i am concerned that non technical users dont know what php is.

It would be beneficial if this explained the benefits of upgrading the php version and how easy it usually is

i am concerned that non technical users dont know what php is.

Well without turning this into a full screen notification, hard to really explain it. Totally valid concern, but not easy to deal with. Unlike other projects who encourage users to not need to be technical, I think it's borderline irresponsible to not at least know what platform(s) your site is running on.

I live in the real world not the technical world. ;)

If you dont explain the benefits or how easy it usually is to upgrade we will lose users who just assume their hosting doesnt support joomla.

I am not against this concept just the implementation

Suggestions welcome. I'm just trying to keep this from becoming a full screen notification.

We highly recommend upgrading your server to a newer PHP version. Please contact your host for upgrade instructions."

==>

Joomla will be faster and more secure if you upgrade to a newer PHP version (preferably 7.x). Contact your host - they can usually do this for you very easily.

For reference our previous message was

COM_CPANEL_MSG_PHPVERSION_BODY="Beginning with Joomla! 3.3, the version of PHP this site is using will no longer be supported. Joomla! 3.3 will require at least PHP version 5.3.10 in order to provide enhanced security features to its users."

The new language files needs to be added to the install.xml ;)

And the update sql ;P

And the update sql ;P

What update SQL?

That it get enabled on update. The update sql in com_admin :)

Ignore that i have just not saw it. Sorry

Should this message be shown to super users/administrators only perhaps? We may assume they know what PHP is.

Should this message be shown to super users/administrators only perhaps? We may assume they know what PHP is.

Even that's an overly broad assumption.

I don't think that's a valid assumption at all.

In that case just show it to everyone and they can google what PHP is.

I hope that was a joke

Right now it shows on the backend to everyone similarly to the 2.5 EOS plugin.

i don't have any server to test this since my servers php version are all 7.x ... ok. that it's probably good news 😄

Should be tagged to New Feature I guess.

its a little bit too much nag in this way

I have tested this item ✅ successfully on 866376b

I recommend not using YYYY-MM-DD as internationally this can be read as YYYY-DD-MM by some... as proved on 2016-08-03 when I got 7 birthday wishes from services :)

We should add a link to a page on docs where we explain it with more details, can be also translated into other languages.

i would just make a link to https://secure.php.net/supported-versions.php

@andrepereiradasilva that's too technical, I would prefer something that explains the reason and how to do it on a non technical level

Some notes:

1 . I have similar nagging warnings about PHP 5.3 and about PHP configuration,

so i want add my opinion here

• what about adding a counter to session after it appears 3 times for current session then go away

why the above is good to do ?
because if it appears too many times, then users will disable the plugin and forget about it,
but if it appear e.g. 3-4 times then people may let the plugin enabled and eventually more people will upgrade

2 .

i would just make a link to https://secure.php.net/supported-versions.php

excellent idea if all users were advanced users, I think current messages are a little more work for maintaining the plugin, but faster / easier to read for most users

• still i think adding the link to the page with "read more here" is ok as long as we do not remove the inline messages

3 . The message appearing in backend login screen is an oversight right ?, we do not want it there

Not in favour of this message being displayed to unauthenticated users

Not in favour of this message being displayed to unauthenticated users

Agree

agreed, never ever on the login screen

I have tested this item ✅ successfully on 866376b

works as expected, also changed the security date for 5.6 and the message popped up

I have tested this item 🔴 unsuccessfully on 866376b

On a page with an iframe such as the media manager you get the nag screen multiple times
http://i.tee.mn/jUAg.png

confirming @brianteeman findings, shows up twice in the media manager, we might limit this message to the control panel

i also think this is warning not an error.
So please change the message type to warning.

i know we all which all users are in php 7.x, but joomla right now works in 5.3 so it's a warning.
An error is when something does not work.

I have tested this item ✅ successfully on 866376b

@brianteeman Yes, that was a joke.

I agree that we should show it as a warning and a link to a non-technical document explaining the situation to users.

