Commit 3a5c3b32 authored by Dries's avatar Dries

Issue #2152073 by dmouse, sun, Xano: Bump Drupal core's PHP requirement to 5.4.2.

parent 6727b814
......@@ -25,9 +25,6 @@ DirectoryIndex index.php index.html index.htm
# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
php_flag session.auto_start off
php_value mbstring.http_input pass
php_value mbstring.http_output pass
......
......@@ -4,6 +4,7 @@
"type": "drupal-core",
"license": "GPL-2.0+",
"require": {
"php": ">=5.4.2",
"sdboyer/gliph": "0.1.*",
"symfony/class-loader": "2.4.*",
"symfony/dependency-injection": "2.4.*",
......
......@@ -19,7 +19,7 @@ Drupal requires:
- A web server with PHP support, for example:
- Apache 2.0 (or greater) (http://httpd.apache.org/).
- Nginx 1.1 (or greater) (http://www.nginx.com/).
- PHP 5.3.10 (or greater) (http://www.php.net/).
- PHP 5.4.2 (or greater) (http://www.php.net/).
- One of the following databases:
- MySQL 5.0.15 (or greater) (http://www.mysql.com/).
- MariaDB 5.1.44 (or greater) (http://mariadb.org/). MariaDB is a fully
......
......@@ -32,7 +32,7 @@
/**
* Minimum supported version of PHP.
*/
const DRUPAL_MINIMUM_PHP = '5.3.10';
const DRUPAL_MINIMUM_PHP = '5.4.2';
/**
* Minimum recommended value of PHP memory_limit.
......@@ -453,13 +453,6 @@ function drupal_environment_initialize() {
// sites/default/default.settings.php contains more runtime settings.
// The .htaccess file contains settings that cannot be changed at runtime.
// Deny execution with enabled "magic quotes" (both GPC and runtime).
if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) {
header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error');
print "PHP's 'magic_quotes_gpc' and 'magic_quotes_runtime' settings are not supported and must be disabled.";
exit;
}
// Use session cookies, not transparent sessions that puts the session id in
// the query string.
ini_set('session.use_cookies', '1');
......
......@@ -666,7 +666,7 @@ function file_valid_uri($uri) {
* will rename the file until the $destination is unique.
* - Provides a fallback using realpaths if the move fails using stream
* wrappers. This can occur because PHP's copy() function does not properly
* support streams if safe_mode or open_basedir are enabled. See
* support streams if open_basedir is enabled. See
* https://bugs.php.net/bug.php?id=60456
*
* @param $source
......@@ -1087,8 +1087,8 @@ function file_unmanaged_delete_recursive($path, $callback = NULL) {
/**
* Moves an uploaded file to a new location.
*
* PHP's move_uploaded_file() does not properly support streams if safe_mode
* or open_basedir are enabled, so this function fills that gap.
* PHP's move_uploaded_file() does not properly support streams if open_basedir
* is enabled, so this function fills that gap.
*
* Compatibility: normal paths and stream wrappers.
*
......@@ -1106,9 +1106,9 @@ function file_unmanaged_delete_recursive($path, $callback = NULL) {
*/
function drupal_move_uploaded_file($filename, $uri) {
$result = @move_uploaded_file($filename, $uri);
// PHP's move_uploaded_file() does not properly support streams if safe_mode
// or open_basedir are enabled so if the move failed, try finding a real path
// and retry the move operation.
// PHP's move_uploaded_file() does not properly support streams if
// open_basedir is enabled so if the move failed, try finding a real path and
// retry the move operation.
if (!$result) {
if ($realpath = drupal_realpath($uri)) {
$result = move_uploaded_file($filename, $realpath);
......
......@@ -872,8 +872,6 @@ function drupal_install_fix_file($file, $mask, $message = TRUE) {
}
// chmod() will work if the web server is running as owner of the file.
// If PHP safe_mode is enabled the currently executing script must also
// have the same owner.
if (@chmod($file, $mod)) {
return TRUE;
}
......
......@@ -23,16 +23,8 @@
// The minimum version is specified explicitly, as DRUPAL_MINIMUM_PHP is not
// yet available. It is defined in bootstrap.inc, but it is not possible to
// load that file yet as it would cause a fatal error on older versions of PHP.
if (version_compare(PHP_VERSION, '5.3.10') < 0) {
print 'Your PHP installation is too old. Drupal requires at least PHP 5.3.10. See the <a href="http://drupal.org/requirements">system requirements</a> page for more information.';
exit;
}
// Exit early if the PHP option safe_mode is enabled to avoid fatal errors.
// @todo Remove this check once we require PHP > 5.4 as safe mode is deprecated
// in PHP 5.3 and completely removed in PHP 5.4.
if (ini_get('safe_mode')) {
print 'Your PHP installation has safe_mode enabled. Drupal requires the safe_mode option to be turned off. See the <a href="http://drupal.org/requirements">system requirements</a> page for more information.';
if (version_compare(PHP_VERSION, '5.4.2') < 0) {
print 'Your PHP installation is too old. Drupal requires at least PHP 5.4.2. See the <a href="http://drupal.org/requirements">system requirements</a> page for more information.';
exit;
}
......
......@@ -74,25 +74,6 @@ function system_requirements($phase) {
return $requirements;
}
// Test PHP register_globals setting.
$requirements['php_register_globals'] = array(
'title' => t('PHP register globals'),
);
$register_globals = trim(ini_get('register_globals'));
// Unfortunately, ini_get() may return many different values, and we can't
// be certain which values mean 'on', so we instead check for 'not off'
// since we never want to tell the user that their site is secure
// (register_globals off), when it is in fact on. We can only guarantee
// register_globals is off if the value returned is 'off', '', or 0.
if (!empty($register_globals) && strtolower($register_globals) != 'off') {
$requirements['php_register_globals']['description'] = t('<em>register_globals</em> is enabled. Drupal requires this configuration directive to be disabled. Your site may not be secure when <em>register_globals</em> is enabled. The PHP manual has instructions for <a href="@url">how to change configuration settings</a>.', array('@url' => 'http://php.net/configuration.changes'));
$requirements['php_register_globals']['severity'] = REQUIREMENT_ERROR;
$requirements['php_register_globals']['value'] = t("Enabled ('@value')", array('@value' => $register_globals));
}
else {
$requirements['php_register_globals']['value'] = t('Disabled');
}
// Test for PHP extensions.
$requirements['php_extensions'] = array(
'title' => t('PHP extensions'),
......
......@@ -30,8 +30,8 @@
// The minimum version is specified explicitly, as DRUPAL_MINIMUM_PHP is not
// yet available. It is defined in bootstrap.inc, but it is not possible to
// load that file yet as it would cause a fatal error on older versions of PHP.
if (version_compare(PHP_VERSION, '5.3.10') < 0) {
print 'Your PHP installation is too old. Drupal requires at least PHP 5.3.10. See the <a href="http://drupal.org/requirements">system requirements</a> page for more information.';
if (version_compare(PHP_VERSION, '5.4.2') < 0) {
print 'Your PHP installation is too old. Drupal requires at least PHP 5.4.2. See the <a href="http://drupal.org/requirements">system requirements</a> page for more information.';
exit;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment