Commit | Line | Data |
---|---|---|
e3747bbc | 1 | # Migrating from WSC 5.3 - PHP |
f64d43c9 | 2 | |
df236679 TD |
3 | ## Minimum requirements |
4 | ||
5 | The minimum requirements have been increased to the following: | |
6 | ||
7 | - **PHP:** 7.2.24 | |
8 | - **MySQL:** 5.7.31 or 8.0.19 | |
9 | - **MariaDB:** 10.1.44 | |
10 | ||
11 | Most notably PHP 7.2 contains usable support for scalar types by the addition of nullable types in PHP 7.1 and parameter type widening in PHP 7.2. | |
12 | ||
13 | It is recommended to make use of scalar types and other newly introduced features whereever possible. | |
14 | Please refer to the PHP documentation for details. | |
15 | ||
f64d43c9 MS |
16 | ## Flood Control |
17 | ||
18 | To prevent users from creating massive amounts of contents in short periods of time, i.e., spam, existing systems already use flood control mechanisms to limit the amount of contents created within a certain period of time. | |
19 | With WoltLab Suite 5.4, we have added a general API that manages such rate limiting. | |
20 | Leveraging this API is easily done. | |
21 | ||
22 | 1. Register an object type for the definition `com.woltlab.wcf.floodControl`: `com.example.foo.myContent`. | |
23 | 2. Whenever the active user creates content of this type, call | |
24 | ```php | |
25 | FloodControl::getInstance()->registerContent('com.example.foo.myContent'); | |
26 | ``` | |
27 | You should only call this method if the user creates the content themselves. | |
28 | If the content is automatically created by the system, for example when copying / duplicating existing content, no activity should be registered. | |
29 | 3. To check the last time when the active user created content of the relevant type, use | |
30 | ```php | |
31 | FloodControl::getInstance()->getLastTime('com.example.foo.myContent'); | |
32 | ``` | |
33 | If you want to limit the number of content items created within a certain period of time, for example within one day, use | |
34 | ```php | |
35 | $data = FloodControl::getInstance()->countContent('com.example.foo.myContent', new \DateInterval('P1D')); | |
36 | // number of content items created within the last day | |
37 | $count = $data['count']; | |
38 | // timestamp when the earliest content item was created within the last day | |
39 | $earliestTime = $data['earliestTime']; | |
40 | ``` | |
41 | The method also returns `earliestTime` so that you can tell the user in the error message when they are able again to create new content of the relevant type. | |
9003992d | 42 | !!! info "Flood control entries are only stored for 31 days and older entries are cleaned up daily." |
f64d43c9 MS |
43 | |
44 | The previously mentioned methods of `FloodControl` use the active user and the current timestamp as reference point. | |
45 | `FloodControl` also provides methods to register content or check flood control for other registered users or for guests via their IP address. | |
46 | For further details on these methods, please refer to the [documentation in the FloodControl class](https://github.com/WoltLab/WCF/blob/master/wcfsetup/install/files/lib/system/flood/FloodControl.class.php). | |
47 | ||
9003992d | 48 | !!! warning "Do not interact directly with the flood control database table but only via the `FloodControl` class!" |
97c25e32 | 49 | |
6954627f MS |
50 | ## PHP Database API |
51 | ||
52 | The PHP API to add and change database tables during package installations and updates in the `wcf\system\database\table` namespace now also supports renaming existing table columns with the new `IDatabaseTableColumn::renameTo()` method: | |
53 | ||
54 | ```php | |
55 | PartialDatabaseTable::create('wcf1_test') | |
56 | ->columns([ | |
57 | NotNullInt10DatabaseTableColumn::create('oldName') | |
58 | ->renameTo('newName') | |
59 | ]); | |
60 | ``` | |
61 | ||
9003992d | 62 | !!! info "Like with every change to existing database tables, packages can only rename columns that they installed." |
6954627f | 63 | |
97c25e32 TD |
64 | ## Captcha |
65 | ||
66 | The reCAPTCHA v1 implementation was completely removed. | |
67 | This includes the `\wcf\system\recaptcha\RecaptchaHandler` class (not to be confused with the one in the `captcha` namespace). | |
68 | ||
69 | The reCAPTCHA v1 endpoints have already been turned off by Google and always return a HTTP 404. | |
70 | Thus the implementation was completely non-functional even before this change. | |
71 | ||
72 | See [WoltLab/WCF#3781](https://github.com/WoltLab/WCF/pull/3781) for details. | |
944c6773 TD |
73 | |
74 | ## Search | |
75 | ||
76 | The generic implementation in the `AbstractSearchEngine::parseSearchQuery()` method was dangerous, because it did not have knowledge about the search engine’s specifics. | |
77 | The implementation was completely removed: `AbstractSearchEngine::parseSearchQuery()` now always throws a `\BadMethodCallException`. | |
78 | ||
79 | If you implemented a custom search engine and relied on this method, you can inline the previous implementation to preserve existing behavior. | |
80 | You should take the time to verify the rewritten queries against the manual of the search engine to make sure it cannot generate malformed queries or security issues. | |
81 | ||
82 | See [WoltLab/WCF#3815](https://github.com/WoltLab/WCF/issues/3815) for details. |