diff --git a/AUTHORS b/AUTHORS
index dcd2589a70e690883597723febf6e574b4194c71..3f1bd9daeacf7e783737964a0b3efe75163dfe0f 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -41,6 +41,9 @@ Thanks to:
- Nicholaus Lance Hepler <nhelper@gmail.com>:
Patch to retrieve information from PubMed before CrossRef
+- Denis Potapov <potapov@exemail.com.au>:
+ PHP7 compatibility patching
+
- Yibiao Bai <mountangellib@gmail.com> and Yong Fan, Shanxi Agricultural
University Library, China:
Chinese localization.
diff --git a/NEWS b/NEWS
index bfd0781658dbcb6f5c5b1682b50e1c646054789e..462b15fd3096611770b03968d9da0fd6b7089d50 100644
--- a/NEWS
+++ b/NEWS
@@ -28,6 +28,8 @@ Security:
General:
+- PHP7 compatibility
+
- Revise SQL files to meet new requirements of MySQL
- Allow logged-in users to search locations
diff --git a/cite/formats/cite_ascii.php b/cite/formats/cite_ascii.php
index 3bfb2344b854785ff2141aaa2674c1c1714331ee..ef09ae90fc5c922a50a3d5435e01fc195dbeb312 100644
--- a/cite/formats/cite_ascii.php
+++ b/cite/formats/cite_ascii.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 10-Jun-06, 02:54
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1337 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a
// version of the 'citeRecords()' function that outputs a reference list from selected records in plain text format. Plain text output is
@@ -94,7 +94,7 @@
// LOOP OVER EACH RECORD:
// Fetch one page of results (or less if on the last page)
// (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ...
- for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
foreach ($row as $rowFieldName => $rowFieldValue)
// Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$plainTextSearchReplaceActionsArray':
diff --git a/cite/formats/cite_html.php b/cite/formats/cite_html.php
index c8b79333f66d8e7d924c76da0c6f18a5c7fa3695..7b03538ca26905d7721f2ebf686beeea093f3f7c 100644
--- a/cite/formats/cite_html.php
+++ b/cite/formats/cite_html.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 10-Jun-06, 02:30
- // Modified: $Date: 2012-02-29 00:05:42 +0100 (Wed, 29 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1338 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a
// version of the 'citeRecords()' function that outputs a reference list from selected records in HTML format.
@@ -113,7 +113,7 @@
// LOOP OVER EACH RECORD:
// Fetch one page of results (or less if on the last page)
// (i.e., upto the limit specified in $showRows) fetch a row into the $row array and ...
- for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
$encodedRowData = $row; // we keep '$row' in its original (unencoded) form since unencoded data will be required by function 'linkifyFieldItems()' below
diff --git a/cite/formats/cite_latex.php b/cite/formats/cite_latex.php
index 29f1eaf4c08f9b56a896c8bf622c0c5e090ce954..5b6e8a6308a5435c63c83ce53bf24af8acc965f5 100644
--- a/cite/formats/cite_latex.php
+++ b/cite/formats/cite_latex.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 10-Jun-06, 02:32
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1337 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a
// version of the 'citeRecords()' function that outputs a reference list from selected records in LaTeX format.
@@ -130,7 +130,7 @@
// LOOP OVER EACH RECORD:
// Fetch one page of results (or less if on the last page)
// (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ...
- for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
foreach ($row as $rowFieldName => $rowFieldValue)
// Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$latexSearchReplaceActionsArray':
diff --git a/cite/formats/cite_latex_bbl.php b/cite/formats/cite_latex_bbl.php
index 8ebafdf9281f8c417d2f2b4ebec4833a726980d1..af67710dc7fb3fd7d3d829ba3631e079b70faa6f 100644
--- a/cite/formats/cite_latex_bbl.php
+++ b/cite/formats/cite_latex_bbl.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 20-Jul-07, 19:42
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author$
- // $Revision: 1337 $
+ // $Revision: 1416 $
// This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a version of
// the 'citeRecords()' function that outputs a reference list from selected records in LateX .bbl format, to be used with LaTeX/BibTeX. The .bbl file
@@ -182,7 +182,7 @@
// LOOP OVER EACH RECORD:
// Fetch one page of results (or less if on the last page)
// (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ...
- for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
foreach ($row as $rowFieldName => $rowFieldValue)
// Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$latexSearchReplaceActionsArray':
diff --git a/cite/formats/cite_markdown.php b/cite/formats/cite_markdown.php
index 250292a24f04614a3d3117a5acac0b35c4e77287..deee4ab2c8194b503d5f150d912e8b67672c95e1 100644
--- a/cite/formats/cite_markdown.php
+++ b/cite/formats/cite_markdown.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 10-Jun-06, 02:58
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1337 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a
// version of the 'citeRecords()' function that outputs a reference list from selected records in Markdown format. Markdown is a plain text
@@ -92,7 +92,7 @@
// LOOP OVER EACH RECORD:
// Fetch one page of results (or less if on the last page)
// (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ...
- for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
foreach ($row as $rowFieldName => $rowFieldValue)
// Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$markdownSearchReplaceActionsArray':
diff --git a/cite/formats/cite_pdf.php b/cite/formats/cite_pdf.php
index 6602dbf58b2c81f4a34f514f548609cd3193c2ef..b743f4a03b37fdbad00f313762a223eb2d539227 100644
--- a/cite/formats/cite_pdf.php
+++ b/cite/formats/cite_pdf.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 10-Jun-06, 02:04
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1337 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a
// version of the 'citeRecords()' function that outputs a reference list from selected records in PDF format.
@@ -181,7 +181,7 @@
// LOOP OVER EACH RECORD:
// Fetch one page of results (or less if on the last page)
// (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ...
- for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
foreach ($row as $rowFieldName => $rowFieldValue)
// Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$pdfSearchReplaceActionsArray':
diff --git a/cite/formats/cite_rtf.php b/cite/formats/cite_rtf.php
index 1e2576d94e65c89afb51cbb5df8e7538edf291f9..d79f5cf414a52c6f5146bad1301e7f3aee1aa034 100644
--- a/cite/formats/cite_rtf.php
+++ b/cite/formats/cite_rtf.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 10-Jun-06, 02:04
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1337 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a
// version of the 'citeRecords()' function that outputs a reference list from selected records in RTF format.
@@ -113,7 +113,7 @@
// LOOP OVER EACH RECORD:
// Fetch one page of results (or less if on the last page)
// (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ...
- for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
foreach ($row as $rowFieldName => $rowFieldValue)
// Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$rtfSearchReplaceActionsArray':
diff --git a/contrib/mediawiki/include/Refbase.Connector.php b/contrib/mediawiki/include/Refbase.Connector.php
index 2404e991498771b97c95413bfd0873ce823f537e..2784fb9dc6a6563ade85616cdf6b903016e3a4f5 100644
--- a/contrib/mediawiki/include/Refbase.Connector.php
+++ b/contrib/mediawiki/include/Refbase.Connector.php
@@ -106,26 +106,19 @@ class RefbaseConnector {
} elseif ( strtolower( $this->dbAccessMethod ) === 'mysql' ) {
- $link = mysql_connect( $this->dbHost, $this->dbUser,
- $this->dbPass ) or die("db error");
+ $link = mysqli_connect( $this->dbHost, $this->dbUser, $this->dbPass, $this->dbName ) or die("db error");
if ( !$link ) {
$outputEntry = wfMessage( 'refbase-error-mysqlconn' )->text();
return false;
}
- if ( !mysql_select_db( $this->dbName, $link ) ) {
- $outputEntry = wfMessage( 'refbase-error-mysqldb' )->text() .
- mysql_error();
- return false;
- }
-
- $result = mysql_query( $queryStr );
+ $result = mysqli_query($link, $queryStr );
if ( !$result ) {
$outputEntry = wfMessage( 'refbase-error-dbquery' )->text() .
- mysql_error();
+ mysqli_error($link);
return false;
}
- $outputEntry = mysql_fetch_array($result);
+ $outputEntry = mysqli_fetch_array($result);
}
if ( !empty( $outputEntry ) ) {
diff --git a/duplicate_modify.php b/duplicate_modify.php
index 2a10c6eab4706aed922bf2a8cbaf5beca4aa2d1d..c309a7c4480c584e00fa1371679ca252ee76aeca 100644
--- a/duplicate_modify.php
+++ b/duplicate_modify.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 27-Jan-07, 23:22
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1337 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This php script will flag records as original and duplicate records.
// It then displays the affected records using 'search.php' so that the user
@@ -158,7 +158,7 @@
foreach($queryArray as $query)
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- $affectedRows = ($result ? mysql_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred)
+ $affectedRows = ($result ? mysqli_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred)
if ($affectedRows == 0) // no rows were affected by the update
{
diff --git a/includes/atomxml.inc.php b/includes/atomxml.inc.php
index 2f3c33c9ad390605214470ace0d2c4a7f185b263..7b7292095f509601105946baf448cb1686aab26a 100644
--- a/includes/atomxml.inc.php
+++ b/includes/atomxml.inc.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 09-Jan-08, 00:30
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author$
- // $Revision: 1337 $
+ // $Revision: 1416 $
// This include file contains functions that'll export records to OpenSearch Atom XML.
// Requires ActiveLink PHP XML Package, which is available under the GPL from:
@@ -295,7 +295,7 @@
$exportArray = array(); // array for individually exported records
// Generate the export for each record and push them onto an array:
- for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
// Export the current record as Atom XML entry:
$entry = atomEntry($row, $markupPatternsArray);
diff --git a/includes/include.inc.php b/includes/include.inc.php
index c66b773051f39e3cbf7808b73b0eb6cb74951fd7..eaf18b0cba94adc6667f1d4d106222f2ebf0d92f 100644
--- a/includes/include.inc.php
+++ b/includes/include.inc.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 16-Apr-02, 10:54
- // Modified: $Date: 2017-02-07 00:25:16 +0100 (Tue, 07 Feb 2017) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1415 $
+ // $Revision: 1416 $
// This file contains important
// functions that are shared
@@ -224,8 +224,8 @@
{
// (1) OPEN the database connection:
// (variables are set by include file 'db.inc.php'!)
- if (!($connection = @ mysql_connect($hostName, $username, $password)))
- if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-(
+ if (!($connection = @ mysqli_connect($hostName, $username, $password, $databaseName)))
+ if (mysqli_errno($connection) != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-(
showErrorMsg("The following error occurred while trying to connect to the host:");
// Get the MySQL version and save it to a session variable:
@@ -243,11 +243,6 @@
queryMySQLDatabase("SET NAMES latin1"); // by default, we establish a 'latin1' connection
}
- // (3) SELECT the database:
- // (variables are set by include file 'db.inc.php'!)
- if (!(mysql_select_db($databaseName, $connection)))
- if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-(
- showErrorMsg("The following error occurred while trying to connect to the database:");
}
}
@@ -262,8 +257,8 @@
global $client;
// (3) RUN the query on the database through the connection:
- if (!($result = @ mysql_query($query, $connection)))
- if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-(
+ if (!($result = @ mysqli_query($connection, $query)))
+ if (mysqli_errno($connection) != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-(
{
if (isset($client) AND preg_match("/^cli/i", $client)) // if the query originated from a command line client such as the "refbase" CLI client ("cli-refbase-1.0")
showErrorMsg("Your query: " . encodeHTML($query) . "\n\ncaused the following error:");
@@ -284,8 +279,8 @@
if (isset($connection))
// (5) CLOSE the database connection:
- if (!(mysql_close($connection)))
- if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-(
+ if (!(mysqli_close($connection)))
+ if (mysqli_errno($connection) != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-(
showErrorMsg("The following error occurred while trying to disconnect from the database:");
}
@@ -300,7 +295,7 @@
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection
- $row = mysql_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow)
+ $row = mysqli_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow)
$mysqlVersionString = $row[0]; // extract the contents of the first (and only) row (returned version string will be something like "4.0.20-standard" etc.)
$mysqlVersion = preg_replace("/^(\d+\.\d+).+/", "\\1", $mysqlVersionString); // extract main version number (e.g. "4.0") from version string
@@ -312,13 +307,13 @@
// Get MySQL field info:
// (i.e. fetch field (column) information from a given result resource; returns the
// field property given in '$propertyName', else an array of all field properties;
- // see <http://www.php.net/mysql_fetch_field>)
+ // see <http://php.net/manual/en/mysqli-result.fetch-field-direct.php>)
function getMySQLFieldInfo($result, $fieldOffset, $propertyName = "")
{
$fieldInfoArray = array();
// Get field (column) metadata:
- $fieldInfo = mysql_fetch_field($result, (int)$fieldOffset); // returns an object containing the field information
+ $fieldInfo = mysqli_fetch_field_direct($result, (int)$fieldOffset); // returns an object containing the field information
// Copy object properties to an array:
$fieldInfoArray["name"] = $fieldInfo->name; // column name
@@ -350,7 +345,7 @@
function seekInMySQLResultsToOffset($result, $rowOffset, $showRows, $displayType, $citeType)
{
// Find out how many rows are available:
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
{
// ... setup variables in order to facilitate "previous" & "next" browsing:
@@ -395,7 +390,7 @@
$nextOffset = $rowOffset + $showRows;
// d) Seek to the current offset
- mysql_data_seek($result, $rowOffset); // move internal result pointer to the row number given in '$rowOffset'
+ mysqli_data_seek($result, $rowOffset); // move internal result pointer to the row number given in '$rowOffset'
}
else // set variables to zero in order to prevent 'Undefined variable...' messages when nothing was found ('$rowsFound = 0'):
{
@@ -420,9 +415,10 @@
function showErrorMsg($headerMsg)
{
global $client;
+ global $connection;
- $errorNo = mysql_errno();
- $errorMsg = mysql_error();
+ $errorNo = mysqli_errno($connection);
+ $errorMsg = mysqli_error($connection);
if (preg_match("/^cli/i", $client)) // if the query originated from a command line client such as the "refbase" CLI client ("cli-refbase-1.0")
// note that we also HTML encode the '$errorMsg' for CLI clients since a malicious user could use the client parameter to perform a cross-site scripting (XSS) attack
@@ -633,7 +629,7 @@
$query = "SELECT user_id FROM $tableAuth WHERE email = " . quote_smart($emailAddress);
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection
- $row = mysql_fetch_array($result);
+ $row = mysqli_fetch_array($result);
return($row["user_id"]);
}
@@ -946,7 +942,7 @@
$result = queryMySQLDatabase($queryRefs);
// Get the record id that was created:
- $serialNo = @ mysql_insert_id($connection); // find out the unique ID number of the newly created record (Note: this function should be called immediately after the
+ $serialNo = @ mysqli_insert_id($connection); // find out the unique ID number of the newly created record (Note: this function should be called immediately after the
// SQL INSERT statement! After any subsequent query it won't be possible to retrieve the auto_increment identifier value for THIS record!)
