Thread: PHP 5.2 to 5.3

Page 1 of 2 12 Last
  • Jump to page:
    #1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2008
    Posts
    51
    Rep Power
    7

    PHP 5.2 to 5.3


    Hi,


    I bought a little software 4 years ago which I really like. It was written for the PHP 5.2 server.

    I use to be able to install it and run it on my hosting server, but now errors are popping up everywhere because the server is now 5.3.

    Is there anyway I can update my software so it'll work on the 5.3 server?

    Like a step by step instructions - find and replace this (code) by this (code) way to do it?

    Thanks much.

    Any help would be much appreciated.
  2. #2
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Hi,

    I highly doubt this has anything to do with the new version. If you check the backward incompatible changes, they are very few and only concern special features.

    It's much more likely that beforehands all error messages were turned off, which covered up some bad coding. Now you simply see the errors that have always existed.

    What kind of errors do you get exactly?
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2008
    Posts
    51
    Rep Power
    7
    Originally Posted by Jacques1
    Hi,

    I highly doubt this has anything to do with the new version. If you check the backward incompatible changes, they are very few and only concern special features.

    It's much more likely that beforehands all error messages were turned off, which covered up some bad coding. Now you simply see the errors that have always existed.

    What kind of errors do you get exactly?
    Hi Jacques,

    Thanks for you reply. I believe that initially a lot of error messages popped up after my hosting server switched to 5.3. And at the advice of someone a while back I turned of the error messages. And now the error messages disappeared except of this:

    You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' 10000, ' at line 6

    and for this when I try to reinstall the software:

    Table 4: RDV could not be created (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(14), cap varchar(255), app_length varchar(255), ' at line 5)

    One or more errors have occurred. The tables could not be set up properly. Please go back
    and check your entries (capitalization, password etc.).
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    As you can see, those are issues with the SQL syntax, which has absolutely nothing to do with PHP 5.2 vs. PHP 5.3. Either the queries themselves are messed up, or it's an input issue. I cannot tell without seeing the actual code.

    The reason why those error messages still pop up is because the programmer obviously didn't know how to do proper error handling and instead used something like this:
    PHP Code:
    mysql_query(...) or die(mysql_error()); 
    ... which you should fix right away. Use error_log() instead of a plain "echo".

    Apart from that: Do not just hide the errors. Fix them. PHP is generally quite "robust" and will even run with broken code, but errors sometimes point to deeper issues or even security problems (like improper escaping). So you should definitely check them and not just suppress the error messages.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2008
    Posts
    51
    Rep Power
    7
    Your input is really helpful, Jacques. Thanks !

    The install.php is huge - over 500 lines of codes.

    I wouldn't know where to begin to correct where it is going wrong.

    And I can't imaging posting 500 lines of codes here.

    Guess I'll have to hire someone to do it.

    Though, I'm puzzled why when it was PHP 5.2, I was able to install the software even with the error messages turned on. And now in PHP 5.3, I'm not able to intall the software with the error messages set to ON or OFF.
  10. #6
  11. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    You don't need all 500 lines, just the parts that generate these errors.



    Originally Posted by eropsy
    Though, I'm puzzled why when it was PHP 5.2, I was able to install the software even with the error messages turned on. And now in PHP 5.3, I'm not able to intall the software with the error messages set to ON or OFF.
    When did you go through the installation procedure in PHP 5.2? 4 years ago? That's a long time, your hoster has made a lot of updates in the meantime (hopefully), maybe he upgraded MySQL, maybe he changed the configuration.

    Just because the PHP update and the errors happen at the same time doesn't mean the errors were caused by the new version. Given the concrete errors, it's actually very unlikely (like I already said).

    Anyway, complaining about it won't help. Unless you plan to test the application again on PHP 5.2, it is like it is.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  12. #7
  13. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,317
    Rep Power
    7170
    The problem is more likely due to a configuration change that occurred during the upgrade than due to differences between the language in the two versions. However, that still doesn't really help you because without some detailed digging there's no way to know what changed.

    It sounds like maybe magic quotes got turned off or possibly they upgraded the MySQL version at the same time.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2008
    Posts
    51
    Rep Power
    7
    Originally Posted by Jacques1
    You don't need all 500 lines, just the parts that generate these errors.





    When did you go through the installation procedure in PHP 5.2? 4 years ago? That's a long time, your hoster has made a lot of updates in the meantime (hopefully), maybe he upgraded MySQL, maybe he changed the configuration.

    Just because the PHP update and the errors happen at the same time doesn't mean the errors were caused by the new version. Given the concrete errors, it's actually very unlikely (like I already said).

