PHP 5.3 is a big leap forward for PHP and brings of a lot of neat features. However, big leaps can also mean big changes and potentially big breakage when it comes to backwards compatibiltiy.
I did some experimenting with running a big legacy application and a CakePHP application on PHP 5.3 and would like to share my findings with you. Here are a couple of tips to prepare your code for PHP 5.3
Installing PHP 5.3 on Ubuntu Jaunty
First off, by reading this article you may want to testdrive PHP 5.3 yourself.
If you haven't tried PHP 5.3 yet and you want to give it a go right now, but you don't want to mess up any Production or even Development environment, Virtualization can help you with that.
- Launch a virtual Ubuntu Jaunty instance (desktop versions work too, and may be easier on you)
- Use the dotdeb.org repositories to install PHP 5.3 (thanks to sysadmin guru Martijn Kint for that great find)
- Point Apache's (or nginx or whatever) document root to your workstation's shared code directory.
Et voila. An independent test platform that's able to reflect your code changes in real time.
Now on to my findings.
When you do a fresh PHP 5.3 install on an Ubuntu Jaunty server, short tags, also known as:
New releases can have support off by default, hence just showing code as plaintext. Including db passwords.
This is the stuff that can get you fired.
So if you have these short tags, lets get rid of them. But how, there are so many!
Update #1 - As noted by Rune Kaagaard and Philip Olson in the comments, support for short tags is still a subject of discussion. Whether it will be turned off by default or supported in PHP 6 also depends on the package maintainers of each distribution (looks like Ubuntu is going for the strict approach).
Regex to the Rescue?
If you have a lot of short tags, the following regexes could help to convert them:
replace: '<\?=' with: '<\?php echo ' replace: '<\?(?!php|xml)' with: '<\?php'
The order of these replace actions is important.
Now, be sure to go over the changes manually with a tool like regexxer though. Cause if you're not careful code generators, highlighters & XML tools will break. Consider the following real life example:
<?php $CodeRow->replace('<?', '<?php', 'T_OPEN_TAG'); ?>
By our replace action, this would now read:
<?php $CodeRow->replace('<?php', '<?php', 'T_OPEN_TAG'); ?>
Making that line completely useless and introducing a bug. So please, really go over the changes manually. Regexxer will make that job less painful already.
Update #2: As Bernhard mentions in the comments, there is a much better way of removing shorttags from your PHP code.
After the Changes
Test your code thoroughly before you commit.
PHP Deprecated Warnings
Some 'old' syntax still works but generates "Deprecated" warnings. These are telling you to change your code before it's too late: future versions of PHP will no longer support it. At all.
The following example is still used in quite some code, but as of PHP 5.3 will generate "Deprecated" warnings.
<?php $log = & new Logger('file', '/var/log/app.log'); ?>
They want you to get rid of the '&'.
Obviously - if you are the author of such lines - you should change your code. Now is the time.
But let's say you also use a framework (CakePHP in my case), and you are not the author. You need to wait for others to fix it (don't worry, PHP 5.3 releases of Cake are in the works, just not stable yet). But if you still want to run PHP 5.3 right now with a deprecated framework codebase you can't change: you can turn off these warnings by changing the level of error reporting.
Here's an example that still let's you see other debug messages like Notices (which is great during development), but just turns off the Deprecated warnings (which are useless if they concern the framework's code):
<?php error_reporting(E_ALL & ~ E_DEPRECATED); ?>
.. basically saying: Show all warnings except deprecated.
So put this wherever you currently set the error_reporting level.
For CakePHP 1.2, I found I had to hack my core in
/cake/libs/configure.php at line
#291 to get rid of the deprecated warnings.
In Ubuntu (thanks Philip Olson), PHP 5.3 uses a native MySQL driver (mysqlnd) and it enforces strong passwords. We still had some legacy 16bit MySQL passwords and so MySQL guru Erwin Bleeker upgraded them in order for mysql_connect to work. Good thing I suppose ; )
I had some extensions like php5-xdebug, php5-xcache, php5-memcache that I previously installed with APT package management, but now gave version conflicts with my custom dotdeb.org packages.
Well, just uninstall them with apt (or rpm, or whatever) and reinstall them with pecl like this:
$ pecl install -f memcache
So that the extensions are rebuild for your current PHP version and the conflicts are resolved. Make sure your php.ini files point to the right .so files though.
In the comments there are developers who ran into other issues as well. Summarizing:
- Many array functions that used to allow passing objects no longer do - Matthew Weier O'Phinney
register_globalsare gone - Giorgio Sironi
OK so after those changes, all of my old code ran fine on PHP 5.3 and it was time to really go & enjoy the new features like namespaces, closures, inreased performance & late static binding! Awesome..
I'm curious. What problems did you encounter trying to run old code on PHP 5.3? Where you able to fix it? Please share your experience.