// ADD USER DATA:
@@ -3744,10 +3740,10 @@ EOF;
$foundSerialsArray = array(); // initialize array variable (which will hold the serial numbers of all found records)
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
{
- while ($row = @ mysql_fetch_array($result)) // for all rows found
+ while ($row = @ mysqli_fetch_array($result)) // for all rows found
{
$recordID = $row["record_id"]; // get the serial number of the current record
$foundSerialsArray[] = $recordID; // add this record's serial to the array of found serial numbers
@@ -3843,10 +3839,10 @@ EOF;
$userGroupsArray = array(); // initialize array variable
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
{
- while ($row = @ mysql_fetch_array($result)) // for all rows found
+ while ($row = @ mysqli_fetch_array($result)) // for all rows found
{
// remove any meaningless delimiter(s) from the beginning or end of a field string:
$rowUserGroupsString = trimTextPattern($row["user_groups"], "( *; *)+", true, true);
@@ -3901,10 +3897,10 @@ EOF;
$userQueriesArray = array(); // initialize array variable
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
{
- while ($row = @ mysql_fetch_array($result)) // for all rows found
+ while ($row = @ mysqli_fetch_array($result)) // for all rows found
$userQueriesArray[] = $row["query_name"]; // append this row's query name to the array of found user queries
// join array of unique user queries with '; ' as separator:
@@ -3936,10 +3932,10 @@ EOF;
$userCiteKeysArray = array(); // initialize array variable
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
{
- while ($row = @ mysql_fetch_array($result)) // for all rows found
+ while ($row = @ mysqli_fetch_array($result)) // for all rows found
{
// If this row's cite key already exists in the global array of found cite keys ('$citeKeysArray'),
// we'll uniquify it, otherwise we'll take it as is
@@ -4013,9 +4009,9 @@ EOF;
$availableFormatsStylesTypesArray = array(); // initialize array variable
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
- while ($row = @ mysql_fetch_array($result)) // for all rows found
+ while ($row = @ mysqli_fetch_array($result)) // for all rows found
$availableFormatsStylesTypesArray[$row[$dataType . "_id"]] = $row[$dataType . "_name"]; // append this row's format/style/type name to the array of found user formats/styles/types
return $availableFormatsStylesTypesArray;
@@ -4044,9 +4040,9 @@ EOF;
$enabledFormatsStylesTypesArray = array(); // initialize array variable
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
- while ($row = @ mysql_fetch_array($result)) // for all rows found
+ while ($row = @ mysqli_fetch_array($result)) // for all rows found
{
if ($returnIDsAsValues) // return format/style/type IDs as element values:
$enabledFormatsStylesTypesArray[] = $row[$dataType . "_id"]; // append this row's format/style/type ID to the array of found user formats/styles/types
@@ -4109,10 +4105,10 @@ EOF;
else
$sessionVariableName = "user_" . $dataType . "s"; // yields 'user_styles' or 'user_types'
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
{
- while ($row = @ mysql_fetch_array($result)) // for all rows found
+ while ($row = @ mysqli_fetch_array($result)) // for all rows found
$userFormatsStylesTypesArray[] = $row[$dataType . "_name"]; // append this row's format/style/type name to the array of found user formats/styles/types
// we'll only update the appropriate session variable if either a normal user is logged in -OR- the admin is logged in and views his own user options page
@@ -4190,7 +4186,7 @@ EOF;
$query = "SELECT style_spec FROM $tableStyles WHERE style_name = " . quote_smart($citeStyle);
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection
- $row = mysql_fetch_array($result);
+ $row = mysqli_fetch_array($result);
return($row["style_spec"]);
}
@@ -4209,7 +4205,7 @@ EOF;
$query = "SELECT format_spec FROM $tableFormats WHERE format_name = " . quote_smart($formatName) . " AND format_type = " . quote_smart($formatType);
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection
- $row = mysql_fetch_array($result);
+ $row = mysqli_fetch_array($result);
return($row["format_spec"]);
}
@@ -4228,7 +4224,7 @@ EOF;
$query = "SELECT depends_path FROM $tableDepends WHERE depends_external = " . quote_smart($externalUtilityName);
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection
- $row = mysql_fetch_array($result);
+ $row = mysqli_fetch_array($result);
return($row["depends_path"]);
}
@@ -4257,14 +4253,14 @@ EOF;
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection
- if (mysql_num_rows($result) == 1) // interpret query result: Do we have exactly one row?
+ if (mysqli_num_rows($result) == 1) // interpret query result: Do we have exactly one row?
{
$userPermissionsArray = array(); // initialize array variables
$userPermissionsFieldNameArray = array();
- $row = mysql_fetch_array($result); // fetch the one row into the array '$row'
+ $row = mysqli_fetch_array($result); // fetch the one row into the array '$row'
- $fieldsFound = mysql_num_fields($result); // count the number of fields
+ $fieldsFound = mysqli_num_fields($result); // count the number of fields
for ($i=0; $i<$fieldsFound; $i++)
{
@@ -4322,10 +4318,10 @@ EOF;
$languagesArray = array(); // initialize array variable
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
{
- while ($row = @ mysql_fetch_array($result)) // for all rows found
+ while ($row = @ mysqli_fetch_array($result)) // for all rows found
$languagesArray[] = $row["language_name"]; // append this row's language name to the array of found languages
}
@@ -4374,9 +4370,9 @@ EOF;
$userOptionsArray = array(); // initialize array variable
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound == 1) // Interpret query result: Do we have exactly one row?
- $userOptionsArray = @ mysql_fetch_array($result); // fetch the one row into the array '$userOptionsArray'
+ $userOptionsArray = @ mysqli_fetch_array($result); // fetch the one row into the array '$userOptionsArray'
return $userOptionsArray;
}
@@ -4503,7 +4499,7 @@ EOF;
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection
- $row = mysql_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow)
+ $row = mysqli_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow)
$numberOfRecords = $row[0]; // extract the contents of the first (and only) row
return $numberOfRecords;
@@ -4594,7 +4590,7 @@ EOF;
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection
- $row = mysql_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow)
+ $row = mysqli_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow)
$lastModifiedDateTime = $row[0] . " " . $row[1];
return $lastModifiedDateTime;
@@ -4982,7 +4978,7 @@ EOF;
$i = 0;
$resultBuffer = array();
- while ($row = @ mysql_fetch_array($resultId))
+ while ($row = @ mysqli_fetch_array($resultId))
{
if ($SplitValues) // if desired, split field contents into substrings
{
@@ -5097,10 +5093,10 @@ EOF;
$fieldContentsArray = array(); // initialize array variable
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
{
- while ($row = @ mysql_fetch_array($result)) // for all rows found
+ while ($row = @ mysqli_fetch_array($result)) // for all rows found
$fieldContentsArray[] = $row[$columnName]; // append this row's field value to the array of extracted field values
}
@@ -6036,13 +6032,15 @@ EOF;
// --------------------------------------------------------------------
- // this function uses 'mysql_real_escape_string()' to:
+ // this function uses 'mysqli_real_escape_string()' to:
// - prepend backslashes to \, ', "
// - replace the characters \x00, \n, \r, and \x1a with a MySQL acceptable representation
// for queries (e.g., the newline character is replaced with the litteral string '\n')
function escapeSQL($sourceString)
{
- $sourceString = mysql_real_escape_string($sourceString);
+
+ global $connection;
+ $sourceString = mysqli_real_escape_string($connection, $sourceString);
return $sourceString;
}
@@ -6416,7 +6414,7 @@ EOF;
. "\n\t\t</image>";
// fetch results: upto the limit specified in '$showRows', fetch a row into the '$row' array and write out a RSS item:
- for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
$origTitle = $row['title']; // save the original title contents before applying any search & replace actions
@@ -6502,7 +6500,7 @@ EOF;
$fieldValuesArray = array(); // initialize array variable which will hold the splitted sub-items
// split field values on the given delimiter:
- for ($i=0; $row = @ mysql_fetch_array($result); $i++)
+ for ($i=0; $row = @ mysqli_fetch_array($result); $i++)
{
$fieldSubValuesArray = preg_split($delim, $row[$fieldName]); // split field contents on '$delim' (which is interpreted as perl-style regular expression!)
foreach ($fieldSubValuesArray as $fieldSubValue)
diff --git a/includes/install.inc.php b/includes/install.inc.php
index d719ed87b42a7296db00b9b1b966e999251630aa..4629af37750857eacf71999ca6cd16466be29e3b 100644
--- a/includes/install.inc.php
+++ b/includes/install.inc.php
@@ -13,9 +13,9 @@
// Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 16-Aug-06, 18:00
- // Modified: $Date: 2008-04-15 13:31:50 +0200 (Tue, 15 Apr 2008) $
- // $Author: msteffens $
- // $Revision: 1082 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This file contains functions
// that are used when installing
@@ -65,14 +65,10 @@
// Establish a *new* connection that has admin permissions
// (1) OPEN the database connection:
- if (!($connection = @ mysql_connect($hostName, $adminUserName, $adminPassword)))
- if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-(
+ if (!($connection = @ mysqli_connect($hostName, $adminUserName, $adminPassword, $databaseName)))
+ if (mysqli_errno($connection) != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-(
showErrorMsg("The following error occurred while trying to connect to the host:", "");
- // (2) SELECT the database:
- if (!(mysql_select_db($databaseName, $connection)))
- if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-(
- showErrorMsg("The following error occurred while trying to connect to the database:", "");
}
// --------------------------------------------------------------------
@@ -104,7 +100,7 @@
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound == 0)
{
$query = "INSERT INTO " . $table . " VALUES " . $values;
@@ -133,7 +129,7 @@
$queryFields = "SHOW FIELDS FROM " . $table;
$result = queryMySQLDatabase($queryFields); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- while ($row = @ mysql_fetch_array($result)) // for all fields found, check if any of their names matches the field name that we want to add
+ while ($row = @ mysqli_fetch_array($result)) // for all fields found, check if any of their names matches the field name that we want to add
if ($row["Field"] == $column)
$present = true;
@@ -165,7 +161,7 @@
$queryFields = "SHOW TABLES";
$result = queryMySQLDatabase($queryFields); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- while ($row = @ mysql_fetch_array($result)) // for all tables found, check if any of their names matches the table name that we want to add
+ while ($row = @ mysqli_fetch_array($result)) // for all tables found, check if any of their names matches the table name that we want to add
if ($row[0] == $table)
$present = true;
diff --git a/includes/modsxml.inc.php b/includes/modsxml.inc.php
index 9c0adbd453055ce3f73742e1db4c473c5a10f616..30dc7d7e02ec823e57af3b4631aeeb2abd862d79 100644
--- a/includes/modsxml.inc.php
+++ b/includes/modsxml.inc.php
@@ -12,9 +12,9 @@
// Author(s): Richard Karnesky <mailto:karnesky@gmail.com>
//
// Created: 02-Oct-04, 12:00
- // Modified: $Date: 2012-02-29 00:56:52 +0100 (Wed, 29 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1347 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This include file contains functions that'll export records to MODS XML.
// Requires ActiveLink PHP XML Package, which is available under the GPL from:
@@ -198,7 +198,7 @@
);
// Generate the export for each record and push them onto an array:
- while ($row = @ mysql_fetch_array($result)) {
+ while ($row = @ mysqli_fetch_array($result)) {
// Export the current record as MODS XML
$record = modsRecord($row);
diff --git a/includes/oaidcxml.inc.php b/includes/oaidcxml.inc.php
index 8ce62994973b3a03e0048a95dfd303b899e87e3f..918eb4c8672e08a6356a862e2ffd26fbca90e99b 100644
--- a/includes/oaidcxml.inc.php
+++ b/includes/oaidcxml.inc.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 05-Mar-08, 21:52
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author$
- // $Revision: 1337 $
+ // $Revision: 1416 $
// This include file contains functions that'll export records to OAI_DC XML.
// Requires ActiveLink PHP XML Package, which is available under the GPL from:
@@ -69,7 +69,7 @@
$citeKeysArray = array(); // array of cite keys (used to ensure uniqueness of cite keys among all exported records)
// Generate the export for each record and push them onto an array:
- while ($row = @ mysql_fetch_array($result))
+ while ($row = @ mysqli_fetch_array($result))
{
// Export the current record as OAI_DC XML:
$record = oaidcRecord($row, "oai_dc");
diff --git a/includes/odfxml.inc.php b/includes/odfxml.inc.php
index 47138662995e79ad74a38ef549f7d951f194fe05..509dfa6ef1c911c9e909b9f50ad61ce8fa17c597 100644
--- a/includes/odfxml.inc.php
+++ b/includes/odfxml.inc.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 01-Jun-06, 12:49
- // Modified: $Date: 2008-08-19 22:00:40 +0200 (Tue, 19 Aug 2008) $
- // $Author: msteffens $
- // $Revision: 1205 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This include file contains functions that'll export records to ODF XML
// in spreadsheet format ('.ods').
@@ -155,7 +155,7 @@
list($universalSearchReplaceActionsArray, $fieldSpecificSearchReplaceActionsArray, $odfIndexesToRefbaseFieldsArray, $referenceTypesToRefbaseTypesArray) = initializeArrays();
// Generate the export for each record and push them onto an array:
- while ($row = @ mysql_fetch_array($result))
+ while ($row = @ mysqli_fetch_array($result))
{
// Parse the current record into an array of field data that shall be exported to ODF:
$recordExportArray = parseRecord($row, $odfIndexesToRefbaseFieldsArray, $referenceTypesToRefbaseTypesArray, $universalSearchReplaceActionsArray, $fieldSpecificSearchReplaceActionsArray);
diff --git a/includes/srwxml.inc.php b/includes/srwxml.inc.php
index 31d16d9ee15c0a095c98a171fd4e9cf00fbe8ff4..91cd8f07b787de1561bbb886db8d97bfe02329ff 100644
--- a/includes/srwxml.inc.php
+++ b/includes/srwxml.inc.php
@@ -13,9 +13,9 @@
// Richard Karnesky <mailto:karnesky@gmail.com>
//
// Created: 17-May-05, 16:38
- // Modified: $Date: 2013-09-27 23:45:07 +0200 (Fri, 27 Sep 2013) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1382 $
+ // $Revision: 1416 $
// This include file contains functions that'll export records to SRW XML.
