Home > Archive > PHP Pear > December 2007 > Re: [PEAR] installing HTTP_Request
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Re: [PEAR] installing HTTP_Request
|
|
| Bennett Haselton 2007-12-05, 7:05 pm |
| Sorry, meant to send this to the whole list:
>Date: Wed, 05 Dec 2007 09:43:46 -0800
>To: Christian Weiske <cweiske@cweiske.de>
>From: Bennett Haselton <bennett@peacefire.org>
>Subject: Re: [PEAR] installing HTTP_Request
>
>
>That gives the error "unrecognized option"
>[root@D2585 ~]# pear upgrade --force -O PEAR-1.3.6.tgz
>Archive_Tar-1.3.1.tgz Console_Getopt-1.2.tgz pear upgrade --force -O
>PEAR-1.4.11 pear upgrade PEAR
>Console_Getopt: unrecognized option -- O
>[root@D2585 ~]#
>
>
>The funny thing is I tried this on three other dedicated machines and
>"pear upgrade PEAR" also gave errors on every one (all CentOS 4.4 or 4.5):
>
>[root@mail ~]# pear -V
>PEAR Version: 1.3.2
>PHP Version: 4.3.9
>Zend Engine Version: 1.3.0
>Running on: Linux mail.islamicnetwork.com 2.6.9-55.0.9.EL #1 Thu Sep 27
>18:10:45
> EDT 2007 i686
>[root@mail ~]# pear upgrade PEAR
>
>Notice: Undefined index: st in RPC.php on line 292
>downloading PEAR-1.6.2.tgz ...
>Starting to download PEAR-1.6.2.tgz (297,794 bytes)
>.....................done: 297,794 bytes
>requires package `PEAR' >= 1.3.3
>requires package `Archive_Tar' >= 1.3.1
>requires package `Structures_Graph' >= 1.0.2
>PEAR: Dependencies failed
>[root@mail ~]#
>
>
>
>[root@d2545 ~]# pear -V
>PEAR Version: 1.3.2
>PHP Version: 4.3.9
>Zend Engine Version: 1.3.0
>Running on: Linux d2545.servadmin.com 2.6.9-42.0.8.EL #1 Tue Jan 30
>12:10:22 EST
> 2007 i686
>[root@d2545 ~]# pear upgrade PEAR
>
>Notice: Undefined index: st in RPC.php on line 292
>downloading PEAR-1.6.2 ...
>Starting to download PEAR-1.6.2 (-1 bytes)
>...done: 0 bytes
>could not extract the package.xml file
>[root@d2545 ~]#
>
>
>
>[root@localhost ~]# pear upgrade PEAR
>
>Notice: Undefined index: st in RPC.php on line 292
>downloading PEAR-1.6.2.tgz ...
>Starting to download PEAR-1.6.2.tgz (297,794 bytes)
>.................done: 297,794 bytes
>requires package `PEAR' >= 1.3.3
>requires package `Archive_Tar' >= 1.3.1
>requires package `Structures_Graph' >= 1.0.2
>PEAR: Dependencies failed
>
>
>How likely is it that four randomly selected machines would all have a
>broken PEAR installation on them? Is there perhaps a deeper problem here?
>
>All I want is to test a remote URL and find out yes/no if the URL exists
>or not. Is there some way to do that with 4 lines of code? I always used
>LWP::UserAgent when programming in Perl so I don't know much about direct
>socket programming.
>
> -Bennett
| |
| Christian Weiske 2007-12-05, 7:05 pm |
| | |
| Bennett Haselton 2007-12-05, 7:05 pm |
| At 07:49 PM 12/5/2007 +0100, Christian Weiske wrote:
>
>PEAR 1.3.2 is pretty old and the new channel.xml probably causes
>problems with this antique version.
Heh, is that normal -- that if a version is deployed on (apparently) the
majority of machines on the Internet, that the project not only drops
support for that version, but drops support for *upgrading* from that
version?
I hope they might consider making the upgrade backward-compatible with
1.3.2 at some point.
Well I offered RentACoder.com $25 for anyone who could write me a PHP
function that returns 1 or 0 for a working/nonworking URL without using
PEAR packages; in the meantime, starting with the instructions at
http://pear.php.net/manual/en/installation.php
should I uninstall PEAR before attempting to re-install it? i.e., what
exactly should I do to uninstall PEAR, and then which of the pages linked
from http://pear.php.net/manual/en/installation.php should I start
following the steps on to install the latest one?
-Bennett
bennett@peacefire.org http://www.peacefire.org
(425) 497 9002
| |
| Christian Weiske 2007-12-05, 7:05 pm |
| | |
| Gregory Beaver 2007-12-05, 10:05 pm |
| Bennett Haselton wrote:
> At 07:49 PM 12/5/2007 +0100, Christian Weiske wrote:
>
> Heh, is that normal -- that if a version is deployed on (apparently) the
> majority of machines on the Internet, that the project not only drops
> support for that version, but drops support for *upgrading* from that
> version?
>
> I hope they might consider making the upgrade backward-compatible with
> 1.3.2 at some point.
>
> Well I offered RentACoder.com $25 for anyone who could write me a PHP
> function that returns 1 or 0 for a working/nonworking URL without using
> PEAR packages; in the meantime, starting with the instructions at
> http://pear.php.net/manual/en/installation.php
> should I uninstall PEAR before attempting to re-install it? i.e., what
> exactly should I do to uninstall PEAR, and then which of the pages
> linked from http://pear.php.net/manual/en/installation.php should I
> start following the steps on to install the latest one?
PEAR 1.3.2 was buggy in some serious ways. The earliest fully
functioning version of PEAR is 1.3.3. The bugs you are experiencing are
some of the reasons we have released newer versions.
You are also using a very old version of PHP, one that has many known
security vulnerabilities, that may be of greater concern than the
upgrading of PEAR, were I in your shoes.
As for making it possible to upgrade from 1.3.2, it is possible, but the
problem is that 1.3.2 has so many serious bugs in it, it is not capable
of doing an upgrade properly, and will leave your system corrupted.
This is not something that can be fixed, except by upgrading.
Incidentally, the majority of machines - active machines - on the
internet are using PEAR version 1.5.0 or newer, in fact upwards of
99.8%, based on the apache server logs at pear.php.net, so the fact that
you are using 1.3.2 puts you in a rather severe minority :).
Greg
| |
| Bennett Haselton 2007-12-06, 4:17 am |
| At 06:26 PM 12/5/2007 -0600, Gregory Beaver wrote:
>You are also using a very old version of PHP, one that has many known
>security vulnerabilities, that may be of greater concern than the
>upgrading of PEAR, were I in your shoes.
>
>As for making it possible to upgrade from 1.3.2, it is possible, but the
>problem is that 1.3.2 has so many serious bugs in it, it is not capable
>of doing an upgrade properly, and will leave your system corrupted.
>This is not something that can be fixed, except by upgrading.
Well all I know is that 4 freshly set up dedicated servers all had PEAR
1.3.2 installed on them by default, so I figured that meant it was quite
common out there. Although I don't know, since it sounds like you don't
get this question often!
If enough people ask the question maybe there could be an additional page
on the "Installation" section of the wiki about how to do an upgrade from
1.3.2 (which would really be a complete un-install followed by an install).
>Incidentally, the majority of machines - active machines - on the
>internet are using PEAR version 1.5.0 or newer, in fact upwards of
>99.8%, based on the apache server logs at pear.php.net, so the fact that
>you are using 1.3.2 puts you in a rather severe minority :).
I suspect your server log stats might be biased by the fact that anybody
using version 1.3.2 would get an error and stop using the site immediately
:)
-Bennett
| |
| Gregory Beaver 2007-12-06, 4:17 am |
| Bennett Haselton wrote:
> At 06:26 PM 12/5/2007 -0600, Gregory Beaver wrote:
>
> Well all I know is that 4 freshly set up dedicated servers all had PEAR
> 1.3.2 installed on them by default, so I figured that meant it was quite
> common out there. Although I don't know, since it sounds like you don't
> get this question often!
You might want to alert the sy mins that they are opening their
machine to serious security vulnerabilities with these ancient php/pear
versions, and the fix is ridiculously simple.
> If enough people ask the question maybe there could be an additional
> page on the "Installation" section of the wiki about how to do an
> upgrade from 1.3.2 (which would really be a complete un-install followed
> by an install).
http://pear.php.net/manual/en/faq.php
>
> I suspect your server log stats might be biased by the fact that anybody
> using version 1.3.2 would get an error and stop using the site
> immediately :)
Not true - PEAR 1.3.2 can install packages, it's just not very smart
with php-cgi.
Greg
| |
| Bennett Haselton 2007-12-06, 4:17 am |
| At 10:58 PM 12/5/2007 -0600, Gregory Beaver wrote:
>Bennett Haselton wrote:
> the
> capable
> quite
> don't
>
>You might want to alert the symins that they are opening their
>machine to serious security vulnerabilities with these ancient php/pear
>versions, and the fix is ridiculously simple.
I'd say that if 4 out of 4 dedicated hosting providers are doing something
wrong, probably most of the rest of them are too, and it's a losing battle
to try and set them straight one at a time. The problem seems to be that
this "ancient, insecure" version of PEAR is included with CentOS 4.x by
default, so I'd try to persuade the CentOS people to fix that. I have no
idea if they'd even make changes to 4.x after 5.x is out, I'm sure most
people on this list know better than me how that works.
-Bennett
bennett@peacefire.org http://www.peacefire.org
(425) 497 9002
| |
| Gregory Beaver 2007-12-06, 4:17 am |
| Bennett Haselton wrote:
> At 10:58 PM 12/5/2007 -0600, Gregory Beaver wrote:
>
> I'd say that if 4 out of 4 dedicated hosting providers are doing
> something wrong, probably most of the rest of them are too, and it's a
> losing battle to try and set them straight one at a time. The problem
> seems to be that this "ancient, insecure" version of PEAR is included
> with CentOS 4.x by default, so I'd try to persuade the CentOS people to
> fix that. I have no idea if they'd even make changes to 4.x after 5.x
> is out, I'm sure most people on this list know better than me how that
> works.
Thanks Bennett, this would be very helpful. Most distros are
distributing newer PEAR versions, it would be really great to have all
of them doing so for the sake of people like you who wouldn't need to
waste time asking on pear-general how to fix it.
:)
Greg
|
|
|
|
|