Freshrss: Adding email verification support

Fwiw, at the time of writing https://wordpress.org/about/stats/ claims:

• 5.2 1.7%
• 5.3 4.1%
• 5.4 6.9%

And also:

https://wordpress.org/about/requirements/

Note: If you are in a legacy environment where you only have older PHP or MySQL versions, WordPress also works with PHP 5.6.20+ and MySQL 5.0+, but these versions have reached official End Of Life and as such may expose your site to security vulnerabilities.

Since 5.3 was EOL some 6 (?) years ago I think it's fair to bump the requirements for a good reason (like PHPMailer).

Thanks for the links, that could be very useful! What we might need is a clear rule of how we support the older PHP versions: I suggest that we could drop support if the versions are used by less than 5% of users, but we would stuck with PHP 5.4, which is not supported by PHPMailer… and 10% seems a lot of users for me. So finally my question remains the same :)

PHP 5.5 is not yet available even in the newest CentOS https://distrowatch.com/table.php?distribution=CentOS (supported until 2024 😛 - but I do not think we should wait that long!) and has just appeared in May in Red Hat (8).
I think it is fine to have optional features that require newer versions of PHP / database / ... while making more efforts to maintain back-compatibility in the core (that is your option number 2).

I thought of mentioning CentOS but decided not to. :-)

I agree with @Alkarex that if you put in some extra effort it makes more sense to make the presumably lesser effort of making it say that this mailing business won't work on <5.5 instead of making it actually work. Especially for this use case, which implies greater technical expertise and more available options.

By the way, part of my reason in mentioning Wordpress is that it's fairly conservative, and has been accused of holding back migration to newer versions of PHP. But even so current WP requires at least 5.6 and current Drupal requires at least 5.5.

Ok, thanks for your insight! I'll go with solution 2 (no email validation if PHP < 5.5). I think I'll have something working pretty soon :)

I think if we want to continue the discussion about the support of PHP, it can go in another ticket if it doesn't exist yet!

@marienfressinaud very related to this: would it be possible to add a 'forgot password' feature which, virtually identical to this new email address verification feature, sends a url to the user to reset his/her password. Or simply email a new randomly generated password. Given the work you already put into #2481 and #2476 , this should be rather straightforward :).

Yes, that's in my next plans! :)

I am looking again at PHP versions, distributions, etc. and I think it would be reasonable to require PHP 5.5+ for the core of FreshRSS after all.

As one of you Frenzie said, WordPress currently requires PHP 5.6.20+, and it is the most popular PHP application.

We would loose about 20% of the PHP servers according to https://w3techs.com/technologies/details/pl-php/5/all but I expect this number to drop fast after the release of CentOS 8 (CentOS accounts for 17% of Linux servers https://w3techs.com/technologies/details/os-linux/all/all ).

Distributions:

• no impact on Ubuntu, Fedora, Alpine, OpenWRT, FreeBSD, OpenSuze, Mageia, as all active versions have PHP > 7
• no impact on Synology, as all active versions have PHP > 5.6
• we drop Debian 8 Jessie (-2020) - we keep supporting Debian 9 Stretch (2017-06) - current is Debian 10 Buster
• we drop Red Hat 7 (-2024) - we keep supporting RHEL 8 (2019-05)
• we drop CentOS 7 (-2024) - we will support CentOS 8 (to be released soonish)

When dropping older versions, I can better like when it is for a good reason, and there is actually one with PHP 5.5, namely generators (yield) https://php.net/language.generators.overview which I consider using. More about that tomorrow - I hope :-)