Add legacy WordPress support on PHP 5.2

[JanJakes]

Stacked on #3501 (Add PHP 5.2 WebAssembly builds and runtime support). Review that PR first.

Summary

Boot legacy WordPress (1.0 – 6.2) in the browser, with SQLite as the database.

The Playground settings panel gains an "Include older versions" checkbox that exposes every WordPress release from 1.0 through 6.9 (with jazz release code names) and auto-locks the PHP version to whatever runs it.

Replaces and closes #3469 (the PHP 5.6 version of the same feature).

What's in this PR

Builds on the PHP 5.2 WASM runtime from #3501 and adds:

• Offline PHP 7+ → 5.2 downgrader (scripts/php52-downgrader/) — a nikic/PhpParser pipeline of ~20 visitors that strips modern syntax so arbitrary PHP 7-era files parse on PHP 5.2.
• SQLite plugin patcher (scripts/patch-sqlite-for-php52.mjs) — produces a PHP 5.2-compatible build of the upstream SQLite integration plugin.
• Legacy WordPress boot flow (wordpress/src/boot.ts, legacy-wp-fixes.ts, mysql-shims.ts) — legacy-aware installer path, PDO table fallback for WP < 3.5, ~3400 lines of targeted source patches for WP 1.0 – 2.8 parser/SQL quirks, auth/nonce compat, wp-db.php SQLite compatibility, and more.
• WP 5.0–6.2 on PHP 7.4 — extends the legacy boot to cover the mid-modern range where PHP 8.x is unreliable.
• Site settings UI — "Include older versions" checkbox + grouped dropdown + automatic PHP locking: WP 1.0 – 4.9 → PHP 5.2, WP 5.0 – 6.2 → PHP 7.4, WP 6.3+ → default.
• Release code names — WP version picker shows jazz-musician shorthand (e.g. "6.9 (Gene)", "4.9 (Tipton)").
• TinyMCE content_css fix — inlines editor CSS via content_style to work around TinyMCE's document.open() creating a service-worker-uncontrolled iframe.

Test plan

Automated (Playwright, all 32 legacy versions)

npm run dev
# Wait for http://localhost:5400/website-server/ to be ready
node packages/playground/wordpress/tests/test-legacy-wp-version-boot.mjs

Covers front page, single post, admin dashboard, new post page, and plugin activation across every WP minor release from 1.0 to 6.2.

Manual UI walk-through

1. npm run dev and open http://localhost:5400/.
2. Open the settings gear → tick Include older versions.
3. Verify the WP dropdown shows two groups and every release from 1.0 to 6.9.
4. Pick WP 4.9 → PHP locks to 5.2 (disabled).
5. Pick WP 5.5 → PHP locks to 7.4 (disabled).
6. Pick WP 4.8, go to Posts → Add New, verify TinyMCE loads without CSS errors.

🤖 Generated with Claude Code

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Adds first-class legacy WordPress (1.0–4.9) support by introducing a PHP 5.2 WASM runtime, a PHP 7+→5.2 downgrader pipeline for the SQLite integration plugin, and end-to-end boot/install fixes plus UI + CI coverage to select and validate older WordPress versions.

Changes:

• Added PHP 5.2 runtimes (node + web), wiring them into loaders and version typing (AllPHPVersion).
• Implemented an AST-based PHP 7+→5.2 downgrader (many visitors + pretty printer) and bundled a prepatched SQLite plugin zip for PHP 5.2.
• Updated Playground boot flow, worker downloads, and website settings UI to support “Include older versions” + automatic PHP version locking; added Playwright coverage and CI job.

Reviewed changes

Copilot reviewed 82 out of 99 changed files in this pull request and generated 10 comments.

Show a summary per file

File	Description
tsconfig.base.json	Adds TS path aliases for new PHP 5.2 node/web build packages.
scripts/php52-downgrader/src/Visitor/VariadicAndSplatVisitor.php	Downgrades variadics and splat calls to PHP 5.2-compatible forms.
scripts/php52-downgrader/src/Visitor/StripTypeDeclarationsVisitor.php	Removes PHP 7+ type declarations for PHP 5.2 compatibility.
scripts/php52-downgrader/src/Visitor/ShortTernaryVisitor.php	Lowers ?: short ternary to full ternary with temp vars when needed.
scripts/php52-downgrader/src/Visitor/SelfParentStaticRewriter.php	Rewrites self/parent/static references when hoisting code out of class scope.
scripts/php52-downgrader/src/Visitor/ReservedMethodRenameVisitor.php	Renames reserved/invalid method identifiers to keep output parseable.
scripts/php52-downgrader/src/Visitor/PromoteForHoistedClosuresVisitor.php	Promotes member visibility to support hoisted-closure $this access on PHP 5.2.
scripts/php52-downgrader/src/Visitor/Php7ErrorClassesVisitor.php	Maps PHP 7 error classes/Throwable to Exception.
scripts/php52-downgrader/src/Visitor/NullsafeVisitor.php	Lowers PHP 8 nullsafe operator to ternary + temps.
scripts/php52-downgrader/src/Visitor/NullCoalescingVisitor.php	Lowers ?? and ??= into PHP 5.2-compatible forms.
scripts/php52-downgrader/src/Visitor/NamespaceStripVisitor.php	Strips namespaces and leading \ in names for PHP 5.2 parsing.
scripts/php52-downgrader/src/Visitor/LateStaticBindingVisitor.php	Rewrites static:: to self:: for PHP 5.2 (drops LSB).
scripts/php52-downgrader/src/Visitor/InstanceCallOnNewVisitor.php	Rewrites (new Foo())->method/prop access into helper calls.
scripts/php52-downgrader/src/Visitor/FinallyVisitor.php	Lowers finally blocks by duplicating finally body into try/catches.
scripts/php52-downgrader/src/Visitor/ExponentVisitor.php	Rewrites ** and **= to pow(...).
scripts/php52-downgrader/src/Visitor/DirConstantVisitor.php	Forces __DIR__ into dirname(__FILE__) before later rewrites.
scripts/php52-downgrader/src/Visitor/ClosureHoistingVisitor.php	Hoists closures/arrow functions into named functions with capture handling.
scripts/php52-downgrader/src/Visitor/ClassKeywordVisitor.php	Rewrites ::class magic constant into compatible expressions.
scripts/php52-downgrader/src/Visitor/CallableExprVisitor.php	Rewrites complex callable expressions into call_user_func(...).
scripts/php52-downgrader/src/Visitor/AttributeAndDeclareStripVisitor.php	Removes PHP 8 attributes and declare(strict_types=1) for PHP 5.2.
scripts/php52-downgrader/src/Visitor/ArrayDerefOnCallVisitor.php	Rewrites fn()[0] patterns to helper _pg52_at(...).
scripts/php52-downgrader/src/Visitor/ArrayClassConstantVisitor.php	Hoists non-const class constant initializers into static properties + runtime init.
scripts/php52-downgrader/src/PrettyPrinter.php	Forces PHP 5.2-friendly printing (long arrays, __DIR__ safety net).
scripts/php52-downgrader/src/Downgrader.php	Orchestrates the visitor pipeline + cross-file constant hoist discovery.
scripts/php52-downgrader/composer.json	Adds composer package for the downgrader toolchain.
scripts/php52-downgrader/.gitignore	Ignores Composer vendor directory for the new tool.
packages/playground/wordpress/tests/test-legacy-wp-version-boot.mjs	Adds Playwright test covering boot flows across WP 1.0–4.9.
packages/playground/wordpress/src/mysql-shims.ts	Introduces mysql_* stubs for very old WP versions using SQLite.
packages/playground/wordpress/src/boot.ts	Adds legacy boot/install flow, network disabling, and safe DB checks for PHP < 7.
packages/playground/wordpress/project.json	Adds an Nx target to run the legacy boot test.
packages/playground/wordpress-builds/src/sqlite-database-integration/get-sqlite-driver-module-details.ts	Adds module details for the prepatched v2.2.22-php52 SQLite driver asset.
packages/playground/website/src/lib/state/redux/site-management-api-middleware.ts	Switches PHP version typing to AllPHPVersion to include legacy versions.
packages/playground/website/src/lib/state/opfs/opfs-site-storage.ts	Updates persisted site metadata typing to allow legacy PHP versions.
packages/playground/website/src/components/site-manager/site-settings-form/unconnected-site-settings-form.tsx	Adds “Include older versions” toggle + grouped WP dropdown + PHP version locking.
packages/playground/website/src/components/site-manager/site-settings-form/older-wordpress-versions.ts	Adds older WP version list and a mapping to forced PHP versions.
packages/playground/remote/src/lib/playground-worker-endpoint.ts	Forces single-instance mode for legacy PHP; uses PHP 5.2 MU plugin stub.
packages/playground/remote/src/lib/playground-worker-endpoint-blueprints-v1.ts	Enables wordpress.org zip downloads for non-minified versions and selects v2.2.22-php52 for legacy PHP.
packages/playground/remote/src/lib/playground-mu-plugin/playground-includes/wp_http_fetch.php	Replaces null coalescing with PHP 5.2-safe isset ternary.
packages/playground/remote/src/lib/playground-mu-plugin/0-playground.php	Adds guards for older PHP/WP and avoids PHP 5.4+ array shorthand.
packages/playground/remote/src/lib/playground-mu-plugin/0-playground-php52.php	Adds a minimal PHP 5.2-compatible MU plugin stub (dummy HTTP transport + cron disable).
packages/playground/client/src/blueprints-v1-handler.ts	Skips update-check prefetch on legacy WordPress versions.
packages/playground/cli/tests/run-cli.spec.ts	Adjusts CLI test versions to avoid legacy WP on modern PHP.
packages/playground/cli/src/run-cli.ts	Allows selecting legacy PHP via AllPHPVersions and gates extensions/debug defaults for legacy PHP.
packages/playground/cli/src/blueprints-v1/worker-thread-v1.ts	Passes phpVersion through to bootWordPress in the CLI worker.
packages/playground/cli/src/blueprints-v1/download.ts	Adds ability to pick specific sqlite driver zip variants (incl -php52).
packages/playground/cli/src/blueprints-v1/blueprints-v1-handler.ts	Chooses prepatched sqlite driver version for legacy PHP.
packages/playground/blueprints/src/lib/v1/types.ts	Updates blueprint PHP version typing to include legacy versions.
packages/playground/blueprints/src/lib/v1/compile.ts	Compiles blueprint php version using AllPHPVersions.
packages/playground/blueprints/src/lib/types.ts	Updates runtime config PHP typing to AllPHPVersion.
packages/playground/blueprints/public/blueprint-schema.json	Adds AllPHPVersion/LegacyPHPVersion to schema to expose PHP 5.2.
packages/php-wasm/web/src/lib/load-runtime.ts	Allows loading legacy PHP in web, writes pre-boot php.ini via preRun, and blocks intl for legacy.
packages/php-wasm/web/src/lib/get-php-loader-module.ts	Adds loader module resolution for PHP 5.2 web build.
packages/php-wasm/web-builds/5-2/tsconfig.lib.json	Adds TS build configuration for PHP 5.2 web build package.
packages/php-wasm/web-builds/5-2/tsconfig.json	Adds TS project config for PHP 5.2 web build package.
packages/php-wasm/web-builds/5-2/src/index.ts	Adds 5.2 loader that selects JSPI vs Asyncify at runtime.
packages/php-wasm/web-builds/5-2/project.json	Adds Nx project/targets for building/publishing PHP 5.2 web binaries.
packages/php-wasm/web-builds/5-2/package.json	Adds npm package metadata for @php-wasm/web-5-2.
packages/php-wasm/web-builds/5-2/build.js	Adds esbuild-based bundle step for web PHP 5.2 package.
packages/php-wasm/universal/src/lib/supported-php-versions.ts	Introduces LegacyPHPVersions, AllPHPVersions, and isLegacyPHPVersion.
packages/php-wasm/universal/src/lib/proxy-file-system.ts	Skips PROXYFS mmap patching for legacy PHP to avoid parser corruption.
packages/php-wasm/universal/src/lib/legacy-php-ini.ts	Adds pre-boot php.ini content + preRun writer for legacy PHP builds.
packages/php-wasm/universal/src/lib/index.ts	Exports new legacy version helpers and legacy php.ini utility.
packages/php-wasm/node/src/lib/load-runtime.ts	Enables legacy PHP loading on node; blocks extensions on legacy; adds preRun ini creation.
packages/php-wasm/node/src/lib/get-php-loader-module.ts	Adds loader module resolution for PHP 5.2 node build.
packages/php-wasm/node/src/lib/extensions/memcached/get-memcached-extension-module.ts	Formatting-only changes in extension module resolution.
packages/php-wasm/node-builds/5-2/tsconfig.lib.json	Adds TS build configuration for PHP 5.2 node build package.
packages/php-wasm/node-builds/5-2/tsconfig.json	Adds TS project config for PHP 5.2 node build package.
packages/php-wasm/node-builds/5-2/src/index.ts	Adds 5.2 loader that selects JSPI vs Asyncify at runtime.
packages/php-wasm/node-builds/5-2/project.json	Adds Nx project/targets for building/publishing PHP 5.2 node binaries.
packages/php-wasm/node-builds/5-2/package.json	Adds npm package metadata for @php-wasm/node-5-2.
packages/php-wasm/node-builds/5-2/build.js	Adds esbuild-based bundle step for node PHP 5.2 package.
packages/php-wasm/compile/php/proc_open.h	Adds guards and PHP 5/7-compatible pipe typing for proc_open integration.
packages/php-wasm/compile/php/proc_open.c	Adds PHP 5.x stub implementation and PHP 5/7-compatible includes.
packages/php-wasm/compile/php/php_wasm.c	Adds PHP 5/7 API compatibility shims for string APIs and SAPI function signatures.
packages/php-wasm/compile/php/apply-mysqlnd-patch.sh	Makes mysqlnd patch application conditional by PHP version/file availability.
packages/php-wasm/compile/php/Dockerfile	Updates build logic to support PHP 5.x differences (zip/sqlite/curl/imagick/fiber/asm guards, warning flags).
packages/php-wasm/compile/php-wasm-memory-storage/wasm_memory_storage.c	Disables custom memory storage implementation for PHP < 7 with no-op init/shutdown.
packages/php-wasm/compile/php-wasm-dns-polyfill/dns_polyfill.c	Adds PHP 5/7 signature/parameter parsing compatibility.
packages/php-wasm/compile/php-post-message-to-js/post_message_to_js.c	Adds PHP 5/7 parameter parsing and return-string API compatibility.
.github/workflows/ci.yml	Adds CI job to boot-test legacy WP versions using Playwright.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The docblock says PHP 5.2 class constants may reference other class constants, but isPhp52ConstantExpr() currently treats all Expr\\ClassConstFetch as non-constant and will hoist them into runtime-initialized static properties. That changes semantics and can break valid constant usages (e.g., switch cases, array keys) that require a real constant. Consider extending isPhp52ConstantExpr() to treat Expr\\ClassConstFetch (at least for non-self/static/parent or other safe cases) as a valid PHP 5.2 constant expression so those constants remain compile-time constants.

[Copilot]

For method/static calls with dynamic names (e.g. $obj->{$m}(...$args) or Foo::{$m}(...$args)), buildCallable() currently returns null, which causes rewriteSplatCall() to bail out and leave the unpack (...) syntax in the output—resulting in PHP 5.2 parse errors. Instead of returning null for dynamic identifiers, consider building a callable array with the method expression as-is, and for StaticCall also allow $node->class forms beyond Node\\Name (e.g. variables) when they can be passed through to call_user_func_array.

[adamziel]

Isn't this the problem that EMULATE_FUNCTION_POINTER_CASTS was solving? This isn't a blocker here, but a functional plugin directory in WP Admin would be very cool.

[JanJakes]

Claude says:

Short answer: yes and no — two layers at play.

1. The WASM signature-mismatch traps are the same class EMULATE_FUNCTION_POINTER_CASTS used to paper over. The project dropped that flag a while back in favor of specific C-level patches (proc_open, dns_polyfill, post_message_to_js — there's a note in php-part-1.spec.ts by the proc_open test). PHP 5.2 gets those extensions compiled in too, but its fsockopen/cURL paths still trap — hence the disable_functions stopgap here.

2. Even without those traps, HTTP on PHP 5.2 wouldn't work: 0-playground-php52.php registers Wp_Http_Dummy (returns false for every request) in place of the Fetch transport, because wp_http_fetch.php uses PHP 5.3+ namespace syntax and won't parse on 5.2.

So a functional plugin directory on 5.2 would need a 5.2-compatible wp_http_fetch.php (the PHP 5.2 downgrader could probably produce one) wired up in 0-playground-php52.php, not just a compile flag. Agreed it's a cool follow-up — not blocking here.

[adamziel]

I mean, what stops us from having a custom transport? Also, fsockopen wouldnt go through that transport anyway

[adamziel]

Suggested change

	}
	if (phpMajor < 7) {

[adamziel]

It seems like we don't need a separate if here.

