PHP 7.0 boosts speed and security: What you need to know
Image: Conner Forrest/TechRepublic
At long last, the next generation of PHP has been released, bringing new features and much needed optimizations, as well as corresponding speed improvements from Zend Engine. However, PHP 7.0 removes support for certain deprecated items, breaking code compatibility in very specific cases.
A brief history lesson
Those currently using PHP 5.6 will likely wonder what happened to PHP 6.0. That version was started as an experiment to add Unicode (UTF-16) support everywhere, which continued to languish amid development difficulties and dramatically reduced performance. Some portions of that experiment were backported into 5.3. Because some books were published referencing designs of the scrapped version 6.0, the version number was incremented to 7.0 instead.
New features in PHP 7.0
Among the new features in PHP 7.0 are scalar and return type declarations, as well as the null coalesce operator ?? for using a ternary with isset() and the spaceship operator <=> for comparing two expressions—both of which can substantively reduce the amount of code needed to perform specific evaluations.
Additionally, in the interest of greater security, unserialize() allows for selectively allowable classes, session_start() is now optionally able to override session configuration directives in php.ini, and two new functions have been introduced to generate cryptographically secure integers and strings. For greater stability, uniform variable syntax has been introduced, which changes the way PHP is interpreted slightly—evaluations are now always left to right.
Vastly increased performance
PHP 7.0 brings vastly improved performance over PHP 5.6, but is also competitive with the increasingly popular alternative HHVM (HipHop Virtual Machine) implementation. Facebook’s HHVM emerged in 2011 as a competitor to Zend Engine 2.x, the reference implementation of PHP, as the final form of a variety of experiments to increase performance. HHVM works as a JIT compiler, translating PHP code into HipHop bytecode, which is then transformed to x86-64 machine code. With the arrival of PHP 7.0, the Zend Engine has correspondingly been updated to 3.0.
The improvements of PHP 7.0 are less pronounced in comparison to HHVM, however—PHP 7.0 is less than 1% faster on WordPress 4.1, though it is 42.7% faster on SugarCRM, and 23.4% faster on Drupal. Additionally, the results at Linux benchmarking website Phoronix show PHP 7.0 as being roughly three times as fast as PHP 5.6 and twice as fast as HHVM, though RAM usage is still somewhat higher than that of HHVM.
Removing deprecated features and cleaning code
ASP-style tags have been removed, as has support for <script language=php> tags. Additionally, the MySQL plugin, which was deprecated in PHP 5.5, has been removed.
Other instances of poor programming practices are also now disallowed. For example, it is now no longer possible to define two or more function parameters with the same name, nor can you define two or more default blocks in a switch statement. For a complete look of the backward incompatible changes, the PHP Manual offers a comprehensive guide to migrating to PHP 7.0. For more hands-on examples, Colin O’Dell’s PHP 7 Upgrade Guide provides a great deal of example code to illustrate the changes and features in PHP 7.0.
What’s your view?
Do you use PHP in your organization? Do you use the Zend Engine, HHVM, or some other PHP interpreter? Share your thoughts on the new version of PHP and your plans for migration in the comments.