Magento 1 official PHP 7.2 patches

Related Inchoo Services

You probably noticed that Magento PHP 7.2 support patches are available for download HERE (Magento Open Source version).

For Magento Commerce customers, you should find the patches under Magento Commerce 1.x > Support Patches and Security Patches > PHP Compatibility patches in the Downloads section of your account.

We at Inchoo worked on this contribution, so we decided to share a few more words about it, especially because we noticed that Magento released patches in somewhat different format than usual.


Stjepan Udovičić and Tomas Novoselić started to work on those patches with Piotr Kaminski in May 2018.

Big part of the current batch of patches is based on the original Inchoo’s PHP7 extension currently maintained by Ivan Weiler.

A big thank-you also goes to all GitHub contributors to our original extension.


Patches are available for:

  • Magento Open Source (Community) releases 1.9.2.x up to Magento 1.9.3.x
  • Magento Commerce (Enterprise) releases 1.14.2.x up to 1.14.3.x

Once you find the patches, you might be surprised by their filenames, but there is nothing to be afraid of.

Those are just regular *.patch files that you can apply on your system using patch or GIT.

So, once you download appropriate patch version, put it in your website root directory and execute the following command in your website root:

patch -p1 < PATCH-

You should get the output looking like this:

tomas ~/var/docker/m1.docker/html $ patch -p1 < PATCH-
patching file app/Mage.php
patching file app/code/core/Mage/Core/Helper/Data.php
patching file app/code/core/Mage/Core/Model/Resource/Session.php
patching file app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
patching file app/code/core/Mage/Core/functions.php
patching file app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Group.php
patching file app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Store.php
patching file app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Website.php
patching file app/code/core/Mage/Customer/Model/Entity/Address/Attribute/Source/Country.php
patching file app/code/core/Mage/Customer/Model/Resource/Address/Attribute/Source/Country.php
patching file app/code/core/Mage/Customer/Model/Resource/Address/Attribute/Source/Region.php
patching file app/code/core/Mage/Eav/Model/Entity/Attribute/Source/Store.php
patching file app/code/core/Mage/Install/etc/install.xml
patching file app/code/core/Mage/Sales/etc/config.xml
patching file app/code/core/Mage/Shipping/Model/Carrier/Abstract.php
patching file app/code/core/Mage/Wishlist/Model/Observer.php
patching file lib/Varien/Autoload.php
patching file lib/Varien/File/Uploader.php
patching file lib/Varien/Io/Sftp.php
patching file lib/mcrypt_compat/mcrypt.php
patching file lib/phpseclib/Crypt/AES.php
patching file lib/phpseclib/Crypt/Base.php
patching file lib/phpseclib/Crypt/Blowfish.php
patching file lib/phpseclib/Crypt/DES.php
patching file lib/phpseclib/Crypt/Hash.php
patching file lib/phpseclib/Crypt/RC2.php
patching file lib/phpseclib/Crypt/RC4.php
patching file lib/phpseclib/Crypt/RSA.php
patching file lib/phpseclib/Crypt/Random.php
patching file lib/phpseclib/Crypt/Rijndael.php
patching file lib/phpseclib/Crypt/TripleDES.php
patching file lib/phpseclib/Crypt/Twofish.php
patching file lib/phpseclib/File/ANSI.php
patching file lib/phpseclib/File/ASN1.php
patching file lib/phpseclib/File/ASN1/Element.php
patching file lib/phpseclib/File/X509.php
patching file lib/phpseclib/Math/BigInteger.php
patching file lib/phpseclib/Net/SCP.php
patching file lib/phpseclib/Net/SFTP.php
patching file lib/phpseclib/Net/SFTP/Stream.php
patching file lib/phpseclib/Net/SSH1.php
patching file lib/phpseclib/Net/SSH2.php
patching file lib/phpseclib/PHP/Compat/Function/array_fill.php
patching file lib/phpseclib/PHP/Compat/Function/bcpowmod.php
patching file lib/phpseclib/PHP/Compat/Function/str_split.php
patching file lib/phpseclib/System/SSH/Agent.php
patching file lib/phpseclib/System/SSH/Agent/Identity.php
patching file lib/phpseclib/bootstrap.php
patching file lib/phpseclib/openssl.cnf

If you prefer GIT over Patch for any reason, you can do the following:

git apply PATCH-

After which you can expect something like this:

tomas ~/var/docker/m1.docker/html $ git status
On branch master
Your branch is up to date with 'origin/master'.
Changes not staged for commit:
  (use "git add/rm ..." to update what will be committed)
  (use "git checkout -- ..." to discard changes in working directory)
	modified:   app/Mage.php
	modified:   app/code/core/Mage/Core/Helper/Data.php
	modified:   app/code/core/Mage/Core/Model/Resource/Session.php
	modified:   app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
	modified:   app/code/core/Mage/Core/functions.php
	modified:   app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Group.php
	modified:   app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Store.php
	modified:   app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Website.php
	modified:   app/code/core/Mage/Customer/Model/Entity/Address/Attribute/Source/Country.php
	modified:   app/code/core/Mage/Customer/Model/Resource/Address/Attribute/Source/Country.php
	modified:   app/code/core/Mage/Customer/Model/Resource/Address/Attribute/Source/Region.php
	modified:   app/code/core/Mage/Eav/Model/Entity/Attribute/Source/Store.php
	modified:   app/code/core/Mage/Install/etc/install.xml
	modified:   app/code/core/Mage/Sales/etc/config.xml
	modified:   app/code/core/Mage/Shipping/Model/Carrier/Abstract.php
	modified:   app/code/core/Mage/Wishlist/Model/Observer.php
	modified:   lib/Varien/Autoload.php
	modified:   lib/Varien/File/Uploader.php
	modified:   lib/Varien/Io/Sftp.php
	modified:   lib/phpseclib/Crypt/AES.php
	modified:   lib/phpseclib/Crypt/DES.php
	modified:   lib/phpseclib/Crypt/Hash.php
	modified:   lib/phpseclib/Crypt/RC4.php
	modified:   lib/phpseclib/Crypt/RSA.php
	modified:   lib/phpseclib/Crypt/Random.php
	modified:   lib/phpseclib/Crypt/Rijndael.php
	modified:   lib/phpseclib/Crypt/TripleDES.php
	modified:   lib/phpseclib/Math/BigInteger.php
	modified:   lib/phpseclib/Net/SFTP.php
	modified:   lib/phpseclib/Net/SSH1.php
	modified:   lib/phpseclib/Net/SSH2.php
	deleted:    lib/phpseclib/PHP/Compat/Function/array_fill.php
	deleted:    lib/phpseclib/PHP/Compat/Function/bcpowmod.php
	deleted:    lib/phpseclib/PHP/Compat/Function/str_split.php
Untracked files:
  (use "git add ..." to include in what will be committed)
no changes added to commit (use "git add" and/or "git commit -a")

Just in case…

1) Keep in mind that even after you patch your site, it will still be compatible with the PHP version you used before applying this patch.

2) Note that your site needs to meet requirements regarding SUPEE_* patches listed next to each specific version supported by PHP 7.2 patch.

3) Make sure that you have uninstalled Inchoo’s original PHP7 compatibility patch in case you were using it before applying these patches. (note that it has files in app/code/local/Mage or app/code/community/Mage depending on which version you are using)

4) Check if you have any 3rd party extensions that are incompatible with PHP 7 using this regex against local and community directories:


5) Make sure that you test this on your setup just as precaution to avoid issues with third party extensions etc.

And finally… it is great seeing our own contribution make its way to the official product!

Thanks, Magento, for reaching out to us to make these patches available for everyone!

You made it all the way down here so you must have enjoyed this post! You may also like:

Taking control over module upgrade process Stjepan Udovicic
, | 3

Taking control over module upgrade process

How to put Magento in maintenance mode with IP filters (the easy way)? Srdjan Stojiljkovic
Srdjan Stojiljkovic, | 10

How to put Magento in maintenance mode with IP filters (the easy way)?

Magento automatic gender recognition plugin Zvonimir Buric
Zvonimir Buric, | 1

Magento automatic gender recognition plugin


  1. Moin! Grüße aus Kiel.

    first, thank you for patch!
    I have ubuntu 18.04 and just installed with PHP 7.2 from ondrej repository

    add-apt-repository ppa:ondrej/php
    apt-get update
    apt-get install -y php7.2 php7.2-fpm php7.2-xml php-dev php-pear libmcrypt-dev
    pecl install mcrypt-snapshot

    everything runs smoothly! without errors. is it worth to patch?

