Alert: PHP to Depreciate Standard MySQL Extension

Date: Jul 15, 2011
Categories: News & Announcements, Zipline Labs
Comments: 1 Comment

Here at Zipline, we watch the changes and developments with PHP very closely. PHP is the World’s most widely used, open source, web scripting language and is also at the core of our ZLCMS content management system. Last week an important announcement was made that will effect the future code of many PHP developers and we thought it was important to bring it to the attention of our readers since many of you are PHP developers or manage PHP based websites.

So what is the announcement?

Philip Olson, sent out a message via the PHP Internals mailing list detailing the proposed future plans for the depreciation and eventual removal of the widely popular mysql extension used by many websites and web systems including WordPress, the most popular blogging platform in the world.

In his message, located at http://marc.info/?l=php-internals&m=131031747409271&w=2 Phillip Olson details the proposed plans for the mysql extension:

Don’t panic! This is not a proposal to add errors or remove this popular extension. Not yet anyway, because it’s too popular to do that now.

The documentation team is discussing the database security situation, and educating users to move away from the commonly used ext/mysql extension is part of this.

This proposal only deals with education, and requests permission to officially convince people to stop using this old extension. This means:

– Add notes that refer to it as deprecated
– Recommend and link alternatives
– Include examples of alternatives

What this means to ext/mysql:
– Softly deprecate ext/mysql with education (docs) starting today
– Not adding E_DEPRECATED errors in 5.4, but revisit for 5.5/6.0
– Add pdo_mysql examples within the ext/mysql docs that mimic the current
examples, but occasionally introduce features like prepared statements
– Focus energy on cleaning up the pdo_mysql and mysqli documentation
– Create a general “The MySQL situation” document that explains the situation

So what does this mean for developers?

If you haven’t already made the move to one of the newer MySQL extensions now is a good time to start. There are two newer and more secure MySQL extensions for developers to use: pdo_mysql and mysqli. Here at Zipline, we adopted the mysqli extension about two years ago and make regular use of the robust object oriented functionality offered by this great extension.

While the standard MySQL extension is capable of most of the necessary interaction with the MySQL database system, it has often been criticized due to frequent security exploitations. Untrained, inexperienced, or lazy developers often develop code that can be easily exploited by hackers through various techniques including SQL injection attacks. The transition away from MySQL may be a painful one for some developers but in our opinion it is a great move and will help increase the security of the Internet. We will keep on top of the issue and report any new developments but if you are still using the mysql extension you might want to check out: http://php.net/manual/en/book.mysqli.php

About Ryan Stemkoski

Ryan is the Interactive Director at Zipline Interactive. He has over 12 years of experience designing, developing, and deploying web and mobile applications.
View all posts by Ryan Stemkoski
This entry was posted in News & Announcements, Zipline Labs. Bookmark the permalink.

One Response to Alert: PHP to Depreciate Standard MySQL Extension

  1. Pingback: Alert: PHP to Depreciate Standard MySQL Extension « Kokrajhar

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Experiencing problems with your site or need to report something

Call 1-866-440-3158

Contact

Do you need some help with your website? Give us a call today!