Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Drop PHP 5.3 from Travis-CI build matrix #880

Merged
merged 4 commits into from
Sep 5, 2015
Merged

Drop PHP 5.3 from Travis-CI build matrix #880

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
0f18864
drop php 5.3 from travis build matrix
Jul 15, 2015
fb2eda8
Update composer php requirement to >= 5.4
Jul 15, 2015
d36037d
Remove comment in security.rst about MySQL with PHP <= 5.3.6
Sep 3, 2015
190c0e5
Remove php 5.3 mariadb matrix entries
Sep 5, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 0 additions & 13 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
language: php

php:
- 5.3
- 5.4
- 5.5
- 5.6
Expand Down Expand Up @@ -30,10 +29,6 @@ script: ./vendor/bin/phpunit --configuration tests/travis/$DB.travis.xml

matrix:
include:
- php: 5.3
env: DB=mariadb
addons:
mariadb: 5.5
- php: 5.4
env: DB=mariadb
addons:
Expand All @@ -55,10 +50,6 @@ matrix:
addons:
mariadb: 5.5

- php: 5.3
env: DB=mariadb
addons:
mariadb: 10.0
- php: 5.4
env: DB=mariadb
addons:
Expand All @@ -80,10 +71,6 @@ matrix:
addons:
mariadb: 10.0

- php: 5.3
env: DB=mariadb
addons:
mariadb: 10.1
- php: 5.4
env: DB=mariadb
addons:
Expand Down
2 changes: 1 addition & 1 deletion composer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
{"name": "Jonathan Wage", "email": "jonwage@gmail.com"}
],
"require": {
"php": ">=5.3.2",
"php": ">=5.4",
"doctrine/common": "~2.4"
},
"require-dev": {
Expand Down
19 changes: 1 addition & 18 deletions docs/en/reference/security.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,21 +154,4 @@ the ``Connection#quote`` method:
$sql = "SELECT * FROM users WHERE name = " . $connection->quote($_GET['username'], \PDO::PARAM_STR);

This method is only available for SQL, not for DQL. For DQL it is always encouraged to use prepared
statements not only for security, but also for caching reasons.

Non-ASCII compatible Charsets in MySQL
--------------------------------------

Up until PHP 5.3.6 PDO has a security problem when using non ascii compatible charsets. Even if specifying
the charset using "SET NAMES", emulated prepared statements and ``PDO#quote`` could not reliably escape
values, opening up to potential SQL injections. If you are running PHP 5.3.6 you can solve this issue
by passing the driver option "charset" to Doctrine PDO MySQL driver. Using SET NAMES does not suffice!

.. code-block::

<?php
$conn = DriverManager::getConnection(array(
'driver' => 'pdo_mysql',
'charset' => 'UTF8',
));

statements not only for security, but also for caching reasons.