-1

Currently my production servers have PHP 5.5.1 installed and working fine.

PHP 5.5.1 (cli) (built: Jan 14 2014 11:37:09)

Copyright (c) 1997-2013 The PHP Group

Zend Engine v2.5.0, Copyright (c) 1998-2013 Zend Technologies

However according to this post PHP has released 5.5.12 to fix some OpenSSL issues. We are running on CodeIgniter.

As I see there is no breaking change between 5.5.1 and 5.5.12, only bug fixes and few additions. So it should be fine to upgrade PHP version smoothly.

However recently we also upgraded to newer version of OpenSSL avoid heartbleed bug. So now is it necessary to upgrade the PHP for same reasons?

If I am not missing anything then upgrade won't cause any version related issue?

NOTE: As the post mentions the example of shared hosting/servers, we have our own multiple dedicated servers running behind load balancers.

Community
  • 1
  • 1
ʞɹᴉʞ ǝʌɐp
  • 5,350
  • 8
  • 39
  • 65
  • 2
    Clone your production server, upgrade PHP, test it. If it works, upgrade your production servers. If you can't clone a production box, take one out of rotation and upgrade that and test it. If you can't do that, try upgrading a dev environment and see what happens – Bojangles May 08 '14 at 19:20
  • Do you have a test suite? I appreciate not everyone does, but if so: just run everything against the new version of PHP. – halfer May 08 '14 at 19:21
  • @Bojangles: I generally think it’s better to be safe than sorry—as you imply—but implementing a patch-level fix like a jump from `PHP 5.5.1` to PHP `5.5.12` is incredibly low risk. Don’t worry. Just do it. But one question: What OS are you on? And how are you going to upgrade? From source code? Or RPM? – Giacomo1968 May 08 '14 at 19:22
  • Thanks. I am just curious if even after upgrading openssl we need to upgrade PHP as well? However I ll upgrade considering all above suggestions. – ʞɹᴉʞ ǝʌɐp May 08 '14 at 19:23
  • 2
    @DaveKirk You are over-thinking this. A patch level upgrade like a jump from `PHP 5.5.1` to `PHP 5.5.12` is not something to stress over. Upgrade OpenSSL & PHP. 1,000% positive you will be fine. – Giacomo1968 May 08 '14 at 19:25
  • @JakeGould I am on `Red Hat Enterprise Linux Server release 5.1 (Tikanga)` No plans how I ll upgrade as of now. – ʞɹᴉʞ ǝʌɐp May 08 '14 at 19:28
  • @DaveKirk If you are doing this via RPM via `yum update` the process will take less than 5 minutes & you will most likely not notice anything. The upgrades you need to worry about are jumps between `PHP 5.3.x` and `PHP 5.4.x` or even `PHP 4.x` to `PHP 5.x`. Patch level updates by competent teams like the PHP team will never break things. – Giacomo1968 May 08 '14 at 19:43

1 Answers1

2

PHP releases avoid any type of syntax-breaking changes at the minor-version-release level, so as long as you're still PHP 5.5 your code will almost certainly still be valid. Since you have multiple servers, you could try upgrading one of them, completing your test suite/unit test/basic sanity tests/etc. first before rolling out the upgrade to all your servers.

You could spend a lot of time poring through the diffs on the commits referenced in that post, but ultimately you may find a move from 5.5.1 to 5.5.12 is fairly safe and may yield other improvements too, so I'd focus your energy on testing.

Giacomo1968
  • 25,759
  • 11
  • 71
  • 103
Josh from Qaribou
  • 6,776
  • 2
  • 23
  • 21