Problems of PHP 5.30 above for old coding style

because eregi is not recommended after php 5, you can replaced it with stristr if just for simple search.

For editors with regular express function:
eregi\(([^,]*),([^)]*)\)
stristr(\2,\1)
I use this in my app_config.php file to sanitize each request:

<?php
// app_config.php

/**
* SANITIZE REQUEST
*/

function sanitize_request($methods, $array)
{
// methods: trim ; addslashes ; stripslashes ; etc...
// array : $_GET ; $_POST ; etc...

foreach ($methods as $function) {
$array = array_map($function, $array);
}
return $array;
}

if ( ! get_magic_quotes_gpc() )
{
$methods = array('trim', 'addslashes');
$_GET = sanitize_request($methods, $_GET);
$_POST = sanitize_request($methods, $_POST);
$_COOKIE = sanitize_request($methods, $_COOKIE);
$_REQUEST = sanitize_request($methods, $_REQUEST);
}
?>

Here is a simple way of checking if the visitor if your page is a search engine or a normal person. It does this by checking if the user agent returned by $_SERVER['HTTP_USER_AGENT'] contains one of the keywords search engine's user agents usually contain.

<?php

//check if user is a bot of some sort
function is_bot()
{
$bots = array('google','yahoo','msn');
//takes the list above and returns (google)|(yahoo)|(msn)
$regex = '('.implode($bots, ')|(').')';
/*uses the generated regex above to see if those keywords are contained in the user agent variable*/
return eregi($regex, $_SERVER['HTTP_USER_AGENT']);
}

?>
Prevent XXS attack

<?php
// Prevent any possible XSS attacks via $_GET.
foreach ($_GET as $check_url) {
if ((eregi("<[^>]*script*\"?[^>]*>", $check_url)) || (eregi("<[^>]*object*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $check_url)) || (eregi("<[^>]*applet*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $check_url)) || (eregi("<[^>]*style*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*form*\"?[^>]*>", $check_url)) || (eregi("\([^>]*\"?[^)]*\)", $check_url)) ||
(eregi("\"", $check_url))) {
die ();
}
}
unset($check_url);
?>
futhur reading located here
PHP: eregi - Manual

the same issue... i must add to string code to define my div..
before this i use then it is not recommended... so i add string code to to fix it.
Im need answer, why it is not recommended in PHP 5.3 above?

echo divHeader(right);

Constants are in that format.

define('right', 'right');
echo right;

String must be always in this format: 'string' or "string".
It's just a bad practice to treat a string like a constant and php 5.3+ warns you.

And eregi_ functions are deprecated bcoz they are more slower and more insecure than preg_.
The world evolves!

Need more explain why it is insecure? any example...

replace eregi with preg_match

for example you have a statement like this

do it like this

But he did explained it and you just need to understand it.

Nope, see this for example: http://coding-talk.com/f23/help-depr...html#post93693

And if you just want to check if one string is contained into another it is recommended to use strpos() because it is much more faster.

maybe i need more work to do to replace all my code to the recommendation of PHP 5.3 above.
thanks all that shared knowledge in this thread...it is useful too to others member that start begin to use PHP5.3 above.