PHP 4 is dead, long live PHP 4

The 8th of August marked the end of life for PHP 4, which has been in stable release since May, 2000. With no further security patches to come for the technology, what options are there for those who can't or won't upgrade?

For a technology that has been in stable release since May 22, 2000, PHP 4 has finally reached the end of its official life. With the release of PHP 4.4.9, official support has ended and the final security patch for the platform issued.

Python vs. PHP: Choosing your next project's language

Web hosts and web developers across the net have now lost another reason not to upgrade their development and support environments to current generation tools. With PHP 5 offering a viable upgrade path for the last few years, the recommendation is for addministrators and developers is to move to the PHP 5 platform (if they haven't already done so), which is currently at 5.2.6. PHP 4 developers that have not previously been introduced to PHP 5 may find that some code will need to be refactored, but a well-designed application will need fairly minimal tinkering to function with the new version.

With eight years of legacy code out there, it is likely that there are going to be a fairly large number of systems that will not migrate to PHP 5 in the near future, and a reasonable proportion of those that will not make the migration at all. For those who are not able to migrate their systems to the new version of PHP noted PHP security expert, Stefan Esser, will continue to provide third party security patching for the PHP 4 line through his Suhosin product.

This will only buy developers and administrators a few months of time, as Stefan will end incorporating security updates for PHP 4 at the end of 2008.

If for no other reason, the lack of ongoing security patch support for the platform should be enough reason for developers and administrators to make the switch to PHP 5 and look at limiting the number of PHP 4 systems that are outward facing on any network. If you haven't started a migration plan or even looking at what might need to be done, now is the time to do so. If you already have a plan in action, it is important to try and have it completed prior to the end of third party security support for the platform (i.e. the end of the year would be a good time).

More about: etwork, Hewlett-Packard, HP
References show all

Comments

1

officephp.com

Tue 12/08/2008 - 11:07

Php 4 will be useful for decades to come

I would like to add that security patch is only important for live internet servers.

I have been deploying tens of WAMP servers using php 4 in closed intranet, behind NAT firewall. After 4 years still no issues and I never need to upgrade the software (I still use WinLamp 2.0 with php 4)

I will continue using php 4 and make sure the codes are compatible with php 5 (& 6).

If future hardware doesn't support legacy OS (Win XP), I will run it using Virtualisation (VMWare) under Ubuntu Linux..

Rizalphp - Officephp.com programmer

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/235/softperfect-network-protocol-analyzer/

SoftPerfect Network Protocol Analyzer

Publisher's notes: SoftPerfect Network Protocol Analyzer is an advanced, professional tool for analyzing, debugging, maintaining and monitoring local networks and Internet connections. It captures the ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia