From e09bbc10727023bab0b360babac9f11868fe641a Mon Sep 17 00:00:00 2001
From: Jesse Norell <jesse@kci.net>
Date: Thu, 24 Mar 2022 09:34:37 -0600
Subject: [PATCH 1/3] add compatibility functions to server/ environment

---
 server/lib/app.inc.php           |  2 +
 server/lib/compatibility.inc.php | 80 ++++++++++++++++++++++++++++++++
 2 files changed, 82 insertions(+)
 create mode 100644 server/lib/compatibility.inc.php

diff --git a/server/lib/app.inc.php b/server/lib/app.inc.php
index ea6bf27977..a2e2dcf19b 100644
--- a/server/lib/app.inc.php
+++ b/server/lib/app.inc.php
@@ -27,6 +27,8 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
+require_once 'compatibility.inc.php';
+
 // Set timezone
 if(isset($conf['timezone']) && $conf['timezone'] != '') {	// note: !empty($conf['timezone']) should give the same result and is more idiomatic for current versions of PHP (gwyneth 20220315)
 	date_default_timezone_set($conf['timezone']);
diff --git a/server/lib/compatibility.inc.php b/server/lib/compatibility.inc.php
new file mode 100644
index 0000000000..562e07ada4
--- /dev/null
+++ b/server/lib/compatibility.inc.php
@@ -0,0 +1,80 @@
+<?php
+
+/*
+Copyright (c) 2021, Jesse Norell <jesse@kci.net>
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/* random_bytes can be dropped when php 5.6 support is dropped */
+if (! function_exists('random_bytes')) {
+	function random_bytes($length) {
+		return openssl_random_pseudo_bytes($length);
+	}
+}
+
+/* random_int can be dropped when php 5.6 support is dropped */
+if (! function_exists('random_int')) {
+	function random_int($min=null, $max=null) {
+		if (null === $min) {
+			$min = PHP_INT_MIN;
+		}
+
+		if (null === $max) {
+			$min = PHP_INT_MAX;
+		}
+
+		if (!is_int($min) || !is_int($max)) {
+			trigger_error('random_int: $min and $max must be integer values', E_USER_NOTICE);
+			$min = (int)$min;
+			$max = (int)$max;
+		}
+
+		if ($min > $max) {
+			trigger_error('random_int: $max can\'t be lesser than $min', E_USER_WARNING);
+			return null;
+		}
+
+		$range = $counter = $max - $min;
+		$bits = 1;
+
+		while ($counter >>= 1) {
+			++$bits;
+		}
+
+		$bytes = (int)max(ceil($bits/8), 1);
+		$bitmask = pow(2, $bits) - 1;
+
+		if ($bitmask >= PHP_INT_MAX) {
+			$bitmask = PHP_INT_MAX;
+		}
+
+		do {
+			$result = hexdec(bin2hex(random_bytes($bytes))) & $bitmask;
+		} while ($result > $range);
+
+		return $result + $min;
+	}
+}
-- 
GitLab


From 9be73c126d32f62a3774fe3d0931b17022645f7e Mon Sep 17 00:00:00 2001
From: Jesse Norell <jesse@kci.net>
Date: Thu, 24 Mar 2022 09:37:49 -0600
Subject: [PATCH 2/3] add compatibility functions to installer environment

---
 install/lib/compatibility.inc.php | 80 +++++++++++++++++++++++++++++++
 install/lib/install.lib.php       |  1 +
 2 files changed, 81 insertions(+)
 create mode 100644 install/lib/compatibility.inc.php

