End of Life Looms for PHP 7.3
October 13, 2021 Alex Woodie
Organizations that are running PHP version 7.3 have just over a month to upgrade to a newer version and avoid losing bug fixes and security fixes when 7.3 hits the end of life (EOL) on December 6. The good news is that PHP version 7.4 and 8.0 are stable and will be supported for some time. The not-so-good news is it appears a large number of IBM i shops are still running older releases of the PHP language.
According to an informal poll conducted by Seiden Group last month, about half of the IBM i shops that participated in a webinar were running 7.3, according to Alan Seiden, the principal of the company, which develops an IBM i-based PHP distribution called CommunityPlus+ PHP.
“It’s not bad. They’re doing fine. But it’s just time” to move up to a supported release, Seiden said. “PHP 7.3 will no longer see security updates. So we hope nobody has it by then. We’re working to make sure people get upgraded.”
One of the IBM i customers that Seiden Group has helped to upgrade from older releases of PHP is Littleton Coin Company. Based in Littleton, New Hampshire, Littleton Coin Company buys and sells American coins, including rare coins, commemorative coins, gold coins, and even rare paper currency.
The company, which is a longtime user of the IBM midrange server, maintains a warehouse with 30,000 items, and adopted PHP more than a decade ago to augment core RPG-based applications with applications that feature Web-based UIs, according to Littleton Coin’s Director of Information Technology Ken Meade.
Earlier this year, Littleton Coin contacted Seiden Group to inquire about an upgrade for its PHP environment, which included custom-written applications written in PHP version 5.6 and running on Zend Server, Professional Edition, an IBM i-based runtime offered by Perforce. Community support for PHP 5.6 ended more than two years ago.
As Meade interacted with Seiden and his team, he grew more and more comfortable with them, and eventually decided to give Seiden’s CommunityPlus+ PHP distribution a try. In July, the company completed the migration of the PHP runtime to CommunityPlus+ PHP. After that, Seiden Group worked to upgrade the old PHP 5.6 codebase to PHP version 7.4, Meade said.
Staying on an unsupported release of PHP was no longer an option, Meade said. “We deal with external customers,” he told IT Jungle. “We take credit card information, so we’re scanned every month and we have to pass these scans and if we don’t, then the credit card companies get notified and we can’t take credit cards anymore.”
The PHP language changed quite a bit from version 5.6 to version 7.4 (and it changes again from 7.4 to 8.0 – more on that later). In Littleton’s case, Seiden Group spent a bit of time to rework its stored procedure output parameter. It also updated the PHP Secure Communications Library (phpseclib), which houses encryption algorithms that are critical for securely conducting ecommerce transactions.
In addition to running a fully supported version of PHP, Littleton Coin experienced a performance boost as a result of the new PHP runtime and the new PHP language environment, Meade said. “The throughput has been awesome,” Meade said. “It greatly increased our speed. In fact, I hear that on the shop floor all the time, where people are really, really happy because they’re not sitting there waiting.”
As part of the migration and code update, Littleton Coin decided to improve the flow of external pricing data. Previously, the company’s financial team had to manually enter information about sales figures from the company’s ecommerce partners, like eBay, Amazon, and PayPal. By utilizing the PHPSpreadsheet connector (which replaces PHPExcel, which is deprecated in PHP 7), the IT staffers developed a method to import that data directly from spreadsheets into the IBM i-based financial system using a PHP app. Seiden’s consultant assisted with this work.
Going from PHP version 5.6 to PHP version 7.4 was a significant move, and buys Littleton Coin more time (PHP version 7.4 is supported until November 28, 2022, according to the official PHP support grid.) Moving directly to version 8.0 (which is supported until November 2023) would have bought it even more time, but it would have been a more difficult move, Seiden said.
“7.4 does flag a number of things with warnings. It tries to improve the quality of people’s code by flagging some warnings,” Seiden said. “The things that 7.4 gives you a warning about, 8 might consider an actual error. So 7.4 is a great stepping stone to go to 8. If you can get 7.4 running cleanly, with nothing in the PHP error log, you’re in great shape to go to 8.”
If everything goes as planned, Littleton Coin will make the move to PHP version 8.0 next year. That will follow the upgrade from a Power7 system to a Power9 that occurred in August of this year (“My regular green-screen apps are just flying now,” Meade said) and it will also roughly coincide with an expected move from IBM i 7.3 to 7.4, according to Meade. “It’s been a year of upgrades,” he said.
While change has been in the air in 2020 and in 2021 — particularly when it comes to running PHP on IBM i — like many IBM i shops, Littleton Coin is reluctant to change things just for the sake of change. But when it comes to PHP on IBM i, the IT pro sees the value in staying on top of things — especially since his technology partner is bearing some of that responsibility and the work that entails.
“There are so many projects that we have come through the IT department, and a lot of times you get that ‘if it’s not broke, don’t fix it’ [mentality],” he said. “But we also end up getting behind from a security point of view. And so I decided to sign up with Alan to have these normal regular quarterly tune-up meetings.”
Those quarterly tune-up meetings have turned into a blessing for Meade and his IT department, which numbers around 10 staffers. The Seiden folks will go through the PHP logs and identify issues that need to be addressed, which helps Meade’s team stay on top of any PHP issues without losing focus on other pressing IT issues.
“Because we have these quarterly meetings, I am more apt to have that on my front burner and say ‘OK, I’ve got to go to 8 next year,’” he said. “So we can plan for that, versus [if] I don’t have those quarterly meetings, and it’s working, then I’m not going to worry about it.”