http://git-wip-us.apache.org/repos/asf/vcl/blob/e5058500/web/.ht-inc/oneclick.php ---------------------------------------------------------------------- diff --git a/web/.ht-inc/oneclick.php b/web/.ht-inc/oneclick.php index e478fcd..d8b62c9 100755 --- a/web/.ht-inc/oneclick.php +++ b/web/.ht-inc/oneclick.php @@ -57,7 +57,7 @@ function newOneClick() { . "o.userid = {$user['id']}"; $oneclicks = array(); $qh = doQuery($query, 101); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $oneclicks[$row['id']] = $row; print "<H2>" . i("VCL go Configurator") . "</H2>\n"; @@ -322,7 +322,7 @@ function editOneClick() { $qh = doQuery($query, 101); print "<form action=\"" . BASEURL . SCRIPT . "\" method=\"post\" style=\"display: inline;\" onsubmit=\"return validateForm(this);\">\n"; - if(! ($row = mysql_fetch_assoc($qh))) { + if(! ($row = mysqli_fetch_assoc($qh))) { print i("VCL go not found") . "\n"; return NULL; }
http://git-wip-us.apache.org/repos/asf/vcl/blob/e5058500/web/.ht-inc/privileges.php ---------------------------------------------------------------------- diff --git a/web/.ht-inc/privileges.php b/web/.ht-inc/privileges.php index 92f6ee3..165e14b 100644 --- a/web/.ht-inc/privileges.php +++ b/web/.ht-inc/privileges.php @@ -256,7 +256,7 @@ function viewNodes() { . "ORDER BY name"; $qh = doQuery($query); $orderedgroups = array(); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $orderedgroups[] = $row['id']; foreach($orderedgroups as $id) { printUserPrivRow($id, $i, $privs["usergroups"], $usertypes["users"], @@ -965,7 +965,7 @@ function selectNode() { . "ORDER BY name"; $qh = doQuery($query); $orderedgroups = array(); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $orderedgroups[] = $row['id']; foreach($orderedgroups as $id) { $tmpArr = getUserPrivRowHTML($id, $i, $privs["usergroups"], @@ -1125,7 +1125,7 @@ function nodeDropData() { $query = "SELECT id, parent FROM privnode WHERE id > " . DEFAULT_PRIVNODE; $qh = doQuery($query); $data = 'nodedropdata = {'; - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) if(checkUserHasPriv('nodeAdmin', $user['id'], $row['id']) && ($row['parent'] == DEFAULT_PRIVNODE || checkUserHasPriv('nodeAdmin', $user['id'], $row['parent']))) $data .= "{$row['id']}: '1',"; @@ -1183,7 +1183,7 @@ function AJsubmitAddChildNode() { . "WHERE name = '$newnode' AND " . "parent = $parent"; $qh = doQuery($query, 335); - if(mysql_num_rows($qh)) { + if(mysqli_num_rows($qh)) { $text = "A node of that name already exists " . "under " . $nodeInfo["name"]; print "dojo.byId('addChildNodeStatus').innerHTML = '$text';"; @@ -1198,7 +1198,7 @@ function AJsubmitAddChildNode() { doQuery($query, 336); $qh = doQuery("SELECT LAST_INSERT_ID() FROM privnode", 101); - if(! $row = mysql_fetch_row($qh)) + if(! $row = mysqli_fetch_row($qh)) abort(101); $nodeid = $row[0]; @@ -1228,7 +1228,7 @@ function AJsubmitAddChildNode() { function nodeExists($node) { $query = "SELECT id FROM privnode WHERE id = $node"; $qh = doQuery($query, 101); - if(mysql_num_rows($qh)) + if(mysqli_num_rows($qh)) return 1; else return 0; @@ -1313,13 +1313,13 @@ function AJsubmitRenameNode() { return; } # check if node matching new name already exists at parent - $_newname = mysql_real_escape_string($newname); + $_newname = vcl_mysql_escape_string($newname); $query = "SELECT id " . "FROM privnode " . "WHERE parent = (SELECT parent FROM privnode WHERE id = $activeNode) AND " . "name = '$_newname'"; $qh = doQuery($query, 101); - if(mysql_num_rows($qh)) { + if(mysqli_num_rows($qh)) { $msg = i("A sibling node of that name currently exists"); $arr = array('error' => 2, 'message' => $msg); sendJSON($arr); @@ -1372,7 +1372,7 @@ function AJmoveNode() { . "p2.parent = $newparentid AND " . "p2.name = p1.name"; $qh = doQuery($query); - if($row = mysql_num_rows($qh)) { + if($row = mysqli_num_rows($qh)) { $arr = array('status' => 'collision', 'moveid' => $moveid, 'oldparentid' => $oldparentid, @@ -1494,7 +1494,7 @@ function userLookup() { print "<INPUT type=hidden name=continuation value=\"$cont\">\n"; print "</FORM><br>\n"; if(! empty($userid)) { - $esc_userid = mysql_real_escape_string($userid); + $esc_userid = vcl_mysql_escape_string($userid); if(preg_match('/,/', $userid)) { $mode = 'name'; $force = 0; @@ -1517,8 +1517,8 @@ function userLookup() { } else { $tmp = explode(',', $userid); - $last = mysql_real_escape_string(trim($tmp[0])); - $first = mysql_real_escape_string(trim($tmp[1])); + $last = vcl_mysql_escape_string(trim($tmp[0])); + $first = vcl_mysql_escape_string(trim($tmp[1])); $query = "SELECT CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "affiliation a " @@ -1528,7 +1528,7 @@ function userLookup() { . "a.id = $affilid"; } $qh = doQuery($query, 101); - if(! mysql_num_rows($qh)) { + if(! mysqli_num_rows($qh)) { if($mode == 'name') { print "<font color=red>User not found</font><br>\n"; return; @@ -1538,13 +1538,13 @@ function userLookup() { } elseif($force) { $_SESSION['userresources'] = array(); - $row = mysql_fetch_assoc($qh); + $row = mysqli_fetch_assoc($qh); $newtime = unixToDatetime(time() - SECINDAY - 5); $query = "UPDATE user SET lastupdated = '$newtime' WHERE id = {$row['id']}"; doQuery($query, 101); } elseif($mode == 'name') { - $row = mysql_fetch_assoc($qh); + $row = mysqli_fetch_assoc($qh); $userid = $row['unityid']; $esc_userid = $row['unityid']; } @@ -1659,11 +1659,11 @@ function userLookup() { . "ORDER BY p.name, " . "upt.name"; $qh = doQuery($query, 101); - if(mysql_num_rows($qh)) { + if(mysqli_num_rows($qh)) { print "Nodes where user is granted privileges:<br>\n"; print "<TABLE>\n"; $privnodeid = 0; - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { if($privnodeid != $row['privnodeid']) { if($privnodeid) { print " </TD>\n"; @@ -1699,11 +1699,11 @@ function userLookup() { . "ORDER BY p.name, " . "upt.name"; $qh = doQuery($query, 101); - if(mysql_num_rows($qh)) { + if(mysqli_num_rows($qh)) { print "Nodes where user's groups are granted privileges:<br>\n"; print "<TABLE>\n"; $privnodeid = 0; - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { if($privnodeid != $row['privnodeid']) { if($privnodeid) { print " </TD>\n"; @@ -1749,7 +1749,7 @@ function userLookup() { . "LIMIT 8"; $logins = array(); $qh = doQuery($query); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $logins[] = $row; if(count($logins)) { $logins = array_reverse($logins); @@ -1814,7 +1814,7 @@ function userLookup() { . "ORDER BY l.start DESC " . "LIMIT 5"; $qh = doQuery($query, 290); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) array_push($requests, $row); $requests = array_reverse($requests); if(! empty($requests)) { @@ -1924,7 +1924,7 @@ function userLookup() { . "GROUP BY rq.id " . "ORDER BY rq.start"; $qh = doQuery($query, 290); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) array_push($requests, $row); $requests = array_reverse($requests); if(! empty($requests)) { @@ -2054,7 +2054,7 @@ function userLookup() { . "GROUP BY rq.id " . "ORDER BY rq.start"; $qh = doQuery($query, 290); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) array_push($requests, $row); $requests = array_reverse($requests); if(! empty($requests)) { @@ -2156,7 +2156,7 @@ function userLookup() { function recurseGetChildren($node) { $children = array(); $qh = doQuery("SELECT id FROM privnode WHERE parent = $node", 340); - while($row = mysql_fetch_row($qh)) { + while($row = mysqli_fetch_row($qh)) { array_push($children, $row[0]); $children = array_merge($children, recurseGetChildren($row[0])); } @@ -2444,7 +2444,7 @@ function jsonGetUserGroupMembers() { . "LEFT JOIN usergroup g2 ON (g.editusergroupid = g2.id) " . "WHERE g.id = $usergrpid"; $qh = doQuery($query, 101); - if(! ($grpdata = mysql_fetch_assoc($qh))) { + if(! ($grpdata = mysqli_fetch_assoc($qh))) { # problem getting group members $msg = 'failed to fetch group members'; $arr = array('members' => $msg, 'domid' => $domid); @@ -2620,7 +2620,7 @@ function jsonGetResourceGroupMembers() { . "WHERE rg.id = $resgrpid AND " . "rg.resourcetypeid = rt.id"; $qh = doQuery($query, 101); - if($row = mysql_fetch_assoc($qh)) { + if($row = mysqli_fetch_assoc($qh)) { $type = $row['name']; if($type == 'computer' || $type == 'managementnode') $field = 'hostname'; @@ -2639,7 +2639,7 @@ function jsonGetResourceGroupMembers() { $query .= " AND t.deleted = 0"; $qh = doQuery($query, 101); $members = ''; - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $members .= "{$row['item']}<br>"; if($members == '') $members = '(empty group)'; @@ -2719,7 +2719,7 @@ function getNodePrivileges($node, $type="all", $privs=0) { . "g.resourcetypeid = t.id " . "ORDER BY p.privnodeid"; $qh = doQuery($query, 350); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { $resourcedata[$row['privnodeid']][] = $row; } } @@ -2746,7 +2746,7 @@ function getNodePrivileges($node, $type="all", $privs=0) { . "u.affiliationid = a.id " . "ORDER BY u.unityid"; $qh = doQuery($query, 351); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $privs['users'][$row['unityid']][$row['name']] = 1; } if($type == "usergroups" || $type == "all") { @@ -2766,7 +2766,7 @@ function getNodePrivileges($node, $type="all", $privs=0) { . "up.usergroupid IS NOT NULL " . "ORDER BY g.name"; $qh = doQuery($query, 352); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { if(isset($privs["usergroups"][$row["id"]])) $privs["usergroups"][$row["id"]]['privs'][$row['priv']] = 1; else @@ -2849,7 +2849,7 @@ function getNodeCascadePrivileges($node, $type="all", $privs=0) { . "g.resourcetypeid = t.id AND " . "p.type = 'block'"; $qh = doQuery($query); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { if(! isset($allblockdata[$row['privnodeid']])) $allblockdata[$row['privnodeid']] = array(); # TODO adding the id at the end will fix the bug where blocking cascaded resource @@ -2888,7 +2888,7 @@ function getNodeCascadePrivileges($node, $type="all", $privs=0) { . "p.privnodeid = p2.privnodeid AND " . "p2.type = 'cascade'"; $qh = doQuery($query); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { if(! isset($allcascadedata[$row['privnodeid']])) $allcascadedata[$row['privnodeid']] = array(); $allcascadedata[$row['privnodeid']][] = @@ -2939,7 +2939,7 @@ function getNodeCascadePrivileges($node, $type="all", $privs=0) { . "t.name = 'block' AND " . "u.affiliationid = a.id"; $qh = doQuery($query, 355); - while($row = mysql_fetch_row($qh)) + while($row = mysqli_fetch_row($qh)) $nodeuserblock[$row[0]][$row[1]] = 1; } static $nodeusercasade; @@ -2967,7 +2967,7 @@ function getNodeCascadePrivileges($node, $type="all", $privs=0) { . "up.userid = Cup.userid " . "ORDER BY up.privnodeid, u.unityid, t.name"; $qh = doQuery($query, 356); - while($row = mysql_fetch_row($qh)) + while($row = mysqli_fetch_row($qh)) $nodeusercascade[$row[0]][$row[1]][$row[2]] = 1; } $mynodelist = $nodelist; @@ -3005,7 +3005,7 @@ function getNodeCascadePrivileges($node, $type="all", $privs=0) { . "up.usergroupid IS NOT NULL AND " . "t.name = 'block'"; $qh = doQuery($query, 357); - while($row = mysql_fetch_row($qh)) + while($row = mysqli_fetch_row($qh)) $nodegroupblock[$row[0]][$row[1]] = 1; } static $nodegroupcascade; @@ -3035,7 +3035,7 @@ function getNodeCascadePrivileges($node, $type="all", $privs=0) { . "up.usergroupid = Cup.usergroupid " . "ORDER BY up.privnodeid, g.id, t.name"; $qh = doQuery($query, 356); - while($row = mysql_fetch_row($qh)) { + while($row = mysqli_fetch_row($qh)) { if(! isset($nodegroupcascade[$row[0]][$row[1]])) { $nodegroupcascade[$row[0]][$row[1]] = array('id' => $row[1], 'name' => $row[2], http://git-wip-us.apache.org/repos/asf/vcl/blob/e5058500/web/.ht-inc/requests.php ---------------------------------------------------------------------- diff --git a/web/.ht-inc/requests.php b/web/.ht-inc/requests.php index b163c42..ab13923 100644 --- a/web/.ht-inc/requests.php +++ b/web/.ht-inc/requests.php @@ -385,7 +385,7 @@ function viewRequests() { . "WHERE v.id = {$requests[$i]['vmhostid']} AND " . "v.computerid = c.id"; $qh = doQuery($query, 101); - $row = mysql_fetch_assoc($qh); + $row = mysqli_fetch_assoc($qh); $vmhost = $row['hostname']; } $text .= " <TD align=center><a id=\"req{$requests[$i]['id']}\" "; @@ -2410,7 +2410,7 @@ function AJnewRequest() { } else { $fields[] = 'name'; - $name = mysql_real_escape_string($data['name']); + $name = vcl_mysql_escape_string($data['name']); $values[] = "'$name'"; } if($data['ipaddr'] != '') { @@ -2472,7 +2472,7 @@ function saveRequestConfigs($reqid, $imageid, $configs, $vars) { . "ORDER BY id"; $qh = doQuery($query); $resids = array(); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { if(! array_key_exists($row['imageid'], $resids)) $resids[$row['imageid']] = array(); $resids[$row['imageid']][] = $row['id']; @@ -2528,7 +2528,7 @@ function saveRequestConfigs($reqid, $imageid, $configs, $vars) { if(array_key_exists("$cfgsubimgid/$mapid", $vars)) { $sets = array(); foreach($vars["$cfgsubimgid/$mapid"] as $varid => $varval) { - $_val = mysql_real_escape_string($varval['value']); + $_val = vcl_mysql_escape_string($varval['value']); $sets[] = "($instid, $varid, '$_val')"; } $query = $qbase2 . implode(',', $sets); @@ -2781,7 +2781,7 @@ function detailStatusHTML($reqid) { . "reservationid = {$request['resid']} AND " . "timestamp = '" . unixToDatetime($data['ts']) . "'"; $qh = doQuery($query, 101); - if($row = mysql_fetch_assoc($qh)) { + if($row = mysqli_fetch_assoc($qh)) { $reason = $row['additionalinfo']; $text .