View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001260 | Main CAcert Website | source code | public | 2014-03-19 10:39 | 2021-05-31 12:27 |
| Reporter | BenBE | Assigned To | BenBE | ||
| Priority | urgent | Severity | block | Reproducibility | always |
| Status | needs work | Resolution | open | ||
| Product Version | 2014 Q1 | ||||
| Target Version | 2014 Q2 | ||||
| Summary | 0001260: Make the source compatible with recent PHP versions | ||||
| Description | Make the source run at least with PHP 5.5 or more recent | ||||
| Additional Information | Current source presented by General Failure. | ||||
| Tags | No tags attached. | ||||
| Reviewed by | |||||
| Test Instructions | |||||
| related to | 0001449 | needs work | bdmc | Move configuration from code to external file |
| parent of | 0001442 | needs review & testing | GuKKDevel | Rewrite code to use ext/mysqli API (or PDO_MySQL) instead of ext/mysql |
| parent of | 0001444 | needs review & testing | bdmc | Update PHP <? tags appropriately |
| parent of | 0001446 | needs work | pmoulding@cacert.org | Add an autoloader as a step toward moving common code into classes |
| parent of | 0001448 | new | pmoulding@cacert.org | Convert to new error class |
| related to | 0000156 | needs work | magic_quotes_gpc vs. mysql_escape_string() | |
| related to | 0001031 | fix available | Patrick | Disable use of insecure function mysql_escape_string() |
| related to | 0001162 | fix available | INOPIAE | calcutate (the passwords) hash in php instead of in mysql -> \\ |
| related to | 0001184 | closed | BenBE | Hex2bin function |
| related to | 0001266 | closed | NEOatNHNG | Second-Level SQL Injection in Certificate-related queries |
| Not all the children of this issue are yet resolved or closed. | ||||
|
|
Just some samples of running against PHP 5.4 from Debian Wheezy: HP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /www/includes/lib/general.php on line 35, referer: https://cacert2.it-sls.de/index.php PHP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /www/includes/lib/general.php on line 37, referer: https://cacert2.it-sls.de/index.php PHP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /www/www/index.php on line 254, referer: https://cacert2.it-sls.de/index.php?id=4 PHP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /www/www/index.php on line 255, referer: https://cacert2.it-sls.de/index.php?id=4 PHP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /www/www/verify.php on line 104 PHP Notice: Undefined index: oldlocation in /www/www/index.php on line 336, referer: https://cacert2.it-sls.de/index.php?id=4 Even with PHP 5,3 on Debian Squeeze, there are already quite some warnings generated: PHP Deprecated: Function ereg() is deprecated in /www/www/gpg.php on line 461, referer: https://secure.cacert.org/gpg.php?id=0 PHP Deprecated: Function ereg() is deprecated in /www/www/gpg.php on line 465, referer: https://secure.cacert.org/gpg.php?id=0 PHP Deprecated: Function ereg() is deprecated in /www/www/gpg.php on line 483, referer: https://secure.cacert.org/gpg.php?id=0 PHP Fatal error: Call to undefined function GetY() in /www/www/capnew.php on line 1011 PHP Fatal error: Call to undefined function GetY() in /www/www/capnew.php on line 1011, referer: http://wiki.cacert.org/Assurance/CustomizedCAP/DE PHP Fatal error: Call to undefined method CAPPDF::AddSJISFont() in /www/www/capnew.php on line 1603 PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-16384 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://www.cacert.org/account.php PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-2432 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://www.cacert.org/account.php PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-3072 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://secure.cacert.org/account.php PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-3096 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://secure.cacert.org/account.php PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-5024 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://www.cacert.org/account.php PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-8092 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://secure.cacert.org/account.php?id=10 PHP Warning: checkDebianVulnerability(): /usr/share/openssl-blacklist/blacklist.RSA-8192 is not readable. Unsupported key size? in /www/includes/lib/check_weak_key.php on line 335, referer: https://www.cacert.org/account.php?id=5 PHP Warning: DOMDocument::load(): CData section not finished\n <code>German version below</code> \nThere in /www/pages/index/feed.rss, line: 350 in /www/pages/index/0.php on line 41 [Translations Dutch, German and Spanish see bel in /www/pages/index/feed.rss, line: 89 in /www/pages/index/0.php on line 41 |
|
|
I have commits that are suitable for the "ereg" and "Undefined index: oldlocation" errors. https://github.com/yellowant/cacert-devel/commits/bug-1260 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2014-03-19 10:39 | BenBE | New Issue | |
| 2014-03-19 10:39 | BenBE | Assigned To | => BenBE |
| 2014-03-19 10:48 | BenBE | Status | new => needs work |
| 2014-03-19 10:53 | BenBE | Relationship added | related to 0000156 |
| 2014-03-19 10:54 | BenBE | Relationship added | related to 0001031 |
| 2014-03-19 10:55 | BenBE | Relationship added | related to 0001162 |
| 2014-03-19 10:59 | BenBE | Relationship added | related to 0001184 |
| 2014-04-06 07:20 | BenBE | Relationship added | child of 0001262 |
| 2014-04-09 20:38 | BenBE | Relationship added | related to 0001266 |
| 2014-06-26 14:36 | wytze | Note Added: 0004872 | |
| 2014-08-08 23:38 | felixd | Note Added: 0004925 | |
| 2014-09-07 15:24 | sebix | Relationship added | related to 0001241 |
| 2014-10-18 10:44 | wytze | Relationship deleted | related to 0001241 |
| 2018-10-21 10:30 | Ted | Relationship added | has duplicate 0001442 |
| 2018-10-28 21:41 | Ted | Relationship deleted | has duplicate 0001442 |
| 2018-10-28 21:42 | Ted | Relationship added | parent of 0001442 |
| 2018-10-29 22:21 | Ted | Relationship added | parent of 0001444 |
| 2018-11-09 21:59 | Ted | Relationship added | parent of 0001446 |
| 2018-11-09 22:07 | Ted | Relationship added | parent of 0001448 |
| 2018-11-11 19:19 | bdmc | Relationship added | parent of 0001449 |
| 2018-11-11 19:20 | bdmc | Relationship added | parent of 0001450 |
| 2018-11-15 20:09 | Ted | Relationship deleted | parent of 0001450 |
| 2018-11-16 10:55 | GuKKDevel | Relationship deleted | parent of 0001449 |
| 2019-01-24 11:33 | wytze | Relationship deleted | child of 0001262 |
| 2021-05-31 12:27 | bdmc | Relationship added | related to 0001449 |