Can we agree on:

• show only on control panel
• Error should be warning
• Warning should be notice
• Link to docs explaining it for non-technical audience

@mbabker check mbabker#24 for the issue @brianteeman reported above

@rdeutz +10 from me on all 4

On 7 August 2016 at 11:58, Dimitri Grammatikogianni <
notifications@github.com> wrote:

@mbabker https://github.com/mbabker check mbabker#24
mbabker#24 for the issue @brianteeman
https://github.com/brianteeman reported above

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#11498 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABPH8Q34jgQTMqplJWoA62_A4Aa3WUQPks5qdbpXgaJpZM4JeXQf
.

Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/

Why don't we use the same view as "Post-install messages"?
Just on the admin dashboard and not in each page.

Does anyone ever read post-install messages?

If someone reads them is not the question, if it is the right spot to show such a message, I think it isn't.

@nikosdion has been warning about PHP versions at the top of his extensions for a long time. It might be nice to ask his opinion on this. As I see the warning messages daily, they are probably just ignored at the top of an extension too...

@rdeutz where could be the right place?

@jeckodevelopment where people see it, control panel is the right place I think

It's not that the message is ignored, it's that the hosts mislead in their replies.

User sees warning about using PHP 5.4, asks host to update their site. Host replies "our servers are PHP 5.6 ready". User thinks the message is wrong and that they are running PHP 5.6. What the host meant is that you can go to the hosting control panel to activate PHP 5.6.

Those if you implement such a plugin (which shows a big fat red message in the control panel) the wording should be:

We have detected that your server is using PHP %s which is obsolete and no longer receives official security updates by its developers. The Joomla projects recommends upgrading your site to PHP 5.6 or later which will receive security updates at least until December 2018. Please ask your host to make PHP 5.6 or a later version the default version for your site. If your host is already PHP 5.6 ready please enable PHP 5.6 on your site's root and 'administrator' directories – typically you can do this yourself through a tool in your hosting control panel, but it's best to ask your host if you are unsure.

FWIW I Receive half a dozen emails every month from people who got confused by their host's reply and tell me I have a "bug" for reporting that they are using PHP 5.3/5.4. When I give them a reply similar to above they tend to understand that they can switch to a newer PHP version and they do. Don't give up the fight to help people update PHP. It is worth it not only for their security but also our sanity as developers ;)

Thank you @nikosdion

Trying to go through this all in one comment:

I recommend not using YYYY-MM-DD as internationally this can be read as YYYY-DD-MM by some... as proved on 2016-08-03 when I got 7 birthday wishes from services :)

@PhilETaylor It uses the DATE_FORMAT_LC4 key so it gets localized to the language's definition. For the Americans using British English if you still haven't figured out that Joomla uses MM-DD instead of DD-MM you've got other issues 😉

Not in favour of this message being displayed to unauthenticated users

@brianteeman Patched it.

i also think this is warning not an error.
So please change the message type to warning.

@andrepereiradasilva I disagree. It is a "major" warning that the user is running unsupported software. We should not be "polite" about the type of warning we raise in this case. It's the same reaction as when users come up reporting issues on Joomla 1.5 or 2.5 installs, usually the first response is "upgrade".

The intent is not to give the user a kind feeling here. They need to be fully aware that they are using software that no longer receives support. If we want a "hold the user's hand and make them feel good" approach, then shove this in the postinstall messages screen so it can be ignored. If we want to do something proactive, this is the way to go. Granted the language and references can be massively improved, but I don't want this to turn into something the user's going to blow off just because we made the message far too friendly.

This is indeed a great way to push people to higher PHP versions.

I would make it an error and not a warning, an warning is too soft, especially when you want to remove to support for certain PHP versions in the next major.

Adding a link to a Joomla doc with information for the normal users and system administrators is an necessary thing, too make sure the error does not get to big. Helping with creating this doc is no problem.

Never show information like this on the login screen, if we do this we would great a possible security problem. Because we would give outsiders the information that the host is not up to date on PHP level.

I will test this PR tomorrow on the different PHP versions.

This is where we're at now for unsupported. And yes I did fudge the code to fake the check because the only PHP versions I have functional on my laptop these days are 5.6 and 7.0.

it is not an error by any definition that we use the term error currently

i we start to use error when it is not an error then people will ignore
real errors. its "sheep in wolves clothing syndrome"

On 7 August 2016 at 17:29, Michael Babker notifications@github.com wrote:

This is where we're at now for unsupported. And yes I did fudge the code
to fake the check because the only PHP versions I have functional on my
laptop these days are 5.6 and 7.0.

