Author: jfthomps
Date: Fri Aug  6 15:06:37 2010
New Revision: 983011

URL: http://svn.apache.org/viewvc?rev=983011&view=rev
Log:
VCL-305
update code to work with php 5.3

All functions listed as deprecated on this page:
http://php.net/manual/en/migration53.deprecated.php
were updated to their replacement functions.

Modified:
    incubator/vcl/trunk/web/.ht-inc/authmethods/itecsauth.php
    incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php
    incubator/vcl/trunk/web/.ht-inc/authmethods/shibauth.php
    incubator/vcl/trunk/web/.ht-inc/computers.php
    incubator/vcl/trunk/web/.ht-inc/groups.php
    incubator/vcl/trunk/web/.ht-inc/help.php
    incubator/vcl/trunk/web/.ht-inc/images.php
    incubator/vcl/trunk/web/.ht-inc/managementnodes.php
    incubator/vcl/trunk/web/.ht-inc/privileges.php
    incubator/vcl/trunk/web/.ht-inc/requests.php
    incubator/vcl/trunk/web/.ht-inc/schedules.php
    incubator/vcl/trunk/web/.ht-inc/userpreferences.php
    incubator/vcl/trunk/web/.ht-inc/utils.php
    incubator/vcl/trunk/web/.ht-inc/vcldocs.php
    incubator/vcl/trunk/web/.ht-inc/vm.php
    incubator/vcl/trunk/web/.ht-inc/xmlrpcWrappers.php

Modified: incubator/vcl/trunk/web/.ht-inc/authmethods/itecsauth.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/authmethods/itecsauth.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/authmethods/itecsauth.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/authmethods/itecsauth.php Fri Aug  6 
15:06:37 2010
@@ -36,7 +36,7 @@ function addITECSUser($loginid) {
        global $mysql_link_vcl, $ENABLE_ITECSAUTH;
        if(! $ENABLE_ITECSAUTH)
                return NULL;
-       $esc_loginid = mysql_escape_string($loginid);
+       $esc_loginid = mysql_real_escape_string($loginid);
        $query = "SELECT id AS uid, "
               .        "first, " 
               .        "last, "
@@ -50,10 +50,10 @@ function addITECSUser($loginid) {
        if($row = mysql_fetch_assoc($qh)) {
                // FIXME test replacing ''s
                // FIXME do we care if the account is active?
-               $first = mysql_escape_string($row['first']);
-               $last = mysql_escape_string($row['last']);
-               $loweruser = mysql_escape_string(strtolower($row['email']));
-               $email = mysql_escape_string($row['email']);
+               $first = mysql_real_escape_string($row['first']);
+               $last = mysql_real_escape_string($row['last']);
+               $loweruser = 
mysql_real_escape_string(strtolower($row['email']));
+               $email = mysql_real_escape_string($row['email']);
                $query = "INSERT INTO user ("
                       .        "uid, "
                       .        "unityid, "
@@ -192,10 +192,10 @@ function updateITECSUser($userid) {
        // if get a row
        //    update db
        //    update results from select
-       $esc_userid = mysql_escape_string($userid);
-       $first = mysql_escape_string($userData['first']);
-       $last = mysql_escape_string($userData['last']);
-       $email = mysql_escape_string($userData['email']);
+       $esc_userid = mysql_real_escape_string($userid);
+       $first = mysql_real_escape_string($userData['first']);
+       $last = mysql_real_escape_string($userData['last']);
+       $email = mysql_real_escape_string($userData['email']);
        if($user = mysql_fetch_assoc($qh)) {
                $user["unityid"] = $userid;
                $user["firstname"] = $userData['first'];

Modified: incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php Fri Aug  6 
15:06:37 2010
@@ -288,9 +288,9 @@ function updateLDAPUser($authtype, $user
 /// \param $userid - a userid without the affiliation part
 ///
 /// \return an array of user information with the following keys:\n
-/// \b first - first name of user (escaped with mysql_escape_string)\n
-/// \b last - last name of user (escaped with mysql_escape_string)\n
-/// \b email - email address of user (escaped with mysql_escape_string)\n
+/// \b first - first name of user (escaped with mysql_real_escape_string)\n
+/// \b last - last name of user (escaped with mysql_real_escape_string)\n
+/// \b email - email address of user (escaped with mysql_real_escape_string)\n
 /// \b numericid - numeric id of user if $authtype is configured to include it
 ///
 /// \brief gets user information from ldap
@@ -371,16 +371,16 @@ function getLDAPUserData($authtype, $use
                }
 
                if(array_key_exists(strtolower($auth['firstname']), $data))
-                       $return['first'] = 
mysql_escape_string($data[strtolower($auth['firstname'])]);
+                       $return['first'] = 
mysql_real_escape_string($data[strtolower($auth['firstname'])]);
                else
                        $return['first'] = '';
                if(array_key_exists(strtolower($auth['lastname']), $data))
-                       $return['last'] = 
mysql_escape_string($data[strtolower($auth['lastname'])]);
+                       $return['last'] = 
mysql_real_escape_string($data[strtolower($auth['lastname'])]);
                else
                        $return['last'] = '';
                if($donumericid && 
is_numeric($data[strtolower($auth['numericid'])]))
                        $return['numericid'] = 
$data[strtolower($auth['numericid'])];
-               $return['email'] = 
mysql_escape_string($data[strtolower($auth['email'])]);
+               $return['email'] = 
mysql_real_escape_string($data[strtolower($auth['email'])]);
 
                return $return;
        }

Modified: incubator/vcl/trunk/web/.ht-inc/authmethods/shibauth.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/authmethods/shibauth.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/authmethods/shibauth.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/authmethods/shibauth.php Fri Aug  6 
15:06:37 2010
@@ -83,13 +83,13 @@ function updateShibUser($userid) {
 
        # update user's data in db
        $user['id'] = $row['id'];
-       $first = mysql_escape_string($user['firstname']);
-       $last = mysql_escape_string($user['lastname']);
+       $first = mysql_real_escape_string($user['firstname']);
+       $last = mysql_real_escape_string($user['lastname']);
        $query = "UPDATE user "
               . "SET firstname = '$first', "
               .     "lastname = '$last', ";
        if(array_key_exists('email', $user)) {
-               $email = mysql_escape_string($user['email']);
+               $email = mysql_real_escape_string($user['email']);
                $query .= "email = '$email', ";
        }
        $query .=    "lastupdated = NOW() " 
@@ -117,9 +117,9 @@ function updateShibUser($userid) {
 
////////////////////////////////////////////////////////////////////////////////
 function addShibUser($user) {
        global $mysql_link_vcl;
-       $unityid = mysql_escape_string($user['unityid']);
-       $first = mysql_escape_string($user['firstname']);
-       $last = mysql_escape_string($user['lastname']);
+       $unityid = mysql_real_escape_string($user['unityid']);
+       $first = mysql_real_escape_string($user['firstname']);
+       $last = mysql_real_escape_string($user['lastname']);
        $query = "INSERT INTO user "
               .        "(unityid, "
               .        "affiliationid, "
@@ -135,7 +135,7 @@ function addShibUser($user) {
               .        "'$first', "
               .        "'$last', ";
        if(array_key_exists('email', $user)) {
-               $email = mysql_escape_string($user['email']);
+               $email = mysql_real_escape_string($user['email']);
                $query .=    "'$email', ";
        }
        $query .=       "0, "
@@ -175,7 +175,7 @@ function updateShibGroups($usernid, $gro
                $row = mysql_fetch_assoc($qh);
                $affilid = $row['id'];
                # prepend shib- and escape it for mysql
-               $grp = mysql_escape_string("shib-" . $name);
+               $grp = mysql_real_escape_string("shib-" . $name);
                array_push($newusergroups, getUserGroupID($grp, $affilid));
        }
        /*if($shibaffil == 'example1.edu') {

Modified: incubator/vcl/trunk/web/.ht-inc/computers.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/computers.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/computers.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/computers.php Fri Aug  6 15:06:37 2010
@@ -1603,7 +1603,7 @@ function generateDHCP() {
        $mnipaddr = processInputVar('mnipaddr', ARG_STRING);
        $data = getContinuationVar();
        $addrArr = explode('.', $mnipaddr);
-       if(! ereg('^(([0-9]){1,3}\.){3}([0-9]){1,3}$', $mnipaddr) ||
+       if(! preg_match('/^(([0-9]){1,3}\.){3}([0-9]){1,3}$/', $mnipaddr) ||
                $addrArr[0] < 1 || $addrArr[0] > 255 ||
                $addrArr[1] < 0 || $addrArr[1] > 255 ||
                $addrArr[2] < 0 || $addrArr[2] > 255 ||
@@ -2454,7 +2454,7 @@ function submitCompStateChange() {
                $data['notes'] = processInputVar('notes', ARG_STRING);
                if(get_magic_quotes_gpc())
                        $data['notes'] = stripslashes($data['notes']);
-               $data['notes'] = mysql_escape_string($data['notes']);
+               $data['notes'] = mysql_real_escape_string($data['notes']);
                $data["notes"] = $user["unityid"] . " " . 
unixToDatetime(time()) . "@"
                               . $data["notes"];
                $vclreloadid = getUserlistID('vclrel...@local');
@@ -2914,7 +2914,7 @@ function processComputerInput($checks=1)
        }
 