[JanJakes]

Addressed in a6d2e9a — the legacy branch is now a separate bootLegacyWordPress() in legacy-wp/legacy-boot.ts, so the modern bootWordPress no longer carries any legacy-specific if sandwich.

[adamziel]

We don't have that today, right? Why is this needed after this PR? Would this create an unwanted db.php file for Studio users? Let's add a test for Playground CLI to ensure that booting a site with a custom wp-content mounted doesn't create any new files in that wp-content to make sure we never regress on this.

[JanJakes]

Addressed in 537d860 (dropped the modern-WP db.php placeholder — the SQLite preload doesn't need a drop-in at all) and 4f967a9 (new CLI regression test mounts a host wp-content and asserts Playground doesn't drop db.php, object-cache.php, advanced-cache.php, sunrise.php, or any other file at its root).

[adamziel]

AFAIR Playground doesn't create that file today. Let's avoid creating it except in legacy WP versions.

[JanJakes]

Addressed in 537d860 — the modern boot path no longer writes any db.php. A drop-in is still written, but only by the legacy boot path (legacy-wp/legacy-boot.ts).

[adamziel]

Let's avoid this on WP 6.2+

[JanJakes]

Addressed in a6d2e9a — backportWpPreV62MysqlCheck reads the on-disk $wp_version and short-circuits when it's ≥ 6.2 (also < 5.0, since those go through the legacy boot path instead).

[adamziel]

The legacy logic clutters this function a lot, and it's such a niche use-case. Is there any way we could retain a mostly uncluttered boot logic for modern WP versions? As in move that legacy-specific code and large doc blocks out of this function and reduce that to a few small calls. Or even have a separate boot function for legacy WordPresses.

[JanJakes]

Addressed in a6d2e9a — the legacy branches in bootWordPress moved to a dedicated bootLegacyWordPress under legacy-wp/legacy-boot.ts. The modern entry point is now a single if (isLegacyPHPVersion(...)) return bootLegacyWordPress(...) dispatch followed by the unchanged modern flow.

[adamziel]

Do we need assertValidDatabaseConnectionSafe and assertValidDatabaseConnection? Could we keep using assertValidDatabaseConnection as the only function identifier?

[JanJakes]

Addressed in a6d2e9a — the *Safe variant is gone; bootWordPress uses the original assertValidDatabaseConnection, and the legacy-specific relaxation lives inside bootLegacyWordPress.

[adamziel]

This is cool. Later on this would make sense as a part of @php-wasm/universal as a general mysql shim. Or maybe as a part of the composer packages we'll release for the SQLite plugin? Not sure. Nothing blocking here.

[adamziel]

Wat. This actually works for a large range of WordPress versions? amazing :D

[adamziel]

I would suggest version-specific .patch files or, at least, version checks before the replacements here. But this seems to be actually working as is. Scary! This just runs blind replacements without worrying about the WP version – how do we know we're not patching the wrong WordPress version? We probably don't. Does it matter? If everything works, probably not. Those WP versions won't change, and patching this might break the delicate equilibrum we have here. This is terrible. I love it. Let's document that in this doc block.

[JanJakes]

Addressed in 76de744 — added a top-of-file doc block in legacy-wp/legacy-fixes.ts spelling out the blind find-and-replace approach, why it's load-bearing on frozen legacy WP releases, and pointing at the boot-smoke suite as the safety net before touching patches there.

[adamziel]

Legacy handling adds a bunch of clutter. How much can we decouple these things? Could we contain most of these things in like a legacy/ subdirectory or even a single legacy.ts file and then just call them from other places? I'd love the main code paths to remain very focused on the modern WP versions and only have tactical mentions of the legacy flows that can be inspected if needed but that would mostly stay out of our way when we work with this code.

[JanJakes]

Addressed in a6d2e9a — all legacy-specific code now lives under packages/playground/wordpress/src/legacy-wp/ (legacy-boot.ts, legacy-fixes.ts, legacy-mu-plugins.ts, legacy-sqlite-preload.ts, mysql-shims.ts). The main boot path only references it through the bootLegacyWordPress dispatch.

[adamziel]

The ideas are great. Even the terrible ones are impressive. Let's just cleanup the main data flows. Human attention is limited and the legacy code blocks are really large. Let's make sure we don't have to always sieve through them when we work with Playground's main data flows – we won't need them most of the time.