[image: screen shot 2016-08-07 at 11 28 57 am]
https://cloud.githubusercontent.com/assets/368545/17463731/3423a7f2-5c92-11e6-8ee8-d6e5b25a7d14.png

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#11498 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABPH8Zhlmof68zoXWAuqtSPdoNvD6PJbks5qdggFgaJpZM4JeXQf
.

Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/

Well we've already done that, just look at the "Joomla! 3.6.2 is available" notification right above.

i agree with brian that should be a warning.

Well we've already done that, just look at the "Joomla! 3.6.2 is available" notification right above.

repeating a problem, doesn't make it right...

So by the argument we have on that page right now, contextually it's an error if a user doesn't update Joomla or its extensions but it's only a warning if a user doesn't update PHP?

i we start to use error when it is not an error then people will ignore

Keep it a error message (red)

• but show it only at control panel
• if also showing it at other pages, then display it no more than a max of 3 times per session in non-control panel pages

I will change it to be consistent with the 2.5 EOS plugin to only show on the control panel.

I will NOT add a session counter.
I will NOT change the error type. I will add how the 2.5 EOS plugin is rendered as an error message as additional justification for this stance.

If that will preclude this being merged I'll just close this. I'm taking a stand on what I believe is the correct approach to this.

+1 on Michael's approach (or you will all bitterly regret being stubborn in a year or so, as always).

Just have balls and commit this without watering it down - listen to those of us that have to deal with the idiots on PHP 5.3 on a daily basis...

It should be in your face, in red and bold, on every page and un-dismissable.

If that will preclude this being merged I'll just close this.

this plugin / message is needed for reasons already discussed, nobody said not to add this

I will NOT add a session counter.

Only a suggestion if this is to be displayed in non-control panel pages

• why i suggested it , because imagine that a website is upgraded to newer PHP e.g. after 2 days or 2 weeks, people will see it for 2days or 2 weeks in all backend pages ? while working in site's backend for hours everyday ? or did you say to only show it at control panel area ?

Ok, i see you all prefer the error aproach. since this is the current practice (2.5 EOL, joomla update notification, extension updates notification) is consistent, so fine by me.

@mbabker i have just one question, what happens when php 7.1 is released/used.

@mbabker i have just one question, what happens when php 7.1 is lanched/used.

The checks default to the PHP version being supported so messages aren't rendered for unknown versions. When a PHP version isn't found in the array, then it takes no action (we don't have data on the PHP version so we err on the side of caution and do nothing), specifically this line.

because imagine that a website is upgraded to newer PHP e.g. after 2 weeks, people will see it for 2 weeks in all backend pages ?

It's a plugin, disable it if you're tired of Joomla nagging. At least I'm giving you that option and not hardcoding it directly into JApplicationAdministrator's constructor.

ok thanks, will test faking the php versions.

I have tested this item ✅ successfully on 3681966

works as described

It's a plugin, disable it if you're tired of Joomla nagging. At least I'm giving you that option and not hardcoding it directly into JApplicationAdministrator's constructor.

yes, after googling
"how i disable annoying message about php version in joomla",

they will find a web page with instructions to disable the plugin,
and then they will forget about it,
and that will defeat the purpose of upgrading the PHP

Too annoying messages are usually turned off and then forgotten

but i looked at the code you have already limitted the display to control panel,
which is very good, because

• people will see it once at every login
• now it is unlikely that they will disable the plugin !

in fact i think it is great now !!, i ll test

but i looked at the code you have already limitted the display to control panel,

Which I think is the wrong move but politics seems to dictate that we can't be excessively annoying in telling users they should be responsible and update their stuff. ¯\_(ツ)_/¯

I have tested this item ✅ successfully on 3681966

I have tested this item ✅ successfully on 3681966

I have tested this item ✅ successfully on 3681966

RTC Please

The only thing that last commit does is change the method name per @elkuku suggestion. Shouldn't need re-testing.

I have tested this item ✅ successfully on f236d70

only method name changed.

Merged to 3.7.x with e4894d2 Thanks Michael!

Doing the job of the lazy bot and removing the rtc flag