// Requires ActiveLink PHP XML Package, which is available under the GPL from:
@@ -86,7 +86,7 @@
$exportArray = array(); // Array for individually exported records
// Generate the export for each record and push them onto an array:
- for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
if (preg_match("/DC/i", $exportFormat)) // export the current record as DC XML (i.e. simple Dublin Core):
$record = oaidcRecord($row, "srw_dc"); // function 'oaidcRecord()' is defined in 'oaidcxml.inc.php'
diff --git a/modify.php b/modify.php
index 40225386e3ba49bb5276add932b801a30ce5eb3a..e8fc72561c42f2adc9979f59c0f4bd871218cafc 100644
--- a/modify.php
+++ b/modify.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 18-Dec-02, 23:08
- // Modified: $Date: 2015-01-08 01:37:58 +0100 (Thu, 08 Jan 2015) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1401 $
+ // $Revision: 1416 $
// This php script will perform adding, editing & deleting of records.
// It then calls 'receipt.php' which displays links to the modified/added record
@@ -452,7 +452,7 @@
$queryFile = "SELECT file FROM $tableRefs WHERE serial = " . quote_smart($serialNo);
$result = queryMySQLDatabase($queryFile); // RUN the query on the database through the connection
- $row = @ mysql_fetch_array($result);
+ $row = @ mysqli_fetch_array($result);
$fileName = $row["file"];
}
@@ -951,7 +951,7 @@
// (3) RUN the query on the database through the connection:
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- if (mysql_num_rows($result) == 1) // if there's already an existing user_data entry, we perform an UPDATE action:
+ if (mysqli_num_rows($result) == 1) // if there's already an existing user_data entry, we perform an UPDATE action:
$queryUserData = "UPDATE $tableUserData SET "
. "marked = " . quote_smart($markedRadio) . ", "
. "copy = " . quote_smart($copyName) . ", "
@@ -1138,7 +1138,7 @@
$result = queryMySQLDatabase($queryRefs); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
// Get the record id that was created
- $serialNo = @ mysql_insert_id($connection); // find out the unique ID number of the newly created record (Note: this function should be called immediately after the
+ $serialNo = @ mysqli_insert_id($connection); // find out the unique ID number of the newly created record (Note: this function should be called immediately after the
// SQL INSERT statement! After any subsequent query it won't be possible to retrieve the auto_increment identifier value for THIS record!)
$formVars['serialNo'] = $serialNo; // for '$recordAction = "add"' we update the original '$formVars' array element to ensure a correct serial number when generating the file name via the 'parsePlaceholderString()' function
diff --git a/queries.php b/queries.php
index 5e6e6499b8ff762285f6a24c18c9dd95c6b9ae96..9b083e2b005d57caddb0f92e156bc04fd3a886be 100644
--- a/queries.php
+++ b/queries.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 16-May-04, 22:03
- // Modified: $Date: 2008-08-19 18:57:47 +0200 (Tue, 19 Aug 2008) $
- // $Author: msteffens $
- // $Revision: 1195 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This script takes a user query name (which was passed to the script by use of the 'Recall My Query' form on the main page 'index.php')
// and extracts all saved settings for this particular query from the 'queries' MySQL table. It will then build an appropriate query URL
@@ -73,10 +73,10 @@
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php')
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound == 1) // if there was exactly one row found (normally, this should be the case) ...
{
- $row = mysql_fetch_array($result);
+ $row = mysqli_fetch_array($result);
// redirect the browser to 'query_manager.php':
if (encodeHTML($submitAction) == $loc["ButtonTitle_Edit"]) // note that we need to HTML encode '$submitAction' for comparison with the HTML encoded locales (function 'encodeHTML()' is defined in 'include.inc.php')
diff --git a/query_manager.php b/query_manager.php
index 840168e79391013cd85a7d5933358f15d658c254..f06b2646730e9a777143b1f26b0a0a90dcb3fbe5 100644
--- a/query_manager.php
+++ b/query_manager.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 04-Feb-04, 22:29
- // Modified: $Date: 2015-01-08 02:05:44 +0100 (Thu, 08 Jan 2015) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1402 $
+ // $Revision: 1416 $
// This script enables you to manage your custom queries.
// It offers a form to save the current query or update/delete any of your saved queries.
@@ -174,10 +174,10 @@
// (3a) RUN the query on the database through the connection:
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- if (@ mysql_num_rows($result) == 1) // this condition is added here to avoid the case that editing a query item which got deleted in the meantime invokes a seemingly correct but empty 'edit query' form
+ if (@ mysqli_num_rows($result) == 1) // this condition is added here to avoid the case that editing a query item which got deleted in the meantime invokes a seemingly correct but empty 'edit query' form
{
// (3b) EXTRACT results:
- $row = mysql_fetch_array($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow)
+ $row = mysqli_fetch_array($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow)
// check whether the user tries to edit a query that does not belong to his own set of saved queries:
if ($row['user_id'] != getUserID($loginEmail)) // the function 'getUserID' and the '$loginEmail' variable are specified in 'include.inc.php'
diff --git a/query_modify.php b/query_modify.php
index e9c72cd5caaf2b45658c755d449409d563569596..cbdd238d80e1a6b69855660615b42db54d9ed5d6 100644
--- a/query_modify.php
+++ b/query_modify.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 23-May-04, 20:42
- // Modified: $Date: 2012-02-29 01:45:52 +0100 (Wed, 29 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1358 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This php script will perform adding, editing & deleting of user queries.
// It then relocates back to the main page ('index.php') so that the user
@@ -176,7 +176,7 @@
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php')
- if (@ mysql_num_rows($result) > 0) // if there's already a saved query (belonging to this user) with exactly the same name
+ if (@ mysqli_num_rows($result) > 0) // if there's already a saved query (belonging to this user) with exactly the same name
$errors["queryName"] = "You've got already a query with that name!<br>Please choose a different name:"; // the user's query name must be unique (since the query popup of the 'Recall My Query' form on the main page uses the query's name to recall a particular query)
// note that we could allow for duplicate query names if the query popup on the main page would work with query IDs instead. However, from an interface design perspective, duplicate query names shouldn't be allowed anyhow. So we simply don't permit them.
}
@@ -261,7 +261,7 @@
if (preg_match("/^(edit|delet)$/", $queryAction))
{
- $affectedRows = ($result ? mysql_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred)
+ $affectedRows = ($result ? mysqli_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred)
if ($affectedRows == 0) // no rows were affected by the update, i.e., the query must have been deleted in the meantime!
// NOTE: Previously, we did return "Warning_SavedQueryDoesNotExistAnymore": "This saved query does not exist anymore".
@@ -283,7 +283,7 @@
}
elseif ($queryAction == "add") // Get the query id that was created:
- $queryID = @ mysql_insert_id($connection); // find out the unique ID number of the newly created query (Note: this function should be called immediately after the
+ $queryID = @ mysqli_insert_id($connection); // find out the unique ID number of the newly created query (Note: this function should be called immediately after the
// SQL INSERT statement! After any subsequent query it won't be possible to retrieve the auto_increment identifier value for THIS record!)
