From cd59473f559873be6098c493f895fb538a62e389 Mon Sep 17 00:00:00 2001 From: Gerhard Gonter <ggonter@gmail.com> Date: Tue, 25 Apr 2017 14:49:28 +0200 Subject: [PATCH] apply php7 compatibilty patch by Denis Potapov which was applied to the bleeding-edge branch by Rick Karnesky --- AUTHORS | 3 + NEWS | 2 + cite/formats/cite_ascii.php | 8 +- cite/formats/cite_html.php | 8 +- cite/formats/cite_latex.php | 8 +- cite/formats/cite_latex_bbl.php | 6 +- cite/formats/cite_markdown.php | 8 +- cite/formats/cite_pdf.php | 8 +- cite/formats/cite_rtf.php | 8 +- .../mediawiki/include/Refbase.Connector.php | 15 +-- duplicate_modify.php | 8 +- includes/atomxml.inc.php | 6 +- includes/include.inc.php | 108 +++++++++--------- includes/install.inc.php | 20 ++-- includes/modsxml.inc.php | 8 +- includes/oaidcxml.inc.php | 6 +- includes/odfxml.inc.php | 8 +- includes/srwxml.inc.php | 6 +- modify.php | 10 +- queries.php | 10 +- query_manager.php | 8 +- query_modify.php | 12 +- record.php | 8 +- rss.php | 8 +- search.php | 26 ++--- sitemap.php | 8 +- user_details.php | 6 +- user_login.php | 10 +- user_options.php | 6 +- user_options_modify.php | 8 +- user_receipt.php | 14 +-- user_validation.php | 20 ++-- users.php | 12 +- 33 files changed, 201 insertions(+), 209 deletions(-) diff --git a/AUTHORS b/AUTHORS index dcd2589..3f1bd9d 100644 --- a/AUTHORS +++ b/AUTHORS @@ -41,6 +41,9 @@ Thanks to: - Nicholaus Lance Hepler <nhelper@gmail.com>: Patch to retrieve information from PubMed before CrossRef +- Denis Potapov <potapov@exemail.com.au>: + PHP7 compatibility patching + - Yibiao Bai <mountangellib@gmail.com> and Yong Fan, Shanxi Agricultural University Library, China: Chinese localization. diff --git a/NEWS b/NEWS index bfd0781..462b15f 100644 --- a/NEWS +++ b/NEWS @@ -28,6 +28,8 @@ Security: General: +- PHP7 compatibility + - Revise SQL files to meet new requirements of MySQL - Allow logged-in users to search locations diff --git a/cite/formats/cite_ascii.php b/cite/formats/cite_ascii.php index 3bfb234..ef09ae9 100644 --- a/cite/formats/cite_ascii.php +++ b/cite/formats/cite_ascii.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 10-Jun-06, 02:54 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1337 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a // version of the 'citeRecords()' function that outputs a reference list from selected records in plain text format. Plain text output is @@ -94,7 +94,7 @@ // LOOP OVER EACH RECORD: // Fetch one page of results (or less if on the last page) // (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ... - for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { foreach ($row as $rowFieldName => $rowFieldValue) // Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$plainTextSearchReplaceActionsArray': diff --git a/cite/formats/cite_html.php b/cite/formats/cite_html.php index c8b7933..7b03538 100644 --- a/cite/formats/cite_html.php +++ b/cite/formats/cite_html.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 10-Jun-06, 02:30 - // Modified: $Date: 2012-02-29 00:05:42 +0100 (Wed, 29 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1338 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a // version of the 'citeRecords()' function that outputs a reference list from selected records in HTML format. @@ -113,7 +113,7 @@ // LOOP OVER EACH RECORD: // Fetch one page of results (or less if on the last page) // (i.e., upto the limit specified in $showRows) fetch a row into the $row array and ... - for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { $encodedRowData = $row; // we keep '$row' in its original (unencoded) form since unencoded data will be required by function 'linkifyFieldItems()' below diff --git a/cite/formats/cite_latex.php b/cite/formats/cite_latex.php index 29f1eaf..5b6e8a6 100644 --- a/cite/formats/cite_latex.php +++ b/cite/formats/cite_latex.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 10-Jun-06, 02:32 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1337 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a // version of the 'citeRecords()' function that outputs a reference list from selected records in LaTeX format. @@ -130,7 +130,7 @@ // LOOP OVER EACH RECORD: // Fetch one page of results (or less if on the last page) // (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ... - for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { foreach ($row as $rowFieldName => $rowFieldValue) // Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$latexSearchReplaceActionsArray': diff --git a/cite/formats/cite_latex_bbl.php b/cite/formats/cite_latex_bbl.php index 8ebafdf..af67710 100644 --- a/cite/formats/cite_latex_bbl.php +++ b/cite/formats/cite_latex_bbl.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 20-Jul-07, 19:42 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author$ - // $Revision: 1337 $ + // $Revision: 1416 $ // This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a version of // the 'citeRecords()' function that outputs a reference list from selected records in LateX .bbl format, to be used with LaTeX/BibTeX. The .bbl file @@ -182,7 +182,7 @@ // LOOP OVER EACH RECORD: // Fetch one page of results (or less if on the last page) // (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ... - for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { foreach ($row as $rowFieldName => $rowFieldValue) // Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$latexSearchReplaceActionsArray': diff --git a/cite/formats/cite_markdown.php b/cite/formats/cite_markdown.php index 250292a..deee4ab 100644 --- a/cite/formats/cite_markdown.php +++ b/cite/formats/cite_markdown.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 10-Jun-06, 02:58 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1337 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a // version of the 'citeRecords()' function that outputs a reference list from selected records in Markdown format. Markdown is a plain text @@ -92,7 +92,7 @@ // LOOP OVER EACH RECORD: // Fetch one page of results (or less if on the last page) // (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ... - for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { foreach ($row as $rowFieldName => $rowFieldValue) // Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$markdownSearchReplaceActionsArray': diff --git a/cite/formats/cite_pdf.php b/cite/formats/cite_pdf.php index 6602dbf..b743f4a 100644 --- a/cite/formats/cite_pdf.php +++ b/cite/formats/cite_pdf.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 10-Jun-06, 02:04 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1337 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a // version of the 'citeRecords()' function that outputs a reference list from selected records in PDF format. @@ -181,7 +181,7 @@ // LOOP OVER EACH RECORD: // Fetch one page of results (or less if on the last page) // (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ... - for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { foreach ($row as $rowFieldName => $rowFieldValue) // Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$pdfSearchReplaceActionsArray': diff --git a/cite/formats/cite_rtf.php b/cite/formats/cite_rtf.php index 1e2576d..d79f5cf 100644 --- a/cite/formats/cite_rtf.php +++ b/cite/formats/cite_rtf.