Knowledgebase: Errors & Common Problems
You are using a version of PHP that no longer receives security updates.
Posted by Mark [Elevated X Support], Last modified by Mark [Elevated X Support] on 01 November 2018 11:25 AM

Error:

WARNING: You are using a version of PHP that no longer receives security updates.
This puts your system at risk. Please contact host so they can update PHP.

We recommend PHP 7.1 or PHP 7.2. More details on why we do this are at the bottom of this article.

Checklist:

Here is a list of software that your host should update prior to upgrading PHP.

- MySQL: We will be requiring MySQL 5.7.19 or MariaDB 10.0.5 or greater moving forward. Please have your host update your database prior to updating PHP, as our software only works on these database versions on PHP 7.1 or greater.

- ImageMagick: Our software will require ImageMagick 6.8.1 or greater. Please make sure your host installs this or upgrades the existing ImageMagick that is installed on their site.

Upgrade Steps:

If you are upgrading from PHP 5.4/5.5 to PHP 5.6, your host should be able to do this without any files on our end.

If you are upgrading from PHP 5.6 to PHP 7.0 - 7.2, you will need to log into your admin panel and check what IonCube version of the software you have:

Old install:

Current Install:



If you see the following string:

  • (ion 7.1)
You or your host can upgrade PHP on your end without any intervention on our part. You or they can follow our CMS Requirements Page and make sure all the necessary libraries are available.

If you see ANY of the following:

  • (ion 5.4)
  • (ion 5.6)
  • (source)
Or any other string besides (ion 7.1), please do the following:

  • You or your host will need to upgrade your IonCube loaders to version 10.2 or greater. You can find a copy of these loaders here:
  • Please contact CMS support. We will need to upgrade your admin panel files before your host can upgrade PHP.

PHP 7.0+ Pitfalls

PHP 7.0 no longer includes the original MySQL API. While the Elevated X CMS no longer uses this library, you may have other software or custom templates that uses this functionality.

If you have any software that uses this deprecated library, your host should be able to install this as a PECL module:

https://pecl.php.net/package/mysql

Although it should be possible to build this extension with PHP 7.0 and use this old library, you are strongly encouraged to port any custom code to use MySQLi / PDO, and contact any vendors that don't have direct PHP 7.0 support.

PHP 7.2+ Pitfalls

PHP 7.2 has some changes to type handling that may introduce errors on your templates.

If you are upgrading to PHP 7.2 and are using existing templates, we have a script your host can run that will correct several common errors on your PHP templates:

They can get this script here:

https://support.elevatedx.com/fix_templates_php72.php.txt

They can retrieve this file by running:

wget https://support.elevatedx.com/fix_templates_php72.php.txt -O fix_templates_php72.php

And run the script by doing:

php fix_templates_php72.php /path/to/cms_admin/phptemplates/

Where /path/to/cms_admin/ is a path to their template folder.

Note: PLEASE BACK UP ANY TEMPLATES BEFORE RUNNING THIS SCRIPT.


If you are still getting template errors after your upgrade to PHP 7.2 we recommend that you go into Global Settings, and find a setting called "Error Reporting Level". You'll want to set this value to "Only Show Fatal Errors". If you do not see this setting within your admin panel, contact CMS support and we'll update you to a new build that has this setting.

Here are some common errors you may see as part of an upgrade. The above script should fix many of these errors, but you or your designer may need to fix these manually.

Here are common ways to mitigate these errors:

sizeof: If you are receiving errors on your front-end saying that the argument passed to sizeof is not an array, you, or your designer can go into the templates and replace instances of sizeof with:

array_not_empty

This is a function built into the CMS that will return the size of an array object, or NULL if the object passed is not an array.

If you are using our standard templates, we recommend upgrading to the newest build of our templates. You can find them here:
https://support.elevatedx.com/newest_templates.php

Warning: Use of undefined constant XXXXXX - assumed 'XXXXXX' (this will throw an Error in a future version of PHP) in /path/to/file.tpl

This happens when you see a value that looks like so:

XXXXXX

What's needed here is to put single quotes around this item. In the above case, changing the value to this:

'XXXXXX'

Will fix this error.

Software Requirements:

When your host updates PHP, please make sure they follow the CMS requirements guideline here:

http://elevatedx.com/requirements.php

Upgrade Rationale:

In order to protect our clients from hacking attacks, we have made our CMS require a major version of PHP that supports security updates.

Here are list of dates that we have discontinued, or will discontinue support for a specific version of PHP

  • PHP 5.2: October 27th, 2014
  • PHP 5.3: December 15th, 2014
  • PHP 5.4: May 1st, 2017
  • PHP 5.5: May 1st, 2017
  • PHP 5.6: December 31st, 2018
  • PHP 7.0: December 31st, 2018
  • PHP 7.1: December 31st, 2019
For newer versions of PHP, these dates coincide with when PHP stops receiving security updates:
  • PHP 5.2 stopped receiving security updates as of January 6th, 2011.
  • PHP 5.3 stopped receiving security updates as of August 14th, 2014.
  • PHP 5.4 stopped receiving security updates as of September 3rd, 2015.
  • PHP 5.5 stopped receiving security updates as of July 21st, 2016.
  • PHP 5.6 will stop receiving security updates as of December 31st, 2018.
  • PHP 7.0 will stop receiving security updates as of December 3st, 2018.
  • PHP 7.1 will stop receiving security updates as of December 1st, 2019.

When a major version of PHP no longer receives security updates, it opens your server to hacking attacks.

Example:
http://arstechnica.com/security/2014/03/php-bug-allowing-site-hijacking-still-menaces-internet-22-months-on/

Moving forward, the CMS will only operate on versions of PHP that receive security updates. This makes your install more secure.

(3 vote(s))
Helpful
Not helpful

Comments (0)