Need Advice on Php Version
I'm posting this for two reasons... one to get some advice and two to inform others that "may" run into this issue.
One of my customer's is on a dedicated server. Their Merchant Account Provider has enlisted the services of SecurityMetrics - to do security audits to all their customer's eCommerce sites. Sadly, we failed; however the failure was strictly due to the Php Version currently on the server, which in our instance is Php 5.25 - Based on their review we need to upgrade to no less than 5.29, but 5.3 is preferable. We are running the latest version of Zen-Cart - 1.3.8a with all security fixes and admin relocation.
I know that a few weeks back I saw issues in the forum regarding installs on 5.3 having major issues, but for the life of me I can't find those posts now. This cart has extensive modifications so I will be checking for threads on some of those mods also, but in general, what issues will I encounter when I upgrade to 5.3.
This is a huge site (over 64G with nearly 20G db) with very heavy traffic and large sales volume, so I need to be prepared before I make the upgrade.
Again, any advice or heads up on what to expect with core code issues is really needed here and is much appreciated in advance for the assistance.
Ruth
Re: Need Advice on Php Version
Re: Need Advice on Php Version
Do you think I could smoothly upgraded to 5.29? (read the posts 5.3 - thanks for the link - searching just wouldn't pull that up for me).
Ruth
Re: Need Advice on Php Version
Quote:
Do you think I could smoothly upgraded to 5.29
Quote:
We are running the latest version of Zen-Cart - 1.3.8a with all security fixes and admin relocation.
If you know how to install the new php version a normal ZenCart will not require any adjustment
Re: Need Advice on Php Version
Quote:
Originally Posted by
kobra
If you know how to install the new php version a normal ZenCart will not require any adjustment
Hi there. Based on the errors I received on the scan and the fixes listed, originally it stated that if I recompiled Php to the latest stable release of 5.2.12 that it would solve all open issues. I did that and then re-ran the scan - This is so frustrating as now it is insisting on Php 5.3.2 - (why the report doesn't give you all the errors at once...is beyond me... :frusty: )
I d/l the patch you referred me to and I'm currently running tests as I did before to be sure I don't have the site down with errors.
Based on the test, the moment I attempt to put something in the cart I go to a white screen.
I'm getting the following error using error reporting -
PHP Deprecated: Function ereg() is deprecated in ...\includes\classes\db\mysql\query_factory.php on line 139.
I attempted modifying the file and made things worse, so I returned it back to the original. Can you help me out here?
I'm told that all Merchant Providers have received notification from Visa and Mastercard of these new tougher requirements... so there will be lots of folks forced to the latest release of PHP
(this is on my local Apache setup). Php is at 5.3.1 (I use XAMPP and this their most recent build - don't have 5.3.2 to test - hoping this will do - ) with MySql 5.1.
Thanks in advance for you help here.
Ruth
Re: Need Advice on Php Version
Quote:
Do you think I could smoothly upgraded to 5.29
ZC run best under this but as you have found out that the scans will send errors.
This might be a good read for you and there are other ways to handle php reported errors. I think you might like item 2
pass a pci compliance scan in 5 steps
Skip
Re: Need Advice on Php Version
Quote:
Originally Posted by
skipwater
ZC run best under this but as you have found out that the scans will send errors.
This might be a good read for you and there are other ways to handle php reported errors. I think you might like item 2
pass a pci compliance scan in 5 steps
Skip
I'm not sure that will work with this particular scan co. My firewall does just that - it only allowed them to connect via http or https - and after pounding my server my firewall did a total deny on their IP. I was instructed in order to pass the scan I "had" to do a total allow in my IP tables file within my firewall application.
So truly I'm back to what is the fix for zen-cart for this release. Sooner or later we have to move to the current Php release -
I need to know what I need to do to correct this error so I can move on with the testing. I have no idea what else I'm facing, but please I really need a little help with this. My customer will lose the merchant account provider if I can't address this.
The error I listed happens just by merely adding a product to the cart, so it's core.
Ruth
Re: Need Advice on Php Version
I have noticed that none of the big guns have jump in here. But if you have done all the other suggestions that have been made. And you still can not get it to work.
Try this and see if it helps (it is not a real fix but it has given me a work around on a couple systems.)
Set the error reporting to E_ALL ^E_DEPRECATED where it is currently being set to E_ALL
change
Code:
error_reporting(E_ALL);
to
Code:
error_reporting(E_ALL ^E_DEPRECATED);
Skip
Re: Need Advice on Php Version
Thanks for your reply. I did that last night after reading posts re: osC having the same issues. The first error I had to get through was on query_factory.
You replace this line (found several times within the file)
Code:
if (!ereg('^[0-9]', $key)) {
with this:
Code:
if (!preg_match('/^[0-9]/', $key)) {
Now once I fixed that error, then I started seeing the rest and trust me there are a ton of them. I'm going to have to go file by file using error checking until I find them all. The most prominent at the moment are in the init_sanitize and in classes/temp_func.
A major patch needs to be release above and beyond what has been release to address all of this. Once I clean this all out, not sure what else I will find. Just going to take it one error at a time. This is going to take awhile...
:frusty:
Ruth
Re: Need Advice on Php Version
Quote:
Originally Posted by rwoody
A major patch needs to be release above and beyond what has been release to address all of this. Once I clean this all out, not sure what else I will find. Just going to take it one error at a time. This is going to take awhile...
I see back where this is a dedicated server...
You didn't poat any of the server details
Specifically the server Linux OS
There are thousands of installs and most run trouble free for the most part and do not have the issues your are experiencing with ZenCart out-of-the-box/patched for security