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 10-Jun-06, 02:04 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1337 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This is a citation format file (which must reside within the 'cite/formats/' sub-directory of your refbase root directory). It contains a // version of the 'citeRecords()' function that outputs a reference list from selected records in RTF format. @@ -113,7 +113,7 @@ // LOOP OVER EACH RECORD: // Fetch one page of results (or less if on the last page) // (i.e., upto the limit specified in $showMaxRows) fetch a row into the $row array and ... - for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showMaxRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { foreach ($row as $rowFieldName => $rowFieldValue) // Apply search & replace 'actions' to all fields that are listed in the 'fields' element of the arrays contained in '$rtfSearchReplaceActionsArray': diff --git a/contrib/mediawiki/include/Refbase.Connector.php b/contrib/mediawiki/include/Refbase.Connector.php index 2404e99..2784fb9 100644 --- a/contrib/mediawiki/include/Refbase.Connector.php +++ b/contrib/mediawiki/include/Refbase.Connector.php @@ -106,26 +106,19 @@ class RefbaseConnector { } elseif ( strtolower( $this->dbAccessMethod ) === 'mysql' ) { - $link = mysql_connect( $this->dbHost, $this->dbUser, - $this->dbPass ) or die("db error"); + $link = mysqli_connect( $this->dbHost, $this->dbUser, $this->dbPass, $this->dbName ) or die("db error"); if ( !$link ) { $outputEntry = wfMessage( 'refbase-error-mysqlconn' )->text(); return false; } - if ( !mysql_select_db( $this->dbName, $link ) ) { - $outputEntry = wfMessage( 'refbase-error-mysqldb' )->text() . - mysql_error(); - return false; - } - - $result = mysql_query( $queryStr ); + $result = mysqli_query($link, $queryStr ); if ( !$result ) { $outputEntry = wfMessage( 'refbase-error-dbquery' )->text() . - mysql_error(); + mysqli_error($link); return false; } - $outputEntry = mysql_fetch_array($result); + $outputEntry = mysqli_fetch_array($result); } if ( !empty( $outputEntry ) ) { diff --git a/duplicate_modify.php b/duplicate_modify.php index 2a10c6e..c309a7c 100644 --- a/duplicate_modify.php +++ b/duplicate_modify.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 27-Jan-07, 23:22 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1337 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This php script will flag records as original and duplicate records. // It then displays the affected records using 'search.php' so that the user @@ -158,7 +158,7 @@ foreach($queryArray as $query) $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - $affectedRows = ($result ? mysql_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred) + $affectedRows = ($result ? mysqli_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred) if ($affectedRows == 0) // no rows were affected by the update { diff --git a/includes/atomxml.inc.php b/includes/atomxml.inc.php index 2f3c33c..7b72920 100644 --- a/includes/atomxml.inc.php +++ b/includes/atomxml.inc.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 09-Jan-08, 00:30 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author$ - // $Revision: 1337 $ + // $Revision: 1416 $ // This include file contains functions that'll export records to OpenSearch Atom XML. // Requires ActiveLink PHP XML Package, which is available under the GPL from: @@ -295,7 +295,7 @@ $exportArray = array(); // array for individually exported records // Generate the export for each record and push them onto an array: - for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { // Export the current record as Atom XML entry: $entry = atomEntry($row, $markupPatternsArray); diff --git a/includes/include.inc.php b/includes/include.inc.php index c66b773..eaf18b0 100644 --- a/includes/include.inc.php +++ b/includes/include.inc.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 16-Apr-02, 10:54 - // Modified: $Date: 2017-02-07 00:25:16 +0100 (Tue, 07 Feb 2017) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1415 $ + // $Revision: 1416 $ // This file contains important // functions that are shared @@ -224,8 +224,8 @@ { // (1) OPEN the database connection: // (variables are set by include file 'db.inc.php'!) - if (!($connection = @ mysql_connect($hostName, $username, $password))) - if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( + if (!($connection = @ mysqli_connect($hostName, $username, $password, $databaseName))) + if (mysqli_errno($connection) != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( showErrorMsg("The following error occurred while trying to connect to the host:"); // Get the MySQL version and save it to a session variable: @@ -243,11 +243,6 @@ queryMySQLDatabase("SET NAMES latin1"); // by default, we establish a 'latin1' connection } - // (3) SELECT the database: - // (variables are set by include file 'db.inc.php'!) - if (!(mysql_select_db($databaseName, $connection))) - if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( - showErrorMsg("The following error occurred while trying to connect to the database:"); } } @@ -262,8 +257,8 @@ global $client; // (3) RUN the query on the database through the connection: - if (!($result = @ mysql_query($query, $connection))) - if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( + if (!($result = @ mysqli_query($connection, $query))) + if (mysqli_errno($connection) != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( { if (isset($client) AND preg_match("/^cli/i", $client)) // if the query originated from a command line client such as the "refbase" CLI client ("cli-refbase-1.0") showErrorMsg("Your query: " . encodeHTML($query) . "\n\ncaused the following error:"); @@ -284,8 +279,8 @@ if (isset($connection)) // (5) CLOSE the database connection: - if (!(mysql_close($connection))) - if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( + if (!(mysqli_close($connection))) + if (mysqli_errno($connection) != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( showErrorMsg("The following error occurred while trying to disconnect from the database:"); } @@ -300,7 +295,7 @@ $result = queryMySQLDatabase($query); // RUN the query on the database through the connection - $row = mysql_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow) + $row = mysqli_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow) $mysqlVersionString = $row[0]; // extract the contents of the first (and only) row (returned version string will be something like "4.0.20-standard" etc.) $mysqlVersion = preg_replace("/^(\d+\.\d+).+/", "\\1", $mysqlVersionString); // extract main version number (e.g. "4.0") from version string @@ -312,13 +307,13 @@ // Get MySQL field info: // (i.e. fetch field (column) information from a given result resource; returns the // field property given in '$propertyName', else an array of all field properties; - // see <http://www.php.net/mysql_fetch_field>) + // see <http://php.net/manual/en/mysqli-result.fetch-field-direct.php>) function getMySQLFieldInfo($result, $fieldOffset, $propertyName = "") { $fieldInfoArray = array(); // Get field (column) metadata: - $fieldInfo = mysql_fetch_field($result, (int)$fieldOffset); // returns an object containing the field information + $fieldInfo = mysqli_fetch_field_direct($result, (int)$fieldOffset); // returns an object containing the field information // Copy object properties to an array: $fieldInfoArray["name"] = $fieldInfo->name; // column name @@ -350,7 +345,7 @@ function seekInMySQLResultsToOffset($result, $rowOffset, $showRows, $displayType, $citeType) { // Find out how many rows are available: - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... { // ... setup variables in order to facilitate "previous" & "next" browsing: @@ -395,7 +390,7 @@ $nextOffset = $rowOffset + $showRows; // d) Seek to the current offset - mysql_data_seek($result, $rowOffset); // move internal result pointer to the row number given in '$rowOffset' + mysqli_data_seek($result, $rowOffset); // move internal result pointer to the row number given in '$rowOffset' } else // set variables to zero in order to prevent 'Undefined variable...' messages when nothing was