Fix PHP 7.4 deprecation warnings #3
Conversation
terdia
force-pushed
the
fix-deprecations
branch
from
bc3afe5 to
5fc2be0
Compare
| $this->validatorSchema = new sfValidatorSchema(); | ||
|
|
There was a problem hiding this comment.
This is a bit unclear from the description (why it is needed)
There was a problem hiding this comment.
$this->validatorSchema was used in line 947 before it was initialized, this code $this->validatorSchema[self::$CSRFFieldName] tries to access a key in validatorSchema the usage is triggered by $this->setDefaults($defaults) which calls the function $this->isCSRFProtected() this resulted in an exception trying to access array offset on value of type null
lib/request/sfWebRequest.class.php
Outdated
|
|
||
| // GET parameters | ||
| $this->getParameters = get_magic_quotes_gpc() ? sfToolkit::stripslashesDeep($_GET) : $_GET; | ||
| if (version_compare(PHP_VERSION, '5.4.0-dev', '<') && get_magic_quotes_gpc()) |
There was a problem hiding this comment.
Should that be 7.4.0-dev since the function was deprecated in that version?
There was a problem hiding this comment.
Nope, that is for backward compatibility, from version 5.1.4 will be handled in else block.
There was a problem hiding this comment.
Maybe can you explain it in a little bit more detail? The only function behavior change I see here https://www.php.net/manual/en/function.get-magic-quotes-gpc.php is that this function was declared deprecated in 7.4 (probably started always returning false in the same version).
Can you point me to information about changes in 5.4.0 and 5.1.4?
Does that let's say the PHP version is 5.6 and get_magic_quotes_gpc is enabled. Does that mean that sfToolkit::stripslashesDeep is still needed?
lib/request/sfWebRequest.class.php
Outdated
| if (version_compare(PHP_VERSION, '5.4.0-dev', '<') && get_magic_quotes_gpc()) | ||
| { | ||
| $this->postParameters = sfToolkit::stripslashesDeep($postParameters); | ||
| } | ||
| else | ||
| { | ||
| $this->postParameters = $postParameters; | ||
| } |
There was a problem hiding this comment.
Why wouldn't you keep it in PSR codestyle?
if (version_compare(PHP_VERSION, '5.4.0-dev', '<') && get_magic_quotes_gpc()) {
$this->postParameters = sfToolkit::stripslashesDeep($postParameters);
} else {
$this->postParameters = $postParameters;
}
There was a problem hiding this comment.
Oh sorry, that lead to a lot of unrelated changes, I see symfony1 has its own code style.
Would you mind reverting it?
|
Sorry for brining this idea a bit late, but why wouldn't we just pull original version of framework? They seem to have introduced couple of improvements, including PHP 7.4 compatibilities and security fixes:
Our changes are not that big so maybe we can submit them to the upstream? |
Good idea, we can try it and maybe open a pull request for 3294631 |
|
closed in favor of: #4 |
Causes deprecation warning:
Deprecated: Array and string offset access syntax with curly braces is deprecated in
/var/www/vendor/lexpress/symfony1/lib/util/sfFinder.class.php on line 586$this->getParameters = get_magic_quotes_gpc() ? sfToolkit::stripslashesDeep($_GET) : $_GET;Deprecated: Function get_magic_quotes_gpc() is deprecated in
/var/www/vendor/lexpress/symfony1/lib/request/sfWebRequest.class.php on line 78