Hi,
Due to [0] should we * require a minimum PHP version of 5.3.27 in libraries/common.inc.php for phpMyAdmin 4.4.15?
* mention this requirement in our doc?
* mention it on the downloads page?
The alternative I see, is to remove in time for phpMyAdmin 4.4.15 the phpseclib fix we did for PHP 7 compatibility in phpMyAdmin 4.4.14. However I would prefer to keep this fix in place, because users of PHP 7 would have to upgrade sooner to phpMyAdmin 4.5, which requires PHP 5.5 to 7.0.
[0] http://stackoverflow.com/questions/32349895/warning-in-libraries-phpseclib-c...
Hi
Dne Sun, 06 Sep 2015 08:27:19 -0400 Marc Delisle marc@infomarc.info napsal(a):
Due to [0] should we
- require a minimum PHP version of 5.3.27 in libraries/common.inc.php
for phpMyAdmin 4.4.15?
mention this requirement in our doc?
mention it on the downloads page?
Looking at the comments, it might be actually fixed already in 5.3.7. Also it can quite easily happen that Redhat will backport the fix to their version, so the strict version check doesn't seem like a good solution.
The alternative I see, is to remove in time for phpMyAdmin 4.4.15 the phpseclib fix we did for PHP 7 compatibility in phpMyAdmin 4.4.14. However I would prefer to keep this fix in place, because users of PHP 7 would have to upgrade sooner to phpMyAdmin 4.5, which requires PHP 5.5 to 7.0.
What I don't understand is what makes mb_strlen($this->_cookie_iv,'8bit') different from strlen($this->_cookie_iv) in this case.
[0] http://stackoverflow.com/questions/32349895/warning-in-libraries-phpseclib-c...
Le 2015-09-07 03:40, Michal Čihař a écrit :
Hi
Dne Sun, 06 Sep 2015 08:27:19 -0400 Marc Delisle marc@infomarc.info napsal(a):
Due to [0] should we * require a minimum PHP version of 5.3.27 in libraries/common.inc.php for phpMyAdmin 4.4.15?
mention this requirement in our doc?
mention it on the downloads page?
Looking at the comments, it might be actually fixed already in 5.3.7. Also it can quite easily happen that Redhat will backport the fix to their version, so the strict version check doesn't seem like a good solution.
We could try to find out the exact PHP version. My point is that we should not just require a minimum version of PHP 5.3, as this is not true. It affects not just Redhat users but all users having PHP between 5.3.0 and, say, 5.3.7.
The alternative I see, is to remove in time for phpMyAdmin 4.4.15 the phpseclib fix we did for PHP 7 compatibility in phpMyAdmin 4.4.14. However I would prefer to keep this fix in place, because users of PHP 7 would have to upgrade sooner to phpMyAdmin 4.5, which requires PHP 5.5 to 7.0.
What I don't understand is what makes mb_strlen($this->_cookie_iv,'8bit') different from strlen($this->_cookie_iv) in this case.
The stackoverflow question reports three warnings, and the mb_strlen() fix was only for one of the warnings. I am not sure either why the fix works (looks like some unexpected characters were in the cookie-stored IV.
The PHP version issue is the explanation for the two other warnings.
[0] http://stackoverflow.com/questions/32349895/warning-in-libraries-phpseclib-c...
_______________________________________________ Developers mailing list Developers@phpmyadmin.net https://lists.phpmyadmin.net/mailman/listinfo/developers
Dne Mon, 07 Sep 2015 08:10:41 -0400 Marc Delisle marc@infomarc.info napsal(a):
Le 2015-09-07 03:40, Michal Čihař a écrit :
Hi
Dne Sun, 06 Sep 2015 08:27:19 -0400 Marc Delisle marc@infomarc.info napsal(a):
Due to [0] should we * require a minimum PHP version of 5.3.27 in libraries/common.inc.php for phpMyAdmin 4.4.15?
mention this requirement in our doc?
mention it on the downloads page?