found ('$rowsFound = 0'): { @@ -420,9 +415,10 @@ function showErrorMsg($headerMsg) { global $client; + global $connection; - $errorNo = mysql_errno(); - $errorMsg = mysql_error(); + $errorNo = mysqli_errno($connection); + $errorMsg = mysqli_error($connection); if (preg_match("/^cli/i", $client)) // if the query originated from a command line client such as the "refbase" CLI client ("cli-refbase-1.0") // note that we also HTML encode the '$errorMsg' for CLI clients since a malicious user could use the client parameter to perform a cross-site scripting (XSS) attack @@ -633,7 +629,7 @@ $query = "SELECT user_id FROM $tableAuth WHERE email = " . quote_smart($emailAddress); $result = queryMySQLDatabase($query); // RUN the query on the database through the connection - $row = mysql_fetch_array($result); + $row = mysqli_fetch_array($result); return($row["user_id"]); } @@ -946,7 +942,7 @@ $result = queryMySQLDatabase($queryRefs); // Get the record id that was created: - $serialNo = @ mysql_insert_id($connection); // find out the unique ID number of the newly created record (Note: this function should be called immediately after the + $serialNo = @ mysqli_insert_id($connection); // find out the unique ID number of the newly created record (Note: this function should be called immediately after the // SQL INSERT statement! After any subsequent query it won't be possible to retrieve the auto_increment identifier value for THIS record!) // ADD USER DATA: @@ -3744,10 +3740,10 @@ EOF; $foundSerialsArray = array(); // initialize array variable (which will hold the serial numbers of all found records) - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... { - while ($row = @ mysql_fetch_array($result)) // for all rows found + while ($row = @ mysqli_fetch_array($result)) // for all rows found { $recordID = $row["record_id"]; // get the serial number of the current record $foundSerialsArray[] = $recordID; // add this record's serial to the array of found serial numbers @@ -3843,10 +3839,10 @@ EOF; $userGroupsArray = array(); // initialize array variable - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... { - while ($row = @ mysql_fetch_array($result)) // for all rows found + while ($row = @ mysqli_fetch_array($result)) // for all rows found { // remove any meaningless delimiter(s) from the beginning or end of a field string: $rowUserGroupsString = trimTextPattern($row["user_groups"], "( *; *)+", true, true); @@ -3901,10 +3897,10 @@ EOF; $userQueriesArray = array(); // initialize array variable - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... { - while ($row = @ mysql_fetch_array($result)) // for all rows found + while ($row = @ mysqli_fetch_array($result)) // for all rows found $userQueriesArray[] = $row["query_name"]; // append this row's query name to the array of found user queries // join array of unique user queries with '; ' as separator: @@ -3936,10 +3932,10 @@ EOF; $userCiteKeysArray = array(); // initialize array variable - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... { - while ($row = @ mysql_fetch_array($result)) // for all rows found + while ($row = @ mysqli_fetch_array($result)) // for all rows found { // If this row's cite key already exists in the global array of found cite keys ('$citeKeysArray'), // we'll uniquify it, otherwise we'll take it as is @@ -4013,9 +4009,9 @@ EOF; $availableFormatsStylesTypesArray = array(); // initialize array variable - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... - while ($row = @ mysql_fetch_array($result)) // for all rows found + while ($row = @ mysqli_fetch_array($result)) // for all rows found $availableFormatsStylesTypesArray[$row[$dataType . "_id"]] = $row[$dataType . "_name"]; // append this row's format/style/type name to the array of found user formats/styles/types return $availableFormatsStylesTypesArray; @@ -4044,9 +4040,9 @@ EOF; $enabledFormatsStylesTypesArray = array(); // initialize array variable - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... - while ($row = @ mysql_fetch_array($result)) // for all rows found + while ($row = @ mysqli_fetch_array($result)) // for all rows found { if ($returnIDsAsValues) // return format/style/type IDs as element values: $enabledFormatsStylesTypesArray[] = $row[$dataType . "_id"]; // append this row's format/style/type ID to the array of found user formats/styles/types @@ -4109,10 +4105,10 @@ EOF; else $sessionVariableName = "user_" . $dataType . "s"; // yields 'user_styles' or 'user_types' - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... { - while ($row = @ mysql_fetch_array($result)) // for all rows found + while ($row = @ mysqli_fetch_array($result)) // for all rows found $userFormatsStylesTypesArray[] = $row[$dataType . "_name"]; // append this row's format/style/type name to the array of found user formats/styles/types // we'll only update the appropriate session variable if either a normal user is logged in -OR- the admin is logged in and views his own user options page @@ -4190,7 +4186,7 @@ EOF; $query = "SELECT style_spec FROM $tableStyles WHERE style_name = " . quote_smart($citeStyle); $result = queryMySQLDatabase($query); // RUN the query on the database through the connection - $row = mysql_fetch_array($result); + $row = mysqli_fetch_array($result); return($row["style_spec"]); } @@ -4209,7 +4205,7 @@ EOF; $query = "SELECT format_spec FROM $tableFormats WHERE format_name = " . quote_smart($formatName) . " AND format_type = " . quote_smart($formatType); $result = queryMySQLDatabase($query); // RUN the query on the database through the connection - $row = mysql_fetch_array($result); + $row = mysqli_fetch_array($result); return($row["format_spec"]); } @@ -4228,7 +4224,7 @@ EOF; $query = "SELECT depends_path FROM $tableDepends WHERE depends_external = " . quote_smart($externalUtilityName); $result = queryMySQLDatabase($query); // RUN the query on the database through the connection - $row = mysql_fetch_array($result); + $row = mysqli_fetch_array($result); return($row["depends_path"]); } @@ -4257,14 +4253,14 @@ EOF; $result = queryMySQLDatabase($query); // RUN the query on the database through the connection - if (mysql_num_rows($result) == 1) // interpret query result: Do we have exactly one row? + if (mysqli_num_rows($result) == 1) // interpret query result: Do we have exactly one row? { $userPermissionsArray = array(); // initialize array variables $userPermissionsFieldNameArray = array(); - $row = mysql_fetch_array($result); // fetch the one row into the array '$row' + $row = mysqli_fetch_array($result); // fetch the one row into the array '$row' - $fieldsFound = mysql_num_fields($result); // count the number of fields + $fieldsFound = mysqli_num_fields($result); // count the number of fields for ($i=0; $i<$fieldsFound; $i++) { @@ -4322,10 +4318,10 @@ EOF; $languagesArray = array(); // initialize array variable - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... { - while ($row = @ mysql_fetch_array($result)) // for all rows found + while ($row = @ mysqli_fetch_array($result)) // for all rows found $languagesArray[] = $row["language_name"]; // append this row's language name to the array of found languages } @@ -4374,9 +4370,9 @@ EOF; $userOptionsArray = array(); // initialize array variable - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound == 1) // Interpret query result: Do we have exactly one row? - $userOptionsArray = @ mysql_fetch_array($result); // fetch the one row into the array '$userOptionsArray' + $userOptionsArray = @ mysqli_fetch_array($result); // fetch the one row into the array '$userOptionsArray' return $userOptionsArray; } @@ -4503,7 +4499,7 @@ EOF; $result = queryMySQLDatabase($query); // RUN the query on the database through the connection - $row = mysql_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow) + $row = mysqli_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow) $numberOfRecords = $row[0]; // extract the contents of the first (and only) row return $numberOfRecords; @@ -4594,7 +4590,7 @@ EOF; $result = queryMySQLDatabase($query); // RUN the query on the database through the connection - $row = mysql_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow) + $row = mysqli_fetch_row($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow) $lastModifiedDateTime = $row[0] . " " . $row[1]; return $lastModifiedDateTime; @@ -4982,7 +4978,7 @@ EOF; $i = 0; $resultBuffer = array(); - while ($row = @ mysql_fetch_array($resultId)) + while ($row = @ mysqli_fetch_array($resultId)) { if ($SplitValues) // if desired, split field contents into substrings { @@ -5097,10 +5093,10 @@ EOF; $fieldContentsArray = array(); // initialize array variable - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... { - while ($row = @ mysql_fetch_array($result)) // for all rows found + while ($row = @ mysqli_fetch_array($result)) // for all rows found $fieldContentsArray[] = $row[$columnName]; // append this row's field value to the array of extracted field values } @@ -6036,13 +6032,15 @@ EOF; // -------------------------------------------------------------------- - // this function uses 'mysql_real_escape_string()' to: + // this function uses 'mysqli_real_escape_string()' to: // - prepend backslashes to \, ', " // - replace the characters \x00, \n, \r, and \x1a with a MySQL acceptable representation // for queries (e.g., the newline character is replaced with the litteral string '\n') function escapeSQL($sourceString) { - $sourceString = mysql_real_escape_string($sourceString); + + global $connection; + $sourceString = mysqli_real_escape_string($connection, $sourceString); return $sourceString; } @@ -6416,7 +6414,7 @@ EOF; . "\n\t\t</image>"; // fetch results: upto the limit specified in '$showRows', fetch a row into the '$row' array and write out a RSS item: - for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { $origTitle = $row['title']; // save the original title contents before applying any search & replace actions @@ -6502,7 +6500,7 @@ EOF; $fieldValuesArray = array(); // initialize array variable which will hold the splitted sub-items // split field values on the given delimiter: - for ($i=0; $row = @ mysql_fetch_array($result); $i++) + for ($i=0; $row = @ mysqli_fetch_array($result); $i++) { $fieldSubValuesArray = preg_split($delim, $row[$fieldName]); // split field contents on '$delim' (which is interpreted as perl-style regular expression!) foreach ($fieldSubValuesArray as $fieldSubValue) diff --git a/includes/install.inc.php b/includes/install.inc.php index d719ed8..4629af3 100644 --- a/includes/install.inc.php +++ b/includes/install.inc.php @@ -13,9 +13,9 @@ // Matthias Steffens <mailto:refbase@extracts.de> // // Created: 16-Aug-06, 18:00 - // Modified: $Date: 2008-04-15 13:31:50 +0200 (Tue, 15 Apr 2008) $ - // $Author: msteffens $ - // $Revision: 1082 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This file contains functions // that are used when installing @@ -65,14 +65,10 @@ // Establish a *new* connection that has admin permissions // (1) OPEN the database connection: - if (!($connection = @ mysql_connect($hostName, $adminUserName, $adminPassword))) - if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( + if (!($connection = @ mysqli_connect($hostName, $adminUserName, $adminPassword, $databaseName))) + if (mysqli_errno($connection) != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( showErrorMsg("The following error occurred while trying to connect to the host:", ""); - // (2) SELECT the database: - if (!(mysql_select_db($databaseName, $connection))) - if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( - showErrorMsg("The following error occurred while trying to connect to the database:", ""); } // -------------------------------------------------------------------- @@ -104,7 +100,7 @@ $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound == 0) { $query = "INSERT INTO " . $table . " VALUES " . $values; @@ -133,7 +129,7 @@ $queryFields = "SHOW FIELDS FROM " . $table; $result = queryMySQLDatabase($queryFields); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - while ($row = @ mysql_fetch_array($result)) // for all fields found, check if any of their names matches the field name that we want to add + while ($row = @ mysqli_fetch_array($result)) // for all fields found, check if any of their names matches the field name that we want to add if ($row["Field"] == $column) $present = true; @@ -165,7 +161,7 @@ $queryFields = "SHOW TABLES"; $result = queryMySQLDatabase($queryFields); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - while ($row = @ mysql_fetch_array($result)) // for all tables found, check if any of their names matches the table name that we want to add + while ($row = @ mysqli_fetch_array($result)) // for all tables found, check if any of their names matches the table name that we want to add if ($row[0] == $table) $present = true; diff --git a/includes/modsxml.inc.php b/includes/modsxml.inc.php index 9c0adbd..30dc7d7 100644 --- a/includes/modsxml.inc.php +++ b/includes/modsxml.inc.php @@ -12,9 +12,9 @@ // Author(s): Richard Karnesky <mailto:karnesky@gmail.com> // // Created: 02-Oct-04, 12:00 - // Modified: $Date: 2012-02-29 00:56:52 +0100 (Wed, 29 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1347 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This include file contains functions that'll export records to MODS XML. // Requires ActiveLink PHP XML Package, which is available under the GPL from: @@ -198,7 +198,7 @@ ); // Generate the export for each record and push them onto an array: - while ($row = @ mysql_fetch_array($result)) { + while ($row = @ mysqli_fetch_array($result)) { // Export the current record as MODS XML $record = modsRecord($row); diff --git a/includes/oaidcxml.inc.php b/includes/oaidcxml.inc.php index 8ce6299..918eb4c 100644 --- a/includes/oaidcxml.inc.php +++ b/includes/oaidcxml.inc.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 05-Mar-08, 21:52 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author$ - // $Revision: 1337 $ + // $Revision: 1416 $ // This include file contains functions that'll export records to OAI_DC XML. // Requires ActiveLink PHP XML Package, which is available under the GPL from: @@ -69,7 +69,7 @@ $citeKeysArray = array(); // array of cite keys (used to ensure uniqueness of cite keys among all exported records) // Generate the export for each record and push them onto an array: - while ($row = @ mysql_fetch_array($result)) + while ($row = @ mysqli_fetch_array($result)) { // Export the current record as OAI_DC XML: $record = oaidcRecord($row, "oai_dc"); diff --git a/includes/odfxml.inc.php b/includes/odfxml.inc.php index 4713866..509dfa6 100644 --- a/includes/odfxml.inc.php +++ b/includes/odfxml.inc.