    Anyway, complaining about it won't help. Unless you plan to test the application again on PHP 5.2, it is like it is.
    Thanks again Jacques. I'm posting the part where the error occured :


    PHP Code:
           $create_temp_db "            CREATE TABLE ".$temp_db." (              id int(11) NOT NULL auto_increment,              datum varchar(15) NOT NULL,              grund text NOT NULL,              time timestamp(14),              cap varchar(255),              app_length varchar(255),              app_dimension varchar(255),              status varchar(255) NOT NULL default '',              PRIMARY KEY (id),              KEY id (id),              KEY datum (datum),              KEY time (time),              KEY cap (cap)           )        ";         $insert_default_capacity "              INSERT INTO " $settings_db "          VALUES (    1,                      'capacity',                      'Default',                      '{ 
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2008
    Posts
    51
    Rep Power
    7
    Originally Posted by E-Oreo
    The problem is more likely due to a configuration change that occurred during the upgrade than due to differences between the language in the two versions. However, that still doesn't really help you because without some detailed digging there's no way to know what changed.

    It sounds like maybe magic quotes got turned off or possibly they upgraded the MySQL version at the same time.
    Thanks Oreo.

    Looks like I will have to hire a PHP person.

    I don't have any formal training. I've been teaching myself PHP and have been able to do some things on my own and make it work...but on matters that need a real PHP person. I know I have to hire someone.
  18. #10
  19. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    The error you posted is definitely because of a MySQL update.

    This "timestamp(14)" in the CREATE TABLE was removed 9(!) years ago, so it looks like both your programmer and your hoster had some really ancient version of MySQL. It's no wonder the queries blow up now.

    I have to tell you that the code generally doesn't look too good. It looks like the programmer lacked basic PHP knowledge (loops, reading files, security) and came up with some weird workarounds instead. He/she also didn't escape query variables, so the whole code might be full of security holes.

    So I definitely wouldn't invest more money into fixing this stuff. Repair all important errors (if you need help, post the code here) and run the site as long as it still works -- let's hope no script kiddie finds it.

    If you're looking for better code, check for existing solutions, which you only have to adjust to your needs. Or find somebody who knows what he/she is doing and let him/her write the code from scratch. But that won't be cheap. Good people usually want good money -- unless they happen to be your friends.
    Last edited by Jacques1; February 8th, 2013 at 07:36 PM.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  20. #11
  21. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2008
    Posts
    51
    Rep Power
    7
    Thanks Jacques.

    That's really helpful.

    I think I will follow your advice.

    In the meantime I'll just play around with this. I always intended the software to be my "learning" PHP experiment anyway.

    So how do I fix the 14 timestamp?
  22. #12
  23. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Originally Posted by eropsy
    So how do I fix the 14 timestamp?
    It's just TIMESTAMP without any number. See the manual.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  24. #13
  25. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2008
    Posts
    51
    Rep Power
    7
    I read the timestamp manuel & removed the 14 and the installation is successful. Great!

    I checked the softwares functionalities and I'm getting three types of error msgs:

    1. Function eregi() is deprecated in /home/./www/www/././list.php

    2. Assigning the return value of new by reference is deprecated in /home/./www/www/././update.class.inc.php

    3. Deprecated: Function split() is deprecated in /home/./www/www/././calendargrid.inc.php on line 51

    Which I guess is a good thing, they seem to be very specific problems,
    Well, I found this help manual on the migration from 5.2 to 5.3.
    http://php.net/manual/en/migration53.php
    Am going to read it and see if I can't fix it.

    Anyways, my eyeballs are fried from staring at the screen for 12 hours straight.
    Am going to call it a day.

    Thanks again for your help, Jacques.
  26. #14
  27. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2008
    Posts
    51
    Rep Power
    7
    Hi again everyone,

    I was able to successfully update my software from PHP 5.2 to 5.3 with the help of this manual http://www.php.net/manual/en/migration53.deprecated.php

    There was just one last thing that I did not understand :
    Deprecated: Assigning the return value of new by reference is deprecated in /soc/update.php on line 139

    Although, on the advice found on other forums, removing the (&) sign appears to have worked, I still would like to make sure that it is the thing to do, that is, I'd like to understand it - and not just simply do it. Are there any gurus here that can put it in layman's term for me?

    Thanks much for your help . The code in question I changed was this -

    $renderer =& new HTML_QuickForm_Renderer_ArraySmarty($out->get_object, true);

    to

    $renderer = new HTML_QuickForm_Renderer_ArraySmarty($out->get_object, true);
  28. #15
  29. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,317
    Rep Power
    7170
    The new operator always returns a reference, so doing an assignment by reference (=&) when creating an object is redundant.

    Actually, objects in PHP are always passed and assigned by reference, so using & in any context with objects is redundant.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around
Page 1 of 2 12 Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo