Installing Magento without Mcrypt

Disclaimer: in a production environment, spend the extra time and resources to meet Magento’s requirements. This post is about setting up a development environment.

I have had one hell of a time trying to get Magento up and running on my development server. I have probably spent about 5 hours fighting with mcrypt and for some reason, it is just not playing nicely with my setup (PHP 5.3, with everything compiled manually). I brought in a server guru as well, and he had the same problem. I think we both tore out some hair.

I’ve hacked together some steps to get it up and running for developers who want to get their hands dirty quickly.

Making Magento PHP 5.3 Compatible

If you are running PHP 5.3, it takes a few tweaks to get Magento up and running.

First one: edit /lib/Varien/Object.php, and find

    public function __toString(array $arrAttributes = array(), $valueSeparator=',')

with replace it with

    public function __invoke(array $arrAttributes = array(), $valueSeparator=',')

Step Two: Edit /index.php and change

error_reporting(E_ALL | E_STRICT);


error_reporting(E_ALL ^ E_DEPRECATED);

This may not be ideal, but it worked for me on my local machine. Before I did this, I went in and tried to spot-treat several errors as they came up. I was hoping it was just one, but after a few I caved and lowered the error reporting.

Installing Magento without Mcrypt

This extension was a major pain in the ass to (not) install. I want my day back. Anyway, I managed to isolate the sections to modify to avoid requiring this extension.

Step One: edit /app/code/core/Mage/Install/Installer/Env.php, and find

                    Mage::helper('install')->__('PHP Extension "%s" must be loaded', $extension)

just above it, add

                if ($extension == 'mcrypt') {
                    return true;

Step Two: create /lib/Varien/Crypt/Base64.php and throw this into it


class Varien_Crypt_Base64 extends Varien_Crypt_Abstract {
    public function __construct(array $data=array()) {

    public function init($key) {
         return $this;

    public function encrypt($data) {
        if (!strlen($data)) {
            return $data;

        return base64_encode($data);

    public function decrypt($data) {
        if (!strlen($data)) {
            return $data;

        return  base64_decode($data);

Last Step: edit /lib/Varien/Crypt.php and change

    static public function factory($method='mcrypt')


    static public function factory($method='base64')

I’m not too sure why it’s not a configuration option, but oh well.

And yeah, this is by no means secure. Far from it. It works well enough to use locally and that’s all I really care about. Hopefully this helps at least one other developer who is fighting with dependency hell. If I missed out any steps I apologize. I’ve been at this way too long.