What is PHP?
As discussed in our Under the Hood - Webpage series, you know that a webpage is made of a bunch of files that are assembled into a web page and hosted somewhere on the internet. PHP: Hypertext Processor (it's one of those annoying acronyms that actually refers to itself) is a way for your host to manage, and then create your webpage upon request.
PHP is a critical part of almost 80% of all webpages, and crucial to upgrade and maintain.
As a layer of programming language between requests and the webpage files, it adds extra complexity and value to your pages. It can provide live information from a variety of sources, using data from different sources to provide a uniquely customised webpage to every person who visits. For example, on a WordPress website, PHP can display the date and time a blog post is published based on the time zone you are in. If you have visited a webpage that gave you localised information such as dates, time, or weather, there's a chance it may have been provided to you using PHP code.
PHP and HTML
HTML (HyperText Markup Language) is the standard way of providing a static webpage to users, an HTML document is similar to a Word document, or a PDF. This means that any person who visits the webpage will get the same information, no matter their circumstances or settings. When you click on something, the browser interprets the request from the HTML and sends you the next HTML document.
When you request a page from a PHP website, you are telling the website host to run a tiny program, which gives you a unique, customised webpage. In the image below, clicking on the link sends the request, which initiates different PHP instructions on the site and completes before presenting you with the webpage.
As a programming language, PHP is open source and free. Open source means that the code that powers PHP is publicly accessible and open for modification in community-wide, ongoing projects. As with any software, especially one that is constantly being worked on by a community, PHP needs to be maintained to ensure security, efficiency, and integrity is consistently updated. For this reason, PHP is supported for two years from the initial release date, with release dates being towards the end of the year. The graph below shows the current release and support schedule, with PHP version 2.4 entering the phase of Security Fixes only and PHP version 7.3 no longer being supported at all.
Why Does PHP need updating
Once new software is released, it's locked down, and updates can only occur in special circumstances. However, bots and people are constantly testing the software, seeing if it can be exploited for data, or used to do other actions that the owner didn't intend. Most people understand security updates due to using Windows operating systems, and PHP is the same. Patches and fixes are released regularly to keep the software secure, and doing what it was intended to do.
What happens if you don't update?
Software can also stop working, or run into problems. When this happens, you may need some help which can cost you a lot of time and money. When a version is supported, it means that help is easily accessible and that there are people actively working on issues, problems, and security breaches. When support for a version stops, resolutions, patches and fixes do not get released anymore This is when your site might become a security risk for your customers, or become a target for dubious actions such as sending spam email, or start broadcasting random data in malicious data attacks.
Not keeping the PHP version up to date is like not replacing a rusted security screen. It's leaving you open to security vulnerabilities, and even though it's there, it's easy for someone to get past it, and into your website/house. If your site uses PHP, you or your web host need to be aware that updates are required.
What version should I be using?
If your site is currently using version 7.3, support will end on the 6th of December this year.
If you upgrade to version 7.4, support is provided for two years from the date of release, which ends on the 28th November 2021, and will only receive security fixes until 28 November 2022.
Version 8.0 is supported until 26th November 2022, with an extra year of security fixes after that.
Some web hosts will do this automatically, while some have a quick one-button update option, and others will leave it as an entirely manual process for you to complete. But whatever the update process, make sure you check your website once it's done, because not all software that you're using on your website may be compatible with the new version of PHP.
The great news is, a lot of hosting providers and web developers will do all this as part of a support and maintenance contract, like AimHigher Web. If you're not sure if you are covered for upgrading your PHP version, get in touch and have a chat with us today!