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 01-Jun-06, 12:49 - // Modified: $Date: 2008-08-19 22:00:40 +0200 (Tue, 19 Aug 2008) $ - // $Author: msteffens $ - // $Revision: 1205 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This include file contains functions that'll export records to ODF XML // in spreadsheet format ('.ods'). @@ -155,7 +155,7 @@ list($universalSearchReplaceActionsArray, $fieldSpecificSearchReplaceActionsArray, $odfIndexesToRefbaseFieldsArray, $referenceTypesToRefbaseTypesArray) = initializeArrays(); // Generate the export for each record and push them onto an array: - while ($row = @ mysql_fetch_array($result)) + while ($row = @ mysqli_fetch_array($result)) { // Parse the current record into an array of field data that shall be exported to ODF: $recordExportArray = parseRecord($row, $odfIndexesToRefbaseFieldsArray, $referenceTypesToRefbaseTypesArray, $universalSearchReplaceActionsArray, $fieldSpecificSearchReplaceActionsArray); diff --git a/includes/srwxml.inc.php b/includes/srwxml.inc.php index 31d16d9..91cd8f0 100644 --- a/includes/srwxml.inc.php +++ b/includes/srwxml.inc.php @@ -13,9 +13,9 @@ // Richard Karnesky <mailto:karnesky@gmail.com> // // Created: 17-May-05, 16:38 - // Modified: $Date: 2013-09-27 23:45:07 +0200 (Fri, 27 Sep 2013) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1382 $ + // $Revision: 1416 $ // This include file contains functions that'll export records to SRW XML. // Requires ActiveLink PHP XML Package, which is available under the GPL from: @@ -86,7 +86,7 @@ $exportArray = array(); // Array for individually exported records // Generate the export for each record and push them onto an array: - for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { if (preg_match("/DC/i", $exportFormat)) // export the current record as DC XML (i.e. simple Dublin Core): $record = oaidcRecord($row, "srw_dc"); // function 'oaidcRecord()' is defined in 'oaidcxml.inc.php' diff --git a/modify.php b/modify.php index 4022538..e8fc725 100644 --- a/modify.php +++ b/modify.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 18-Dec-02, 23:08 - // Modified: $Date: 2015-01-08 01:37:58 +0100 (Thu, 08 Jan 2015) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1401 $ + // $Revision: 1416 $ // This php script will perform adding, editing & deleting of records. // It then calls 'receipt.php' which displays links to the modified/added record @@ -452,7 +452,7 @@ $queryFile = "SELECT file FROM $tableRefs WHERE serial = " . quote_smart($serialNo); $result = queryMySQLDatabase($queryFile); // RUN the query on the database through the connection - $row = @ mysql_fetch_array($result); + $row = @ mysqli_fetch_array($result); $fileName = $row["file"]; } @@ -951,7 +951,7 @@ // (3) RUN the query on the database through the connection: $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - if (mysql_num_rows($result) == 1) // if there's already an existing user_data entry, we perform an UPDATE action: + if (mysqli_num_rows($result) == 1) // if there's already an existing user_data entry, we perform an UPDATE action: $queryUserData = "UPDATE $tableUserData SET " . "marked = " . quote_smart($markedRadio) . ", " . "copy = " . quote_smart($copyName) . ", " @@ -1138,7 +1138,7 @@ $result = queryMySQLDatabase($queryRefs); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' // Get the record id that was created - $serialNo = @ mysql_insert_id($connection); // find out the unique ID number of the newly created record (Note: this function should be called immediately after the + $serialNo = @ mysqli_insert_id($connection); // find out the unique ID number of the newly created record (Note: this function should be called immediately after the // SQL INSERT statement! After any subsequent query it won't be possible to retrieve the auto_increment identifier value for THIS record!) $formVars['serialNo'] = $serialNo; // for '$recordAction = "add"' we update the original '$formVars' array element to ensure a correct serial number when generating the file name via the 'parsePlaceholderString()' function diff --git a/queries.php b/queries.php index 5e6e649..9b083e2 100644 --- a/queries.php +++ b/queries.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 16-May-04, 22:03 - // Modified: $Date: 2008-08-19 18:57:47 +0200 (Tue, 19 Aug 2008) $ - // $Author: msteffens $ - // $Revision: 1195 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This script takes a user query name (which was passed to the script by use of the 'Recall My Query' form on the main page 'index.php') // and extracts all saved settings for this particular query from the 'queries' MySQL table. It will then build an appropriate query URL @@ -73,10 +73,10 @@ $result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php') - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound == 1) // if there was exactly one row found (normally, this should be the case) ... { - $row = mysql_fetch_array($result); + $row = mysqli_fetch_array($result); // redirect the browser to 'query_manager.php': if (encodeHTML($submitAction) == $loc["ButtonTitle_Edit"]) // note that we need to HTML encode '$submitAction' for comparison with the HTML encoded locales (function 'encodeHTML()' is defined in 'include.inc.php') diff --git a/query_manager.php b/query_manager.php index 840168e..f06b264 100644 --- a/query_manager.php +++ b/query_manager.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 04-Feb-04, 22:29 - // Modified: $Date: 2015-01-08 02:05:44 +0100 (Thu, 08 Jan 2015) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1402 $ + // $Revision: 1416 $ // This script enables you to manage your custom queries. // It offers a form to save the current query or update/delete any of your saved queries. @@ -174,10 +174,10 @@ // (3a) RUN the query on the database through the connection: $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - if (@ mysql_num_rows($result) == 1) // this condition is added here to avoid the case that editing a query item which got deleted in the meantime invokes a seemingly correct but empty 'edit query' form + if (@ mysqli_num_rows($result) == 1) // this condition is added here to avoid the case that editing a query item which got deleted in the meantime invokes a seemingly correct but empty 'edit query' form { // (3b) EXTRACT results: - $row = mysql_fetch_array($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow) + $row = mysqli_fetch_array($result); // fetch the current row into the array $row (it'll be always *one* row, but anyhow) // check whether the user tries to edit a query that does not belong to his own set of saved queries: if ($row['user_id'] != getUserID($loginEmail)) // the function 'getUserID' and the '$loginEmail' variable are specified in 'include.inc.php' diff --git a/query_modify.php b/query_modify.php index e9c72cd..cbdd238 100644 --- a/query_modify.php +++ b/query_modify.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 23-May-04, 20:42 - // Modified: $Date: 2012-02-29 01:45:52 +0100 (Wed, 29 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1358 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This php script will perform adding, editing & deleting of user queries. // It then relocates back to the main page ('index.php') so that the user @@ -176,7 +176,7 @@ $result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php') - if (@ mysql_num_rows($result) > 0) // if there's already a saved query (belonging to this user) with exactly the same name + if (@ mysqli_num_rows($result) > 0) // if there's already a saved query (belonging to this user) with exactly the same name $errors["queryName"] = "You've got already a query with that name!