// update the 'userQueries' session variable:
diff --git a/record.php b/record.php
index 72479cbe28922d583bea85a770e1fc524158ebd1..454ce6c0b48407b75495ddde3d3f0eb0a15df2a4 100644
--- a/record.php
+++ b/record.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 29-Jul-02, 16:39
- // Modified: $Date: 2015-02-16 21:53:19 +0100 (Mon, 16 Feb 2015) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1405 $
+ // $Revision: 1416 $
// Form that offers to add
// records or edit/delete
@@ -305,10 +305,10 @@
// (3a) RUN the query on the database through the connection:
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- if (@ mysql_num_rows($result) == 1) // this condition is added here to avoid the case that clicking on a search result item which got deleted in the meantime invokes a seemingly correct but empty 'edit record' search form
+ if (@ mysqli_num_rows($result) == 1) // this condition is added here to avoid the case that clicking on a search result item which got deleted in the meantime invokes a seemingly correct but empty 'edit record' search form
{
// (3b) EXTRACT results:
- $row = mysql_fetch_array($result); //fetch the current row into the array $row (it'll be always *one* row, but anyhow)
+ $row = mysqli_fetch_array($result); //fetch the current row into the array $row (it'll be always *one* row, but anyhow)
// fetch attributes of the current record into variables:
$authorName = encodeHTML($row['author']);
diff --git a/rss.php b/rss.php
index 79ec467d0a83094b79321a32a78bcde739cebe2e..f04e1c4ae184bf78be4fab1ed7b9c2a377f8b50c 100644
--- a/rss.php
+++ b/rss.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 25-Sep-04, 12:10
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1337 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This script will generate a dynamic RSS feed for the current query.
// Usage: Perform your query until you've got the desired results. Then, copy the "RSS" link in the header
@@ -123,7 +123,7 @@
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
// find out how many rows are available:
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
// construct a meaningful channel description based on the specified 'WHERE' clause:
$rssChannelDescription = "Displays all newly added records where " . explainSQLQuery($sanitizedWhereClause) . "."; // function 'explainSQLQuery()' is defined in 'include.inc.php'
diff --git a/search.php b/search.php
index 5f0caf97879648cde2b04a30df1d5966651dc673..a3982307b749a2363076d3a15ccafe16fbda875c 100644
--- a/search.php
+++ b/search.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 30-Jul-02, 17:40
- // Modified: $Date: 2016-11-06 00:10:01 +0100 (Sun, 06 Nov 2016) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1407 $
+ // $Revision: 1416 $
// This is the main script that handles the search query and displays the query results.
// Supports three different output styles: 1) List view, with fully configurable columns -> displayColumns() function
@@ -579,7 +579,7 @@
if (($displayType == "Export"))
{
// Find out how many rows are available:
- $rowsFound = @ mysql_num_rows($result); // for all other display types, the '$rowsFound' variable is set within function 'seekInMySQLResultsToOffset()' (see below)
+ $rowsFound = @ mysqli_num_rows($result); // for all other display types, the '$rowsFound' variable is set within function 'seekInMySQLResultsToOffset()' (see below)
if ($rowsFound > 0) // If there were rows found ...
{
generateExport($result, $rowOffset, $showRows, $exportFormat, $exportType, $exportStylesheet, $displayType, $viewType, $userID); // export records using the export format specified in '$exportFormat'
@@ -612,7 +612,7 @@
$queryURL = rawurlencode($query); // URL encode SQL query
if (!preg_match("/^SELECT/i", $query)) // for queries other than SELECT queries (e.g. UPDATE, DELETE or INSERT queries that were executed by the admin via use of 'sql_search.php')
- $affectedRows = ($result ? mysql_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred)
+ $affectedRows = ($result ? mysqli_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred)
// If the previous query (which is stored in the 'oldQuery' session variable) is different
// from the current query, we append it to the 'queryHistory' session variable:
@@ -900,7 +900,7 @@
$CounterMax = 0; // Otherwise don't hide any columns
// count the number of fields
- $fieldsFound = mysql_num_fields($result);
+ $fieldsFound = mysqli_num_fields($result);
if ($displayType != "Browse")
{
// hide those last columns that were added by the script and not by the user
@@ -1066,7 +1066,7 @@
// BEGIN RESULTS DATA COLUMNS --------------
// Fetch one page of results (or less if on the last page)
// (i.e., upto the limit specified in $showRows) fetch a row into the $row array and ...
- for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
if (is_integer($rowCounter / 2)) // if we currently are at an even number of rows
$rowClass = "even";
@@ -1283,7 +1283,7 @@
$CounterMax = ($CounterMax + 1); // ...we'll also need to hide the 'related' column (which isn't displayed in Details view but is only used to generate a link to related records)
// count the number of fields
- $fieldsFound = mysql_num_fields($result);
+ $fieldsFound = mysqli_num_fields($result);
// hide those last columns that were added by the script and not by the user
$fieldsToDisplay = $fieldsFound-(2+$CounterMax+$addCounterMax); // (2+$CounterMax) -> $CounterMax is increased by 2 in order to hide the 'orig_record' & 'serial' columns (which were added to make checkboxes & dup warning work)
// $addCounterMax is set to 1 when the field given in '$fileVisibilityException[0]' (defined in 'ini.inc.php') was added to the query, otherwise '$addCounterMax = 0'
@@ -1443,7 +1443,7 @@
// BEGIN RESULTS DATA COLUMNS --------------
// Fetch one page of results (or less if on the last page)
// (i.e., upto the limit specified in $showRows) fetch a row into the $row array and ...
- for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
// ... print out each of the attributes
// in that row as a separate TR (Table Row)
@@ -2366,16 +2366,16 @@
$recordSerialsArray = array();
$duplicateRecordSerialsArray = array();
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
// Identify any records with matching field data:
if ($rowsFound > 0) // if there were rows found ...
{
// Count the number of fields:
- $fieldsFound = mysql_num_fields($result);
+ $fieldsFound = mysqli_num_fields($result);
// Loop over each row in the result set:
- for ($rowCounter=0; $row = @ mysql_fetch_array($result); $rowCounter++)
+ for ($rowCounter=0; $row = @ mysqli_fetch_array($result); $rowCounter++)
{
$recordIdentifier = ""; // make sure our buffer variable is empty
@@ -5155,10 +5155,10 @@
// Check whether the extracted serial numbers and cite keys exist in the database:
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php')
- if (@ mysql_num_rows($result) > 0) // if there were rows found ...
+ if (@ mysqli_num_rows($result) > 0) // if there were rows found ...
{
// Loop over each row in the result set:
- for ($rowCounter=0; $row = @ mysql_fetch_array($result); $rowCounter++)
+ for ($rowCounter=0; $row = @ mysqli_fetch_array($result); $rowCounter++)
{
if (!in_array($row["serial"], $foundRecordSerialsKeysArray) OR (!empty($row["cite_key"]) AND !in_array($row["cite_key"], $foundRecordSerialsKeysArray))) // if this record identifier hasn't been seen yet
{
diff --git a/sitemap.php b/sitemap.php
index 7b3b1b32142a42956ca8ffc3545dd5b1a800e4ff..249f59c88eda11ac8442b3239f2479c528b80075 100644
--- a/sitemap.php
+++ b/sitemap.php
@@ -12,9 +12,9 @@
// Author(s): Richard Karnesky <mailto:rkarnesky@gmail.com>
//
// Created: 17-May-08, 15:50
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1337 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// Create a sitemap for better indexing by search engines.
// <http://www.sitemaps.org/>
@@ -66,7 +66,7 @@
// (3) RUN the query on the database through the connection:
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
+ while ($row = mysqli_fetch_array($result, MYSQL_ASSOC)) {
echo " <url>\n";
echo " <loc>".$databaseBaseURL."show.php?record=".$row['serial']."</loc>\n";
if (!empty($row['modified_date'])) {
diff --git a/user_details.php b/user_details.php
index d775e9d4736c78678b5285e5852978f107e4bf7d..e3324e1b4667ec86d2df5d83f733c5c1526f212d 100644
--- a/user_details.php
+++ b/user_details.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 16-Apr-02, 10:55
- // Modified: $Date: 2015-02-16 21:53:19 +0100 (Mon, 16 Feb 2015) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1405 $
+ // $Revision: 1416 $
// This script shows the user a user <form>. It can be used both for INSERTing a new user and for UPDATE-ing an existing user.
// If the user is logged in, then it is an UPDATE; otherwise, an INSERT. The script also shows error messages above widgets that
@@ -170,7 +170,7 @@
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
// (3b) EXTRACT results:
- $row = mysql_fetch_array($result); //fetch the current row into the array $row
+ $row = mysqli_fetch_array($result); //fetch the current row into the array $row
// If the admin is logged in AND the displayed user data are NOT his own, we overwrite the default header message:
// (Since the admin is allowed to view and edit account data from other users, we have to provide a dynamic header message in that case)
diff --git a/user_login.php b/user_login.php
index d7dd58ff3a1b2a9a28a45622ea590877ee5693a9..395ed16e9d310964753e8a8c245d2137e1da9f56 100644
--- a/user_login.php
+++ b/user_login.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 05-Jan-03, 23:20
- // Modified: $Date: 2015-02-16 21:53:19 +0100 (Mon, 16 Feb 2015) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1405 $
+ // $Revision: 1416 $
// This script manages the login process. It should only be called when the user is not logged in.
// If the user is logged in, it will redirect back to the calling page.
@@ -121,10 +121,10 @@
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
// (4) EXTRACT results:
- if (mysql_num_rows($result) == 1) // Interpret query result: Do we have exactly one row?
+ if (mysqli_num_rows($result) == 1) // Interpret query result: Do we have exactly one row?
{
$foundUser = true; // then we have found the user
- $row = mysql_fetch_array($result); // fetch the one row into the array '$row'
+ $row = mysqli_fetch_array($result); // fetch the one row into the array '$row'
}
else
$foundUser = false;
@@ -146,7 +146,7 @@
// Now we need to get the user's first name and last name (e.g., in order to display them within the login welcome message)
$query = "SELECT user_id, first_name, last_name, abbrev_institution, language, last_login FROM $tableUsers WHERE user_id = " . quote_smart($userID); // CONSTRUCT SQL QUERY
$result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php')
- $row2 = mysql_fetch_array($result); // EXTRACT results: fetch the one row into the array '$row2'
+ $row2 = mysqli_fetch_array($result); // EXTRACT results: fetch the one row into the array '$row2'
// Save the fetched user details to the session file:
diff --git a/user_options.php b/user_options.php
index f3a441ea2f7fd68fbfdc221dcf9ea63873703ba0..c1516b7d8a2b57db31fe72bc0c07e85184bec2d0 100644
--- a/user_options.php
+++ b/user_options.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 24-Oct-04, 19:31
- // Modified: $Date: 2015-02-16 21:53:19 +0100 (Mon, 16 Feb 2015) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1405 $
+ // $Revision: 1416 $
// This script provides options which are individual for each user.
//
@@ -170,7 +170,7 @@
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
// (3b) EXTRACT results:
- $row = mysql_fetch_array($result); // fetch the current row into the array $row
+ $row = mysqli_fetch_array($result); // fetch the current row into the array $row
// If the admin is logged in AND the displayed user data are NOT his own, we overwrite the default header message:
// (Since the admin is allowed to view and edit account data from other users, we have to provide a dynamic header message in that case)
diff --git a/user_options_modify.php b/user_options_modify.php
index 81f3aa5ebf535f3120caf3d93b20ee683c951dfd..3ceaff6dbf14e2a2c2bc30c25671c5254e5a04f1 100644
--- a/user_options_modify.php
+++ b/user_options_modify.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 26-Oct-04, 20:57
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1337 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This script validates user options selected within the form provided by 'user_options.php'.
// If validation succeeds, it UPDATEs the corresponding table fields for that user and redirects to a receipt page;
@@ -405,7 +405,7 @@
// RUN the query on the database through the connection:
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- if (mysql_num_rows($result) == 1) // if there's already an existing user_data entry, we perform an UPDATE action:
+ if (mysqli_num_rows($result) == 1) // if there's already an existing user_data entry, we perform an UPDATE action:
$queryArray[] = "UPDATE $tableUserOptions SET "
. "export_cite_keys = " . quote_smart($formVars["export_cite_keys"])
. ", autogenerate_cite_keys = " . quote_smart($formVars["autogenerate_cite_keys"])
diff --git a/user_receipt.php b/user_receipt.php
index 86f2cc03a08fd7c5de22dfb027d7a6237c666cc0..e53b9cef90848161654c887f6c4cf89153eb37d9 100644
--- a/user_receipt.php
+++ b/user_receipt.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 16-Apr-02, 10:54
- // Modified: $Date: 2015-02-16 21:53:19 +0100 (Mon, 16 Feb 2015) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1405 $
+ // $Revision: 1416 $
// This script shows the user a receipt for their user UPDATE or INSERT.
// It carries out no database actions and can be bookmarked.
@@ -238,7 +238,7 @@
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
// (4) EXTRACT results (since 'user_id' is the unique primary key for the 'users' table, there will be only one matching row)
- $row = @ mysql_fetch_array($result);
+ $row = @ mysqli_fetch_array($result);
// Build the correct header message:
if (!isset($_SESSION['HeaderString'])) // if there's no saved message
@@ -294,7 +294,7 @@
echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>Account Details:</b></td>";
- if (mysql_num_rows($result) == 1) // If there's a user associated with this user ID
+ if (mysqli_num_rows($result) == 1) // If there's a user associated with this user ID
{
// Add edit/delete button:
echo "\n\t\t\t<td align=\"left\">";
@@ -404,7 +404,7 @@
echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>Display Options:</b></td>"
. "\n\t\t\t<td align=\"right\">";
- if ((mysql_num_rows($result) == 1) OR ($userID == 0)) // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in)
+ if ((mysqli_num_rows($result) == 1) OR ($userID == 0)) // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in)
echo "<a href=\"user_options.php?userID=" . $userID . "\"><img src=\"img/options.gif\" alt=\"" . $loc["options"] . "\" title=\"" . $loc["LinkTitle_EditOptions"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>";
echo "</td>\n\t\t</tr>";
@@ -413,7 +413,7 @@
echo "\n\t\t<tr valign=\"top\">"
. "\n\t\t\t<td>Use language:</td>";
- if (mysql_num_rows($result) == 1) // If there's a user associated with this user ID
+ if (mysqli_num_rows($result) == 1) // If there's a user associated with this user ID
echo "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $row["language"] . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>";
else // no user exists with this user ID
echo "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $defaultLanguage . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>";
@@ -596,7 +596,7 @@
echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>User Permissions:</b></td>"
. "\n\t\t\t<td align=\"right\">";
- if ((mysql_num_rows($result) == 1) OR ($userID == 0)) // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in)
+ if ((mysqli_num_rows($result) == 1) OR ($userID == 0)) // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in)
echo "<a href=\"user_options.php?userID=" . $userID . "#permissions\"><img src=\"img/options.gif\" alt=\"" . $loc["permissions"] . "\" title=\"" . $loc["LinkTitle_EditPermissions"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>";
echo "</td>\n\t\t</tr>";
diff --git a/user_validation.php b/user_validation.php
index d71fbdebd27c26b73c39ee75133f88ca4c428d57..a30a33493114260eb109ca2398d2ecea098aabfa 100644
--- a/user_validation.php
+++ b/user_validation.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 16-Apr-02, 10:54
- // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $
- // $Author: msteffens $
- // $Revision: 1337 $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
+ // $Author: karnesky $
+ // $Revision: 1416 $
// This script validates user data entered into the form that is provided by 'user_details.php'.
