PHP 4.4.6 and preg_match() – or: PCRE 7.0 sucks

php-med-trans-light.gifWith the release of PHP 4.4.6 on March 1st PHP developers updated the PCRE version that’s included in the PHP4 tarball from PCRE 6.7 to PCRE 7.0. Unfortunately PCRE 7.0 has “some issues” with certain regular expressions – if you have recently upgraded to PHP 4.4.6, use regular expression functions such as preg_match and are wondering about strange “Internal Server Error” messages or empty pages – stop wondering. It’s a more or less documented “bogus” bug at php.net (Bugtracker, ID 40706) that they won’t fix because it’s within PCRE and not within PHP. Their solution? Upgrade to PHP 5.
You can’t? Well you can use PCRE 6.7 of the “old” PHP 4.4.5 version with PHP 4.4.6. Just follow the steps below. 🙂

Get the source package of PHP 4.4.5. You can either get it from the older releases page or by manually editing the version number in the download link of the current version. Unpack it into some directory of your choice.
Then go to the “ext” directory within the source directory of PHP 4.4.6, rename the “pcre” folder and copy the “pcre” folder of PHP 4.4.5 into this directory.
At this point you are nearly done. Just edit the “configure” script so that it builds the PCRE 6.7 extensions (some file names have changed). You can either diff the configure scripts yourself and look for the changed PCRE line, or feel free to use this patch.

The result (hopefully): A PHP4.4.6 setup with working regular expressions based on PCRE 6.7.

Ah, while at it: You might want to patch in support for the “allow_url_include” config setting (a new PHP5 feature; small php5 patch here). It’s also quite handy if you’re stuck with PHP4 – it basically stops people from include()’ing external URLS, a feature thats mostly abused by spammers (ab)using badly written PHP scripts.
And if that’s not enough have a look at the hardened php project. It’s worth it.

Comments are closed.