Magento 1 official PHP 7.2 patches

Magento 1 official PHP 7.2 patches

You probably noticed that Magento PHP 7.2 support patches are available for download HERE (Magento Open Source version).

For Magento Commerce customers, you should find the patches under Magento Commerce 1.x > Support Patches and Security Patches > PHP Compatibility patches in the Downloads section of your account.

We at Inchoo worked on this contribution, so we decided to share a few more words about it, especially because we noticed that Magento released patches in somewhat different format than usual.

History

Stjepan Udovičić and Tomas Novoselić started to work on those patches with Piotr Kaminski in May 2018.

Big part of the current batch of patches is based on the original Inchoo’s PHP7 extension currently maintained by Ivan Weiler.

A big thank-you also goes to all GitHub contributors to our original extension.

Instructions

Patches are available for:

  • Magento Open Source (Community) releases 1.9.2.x up to Magento 1.9.3.x
  • Magento Commerce (Enterprise) releases 1.14.2.x up to 1.14.3.x

Once you find the patches, you might be surprised by their filenames, but there is nothing to be afraid of.

Those are just regular *.patch files that you can apply on your system using patch or GIT.

So, once you download appropriate patch version, put it in your website root directory and execute the following command in your website root:

patch -p1 < PATCH-1.9.3.1-1.9.3.9_PHP7-2018-09-13-08-01-43.2_v2

You should get the output looking like this:

tomas ~/var/docker/m1.docker/html $ patch -p1 < PATCH-1.9.3.1-1.9.3.9_PHP7-2018-09-13-08-01-43.2_v2
patching file app/Mage.php
patching file app/code/core/Mage/Core/Helper/Data.php
patching file app/code/core/Mage/Core/Model/Resource/Session.php
patching file app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
patching file app/code/core/Mage/Core/functions.php
patching file app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Group.php
patching file app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Store.php
patching file app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Website.php
patching file app/code/core/Mage/Customer/Model/Entity/Address/Attribute/Source/Country.php
patching file app/code/core/Mage/Customer/Model/Resource/Address/Attribute/Source/Country.php
patching file app/code/core/Mage/Customer/Model/Resource/Address/Attribute/Source/Region.php
patching file app/code/core/Mage/Eav/Model/Entity/Attribute/Source/Store.php
patching file app/code/core/Mage/Install/etc/install.xml
patching file app/code/core/Mage/Sales/etc/config.xml
patching file app/code/core/Mage/Shipping/Model/Carrier/Abstract.php
patching file app/code/core/Mage/Wishlist/Model/Observer.php
patching file lib/Varien/Autoload.php
patching file lib/Varien/File/Uploader.php
patching file lib/Varien/Io/Sftp.php
patching file lib/mcrypt_compat/mcrypt.php
patching file lib/phpseclib/Crypt/AES.php
patching file lib/phpseclib/Crypt/Base.php
patching file lib/phpseclib/Crypt/Blowfish.php
patching file lib/phpseclib/Crypt/DES.php
patching file lib/phpseclib/Crypt/Hash.php
patching file lib/phpseclib/Crypt/RC2.php
patching file lib/phpseclib/Crypt/RC4.php
patching file lib/phpseclib/Crypt/RSA.php
patching file lib/phpseclib/Crypt/Random.php
patching file lib/phpseclib/Crypt/Rijndael.php
patching file lib/phpseclib/Crypt/TripleDES.php
patching file lib/phpseclib/Crypt/Twofish.php
patching file lib/phpseclib/File/ANSI.php
patching file lib/phpseclib/File/ASN1.php
patching file lib/phpseclib/File/ASN1/Element.php
patching file lib/phpseclib/File/X509.php
patching file lib/phpseclib/Math/BigInteger.php
patching file lib/phpseclib/Net/SCP.php
patching file lib/phpseclib/Net/SFTP.php
patching file lib/phpseclib/Net/SFTP/Stream.php
patching file lib/phpseclib/Net/SSH1.php
patching file lib/phpseclib/Net/SSH2.php
patching file lib/phpseclib/PHP/Compat/Function/array_fill.php
patching file lib/phpseclib/PHP/Compat/Function/bcpowmod.php
patching file lib/phpseclib/PHP/Compat/Function/str_split.php
patching file lib/phpseclib/System/SSH/Agent.php
patching file lib/phpseclib/System/SSH/Agent/Identity.php
patching file lib/phpseclib/bootstrap.php
patching file lib/phpseclib/openssl.cnf

If you prefer GIT over Patch for any reason, you can do the following:

git apply PATCH-1.9.3.1-1.9.3.9_PHP7-2018-09-13-08-01-43.2_v2

After which you can expect something like this:

tomas ~/var/docker/m1.docker/html $ git status
On branch master
Your branch is up to date with 'origin/master'.
 
Changes not staged for commit:
(use "git add/rm ..." to update what will be committed)
(use "git checkout -- ..." to discard changes in working directory)
 
modified: app/Mage.php
modified: app/code/core/Mage/Core/Helper/Data.php
modified: app/code/core/Mage/Core/Model/Resource/Session.php
modified: app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
modified: app/code/core/Mage/Core/functions.php
modified: app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Group.php
modified: app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Store.php
modified: app/code/core/Mage/Customer/Model/Customer/Attribute/Source/Website.php
modified: app/code/core/Mage/Customer/Model/Entity/Address/Attribute/Source/Country.php
modified: app/code/core/Mage/Customer/Model/Resource/Address/Attribute/Source/Country.php
modified: app/code/core/Mage/Customer/Model/Resource/Address/Attribute/Source/Region.php
modified: app/code/core/Mage/Eav/Model/Entity/Attribute/Source/Store.php
modified: app/code/core/Mage/Install/etc/install.xml
modified: app/code/core/Mage/Sales/etc/config.xml
modified: app/code/core/Mage/Shipping/Model/Carrier/Abstract.php
modified: app/code/core/Mage/Wishlist/Model/Observer.php
modified: lib/Varien/Autoload.php
modified: lib/Varien/File/Uploader.php
modified: lib/Varien/Io/Sftp.php
modified: lib/phpseclib/Crypt/AES.php
modified: lib/phpseclib/Crypt/DES.php
modified: lib/phpseclib/Crypt/Hash.php
modified: lib/phpseclib/Crypt/RC4.php
modified: lib/phpseclib/Crypt/RSA.php
modified: lib/phpseclib/Crypt/Random.php
modified: lib/phpseclib/Crypt/Rijndael.php
modified: lib/phpseclib/Crypt/TripleDES.php
modified: lib/phpseclib/Math/BigInteger.php
modified: lib/phpseclib/Net/SFTP.php
modified: lib/phpseclib/Net/SSH1.php
modified: lib/phpseclib/Net/SSH2.php
deleted: lib/phpseclib/PHP/Compat/Function/array_fill.php
deleted: lib/phpseclib/PHP/Compat/Function/bcpowmod.php
deleted: lib/phpseclib/PHP/Compat/Function/str_split.php
 
Untracked files:
(use "git add ..." to include in what will be committed)
 
PATCH-1.9.3.1-1.9.3.9_PHP7-2018-09-13-08-01-43.2_v2
lib/mcrypt_compat/
lib/phpseclib/Crypt/Base.php
lib/phpseclib/Crypt/Blowfish.php
lib/phpseclib/Crypt/RC2.php
lib/phpseclib/Crypt/Twofish.php
lib/phpseclib/File/
lib/phpseclib/Net/SCP.php
lib/phpseclib/Net/SFTP/
lib/phpseclib/System/
lib/phpseclib/bootstrap.php
lib/phpseclib/openssl.cnf
 
no changes added to commit (use "git add" and/or "git commit -a")

Just in case…

1) Keep in mind that even after you patch your site, it will still be compatible with the PHP version you used before applying this patch.

2) Note that your site needs to meet requirements regarding SUPEE_* patches listed next to each specific version supported by PHP 7.2 patch.

3) Make sure that you have uninstalled Inchoo’s original PHP7 compatibility patch https://github.com/Inchoo/Inchoo_PHP7 in case you were using it before applying these patches. (note that it has files in app/code/local/Mage or app/code/community/Mage depending on which version you are using)

4) Check if you have any 3rd party extensions that are incompatible with PHP 7 using this regex against local and community directories:

->\$.+\[.+\]\(.*\)

5) Make sure that you test this on your setup just as precaution to avoid issues with third party extensions etc.

And finally… it is great seeing our own contribution make its way to the official product!

Thanks, Magento, for reaching out to us to make these patches available for everyone!

Related Inchoo Services

You made it all the way down here so you must have enjoyed this post! You may also like:

How to put Magento in maintenance mode with IP filters (the easy way)? Srdjan Stojiljkovic
Srdjan Stojiljkovic, | 10

How to put Magento in maintenance mode with IP filters (the easy way)?

62 comments

  1. From where can I download the Magento PHP 7.2 patches? The official link doesn’t work anymore.

    1. Hi László,

      Yes, official links don’t work because Magento 1 hit it’s end of life.
      We are not hosting any of it.

      Also, if you are using last few versions of M1, this patch shouldn’t be needed.

      If upgrade to M2 is not an option, just try https://www.openmage.org/ it should be fairly easy to upgrade if you know what you are doing.

  2. Hello Team,
    Thanks for you Magento 1.x patches for php 7.2, But we are facing issues in installing those patches. For Instance if i attempt to install SUPEE_10752 on Magento 1.9.2.2 and php version 7.2, I’m ending up with some errors, Can any of you please provide support for us to resolve this issue?

    1. Thank you for your comment. There have been certain issues detected when applying this patch if previously the merchants have installed the first version of one of the previous patches – SUPEE-10570v1.

      If this is the case in your shop, you should remove SUPEE-10570v1 and install SUPEE-10570v2 prior to the installation of SUPEE-10752.

      I hope this helps and makes sense – you can see this note on the patch release page – https://magento.com/security/patches/supee-10752

  3. Hi guys. Please help me with some advices. I’m trying to uninstall inchoo patch from my store. When i delete folders Mage and Inchoo from local folder my website is loading blank pages.

    What can i do to resolve this situation?

    Thank you in advance.

  4. Just installed the Inchoo_PHP7 on my development site and got this error.

    Fatal error: Uncaught Error: Class ‘Inchoo_PHP7_Helper_Data’ not found in /../../../../app/Mage.php:547 .

    Is there any suggestion to fix this problem.

    Thanks.

  5. Will this patch work for PHP version 7.0.33 with Magento CE 1.9.2.1? Please suggest if we need to install this patch or not? Thanks1

  6. Hello, you write:
    3) Make sure that you have uninstalled Inchoo’s original PHP7 compatibility patch https://github.com/Inchoo/Inchoo_PHP7 in case you were using it before applying these patches. (note that it has files in app/code/local/Mage or app/code/community/Mage depending on which version you are using)

    I changed my Magento 1.9.2.2 manually with their patch to PHP 7 at that time. Everything works great, thank you.
    I’d like to upgrade to PHP 7.2 now. How should I undo the old patch now?
    Also, is it a problem if I have previously used the SUPEE 10888?

    Many Thanks

  7. Hi

    Thanks for contributions, I have been finding more and more deprecated functions, as an example each function and create_function which still need to be resolved,I’ve been resolving so many of them and I’ve reported to Magento forum one of them, I was wondering what’s best to give and so they update the patch with new missed files?

    Regards,

  8. There is new patch SUPEE-10975 / Magento 1.9.4.0 which contains your PHP 7.2 compatibility patches. Do I still need to uninstall your Inchoo_PHP7 module before installing SUPEE-10975 (haven´t installed PHP 7.2 support patches) as described in this article please? Or is it ready to go without any changes? Strange you mentioned that only here, but the same advice is not in official SUPEE-10975 documentation.

  9. Moin! Grüße aus Kiel.

    first, thank you for patch!
    I have ubuntu 18.04 and just installed 1.9.3.10 with PHP 7.2 from ondrej repository

    add-apt-repository ppa:ondrej/php
    apt-get update
    apt-get install -y php7.2 php7.2-fpm php7.2-xml php-dev php-pear libmcrypt-dev
    pecl install mcrypt-snapshot

    everything runs smoothly! without errors. is it worth to patch?

    Wbr, Sergej

  10. I Have Magento 1.9.3.10 and PHP 7.2.
    In Dev mode I’m blocked. A lot of method is deprecated on core, for ex:
    Deprecated functionality: The each() function is deprecated. This message will be suppressed on further calls in /var/www/html/lib/Zend/Cache/Backend.php on line 79

    1. This patch never meant to fix issues with depricated features in 7.2, however you shouldn’t get any message about that regardless of your mode.
      Can you confirm that your “app/code/core/Mage/Core/functions.php” is patched?
      Check diff below.

      diff --git a/app/code/core/Mage/Core/functions.php b/app/code/core/Mage/Core/functions.php
      index 0273751..1034a3c 100644
      --- a/app/code/core/Mage/Core/functions.php
      +++ b/app/code/core/Mage/Core/functions.php
      @@ -178,6 +160,11 @@ function mageCoreErrorHandler($errno, $errstr, $errfile, $errline){
      define('E_DEPRECATED', 8192);
      }

      + // Suppress deprecation warnings on PHP 7.x
      + if ($errno == E_DEPRECATED && version_compare(PHP_VERSION, '7.0.0', '>=')) {
      + return true;
      + }
      +
      // PEAR specific message handling
      if (stripos($errfile.$errstr, 'pear') !== false) {
      // ignore strict and deprecated notices

    2. Same thing in EE 1.14.3.10

      Some files are not patched like:

      app/code/core/Enterprise/Logging/Model/Processor.php
      lib/Mage/Cache/Backend/File.php
      lib/Zend/Cache/Backend.php
      lib/Zend/Feed/Element.php

      They use functions like ‘each’ or ‘create_function’ that are deprecated in php7.2, so the patch seems to be usless. (for example i can’t edit a product in the backend)

      You can check the compatibility using:
      https://github.com/PHPCompatibility/PHPCompatibility

    3. @Joaquin
      Same question:
      Is your “app/code/core/Mage/Core/functions.php” patched? If yes, then deprication notices should be disabled.

  11. your patch is working for me,
    patch from magento is not working (500),
    for now i´m happy its runing, but whlile could the magento version not work?

    thanks
    Dennis

    1. Our patch == Magento patch.
      I don’t understand what you are trying to do?
      BTW. 500 is error code, not error itself. Check PHP logs.

    2. After using the patch command use

      php -r 'require "app/Mage.php"; Mage::app()->getCacheInstance()->flush();'

      if you still get a Server Error 500 for example.

    1. Hi Tomas – thanks for that.

      The grep command displayed:
      ‘grep: input file ‘$.+[.+](.*)\’’ is also the output’

      So I just specified an output file in the parent directory
      grep -rnPe .’->\$.+\[.+\]\(.*\)’ > ../grep.txt

    2. Would I run this same command on a Mac?

      grep -rnPe .’->\$.+\[.+\]\(.*\)’ > ../grep.txt

      When I run it, I get:

      usage: grep [-abcDEFGHhIiJLlmnOoqRSsUVvwxZ] [-A num] [-B num] [-C[num]]
      [-e pattern] [-f file] [--binary-files=value] [--color=when]
      [--context[=num]] [--directories=action] [--label] [--line-buffered]
      [--null] [pattern] [file ...]

