Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extension 'mcrypt' is deprecated since PHP 7.1 #228

Closed
derekakelly opened this issue Nov 7, 2018 · 6 comments
Closed

Extension 'mcrypt' is deprecated since PHP 7.1 #228

derekakelly opened this issue Nov 7, 2018 · 6 comments

Comments

@derekakelly
Copy link

I ran a PHP Compatibility test and got the following results

`FILE: XXXXXXX/wp-content/plugins/cloudflare/vendor/cloudflare/cloudflare-plugin-backend/src/SecurityUtil.php

FOUND 0 ERRORS AND 2 WARNINGS AFFECTING 1 LINE

16 | WARNING | Extension 'mcrypt' is deprecated since PHP 7.1 - use openssl (preferred) or pecl/mcrypt once available instead.
16 | WARNING | Function mcrypt_create_iv() is deprecated since PHP 7.1; use OpenSSL instead
--------------------------------------------------------------------------------------------------------------------------------------------`

I found this to be a long standing issue that hasn't gotten a lot of attention:
https://wordpress.org/support/topic/extension-mcrypt-is-deprecated-since-php-7-1/

Is this in the roadmap to be resolved? I noticed it's been 11 months since an update was pushed through.. What is the status of this plugin?

Thanks for your time,
Derek
@kevinmrl
Copy link

Anyone? As it becomes an issue for more and more website owners: https://wordpress.org/support/topic/php-7-2-incompatibility-223/

@jb510
Copy link

jb510 commented Jan 4, 2019

@derekakelly look at the code.

https://github.com/cloudflare/cloudflare-plugin-backend/blob/master/src/SecurityUtil.php#L12

Your tool is reporting a false positive.

If random_bytes doesn't exist (which it does in PHP 7 and higher) then it falls back to PHP 5 functions.

@derekakelly
Copy link
Author

Hi @jb510
I see that, but while testing, I was able to determine the plugin only works up to php 7.0, anything higher and it breaks my site.

Also, it's not compatible with WordPress 5+

https://wordpress.org/support/topic/my-email-to-cloudflare-support/

@AiratHalitov AiratHalitov mentioned this issue Feb 6, 2019
Closed
@jarrodwhitley
Copy link

This issue has been open for months now and Cloudflare can't even deign to acknowledge the issue. Our company pays Cloudflare too much money to be ignored. Very poor customer service.

@jb510
Copy link

jb510 commented Mar 13, 2019

This is a non-issue and should be closed.

That is not to say there weren't issues with PHP 7.2, just this in particular is a false positive in the compat tool because it's flagging fallback code for PHP 5.

@zackproser
Copy link
Contributor

Thanks for opening this issue and providing the compatibility checker output.

I would agree, however, that this is particular issue can be closed since the compatibility checker is referring to a fallback code path that should not run whenever the preferred random_bytes function is available.

As the plugin itself mentions https://wordpress.org/plugins/php-compatibility-checker/

Please note that linting code is not perfect. This plugin cannot detect unused code-paths that might be used for backwards compatibility, and thus might show false positives.

We are also tracking and addressing individual PHP 7+ compatibility problems in separate issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jb510 @zackproser @derekakelly @jarrodwhitley @kevinmrl