I was reading about the impending release of WordPress 3.2 and the fact that it will only be supporting PHP 5.2 and above. This also sparked discussion at http://yoast.com/requires-php-52/ regarding Yoast’s plugins now requiring PHP 5.2 (it has a check at the top of the plugin, but doesn’t actually REQUIRE PHP 5.2 as yet).
A few of the comments got me a little confused – talking about security etc. I guess it all depends with distribution you have, how much you want to take advantage of new functionality (5.3 has A LOT – and the difference between PHP 4 and PHP 5 is VAST). I recently set up a new server for work, and it came with Red Hat Enterprise 5. RHEL 5 is a nice bit of kit, from a trusted source, but it only ships with PHP 5.1.6. Some people seem to see this as a big security risk, but what they don’t seem to be aware of is that Red Hat backport all security patches. I believe this probably covers Fedora Core and CentOS too. Version 5.1 of PHP is the supported version with the updating system.
If you want to go off on an adventure and install 5.2 or 5.3 then you need to make sure that you can maintain the same level of support that your distro is already offering, or, you need to find a host who is willing to do the work. Just asking your host to update your PHP could become dangerous if they then don’t upgrade it when new security patches become available. It’s something that needs to be monitored and supported.
It’s interesting to note that most major distributions still don’t ship with THE LATEST revision of PHP. Debian, Fedora, RHEL, CentOS, etc.
Image Credit: Gwen Vanhee