Slide 1

Slide 1 text

Upgrading Legacy to the Latest PHP Version IPC MUNICH | OCT 28, 2021 @afilina

Slide 2

Slide 2 text

"I don't know whether my application works on the latest PHP."

Slide 3

Slide 3 text

• Check compatibility. • Fix issues. • Test the fixes.

Slide 4

Slide 4 text

Anna Filina • Coding since 1997 (VB4) • PHP since 2003 • Legacy archaeology • Test automation • Public speaking • Mentorship • YouTube videos

Slide 5

Slide 5 text

Docker image PHPCO PHPCompatibility

Slide 6

Slide 6 text

phpco() { docker run --init -v $PWD:/mnt/src:cached --rm -u "$(id -u):$(id -g)" frbit/phpco:latest $@; return $?; }

Slide 7

Slide 7 text

phpco -p --colors --extensions=php --runtime-set testVersion 7.4 .

Slide 8

Slide 8 text

FILE: /mnt/src/app/controllers/MyController.php ------------------------------------------------------------------ FOUND 1 ERROR AFFECTING 1 LINE ------------------------------------------------------------------ 166 | ERROR | Using 'break' outside of a loop or switch structure | | is invalid and will throw a fatal error since PHP | | 7.0 ------------------------------------------------------------------

Slide 9

Slide 9 text

public function myFunction($result) { if ($result == null) { break; } }

Slide 10

Slide 10 text

public function myFunction($result) { if ($result == null) { return; } }

Slide 11

Slide 11 text

PHPCompatibility tells us what to fix.

Slide 12

Slide 12 text

Fixing

Slide 13

Slide 13 text

$response = '1234567890'; $header = 'Content-length: ' . strlen($response) + 1; echo $header;

Slide 14

Slide 14 text

3v4l.org

Slide 15

Slide 15 text

No content

Slide 16

Slide 16 text

No content

Slide 17

Slide 17 text

No content

Slide 18

Slide 18 text

$response = '1234567890'; $header = 'Content-length: ' . (strlen($response) + 1); echo $header;

Slide 19

Slide 19 text

Function each() is deprecated since PHP 7.2; Use a foreach loop instead

Slide 20

Slide 20 text

while (list($i, $row) = each($result)) foreach ($result as $i => $row)

Slide 21

Slide 21 text

$i = each($result)['key']; $v = each($result)['value']; $i = each($result)[0]; $v = each($result)[1];

Slide 22

Slide 22 text

$a = each($result); $b = each($result);

Slide 23

Slide 23 text

else if (list(, $optArg) = each($args))

Slide 24

Slide 24 text

final class Php56Compatibility { public static function each(array &$array) { if (current($array) === false) { return false; } $key = key($array); $value = current($array); next($array); return [ 1 => $value, 'value' => $value, 0 => $key, 'key' => $key, ]; } }

Slide 25

Slide 25 text

Portable, unit-tested solution wrapped in a class.

Slide 26

Slide 26 text

We can clean things up at a later time (technical debt).

Slide 27

Slide 27 text

mcrypt PHP

Slide 28

Slide 28 text

mcrypt PECL PHP

Slide 29

Slide 29 text

mcrypt PECL PHP libmcrypt

Slide 30

Slide 30 text

PHP openssl

Slide 31

Slide 31 text

mcrypt.OFB != openssl.OFB

Slide 32

Slide 32 text

How to test mcrypt to openssl upgrade?

Slide 33

Slide 33 text

• Can we decrypt what we just encrypted? • Can we decrypt what we already have in our database?

Slide 34

Slide 34 text

encrypted App with mcrypt original

Slide 35

Slide 35 text

public function testCanDecrypt() { //... $decrypted = $security->decrypt($encrypted); self::assertEquals($original, $decrypted); }

Slide 36

Slide 36 text

mysql_ mysqli_ PDO

Slide 37

Slide 37 text

• Connection object needs to be available. • Connection object now a mysqli type. • Field metadata represented differently. • Different methods for unbuffered queries.

Slide 38

Slide 38 text

mysql to mysqli conversion can't be unit-tested.

Slide 39

Slide 39 text

mysql_connect mysql_query mysql_close mysqli_connect mysqli_query mysqli_close $connection

Slide 40

Slide 40 text

/login redirect to profile credentials session database encryption

Slide 41

Slide 41 text

/login redirect to profile credentials POST /login Redirect URL

Slide 42

Slide 42 text

$response = $this->guzzle->send($request); self::assertEquals(/**/);

Slide 43

Slide 43 text

You can use this approach to test the entire application.

Slide 44

Slide 44 text

PHPCO won't detect everything.

Slide 45

Slide 45 text

Slide 46

Slide 46 text

No content

Slide 47

Slide 47 text

• Start testing. • Note the errors that appear. • Tune static analysis for those specific errors.

Slide 48

Slide 48 text

Write more tests.

Slide 49

Slide 49 text

var_dump(0 == "");

Slide 50

Slide 50 text

No content

Slide 51

Slide 51 text

What about the framework?

Slide 52

Slide 52 text

• New framework might be too different. • Is there a fork that keeps up with PHP?

Slide 53

Slide 53 text

You could make the framework compatible.

Slide 54

Slide 54 text

What about the tests?

Slide 55

Slide 55 text

• Is PHPUnit compatible with PHP? • Can it be updated? • Might need to upgrade PHPUnit.

Slide 56

Slide 56 text

Do not fix your tests and code at the same time.

Slide 57

Slide 57 text

/login redirect to profile credentials POST /login Redirect URL

Slide 58

Slide 58 text

Tests PHP 8.0 PHP 5.4 Application

Slide 59

Slide 59 text

Tests PHP 8.0 PHP 8.0 Application

Slide 60

Slide 60 text

• Use PHPCompatibility • Use Psalm, PHPStan, etc. • Don't be afraid to fix the framework/libs. • Write tests.

Slide 61

Slide 61 text

@afilina Questions?