      It creates the grep.txt file, but there is nothing in it. I don’t think it worked like it should …

  12. Wow, great news!

    Did someone can post some benchmark for Magento 1.9.3.x? Like PHP 5.6 vs 7.2?
    Thank a lot!

  13. Finally, the upgrade for M1 that I’ve been waiting for. I’m loving M1, and will continue to use it even if there’s no support after June 2020. Hahahaha! 😀

    1. Nope. 1.8 isn’t even compatible with PHP 5.6. Honestly, whoever is running M1.8 has more important stuff to do with it’s website than PHP upgrade. 🙂

    1. Hey, i successfully applied it to 1.8.0.0.
      Had to copy the lib/phpseclib from 1.9.2.x first as it doesn’t exist before.
      Only had to do minor adjustments iirc.
      Have extensive Unit, Integration and Behat tests that make sure it’s still working properly.

  14. great work – just patched and running smooth!
    a lot of the modules are using shorthand code though – is there an easy way to fix this type of syntax, as it is not supported in php7.1+?

    &$itemGroup = array()
    $itemGroup[] = $item;
    1. There is not much to be done for 3rd party modules except fix them manually or wait for extension providers to fix them, but to be honest, I’m not even sure what that code does or if it works on any PHP version? Isn’t this just a parse error on any PHP version?

  15. Great work!
    Not the same to many paid extensions that bad obfuscate PHP code (${this->wtf->${wtf}}) and now they are not working.

  16. That’s great. Thank you very much.

    Do you know how to make sure, that there are no issues with a 3rd party extension? Unfortunately I can not test all of my extensions ina development environment since one important extension is is connected via API. So I will only know if something crashes when I applied PHP7.2 to the production site.

    Not sure if I will ever risk this.

    Thanks

    1. Well, one of things that you could do is running this regex against your extension directory: ->\$.+\[.+\]\(.*\)
      When it comes to testing, you should really find the way to test everything in dev environment. It is not that anybody can guarantee you that everything will be ok.
      At some point Magento will include this patches in default codebase and I expect that extension providers will adjust extensions.
      In any case, this patch is backwards compatible with php 5.6. That said, using PHP 7.2 is up to you and about how much you need it, but it sure does come with some effort to invest in case you have highly customized system. 🙂

  17. There is a mistake i n the patch with 7.0.31/7.1.20/7.2.9:

    me@me:/var/www/19310-php72$ php -l lib/phpseclib/Net/SFTP.php
    PHP Fatal error:  Cannot redeclare phpseclib\Net\SFTP::mkdir() in lib/phpseclib/Net/SFTP.php on line 1661
    Errors parsing lib/phpseclib/Net/SFTP.php
    1. Hi Fab,

      Can you put this file in gist or something and send link here?

      I tried on 7.2.10 , 7.2.6., 7.1.17. and 7.0.30 and I don’t have any issues with syntax check.

      Example:

      tomas ~/magento $ php -v
      PHP 7.2.10 (cli) (built: Sep 11 2018 08:51:16) ( NTS )
      Copyright (c) 1997-2018 The PHP Group
      Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
      tomas ~/magento $ php -l lib/phpseclib/Net/SFTP.php
      No syntax errors detected in lib/phpseclib/Net/SFTP.php

      I’m little bit busy atm to get other php versions quickly, but it would help if we could rule out that somehow you ended up with messed up file.
      And if it is not a problem, run something like this:
      tomas ~ $ wget https://raw.githubusercontent.com/phpseclib/phpseclib/master/phpseclib/Net/SFTP.php |php -l
      Thanks!

    2. I’m not sure what you wanted to say by “I’m so surprised”, phpseclib had update 9 days ago.
      Yeah, I was in hurry so I gave you wrong link, but anyway mkdir() is redeclared but it has it’s own namespace.
      I asked you if you have any other phpseclib in same include path, maybe something installed with composer?
      Also, is there any gist that you can make?

