Slim: mcrypt_module_open is deprecated - PHP 7.1.11

Can you upgrade to 2.6.4 ?... oh there isn't a 2.6.4 release....

@cacharrin You need to run composer require phpseclib/mcrypt_compat in your project. That should fix the issue.

Hi @silentworks, I already require it, with no luck. Same error is thrown.

The best solution is to replace mcrypt with openssl. For new ciphers, eg. poly, you need sodium.

You can disable deprecated warnings:

error_reporting = E_ALL & ~E_DEPRECATED

@akrabat I suggest set upper compatible version of php less than 7.1 for branch 2.x. Because this issue cannot be solved without breaking backward compatibility or the solution will be very complex.

Any updates on this?

I suggest set upper compatible version of php less than 7.1 for branch 2.x. Because this issue cannot be solved without breaking backward compatibility or the solution will be very complex.

Using cookie encryption is optional in Slim 2 and if you don't use this functionality, Slim 2 works perfectly find in PHP 7.1.

Any updates on this?

if you create a backwards compatible PR that solves this problem, I'm prepared to entertain it.

if you create a backwards compatible PR that solves this problem, I'm prepared to entertain it.

I don't know how to solve this :(

anybody got the solution?

Install the mcrypt extension from PECL or look at mcrypt_compat.

I had the same error, but as temporary solution I added @ before every mcrypt that shows the issue.
@mcrypt_module_open

@cacharrin Try this:

Install the mcrypt_compat polyfill

composer require phpseclib/mcrypt_compat

Add this entry into composer.json

``json "provide": { "ext-mcrypt": "*" } ```` Runcomposer update`

Hi Daniel, I just did it, with no luck.

I already required phpseclib/mcrypt_compat

I added

"provide": {
"ext-mcrypt": "*"
}

to composer.json and run "composer update", but it throws:

composer update Loading composer repositories with package information
Updating dependencies (including require-dev) Package operations: 0
installs, 13 updates, 1 removal [InvalidArgumentException] Package is not
installed: ext-mcrypt-7.1.11.0 update [--prefer-source] [--prefer-dist]
[--dry-run] [--dev] [--no-dev] [--lock] [--no-custom-installers]
[--no-autoloader] [--no-scripts] [--no-progress] [--no-suggest]
[--with-dependencies] [-v|vv|vvv|--verbose] [-o|--optimize-autoloader]
[-a|--classmap-authoritative] [--apcu-autoloader] [--ignore-platform-reqs]
[--prefer-stable] [--prefer-lowest] [-i|--interactive] [--root-reqs] [--]
[]...

2018-03-19 8:53 GMT-05:00 Daniel Opitz notifications@github.com:

@cacharrin https://github.com/cacharrin Try this:

Install the mcrypt_compat polyfill

composer require phpseclib/mcrypt_compat

Add this entry into composer.json:

"provide": {
"ext-mcrypt": "*"
}

Run composer update

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/slimphp/Slim/issues/2362#issuecomment-374218944, or mute
the thread
https://github.com/notifications/unsubscribe-auth/ABQsKUdOQwdnUEUkkYGPH88FSjVZFRWXks5tf7hbgaJpZM4Q4fP3
.

--
Felipe Botero Londoño
Ingeniero de Sistemas y Telecomunicaciones.

@cacharrin Sometimes composer goes stupid -- Destroy your vendor folder and composer.lock file.
Remove your "provide":{"ext-mcrypt": "*"} from composer.json
Then run composer require phpseclib/mcrypt_compat and see if that fixes your issue.

Just did it,

Same error:

[InvalidArgumentException]
  Package is not installed: ext-mcrypt-7.1.11.0

I tried to do: composer require ext-mcrypt
and then, composer update.

"Error: Package is not installed" is gone...
But initial error persists:
Function mcrypt_module_open() is deprecated in D:\Project\vendor\slim\slim\Slim\Http\Util.php:106

This function has been DEPRECATED as of PHP 7.1.0 and REMOVED as of PHP 7.2.0. Relying on this function is highly discouraged.

http://php.net/manual/de/function.mcrypt-module-open.php

You are using PHP 7.1, which means that the PHP mcrypt extension should still exist, but will display a warning. Thats why the phpseclib/mcrypt_compat polyfill will only work for PHP 7.2+.

You could completely disable the PHP 7.1 mcrypt extension in the php.ini file (restart the webserver service) and try to install the phpseclib/mcrypt_compat polyfill via composer again.

Second option: Upgrade to Slim 3 :-)

How to disable mcrypt extension?

I just searched for:
extension=php_mcrypt.dll
in my php.ini file with no luck.

There is just the configuration section with default values:

[mcrypt]
; For more information about mcrypt settings see http://php.net/mcrypt-module-open

; Directory where to load mcrypt algorithms
; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt)
;mcrypt.algorithms_dir=

; Directory where to load mcrypt modes
; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt)
;mcrypt.modes_dir=

Ok, in this case mcrypt is compiled statically with the PHP binaries. There is no .dll any more you can disable. Sorry, my mistake. Can you update to XAMPP with PHP 7.2?

Just change from:
$this->_handle = mcrypt_module_open($cipher, '', $mode, '');
to
$this->_handle = @mcrypt_module_open($cipher, '', $mode, '');
with "@" hope it can help

Adding

"provide": { "ext-mcrypt": "*" }

to composer.json doesn't install the extension. You need to install it via pecl or whatever system your distro uses if you're using a built-in PHP.

Also, It's a deprecation warning. If you are using PHP 7.1, then in my opinion, you should disable E_DEPRECATED in production, so that they don't clog up your log files.

You should then look to replace Slim 2's cookie encryption with your own solution as middleware.