - j
107 - k
108 - l
109 - m
110 - n
111 - o
112 - p
113 - q
114 - r
115 - s
116 - t
117 - u
118 - v
119 - w
120 - x
121 - y
122 - z

12. Finally : finally (5.5)
Exception handling
Until now : try {} catch() {}
Now :
<?php
try {
doSomething();
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "n";
} finally {
echo "We're always going here !";
}

13. Beware : finally + return
<?php
function footest()
{
try {
return 1;
} catch (Exception $e) {
return 2;
} finally {
return 10;
}
}
echo footest();
Will return 10 !

14. Password hashing (5.5)
To create :
$hash = password_hash($password, PASSWORD_DEFAULT);
To verify :
password_verify($password, $hash);
Currently only supports Blowfish
Also has password_needs_rehash() → check if hash was strong enough

15. Zend Optimizer+ (5.5)
Name in PHP 5.5 : OPcache
Opcode cache (like APC, Xcache, ...)
APC users : no userland (variable) caching in OPcache
→ Use APCu

16. Variadic functions
function sumNumbers($base, ...$params)
{
foreach ($params as $param) {
$base += $param;
}
return $base;
}
sumNumbers(5); // returns 5
sumNumbers(5, 2); // returns 7
sumNumbers(5, 2, 3); // returns 10

17. Argument unpacking
function add($a, $b, $c) {
return $a + $b + $c;
}
$params = array(2, 3);
echo add(5, ...$params); // returns 10

18. Other changes in 5.6
json_decode() strictness : true, false, null values
Constant expressions :
const ONE = 1;
const TWO = ONE * 2;
Exponent operator (**)
printf("2 ** 4 == %dn", 2 ** 4);
→ Output = 2 ** 4 == 16
use function and use const
Default charset is now UTF-8 → set in ini default_charset
__debuginfo() magic method for use with var_dump()
SSL/TLS security improvements (peer certificate verification,
TLS renegotiation attacks, …)
phpdbg : interactive debugger

19. Removed features in PHP 5.5
php_logo_guid()
php_egg_logo_guid()
php_real_logo_guid()
zend_logo_guid()
Windows XP and 2003 support

20. Removed features in PHP 5.6
$HTTP_RAW_POST_DATA and ini setting
always_populate_raw_post_data
iconv and mbstring encoding settings → default_charset in ini

21. Performance and memory usage from 5.3 to 5.6
Performance : 10 – 30%
How ?
Core optimizations
New internal caches (functions, constants, …)
Better (un)serialization
Inlining often-used code paths
…
Reduced memory usage : up to 50% !
Big impact on large frameworks
Even bigger impact on codebases such as Drupal

22. So...
Should you upgrade today ?

23. Upgrade : yes / no
Yes No
Using removed extensions x
Using removed functions x
Need extra performance / reduced memory x
Really need new feature x
Want to use recent framework x
No unit tests x
No package available (.rpm, .deb, ...) x

24. Postponing upgrades
End-Of-Life
In the past : we'll see
Now : minor release + 2 = out → EOL
5.5 = OUT → 5.3 = EOL
5.6 = OUT → 5.4 = EOL
Critical security patches : 1 year
No bugfixes
Framework support
Developer motivation

25. So you want to upgrade...
Option 1 : run your unit tests
Option 2 : visit each page (good luck !) + check error_log
Or : record visits, then replay log on test environment
Option 3 : automated static analysis

26. Unit tests on different PHP versions
Vagrant boxes
Integrate into your CI
Use Travis CI (http://travis-ci.org)

27. Why make it so hard ? A best-case scenario...
Development environment : 5.6
Production environment : 5.6
All is well, right ?
End 2015 : PHP 7 arrives
How can you test compatibility ?
→ Set up your test environment today
→ Even for new projects

28. Back in 2010...
PHP Architect @ Belgian Railways
8 years of legacy code
40+ different developers
40+ projects
Challenge :
migrate all projects from
PHP 5.1.x (on Solaris)
to
PHP 5.3.x (on Linux)

29. The idea
Automate it
How ? → Use the CI environment
Which tool ? → PHP_CodeSniffer

30. PHP_CodeSniffer
PEAR package (pear install PHP_CodeSniffer)
Detect coding standard violations
Supports multiple standards
Static analysis tool
→ Runs without executing code
→ Splits code in tokens
Ex. : T_OPEN_CURLY_BRACKET
T_FALSE
T_SEMICOLON

