phpCOIN

Pages: (2) [1] 2  ( Go to first unread post ) Reply to this topicStart new topicStart Poll

> Running Phpcoin V1.6.5 On A Php 5.3.x Platform, What you can do until 166 is released
lightman
Posted: August 18, 2012 03:44 pm
Quote Post


The Janitor
***

Group: Admin
Posts: 3,639
Member No.: 3
Joined: August 25, 2006



This post refers to phpCOIN v1.6.5

A kind user proved a valuable lesson to me - One is never too old to learn !! (Of course, remembering things is a different matter biggrin.gif )

My profound thanks to David Anderson, who is, amongst other many talents, a developer of Command Line Interfaces for a number of applications including PHPCoin helpdesk from the command line and a neat interface for WordPress which can be found at http://wordshell.net/

David has supplied us with a great deal of information, a couple of new tricks, and most importantly, corrected the (wrong) assumptions that both cantex and I had regarding the depreciated functions in PHP v5.3.x

Since users started reporting issues with phpCOIN on a PHP 5.3.x platform, I discussed the issue with cantex and we both assumed that the depreciated functions would no longer work, so cantex rushed a phpCOIN v1.6.6 version out whilst confined to bed, and shortly before he passed away. As many of you know, I had to withdraw that version from distribution due to a number of security related coding errors that became apparent - but looking back, it was a tribute to cantex that, during his last days, he bothered to even try and produce a phpCOIN that was compatible with PHP 5.3.0 and backwardly compatible as well !!

David was kind enough to educate me to the fact that the depreciated functions did indeed still work - although they are all due to be REMOVED in various newer versions of PHP

The immediately apparent issue that was causing phpCOIN to crash under PHP 5.3.x was that the function
CODE
function quoted_printable_encode($txt)
is defined natively in PHP 5.3.x and throws an error when attempting to redefine it, so he developed a solution to retain the compatibility with previous PHP versions as follows:-

In ~/coin_includes/core.php (around line 928) - look for the block that Converts a string to quoted-printable format and change it so it is as follows
CODE
/**
* Convert a string to quoted-printable format
* @param string $txt String to be encoded
* @return string Encoded string
*/
if (!function_exists('quoted_printable_encode')) {
function quoted_printable_encode($txt) {
$tmp  = '';
$line = '';
$todo = strlen($txt);
for ($i=0; $i<$todo; $i++) {
 IF (($txt[$i] >= 'a' && $txt[$i] <= 'z') || ($txt[$i] >= 'A' && $txt[$i] <= 'Z') || ($txt[$i] >= '0' && $txt[$i] <= '9')) {
  $line .= $txt[$i];
 } ELSE {
  $line .= '='.sprintf("%02X",ord($txt[$i]));
 }
 IF (strlen($line) >= 75) {
  $tmp .= "$line=\n";
  $line = '';
 }
}
$tmp .= "$line\n";
return $tmp;
}
}
You will see that the function is now wrapped with a new 'if-not-function-exists' test to prevent the function being redefined.

Users need to be aware that whilst this 'fix' will allow phpCOIN to run on a PHP 5.3.x platform, it does nothing to resolve the depreciated functions which may clog up your logs (if you run them) nor guarantee that some combination of parameter settings and configuration may not provoke other critical errors.

If you apply this 'fix' to run phpCOIN v1.6.5 on a PHP 5.3.x platform and encounter any strange or unexpected results, please take the time to give us feedback so we can look and see if the issue might be fixable biggrin.gif


--------------------
***** Unless otherwise stated, all replies refer to the following *****
====================================================================
--- The latest unmodified version of phpCOIN available from the phpCOIN download page on the date and time of this post.
--- All relevant HotFix files applied - One of the four included unmodified themes - The original language files .
--- Help will be given to install/configure/use phpCOIN, but not programming help to modify phpCOIN operations. If you are competent enough to make programming changes, you should be competent enough to read the source code and figure things out :)
PM
Top
quagmire
Posted: August 20, 2012 10:59 am
Quote Post


Newbie
*

Group: Probation
Posts: 1
Member No.: 4,572
Joined: August 20, 2012



If i don't see this post, it's sure i abandon this software because i have a php 5.3 platform (localhost) and can't load correctly the platform but when only put this 2 lines all rules ok.

