ACHECKER-4: Upgrading deprecated MySQL syntax to support MySQL 4.1.13…

…+ :- Fixing Problems: Still In Progress

include/classes/DAO/CheckExamplesDAO.class.php

@@ -58,7 +58,7 @@ public function Create($checkID, $type, $description, $content)
 		}
 		else
 		{
-			$this->insertID();
+			$this->getInsertID();
 		}
 	}
 

include/classes/DAO/ChecksDAO.class.php

@@ -48,8 +48,8 @@ public function Create($userID, $html_tag, $confidence,
 
 		$userID = intval($userID);
 		$html_tag = $this->addSlashes(strtolower(trim($html_tag)));
-		// $addslashes are not needed on the following fields since they are eventually
-		// calling LanguageTextDAO->setText() where $addslashes is used.
+		// $this->addSlashes are not needed on the following fields since they are eventually
+		// calling LanguageTextDAO->setText() where $this->addSlashes is used.
 		$note = trim($note);
 		$name = trim($name);
 		$err = trim($err);
@@ -81,7 +81,7 @@ public function Create($userID, $html_tag, $confidence,
 		}
 		else
 		{
-			$checkID = $this->insertID();
+			$checkID = $this->getInsertID();
 
 			if ($note <> '')
 			{
@@ -189,8 +189,8 @@ public function Update($checkID, $userID, $html_tag, $confidence,
 		$confidence = intval($confidence);
 		$open_to_public = intval($open_to_public);
 
-		// $addslashes are not needed on the following fields since they are eventually
-		// calling LanguageTextDAO->setText() where $addslashes is used.
+		// $this->addSlashes are not needed on the following fields since they are eventually
+		// calling LanguageTextDAO->setText() where $this->addSlashess is used.
 		$note = trim($note);
 		$name = trim($name);
 		$err = trim($err);

include/classes/DAO/DAO.class.php

@@ -23,7 +23,6 @@ class DAO {
 
 	// protected
 	protected $db;     // global database connection
-	protected $addslashes;
 
 	function DAO()
 	{
@@ -82,10 +81,10 @@ function execute($sql)
 	}
 
 	function addSlashes($sql){
-		return $this->addslashes = mysqli_real_escape_string($this->db,$sql);
+		return mysqli_real_escape_string($this->db,$sql);
 	}
 
-	function insertID(){
+	function getInsertID(){
 		return mysqli_insert_id($this->db);
 	}
 }

include/classes/DAO/GuidelineGroupsDAO.class.php

@@ -40,7 +40,7 @@ public function Create($guidelineID, $name, $abbr, $principle)
 	{
 
 		$guidelineID = intval($guidelineID);
-		$name = trim($name);	// $addslashes is not necessary as it's called in LanguageTextDAO->Create()
+		$name = trim($name);	// $this->addSlashes is not necessary as it's called in LanguageTextDAO->Create()
 		$abbr = $this->addSlashes(trim($abbr));
 		$principle = $this->addSlashes(trim($principle));
 
@@ -56,7 +56,7 @@ public function Create($guidelineID, $name, $abbr, $principle)
 		}
 		else
 		{
-			$group_id = $this->insertID();
+			$group_id = $this->getInsertID();
 
 			if ($name <> '')
 			{
@@ -91,7 +91,7 @@ public function Update($groupID, $name, $abbr, $principle)
 	{
 
 		$groupID = intval($groupID);
-		$name = trim($name);	// $addslashes is not necessary as it's called in LanguageTextDAO->updateLang()
+		$name = trim($name);	// $this->addSlashes is not necessary as it's called in LanguageTextDAO->updateLang()
 		$abbr = $this->addSlashes(trim($abbr));
 		$principle = $this->addSlashes(trim($principle));
 

include/classes/DAO/GuidelineSubgroupsDAO.class.php

@@ -39,7 +39,7 @@ public function Create($groupID, $name, $abbr)
 	{
 
 		$groupID = intval($groupID);
-		$name = trim($name);	// $addslashes is not necessary as it's called in LanguageTxetDAO->Create()
+		$name = trim($name);	// $this->addSlashes is not necessary as it's called in LanguageTxetDAO->Create()
 		$abbr = $this->addSlashes(trim($abbr));
 
 		$sql = "INSERT INTO ".TABLE_PREFIX."guideline_subgroups
@@ -54,7 +54,7 @@ public function Create($groupID, $name, $abbr)
 		}
 		else
 		{
-			$subgroup_id = $this->insertID();
+			$subgroup_id = $this->getInsertID();
 			if ($name <> '')
 			{
 				$term = LANG_PREFIX_GUIDELINE_SUBGROUPS_NAME.$subgroup_id;
@@ -87,7 +87,7 @@ public function Update($subgroupID, $name, $abbr)
 	{
 
 		$subgroupID = intval($subgroupID);
-		$name = trim($name);	// $addslashes is not necessary as it's called in LanguageTxetDAO->updateLang()
+		$name = trim($name);	// $this->addSlashes is not necessary as it's called in LanguageTxetDAO->updateLang()
 		$abbr = $this->addSlashes(trim($abbr));
 
 		$sql = "UPDATE ".TABLE_PREFIX."guideline_subgroups

include/classes/DAO/GuidelinesDAO.class.php

@@ -47,7 +47,7 @@ public function Create($userID, $title, $abbr, $long_name, $published_date, $ear
 		$userID = intval($userID);
 		$title = $this->addSlashes(trim($title));	
 		$abbr = $this->addSlashes(trim($abbr));	
-		$long_name = trim($long_name);   // $addslashes is not necessary as it's called in LanguageTextDAO->Create()
+		$long_name = trim($long_name);   // $this->addSlashess is not necessary as it's called in LanguageTextDAO->Create()
 		$earlid = $this->addSlashes(trim($earlid));
 		$preamble = $this->addSlashes(trim($preamble));
 		if ($published_date == '') $published_date = NULL;
@@ -68,7 +68,7 @@ public function Create($userID, $title, $abbr, $long_name, $published_date, $ear
 		}
 		else
 		{
-			$guidelineID = $this->insertID();
+			$guidelineID = $this->getInsertID();
 
 			if ($long_name <> '')
 			{
@@ -111,7 +111,7 @@ public function update($guidelineID, $userID, $title, $abbr, $long_name, $publis
 		$userID = intval($userID);
 		$title = $this->addSlashes(trim($title));	
 		$abbr = $this->addSlashes(trim($abbr));	
-		$long_name = trim($long_name);   // $addslashes is not necessary as it's called in LanguageTextDAO->setText()
+		$long_name = trim($long_name);   // $this->addSlashes is not necessary as it's called in LanguageTextDAO->setText()
 		$earlid = $this->addSlashes(trim($earlid));
 		$preamble = $this->addSlashes(trim($preamble));
 

include/classes/DAO/MailQueueDAO.class.php

@@ -49,7 +49,7 @@ function Create($to_email, $to_name, $from_email, $from_name, $subject, $body, $
 
 		if ($this->execute($sql))
 		{
-			$this->insertID();
+			$this->getInsertID();
 		}
 		else
 		{

include/classes/DAO/MyownPatchesDAO.class.php

@@ -57,7 +57,7 @@ public function Create($achecker_patch_id, $applied_version,
 		}
 		else
 		{
-			$this->insertID();
+			$this->getInsertID();
 		}
 	}
 

include/classes/DAO/MyownPatchesDependentDAO.class.php

@@ -47,7 +47,7 @@ public function Create($myown_patch_id, $dependent_patch_id)
 		}
 		else
 		{
-			$this->insertID();
+			$this->getInsertID();
 		}
 	}
 

include/classes/DAO/MyownPatchesFilesDAO.class.php

@@ -60,7 +60,7 @@ public function Create($myown_patch_id, $action, $name, $location,
 		}
 		else
 		{
-			$this->insertID();
+			$this->getInsertID();
 		}
 	}
 

include/classes/DAO/PatchesDAO.class.php

@@ -84,7 +84,7 @@ public function Create($achecker_patch_id, $applied_version,
 		}
 		else
 		{
-			$this->insertID();
+			$this->getInsertID();
 		}
 	}
 

include/classes/DAO/PatchesFilesActionsDAO.class.php

@@ -53,7 +53,7 @@ public function Create($patches_files_id, $action, $code_from, $code_to)
 		}
 		else
 		{
-			$this->insertID();
+			$this->getInsertID();
 		}
 	}
 }

include/classes/DAO/PatchesFilesDAO.class.php

@@ -53,7 +53,7 @@ public function Create($patch_id, $action, $name, $location)
 		}
 		else
 		{
-			$this->insertID();
+			$this->getInsertID();
 		}
 	}
 

include/classes/DAO/UserGroupsDAO.class.php

@@ -75,7 +75,7 @@ public function Create($title, $description)
 			}
 			else
 			{
-				$this->insertID();
+				$this->getInsertID();
 			}
 		}
 		else

include/classes/DAO/UserLinksDAO.class.php

@@ -62,7 +62,7 @@ public function Create($user_id, $guideline_ids, $URI)
 			}
 			else
 			{
-				$this->insertID();
+				$this->getInsertID();
 			}
 		}
 		else

include/classes/DAO/UsersDAO.class.php

@@ -123,7 +123,7 @@ public function Create($user_group_id, $login, $pwd, $email, $first_name, $last_
 			}
 			else
 			{
-				$this->insertID();
+				$this->getInsertID();
 			}
 		}
 		else

include/classes/Language/Language.class.php

@@ -34,7 +34,6 @@ class Language {
 	var $achecker_version;
 
 	protected $db; // Database Connection
-	protected $addslashes;
 	// constructor
 	function Language($language_row) {
 		if (!isset($this->db))
@@ -211,7 +210,7 @@ function getXML($part=FALSE) {
 		return $xml;
 	}
 	function addSlashesLang($sql){
-		return $this->addslashes = mysqli_real_escape_string($this->db, $sql);
+		return mysqli_real_escape_string($this->db, $sql);
 	}
 }
 ?>

include/classes/Language/LanguageEditor.class.php

@@ -115,11 +115,11 @@ function checkFilter($param) {
 
 	// public
 	function printTerms($terms){
-		global $languageManager; // why won't $addslashes = $this->addslashes; work?
+		global $languageManager; // why won't $this->addSlashes work?
 
 		$counter = 0;
 
-		$terms = unserialize(stripslashes($terms));
+		$terms = unserialize(stripslashes($this->addSlashesLang($terms)));
 
 		natcasesort($terms);
 

include/vitals.inc.php

@@ -61,14 +61,7 @@ function unregister_GLOBALS() {
 	header('Location: ' . $relative_path . 'install/not_installed.php');
 	exit;
 }
-/*** end system config block ****/
 
-/***** 1. database connection *****/
-//if (!defined('AC_REDIRECT_LOADED')){
-//	require_once(AC_INCLUDE_PATH.'lib/mysql_connect.inc.php');
-//}
-	$db =mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT);
-/***** end database connection ****/
 
 /*** 2. constants ***/
 require_once(AC_INCLUDE_PATH.'constants.inc.php');
@@ -90,19 +83,14 @@ function unregister_GLOBALS() {
 
 /***** end session initilization block ****/
 
-function my_add_null_slashes( $string ) {
-    return mysqli_real_escape_string($db, stripslashes($string));
-}
 
 function my_null_slashes($string) {
 	return $string;
 }
 
 if ( get_magic_quotes_gpc() == 1 ) {
-	$addslashes   = 'my_add_null_slashes';
 	$stripslashes = 'stripslashes';
 } else {
-	$addslashes   = 'mysqli_real_escape_string';
 	$stripslashes = 'my_null_slashes';
 }
 
@@ -281,12 +269,7 @@ function debug_to_log($var, $log='') {
 $_my_uri  = '';
 
 for ($i=0; $i<$num_bits; $i++) {
-//	if (	(strpos($bits[$i], 'enable=')	=== 0) 
-//		||	(strpos($bits[$i], 'disable=')	=== 0)
-//		||	(strpos($bits[$i], 'expand=')	=== 0)
-//		||	(strpos($bits[$i], 'collapse=')	=== 0)
-//		||	(strpos($bits[$i], 'lang=')		=== 0)
-//		) {
+
 	if (	(strpos($bits[$i], 'lang=')		=== 0)
 		) {
 		/* we don't want this variable added to $_my_uri */

themes/default/checker/checker_results.tmpl.php

@@ -62,7 +62,7 @@
 
 	echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">'."\n\r";
 	echo '<input type="hidden" name="jsessionid" value="'.$sessionID.'" />'."\n\r";
-	echo '<input type="hidden" name="uri" value="'.filter_var($_POST["uri"], FILTER_VALIDATE_URL).'" />'."\n\r";
+	echo '<input type="hidden" name="uri" value="'.filter_var($_POST["uri"], FILTER_SANITIZE_URL).'" />'."\n\r";
 	echo '<input type="hidden" name="output" value="html" />'."\n\r";
 	echo '<input type="hidden" name="validate_uri" value="1" />'."\n\r";
 	echo '<input type="hidden" name="rpt_format" value="'.addslashes($_POST['rpt_format']).'" />'."\n\r";