<br>Please choose a different name:"; // the user's query name must be unique (since the query popup of the 'Recall My Query' form on the main page uses the query's name to recall a particular query) // note that we could allow for duplicate query names if the query popup on the main page would work with query IDs instead. However, from an interface design perspective, duplicate query names shouldn't be allowed anyhow. So we simply don't permit them. } @@ -261,7 +261,7 @@ if (preg_match("/^(edit|delet)$/", $queryAction)) { - $affectedRows = ($result ? mysql_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred) + $affectedRows = ($result ? mysqli_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred) if ($affectedRows == 0) // no rows were affected by the update, i.e., the query must have been deleted in the meantime! // NOTE: Previously, we did return "Warning_SavedQueryDoesNotExistAnymore": "This saved query does not exist anymore". @@ -283,7 +283,7 @@ } elseif ($queryAction == "add") // Get the query id that was created: - $queryID = @ mysql_insert_id($connection); // find out the unique ID number of the newly created query (Note: this function should be called immediately after the + $queryID = @ mysqli_insert_id($connection); // find out the unique ID number of the newly created query (Note: this function should be called immediately after the // SQL INSERT statement! After any subsequent query it won't be possible to retrieve the auto_increment identifier value for THIS record!) // update the 'userQueries' session variable: diff --git a/record.php b/record.php index 72479cb..454ce6c 100644 --- a/record.php +++ b/record.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 29-Jul-02, 16:39 - // Modified: $Date: 2015-02-16 21:53:19 +0100 (Mon, 16 Feb 2015) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1405 $ + // $Revision: 1416 $ // Form that offers to add // records or edit/delete @@ -305,10 +305,10 @@ // (3a) RUN the query on the database through the connection: $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - if (@ mysql_num_rows($result) == 1) // this condition is added here to avoid the case that clicking on a search result item which got deleted in the meantime invokes a seemingly correct but empty 'edit record' search form + if (@ mysqli_num_rows($result) == 1) // this condition is added here to avoid the case that clicking on a search result item which got deleted in the meantime invokes a seemingly correct but empty 'edit record' search form { // (3b) EXTRACT results: - $row = mysql_fetch_array($result); //fetch the current row into the array $row (it'll be always *one* row, but anyhow) + $row = mysqli_fetch_array($result); //fetch the current row into the array $row (it'll be always *one* row, but anyhow) // fetch attributes of the current record into variables: $authorName = encodeHTML($row['author']); diff --git a/rss.php b/rss.php index 79ec467..f04e1c4 100644 --- a/rss.php +++ b/rss.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 25-Sep-04, 12:10 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1337 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This script will generate a dynamic RSS feed for the current query. // Usage: Perform your query until you've got the desired results. Then, copy the "RSS" link in the header @@ -123,7 +123,7 @@ $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' // find out how many rows are available: - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); // construct a meaningful channel description based on the specified 'WHERE' clause: $rssChannelDescription = "Displays all newly added records where " . explainSQLQuery($sanitizedWhereClause) . "."; // function 'explainSQLQuery()' is defined in 'include.inc.php' diff --git a/search.php b/search.php index 5f0caf9..a398230 100644 --- a/search.php +++ b/search.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 30-Jul-02, 17:40 - // Modified: $Date: 2016-11-06 00:10:01 +0100 (Sun, 06 Nov 2016) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1407 $ + // $Revision: 1416 $ // This is the main script that handles the search query and displays the query results. // Supports three different output styles: 1) List view, with fully configurable columns -> displayColumns() function @@ -579,7 +579,7 @@ if (($displayType == "Export")) { // Find out how many rows are available: - $rowsFound = @ mysql_num_rows($result); // for all other display types, the '$rowsFound' variable is set within function 'seekInMySQLResultsToOffset()' (see below) + $rowsFound = @ mysqli_num_rows($result); // for all other display types, the '$rowsFound' variable is set within function 'seekInMySQLResultsToOffset()' (see below) if ($rowsFound > 0) // If there were rows found ... { generateExport($result, $rowOffset, $showRows, $exportFormat, $exportType, $exportStylesheet, $displayType, $viewType, $userID); // export records using the export format specified in '$exportFormat' @@ -612,7 +612,7 @@ $queryURL = rawurlencode($query); // URL encode SQL query if (!preg_match("/^SELECT/i", $query)) // for queries other than SELECT queries (e.g. UPDATE, DELETE or INSERT queries that were executed by the admin via use of 'sql_search.php') - $affectedRows = ($result ? mysql_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred) + $affectedRows = ($result ? mysqli_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred) // If the previous query (which is stored in the 'oldQuery' session variable) is different // from the current query, we append it to the 'queryHistory' session variable: @@ -900,7 +900,7 @@ $CounterMax = 0; // Otherwise don't hide any columns // count the number of fields - $fieldsFound = mysql_num_fields($result); + $fieldsFound = mysqli_num_fields($result); if ($displayType != "Browse") { // hide those last columns that were added by the script and not by the user @@ -1066,7 +1066,7 @@ // BEGIN RESULTS DATA COLUMNS -------------- // Fetch one page of results (or less if on the last page) // (i.e., upto the limit specified in $showRows) fetch a row into the $row array and ... - for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { if (is_integer($rowCounter / 2)) // if we currently are at an even number of rows $rowClass = "even"; @@ -1283,7 +1283,7 @@ $CounterMax = ($CounterMax + 1); // ...we'll also need to hide the 'related' column (which isn't displayed in Details view but is only used to generate a link to related records) // count the number of fields - $fieldsFound = mysql_num_fields($result); + $fieldsFound = mysqli_num_fields($result); // hide those last columns that were added by the script and not by the user $fieldsToDisplay = $fieldsFound-(2+$CounterMax+$addCounterMax); // (2+$CounterMax) -> $CounterMax is increased by 2 in order to hide the 'orig_record' & 'serial' columns (which were added to make checkboxes & dup warning work) // $addCounterMax is set to 1 when the field given in '$fileVisibilityException[0]' (defined in 'ini.inc.php') was added to the query, otherwise '$addCounterMax = 0' @@ -1443,7 +1443,7 @@ // BEGIN RESULTS DATA COLUMNS -------------- // Fetch one page of results (or less if on the last page) // (i.e., upto the limit specified in $showRows) fetch a row into the $row array and ... - for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { // ... print out each of the attributes // in that row as a separate TR (Table Row) @@ -2366,16 +2366,16 @@ $recordSerialsArray = array(); $duplicateRecordSerialsArray = array(); - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); // Identify any records with matching field data: if ($rowsFound > 0) // if there were rows found ... { // Count the number of fields: - $fieldsFound = mysql_num_fields($result); + $fieldsFound = mysqli_num_fields($result); // Loop over each row in the result set: - for ($rowCounter=0; $row = @ mysql_fetch_array($result); $rowCounter++) + for ($rowCounter=0; $row = @ mysqli_fetch_array($result); $rowCounter++) { $recordIdentifier = ""; // make sure our buffer variable is empty @@ -5155,10 +5155,10 @@ // Check whether the extracted serial numbers and cite keys exist in the database: $result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php') - if (@ mysql_num_rows($result) > 0) // if there were rows found ... + if (@ mysqli_num_rows($result) > 0) // if there were rows found ... { // Loop over each row in the result set: - for ($rowCounter=0; $row = @ mysql_fetch_array($result); $rowCounter++) + for ($rowCounter=0; $row = @ mysqli_fetch_array($result); $rowCounter++) { if (!in_array($row["serial"], $foundRecordSerialsKeysArray) OR (!empty($row["cite_key"]) AND !in_array($row["cite_key"], $foundRecordSerialsKeysArray))) // if this record identifier hasn't been seen yet { diff --git a/sitemap.php b/sitemap.php index 7b3b1b3..249f59c 100644 --- a/sitemap.php +++ b/sitemap.php @@ -12,9 +12,9 @@ // Author(s): Richard Karnesky <mailto:rkarnesky@gmail.com> // // Created: 17-May-08, 15:50 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1337 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // Create a sitemap for better indexing by search engines. // <http://www.sitemaps.org/> @@ -66,7 +66,7 @@ // (3) RUN the query on the database through the connection: $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { + while ($row = mysqli_fetch_array($result, MYSQL_ASSOC)) { echo " <url>\n"; echo " <loc>".