Updating a legacy PHP site to work with PHP 5.4

David G - DrupalRecently I was notified by a webhost that a project I had completed in 2013 was incompatible with their pending upgrade to php 5.4 on July 23, 2015. They listed 1 file from the whole project that was incompatible with php 5.4. The client and my bosses requested I resolve the issue. This is a small synopsis of the steps I took to inspect and resolve the code issue.

Brainstorming a Solution

The webhost told me 1 file had php 5.4 issues. In general there are lists and changelog notices from the php community as to changes between php versions. I’m well aware of these types of changelong notifications. I assume the webhost used an automated tool to test all their shared hosting sites and I wanted to use a tool that would give me similar details for this project. And future projects that need similar php upgrade checks in the future (for any new version(s) of php).

I googled “php compatibility 5.4” and came across a plugin for PHP Code Sniffer which is called PHP Compatibility. The IDE I use called PHPStorm by Jetbrains has built in Code Sniffer support, so I was curious if I could bundle or add this Compatibility “sniff” (plugin) to my IDE — the long answer is No, but I was able to use the plugin from the command line.

The Code Sniffer utility scans your codebase for for syntax and coding standard violations. The Compatibility plugin adds support for searching for compatibility issues between versions of php. For example, prior to php 5.4 you could use session_register() to register a key within the user session to store data. In php 5.4 session_register() has been deperacted and may not be used. These are the types of notifications the PHP Compatibility scan will report.

Details of Problem Resolution

In order to run PHP Compatibility I had to install the dependencies using PEAR on my local development server.

  1. Install Codesniffer
    pear install PHP_Codesniffer
  2. Then I attempted to follow the non-Composer install directions of PHP Compatibility on Github. But I needed to know where Codesniffer was installed on the system. It turns out PEAR can tell you where files for a package were installed:
    $ pear list-files PHP_Codesniffer
     .... long list of files ...
    test   /usr/share/php/test/PHP_CodeSniffer/CodeSniffer/Standards/PSR1/Tests/Files/SideEffectsUnitTest.php
    test   /usr/share/php/test/PHP_CodeSniffer/CodeSniffer/Standards/PSR1/Tests/Methods/CamelCapsMethodNameUnitTest.inc
    test   /usr/share/php/test/PHP_CodeSniffer/CodeSniffer/Standards/PSR1/Tests/Methods/CamelCapsMethodNameUnitTest.php
    php    /usr/share/php/PHP/CodeSniffer/Standards/PSR1/ruleset.xml
    ... long list of files ...

    This told me that CodeSniffer was installed in /usr/share/php/PHP_CodeSniffer/ on my system. I can now place the necessary Compatibility “sniff” files into the correct directory.

  3. Install the Compatibility “sniffs”:
    $ pwd
    /usr/share/php/PHP/CodeSniffer/Standards
    
    $ sudo git clone https://github.com/wimg/PHPCompatibility.git PHPCompatibility
  4. Now we can actually test our codebase! Woohoo!
    To run a scan we will call phpcs will the following format:
    phpcs –standard=PHPCompatibility –runtime-set testVersion <php-version> <project path>

    $ phpcs --standard=PHPCompatibility --runtime-set testVersion 5.4 cass/
    Time: 2.84 secs; Memory: 22.75Mb
    
    FILE: ...religion.ucsb.edu_project_cass/cass/braj/lila_episode_images.php
    ----------------------------------------------------------------------
    FOUND 16 ERRORS AFFECTING 10 LINES
    ----------------------------------------------------------------------
       1 | ERROR | Default timezone is required since PHP 5.4
      20 | ERROR | Default timezone is required since PHP 5.4
     158 | ERROR | Default timezone is required since PHP 5.4
     163 | ERROR | Default timezone is required since PHP 5.4
     163 | ERROR | Default timezone is required since PHP 5.4
     163 | ERROR | Default timezone is required since PHP 5.4
     163 | ERROR | Default timezone is required since PHP 5.4
     163 | ERROR | Default timezone is required since PHP 5.4
     168 | ERROR | Default timezone is required since PHP 5.4
     314 | ERROR | Default timezone is required since PHP 5.4
     322 | ERROR | Default timezone is required since PHP 5.4
     322 | ERROR | Default timezone is required since PHP 5.4
     330 | ERROR | Default timezone is required since PHP 5.4
     330 | ERROR | Default timezone is required since PHP 5.4
     341 | ERROR | Default timezone is required since PHP 5.4
     366 | ERROR | Default timezone is required since PHP 5.4
    ----------------------------------------------------------------------
    
    .... hundreds of more errors, mostly Timezone errors ....

While there were hundreds of errors most were that my system’s default timezone was not set. In order for the Compatibility scan to ignore or accept an expected correct date configuration later … I emulated having a valid timezone setting in php.ini by calling my compatibilty scan with the -d switch. This allows you to set virtual php.ini settings. My command to issue a compatibility scan looked like:

phpcs -d date.timezone=UTC --standard=PHPCompatibility --runtime-set testVersion 5.4 cass/

At this point it was simply a matter of inspecting the notices and taking action. For example I used session_register() as I mentioned at the beginning of this article. I replaced that with a check if the Session was created and if not yet created then I made session keys using the php 5.4 convention of:

$_SESSION['someKey'] = '';

All in all there was basically 1 issue with the site using session_register in 1 file. But, I did not want to take the webhost’s word for it. I wanted to find a tool that could test PHP for any future/past versions of PHP. The Compatibility sniffs work with php 5.5 and other versions too, so this tool is re-usable for future projects!

Lastly, it’s important to note that the Compatibility scan is not 100% accurate as-is. If you look at the github issue queue other developers have noted additional items it should be scanning for many versions of PHP. Keep that in mind when using this tool and check back in the issue queue if you doubt it’s capturing all the upgrade issues in your project.

Looking for quality web hosting? Look no further than Arvixe Web Hosting!

Tags: , , | Posted under Errors, Server Security | RSS 2.0

Author Spotlight

David Gurba

I am a web programmer currently employed at UCSB. I have been developing web applications professionally for 8+ years now. For the last 5 years I’ve been actively developing websites primarily in PHP using Drupal. I have experience using LAMP and developing data driven websites for clients in aviation, higher education and e-commerce. If you’d like to contact me I can be reached at david.gurba@arvixe.com

Leave a Reply

Your email address will not be published. Required fields are marked *