Post by IP_CAM » Tue Jul 10, 2018 5:16 am

I really wouldn't suggest to v1.5x releases for the latest release of PHP ...
would have to be taxed as hypothetical statement, but not based on tested Facts, as
I demonstrated already by working links. But it also might depend on Extensions used,
some of them possibly don't work anymore, or at least present Warnings, like in later
OC Versions as well. At least up to php v.7.2.x, but if it still functions in latest PHP v.7.3
cannot be judged on yet ..., for those, eager to always run the latest Things ::)
---
PHP v.7.2.7 TestSite Default OC 1.5.6.5_rc: http://www.jti.li/shop/
PHP v.7.2.7 TestSite OC 1.5.6.5_rc Merkent Bootstrap Theme: http://www.bigmax.ch/shop/
---
shop\system\library\encryption.php (OC v.1.5.6.1 ? - 1.5.6.5_rc Replacement File !)

Code: Select all

<?php
final class Encryption {
	
	private $cipher = 'aes-256-ctr';
	private $digest = 'sha256';
	private $key;
	
	public function __construct($key) {
		$this->key = $key;
	}

	public function encrypt($value) {
		$key       = openssl_digest($this->key, $this->digest, true);
		$iv_length = openssl_cipher_iv_length($this->cipher);
		$iv        = openssl_random_pseudo_bytes($iv_length);
		return base64_encode($iv . openssl_encrypt($value, $this->cipher, $key, OPENSSL_RAW_DATA, $iv));
	}
	
	public function decrypt($value) {
		$key       = openssl_digest($this->key, $this->digest, true);
		$iv_length = openssl_cipher_iv_length($this->cipher);
		$value     = base64_decode($value);
		$iv        = substr($value, 0, $iv_length);
		$value     = substr($value, $iv_length);
		return openssl_decrypt($value, $this->cipher, $key, OPENSSL_RAW_DATA, $iv);
	}
}
?>
And a few days ago, my Hoster added this new .htaccess_sample
1-liner-file onto my Sites, but without any comments to it:
AddHandler application/x-httpd-php70to72 .php
to possibly be used instead of normally using one of those:

Code: Select all

AddHandler application/x-httpd-php70 .php
AddHandler application/x-httpd-php71 .php
AddHandler application/x-httpd-php72 .php
I have not found out anywhere about it's explicit function yet, but
it could be possible, that it will select automatically, wich version
matches best ... ??? Just to have it mentioned too ! ;)
Good Luck, keep the original file, just in case ! :D
Ernie

My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by straightlight » Tue Jul 10, 2018 6:34 am

would have to be taxed as hypothetical statement, but not based on tested Facts
Of course. The fact is that the provided solution above is not provided out of the box when installing OC as a fresh install which means server modification parameters needs to be manually set to the domain in order to process what may or may not work for everyone since these parameters still relies on server-specifics.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by IP_CAM » Tue Jul 10, 2018 8:22 am

... solution above is not provided out of the box
Well, it's an old Box already, I'm talking about, I know ... , but some
just like the Things, they 'use', and not get divorced, just to get a
new feeling again, once in a while. And the bulkloads of fixes,
recommended, to fix later OC's, are also not provided out of
the box. So, what's the difference ?

It's one of the reason, to have this place here, also for those, looking
for possible alternatives. And this, without beeing forced, to likely run into
a bunch of new problems, instead of beeing able to solve a single old one.

Especially in a time, where another version is soon to be expected again.
And, as we all know, older Version Supporter slowly fade away, or even
turn into version-political enemies, for whatever reason they might have.
It's a complicated world out there ... :crazy:
Ernie

My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by straightlight » Tue Jul 10, 2018 8:42 am

t's one of the reason, to have this place here, also for those, looking
for possible alternatives. And this, without beeing forced, to likely run into
a bunch of new problems, instead of beeing able to solve a single old one.
My point exactly. It's those single old ones as you said that may prevent thousands of extensions to keep on running due to the core fixes. What's the difference? I just named one. People could buy a million extension which forum posters and supporters would believe it would solve all their problems. The truth is, it may resolve many of them - but not all of them. Granted, a new version is about to be released. However, even with new distributions, I am still able, as much as others, to keep tracking new problems while old ones have been partially resolved. In the end, it is still a problem versus another problem and extension problems that still creates another half of problems despite whether the core gets fixed or an extension gets fixed. The only good side, on the other hand, is without the core - how can we possibly name those distributed features called: extensions!

It takes people to cure people whether a divorce occurs or not. Divorced people may leave their past behind but there's always some of the things that will stick inside of them. It's no different compared to the people having to fight hard everyday by using this platform as well as other platforms.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by sicotommo » Tue Jul 10, 2018 10:33 pm

I understand the need to get updated to the most recent OC possible, but some of my customers don't so i need to keep 1.5.6.4 going for a little while longer for some of them whilst they evaluate options to update, but the service we use is making everyone upgrade their hosting to PHP7.2. What are the options of keeping 1.5.6.4 going on PHP7.2 if I've tried the above solution that hasn't solved the issue?

Thanks for your input.

New member

Posts

Joined
Wed Jul 27, 2011 8:55 am

Post by schiggi » Wed Jul 11, 2018 12:44 am

billynoah wrote:
Fri May 04, 2018 2:26 pm
Here's a drop in replacement for system/library/encryption.php that will work on OC1.5.6.4 and PHP7.2. Unlike the current version used in OC3, this will not produce the empty iv warning "Warning: openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended"

Code: Select all

<?php
final class Encryption {
	
	private $cipher = 'aes-256-ctr';
	private $digest = 'sha256';
	private $key;
	
	public function __construct($key) {
		$this->key = $key;
	}

	public function encrypt($value) {
		$key       = openssl_digest($this->key, $this->digest, true);
		$iv_length = openssl_cipher_iv_length($this->cipher);
		$iv        = openssl_random_pseudo_bytes($iv_length);
		return base64_encode($iv . openssl_encrypt($value, $this->cipher, $key, OPENSSL_RAW_DATA, $iv));
	}
	
	public function decrypt($value) {
		$key       = openssl_digest($this->key, $this->digest, true);
		$iv_length = openssl_cipher_iv_length($this->cipher);
		$value     = base64_decode($value);
		$iv        = substr($value, 0, $iv_length);
		$value     = substr($value, $iv_length);
		return openssl_decrypt($value, $this->cipher, $key, OPENSSL_RAW_DATA, $iv);
	}
}
If I replace the old 2.3 library with your suggestion, will I run into problems with old orders, api or anything?

New member

Posts

Joined
Tue May 13, 2014 4:23 am

Post by straightlight » Wed Jul 11, 2018 3:09 am

You should not run into problems after replacing the file; especially if you use SSL with a decent PHP 7.x version.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by sunsys » Sun Jul 15, 2018 10:54 pm

Great discussion on php version compatibility, is a rollback of php versions possible if I upgrade from php ver5.5 to ver7.0 and I find issues then can I go back to php ver5.5 is that possible at all, does php change any opencart core files?
BTW I am using OC 2.0.3.1

Regards,
Sun Systems
Industrial Electronics and Instrumentation


User avatar
Active Member

Posts

Joined
Tue Jan 27, 2015 5:19 am

Post by IP_CAM » Mon Jul 16, 2018 2:07 am

Yes, this is possible, without creating problems.
Ernie

My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by straightlight » Mon Jul 16, 2018 2:56 am

does php change any opencart core files?
BTW I am using OC 2.0.3.1
No, it doesn't.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by sunsys » Mon Jul 16, 2018 4:44 pm

IP_CAM wrote:
Mon Jul 16, 2018 2:07 am
Yes, this is possible, without creating problems.
Ernie
Thank you Ernie.

Regards,
Sun Systems
Industrial Electronics and Instrumentation


User avatar
Active Member

Posts

Joined
Tue Jan 27, 2015 5:19 am

Post by sunsys » Mon Jul 16, 2018 4:46 pm

straightlight wrote:
Mon Jul 16, 2018 2:56 am
does php change any opencart core files?
BTW I am using OC 2.0.3.1
No, it doesn't.
Thank You @straightlight

Regards,
Sun Systems
Industrial Electronics and Instrumentation


User avatar
Active Member

Posts

Joined
Tue Jan 27, 2015 5:19 am

Post by Ainsley009 » Mon Jul 30, 2018 11:25 pm

Hi Guys,

Really helpful discussion but I have a question;

I need to update to opencart to PHP 7 as I'm currently on 5.4 and opencart 2.3.0.2

I can do this via my Cpanel, but if I do, will it break things and/or change any opencart files at all? or is it just the server files that are changed?

I have a Themeburn Theme, and plenty of extensions all made for 2.3.0.2.

Please let me know for sure, as I've spent 1000's of hours on my site.

Any help is appreciated!

AJ

Newbie

Posts

Joined
Mon Oct 14, 2013 1:01 am

Post by straightlight » Tue Jul 31, 2018 4:07 am

I can do this via my Cpanel, but if I do, will it break things and/or change any opencart files at all? or is it just the server files that are changed?
If you are not sure on how to proceed, in this case, the simplest solution would be to contact your host so that they can do it for you. I would, however, recommend you make a full backup of your store and database before they proceed.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by Elevate » Tue Jul 31, 2018 4:39 am

You can switch back and forth with php version using cPanel without permanently breaking anything (no files get changed when you change a php setting). More than likely, the store won't run on anything more than php 7 but you'll need to carefully test it. If you can get a 2nd hosting account (even if you signup for a monthly plan) and load a copy of your site there, you can test it on the newer php version and work out any issues before bringing it live.