diff --git a/install/lib/compatibility.inc.php b/install/lib/compatibility.inc.php
new file mode 100644
index 0000000000..562e07ada4
--- /dev/null
+++ b/install/lib/compatibility.inc.php
@@ -0,0 +1,80 @@
+<?php
+
+/*
+Copyright (c) 2021, Jesse Norell <jesse@kci.net>
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/* random_bytes can be dropped when php 5.6 support is dropped */
+if (! function_exists('random_bytes')) {
+	function random_bytes($length) {
+		return openssl_random_pseudo_bytes($length);
+	}
+}
+
+/* random_int can be dropped when php 5.6 support is dropped */
+if (! function_exists('random_int')) {
+	function random_int($min=null, $max=null) {
+		if (null === $min) {
+			$min = PHP_INT_MIN;
+		}
+
+		if (null === $max) {
+			$min = PHP_INT_MAX;
+		}
+
+		if (!is_int($min) || !is_int($max)) {
+			trigger_error('random_int: $min and $max must be integer values', E_USER_NOTICE);
+			$min = (int)$min;
+			$max = (int)$max;
+		}
+
+		if ($min > $max) {
+			trigger_error('random_int: $max can\'t be lesser than $min', E_USER_WARNING);
+			return null;
+		}
+
+		$range = $counter = $max - $min;
+		$bits = 1;
+
+		while ($counter >>= 1) {
+			++$bits;
+		}
+
+		$bytes = (int)max(ceil($bits/8), 1);
+		$bitmask = pow(2, $bits) - 1;
+
+		if ($bitmask >= PHP_INT_MAX) {
+			$bitmask = PHP_INT_MAX;
+		}
+
+		do {
+			$result = hexdec(bin2hex(random_bytes($bytes))) & $bitmask;
+		} while ($result > $range);
+
+		return $result + $min;
+	}
+}
diff --git a/install/lib/install.lib.php b/install/lib/install.lib.php
index 0f57e1f456..88021a8881 100644
--- a/install/lib/install.lib.php
+++ b/install/lib/install.lib.php
@@ -29,6 +29,7 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 error_reporting(E_ALL|E_STRICT);
 
+require_once 'compatibility.inc.php';
 
 $FILE = realpath('../install.php');
 
-- 
GitLab


From 5cf9e792644733df63f48b3aab8a7a17be50f9dc Mon Sep 17 00:00:00 2001
From: Jesse Norell <jesse@kci.net>
Date: Thu, 24 Mar 2022 10:27:35 -0600
Subject: [PATCH 3/3] version check for loading compatibility functions

---
 install/lib/install.lib.php | 4 +++-
 interface/lib/app.inc.php   | 4 +++-
 server/lib/app.inc.php      | 4 +++-
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/install/lib/install.lib.php b/install/lib/install.lib.php
index 88021a8881..d9b482a842 100644
--- a/install/lib/install.lib.php
+++ b/install/lib/install.lib.php
@@ -29,7 +29,9 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 error_reporting(E_ALL|E_STRICT);
 
-require_once 'compatibility.inc.php';
+if(version_compare(phpversion(), '7.0', '<')) {
+	require_once 'compatibility.inc.php';
+}
 
 $FILE = realpath('../install.php');
 
diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php
index 7ff158fbdc..96e8a1ddef 100755
--- a/interface/lib/app.inc.php
+++ b/interface/lib/app.inc.php
@@ -28,7 +28,9 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
-require_once 'compatibility.inc.php';
+if(version_compare(phpversion(), '7.0', '<')) {
+	require_once 'compatibility.inc.php';
+}
 
 //* Enable gzip compression for the interface
 ob_start('ob_gzhandler');
diff --git a/server/lib/app.inc.php b/server/lib/app.inc.php
index a2e2dcf19b..ffd20e9fb6 100644
--- a/server/lib/app.inc.php
+++ b/server/lib/app.inc.php
@@ -27,7 +27,9 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
-require_once 'compatibility.inc.php';
+if(version_compare(phpversion(), '7.0', '<')) {
+	require_once 'compatibility.inc.php';
+}
 
 // Set timezone
 if(isset($conf['timezone']) && $conf['timezone'] != '') {	// note: !empty($conf['timezone']) should give the same result and is more idiomatic for current versions of PHP (gwyneth 20220315)
-- 
GitLab