I've read up that as of December 2018, PHP will divert their security support or something like that to php 7 and stop with 5.6. So my question is what becomes of php 5.6? will the sites that continue to use it be more vulnerable or something? any advice please? or did i get the info wrong?
-
Last edited by tupac; 22.09.18, 11:26. -
Hello? anyone there? -
In time sites using <=5.6 will gradually be faded out and hosts will not want to use them as they will be less secure than more secure versions.Comment
-
how long do you average this may take to happen?Comment
-
̶P̶r̶o̶b̶a̶b̶l̶y̶ ̶y̶e̶a̶r̶s̶, The main issue will be updating mysql to mysqli for most scripts, however there already is quick fixes been made such as:
Edit:
Looks like hosts are already warning about updating php versionsLast edited by something else; 31.10.18, 22:01.Comment
-
That's true, that's why i asked but first it's needed to start with the sql connection i think the coding is abit similar just a few different underlying factors making it different i really got to read up on thisComment
-
Hey something else how does the quick fix work for the upgrade to php 7 I'm a bit confused how do you integrate it to your script? If not, can you give a brief 2 lines to say what distinguished the 5.6 from the 7 as in how the code works? is it just the simple change of mysql to mysqli in all lines?Comment
-
Create a file mysql.php and add:
Then use:PHP Code:<?php
/**
* Procedural drop in replacement for legacy projects using the MySQL function
*
* @author Sjoerd Maessen
* @version 0.1
*/
// Make sure the MySQL extension is not loaded and there is no other drop in replacement active
if (!extension_loaded('mysql') && !function_exists('mysql_connect')) {
// Validate if the MySQLi extension is present
if (!extension_loaded('mysqli')) {
trigger_error('The extension "MySQLi" is not available', E_USER_ERROR);
}
// The function name "getLinkIdentifier" will be used to return a valid link_indentifier, make it is available
if (function_exists('getLinkIdentifier')) {
trigger_error('The function name "getLinkIdentifier" is already defined, please change the function name', E_USER_ERROR);
}
// Define MySQL constants
define('MYSQL_CLIENT_COMPRESS', MYSQLI_CLIENT_COMPRESS);
define('MYSQL_CLIENT_IGNORE_SPACE', MYSQLI_CLIENT_IGNORE_SPACE);
define('MYSQL_CLIENT_INTERACTIVE', MYSQLI_CLIENT_INTERACTIVE);
define('MYSQL_CLIENT_SSL', MYSQLI_CLIENT_SSL);
define('MYSQL_ASSOC', MYSQLI_ASSOC);
define('MYSQL_NUM', MYSQLI_NUM);
define('MYSQL_BOTH', MYSQLI_BOTH);
// Will contain the link identifier
$link = null;
/**
* Get the link identifier
*
* [USER="20491"]param[/USER] mysqli $mysqli
* @return mysqli|null
*/
function getLinkIdentifier(mysqli $mysqli = null)
{
if (!$mysqli) {
global $link;
$mysqli = $link;
}
return $mysqli;
}
/**
* Open a connection to a MySQL Server
*
* [USER="20491"]param[/USER] $server
* [USER="20491"]param[/USER] $username
* [USER="20491"]param[/USER] $password
* @return mysqli|null
*/
function mysql_connect($server, $username, $password, $new_link = false, $client_flags = 0)
{
global $link;
$link = mysqli_connect($server, $username, $password);
return $link;
}
/**
* Open a persistent connection to a MySQL server
*
* [USER="20491"]param[/USER] $server
* [USER="20491"]param[/USER] $username
* [USER="20491"]param[/USER] $password
* @return mysqli|null
*/
function mysql_pconnect($server, $username, $password, $new_link = false, $client_flags = 0)
{
global $link;
$link = mysqli_connect('p:' . $server, $username, $password);
return $link;
}
/**
* [USER="20491"]param[/USER] $databaseName
* @return bool
*/
function mysql_select_db($databaseName)
{
global $link;
return mysqli_select_db($link, $databaseName);
}
/**
* [USER="20491"]param[/USER] $query
* [USER="20491"]param[/USER] mysqli $mysqli
* @return bool|mysqli_result
*/
function mysql_query($query, mysqli $mysqli = null)
{
return getLinkIdentifier($mysqli)->query($query);
}
/**
* [USER="20491"]param[/USER] $string
* [USER="20491"]param[/USER] mysqli $mysqli
* @return string
*/
function mysql_real_escape_string($string, mysqli $mysqli = null)
{
return getLinkIdentifier($mysqli)->escape_string($string);
}
/**
* [USER="20491"]param[/USER] mysqli_result $result
* @return bool|array
*/
function mysql_fetch_assoc(mysqli_result $result)
{
$result = $result->fetch_assoc();
if ($result === NULL) {
$result = false;
}
return $result;
}
/**
* [USER="20491"]param[/USER] mysqli_result $result
* @return object|stdClass
*/
function mysql_fetch_object(mysqli_result $result)
{
$result = $result->fetch_object();
if ($result === NULL) {
$result = false;
}
return $result;
}
/**
* [USER="20491"]param[/USER] mysqli_result $result
* @return bool|int
*/
function mysql_num_rows(mysqli_result $result)
{
$result = $result->num_rows;
if ($result === NULL) {
$result = false;
}
return $result;
}
/**
* [USER="20491"]param[/USER] mysqli_result $result
* @return bool|array
*/
function mysql_fetch_row(mysqli_result $result)
{
$result = $result->fetch_row();
if ($result === NULL) {
$result = false;
}
return $result;
}
/**
* [USER="20491"]param[/USER] mysqli $mysqli
* @return int
*/
function mysql_affected_rows(mysqli $mysqli = null)
{
return mysqli_affected_rows(getLinkIdentifier($mysqli));
}
/**
* @return void
*/
function mysql_client_encoding(mysqli $mysqli = null)
{
return mysqli_character_set_name(getLinkIdentifier($mysqli));
}
/**
* [USER="20491"]param[/USER] mysqli $mysqli
* @return bool
*/
function mysql_close(mysqli $mysqli = null)
{
return mysqli_close(getLinkIdentifier($mysqli));
}
/**
* @return bool
*/
function mysql_create_db($database_name, mysqli $mysqli = null)
{
trigger_error('This function was deprecated in PHP 4.3.0 and is therefor not supported', E_USER_DEPRECATED);
return false;
}
/**
* [USER="20491"]param[/USER] mysqli $mysqli
* @return int
*/
function mysql_errno(mysqli $mysqli = null)
{
return mysqli_errno(getLinkIdentifier($mysqli));
}
/**
* Not implemented
*
* @todo implement
*
* @return null
*/
function mysql_db_name()
{
trigger_error('The function mysql_db_name() is not implemented', E_USER_WARNING);
return false;
}
/**
* [USER="20491"]param[/USER] mysqli $mysqli
* @return string
*/
function mysql_error(mysqli $mysqli = null)
{
return mysqli_error(getLinkIdentifier($mysqli));
}
/**
* [USER="20491"]param[/USER] mysqli_result $result
* [USER="20491"]param[/USER] $result_type
* @return void
*/
function mysql_fetch_array(mysqli_result $result, $result_type = MYSQL_BOTH)
{
return mysqli_fetch_array($result, $result_type);
}
/**
* [USER="20491"]param[/USER] mysqli $mysqli
* @return bool
*/
function mysql_ping(mysqli $mysqli = null)
{
return mysqli_ping(getLinkIdentifier($mysqli));
}
/**
* [USER="20491"]param[/USER] $query
* [USER="20491"]param[/USER] mysqli $mysqli
*/
function mysql_unbuffered_query($query, mysqli $mysqli = null)
{
return mysqli_query(getLinkIdentifier($mysqli), $query, MYSQLI_USE_RESULT);
}
/**
* @return string
*/
function mysql_get_client_info()
{
return mysqli_get_client_info();
}
/**
* [USER="20491"]param[/USER] mysqli_result $result
* @return void
*/
function mysql_free_result(mysqli_result $result)
{
return mysqli_free_result($result);
}
/**
* [USER="20491"]param[/USER] mysqli $mysqli
* @return bool|mysqli_result
*/
function mysql_list_dbs(mysqli $mysqli = null)
{
trigger_error('This function is deprecated. It is preferable to use mysql_query() to issue an SQL Query: SHOW DATABASES statement instead.', E_USER_DEPRECATED);
return mysqli_query(getLinkIdentifier($mysqli), 'SHOW DATABASES');
}
/**
* [USER="20491"]param[/USER] $database_name
* [USER="20491"]param[/USER] $table_name
* [USER="20491"]param[/USER] null $mysqli
* @return bool|mysqli_result
*/
function mysql_list_fields($database_name, $table_name, mysqli $mysqli = null)
{
trigger_error('This function is deprecated. It is preferable to use mysql_query() to issue an SQL SHOW COLUMNS FROM table [LIKE \'name\'] statement instead.', E_USER_DEPRECATED);
$mysqli = getLinkIdentifier($mysqli);
$db = mysqli_escape_string($mysqli, $database_name);
$table = mysqli_escape_string($mysqli, $table_name);
return mysqli_query($mysqli, sprintf('SHOW COLUMNS FROM %s.%s', $db, $table));
}
/**
* [USER="20491"]param[/USER] mysqli $mysqli
* @return bool|mysqli_result
*/
function mysql_list_processes(mysqli $mysqli = null)
{
return mysqli_query(getLinkIdentifier($mysqli), 'SHOW PROCESSLIST');
}
/**
* [USER="20491"]param[/USER] $charset
* [USER="20491"]param[/USER] null $mysqli
* @return bool
*/
function mysql_set_charset($charset, mysqli $mysqli = null)
{
return mysqli_set_charset(getLinkIdentifier($mysqli), $charset);
}
/**
* [USER="20491"]param[/USER] null $mysqli
* @return bool|string
*/
function mysql_info(mysqli $mysqli = null)
{
$result = mysqli_info(getLinkIdentifier($mysqli));
if ($result === NULL) {
$result = false;
}
return $result;
}
/**
* Get current system status
*
* [USER="20491"]param[/USER] null $mysqli
* @return bool|string
*/
function mysql_stat(mysqli $mysqli = null)
{
return mysqli_stat(getLinkIdentifier($mysqli));
}
/**
* Return the current thread ID
*
* [USER="20491"]param[/USER] null $mysqli
* @return bool|string
*/
function mysql_thread_id(mysqli $mysqli = null)
{
return mysqli_thread_id(getLinkIdentifier($mysqli));
}
/**
* Get MySQL host info
*
* [USER="20491"]param[/USER] null $mysqli
* @return bool|string
*/
function mysql_get_host_info(mysqli $mysqli = null)
{
return mysqli_get_host_info(getLinkIdentifier($mysqli));
}
/**
* Get MySQL protocol info
*
* [USER="20491"]param[/USER] null $mysqli
* @return bool|string
*/
function mysql_get_proto_info(mysqli $mysqli = null)
{
return mysqli_get_proto_info(getLinkIdentifier($mysqli));
}
/**
* Get MySQL server info
*
* [USER="20491"]param[/USER] null $mysqli
* @return bool|string
*/
function mysql_get_server_info(mysqli $mysqli = null)
{
return mysqli_get_server_info(getLinkIdentifier($mysqli));
}
/**
* Get table name of field
*
* [USER="20491"]param[/USER] $result
* [USER="20491"]param[/USER] $i
* @return bool
*/
function mysql_tablename($result, $i)
{
trigger_error('Not implemented', E_USER_WARNING);
return false;
}
/**
* Get the ID generated in the last query
*
* [USER="20491"]param[/USER] null $mysqli
* @return int|string
*/
function mysql_insert_id(mysqli $mysqli = null)
{
return mysqli_insert_id(getLinkIdentifier($mysqli));
}
/**
* Get result data
*
* [USER="20491"]param[/USER] $result
* [USER="20491"]param[/USER] $row
* [USER="20491"]param[/USER] int $field
* @return mixed
*/
function mysql_result($result, $row, $field = 0)
{
$result->data_seek($row);
$row = $result->fetch_array();
if (!isset($row[$field])) {
return false;
}
return $row[$field];
}
/**
* Get number of fields in result
*
* [USER="20491"]param[/USER] mysqli_result $result
* @return int
*/
function mysql_num_fields(mysqli_result $result)