    3. Nice to hear that you have no error anymore. I’m not 100% sure what could affect “-l” option for console PHP, but it looks like something environmental (like Dr.House would say :D).
      From my standpoint maybe there is something in with include paths. That’s why I asked about composer.
      Anyway, happy to hear it is ok now. Thanks for pointing the potential issue out 🙂

  18. Thank you for the extension and this patch. I am using the extension from github (develop branch Version 3.0) and it works excellent with PHP 7.2 and Magento 1.9.3.9.
    Have tested the patch as well to look at the results, but it doesnt work with some extensions. So both, extension and patch, will NOT give the same results. Maybe this is useful to know for some.

    1. Hi Bernd,
      what you say is surprise for me since develop branch from extension is almost identicaly implemented in patches (without rewrites). Main difference is that patched doesn’t work via https://github.com/Inchoo/Inchoo_PHP7/blob/3900a39661c53c5703298ed2689ce09bc142b8ce/app/code/community/Inchoo/PHP7/Model/Crypt.php. There is https://github.com/phpseclib/mcrypt_compat added via patches.
      Make sure that you completely remove Inchoo_PHP7 extension before applying patch and note that it is not enough to disable it in /etc/modules (remove this too: https://github.com/Inchoo/Inchoo_PHP7/tree/develop/app/code/community/Mage)
      In any case, we would like to hear more about what works with extension and not working with patch?

    2. Hi Tomas,

      I have deleted the extension via script, altogether 12 files, and yes also the ..community/Mage/ directory.
      Then patched via cli and what I noticed immediatly is that two extension did not work: 1. Amasty Ajax Cart and 2. Amasty Color Swatches Pro. Both do depend on Ajax. I have not invetsigated all extensions, as I have a larger number. I would need to do it all again and then check all functions. I am not sure if I have the time now, but if it is of any help I can do so later.

    3. Sorry to hear that you have this issues with third party extensions, but I’m kind of not sure if it even worked with develop branch of extension. Best bet would be to run this regex against those extension directories
      ->\$.+\[.+\]\(.*\).
      Also, maybe those extensions rewrite some code from Magento that is patched. I can only guess, but maybe original extension had rewrite conflict with two of those you mentioned and somehow Inchoo_PHP7 took over and something was wrong before, but maybe it was undetected…
      I really don’t know and just guessing here. Some error could help if you have it.

    4. I have tried the regex, but it didnt turn up anything.
      One detail I note, is that the extension changes ..Mage/Eav/Model/Entity/Attribute/Source/Table.php
      and the patch does not.

    5. Well, Amasty extensions that you mentioned are paid extensions and who knows what they have in there.
      In any case. At this point there is not much we can do unless you provide any kind of related message from Magento system.log, exception.log, report directory or php error log. Otherwise I’m blind 🙂

    6. Ok, I have found the cause.
      It was a file in the local folders.
      Now, the result and behaviour of patch and extension is the same.
      The two Amasty extensions work without problems, as before.
      Thanks for your help.

  19. Just want to say a big thanks for your work on this. Your extension allowed us to move to PHP 7 months ago, speeding up our website considerably. This speed boost was noticed by many customers.

    I must admit I wasn’t expecting Magento to actually ever support PHP 7.x on Magento 1, despite claims that it was being looked into, so am really pleased it is now officially supported.

    Again, a big thanks for delivering compatibility so far in advance of the official patch!

  20. Thanks for your work on helping M1 merchants stay on a supported PHP version! Do you happen to know if there are any community initiatives to add PHP 7.2 support to Magento 1.13?

    1. I am not aware of any such initiative. Magento CE 1.9.2 / Magento EE 1.14.2 and earlier are not even compatible with PHP 5.6.
      Maybe I’m mistaken, but whoever is running 1.13 probably doesn’t have PHP upgrade on the list of priorities.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <blockquote cite=""> <code> <del datetime=""> <em> <s> <strike> <strong>. You may use following syntax for source code: <pre><code>$current = "Inchoo";</code></pre>.

Tell us about your project

Drop us a line. We'd love to know more about your project.