Perhaps, only for this change, may put a new version 1.6.6 because many people have php 5.3 version and increasingly.

Now i fighting with this aplication and know step by step all characteristics. For the moment, i think is a good job.

(*Sorry for my poor english)
PMEmail Poster
Top
alpm
Posted: August 21, 2012 08:40 am
Quote Post


Newbie
*

Group: Probation
Posts: 1
Member No.: 4,573
Joined: August 21, 2012



Thank you so much for this fix!!
PMEmail Poster
Top
quarky42
Posted: September 02, 2012 06:19 pm
Quote Post


Newbie
*

Group: Probation
Posts: 1
Member No.: 4,574
Joined: September 02, 2012



Thank you for this quick fix. A quick official patch would be helpful. I abandoned php coin when my billing software no longer worked and I didn't find an available patch. Without an official patch, then at least a link to this post on the front page clearly visible regarding the PHP 5.3 compatibility problem...

When my new platform failed to process reocurring bills properly, I stumbled across this post and it saved my php coin installation.

I am SO terribly sorry to hear about cantex's passing. I hope to see php coin live on.
PMEmail Poster
Top
tascam424
Posted: December 10, 2012 01:23 pm
Quote Post


Newbie
*

Group: Probation
Posts: 1
Member No.: 4,585
Joined: December 10, 2012



Just wanted to say thanks for this fix. I have just installed phpCoin for the first time, using fantastico. I didn't even consider reading the pre-requisite, as i ignorantly assumed that if it is provided by my host it must work .. my bad !!!

Anyway so after install, i got nothing but a blank screen both on the frontpage and admin page.

This hack fixed it perfectly.. Thanks !!

Here are my server details, for anybody with the same problem.

Apache version 2.2.23
PHP version 5.3.18
MySQL version 5.1.65-cll
Architecture i686
Operating system linux

Keep up the good work !!!
PMEmail Poster
Top
grahamc
Posted: February 03, 2013 11:44 pm
Quote Post


Newbie
*

Group: Probation
Posts: 1
Member No.: 4,593
Joined: February 03, 2013



Thanks also to all that helped with this fix.

I had phpCoin running on an old, old server, and now I have installed it on a new server and it is working great. I can now delete the old server account and save some money.

Server details are

Apache version 2.2.23
PHP version 5.4.10
MySQL version 5.1.66-cll
Architecture x86_64
Operating system linux

Ta,
Graham
PMEmail Poster
Top
lightman
Posted: February 04, 2013 02:54 pm
Quote Post


The Janitor
***

Group: Admin
Posts: 3,639
Member No.: 3
Joined: August 25, 2006



I would be VERY nervous about running phpCOIN on a PHP 5.4.x platform - at least one function is backwardly incompatible ( get_magic_quotes_gpc ) and is used to provide security in the code !!

See http://www.php.net/manual/en/migration54.incompatible.php for details


--------------------
***** Unless otherwise stated, all replies refer to the following *****
====================================================================
--- The latest unmodified version of phpCOIN available from the phpCOIN download page on the date and time of this post.
--- All relevant HotFix files applied - One of the four included unmodified themes - The original language files .
--- Help will be given to install/configure/use phpCOIN, but not programming help to modify phpCOIN operations. If you are competent enough to make programming changes, you should be competent enough to read the source code and figure things out :)
PM
Top
own3mall
Posted: February 14, 2013 04:18 am
Quote Post


Member
**

Group: Developers
Posts: 14
Member No.: 4,114
Joined: December 20, 2009



QUOTE (lightman @ February 04, 2013 01:54 pm)
I would be VERY nervous about running phpCOIN on a PHP 5.4.x platform - at least one function is backwardly incompatible ( get_magic_quotes_gpc ) and is used to provide security in the code !!

See http://www.php.net/manual/en/migration54.incompatible.php for details

What else would you say is a security risk with the older version of PHPCoin that should be updated? Now that I have more experience with this type of thing, I'd be happy to try securing PHPCoin (though I have no plans to add functionality to it). I'll take a look at the files I've got and see if I can't make this thing secure with PHP 5 by removing / replacing legacy functions permitting my other projects don't subdue me.
PMEmail Poster
Top
lightman
Posted: February 14, 2013 07:00 am
Quote Post


The Janitor
***

Group: Admin
Posts: 3,639
Member No.: 3
Joined: August 25, 2006



All of the depreciated/removed functions need addressing, and all uninitialized variables need wrapping or modifying.


--------------------
***** Unless otherwise stated, all replies refer to the following *****
====================================================================
--- The latest unmodified version of phpCOIN available from the phpCOIN download page on the date and time of this post.
--- All relevant HotFix files applied - One of the four included unmodified themes - The original language files .
--- Help will be given to install/configure/use phpCOIN, but not programming help to modify phpCOIN operations. If you are competent enough to make programming changes, you should be competent enough to read the source code and figure things out :)
PM
Top
own3mall
Posted: February 21, 2013 10:26 pm
Quote Post


Member
**

Group: Developers
Posts: 14
Member No.: 4,114
Joined: December 20, 2009



I tested phpCOIN on an Ubuntu 12.04.1 test server running PHP 5.4.11. I've created a version of phpCOIN that should be fully PHP 5.4 compliant. I tested my changes in this version, and I didn't run into any messages or warnings while playing around with it.

Some things I noticed:

crypt returns strings that are greater than 100 characters (probably better hashing algorithms). That shouldn't be a problem except the database is expecting 100 characters for a password hash. I fixed that by checking the length of the hash and taking the first 100 characters if it's over. That fixed my login problem.

I removed all magic_quote stuff (commented out).

I added comments where I put fixes... they can be found by searching "own3mall" or "PHP 5.4"

Security was already decent (it's using mysql_real_escape_string), and it looks like the magic_quotes weren't being used anyways --- but they're removed.

I applied all the patch fixes in the security forum to my release except the one mentioned here:

http://forums.phpcoin.com/index.php?showtopic=3220

The differences between the changes and the original file were minor... to the point that I didn't see a difference in code handling. Plus, a user posted that it broke his, and I think that's because of some extra variables that may not be in the database...

Please let me know what you think. Could it be released as the v166 and put on the main downloads page? Should I attach it here in this thread too for others to test?

I sent you a PM with a link to this version.
PMEmail Poster
Top
adias
  Posted: April 17, 2013 06:08 pm
Quote Post


Newbie
*

Group: Probation
Posts: 1
Member No.: 4,602
Joined: April 17, 2013



Hello Everybody,

I'm running:

MySQL - 5.5.27
Apache/2.4.3 (Unix)
PHP/5.4.7

I do the fix, but not working here, i get a blank page.

I am a bit desperate because all my clients are registered in phpcoin, and now it is not working. sad.gif .

I have another doubt, how are the development of phpcoin? this project are active or inactive?

[ ] 's Tnks and sorry for my english.




PMEmail Poster
Top
lightman
Posted: April 17, 2013 06:59 pm
Quote Post


The Janitor
***

Group: Admin
Posts: 3,639
Member No.: 3
Joined: August 25, 2006



QUOTE
I do the fix, but not working here, i get a blank page.
Thank you for the feedback - since the PHP 5.4.x platform not supported by phpCOIN at this time - I have no way to replicate your issue or advise you how to fix it - a blank page is usually the result of a syntax error - ensure that any code changes you have made adhere to PHP syntax - check your PHP error logs smile.gif

QUOTE
I have another doubt, how are the development of phpcoin? this project are active or inactive?
The project is not being actively developed at this moment - several developers have accepted the position of lead developer - but they have all disappeared before contributing any code to the project when they realize that there might actually be some work and commitment involved with the position sad.gif


--------------------
***** Unless otherwise stated, all replies refer to the following *****
====================================================================
--- The latest unmodified version of phpCOIN available from the phpCOIN download page on the date and time of this post.
--- All relevant HotFix files applied - One of the four included unmodified themes - The original language files .
--- Help will be given to install/configure/use phpCOIN, but not programming help to modify phpCOIN operations. If you are competent enough to make programming changes, you should be competent enough to read the source code and figure things out :)
PM
Top
smsimonk
  Posted: September 01, 2013 11:25 am
Quote Post