Looking at the comments, it might be actually fixed already in 5.3.7. Also it can quite easily happen that Redhat will backport the fix to their version, so the strict version check doesn't seem like a good solution.
We could try to find out the exact PHP version. My point is that we should not just require a minimum version of PHP 5.3, as this is not true. It affects not just Redhat users but all users having PHP between 5.3.0 and, say, 5.3.7.
But looking at version string is still bad idea here - if Redhat will fix this, their version will be still called 5.3.3, it will just have applied patch which fixes this particular issue.
What I don't understand is what makes mb_strlen($this->_cookie_iv,'8bit') different from strlen($this->_cookie_iv) in this case.
The stackoverflow question reports three warnings, and the mb_strlen() fix was only for one of the warnings. I am not sure either why the fix works (looks like some unexpected characters were in the cookie-stored IV.
This would be then incompatibility which could bite users on other systems as well, though nothing really problematic...
Le 2015-09-07 08:38, Michal Čihař a écrit :
Dne Mon, 07 Sep 2015 08:10:41 -0400 Marc Delisle marc@infomarc.info napsal(a):
Le 2015-09-07 03:40, Michal Čihař a écrit :
Hi
Dne Sun, 06 Sep 2015 08:27:19 -0400 Marc Delisle marc@infomarc.info napsal(a):
Due to [0] should we * require a minimum PHP version of 5.3.27 in libraries/common.inc.php for phpMyAdmin 4.4.15?
mention this requirement in our doc?
mention it on the downloads page?
Looking at the comments, it might be actually fixed already in 5.3.7. Also it can quite easily happen that Redhat will backport the fix to their version, so the strict version check doesn't seem like a good solution.
We could try to find out the exact PHP version. My point is that we should not just require a minimum version of PHP 5.3, as this is not true. It affects not just Redhat users but all users having PHP between 5.3.0 and, say, 5.3.7.
But looking at version string is still bad idea here - if Redhat will fix this, their version will be still called 5.3.3, it will just have applied patch which fixes this particular issue.
How about just mentioning it just on the downloads page and the doc then?
What I don't understand is what makes mb_strlen($this->_cookie_iv,'8bit') different from strlen($this->_cookie_iv) in this case.
The stackoverflow question reports three warnings, and the mb_strlen() fix was only for one of the warnings. I am not sure either why the fix works (looks like some unexpected characters were in the cookie-stored IV.
This would be then incompatibility which could bite users on other systems as well, though nothing really problematic...
Dne Mon, 07 Sep 2015 10:29:42 -0400 Marc Delisle marc@infomarc.info napsal(a):
Le 2015-09-07 08:38, Michal Čihař a écrit :
Dne Mon, 07 Sep 2015 08:10:41 -0400 Marc Delisle marc@infomarc.info napsal(a):
Le 2015-09-07 03:40, Michal Čihař a écrit :
Hi
Dne Sun, 06 Sep 2015 08:27:19 -0400 Marc Delisle marc@infomarc.info napsal(a):
Due to [0] should we * require a minimum PHP version of 5.3.27 in libraries/common.inc.php for phpMyAdmin 4.4.15?
mention this requirement in our doc?
mention it on the downloads page?
Looking at the comments, it might be actually fixed already in 5.3.7. Also it can quite easily happen that Redhat will backport the fix to their version, so the strict version check doesn't seem like a good solution.
We could try to find out the exact PHP version. My point is that we should not just require a minimum version of PHP 5.3, as this is not true. It affects not just Redhat users but all users having PHP between 5.3.0 and, say, 5.3.7.
But looking at version string is still bad idea here - if Redhat will fix this, their version will be still called 5.3.3, it will just have applied patch which fixes this particular issue.
How about just mentioning it just on the downloads page and the doc then?
Sounds good enough.
-
Marc Delisle -
Michal Čihař