    Wbr, Sergej

  2. I Have Magento and PHP 7.2.
    In Dev mode I’m blocked. A lot of method is deprecated on core, for ex:
    Deprecated functionality: The each() function is deprecated. This message will be suppressed on further calls in /var/www/html/lib/Zend/Cache/Backend.php on line 79

    1. This patch never meant to fix issues with depricated features in 7.2, however you shouldn’t get any message about that regardless of your mode.
      Can you confirm that your “app/code/core/Mage/Core/functions.php” is patched?
      Check diff below.

      diff --git a/app/code/core/Mage/Core/functions.php b/app/code/core/Mage/Core/functions.php
      index 0273751..1034a3c 100644
      --- a/app/code/core/Mage/Core/functions.php
      +++ b/app/code/core/Mage/Core/functions.php
      @@ -178,6 +160,11 @@ function mageCoreErrorHandler($errno, $errstr, $errfile, $errline){
      define('E_DEPRECATED', 8192);

      + // Suppress deprecation warnings on PHP 7.x
      + if ($errno == E_DEPRECATED && version_compare(PHP_VERSION, '7.0.0', '>=')) {
      + return true;
      + }
      // PEAR specific message handling
      if (stripos($errfile.$errstr, 'pear') !== false) {
      // ignore strict and deprecated notices

    2. Same thing in EE

      Some files are not patched like:


      They use functions like ‘each’ or ‘create_function’ that are deprecated in php7.2, so the patch seems to be usless. (for example i can’t edit a product in the backend)

      You can check the compatibility using:

  3. your patch is working for me,
    patch from magento is not working (500),
    for now i´m happy its runing, but whlile could the magento version not work?


    1. After using the patch command use

      php -r 'require "app/Mage.php"; Mage::app()->getCacheInstance()->flush();'

      if you still get a Server Error 500 for example.

    1. Hi Tomas – thanks for that.

      The grep command displayed:
      ‘grep: input file ‘$.+[.+](.*)\’’ is also the output’

      So I just specified an output file in the parent directory
      grep -rnPe .’->\$.+\[.+\]\(.*\)’ > ../grep.txt

    2. Would I run this same command on a Mac?

      grep -rnPe .’->\$.+\[.+\]\(.*\)’ > ../grep.txt

      When I run it, I get:

      usage: grep [-abcDEFGHhIiJLlmnOoqRSsUVvwxZ] [-A num] [-B num] [-C[num]]
      [-e pattern] [-f file] [--binary-files=value] [--color=when]
      [--context[=num]] [--directories=action] [--label] [--line-buffered]
      [--null] [pattern] [file ...]

      It creates the grep.txt file, but there is nothing in it. I don’t think it worked like it should …

  4. Wow, great news!

    Did someone can post some benchmark for Magento 1.9.3.x? Like PHP 5.6 vs 7.2?
    Thank a lot!

  5. Finally, the upgrade for M1 that I’ve been waiting for. I’m loving M1, and will continue to use it even if there’s no support after June 2020. Hahahaha! 😀

    1. Nope. 1.8 isn’t even compatible with PHP 5.6. Honestly, whoever is running M1.8 has more important stuff to do with it’s website than PHP upgrade. 🙂

    1. Hey, i successfully applied it to
      Had to copy the lib/phpseclib from 1.9.2.x first as it doesn’t exist before.
      Only had to do minor adjustments iirc.
      Have extensive Unit, Integration and Behat tests that make sure it’s still working properly.

  6. great work – just patched and running smooth!
    a lot of the modules are using shorthand code though – is there an easy way to fix this type of syntax, as it is not supported in php7.1+?

    &$itemGroup = array()
    $itemGroup[] = $item;
    1. There is not much to be done for 3rd party modules except fix them manually or wait for extension providers to fix them, but to be honest, I’m not even sure what that code does or if it works on any PHP version? Isn’t this just a parse error on any PHP version?

  7. Great work!
    Not the same to many paid extensions that bad obfuscate PHP code (${this->wtf->${wtf}}) and now they are not working.

  8. That’s great. Thank you very much.

    Do you know how to make sure, that there are no issues with a 3rd party extension? Unfortunately I can not test all of my extensions ina development environment since one important extension is is connected via API. So I will only know if something crashes when I applied PHP7.2 to the production site.

    Not sure if I will ever risk this.


    1. Well, one of things that you could do is running this regex against your extension directory: ->\$.+\[.+\]\(.*\)
      When it comes to testing, you should really find the way to test everything in dev environment. It is not that anybody can guarantee you that everything will be ok.
      At some point Magento will include this patches in default codebase and I expect that extension providers will adjust extensions.
      In any case, this patch is backwards compatible with php 5.6. That said, using PHP 7.2 is up to you and about how much you need it, but it sure does come with some effort to invest in case you have highly customized system. 🙂

  9. There is a mistake i n the patch with 7.0.31/7.1.20/7.2.9:

    me@me:/var/www/19310-php72$ php -l lib/phpseclib/Net/SFTP.php
    PHP Fatal error:  Cannot redeclare phpseclib\Net\SFTP::mkdir() in lib/phpseclib/Net/SFTP.php on line 1661
    Errors parsing lib/phpseclib/Net/SFTP.php
    1. Hi Fab,

      Can you put this file in gist or something and send link here?

