Lists of changes are available for
PHP 7.0, 7.1, and
7.2. Some of these changes are for security reasons, and getting rid of those deprecated functions will eliminate ways malware can infect your site.
The function
create_function() is deprecated in version 7.2. It was a clumsy attempt to support functional programming, and you can do the same thing better with
eval or native anonymous functions. It's one of many ways in PHP to turn a string into executable code. Reducing the number of ways makes it easier for anti-malware software to catch
attempts to install backdoors.
The function
assert() is used for debugging. Previously, it took either a string or a boolean expression as an argument. Like
create_function, it would treat a string as PHP code. PHP 7.2 still supports Boolean expressions as arguments, but not strings.
A number of compatibility checkers are available to find issues in your code. They will list all the compatibility issues, possibly with recommendations on how to fix them.
In many cases, the code with issues isn't your own, and you will need to upgrade third-party components.
- The content management system (CMS) may be an old one, designed for an older version of PHP. Installing the latest version should fix any compatibility issues. Besides, old versions are likely to have security and performance problems. Keeping them up to date is the safest course.
- You may be using outdated third-party add-ons (plugins, themes, etc.) with your CMS. You'll need to bring them up to date. If any of them are no longer supported, look into ways of replacing them. Unsupported add-ons are favorite targets.
- If you use a framework to develop your code, such as Laravel or Symfony, an old version may generate incompatible code. You'll need to update the framework, rebuild everything, and test it.
- You may be calling third-party libraries from your code. If they're out of date, that could be the cause of the trouble. As in the other cases, you should update them. If there's no update, look for a way to stop using them.
Any software update carries the risk of introducing bugs, so be sure to test your changes thoroughly before going to production. You don't want your site to stay broken for long, but haste can make things worse.