You may already know that PHP 5 is going to reach it’s end of life at the end of the year, meaning the PHP Group which maintains PHP will stop providing security patches in December. While we recommend that you upgrade to PHP 7 as soon as is practical, we also know that your timing needs to be based on your specific application and business needs. Here are some things to keep in mind if you find yourself needing to make the upgrade:
Don’t panic! Your site will continue to work as normal. The only difference is that if there is a vulnerability or bug in PHP 5.6 discovered after December 31st, the PHP Group will not provide a fix. It is however prudent to evaluate this information against your business objectives.
The obvious benefit is continued support from The PHP Group, which is the open source organization that maintains PHP. As an open source community, these updates include new features, bug fixes, and security patches, which are usually provided with OS package updates on the host. Upgrading to a supported version will ensure that if someone discovers a security vulnerability in PHP itself, then it will get a timely patch from the folks who know PHP best. If you are running an ecommerce site, or health care application, being on PHP 7 will make passing PCI and HIPAA audits easier. Without it, more complex mitigations might be required.
Beyond the support and security updates, PHP 7 is faster and uses less memory resources than PHP 5. According to some sources, PHP 7 is 10 to 15% faster, has 30% lower memory consumption, and serve up to 3x as many requests as PHP 5.6. Better performance could translate to cost savings on hosting. See this info graphic from Zend.com.
The difficulty of upgrading your site to a major version of PHP will depend on a number of factors, including age of the host OS, and age of any CMS, ecommerce, or application framework that is used on top of the application. In general, if you kept up with CMS versions (e.g. Wordpress, Drupal, or Joomla), upgrading should be pretty painless. In those cases, the time required to upgrade is more related to the ease in which PHP7 can be added to your host. Most shared hosting providers and cloud hosting providers have made this routine at this point.
A number of migration tools exist to scan PHP 5 code for potential compatibility conflicts. However there is no tool that will provide 100% automatic conversion. If you are using a modern application framework, you are probably ok. That 8 year old code igniter application might be more troublesome and therefore costly to upgrade because there will also be a need to update the framework. If the framework is old enough, then the custom code that sits on top of it may also need to be modified to accommodate any changes in the framework API.
One stand out issue is Magento 1.9 compatibility. It is not compatible with PHP 7 out of the box. A plug-in is available to make core Magento compatible with PHP 7, but we have found that it does not cover all plugins or customizations. Magento itself is in the middle of a major version change with Magento 1.9 support ending in favor of Magento 2.
Earthling Interactive has an extensive background building and supporting PHP sites. Our team members are here to help you evaluate your site and walk through the business decisions you'll need to make before planning to upgrade. Contact us to learn more about our PHP migration services.