// If validation succeeds, it INSERTs or UPDATEs a user and redirects to a receipt page;
@@ -203,7 +203,7 @@
// (3) RUN the query on the database through the connection:
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- if (mysql_num_rows($result) == 1) // (4) Interpret query result: Is it taken?
+ if (mysqli_num_rows($result) == 1) // (4) Interpret query result: Is it taken?
$errors["email"] = "A user already exists with this email address as login name.\n\t\t<br>\n\t\tPlease enter a different one:";
}
}
@@ -353,7 +353,7 @@
// (3a) RUN the query on the database through the connection:
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- $row = mysql_fetch_array($result); // (3b) EXTRACT results: fetch the current row into the array $row
+ $row = mysqli_fetch_array($result); // (3b) EXTRACT results: fetch the current row into the array $row
// 1) Mail feedback to user, i.e., send the person who wants to be added as new user a notification email:
$emailRecipient = $formVars["firstName"] . " " . $formVars["lastName"] . " <" . $formVars["email"] . ">";
@@ -448,7 +448,7 @@
elseif ((!isset($_SESSION['loginEmail']) && ($addNewUsers == "everyone") && ($_REQUEST['userID'] == "")) | (isset($_SESSION['loginEmail']) && ($loginEmail == $adminLoginEmail) && ($_REQUEST['userID'] == ""))) // -> perform an insert:
{
// Get the user id that was created
- $userID = @ mysql_insert_id($connection);
+ $userID = @ mysqli_insert_id($connection);
// Use the first two characters of the email as a salt for the password
$salt = substr($formVars["email"], 0, 2);
@@ -477,7 +477,7 @@
// get the 'format_id' for the record entry in table 'formats' whose 'format_name' matches that in '$defaultUserExportFormats' (defined in 'ini.inc.php'):
$query = "SELECT format_id FROM $tableFormats WHERE format_name = " . quote_smart($defaultUserExportFormat) . " AND format_type = 'export'";
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- $row = mysql_fetch_array($result);
+ $row = mysqli_fetch_array($result);
// Insert a row with the found format ID for this new user into the 'user_formats' table:
$queryArray[] = "INSERT INTO $tableUserFormats VALUES (NULL, " . quote_smart($row["format_id"]) . ", " . quote_smart($userID) . ", \"true\")";
@@ -488,7 +488,7 @@
// get the 'format_id' for the record entry in table 'formats' whose 'format_name' matches that in '$defaultUserCiteFormats' (defined in 'ini.inc.php'):
$query = "SELECT format_id FROM $tableFormats WHERE format_name = " . quote_smart($defaultUserCiteFormat) . " AND format_type = 'cite'";
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- $row = mysql_fetch_array($result);
+ $row = mysqli_fetch_array($result);
// Insert a row with the found format ID for this new user into the 'user_formats' table:
$queryArray[] = "INSERT INTO $tableUserFormats VALUES (NULL, " . quote_smart($row["format_id"]) . ", " . quote_smart($userID) . ", \"true\")";
@@ -499,7 +499,7 @@
// get the 'style_id' for the record entry in table 'styles' whose 'style_name' matches that in '$defaultUserStyles' (defined in 'ini.inc.php'):
$query = "SELECT style_id FROM $tableStyles WHERE style_name = " . quote_smart($defaultUserStyle);
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- $row = mysql_fetch_array($result);
+ $row = mysqli_fetch_array($result);
// Insert a row with the found style ID for this new user into the 'user_styles' table:
$queryArray[] = "INSERT INTO $tableUserStyles VALUES (NULL, " . quote_smart($row["style_id"]) . ", " . quote_smart($userID) . ", \"true\")";
@@ -510,7 +510,7 @@
// get the 'type_id' for the record entry in table 'types' whose 'type_name' matches that in '$defaultUserTypes' (defined in 'ini.inc.php'):
$query = "SELECT type_id FROM $tableTypes WHERE type_name = " . quote_smart($defaultUserType);
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
- $row = mysql_fetch_array($result);
+ $row = mysqli_fetch_array($result);
// Insert a row with the found type ID for this new user into the 'user_types' table:
$queryArray[] = "INSERT INTO $tableUserTypes VALUES (NULL, " . quote_smart($row["type_id"]) . ", " . quote_smart($userID) . ", \"true\")";
diff --git a/users.php b/users.php
index b70e4bac44b12f1af4dfb2efaf521ff21432c5eb..ab0f4b6af8259c1d8f80494d5e91c93e60d5a176 100644
--- a/users.php
+++ b/users.php
@@ -12,9 +12,9 @@
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 29-Jun-03, 00:25
- // Modified: $Date: 2016-11-06 01:41:06 +0100 (Sun, 06 Nov 2016) $
+ // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $
// $Author: karnesky $
- // $Revision: 1412 $
+ // $Revision: 1416 $
//
// This script shows the admin a list of all user entries available within the 'users' table.
// User data will be shown in the familiar column view, complete with links to show a user's
@@ -186,7 +186,7 @@
$queryURL = rawurlencode($query); // URL encode SQL query
// First, find out how many rows are available:
- $rowsFound = @ mysql_num_rows($result);
+ $rowsFound = @ mysqli_num_rows($result);
if ($rowsFound > 0) // If there were rows found ...
{
// ... setup variables in order to facilitate "previous" & "next" browsing:
@@ -218,7 +218,7 @@
$nextOffset = $rowOffset + $showRows;
// d) Seek to the current offset
- mysql_data_seek($result, $rowOffset);
+ mysqli_data_seek($result, $rowOffset);
}
else // set variables to zero in order to prevent 'Undefined variable...' messages when nothing was found ('$rowsFound = 0'):
{
@@ -296,7 +296,7 @@
$CounterMax = "0";
// count the number of fields
- $fieldsFound = mysql_num_fields($result);
+ $fieldsFound = mysqli_num_fields($result);
// hide those last columns that were added by the script and not by the user
$fieldsToDisplay = $fieldsFound-(1+$CounterMax); // (1+$CounterMax) -> $CounterMax is increased by 1 in order to hide the user_id column (which was added to make the checkbox work)
@@ -432,7 +432,7 @@
echo "</tr>";
// BEGIN RESULTS DATA COLUMNS --------------
- for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++)
+ for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++)
{
if (is_integer($rowCounter / 2)) // if we currently are at an even number of rows
$rowClass = "even";