31. PHP_CodeSniffer
Let's see what it looks like

32. PHPCompatibility
New PHP_CodeSniffer standard
Only purpose : find compatibility issues
Detects :
Deprecated functions
Deprecated extensions
Deprecated php.ini settings and ini_set() calls
Prohibited function names, class names, …
…
Works for PHP 5.0 and above

33. PHPCompatibility – making it work
Via Composer : wimg/php-compatibility
From Github :
Download :
http://github.com/wimg/PHPCompatibility
Install in <pear_dir>/PHP/CodeSniffer/Standards
Run :
phpcs --standard=PHPCompatibility <path>

34. PHPCompatibility
Let's see what it looks like

35. Important notes
Large directories → can be slow !
Use --extensions=php,phtml
No point scanning .js files
Static analysis
Doesn't run code
Can not detect every single incompatibility
Provides filename and line number

36. The result
Zend Framework 1.7 app
PHP 5.2 : working fine
PHP 5.3 : fail !
function goto()

37. Some common apps – phpBB (latest)
FILE: /usr/src/phpBB3/adm/index.php
--------------------------------------------------------------------------------
FOUND 0 ERROR(S) AND 2 WARNING(S) AFFECTING 1 LINE(S)
--------------------------------------------------------------------------------
48 | WARNING | INI directive 'safe_mode' is deprecated in PHP 5.3 and forbidden in PHP 5.4.
48 | WARNING | INI directive 'safe_mode' is deprecated in PHP 5.3 and forbidden in PHP 5.4.
--------------------------------------------------------------------------------

38. Common apps - MediaWiki
FILE: /usr/src/mediawiki-1.19.8/includes/GlobalFunctions.php
--------------------------------------------------------------------------------
FOUND 0 ERROR(S) AND 1 WARNING(S) AFFECTING 1 LINE(S)
--------------------------------------------------------------------------------
2705 | WARNING | The use of function dl is discouraged in PHP version 5.3 and
| | discouraged in PHP version 5.4 and discouraged in PHP version
| | 5.5
--------------------------------------------------------------------------------

39. Common apps – Wordpress (latest)
FILE: /usr/src/wordpress/wp-admin/includes/class-pclzip.php
--------------------------------------------------------------------------------
FOUND 2 ERROR(S) AFFECTING 2 LINE(S)
--------------------------------------------------------------------------------
5340 | ERROR | The use of function set_magic_quotes_runtime is discouraged in
| | PHP version 5.3 and forbidden in PHP version 5.4 and forbidden
| | in PHP version 5.5
5371 | ERROR | The use of function set_magic_quotes_runtime is discouraged in
| | PHP version 5.3 and forbidden in PHP version 5.4 and forbidden
| | in PHP version 5.5
--------------------------------------------------------------------------------
FILE: /usr/src/wordpress/wp-includes/SimplePie/Item.php
--------------------------------------------------------------------------------
FOUND 0 ERROR(S) AND 1 WARNING(S) AFFECTING 1 LINE(S)
--------------------------------------------------------------------------------
125 | WARNING | INI directive 'zend.ze1_compatibility_mode' is deprecated in
| | PHP 5.3 and forbidden in PHP 5.4.
--------------------------------------------------------------------------------
FILE: /usr/src/wordpress/wp-includes/wp-db.php
--------------------------------------------------------------------------------
FOUND 16 ERROR(S) AFFECTING 16 LINE(S)
--------------------------------------------------------------------------------
641 | ERROR | Extension 'mysql_' is deprecated since PHP 5.5 - use mysqli
| | instead.
646 | ERROR | Extension 'mysql_' is deprecated since PHP 5.5 - use mysqli
| | instead.

40. Conclusion
No 100% detection
But : 95% automation = lots of time saved !
First : PHPCompatibility on local machine
Then : use your CI/test environment and run unit tests
Start upgrading !

41. Questions ?

42. Questions ?

43. We're hiring !
Looking for a challenge ?
Want to do more than just code all day ?
→ Come visit our booth !
We've got chocolate ;-)

44. Thanks !
Please rate my talk at
http://joind.in/13113