{
return mysqli_num_fields($result);
}
/**
* List tables in a MySQL database
*
* [USER="20491"]param[/USER] null $mysqli
* @return bool|string
*/
function mysql_list_tables($database_name, mysqli $mysqli = null)
{
trigger_error('This function is deprecated. It is preferable to use mysql_query() to issue an SQL SHOW TABLES [FROM db_name] [LIKE \'pattern\'] statement instead.', E_USER_DEPRECATED);
$mysqli = getLinkIdentifier($mysqli);
$db = mysqli_escape_string($mysqli, $database_name);
return mysqli_query($mysqli, sprintf('SHOW TABLES FROM %s', $db));
}
/**
* Get column information from a result and return as an object
*
* [USER="20491"]param[/USER] mysqli_result $result
* [USER="20491"]param[/USER] int $field_offset
* @return bool|object
*/
function mysql_fetch_field(mysqli_result $result, $field_offset = 0)
{
if ($field_offset) {
mysqli_field_seek($result, $field_offset);
}
return mysqli_fetch_field($result);
}
/**
* Returns the length of the specified field
*
* [USER="20491"]param[/USER] mysqli_result $result
* [USER="20491"]param[/USER] int $field_offset
* @return bool
*/
function mysql_field_len(mysqli_result $result, $field_offset = 0)
{
trigger_error('This function is not implemented', E_USER_WARNING);
return false;
}
/**
* @return bool
*/
function mysql_drop_db()
{
trigger_error('This function is deprecated since PHP 4.3.0 and therefore not implemented', E_USER_DEPRECATED);
return false;
}
/**
* Move internal result pointer
*
* [USER="20491"]param[/USER] mysqli_result $result
* [USER="20491"]param[/USER] int $row_number
* @return void
*/
function mysql_data_seek(mysqli_result $result, $row_number = 0)
{
return mysqli_data_seek($result, $row_number);
}
/**
* Get the name of the specified field in a result
*
* [USER="20491"]param[/USER] $result
* [USER="20491"]param[/USER] $field_offset
* @return bool
*/
function mysql_field_name($result, $field_offset = 0)
{
$props = mysqli_fetch_field_direct($result, $field_offset);
return is_object($props) ? $props->name : false;
}
/**
* Get the length of each output in a result
*
* [USER="20491"]param[/USER] mysqli_result $result
* @return array|bool
*/
function mysql_fetch_lengths(mysqli_result $result)
{
return mysqli_fetch_lengths($result);
}
/**
* Get the type of the specified field in a result
* [USER="20491"]param[/USER] mysqli_result $result
* [USER="20491"]param[/USER] $field_offset
* @return string
*/
function mysql_field_type(mysqli_result $result, $field_offset = 0)
{
$unknown = 'unknown';
$info = mysqli_fetch_field_direct($result, $field_offset);
if (empty($info->type)) {
return $unknown;
}
switch ($info->type) {
case MYSQLI_TYPE_FLOAT:
case MYSQLI_TYPE_DOUBLE:
case MYSQLI_TYPE_DECIMAL:
case MYSQLI_TYPE_NEWDECIMAL:
return 'real';
case MYSQLI_TYPE_BIT:
return 'bit';
case MYSQLI_TYPE_TINY:
return 'tinyint';
case MYSQLI_TYPE_TIME:
return 'time';
case MYSQLI_TYPE_DATE:
return 'date';
case MYSQLI_TYPE_DATETIME:
return 'datetime';
case MYSQLI_TYPE_TIMESTAMP:
return 'timestamp';
case MYSQLI_TYPE_YEAR:
return 'year';
case MYSQLI_TYPE_STRING:
case MYSQLI_TYPE_VAR_STRING:
return 'string';
case MYSQLI_TYPE_SHORT:
case MYSQLI_TYPE_LONG:
case MYSQLI_TYPE_LONGLONG:
case MYSQLI_TYPE_INT24:
return 'int';
case MYSQLI_TYPE_CHAR:
return 'char';
case MYSQLI_TYPE_ENUM:
return 'enum';
case MYSQLI_TYPE_TINY_BLOB:
case MYSQLI_TYPE_MEDIUM_BLOB:
case MYSQLI_TYPE_LONG_BLOB:
case MYSQLI_TYPE_BLOB:
return 'blob';
case MYSQLI_TYPE_NULL:
return 'null';
case MYSQLI_TYPE_NEWDATE:
case MYSQLI_TYPE_INTERVAL:
case MYSQLI_TYPE_SET:
case MYSQLI_TYPE_GEOMETRY:
default:
return $unknown;
}
}
/**
