PHP 5.3 Upgrade

Discussion in 'News and Announcements' started by Corey, Jul 27, 2011.

Thread Status:
Not open for further replies.
  1. Corey

    Corey I Break Things Staff Member

    Messages:
    34,552
    Likes Received:
    181
    Trophy Points:
    63
    We have started testing PHP 5.3 support and plan to upgrade all servers by the end of the week. All major scripts already support 5.3 and if you're running the latest version this change should not be noticeable to you.

    I'll leave this thread open for questions.
     
    • Like Like x 1
  2. sperko

    sperko Member

    Messages:
    258
    Likes Received:
    4
    Trophy Points:
    18
  3. trev

    trev Member Prime Account

    Messages:
    670
    Likes Received:
    0
    Trophy Points:
    16
  4. sperko

    sperko Member

    Messages:
    258
    Likes Received:
    4
    Trophy Points:
    18
    I am not very good at PHP and I don't understand that, sorry
     
  5. descalzo

    descalzo Grim Squeaker Community Support

    Messages:
    9,375
    Likes Received:
    327
    Trophy Points:
    83
    Try adding the following line to the top of the script:

    error_reporting(E_ALL & ~E_DEPRECATED);
     
  6. leafypiggy

    leafypiggy Manager of Pens and Office Supplies Staff Member

    Messages:
    3,819
    Likes Received:
    162
    Trophy Points:
    63
    I had a look through cutenews' source: eregi is used in almost every script... and I'm pretty sure they've been at their current version for years now.
     
  7. bdistler

    bdistler Well-Known Member Prime Account

    Messages:
    3,534
    Likes Received:
    195
    Trophy Points:
    63
    ITEM #1 > Deprecated features in PHP 5.3.x that will throw errors if your script uses them
    AND you do not have error reporting turned off

    NOTE: This is the full list -::- not all the items listed are under your control as a x10 free-hosting user

    PHP 5.3.0 introduces two new error levels: E_DEPRECATED and E_USER_DEPRECATED.
    The E_DEPRECATED error level is used to indicate that a function or feature has been deprecated.
    The E_USER_DEPRECATED level is intended for indicating deprecated features in user code, similarly
    to the E_USER_ERROR and E_USER_WARNING levels.

    #############################
    The following is a list of deprecated INI directives.
    Use of any of these INI directives will cause an E_DEPRECATED error to be thrown at startup.

    define_syslog_variables
    register_globals
    register_long_arrays
    safe_mode
    magic_quotes_gpc
    magic_quotes_runtime
    magic_quotes_sybase

    Comments starting with '#' are now deprecated in .INI files.

    #############################
    Deprecated functions:

    call_user_method() (use call_user_func() instead)
    call_user_method_array() (use call_user_func_array() instead)
    define_syslog_variables()
    dl()
    ereg() (use preg_match() instead)
    ereg_replace() (use preg_replace() instead)
    eregi() (use preg_match() with the 'i' modifier instead)
    eregi_replace() (use preg_replace() with the 'i' modifier instead)
    set_magic_quotes_runtime() and its alias, magic_quotes_runtime()
    session_register() (use the $_SESSION superglobal instead)
    session_unregister() (use the $_SESSION superglobal instead)
    session_is_registered() (use the $_SESSION superglobal instead)
    set_socket_blocking() (use stream_set_blocking() instead)
    split() (use preg_split() instead)
    spliti() (use preg_split() with the 'i' modifier instead)
    sql_regcase()
    mysql_db_query() (use mysql_select_db() and mysql_query() instead)
    mysql_escape_string() (use mysql_real_escape_string() instead)

    Passing locale category names as strings is now deprecated. Use the LC_* family of constants instead.
    The is_dst parameter to mktime(). Use the new timezone handling functions instead.

    #############################
    Deprecated features:

    Assigning the return value of new by reference is now deprecated.
    Call-time pass-by-reference is now deprecated.

    *****************************
    ITEM #2 > Current ver of WordPress 3.2.1 July 12,2011

    Just for the deprecated function ==> ereg() <==
    I found it inside these files
    of a new install - no plug-ins added

    wordpress/wp-admin/includes/class-ftp-pure.php
    wordpress/wp-admin/includes/class-ftp-sockets.php
    wordpress/wp-admin/includes/class-ftp.php
    wordpress/wp-admin/includes/class-pclzip.php
    wordpress/wp-includes/functions.wp-scripts.php
    wordpress/wp-includes/functions.wp-styles.php
    wordpress/wp-includes/rewrite.php

    WordPress site has been talking about deprecated features in PHP 5.3.x
    for 2+ years now - yet the current (July this year) ver still has them

    How do you like the way your database info and password are stored in plan text
    in the default file ==> wp-config.php <== ??
     
  8. descalzo

    descalzo Grim Squeaker Community Support

    Messages:
    9,375
    Likes Received:
    327
    Trophy Points:
    83
    Just move the file up one directory. If you installed WP in public_html, it will be out of the document root and inaccessible from the Web.

    By hacking wp-load.php, you can move it anywhere and even change its name.

    You can use .htaccess to return a 403 Forbidden for files that are for internal use only.

    Yes, these are things you have to do yourself and maybe WP could make it easier to harden a site.

    And storing information encrypted solves what? The script has to decrypt it. Using? Where do you store the key?
     
  9. bdistler

    bdistler Well-Known Member Prime Account

    Messages:
    3,534
    Likes Received:
    195
    Trophy Points:
    63
    My file that holds the database data and password is above public_html
    wp-config.php is with my WordPress files in a folder below public_html
    ***

    This is my point - you need to hack - BTW the only file I change is wp-config.php
    ***

    For wp-config.php I use
    ==>
    Code:
    # protect wpconfig.php
    <files wp-config.php>
    order allow,deny
    deny from all
    </files>
    
    <==
    ***

    if you get my table - from the data base - for user/password info - you would find only two columns named x0 and x1
    column x0 is a random-salt-hash of length = 125 hexadecimal characters
    column x1 is a random-salt-hash of length = 187 hexadecimal characters
    NOTE:
    both lengths are not standard hash lengths
    both lengths are odd s/b even for hexadecimal
    they do not use the same hashing algorithm
    adds fun for the hackers

    I do not [ decrypt ] I take the users input and hash it - then look for a match - of the hash - in the database
    ***
     
  10. callumacrae

    callumacrae not alex mac Community Support

    Messages:
    5,256
    Likes Received:
    97
    Trophy Points:
    48
    Uh dbistler, you are aware that unless someone has file access (in which case you're screwed anyway), they are unable to read the file? It doesn't matter whether you block access to it in htaccess or not, it is a PHP file and therefore impossible to read from the client side.
     
  11. k3nt045685

    k3nt045685 New Member Prime Account

    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Sick, this means sqlite3 right?
     
  12. kevinscallions

    kevinscallions Member

    Messages:
    33
    Likes Received:
    0
    Trophy Points:
    6
    When will you upgrade PHP on the chopin server?
     
  13. radheykrishna190082

    radheykrishna190082 New Member

    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
  14. joemgap

    joemgap Member

    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    are you upgrading the server now to PHP 5.3 as this thread said
     
  15. terminatorafcik17

    terminatorafcik17 New Member

    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    0
    hmmm... i dont see php 5.3... when will it be available on starka - server?
    Code:
    Hosting package 	undefined
    Server Name 	starka
    cPanel Version 	11.30.1 (build 1)
    Theme 	x3
    Apache version 	2.2.17
    PHP version 	5.2.17
    MySQL version 	5.1.56
    Architecture 	x86_64
    Operating system 	linux
    Shared IP Address 	69.175.120.122
    Path to sendmail 	/usr/sbin/sendmail
    Path to Perl 	/usr/bin/perl
    Perl version 	5.8.8
    Kernel version 	2.6.18-194.32.1.el5
    cPanel Pro 	1.0 (RC1)  
    
     
    Last edited: Jul 30, 2011
  16. Corey

    Corey I Break Things Staff Member

    Messages:
    34,552
    Likes Received:
    181
    Trophy Points:
    63
  17. epsonrok85

    epsonrok85 New Member

    Messages:
    82
    Likes Received:
    0
    Trophy Points:
    0
    Did this upgrade affect the loading speed of our websites? I'm asking because I have gotten a few complaints from a few of my forum's members mentioning that the forum has been running slow since a couple of days ago.
     
  18. Livewire

    Livewire Abuse Compliance Officer Staff Member

    Messages:
    18,100
    Likes Received:
    209
    Trophy Points:
    63
    Not a cause of php 5.3, as your server isn't on it yet (boru cpanel is still reporting a 5.2 version).
     
  19. epsonrok85

    epsonrok85 New Member

    Messages:
    82
    Likes Received:
    0
    Trophy Points:
    0
    Am I supposed to move my server to it or what? I'm completely knew to this.
     
  20. Livewire

    Livewire Abuse Compliance Officer Staff Member

    Messages:
    18,100
    Likes Received:
    209
    Trophy Points:
    63
    Corey will finish moving the servers to php 5.3 by the end of the week. You can't do anything to speed the process up as it's a configuration change on the server, which requires admins to change.
     
Thread Status:
Not open for further replies.

Share This Page