In three days Americans will be celebrating Thanksgiving, football, and the release of PHP Version 8.0! This update has been a long time coming and is promised to be the most significant overhaul of PHP in years – maybe ever.
What is PHP?
To try and put it in layman’s terms, PHP is the coding language that WordPress, your site’s theme, and all of its plugins are written in. This language is then processed by the server (as opposed to a web browser like Google Chrome), to build out your site.
Version 8.0 represents a significant shift for the language as it prioritized two big picture changes: (1) depreciating many old functions and (2) upgrading the overall security of the language. Let’s discuss each point below.
How depreciating functions can break your site
As technology becomes more powerful and develops safer way of doing things, it’s important that old methods/functions are phased out in favor of these better methods. Otherwise, we developers will continue using the same tricks and methods that we are used to!
This is especially true for WordPress sites. Have you ever wondered how all of the themes and plugins on your site can all be built by different people but still seamlessly work together. The key is that WordPress is largely built on a collection of shared and standardized functions. From there, each plugin can execute whatever unique PHP function it needs to in order to complete its intended use.
Anytime functions are depreciated in a new version of PHP, you are almost always guaranteed to have at least one plugin break because it tries to use a function that no longer exists – either at a PHP or WordPress level.
Upgraded security is a big win
For a very long time now, experts in the PHP community have argued over the foundational security of the language. In an effort to make lives easier on developers, let’s just say that the language did its best to fill in the gaps and be lenient with commands that it would allow. This is great when you are writing code, but that leniency in its coding framework was argued to leave too large of a backdoor for those with malicious intent.
PHP has been around a long time and this leniency has always been a core component of it – at least until now with Version 8.0 releasing on Thanksgiving day. These standards are being increased and the language will be much stricter in what it will and will not accept. While we will be giving up some ease of use, most in the PHP community, including us, welcome and celebrate the change.
With that said, PHP has been around for a very long time. The more lenient method may not have been ideal, but developers and security experts have been used to these standards and taking steps to close these inadvertent backdoors for some time. At the end of the day tough, any change that makes it so the web needs one less expert, the better.
Should I update on release day?
No. Let me say that again with greater emphasis – NO.
Not only will applying the patch on the first day likely break your site for the previously mentioned reasons, but PHP Version 8.0 is likely to bring its own set of security issues – as all major language changes do. It takes some time for the glitches and inadvertent backdoors that they’ve created to be ironed out before you can safely say a version should be the industry standard.
As for when that day will be, no one really knows yet. Sometimes this transition can go quickly with minor hiccups and other times it can be more significant. I mean, many people have skipped entire generations of a Windows OS upgrade!
We’ll be letting everyone know when we feel it is safe to upgrade, but the best way to keep your site secure and optimized in the meantime and in the future is to subscribe to our Maintenance Plan. For our clients, long gone are the days of worrying about site security, PHP versions, and plugin compatibility.