View Issue Details

IDProjectCategoryView StatusLast Update
0001260Main CAcert Websitesource codepublic2018-03-04 10:24
ReporterBenBEAssigned ToBenBE 
PriorityurgentSeverityblockReproducibilityalways
Status needs workResolutionopen 
Product Version2014 Q1 
Target Version2014 Q2Fixed in Version 
Summary0001260: Make the source compatible with recent PHP versions
DescriptionMake the source run at least with PHP 5.5 or more recent
Additional InformationCurrent source presented by General Failure.
TagsNo tags attached.
Reviewed by
Test Instructions

Relationships

related to 0000156 needs workbluec magic_quotes_gpc vs. mysql_escape_string() 
related to 0001031 fix availablePatrick Disable use of insecure function mysql_escape_string() 
related to 0001162 fix availableINOPIAE calcutate (the passwords) hash in php instead of in mysql -> \\ 
related to 0001184 closedBenBE Hex2bin function 
related to 0001266 closedNEOatNHNG Second-Level SQL Injection in Certificate-related queries 
child of 0001262 solved?wytze SslLabs B rating (if trust issues are ignored) for cacert.org SSL/TLS setup 

Activities

wytze

2014-06-26 14:36

developer   ~0004872

Just some samples of running against PHP 5.4 from Debian Wheezy:

HP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /www/includes/lib/general.php on line 35, referer: https://cacert2.it-sls.de/index.php
PHP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /www/includes/lib/general.php on line 37, referer: https://cacert2.it-sls.de/index.php
PHP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /www/www/index.php on line 254, referer: https://cacert2.it-sls.de/index.php?id=4
PHP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /www/www/index.php on line 255, referer: https://cacert2.it-sls.de/index.php?id=4
PHP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /www/www/verify.php on line 104
PHP Notice: Undefined index: oldlocation in /www/www/index.php on line 336, referer: https://cacert2.it-sls.de/index.php?id=4

Even with PHP 5,3 on Debian Squeeze, there are already quite some warnings generated:

PHP Deprecated: Function ereg() is deprecated in /www/www/gpg.php on line 461, referer: https://secure.cacert.org/gpg.php?id=0
PHP Deprecated: Function ereg() is deprecated in /www/www/gpg.php on line 465, referer: https://secure.cacert.org/gpg.php?id=0
PHP Deprecated: Function ereg() is deprecated in /www/www/gpg.php on line 483, referer: https://secure.cacert.org/gpg.php?id=0
PHP Fatal error: Call to undefined function GetY() in /www/www/capnew.php on line 1011
PHP Fatal error: Call to undefined function GetY() in /www/www/capnew.php on line 1011, referer: http://wiki.cacert.org/Assurance/CustomizedCAP/DE
PHP Fatal error: Call to undefined method CAPPDF::AddSJISFont() in /www/www/capnew.php on line 1603
PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-16384 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://www.cacert.org/account.php
PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-2432 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://www.cacert.org/account.php
PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-3072 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://secure.cacert.org/account.php
PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-3096 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://secure.cacert.org/account.php
PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-5024 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://www.cacert.org/account.php
PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-8092 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://secure.cacert.org/account.php?id=10
PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-8192 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://www.cacert.org/account.php?id=5
PHP Warning: DOMDocument::load(): CData section not finished\n

<code>German version below</code>

\n

There in /www/pages/index/feed.rss, line: 350 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): CData section not finished\n

[Translations Dutch, German and Spanish see bel in /www/pages/index/feed.rss, line: 89 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Document is empty in /www/pages/index/feed.rss, line: 1 in /www/pages/index/0.php on line 41, referer: https://secure.cacert.org/account.php?id=5
PHP Warning: DOMDocument::load(): Premature end of data in tag channel line 11 in /www/pages/index/feed.rss, line: 197 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Premature end of data in tag creator line 197 in /www/pages/index/feed.rss, line: 197 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Premature end of data in tag encoded line 231 in /www/pages/index/feed.rss, line: 350 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Premature end of data in tag encoded line 73 in /www/pages/index/feed.rss, line: 89 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Premature end of data in tag item line 192 in /www/pages/index/feed.rss, line: 197 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Premature end of data in tag item line 212 in /www/pages/index/feed.rss, line: 350 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Premature end of data in tag item line 58 in /www/pages/index/feed.rss, line: 89 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Premature end of data in tag rss line 2 in /www/pages/index/feed.rss, line: 197 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Premature end of data in tag rss line 2 in /www/pages/index/feed.rss, line: 350 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Premature end of data in tag rss line 2 in /www/pages/index/feed.rss, line: 89 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Start tag expected, '<' not found in /www/pages/index/feed.rss, line: 1 in /www/pages/index/0.php on line 41
PHP Warning: DOMDocument::load(): Unregistered error message in /www/pages/index/feed.rss, line: 197 in /www/pages/index/0.php on line 41
PHP Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in /www/includes/general.php on line 82, referer: https://secure.cacert.org/account.php
PHP Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in /www/includes/general.php on line 87, referer: https://secure.cacert.org/account.php
PHP Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in /www/includes/loggedin.php on line 46, referer: https://secure.cacert.org/account.php
PHP Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /www/includes/general.php on line 618, referer: https://www.cacert.org/account.php
PHP Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /www/includes/lib/general.php on line 41, referer: https://secure.cacert.org/account.php
PHP Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /www/includes/notary.inc.php on line 1291, referer: https://secure.cacert.org/account.php?id=50&userid=297249&csrf=25635229e752b5c92cadbb0eefb455ec&ticketno=a20140322.1
PHP Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /www/www/index.php on line 140, referer: https://www.cacert.org/index.php?id=5

felixd

2014-08-08 23:38

updater   ~0004925

I have commits that are suitable for the "ereg" and "Undefined index: oldlocation" errors.

https://github.com/yellowant/cacert-devel/commits/bug-1260

Issue History

Date Modified Username Field Change
2014-03-19 10:39 BenBE New Issue
2014-03-19 10:39 BenBE Assigned To => BenBE
2014-03-19 10:48 BenBE Status new => needs work
2014-03-19 10:53 BenBE Relationship added related to 0000156
2014-03-19 10:54 BenBE Relationship added related to 0001031
2014-03-19 10:55 BenBE Relationship added related to 0001162
2014-03-19 10:59 BenBE Relationship added related to 0001184
2014-04-06 07:20 BenBE Relationship added child of 0001262
2014-04-09 20:38 BenBE Relationship added related to 0001266
2014-06-26 14:36 wytze Note Added: 0004872
2014-08-08 23:38 felixd Note Added: 0004925
2014-09-07 15:24 sebix Relationship added related to 0001241
2014-10-18 10:44 wytze Relationship deleted related to 0001241