Support » Plugin: Cloudflare » PHP 7.2 Incompatibility

  • Jarrod Whitley

    (@jarrodwhitley0518)


    It’s worrisome that the Cloudflare is ignoring posts (like this one) wondering when this plugin will be compatible with PHP 7.2 since it reaches EoL in December.

    Here are the 7.2 incompatibility error/warnings I’m getting:

    FILE: /nas/content/live/mysite/wp-content/plugins/cloudflare/vendor/symfony/yaml/Parser.php
    ————————————————————————————————–
    FOUND 0 ERRORS AND 1 WARNING AFFECTING 1 LINE
    ————————————————————————————————–
    76 | WARNING | INI directive ‘mbstring.func_overload’ is deprecated since PHP 7.2
    ————————————————————————————————–

    FILE: /nas/content/live/mysite/wp-content/plugins/cloudflare/vendor/symfony/yaml/Inline.php
    ————————————————————————————————–
    FOUND 0 ERRORS AND 1 WARNING AFFECTING 1 LINE
    ————————————————————————————————–
    55 | WARNING | INI directive ‘mbstring.func_overload’ is deprecated since PHP 7.2
    ————————————————————————————————–

    FILE: /nas/content/live/mysite/wp-content/plugins/cloudflare/vendor/cloudflare/cloudflare-plugin-backend/src/SecurityUtil.php
    ——————————————————————————————————————————————————
    FOUND 2 ERRORS AFFECTING 1 LINE
    ——————————————————————————————————————————————————
    16 | ERROR | Function mcrypt_create_iv() is deprecated since PHP 7.1 and removed since PHP 7.2; Use random_bytes() or OpenSSL instead
    16 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead

    ——————————————————————————————————————————————————

Viewing 7 replies - 1 through 7 (of 7 total)
  • Vincent

    (@imakeinnernettes)

    I would still like to still see an official comment from the plugin team seconding this but it feels like a false positive.

    On line 16 of the file referred to in the error it is looking for the function “mcrypt_create_iv()”; but is wrapped in an if statement checking for “random_bytes()” first wether “mcrypt_create_iv()” even existed to begin with.

    if (function_exists('random_bytes')) {
        $randBytes = random_bytes(16);
    } elseif (function_exists('mcrypt_create_iv')) {
        srand();
        $randBytes = mcrypt_create_iv(16);
    } elseif (function_exists('openssl_random_pseudo_bytes')) {
        $wasItSecure = false;
        $randBytes = openssl_random_pseudo_bytes(16, $wasItSecure);
        if ($wasItSecure === false) {
            return false;
        }
    } else {
        return false;
    }

    Tested on PHP 7.2 with the Cloudflare plugin Version: 3.3.2

    • This reply was modified 11 months, 3 weeks ago by  Vincent.

    bump please advise

    Same here +1

    Well That’s frustrating isn’t it. Still waiting for some action on this.

    dleeward

    (@dleeward)

    Has anyone tested this plugin on 7.2?

    Here’s some excerpts from Cloudflare support:

    Me: When do you plan to update this plugin so we can test our sites before EOL?

    Them: I am afraid I do not have good news. We have no plans in updating this plugin in short term. I have linked this ticket to a master issue where we are tracking such requests.

    Me: As for the plugin, are you going to allow pull requests so that others can make the updates or is it going to have to be forked?

    Them: I will check the possibility of pull requests by the community and get back to you as soon as possible.

    Last response was December 2, 2018.

    bummer, waiting to hear on this.

    I had a blank settings page. I disabled Cloudflare plug-in, then activated it. I had to re-enter my credentials and now works as expected. I’m on PHP 7.2.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘PHP 7.2 Incompatibility’ is closed to new replies.