# Install certain version of php



## heximal (Nov 22, 2013)

Hello. 

I have FreeBSD 9.1-STABLE and PHP 5.4.15 onboard. Now my goal is to upgrade PHP to 5.4.17 (not just to the latest one). Is there any simple and safe way of doing it?


----------



## ShelLuser (Nov 22, 2013)

Why not use the current 5.4.21 instead? (current for FreeBSD).

The problem with your idea is that it's a potential recipe for disaster, because there is a good reason why the current version sits at 21 and not 17: Security vulnerabilities, I quote:



> The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.


And that's not even mentioning all the non-lethal bugs which have been fixed in PHP 5.4.22 like problems with FTP transfers, ODBC, sockets and XML. See the changelog.

Bottom line: if you're running a server which is connected to the Internet you simply can't afford to be using an older, insecure, version of PHP since you will run into problems sooner or later.


----------



## heximal (Nov 23, 2013)

Thanks for useful recommendation @ShelLuser, I've decided to follow them and upgraded to latest version 5.4.21. Now I've got another question. I've been using `portupgrade -fpb php5\*` hoping that it would upgrade PHP itself and all installed extentions. The execution has stopped with the message:


```
checking for unixODBC support... configure: error: ODBC header file '/usr/local/include/sqlext.h' not found!
===>  Script "configure" failed unexpectedly.
Please report the problem to ale@FreeBSD.org [maintainer] and attach the
"/usr/ports/databases/php5-odbc/work/php-5.4.21/ext/odbc/config.log" including
the output of the failure of your make command. Also, it might be a good idea
to provide an overview of all packages installed on your system (e.g. a
/usr/sbin/pkg_info -Ea).
*** [do-configure] Error code 1

Stop in /usr/ports/databases/php5-odbc.
*** [package] Error code 1

Stop in /usr/ports/databases/php5-odbc.
*** [build-depends] Error code 1

Stop in /usr/ports/lang/php5-extensions.
*** [configure] Error code 1

Stop in /usr/ports/lang/php5-extensions.
** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade20131123-63586-j7oy7y env UPGRADE_TOOL=portupgrade UPGRADE_PORT=php5-extensions-1.7 UPGRADE_PORT_VER=1.7 make DEPENDS_TARGET=package
** Fix the problem and try again.
--->  Packaging 'php5-extensions-1.7' as dependency
Creating package /usr/ports/packages/All/php5-extensions-1.7.tbz
Creating bzip'd tar ball in '/usr/ports/packages/All/php5-extensions-1.7.tbz'
** Listing the failed packages (-:ignored / *:skipped / !:failed)
	! lang/php5-extensions (php5-extensions-1.7)	(configure error)
```

But after that the server looks alive (I restarted Apache). I can see that PHP is upgraded and there are no fatal malfunctions. So now the question is how critical is the error I've got? How to determine which of the extensions wasn't upgraded? Is there any incompatibility at all between previous versions of extensions and new version of PHP?


----------



## ShelLuser (Nov 23, 2013)

This could easily turn into an issue when you're using database support. But fortunately this problem also isn't that hard to solve:


```
root@smtp2:/usr/ports/databases/php5-odbc # make build-depends-list
/usr/ports/databases/unixODBC
/usr/ports/devel/autoconf
/usr/ports/lang/php5
```
It appears as if your installation of databases/unixODBC is incomplete. And I'm tempted to blame portupgrade for it; it should have checked for dependencies and resolved those.

My (biased) advice would be to install ports-mgmt/portmaster and then check exactly what the state of your dependencies is by running `portmaster --check-depends`. After that you can take appropriate actions to fix those (assuming something is amiss, which I suspect to be the case).

To solve this problem all you need is to re-install databases/php5-odbc and make sure all dependencies are resolved, that can be done as follows: `# portmaster -f databases/php5-odbc`.

As an unrelated side-note: I noticed you're using databases/php5-odbc (kind of hard to miss ). Now, maybe you already know of this option but just in case: many PHP extensions which can be very useful for common usage can be easily maintained using lang/php5-extensions. You basically configure this meta-port and then by installing it you'll automatically get all the PHP functionality which you selected during the configuration stage. So, for example, installing this port could automatically set up extensions as databases/php5-mysql, graphics/php5-gd, archivers/php5-bz2 and of course databases/php5-odbc. There's a lot more, I merely summed up the most commonly used names here.

It is a very easy way to quickly install several commonly used PHP extensions in one go.


----------

