Update test suite and code for PHP 7.3-8.2

Merged pull request #13

Go with 1.2.2

This is a repository with PHP code, and the design/requirements.txt file is a software engineering document, so I have no idea what you are talking about.

We discovered a malicious backdoor in the project's dependencies, affected versions are 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737. Its malicious backdoor is the request package, the MvcTools/design/requirements.txt file has a dependency request.

Even if the request has been deleted by PyPI, many mirror sites have not completely deleted this package, so it can still be installed. For example: https://mirrors.neusoft.edu.cn/pypi/web/simple/request/

Using such a mirror site to download and install this item will be vulnerable.

Analysis of malicious function of request package: 1.Remote download of malicious code When the request package is installed, the setup.py file in the package will be actively executed. The setup.py file contains the logic for the attacker to remotely download and execute malicious code. At the same time, the C2 domain name is encoded and obfuscated. The decrypted C2 address is: https://dexy.top/request/check.so. 2.Release the remote control Trojan and persist it The malicious code loaded remotely during the installation of the request package includes two functions: Release the remote control Trojan to the .uds folder of the current user's HOME directory. The Trojan name is _err.log (for example, /root/.uds/_err.log). The content of the _err.log remote control Trojan script is encoded and compressed by base64, which reduces the size and enhances the confrontation. Implant malicious backdoor commands in .bashrc to achieve persistence 3.Issue stealing instructions The attacker issues python secret stealing instructions through the remote control Trojan to steal sensitive information (coinbase account secret) After decrypting the stealing instruction, the function is to request the C2 service: http://dexy.top/x.pyx, and remotely load the stealing Trojan. Some of the functions of the remotely loaded secret stealing Trojan are shown below, which are used to steal browser cookies, coinbase accounts and passwords, etc.

Repair suggestion: replace request in MvcTools/design/requirements.txt with requests

Send email upon failure too

Automate signing up for support packages

Get rid of unused code

Fixed HTML

Show errors during development

Added configuration

Add getCost on stripe result

Add email address if something goes wrong

Send email upon failure too

Merge branch 'add-stripe'

Added configuration

Add getCost on stripe result

Add email address if something goes wrong

Add email address if something goes wrong

Add getCost on stripe result

Added configuration

Update tzdb to 2023.2

Update tzdb to 2023.2

Merge branch 'v2021' into v2022

Merge branch 'v2022'

Update tzdb to 2023.2

Merge branch 'v2021' into v2022

Updated to version 2023.2 (2023b)

Empty merge

Updated to version 2023.2 (2023b)

Empty merge

Updated to version 2023.2 (2023b)

Updated to version 2023.2 (2023b)

Empty merge

Updated to version 2023.2 (2023b)

Updated to version 2023.2 (2023b)

Updated to version 2023.2 (2023b)

Updated to version 2023.2 (2023b)

Fixed PHP 8.2 dynamic property generation warning

Include instructions on how to run PhD from the Git checkout

The docs for this function say its an alias of the constructor, but the two work slightly differently. date_create_immutable does not thrown an exception if the input string is invalid, it returns false. The constructor throws an exception in that case.

https://www.php.net/manual/en/function.date-create-immutable.php

See: https://3v4l.org/LeI4n

Fix #2322: date_create_immutable not an alias

Fix GH-10583: DateTime modify with tz pattern should not update linked timezone

Merge remote-tracking branch 'derickr/issue10583' into PHP-8.1

Fix GH-10583: DateTime modify with tz pattern should not update linked timezone

ext/pdo_sqlite: simplifying sqlite3_exec usage. (#10910)

pdo_sqlite_error copy the error message via the php's allocator, while the one from sqlite3_exec is unused.

Merge remote-tracking branch 'derickr/issue10583' into PHP-8.1

Merge branch 'PHP-8.1' into PHP-8.2

Merge branch 'PHP-8.2'

Fix GH-10583: DateTime modify with tz pattern should not update linked timezone

Merge remote-tracking branch 'derickr/issue10583' into PHP-8.1

Merge branch 'PHP-8.1' into PHP-8.2