Skip to main content

5 posts tagged with "php"

View All Tags

· 2 min read
Sarah Backhouse

Jadu CMS 20.1.1 fixes an issue introduced in Jadu CMS 20.0.0, where:

  • when a directory record included a HTML field,
  • if the HTML field was empty when the record was edited,
  • and the HTML control wasn’t opened before saving the record,
  • then the record would be saved with space characters associated with the HTML field.

As part of our fix for this issue, we wish to remove any broken data that may have been introduced to your database.

This will require us to run a database migration, Version20210601121027, that removes the space character records. This will affect records that match the “Data before” pattern in the following way:

Data beforeData after
" \r\n"""

Given the nature of this migration, we will not be able to detect places in your data where the space characters have been removed. In the case of the Jadu CMS 20.1.1 patch being rolled back, the space character data will not be reinserted into your database.

While we expect that there will be very limited data that matches this pattern, and that any data that matches this pattern will be as a result of the bug introduced in Jadu CMS 20.0.0, we want to make you aware of this action in advance of it being applied to your data.

· 4 min read
Sarah Backhouse

From August 2021, Jadu CMS and Jadu XFP will support:

  • PHP 7.4
  • SQL Server 2019
  • Windows Server 2019
  • MariaDB 10.5

Support for older software versions, which no longer receive security updates, will be discontinued. As a result, Jadu CMS and Jadu XFP will deprecate support for:

  • PHP 7.1
  • SQL Server 2012 SP2
  • Windows Server 2012 R2
  • CentOS 6.x
  • Redhat 6.x

Also, support for the mail transport protocol will be removed entirely in the next major CMS release (22.0.0), in favour of using SMTP.

Why the change?

Software versions that no longer receive updates from their developers can be vulnerable to compromised security. We want to provide you with the highest level of security support, and therefore recommend you upgrade your system to utilise our updated platform.

What do I need to do?

If you have any PHP code on your website that’s not provided by Jadu, you will need to ensure its compatibility prior to upgrading.

To upgrade, you don’t need to do anything if you’re hosted by Jadu Creative as you'll be upgraded as part of your platform management agreement; our team will be in touch in due course.

Otherwise:

  • Ensure that you have upgraded to CMS 20.0.0+ and XFP 7.0.0+ before starting the upgrade process.
  • Linux customers should ensure they upgrade to MariaDB 10.5 and PHP 7.4, and then apply CMS 21.0.0 and XFP 8.0.0 patches.
  • Windows customers should upgrade to Windows Server 2019, SQL Server 2019 and PHP 7.4, and then apply CMS 21.0.0 and XFP 8.0.0 patches.
  • Many customers already use SMTP to deliver emails from their Jadu CMS and XFP system. If you do not currently use SMTP, you should plan to move to SMTP in line with these updates.

## FAQs

PHP update

Why do I have to upgrade the PHP version?

PHP is the programming language used by Jadu products. Periodically new versions of PHP are released, which offer new features and other enhancements. Over time, support for older versions of PHP are dropped.

The version of PHP installed on the majority of our customers’ environments is PHP 7.2. As PHP 7.2 is no longer receiving security updates, we strongly recommend updating. Details on support for PHP versions is available on their website.

When can I upgrade to PHP 7.4?

Support for PHP 7.4 has been released in CMS 21.0.0, and XFP 8.0.0. Self hosted customers will be able to start the PHP upgrade process from that point. Jadu hosted customers will be contacted when their system is due to be upgraded.

Can I run multiple versions of PHP concurrently?

No, we require that only one version of PHP is run on your supported environments.

Who pays for the support for PHP 7.4 updates?

Required supportCoverage/payment
Upgrading your server to PHP 7 +Covered within your hosting and platform management agreement with Jadu, if you have one.
Changes in CMS softwareCovered by your support agreement.
Changes in XFP softwareCovered by your support agreement.
Changes in your front end templatesNot covered.
Changes in custom developments provided by JaduCovered if you have a separate support agreement for this software.
Changes in customer developments created by youNot covered.

Standardisation on SMTP

Who does this affect?

Customers using Windows will have been advised to use SMTP when their system was originally installed and we therefore do not expect them to be affected by this change, but please do your own due diligence.

Jadu hosted customers are not required to make any changes, Jadu will make these changes as part of our hosted service.

Self-hosted Linux platform customers will be required to make the required changes prior to Jadu CMS 22.0.0 being applied to their system.

What action is required?

If you are currently sending email via mail transport in Jadu CMS or Jadu XFP, you will need to move to an SMTP service before Jadu CMS 22.0.0 or later updates are applied to your system.

Jadu CMS has included SMTP support for many years, and as such, you should be free to complete any required change prior to the patch.

Will there be any disruption to my service?

There should be no disruption to your service. Jadu CMS has supported SMTP for some time, and so the required changes can be made any time before your patch with Jadu CMS 22.0.0.

· 4 min read
Sarah Backhouse

As announced at the Jadu Academy in Birmingham, there are a few changes that we’ll be introducing throughout the course of 2019, as part of our ongoing commitment to our supported customers in keeping your Jadu software current, compliant and secure.

The Critical Need To's

  1. Adhere with changes required by WCAG 2.1
  2. Drop support for legacy IE browser versions
  3. Use a newer Symfony PHP framework version
  4. Move to CentOS 7 (for managed & self-managed Linux customers)

Some of these will require you to ensure that any custom developments that you or your teams may have developed can remain operational following these changes coming into effect.

Adherence with WCAG 2.1 & Control Center UX

It’s a busy time in the CMS and XFP teams. The introduction of EN 301 549 ‘Accessibility requirements for ICT products and services’ brings with it a requirement to comply with Web Content Accessibility Guidelines (WCAG) 2.1 AA.

We’re taking this as a timely opportunity to reassess all our user interfaces to ensure that they are modern, consistent and compliant.

The final list of changes has yet to be finalised but it will include some degree of change to our interface CSS and mark up.

If you have created any custom Control Centre interfaces you should plan to review these for alignment with the WCAG 2.1 principles and also compatibility with our updated interface library.

note

There are a number of useful tools that we have reviewed such as AXE Pro that can assist in this effort.

Dropping support for legacy IE browser versions

Microsoft dropped support for their browser, Internet Explorer (IE), versions 8, 9 and 10 some time ago. We’ve allowed a long grace period for our customers to follow this lead, however, the time has now come to officially withdraw support these browser versions. This will allow us to upgrade key javascript libraries (e.g. jQuery from version 1.12.4 to 3.x while also removing the previously utilised scriptaculous/prototype libraries) within our user interface framework to ensure that we maintain a secure and modern user interface for you.

Any custom Control Centre interfaces that may have been added to your systems therefore will need to be checked for any incompatible usage with the updated library.

Moving to a later Symfony PHP framework version

The PHP framework Symfony is used by Jadu software, however, the community that manage this project have announced an end of life date for security fixes on the version we utilise (2.8) to be November 2019. We are currently in the process of moving over to support Symfony version 3.4 in the software, which will keep us using a supported version from the community until November 2021 or whenever we decide to move to a later version iteration, whichever comes first!

Any custom developments that have been built by your team to utilise Symfony directly will therefore need to be checked for any incompatible usage with the switch to version 3.4.

Moving to CentOS 7

We’ve held off implementing PHP 7.x specific features until now. However, with the advent of XFP version 6.x and above, we need to utilise features that only PHP 7.x provides.

Support for PHP 7.1 and PHP 7.2 was added during June 2018. The PHP community has announced an End of Life date for PHP 7.1 of December 2019. We recommend customers move to PHP 7.2 ahead of the end of life date to ensure that you are able to receive security updates beyond then.

For Linux hosted customers, PHP 7.2 does require you to be running on the CentOS 7 operating system, where previously we have supported implementations on CentOS 6.

We’ll provide further guidance on each of these important changes in coming months, so do please lookout for these.

· 5 min read
Sarah Backhouse

We’re making the power of PHP 7.1+ available to all of our customers.

From December 2018, PHP versions 5.6 and 7.0 will no longer receive security updates from the PHP Group. We want to ensure that you always receive the highest level of security support, therefore PHP 7.1+ or higher will need to be installed on servers running the Jadu software by this time.

From July 2018, Jadu Continuum will support PHP 7.1, so you have plenty of time to install it if you host your website yourself or use a third party hosting provider. We’ll support you to ensure the needed actions are applied before the end of December so you’re able to receive patches for security issues.

The following actions will need to be taken:

(note: these differ depending on the server you’re currently using)

  • Customers hosted by Spacecraft will be upgraded as part of your platform management agreement. You don’t need to do anything and the team will be in touch.
  • Linux customers on Centos 6 should upgrade to PHP 7.1.
  • Windows customers on Windows Server 2012 should upgrade to PHP 7.2.
  • If you have any PHP code on your website not provided by Jadu or Spacecraft, you will need to ensure it is PHP 7.1/7.2 compatible prior to upgrading.

Some of the benefits of upgrading include:

  • A more modern and secure option for your hosting environment
  • Longer term, ongoing security support
  • Faster performance
  • Estimated more than 30% memory consumption improvement
  • Better concurrency - up to 3x as many requests can be served per second
note

Remember, if you have any in-house or bespoke development work, it’s important that you confirm this is PHP 7.1+ compatible prior to upgrading your hosting environment, and that you have any necessary software licenses in place.

You will also need to ensure that you have patched your Continuum software with the compatible release. You can do this by raising a support ticket, or downloading the relevant patch from the support portal.

When you’re ready to go, either follow our easy upgrade instructions (coming soon) if you self-host, or reach out to Support.

If you have any questions in the meantime see our FAQs below, or get in touch.

FAQs

Q1. Why do we have to upgrade PHP version?

PHP is the programming language used by Jadu Continuum products. Periodically new versions of PHP are released that offer new features and other enhancements. Over time, support for older versions of PHP are dropped.

The version of PHP installed on the majority of our customers' environments is PHP 5.6. PHP 5.6 is approaching the end of its life, and security support for this version will end 31st December 2018.

In line with our security policy and the tenets set out by GDPR, we are upgrading our software to support a version of PHP that will receive longer term security updates, PHP 7.1 and PHP 7.2.

Q2. When can I upgrade to a PHP 7.1 or PHP 7.2 environment?

Support for PHP 7.1 and PHP 7.2 is due to be release by the Continuum CMS team on Friday 8th June 2018. Support for PHP 7.1 and PHP 7.2 is due to be released by the Continuum XFP team on Friday 29th June 2018.

Customers will be able to commence the PHP upgrade process after the relevant point dependant on the Jadu software that you are running.

Q3. Who pays for the support for PHP 7.1 & PHP 7.2 updates?

Required supportCoverage/payment
Upgrading your server to PHP 7 +Covered by your hosting and platform management agreement with Spacecraft if you have one.
Changes in CMS softwareCovered by your support agreement.
Changes in XFP softwareCovered by your support agreement.
Changes in your front end templatesNot covered.
Changes in custom developments provided by SpacecraftCovered if you have a separate support agreement for this software.
Changes in customer developments created by youNot covered.

Q4. What are the benefits of PHP 7.1 and PHP 7.2?

PHP 7 is much speedier than PHP 5. Upgrading to PHP 7 is estimated to bring about a >30% improvement in memory consumption More concurrent users can be served, up to 3 times as many requests per second Long term support and lower technical debt with ongoing support of bug fixes, security patches and maintenance updates.

Q5. Can I run multiple versions of PHP concurrently?

No, we require that only one version of PHP is run on your supported environments.

Q6. Where can I find PHP 7.1 and PHP 7.2 documentation?

  • Please remember that customer code written by you or a third-party is outside of your Spacecraft support agreement.
  • We do not provide technical services to help customers become compatible with PHP 7.1 and PHP 7.2.
  • Check that any code you manage is PHP 7.2 compatible, you can use the open source PHPCompatibility library to help identify any issues.
  • Raise a Spacecraft support ticket to initiate the PHP 7.2 compatibility check of any code Spacecraft manage.
  • If you are self hosted, download the upgrade documentation and instructions (coming soon) to initiate your PHP 7.2 upgrade process.
  • If you are Spacecraft hosted, or use code that Spacecraft manage, reach out to support to initiate the PHP 7.2 upgrade process.

· 6 min read
Sarah Backhouse

As of 31st December 2016, Jadu will no longer be testing our products and their regular Continuum releases against PHP version 5.3 in favour of a PHP 5.6 baseline testing regime.

So what version of PHP is now supported?

PHP 5.6 has been tested and supported by Jadu since April 2015.

Will Jadu software still work with PHP 5.3?

Jadu initially deprecated PHP 5.3 in CMS release #26. We have consciously not yet started to develop with features of the PHP language that only exist within later versions because we want to give our customers enough time to plan and implement any necessary changes whilst we strive to continue to ship new features and fixes regularly. We cannot however continue to test against and therefore officially support PHP 5.3 based implementations from 31st December 2016 onwards.

Why have we done this / what are the benefits that we (the customer) will realise?

A whole host of reasons really, those of particular note include...

  • Security; more secure with the removal of register globals settings etc.
  • Performance; internal language optimizations as well as vastly reduced memory usage.
  • PHP community support; PHP 5.3 is no longer maintained - this therefore impacts such as your PSN compliance returns for example.
  • 3rd party library support; Releases Jadu, our partners and customers from older versions of libraries that have/become inactive maintainance wise (we'll be changing our compatibility requirement in composer, which will no longer enforce 3rd party compatibility with PHP 5.3).
  • PHP enhancements; New and more consistent PHP language features for your developers to utilise.
  • Operating architecture support; support for more modern underlying OS’s & architectures such as 64-bit support.

How long will PHP 5.6 be supported for?

PHP 5.3 security support ended mid-2014, so it’s imperative that we progress anyone still running PHP 5.3 forwards to a maintained version.

The PHP community have announced that the current scheduled end of security fixes for PHP 5.6 will be around 31st Dec 2018. Before this time comes, Jadu will have moved our products forwards to support PHP version 7.x (or later) within our software. We expect to be able to begin to support PHP version 7.x implementations early 2017.

What is the level of effort and what is involved in this process?

This will depend on a number of factors including:

  • How many environments you have that will require the PHP version upgrading on
  • Who hosts / manages these environments on a day-to-day basis for you
  • Scale of any custom developments / modules that you might have and whether these are supported by Jadu or developed internally within your organisation. Any internally developed solutions should be checked / tested / changed to work under PHP 5.6 accordingly.

How do I find out if this impacts me?

We have analysed the current customer base (both those in active projects and those already live) and will be raising a support ticket in your account if we have determined that action is required in your specific case. This ticket will give you more details about planned next steps. If you have not received a support ticket and wish to discuss this with us, then please contact the support team.

We have a support contract with Jadu/Spacecraft, what does this cover in relation to this upgrade?

We will assist in this effort for customers with an active support agreement for the supported environment and for those environments that we host & manage for you. The upgrade of any supplemental environments not covered by an active support agreement or hosted by us, will need to be managed by the relevant team / organisation that manages these on your behalf.

We host with Jadu/Spacecraft, what does this mean for me?

We will be undertaking a programme of work to move any customers that require any effort between now and 31st December 2016. After the initial support ticket is raised, we will continue to communicate with relevant personnel within your organisation ahead of time regarding any planned maintenance work to move you towards a supportable environment.

We host internally or with a 3rd party provider, what will we need to do?

If you host your own Jadu software internally or via a 3rd party hosting provider, then upgrades of these environments will need to be planned by the relevant team / organisation. We can supply guidance as to the steps we will be undertaking for environments that we manage, but these may need to be adjusted / adapted for anything specific to your own specific hosting arrangements.

## We have custom written code that we’ve added ourselves, what can we do to check it will work?

You will only need to check PHP code that you have authored or changed and not the core Jadu software. This might include for example:

  • Custom widgets that you’ve uploaded
  • Frontend website templates added or changed
  • Custom snippets that you’ve added
  • Custom actions / connectors / extensions to extensible modules such as XFP
  • Custom Control Centre modules / module pages that you’ve added

When beginning the process of checking any of your customised code for PHP 5.6 support, we utilised open source tools such as PHP Code sniffer and PHPCompatibility that can be used to scan a codebase and report upon the use of features of the language that may no longer exist within the 5.6 version of the PHP language for instance. Various tutorials exist for developers to follow along with when using tools such as this, a couple of examples of which are provided below:

http://enzolutions.com/articles/2015/06/07/how-to-check-php-compatibility/ https://blog.nerdery.com/2013/11/code-compatible-php-5-4-5-5/ (update to check against 5.6 respectively)

I have other questions not answered in this page, who can I speak to about these?

If you have any initial follow on questions then please raise those in response to the support tickets that we raise on your behalf in your accounts so that we can get you and any other customers that might have the same questions all the information you need in good time to plan your upgrades during this calendar year. We will update this document with any common questions & answers as hey come through to us.