$databaseBaseURL."show.php?record=".$row['serial']."</loc>\n"; if (!empty($row['modified_date'])) { diff --git a/user_details.php b/user_details.php index d775e9d..e3324e1 100644 --- a/user_details.php +++ b/user_details.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 16-Apr-02, 10:55 - // Modified: $Date: 2015-02-16 21:53:19 +0100 (Mon, 16 Feb 2015) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1405 $ + // $Revision: 1416 $ // This script shows the user a user <form>. It can be used both for INSERTing a new user and for UPDATE-ing an existing user. // If the user is logged in, then it is an UPDATE; otherwise, an INSERT. The script also shows error messages above widgets that @@ -170,7 +170,7 @@ $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' // (3b) EXTRACT results: - $row = mysql_fetch_array($result); //fetch the current row into the array $row + $row = mysqli_fetch_array($result); //fetch the current row into the array $row // If the admin is logged in AND the displayed user data are NOT his own, we overwrite the default header message: // (Since the admin is allowed to view and edit account data from other users, we have to provide a dynamic header message in that case) diff --git a/user_login.php b/user_login.php index d7dd58f..395ed16 100644 --- a/user_login.php +++ b/user_login.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 05-Jan-03, 23:20 - // Modified: $Date: 2015-02-16 21:53:19 +0100 (Mon, 16 Feb 2015) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1405 $ + // $Revision: 1416 $ // This script manages the login process. It should only be called when the user is not logged in. // If the user is logged in, it will redirect back to the calling page. @@ -121,10 +121,10 @@ $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' // (4) EXTRACT results: - if (mysql_num_rows($result) == 1) // Interpret query result: Do we have exactly one row? + if (mysqli_num_rows($result) == 1) // Interpret query result: Do we have exactly one row? { $foundUser = true; // then we have found the user - $row = mysql_fetch_array($result); // fetch the one row into the array '$row' + $row = mysqli_fetch_array($result); // fetch the one row into the array '$row' } else $foundUser = false; @@ -146,7 +146,7 @@ // Now we need to get the user's first name and last name (e.g., in order to display them within the login welcome message) $query = "SELECT user_id, first_name, last_name, abbrev_institution, language, last_login FROM $tableUsers WHERE user_id = " . quote_smart($userID); // CONSTRUCT SQL QUERY $result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php') - $row2 = mysql_fetch_array($result); // EXTRACT results: fetch the one row into the array '$row2' + $row2 = mysqli_fetch_array($result); // EXTRACT results: fetch the one row into the array '$row2' // Save the fetched user details to the session file: diff --git a/user_options.php b/user_options.php index f3a441e..c1516b7 100644 --- a/user_options.php +++ b/user_options.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 24-Oct-04, 19:31 - // Modified: $Date: 2015-02-16 21:53:19 +0100 (Mon, 16 Feb 2015) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1405 $ + // $Revision: 1416 $ // This script provides options which are individual for each user. // @@ -170,7 +170,7 @@ $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' // (3b) EXTRACT results: - $row = mysql_fetch_array($result); // fetch the current row into the array $row + $row = mysqli_fetch_array($result); // fetch the current row into the array $row // If the admin is logged in AND the displayed user data are NOT his own, we overwrite the default header message: // (Since the admin is allowed to view and edit account data from other users, we have to provide a dynamic header message in that case) diff --git a/user_options_modify.php b/user_options_modify.php index 81f3aa5..3ceaff6 100644 --- a/user_options_modify.php +++ b/user_options_modify.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 26-Oct-04, 20:57 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1337 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This script validates user options selected within the form provided by 'user_options.php'. // If validation succeeds, it UPDATEs the corresponding table fields for that user and redirects to a receipt page; @@ -405,7 +405,7 @@ // RUN the query on the database through the connection: $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - if (mysql_num_rows($result) == 1) // if there's already an existing user_data entry, we perform an UPDATE action: + if (mysqli_num_rows($result) == 1) // if there's already an existing user_data entry, we perform an UPDATE action: $queryArray[] = "UPDATE $tableUserOptions SET " . "export_cite_keys = " . quote_smart($formVars["export_cite_keys"]) . ", autogenerate_cite_keys = " . quote_smart($formVars["autogenerate_cite_keys"]) diff --git a/user_receipt.php b/user_receipt.php index 86f2cc0..e53b9ce 100644 --- a/user_receipt.php +++ b/user_receipt.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 16-Apr-02, 10:54 - // Modified: $Date: 2015-02-16 21:53:19 +0100 (Mon, 16 Feb 2015) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1405 $ + // $Revision: 1416 $ // This script shows the user a receipt for their user UPDATE or INSERT. // It carries out no database actions and can be bookmarked. @@ -238,7 +238,7 @@ $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' // (4) EXTRACT results (since 'user_id' is the unique primary key for the 'users' table, there will be only one matching row) - $row = @ mysql_fetch_array($result); + $row = @ mysqli_fetch_array($result); // Build the correct header message: if (!isset($_SESSION['HeaderString'])) // if there's no saved message @@ -294,7 +294,7 @@ echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>Account Details:</b></td>"; - if (mysql_num_rows($result) == 1) // If there's a user associated with this user ID + if (mysqli_num_rows($result) == 1) // If there's a user associated with this user ID { // Add edit/delete button: echo "\n\t\t\t<td align=\"left\">"; @@ -404,7 +404,7 @@ echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>Display Options:</b></td>" . "\n\t\t\t<td align=\"right\">"; - if ((mysql_num_rows($result) == 1) OR ($userID == 0)) // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in) + if ((mysqli_num_rows($result) == 1) OR ($userID == 0)) // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in) echo "<a href=\"user_options.php?userID=" . $userID . "\"><img src=\"img/options.gif\" alt=\"" . $loc["options"] . "\" title=\"" . $loc["LinkTitle_EditOptions"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>"; echo "</td>\n\t\t</tr>"; @@ -413,7 +413,7 @@ echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Use language:</td>"; - if (mysql_num_rows($result) == 1) // If there's a user associated with this user ID + if (mysqli_num_rows($result) == 1) // If there's a user associated with this user ID echo "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $row["language"] . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>"; else // no user exists with this user ID echo "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $defaultLanguage . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>"; @@ -596,7 +596,7 @@ echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>User Permissions:</b></td>" . "\n\t\t\t<td align=\"right\">"; - if ((mysql_num_rows($result) == 1) OR ($userID == 0)) // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in) + if ((mysqli_num_rows($result) == 1) OR ($userID == 0)) // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in) echo "<a href=\"user_options.php?userID=" . $userID . "#permissions\"><img src=\"img/options.gif\" alt=\"" . $loc["permissions"] . "\" title=\"" . $loc["LinkTitle_EditPermissions"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>"; echo "</td>\n\t\t</tr>"; diff --git a/user_validation.php b/user_validation.php index d71fbde..a30a334 100644 --- a/user_validation.php +++ b/user_validation.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 16-Apr-02, 10:54 - // Modified: $Date: 2012-02-27 21:25:30 +0100 (Mon, 27 Feb 2012) $ - // $Author: msteffens $ - // $Revision: 1337 $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ + // $Author: karnesky $ + // $Revision: 1416 $ // This script validates user data entered into the form that is provided by 'user_details.php'. // If validation succeeds, it INSERTs or UPDATEs a user and redirects to a receipt page; @@ -203,7 +203,7 @@ // (3) RUN the query on the database through the connection: $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - if (mysql_num_rows($result) == 1) // (4) Interpret query result: Is it taken? + if (mysqli_num_rows($result) == 1) // (4) Interpret query result: Is it taken? $errors["email"] = "A user already exists with this email address as login name.\n\t\t<br>\n\t\tPlease enter a different one:"; } } @@ -353,7 +353,7 @@ // (3a) RUN the query on the database through the connection: $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - $row = mysql_fetch_array($result); // (3b) EXTRACT results: fetch the current row into the array $row + $row = mysqli_fetch_array($result); // (3b) EXTRACT results: fetch the current row into the array $row // 1) Mail feedback to user, i.e., send the person who wants to be added as new user a notification email: $emailRecipient = $formVars["firstName"] . " " . $formVars["lastName"] . " <" . $formVars["email"] . ">"; @@ -448,7 +448,7 @@ elseif ((!isset($_SESSION['loginEmail']) && ($addNewUsers == "everyone") && ($_REQUEST['userID'] == "")) | (isset($_SESSION['loginEmail']) && ($loginEmail == $adminLoginEmail) && ($_REQUEST['userID'] == ""))) // -> perform an insert: { // Get the user id that was created - $userID = @ mysql_insert_id($connection); + $userID = @ mysqli_insert_id($connection); // Use the first two characters of the email as a salt for the password $salt = substr($formVars["email"], 0, 2); @@ -477,7 +477,7 @@ // get the 'format_id' for the record entry in table 'formats' whose 'format_name' matches that in '$defaultUserExportFormats' (defined in 'ini.inc.php'): $query = "SELECT format_id FROM $tableFormats WHERE format_name = " . quote_smart($defaultUserExportFormat) . " AND format_type = 'export'"; $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - $row = mysql_fetch_array($result); + $row = mysqli_fetch_array($result); // Insert a row with the found format ID for this new user into the 'user_formats' table: $queryArray[] = "INSERT INTO $tableUserFormats VALUES (NULL, " . quote_smart($row["format_id"]) . ", " . quote_smart($userID) . ", \"true\")"; @@ -488,7 +488,7 @@ // get the 'format_id' for the record entry in table 'formats' whose 'format_name' matches that in '$defaultUserCiteFormats' (defined in 'ini.inc.php'): $query = "SELECT format_id FROM $tableFormats WHERE format_name = " . quote_smart($defaultUserCiteFormat) . " AND format_type = 'cite'"; $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - $row = mysql_fetch_array($result); + $row = mysqli_fetch_array($result); // Insert a row with the found format ID for this new user into the 'user_formats' table: $queryArray[] = "INSERT INTO $tableUserFormats VALUES (NULL, " . quote_smart($row["format_id"]) . ", " . quote_smart($userID) . ", \"true\")"; @@ -499,7 +499,7 @@ // get the 'style_id' for the record entry in table 'styles' whose 'style_name' matches that in '$defaultUserStyles' (defined in 'ini.inc.php'): $query = "SELECT style_id FROM $tableStyles WHERE style_name = " . quote_smart($defaultUserStyle); $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - $row = mysql_fetch_array($result); + $row = mysqli_fetch_array($result); // Insert a row with the found style ID for this new user into the 'user_styles' table: $queryArray[] = "INSERT INTO $tableUserStyles VALUES (NULL, " . quote_smart($row["style_id"]) . ", " . quote_smart($userID) . ", \"true\")"; @@ -510,7 +510,7 @@ // get the 'type_id' for the record entry in table 'types' whose 'type_name' matches that in '$defaultUserTypes' (defined in 'ini.inc.php'): $query = "SELECT type_id FROM $tableTypes WHERE type_name = " . quote_smart($defaultUserType); $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' - $row = mysql_fetch_array($result); + $row = mysqli_fetch_array($result); // Insert a row with the found type ID for this new user into the 'user_types' table: $queryArray[] = "INSERT INTO $tableUserTypes VALUES (NULL, " . quote_smart($row["type_id"]) . ", " . quote_smart($userID) . ", \"true\")"; diff --git a/users.php b/users.php index b70e4ba..ab0f4b6 100644 --- a/users.php +++ b/users.php @@ -12,9 +12,9 @@ // Author(s): Matthias Steffens <mailto:refbase@extracts.de> // // Created: 29-Jun-03, 00:25 - // Modified: $Date: 2016-11-06 01:41:06 +0100 (Sun, 06 Nov 2016) $ + // Modified: $Date: 2017-04-13 04:00:18 +0200 (Thu, 13 Apr 2017) $ // $Author: karnesky $ - // $Revision: 1412 $ + // $Revision: 1416 $ // // This script shows the admin a list of all user entries available within the 'users' table. // User data will be shown in the familiar column view, complete with links to show a user's @@ -186,7 +186,7 @@ $queryURL = rawurlencode($query); // URL encode SQL query // First, find out how many rows are available: - $rowsFound = @ mysql_num_rows($result); + $rowsFound = @ mysqli_num_rows($result); if ($rowsFound > 0) // If there were rows found ... { // ... setup variables in order to facilitate "previous" & "next" browsing: @@ -218,7 +218,7 @@ $nextOffset = $rowOffset + $showRows; // d) Seek to the current offset - mysql_data_seek($result, $rowOffset); + mysqli_data_seek($result, $rowOffset); } else // set variables to zero in order to prevent 'Undefined variable...' messages when nothing was found ('$rowsFound = 0'): { @@ -296,7 +296,7 @@ $CounterMax = "0"; // count the number of fields - $fieldsFound = mysql_num_fields($result); + $fieldsFound = mysqli_num_fields($result); // hide those last columns that were added by the script and not by the user $fieldsToDisplay = $fieldsFound-(1+$CounterMax); // (1+$CounterMax) -> $CounterMax is increased by 1 in order to hide the user_id column (which was added to make the checkbox work) @@ -432,7 +432,7 @@ echo "</tr>"; // BEGIN RESULTS DATA COLUMNS -------------- - for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysql_fetch_array($result))); $rowCounter++) + for ($rowCounter=0; (($rowCounter < $showRows) && ($row = @ mysqli_fetch_array($result))); $rowCounter++) { if (is_integer($rowCounter / 2)) // if we currently are at an even number of rows $rowClass = "even"; -- GitLab