Newbie
*

Group: Probation
Posts: 1
Member No.: 4,610
Joined: September 01, 2013



tongue.gif First of all I would to THANK. A big Thanks for this fix. I am running phpCOIN v1.6.5 on the 5.4.x Platform. I jumped from PHP 5.2.x to 5.4.x without realizing that I will lose the PHPCOIN. But I thank God, with this fix I am running the PHOCOIN smooth on my server with following spec.

phpCOIN v1.6.5 (with fix-file 2009-09-26) + (18 Aug 2012 this fix)

cPanel Version 11.38.2 (build 6)
Apache version 2.2.25
PHP version 5.4.19
MySQL version 5.0.96-community

Thanks guys. I am using since 2006. Please make it run in the future as well. Thanks again tongue.gif tongue.gif

Simon
PMEmail Poster
Top
lightman
Posted: September 02, 2013 09:38 am
Quote Post


The Janitor
***

Group: Admin
Posts: 3,639
Member No.: 3
Joined: August 25, 2006



I would be extremely nervous about running phpCOIN on a PHP 5.4.x platform.

Remember - a number of features that phpCOIN relies on for security - eg ereg(i) - which were depreciated in PHP 5.3.x have been REMOVED in PHP 5.4.x and may result in code not being parsed at all, opening potential security risks.


--------------------
***** Unless otherwise stated, all replies refer to the following *****
====================================================================
--- The latest unmodified version of phpCOIN available from the phpCOIN download page on the date and time of this post.
--- All relevant HotFix files applied - One of the four included unmodified themes - The original language files .
--- Help will be given to install/configure/use phpCOIN, but not programming help to modify phpCOIN operations. If you are competent enough to make programming changes, you should be competent enough to read the source code and figure things out :)
PM
Top
qtriangle
Posted: June 05, 2014 02:15 am
Quote Post


Member
**

Group: Members
Posts: 19
Member No.: 3,942
Joined: August 19, 2009



QUOTE (own3mall @ February 21, 2013 09:26 pm)
I tested phpCOIN on an Ubuntu 12.04.1 test server running PHP 5.4.11.  I've created a version of phpCOIN that should be fully PHP 5.4 compliant.  I tested my changes in this version, and I didn't run into any messages or warnings while playing around with it. 

Some things I noticed:

crypt returns strings that are greater than 100 characters (probably better hashing algorithms).  That shouldn't be a problem except the database is expecting 100 characters for a password hash.  I fixed that by checking the length of the hash and taking the first 100 characters if it's over.  That fixed my login problem.

I removed all magic_quote stuff (commented out).

I added comments where I put fixes... they can be found by searching  "own3mall" or "PHP 5.4"

Security was already decent (it's using mysql_real_escape_string), and it looks like the magic_quotes weren't being used anyways --- but they're removed.

I applied all the patch fixes in the security forum to my release except the one mentioned here:

http://forums.phpcoin.com/index.php?showtopic=3220

The differences between the changes and the original file were minor... to the point that I didn't see a difference in code handling.  Plus, a user posted that it broke his, and I think that's because of some extra variables that may not be in the database...

Please let me know what you think.  Could it be released as the v166 and put on the main downloads page?  Should I attach it here in this thread too for others to test?

I sent you a PM with a link to this version.


@own3mall
Have you handled the changes for ereg(i) etc as pointed out by lightman?

This post has been edited by qtriangle on June 05, 2014 02:15 am
PMEmail Poster
Top
0 User(s) are reading this topic (0 Guests and 0 Anonymous Users)
0 Members:

Topic OptionsPages: (2) [1] 2  Reply to this topicStart new topicStart Poll

 


Inscrita el Registro Mercantil de Mallorca Tomo 2140, Hoja No. PM-51034, Folio 135
This website owned and operated by: Technology Services RPVW S.L. CIF# B57345084
Avda Constitucion 48 Bajos Alaro 07340 Baleares SPAIN
Tel:+34 971518362    Fax: +34 971518368    eMail: support@phpcoin.com