Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

TutsPlus.com:
Upgrading Your Linux Server to PHP 7.0
Dec 07, 2016 @ 11:47:25

The TutsPlus.com site has a new tutorial posted showing you how to upgrade your Linux server to run PHP 7.0, the latest major release of the PHP language.

PHP 7 was released last December. Once you've tested your code locally to run on it, it's time to upgrade your production server. Generally, I found that most of my sites run well on it.

However, I suspect that not many sites have upgraded yet. It's often safer and easier to stay on older releases. [...] But PHP 7 has now been out for nearly a year.

In today's episode, I'll walk you through my recommended approach to upgrading to PHP 7 on Ubuntu 14.x and resolving problems with PHPMyAdmin, which a lot of early upgraders ran into.

He starts by helping you identify any customizations that you might have related to PHP 5, specifically related to configuration options. He then provides the commands to remove PHP 5 packages from the system and add in the "ondrej/php" PPA for apt-get as the source for the PHP 7 packages. After a quick apt-get cleanup, he includes the commands to install the "php7" packages, enable a few extra modules and getting phpMyAdmin back up and in working order.

tagged: upgrade server php7 php5 ppa aptget phpmyadmin tutorial

Link: https://code.tutsplus.com/tutorials/upgrading-your-linux-server-to-php-7--cms-27583

Laravel News:
Laravel Homestead 4.0 is released featuring support for PHP 7.1
Dec 06, 2016 @ 09:43:35

The Laravel News site has a new post announcing the release of the latest version of Laravel Homestead, the Vagrant-driven environment that makes it easy to set up a Laravel environment. In this latest version, 4.0, there's a few changes including a major one: support for PHP 7.1.

Laravel Homestead the Vagrant box for easily running Laravel on any platform has just released v4.0 that includes support for the just released PHP 7.1.

The upgrade is easy but the instructions do vary depending on how you have it installed.

They walk you through the steps for the upgrade:

  • Backup all your Homestead databases
  • update the Homestead Global installation (or per-project installation)
  • Destroy the current Vagrant box
  • Use "vagrant up" to download the latest version and bring the box back up

It's a pretty easy process that should be pretty painless. Everyone's setup is slightly different so there might be a few issues in your own upgrade and minor version releases will be made if there are issues because of the upgrade.

tagged: laravel homestead vagrant upgrade v4 release php71 support

Link: https://laravel-news.com/laravel-homestead-4-0-is-released-featuring-support-for-php-7-1

Joe Ferguson:
Use Laravel Shift for your next upgrade
Nov 24, 2016 @ 09:13:23

In this new post to his site Joe Ferguson takes a look at Laravel Shift, an automated service that makes it easier to upgrade your Laravel-based application quickly.

I’ve had an eye on LaravelShift.com since it first made it’s way across my twitter feed some time ago. I’ve also had the pleasure of meeting and talking with it’s creator Jason McCreary at a few conferences over the past year. I think it’s really awesome when community members are able to take a product to market that not only scratches their own itch, but can provide value to the rest of the community as well.

[...] I built NerdsAreDrinking on Laravel 5.1 because that was the current version at the time. We have seen two more release since: 5.2 and 5.3. The upgrade process isn’t terrible however there is a lot you may need to take into account. Rather than upgrade from 5.1 to 5.2 and then 5.2 to 5.3 I decided to use Laravel Shift to do the 5.1 to 5.2 upgrade for me.

Joe then talks some about his experience using the service and was impressed at the speed of the service to create the required Pull Request for the update. He includes a link to the PR so you can see what the upgrade looks like too. He feels like the money spent (around $11 USD) was well invested and would definitely use the service again.

tagged: laravel laravelshift upgrade opinion service version

Link: https://www.joeferguson.me/use-laravel-shift-for-your-next-upgrade/

Jason McCreary:
Laravel Shift - 1,000 applications upgraded
Sep 14, 2016 @ 10:27:41

Jason McCreary, the developer behind the Laravel Shift upgrade service, has posted a retrospective of his work on the project and some of the things he's learned along the way. The service just recently topped 1000 applications upgraded.

Less than a year ago I created Laravel Shift. While not my first product, it is my first software as a service (SaaS). If you’re not familiar with Laravel Shift or interested in the backstory check out the Q&A on Laravel News or listen to the interview on Full Stack Radio.

In this post, I want to focus more on reaching the milestone of 1,000 Laravel applications upgraded. This may not sound like many, however for my first SaaS product it marks the achievement of my stretch goal. So allow me to share the most important decision, biggest challenge, and what the future holds for Laravel Shift.

He starts with a section talking about the difference between a "project" and a "product" targeted at developers who, usually, have more than one project going at a time. He talks about his decision to move Shift to a "product" and some of the hurdles he hit because of being "a developer, not a marketer". He finishes the post looking ahead to things coming with the service and the announcement of "human services" being offered to get a live person involved in the upgrade of your Laravel application.

tagged: laravel shift service retrospective future plans 1k upgrade milestone

Link: http://jason.pureconcepts.net/2016/09/laravel-shift-1000-applications-upgraded/

Laravel News:
Laravel Spark v2 is now released
Sep 12, 2016 @ 10:52:22

On the Laravel News site there's an announcement posted about the latest release of Laravel Spark (v2). Spark is a commercial package from the creator(s) of Laravel that provides simpler billing for subscription-based services.

Laravel Spark, the commercial Laravel package that provides instant scaffolding for subscription billing, has just released v2.

The 2.0 release is a free upgrade for all license holders and it adds compatibility with Laravel 5.3 as well as deprecating the Spark installer in favor of using Composer directly.