= "<br>" . i("retrying at state") . " \"$reason\""; } @@ -2865,7 +2865,7 @@ function detailStatusHTML($reqid) { . "ORDER BY id " . "LIMIT 1"; $qh = doQuery($query, 101); - if($row = mysql_fetch_assoc($qh)) { + if($row = mysqli_fetch_assoc($qh)) { $reason = $row['additionalInfo']; if(! empty($data)) $currtime = $row['ts'] - $data['ts']; @@ -3732,7 +3732,7 @@ function AJsubmitEditRequest() { return; } if($servername != $request['servername']) { - $servername = mysql_real_escape_string($servername); + $servername = vcl_mysql_escape_string($servername); $updateservername = 1; } } @@ -4132,7 +4132,7 @@ function AJsubmitRemoveRequest() { if($request['serverrequest']) { $query = "SELECT id FROM serverrequest WHERE requestid = $requestid"; $qh = doQuery($query); - if($row = mysql_fetch_assoc($qh)) { + if($row = mysqli_fetch_assoc($qh)) { $query = "DELETE FROM serverrequest WHERE requestid = $requestid"; doQuery($query, 152); deleteVariable("fixedIPsr{$row['id']}"); @@ -4955,7 +4955,7 @@ function getReservationNextTimeout($resid) { . "ORDER BY cll.timestamp DESC " . "LIMIT 1"; $qh = doQuery($query); - if($row = mysql_fetch_assoc($qh)) { + if($row = mysqli_fetch_assoc($qh)) { if(! is_numeric($row['timestamp'])) return NULL; if($row['loadstatename'] == 'acknowledgetimeout') http://git-wip-us.apache.org/repos/asf/vcl/blob/e5058500/web/.ht-inc/resource.php ---------------------------------------------------------------------- diff --git a/web/.ht-inc/resource.php b/web/.ht-inc/resource.php index cecd2bb..cc55d09 100644 --- a/web/.ht-inc/resource.php +++ b/web/.ht-inc/resource.php @@ -574,7 +574,7 @@ class Resource { . "FROM `{$this->restype}` " . "WHERE id = $rscid"; $qh = doQuery($query); - if($row = mysql_fetch_assoc($qh)) { + if($row = mysqli_fetch_assoc($qh)) { $newval = (int)(! (int)$row['deleted']); $query = "UPDATE {$this->restype} " . "SET deleted = $newval " @@ -1628,7 +1628,7 @@ class Resource { if($id) $query .= " AND id != $id"; $qh = doQuery($query); - if(mysql_num_rows($qh)) + if(mysqli_num_rows($qh)) return 1; return 0; } http://git-wip-us.apache.org/repos/asf/vcl/blob/e5058500/web/.ht-inc/schedule.php ---------------------------------------------------------------------- diff --git a/web/.ht-inc/schedule.php b/web/.ht-inc/schedule.php index 57da520..d0760e8 100644 --- a/web/.ht-inc/schedule.php +++ b/web/.ht-inc/schedule.php @@ -188,7 +188,7 @@ class Schedule extends Resource { . "deleted = 0"; $qh = doQuery($query); $comps = array(); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $comps[] = $row['hostname']; if(count($comps)) $msg = "This schedule cannot be deleted because the following <strong>computers</strong> have it selected as their schedule:<br><br>\n" . implode("<br>\n", $comps); @@ -445,7 +445,7 @@ class Schedule extends Resource { if(! empty($id)) $query .= " AND id != $id"; $qh = doQuery($query, 101); - if(mysql_num_rows($qh)) + if(mysqli_num_rows($qh)) return 1; return 0; } http://git-wip-us.apache.org/repos/asf/vcl/blob/e5058500/web/.ht-inc/serverprofiles.php ---------------------------------------------------------------------- diff --git a/web/.ht-inc/serverprofiles.php b/web/.ht-inc/serverprofiles.php index 951789e..2de4826 100644 --- a/web/.ht-inc/serverprofiles.php +++ b/web/.ht-inc/serverprofiles.php @@ -523,10 +523,10 @@ function AJsaveServerProfile() { sendJSON($data); return; } - $name = mysql_real_escape_string($data['name']); - $desc = mysql_real_escape_string($data['desc']); - $fixedIP = mysql_real_escape_string($data['fixedIP']); - $fixedMAC = mysql_real_escape_string($data['fixedMAC']); + $name = vcl_mysql_escape_string($data['name']); + $desc = vcl_mysql_escape_string($data['desc']); + $fixedIP = vcl_mysql_escape_string($data['fixedIP']); + $fixedMAC = vcl_mysql_escape_string($data['fixedMAC']); $ret = array(); if($data['profileid'] == 70000) { $query = "INSERT INTO serverprofile " @@ -626,7 +626,7 @@ function AJdelServerProfile() { } $query = "DELETE FROM serverprofile WHERE id = $profileid"; doQuery($query, 101); - $rows = mysql_affected_rows(); + $rows = mysqli_affected_rows(); if($rows == 0) { $data = array('error' => 1, 'msg' => 'Failed to delete selected server profile'); @@ -864,7 +864,7 @@ function getServerProfileGroups($userid, $type) { } $qh = doQuery($query, 101); $groups = array(); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $groups[$row['id']] = $row['name']; $_SESSION['usersessiondata'][$key] = $groups; return $groups; http://git-wip-us.apache.org/repos/asf/vcl/blob/e5058500/web/.ht-inc/siteconfig.php ---------------------------------------------------------------------- diff --git a/web/.ht-inc/siteconfig.php b/web/.ht-inc/siteconfig.php index 96aedda..a8f5d39 100644 --- a/web/.ht-inc/siteconfig.php +++ b/web/.ht-inc/siteconfig.php @@ -1292,7 +1292,7 @@ class AffilHelpAddress extends AffilTextVariable { $this->values = array(); $query = "SELECT id, helpaddress FROM affiliation ORDER BY name"; $qh = doQuery($query); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $this->values[$row['id']] = $row['helpaddress']; } @@ -1310,18 +1310,18 @@ class AffilHelpAddress extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function setValue($affilid, $value) { - global $mysql_link_vcl; + global $mysqli_link_vcl; if($value === NULL) $newval = 'NULL'; else { - $esc_value = mysql_real_escape_string($value); + $esc_value = vcl_mysql_escape_string($value); $newval = "'$esc_value'"; } $query = "UPDATE affiliation " . "SET helpaddress = $newval " . "WHERE id = $affilid"; doQuery($query); - $rc = mysql_affected_rows($mysql_link_vcl); + $rc = mysqli_affected_rows($mysqli_link_vcl); if($rc == 1) return 1; return 0; @@ -1339,12 +1339,12 @@ class AffilHelpAddress extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function deleteValue($affilid) { - global $mysql_link_vcl; + global $mysqli_link_vcl; $query = "UPDATE affiliation " . "SET helpaddress = NULL " . "WHERE id = $affilid"; doQuery($query); - $rc = mysql_affected_rows($mysql_link_vcl); + $rc = mysqli_affected_rows($mysqli_link_vcl); if($rc == 1) return 1; return 0; @@ -1391,7 +1391,7 @@ class AffilWebAddress extends AffilTextVariable { $this->values = array(); $query = "SELECT id, sitewwwaddress FROM affiliation ORDER BY name"; $qh = doQuery($query); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $this->values[$row['id']] = $row['sitewwwaddress']; } @@ -1409,18 +1409,18 @@ class AffilWebAddress extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function setValue($affilid, $value) { - global $mysql_link_vcl; + global $mysqli_link_vcl; if($value === NULL) $newval = 'NULL'; else { - $esc_value = mysql_real_escape_string($value); + $esc_value = vcl_mysql_escape_string($value); $newval = "'$esc_value'"; } $query = "UPDATE affiliation " . "SET sitewwwaddress = $newval " . "WHERE id = $affilid"; doQuery($query); - $rc = mysql_affected_rows($mysql_link_vcl); + $rc = mysqli_affected_rows($mysqli_link_vcl); if($rc == 1) return 1; return 0; @@ -1438,12 +1438,12 @@ class AffilWebAddress extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function deleteValue($affilid) { - global $mysql_link_vcl; + global $mysqli_link_vcl; $query = "UPDATE affiliation " . "SET sitewwwaddress = NULL " . "WHERE id = $affilid"; doQuery($query); - $rc = mysql_affected_rows($mysql_link_vcl); + $rc = mysqli_affected_rows($mysqli_link_vcl); if($rc == 1) return 1; return 0; @@ -1498,7 +1498,7 @@ class AffilKMSserver extends AffilTextVariable { . "LEFT JOIN winKMS k ON (k.affiliationid = a.id) " . "ORDER BY a.id"; $qh = doQuery($query); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { if(is_null($row['address']) && is_null($row['port'])) { $this->values[$row['id']] = NULL; continue; @@ -1529,7 +1529,7 @@ class AffilKMSserver extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function setValue($affilid, $value) { - global $mysql_link_vcl; + global $mysqli_link_vcl; $this->getValues(); $values = explode(',', $value); # create datastructure of newly submitted hosts @@ -1588,7 +1588,7 @@ class AffilKMSserver extends AffilTextVariable { # insert new hosts $values = array(); foreach($adds as $host => $port) { - $esc_host = mysql_real_escape_string($host); + $esc_host = vcl_mysql_escape_string($host); $values[] = "($affilid, '$esc_host', $port)"; } $rc1 = 1; @@ -1597,25 +1597,25 @@ class AffilKMSserver extends AffilTextVariable { . "(affiliationid, address, port) " . "VALUES " . implode(',', $values); doQuery($query); - $rc1 = mysql_affected_rows($mysql_link_vcl); + $rc1 = mysqli_affected_rows($mysqli_link_vcl); } # make changes $rc2 = 1; foreach($changes as $host => $port) { - $esc_host = mysql_real_escape_string($host); + $esc_host = vcl_mysql_escape_string($host); $query = "UPDATE winKMS " . "SET port = $port " . "WHERE address = '$esc_host' AND " . "affiliationid = $affilid"; doQuery($query); - $tmp = mysql_affected_rows($mysql_link_vcl); + $tmp = mysqli_affected_rows($mysqli_link_vcl); if($rc2) $rc2 = $tmp; } # delete old hosts $values = array(); foreach($rems as $host => $port) { - $esc_host = mysql_real_escape_string($host); + $esc_host = vcl_mysql_escape_string($host); $values[] = "(affiliationid = $affilid AND " . "address = '$esc_host' AND " . "port = $port)"; @@ -1625,7 +1625,7 @@ class AffilKMSserver extends AffilTextVariable { $query = "DELETE FROM winKMS " . "WHERE " . implode(' OR ', $values); doQuery($query); - $rc3 = mysql_affected_rows($mysql_link_vcl); + $rc3 = mysqli_affected_rows($mysqli_link_vcl); } if($rc1 == 0 || $rc2 == 0 || $rc3 == 0) return 0; @@ -1644,11 +1644,11 @@ class AffilKMSserver extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function deleteValue($affilid) { - global $mysql_link_vcl; + global $mysqli_link_vcl; $query = "DELETE FROM winKMS " . "WHERE affiliationid = $affilid"; doQuery($query); - $rc = mysql_affected_rows($mysql_link_vcl); + $rc = mysqli_affected_rows($mysqli_link_vcl); if($rc == 1) return 1; return 0; @@ -1715,7 +1715,7 @@ class AffilTheme extends AffilTextVariable { $this->values = array(); $query = "SELECT id, theme FROM affiliation ORDER BY name"; $qh = doQuery($query); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $this->values[$row['id']] = $row['theme']; } @@ -1733,13 +1733,13 @@ class AffilTheme extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function setValue($affilid, $value) { - global $mysql_link_vcl; - $esc_value = mysql_real_escape_string($value); + global $mysqli_link_vcl; + $esc_value = vcl_mysql_escape_string($value); $query = "UPDATE affiliation " . "SET theme = '$esc_value' " . "WHERE id = $affilid"; doQuery($query); - $rc = mysql_affected_rows($mysql_link_vcl); + $rc = mysqli_affected_rows($mysqli_link_vcl); if($rc == 1) return 1; return 0; @@ -1757,12 +1757,12 @@ class AffilTheme extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function deleteValue($affilid) { - global $mysql_link_vcl; + global $mysqli_link_vcl; $query = "UPDATE affiliation " . "SET theme = NULL " . "WHERE id = $affilid"; doQuery($query); - $rc = mysql_affected_rows($mysql_link_vcl); + $rc = mysqli_affected_rows($mysqli_link_vcl); if($rc == 1) return 1; return 0; @@ -1834,7 +1834,7 @@ class AffilShibOnly extends AffilTextVariable { . "WHERE name NOT IN ('Global', 'Local') " . "ORDER BY name"; $qh = doQuery($query); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $this->values[$row['id']] = (int)(! $row['shibonly']); } @@ -1852,13 +1852,13 @@ class AffilShibOnly extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function setValue($affilid, $value) { - global $mysql_link_vcl; + global $mysqli_link_vcl; $value = (int)(! $value); $query = "UPDATE affiliation " . "SET shibonly = $value " . "WHERE id = $affilid"; doQuery($query); - $rc = mysql_affected_rows($mysql_link_vcl); + $rc = mysqli_affected_rows($mysqli_link_vcl); if($rc == 1) return 1; return 0; @@ -1944,7 +1944,7 @@ class AffilShibName extends AffilTextVariable { . "WHERE name NOT IN ('Global', 'Local') " . "ORDER BY name"; $qh = doQuery($query); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $this->values[$row['id']] = $row['shibname']; } @@ -1962,18 +1962,18 @@ class AffilShibName extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function setValue($affilid, $value) { - global $mysql_link_vcl; + global $mysqli_link_vcl; if($value === NULL) $newval = 'NULL'; else { - $esc_value = mysql_real_escape_string($value); + $esc_value = vcl_mysql_escape_string($value); $newval = "'$esc_value'"; } $query = "UPDATE affiliation " . "SET shibname = $newval " . "WHERE id = $affilid"; doQuery($query); - $rc = mysql_affected_rows($mysql_link_vcl); + $rc = mysqli_affected_rows($mysqli_link_vcl); if($rc == 1) return 1; return 0; @@ -1991,12 +1991,12 @@ class AffilShibName extends AffilTextVariable { /// ///////////////////////////////////////////////////////////////////////////// function deleteValue($affilid) { - global $mysql_link_vcl; + global $mysqli_link_vcl; $query = "UPDATE affiliation " . "SET shibname = NULL " . "WHERE id = $affilid"; doQuery($query); - $rc = mysql_affected_rows($mysql_link_vcl); + $rc = mysqli_affected_rows($mysqli_link_vcl); if($rc == 1) return 1; return 0; @@ -2973,7 +2973,7 @@ class Affiliations extends GlobalMultiVariable { sendJSON($arr); return; } - $_newval = mysql_real_escape_string($newval); + $_newval = vcl_mysql_escape_string($newval); $query = "INSERT INTO affiliation (name) VALUES ('$_newval')"; doQuery($query); $arr = array('status' => 'success', @@ -2998,7 +2998,7 @@ class Affiliations extends GlobalMultiVariable { foreach($tables as $table) { $query = "SELECT affiliationid FROM $table WHERE affiliationid = $key LIMIT 1"; $qh = doQuery($query); - if(mysql_num_rows($qh)) { + if(mysqli_num_rows($qh)) { $used = 1; break; } @@ -3052,7 +3052,7 @@ class Affiliations extends GlobalMultiVariable { function updateValue($key, $val) { $tmp = explode('|', $key); $key = $tmp[1]; - $_val = mysql_real_escape_string($val); + $_val = vcl_mysql_escape_string($val); $query = "UPDATE affiliation SET name = '$_val' WHERE id = $key"; doQuery($query); } @@ -3395,7 +3395,7 @@ class Messages { . "value LIKE '%invalidfields%'"; $qh = doQuery($query); $invalids = array(); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { $data = Spyc::YAMLLoad($row['value']); if(array_key_exists('invalidfields', $data)) { $invalids[$row['name']] = $data['invalidfields']; http://git-wip-us.apache.org/repos/asf/vcl/blob/e5058500/web/.ht-inc/sitemaintenance.php ---------------------------------------------------------------------- diff --git a/web/.ht-inc/sitemaintenance.php b/web/.ht-inc/sitemaintenance.php index 6dad773..fe833dc 100644 --- a/web/.ht-inc/sitemaintenance.php +++ b/web/.ht-inc/sitemaintenance.php @@ -279,8 +279,8 @@ function AJcreateSiteMaintenance() { return; } - $reason = mysql_real_escape_string($data['reason']); - $usermessage = mysql_real_escape_string($data['usermessage']); + $reason = vcl_mysql_escape_string($data['reason']); + $usermessage = vcl_mysql_escape_string($data['usermessage']); $query = "INSERT INTO sitemaintenance " . "(start, " . "end, " @@ -413,8 +413,8 @@ function AJeditSiteMaintenance() { return; } - $reason = mysql_real_escape_string($data['reason']); - $usermessage = mysql_real_escape_string($data['usermessage']); + $reason = vcl_mysql_escape_string($data['reason']); + $usermessage = vcl_mysql_escape_string($data['usermessage']); $query = "UPDATE sitemaintenance " . "SET start = '{$data['startdt']}', " . "end = '{$data['enddt']}', " http://git-wip-us.apache.org/repos/asf/vcl/blob/e5058500/web/.ht-inc/statistics.php ---------------------------------------------------------------------- diff --git a/web/.ht-inc/statistics.php b/web/.ht-inc/statistics.php index ca81b8b..4127fe1 100644 --- a/web/.ht-inc/statistics.php +++ b/web/.ht-inc/statistics.php @@ -110,7 +110,7 @@ function selectStatistics() { . "ORDER BY prettyname"; $qh = doQuery($query); $provs = array(); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $provs[$row['id']] = $row['prettyname']; $cdata = array('mode' => 'provisioning', 'provs' => $provs); @@ -292,7 +292,7 @@ function viewStatistics() { "10hrsplus" => 0); $totalhours = 0; $osusers = array(); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { if(! array_key_exists($row["prettyname"], $imageload2less)) $imageload2less[$row["prettyname"]] = 0; if(! array_key_exists($row["prettyname"], $imageload2to6)) @@ -685,7 +685,7 @@ function getStatGraphDayData($start, $end, $affilid, $mode, $provid) { . "statdate <= '$end' AND " . "provisioningid = $provid"; $qh = doQuery($query, 101); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $cachepts[$row['statdate']] = $row['value']; for($i = $startunix; $i < $endunix; $i += SECINDAY) { $cnt++; @@ -735,7 +735,7 @@ function getStatGraphDayData($start, $end, $affilid, $mode, $provid) { } } $qh = doQuery($query, 295); - if($row = mysql_fetch_row($qh)) + if($row = mysqli_fetch_row($qh)) $value = $row[0]; else $value = 0; @@ -843,7 +843,7 @@ function getStatGraphHourData($start, $end, $affilid, $mode, $provid) { } } $qh = doQuery($query, 296); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { $startmin = ($row['shour'] * 60) + $row['smin']; $endmin = ($row['ehour'] * 60) + $row['emin']; @@ -951,7 +951,7 @@ function getStatGraphDayConUsersData($start, $end, $affilid, $mode, $provid) { . "statdate <= '$end' AND " . "provisioningid = $provid"; $qh = doQuery($query, 101); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $cachepts[$row['statdate']] = $row['value']; if((count($cachepts) + 31) < $daycnt) { $data = array('nodata' => i('(too much computational time required to generate this graph)')); @@ -1008,7 +1008,7 @@ function getStatGraphDayConUsersData($start, $end, $affilid, $mode, $provid) { } } $qh = doQuery($query, 101); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { $unixstart = $row["start"]; $unixend = $row["end"]; for($binstart = $daystart, $binend = $daystart + 3600, $binindex = 0; @@ -1095,7 +1095,7 @@ function getStatGraphConBladeUserData($start, $end, $affilid, $mode, $provid) { . "statdate <= '$end' AND " . "provisioningid = $provid"; $qh = doQuery($query, 101); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $cachepts[$row['statdate']] = $row['value']; if((count($cachepts) + 31) < $daycnt) { $data = array('nodata' => i('(too much computational time required to generate this graph)')); @@ -1180,7 +1180,7 @@ function getStatGraphConBladeUserData($start, $end, $affilid, $mode, $provid) { } $qh = doQuery($query, 101); $comps = array(); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { $unixstart = datetimeToUnix($row["start"]); $unixend = datetimeToUnix($row["end"]); for($binstart = $daystart, $binend = $daystart + 3600, $binindex = 0; @@ -1273,7 +1273,7 @@ function getStatGraphConVMUserData($start, $end, $affilid, $mode, $provid) { . "statdate <= '$end' AND " . "provisioningid = $provid"; $qh = doQuery($query, 101); - while($row = mysql_fetch_assoc($qh)) + while($row = mysqli_fetch_assoc($qh)) $cachepts[$row['statdate']] = $row['value']; if((count($cachepts) + 31) < $daycnt) { $data = array('nodata' => i('(too much computational time required to generate this graph)')); @@ -1348,7 +1348,7 @@ function getStatGraphConVMUserData($start, $end, $affilid, $mode, $provid) { } } $qh = doQuery($query, 101); - while($row = mysql_fetch_assoc($qh)) { + while($row = mysqli_fetch_assoc($qh)) { $unixstart = datetimeToUnix($row["start"]); $unixend = datetimeToUnix($row["end"]); for($binstart = $daystart, $binend = $daystart + 3600, $binindex = 0; http://git-wip-us.apache.org/repos/asf/vcl/blob/e5058500/web/.ht-inc/userpreferences.php ---------------------------------------------------------------------- diff --git a/web/.ht-inc/userpreferences.php b/web/.ht-inc/userpreferences.php index 3838c99..fcdc6f7 100644 --- a/web/.ht-inc/userpreferences.php +++ b/web/.ht-inc/userpreferences.php @@ -490,7 +490,7 @@ function submitUserPrefs() { . "WHERE u.id = '{$user['id']}' AND " . "l.userid = u.id"; $qh = doQuery($query, 101); - if(! ($row = mysql_fetch_assoc($qh))) + if(! ($row = mysqli_fetch_assoc($qh))) abort(); $passhash = sha1("{$data['newpassword']}{$row['salt']}"); $query = "UPDATE localauth " @@ -564,7 +564,7 @@ function submitGeneralPreferences() { if($pubkeyauth == 2 && preg_match('|^[-a-zA-Z0-9\+/ @=\.\n\r]*$|', $pubkeys)) { if(get_magic_quotes_gpc()) $pubkeys = stripslashes($pubkeys); - $_pubkeys = mysql_real_escape_string($pubkeys); + $_pubkeys = vcl_mysql_escape_string($pubkeys); $query = "UPDATE user SET sshpublickeys = '$_pubkeys' WHERE id = {$user['id']}"; doQuery($query); $_SESSION['user']['sshpublickeys'] = htmlspecialchars($pubkeys);