      I tried on 7.2.10 , 7.2.6., 7.1.17. and 7.0.30 and I don’t have any issues with syntax check.


      tomas ~/magento $ php -v
      PHP 7.2.10 (cli) (built: Sep 11 2018 08:51:16) ( NTS )
      Copyright (c) 1997-2018 The PHP Group
      Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
      tomas ~/magento $ php -l lib/phpseclib/Net/SFTP.php
      No syntax errors detected in lib/phpseclib/Net/SFTP.php

      I’m little bit busy atm to get other php versions quickly, but it would help if we could rule out that somehow you ended up with messed up file.
      And if it is not a problem, run something like this:
      tomas ~ $ wget |php -l

    2. I’m not sure what you wanted to say by “I’m so surprised”, phpseclib had update 9 days ago.
      Yeah, I was in hurry so I gave you wrong link, but anyway mkdir() is redeclared but it has it’s own namespace.
      I asked you if you have any other phpseclib in same include path, maybe something installed with composer?
      Also, is there any gist that you can make?

    3. Nice to hear that you have no error anymore. I’m not 100% sure what could affect “-l” option for console PHP, but it looks like something environmental (like Dr.House would say :D).
      From my standpoint maybe there is something in with include paths. That’s why I asked about composer.
      Anyway, happy to hear it is ok now. Thanks for pointing the potential issue out 🙂

  10. Thank you for the extension and this patch. I am using the extension from github (develop branch Version 3.0) and it works excellent with PHP 7.2 and Magento
    Have tested the patch as well to look at the results, but it doesnt work with some extensions. So both, extension and patch, will NOT give the same results. Maybe this is useful to know for some.

    1. Hi Bernd,
      what you say is surprise for me since develop branch from extension is almost identicaly implemented in patches (without rewrites). Main difference is that patched doesn’t work via There is added via patches.
      Make sure that you completely remove Inchoo_PHP7 extension before applying patch and note that it is not enough to disable it in /etc/modules (remove this too:
      In any case, we would like to hear more about what works with extension and not working with patch?

    2. Hi Tomas,

      I have deleted the extension via script, altogether 12 files, and yes also the directory.
      Then patched via cli and what I noticed immediatly is that two extension did not work: 1. Amasty Ajax Cart and 2. Amasty Color Swatches Pro. Both do depend on Ajax. I have not invetsigated all extensions, as I have a larger number. I would need to do it all again and then check all functions. I am not sure if I have the time now, but if it is of any help I can do so later.

    3. Sorry to hear that you have this issues with third party extensions, but I’m kind of not sure if it even worked with develop branch of extension. Best bet would be to run this regex against those extension directories
      Also, maybe those extensions rewrite some code from Magento that is patched. I can only guess, but maybe original extension had rewrite conflict with two of those you mentioned and somehow Inchoo_PHP7 took over and something was wrong before, but maybe it was undetected…
      I really don’t know and just guessing here. Some error could help if you have it.

    4. I have tried the regex, but it didnt turn up anything.
      One detail I note, is that the extension changes ..Mage/Eav/Model/Entity/Attribute/Source/Table.php
      and the patch does not.

    5. Well, Amasty extensions that you mentioned are paid extensions and who knows what they have in there.
      In any case. At this point there is not much we can do unless you provide any kind of related message from Magento system.log, exception.log, report directory or php error log. Otherwise I’m blind 🙂

    6. Ok, I have found the cause.
      It was a file in the local folders.
      Now, the result and behaviour of patch and extension is the same.
      The two Amasty extensions work without problems, as before.
      Thanks for your help.

  11. Just want to say a big thanks for your work on this. Your extension allowed us to move to PHP 7 months ago, speeding up our website considerably. This speed boost was noticed by many customers.

    I must admit I wasn’t expecting Magento to actually ever support PHP 7.x on Magento 1, despite claims that it was being looked into, so am really pleased it is now officially supported.

    Again, a big thanks for delivering compatibility so far in advance of the official patch!

  12. Thanks for your work on helping M1 merchants stay on a supported PHP version! Do you happen to know if there are any community initiatives to add PHP 7.2 support to Magento 1.13?

    1. I am not aware of any such initiative. Magento CE 1.9.2 / Magento EE 1.14.2 and earlier are not even compatible with PHP 5.6.
      Maybe I’m mistaken, but whoever is running 1.13 probably doesn’t have PHP upgrade on the list of priorities.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <blockquote cite=""> <code> <del datetime=""> <em> <s> <strike> <strong>. You may use following syntax for source code: <pre><code>$current = "Inchoo";</code></pre>.