This also adds dependency updates so it is compatible with both Echo and Passport that are new packages in Laravel 5.3.

There's an upgrade guide for those that are needing to bring their install up to the latest release. If you're more interested in what Spark has to offer, check out the main page for the product. A single-site license costs $99 USD and includes a wide range of features and technologies to make managing your subscription-based service simpler.

tagged: laravel spark release version feature upgrade

Link: https://laravel-news.com/2016/09/spark-v2/

Master Zend Framework:
Preparing Legacy Applications for PHP 7 with Phan
Sep 08, 2016 @ 12:07:42

The Master Zend Framework site has posted a new tutorial for those making the move in their legacy applications up to the world of PHP 7. In it Matthew Setter shows how to use phan, a static analysis tool, to locate issues that could cause breakage in the upgrade.

Unless you’ve been living under a rock these last 12 - 18 months, you will have heard about PHP 7; the latest version of PHP. Not only is it fast, by some reports it’s up to twice as fast as PHP 5.6, and far less memory hungry.

[...] Unfortunately, your application’s source code may not be 100% compatible with version 7. Upgrading may well leave you with a broken application and a set of unhappy customers. So before you go breaking your site in the interests of speed and being one of the cool kids, find out if your code’s compatible. How? By using a static code analyser, one which gives you all the changes you need to make on your code, so that you can upgrade with confidence.

He then shows how to install the Phan tool via Composer and execute it against your codebase. The result of his commands are a file that contains the issues found during the scan. If there are some "false positives" you'd like to ignore he also shows you how to create a config.php file with these and other values set to make it all more reusable.

tagged: php7 upgrade phan detect static analysis code tutorial

Link: http://www.masterzendframework.com/preparing-for-php7-with-phan/

Liip Blog:
A quick look on the current state of Drupal 8 (ecosystem)
Jul 08, 2016 @ 10:26:31

In a new post to the Liip blog Lennart Jegge shares a "quick look" at the current state of the Drupal 8 project and some of the issues some people are having making the transition.

Eight months ago Drupal 8.0.0 was released. Exciting news for drupalists. Since then comparing D8’s features to its predecessor is a topic in daily business. "Can drupal 8 do what we can do now with 7 today?". After playing around with D8 i get the feeling some crucial features are missing.

He shares some of the features he sees as still missing (a Top 10 wishlist) and how it seems difficult to get a good overview of the Drupal 8 ecosystem. Some modules have yet to be updated and rewrites can be difficult given the major "under the covers" changes to Drupal itself.

In the end the importance of a variety of mature modules that play together nicely is crucial when it comes to efficiency, maintainability and stability of a project
tagged: drupal8 ecosystem overview opinion features upgrade issues

Link: https://blog.liip.ch/archive/2016/07/07/quick-look-current-state-drupal-8-ecosystem.html

Security Update:
Imagemagick - Multiple Vulnerabilities
May 05, 2016 @ 11:07:35

Imagemagick, a well-used alternative by PHP developers for graphics manipulation (an alternative to GD) has had several new vulnerabilities announced. These vulnerabilities allow for everything from remote code execution to initiating network requests. The Imagetragick site has more information:

There are multiple vulnerabilities in ImageMagick, a package commonly used by web services to process images. One of the vulnerabilities can lead to remote code execution (RCE) if you process user submitted images. The exploit for this vulnerability is being used in the wild.

A number of image processing plugins depend on the ImageMagick library, including, but not limited to, PHP’s imagick, Ruby’s rmagick and paperclip, and nodejs’s imagemagick. If you use ImageMagick or an affected library, we recommend you mitigate the known vulnerabilities.

There's two mitigations listed to help with a more immediate fix: using a policy.xml file and verifying that image data starts with the right "magic bytes". The site also shares more information about the different vulnerabilities and what kind of attacks they could allow. It is highly recommended that you add the mitigations they show and update your installation to use the latest release (7.0.1-1) with fixes for these issues.

tagged: imagemagick vulnerabilities multiple upgrade mitigation

Link: https://imagetragick.com

Phillip Shipley:
Docker makes upgrading to PHP7 easy
Apr 25, 2016 @ 11:13:07

In this post to his site Phillip Shipley talks about Docker and how using it for your PHP deployments can make it much easier to upgrade to PHP 7.

Last year at php[tek] 2015 during the hack time I messed around and created a Docker image to run and test PHP7. It was surprisingly easy and I quickly learned that the app I was working on at the time ran fine in PHP7, good deal. So since then I’ve been awaiting the general availability release of PHP7 to move forward with upgrading my apps.

The main thing holding me back was I just didn’t want to maintain an image based on compiling from source. Not that it’s a problem, it just didn’t feel as clean and simple as using supported packages.

He points out that Ubuntu 16.04 was released and that does now have PHP 7 as a standard package so he's happily upgrading. He gets into a bit of detail about how upgrade process and some of the smaller issue he faced along the way. He also includes the update to his Dockerfile he made to change to PHP 7 (only a few characters) to rebuild with PHP 7.0.4.

tagged: upgrade php7 docker ubuntu package official release

Link: http://www.phillipshipley.com/2016/04/docker-makes-upgrading-to-php7-easy/

Laravel News:
Has your company upgraded to PHP7 yet?
Mar 31, 2016 @ 10:28:34

On the Laravel News site they share the results of a Twitter poll asking developers and companies of they'd switched to PHP 7 yet.

Yesterday I ran a Twitter poll to see how many have moved to PHP7. With 650 votes here are the results. [...] tagged: upgrade php7 company twitter poll results

Link: https://laravel-news.com/2016/03/company-upgraded-php7-yet/