ELEV8TE Website Development
https://www.elev8your.com


User avatar
New member

Posts

Joined
Fri Jul 06, 2018 12:40 am
Location - Denver, Colorado, USA

Post by Ainsley009 » Tue Jul 31, 2018 8:36 pm

Thanks for the answers guys, back up everything and updated it, everything works fine. :) :)

Newbie

Posts

Joined
Mon Oct 14, 2013 1:01 am

Post by Ainsley009 » Tue Jul 31, 2018 8:48 pm

I spoke too soon, I'm getting this error on the product pages only (as far as I can see..)

Code: Select all

Fatal error: 'Invalid numeric literal'
in /home/sites/)(domainnameremoved)).com/public_html/catalog/language/en-gb/product/product.php:15
Stack trace:
#0 vqmod/vqcache/vq2-system_storage_modification_system_engine_loader.php(188): Language->load('product/product')
#1 vqmod/vqcache/vq2-system_storage_modification_catalog_controller_product_product.php(25): Loader->language('product/product')
#2 vqmod/vqcache/vq2-system_storage_modification_system_engine_action.php(51): ControllerProductProduct->index()
#3 catalog/controller/startup/router.php(25): Action->execute(Object(Registry))
#4 vqmod/vqcache/vq2-system_storage_modification_system_engine_action.php(51): ControllerStartupRouter->index()
#5 system/storage/modification/system/engine/front.php(37): Action->execute(Object(Registry))
#6 system/storage/modification/system/engine/front.php(32): Front->execute(Object(Action))
#7 system/framework.php(103): Front->dispatch(Object(Action), Object(Action))
#8 vqmod/vqcache/vq2-system_startup.php(124): require_once('/home/sites/car...')
#9 index.php(23): start('catalog')
#10 {main}
I looked in at the product language file and I remember adding this:

Code: Select all

$_['text_stock']               = 'Availability:';
$now = new DateTime(); // uses actual date and time
if ($now->format('l') == 'Saturday') {
    // it is Saturday, delivery will be on Tuesday
    $datetime = new DateTime('tomorrow + 2 day');
} elseif ($now->format('l') == 'Sunday' || in_array($now->format('l'), array('Monday', 'Tuesday', 'Wednesday')) && ((int) $now->format('H')) > 08) {
    // it is Sunday - delivery will be on Tuesday
    // or it is working day Mon..Wed after 5 p.m. - delivery will be on second working day
    $datetime = new DateTime('tomorrow + 1 day');
} elseif (in_array($now->format('l'), array('Thursday', 'Friday')) && ((int) $now->format('H')) > 08) {
    // it is Thursday after 5 p.m. - delivery will be on next Monday
    // or it is Friday after 5 p.m. - delivery will be on next Tuesday
    $datetime = new DateTime('tomorrow + 3 day');
} else {
    $datetime = new DateTime('tomorrow');
}
$_['text_instock'] = 'Estimated Delivery: ' . $datetime->format('l, jS \of F ');
This is basically stating to the customer which time they will receive there product, I searched online what 'Invalid numeric literal' means and the general answer seems to be this:

"This comes from the changes made to how integers, specifically octals, are handled in PHP7 (as oppsoed to PHP5)."

Apologies for the mega post, any help is appreciated!

Newbie

Posts

Joined
Mon Oct 14, 2013 1:01 am

Post by Ainsley009 » Tue Jul 31, 2018 8:51 pm

Fixed, it was the '08', changes it to '8'.

In PHP 7 you must use actually integers rather than 0008 as it does ignore them like 5.4

Newbie

Posts

Joined
Mon Oct 14, 2013 1:01 am

Post by straightlight » Tue Jul 31, 2018 9:22 pm

Ainsley009 wrote:
Tue Jul 31, 2018 8:51 pm
Fixed, it was the '08', changes it to '8'.

In PHP 7 you must use actually integers rather than 0008 as it does ignore them like 5.4
This analogy would not be entirely correct. The use of the str_pad function with PHP can still provide the leading zeros in front despite the PHP version (starting from the minimum required version): https://stackoverflow.com/questions/169 ... ros-in-php

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by windows95 » Tue Aug 28, 2018 3:32 pm

Sorry about the late response. They way i got it to work was by editing the encryption.php to use openssl unstead of mcrypt as mentioned here

because of PCI Compliance, i had to go to PHP 7.2 (now currently on 7.2.3) since i need to do offline credit card processing due to order totals often changing after the initial order is placed due to the nature of the customizeable products we sell; i needed encryption to work properly in order to store encrypted cc numbers.

Note that my environment is for a preproduction store so there was no existing mcrypt encrypted creditcard data for existing pending sales

my advise if youre doing it for a store currently in production is to process all pending orders for which you used mcrypt to encrypt credit card numbers, then edit the encryption.php file for openssl use, and you will make it as seamless as possible

Newbie

Posts

Joined
Wed Aug 16, 2017 6:22 am
Who is online

Users browsing this forum: No registered users and 58 guests