End of Year warnings, recapped

Last July, it was announced that PHP 4 had been end-of-life'd.

What this means is that there won't be any more bugfixes, and only critical security vulnerabilities will be released for some months into 2008. Most web hosts do have PHP 5 available, but a few shared hosting providers haven't done so.

http://www.gophp5.org has more information on what web applications claim to be compatible, but I disagree with:

Web hosts cannot upgrade their servers to PHP 5 without making it impossible for their users to run PHP 4-targeted web apps, and have no incentive to go to the effort of testing and deploying PHP 5 while most web apps are still compatible with PHP 4 and the PHP development team still provides maintenance support for PHP 4. The PHP development team, of course, can't drop maintenance support for PHP 4 while most web hosts still run PHP 4.

That's simply not the case. Dreamhost somehow does it: PHP4 is available... it's not the default, but you can switch it in their control panel.

I'm sure that a few hosting providers exist -- that due to the way their systems are structured -- who can't do it this way, but the time has come for them to bite the bullet.

I expect a slurry of reminders and notifications: far from being annoying it's probably best that people get reminded. The availability of security fixes is important: doubly-so with PHP and its sub-par security track record. Also, PHP5 is superior: it's got a better object model (inherited almost directly from Java but without all of that nasty public static void main(String[] args) nonsense), is more secure, has more object-oriented modules (no more myql_query!), and has a far better built-in XML parser (SimpleXML).

The simple fact is that most PHP4 code will run fine in version 5. You do have a test site for deployment, don't you? Test it on that.