This thread continues from the closed thread “I Need help with converting mysql_ …” I was going to post the following codes but the thread was closed. I’ve been trying to replace all mysql functions with mysqli ones in an old script which generates pages with reviews from users.
First, I changed code in my functions.php file to establish connection to a database.
Initial code:
[code=php]
<?php
$NumReviews = 8;
$db_name = “xxxxxxxxxxxxxxxxx”;
$connection = @mysql_connect(“xxxxxxxxx”, “xxxxxxxxxxxx”, “xxxxxxxxxxxx”)
or die(“Couldn’t connect.”);
$db = @mysql_select_db($db_name, $connection)
or die(“Couldn’t select database.”);
function db_errno($args=array()) {
return @mysql_errno();
}
function db_error($args=array()) {
return @mysql_error();
}
?>
Modified code:
[code=php]
<?php
class DB
{
static $link;
static $dbname;
public static function connect()
{
if(empty(self::$link))
{
$dbhost = ‘xxxxxxxxx’;
$dbuser = ‘xxxxxxxx’;
$dbpassword = ‘xxxxxxxxxxxxx’;
$dbname = ‘xxxxxxxxxxxx’;
self::$link = @mysqli_connect($dbhost,$dbuser,$dbpassword,$dbname);
self::$dbname=$dbname;
mysqli_set_charset(self::$link, ‘utf8’);
or die(“Couldn’t connect.”);
}
}
}
DB::connect();
?>
Then, I converted mysql functions in admin_menu.php
Initial code:
[code=php]
<?php
//if a session does not yet exist for this user, start one
session_start();
//if there is no username or password entered and the user has not already been validated, send user back to login page.
if ((empty($_POST[“admin_username”]) || empty($_POST[“admin_passtext”])) && empty($_SESSION[‘valid_user’]))
{
Header(“Location: index.php”);
}
include (“../body_edit.php”);
include (“../config.php”);
include (“../functions.php”);
//make sure user has been logged in.
if (empty($_SESSION[‘valid_user’]))
{
// User not logged in, check database
//Check to see that the username and Password entered have admin access.
$sqlaccess = “SELECT username, passtext
FROM admin
WHERE username='” . mysql_escape_string($_POST[‘admin_username’]) . “‘
AND passtext = ‘” . mysql_escape_string($_POST[‘admin_passtext’]) . “‘
LIMIT 1
“;
$resultaccess = mysql_query($sqlaccess)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$numaccess = mysql_numrows($resultaccess);
if ($numaccess == 0) {
BodyHeader(“Access Not Allowed!”);
?>
<P>To access the Administration area you need to have approved access. The username and Password (<?php echo “$admin_username and $admin_passtext”; ?>) you entered are not approved!<br>
<a href=”index.php”>Please try again</a>
<?php
BodyFooter();
exit;
}// if numaccess
//if the user/pass were valid create a session for the user.
$_SESSION[‘admin_passtext’] = $_POST[‘admin_passtext’];
$_SESSION[‘admin_username’] = $_POST[‘admin_username’];
//since user has been verified, set a session for checking on admin pages.
$_SESSION[‘valid_user’] = $_POST[‘admin_username’];
//set cookie so admin can save login info if logout link is not clicked.
if (empty($_COOKIE[‘admin_username’]) && empty($_COOKIE[‘admin_passtext’])) {
setcookie(“admin_username”, $_POST[‘admin_username’], time() + 31536000, “/”);
setcookie(“admin_passtext”, $_POST[‘admin_passtext’], time() + 31536000, “/”);
}//if cookie
}//if session
BodyHeader(“$sitename Administration Menu”);
//Get the number of reviews that are not approved.
$result = mysql_query(“SELECT COUNT(*) as total FROM review WHERE approve=’n’
AND
review_item_id != ‘0’”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysql_fetch_array($result);
$total = $rows[“total”];
//Get the total number of reviews that are approved.
$result = mysql_query(“SELECT COUNT(*) as totaly FROM review WHERE approve=’y'”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysql_fetch_array($result);
$totaly = $rows[“totaly”];
//Get the total number of user submitted items that need to be approved.
$result = mysql_query(“SELECT COUNT(*) as totalitemuser FROM review_items_user”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysql_fetch_array($result);
$totalitemuser = $rows[“totalitemuser”];
?>
//some code here….
<?php
BodyFooter();
exit;
?>
Modified code:
[code=php]
<?php
//if a session does not yet exist for this user, start one
session_start();
//if there is no username or password entered and the user has not already been validated, send user back to login page.
if ((empty($_POST[“admin_username”]) || empty($_POST[“admin_passtext”])) && empty($_SESSION[‘valid_user’]))
{
Header(“Location: index.php”);
}
include (“../body_edit.php”);
include (“../config.php”);
include (“../functions.php”);
//make sure user has been logged in.
if (empty($_SESSION[‘valid_user’]))
{
// User not logged in, check database
//Check to see that the username and Password entered have admin access.
$sqlaccess = “SELECT username, passtext
FROM admin
WHERE username='” . mysqli_real_escape_string($_POST[‘admin_username’]) . “‘
AND passtext = ‘” . mysqli_real_escape_string($_POST[‘admin_passtext’]) . “‘
LIMIT 1
“;
$resultaccess = mysqli_query(db::$link,$sqlaccess)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$numaccess = mysqli_numrows($resultaccess);
if ($numaccess == 0) {
BodyHeader(“Access Not Allowed!”);
?>
//some code here…
<P>To access the Administration area you need to have approved access. The username and Password (<?php echo “$admin_username and $admin_passtext”; ?>) you entered are not approved!<br>
<a href=”index.php”>Please try again</a>
<?php
BodyFooter();
exit;
}
// if numaccess
//if the user/pass were valid create a session for the user.
$_SESSION[‘admin_passtext’] = $_POST[‘admin_passtext’];
$_SESSION[‘admin_username’] = $_POST[‘admin_username’];
//since user has been verified, set a session for checking on admin pages.
$_SESSION[‘valid_user’] = $_POST[‘admin_username’];
//set cookie so admin can save login info if logout link is not clicked.
if (empty($_COOKIE[‘admin_username’]) && empty($_COOKIE[‘admin_passtext’])) {
setcookie(“admin_username”, $_POST[‘admin_username’], time() + 31536000, “/”);
setcookie(“admin_passtext”, $_POST[‘admin_passtext’], time() + 31536000, “/”);
}//if cookie
}//if session
BodyHeader(“$sitename Administration Menu”);
//Get the number of reviews that are not approved.
$result = mysqli_query(db::$link,”SELECT COUNT(*) as total FROM review WHERE approve=’n’
AND
review_item_id != ‘0’”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysqli_fetch_array($result);
$total = $rows[“total”];
//Get the total number of reviews that are approved.
$result = mysqli_query(db::$link,”SELECT COUNT(*) as totaly FROM review WHERE approve=’y'”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysqli_fetch_array($result);
$totaly = $rows[“totaly”];
//Get the total number of user submitted items that need to be approved.
$result = mysqli_query(db::$link,”SELECT COUNT(*) as totalitemuser FROM review_items_user”)
or die(sprintf(“Couldn’t execute sql_count, %s: %s”, db_errno(), db_error()));
$rows = mysqli_fetch_array($result);
$totalitemuser = $rows[“totalitemuser”];
?>
//some code here…
<?php
BodyFooter();
exit;
?>
Could you please correct any mistake you see in these code snippets? I don’t consider myself knowledgeable in php so your explanations will be appreciated! Thank you!