* Get name of the table the specified field is in
*
* [USER="20491"]param[/USER] mysqli_result $result
* [USER="20491"]param[/USER] $field_offset
* @return bool
*/
function mysql_field_table(mysqli_result $result, $field_offset = 0)
{
$info = mysqli_fetch_field_direct($result, $field_offset);
if (empty($info->table)) {
return false;
}
return $info->table;
}
/**
* Get the flags associated with the specified field in a result
*
* @todo implement
*
* [USER="20491"]param[/USER] mysqli_result $result
* [USER="20491"]param[/USER] int $field_offset
* @return bool
*/
function mysql_field_flags(mysqli_result $result, $field_offset = 0)
{
trigger_error('This function is not implemented', E_USER_WARNING);
return false;
}
/**
* Set result pointer to a specified field offset
*
* [USER="20491"]param[/USER] mysqli_result $result
* [USER="20491"]param[/USER] int $field_offset
* @return bool
*/
function mysql_field_seek(mysqli_result $result, $field_offset = 0)
{
return mysqli_field_seek($result, $field_offset);
}
/**
* Selects a database and executes a query on it
*
* @todo implement
*
* [USER="20491"]param[/USER] $database
* [USER="20491"]param[/USER] $query
* [USER="20491"]param[/USER] mysqli $mysqli
* @return bool
*/
function mysql_db_query($database, $query, mysqli $mysqli = null)
{
trigger_error('This function is deprecated since PHP 5.3.0 and therefore not implemented', E_USER_DEPRECATED);
return false;
}
}
?>
on every page on your site or if you have a config file or something similar then use it on that.PHP Code:include 'mysql.php';
Comment
-
something else why does this code, that should work to alert members when their vip runs out, does not work?
$tm = time();
$vipp = mysql_fetch_array(mysql_query("SELECT uid, vip, viptime FROM ibwf_users WHERE vip='1'"));
if($vipp[2]<$tm)
{
$msg = "Vip feature expired";
$msg = mysql_real_escape_string($msg);
autopm($msg, $vipp[0], 1);
mysql_query("UPDATE ibwf_users SET vip='0' WHERE viptime<'".time()."'");
}Comment
-
PHP Code:$vips = mysql_query("SELECT uid FROM ibwf_users WHERE vip='1' AND viptime<'".time()."'");
if($vips)
{
while ($vip = mysql_fetch_array($vips))
{
autopm("Vip feature expired", $vip[0], 1);
}
mysql_query("UPDATE ibwf_users SET vip='0' WHERE viptime<'".time()."'");
}
Comment
-
Thanks alot bro, but i still don't see why my code didn't work lolComment
-
This line selects only 1 user:
$vipp = mysql_fetch_array(mysql_query("SELECT uid, vip, viptime FROM ibwf_users WHERE vip='1'"));
which is the first person it finds in the database where vip=1 (which was making it fail and only send to the first person it found)
So Instead it needs to be put on a loop to cycle through all users finding all users where vip=1
while ($vip = mysql_fetch_array($vips))
{
}
I added the time clause into the query:
$vips = mysql_query("SELECT uid FROM ibwf_users WHERE vip='1' AND viptime<'".time()."'");
So it loads quicker rather than have it on an a if statement:
if($vipp[2]<$tm)
{
I also shortened this line:
autopm("Vip feature expired", $vip[0], 1);
I removed mysql_escape_string() from it as a user cannot edit it, so it is safe from injections.Comment
-
Thank you brotherComment
-
something else Hey bro I have one final question, i hope you don't mind? the quick fix which allows me to increas the php version from 5 to 7 on my host can it be used permanently or do i need to code over the entire script in the new php format sometime?Comment
-
No I don't mind, its nice to come here and see new posts lol
It should be fine to use permanently as otherwise you might as well re-code the whole script (not just the mysqli)
Comment
Comment