        $ipaddressArr = explode('.', $return["ipaddress"]);
-       if(! ereg('^(([0-9]){1,3}\.){3}([0-9]){1,3}$', $return["ipaddress"]) ||
+       if(! preg_match('/^(([0-9]){1,3}\.){3}([0-9]){1,3}$/', 
$return["ipaddress"]) ||
                $ipaddressArr[0] < 1 || $ipaddressArr[0] > 255 ||
                $ipaddressArr[1] < 0 || $ipaddressArr[1] > 255 ||
                $ipaddressArr[2] < 0 || $ipaddressArr[2] > 255 ||
@@ -2936,7 +2936,7 @@ function processComputerInput($checks=1)
           $submitErr |= PROCSPEEDERR;
           $submitErrMsg[PROCSPEEDERR] = "Processor Speed must be between 500 
and 20000";
        }
-       if(! ereg('^[a-zA-Z0-9_][-a-zA-Z0-9_.]{1,35}$', $return["hostname"])) {
+       if(! preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_.]{1,35}$/', 
$return["hostname"])) {
           $submitErr |= HOSTNAMEERR;
           $submitErrMsg[HOSTNAMEERR] = "Hostname must be <= 36 characters";
        }
@@ -3078,7 +3078,7 @@ function processBulkComputerInput($check
        }
 
        $startaddrArr = explode('.', $return["startipaddress"]);
-       if(! ereg('^(([0-9]){1,3}\.){3}([0-9]){1,3}$', 
$return["startipaddress"]) ||
+       if(! preg_match('/^(([0-9]){1,3}\.){3}([0-9]){1,3}$/', 
$return["startipaddress"]) ||
                $startaddrArr[0] < 1 || $startaddrArr[0] > 255 ||
                $startaddrArr[1] < 0 || $startaddrArr[1] > 255 ||
                $startaddrArr[2] < 0 || $startaddrArr[2] > 255 ||
@@ -3088,7 +3088,7 @@ function processBulkComputerInput($check
                                         . "w, x, y, and z being between 1 and 
255 (inclusive)";
        }
        $endaddrArr = explode('.', $return["endipaddress"]);
-       if(! ereg('^(([0-9]){1,3}\.){3}([0-9]){1,3}$', $return["endipaddress"]) 
||
+       if(! preg_match('/^(([0-9]){1,3}\.){3}([0-9]){1,3}$/', 
$return["endipaddress"]) ||
                $endaddrArr[0] < 1 || $endaddrArr[0] > 255 ||
                $endaddrArr[1] < 0 || $endaddrArr[1] > 255 ||
                $endaddrArr[2] < 0 || $endaddrArr[2] > 255 ||
@@ -3101,7 +3101,7 @@ function processBulkComputerInput($check
        if(! empty($return['startpripaddress']) ||
                ! empty($return['endpripaddress'])) {
                $startpraddrArr = explode('.', $return["startpripaddress"]);
-               if(! ereg('^(([0-9]){1,3}\.){3}([0-9]){1,3}$', 
$return["startpripaddress"]) ||
+               if(! preg_match('/^(([0-9]){1,3}\.){3}([0-9]){1,3}$/', 
$return["startpripaddress"]) ||
                        $startpraddrArr[0] < 1 || $startpraddrArr[0] > 255 ||
                        $startpraddrArr[1] < 0 || $startpraddrArr[1] > 255 ||
                        $startpraddrArr[2] < 0 || $startpraddrArr[2] > 255 ||
@@ -3111,7 +3111,7 @@ function processBulkComputerInput($check
                                                  . "w, x, y, and z being 
between 1 and 255 (inclusive)";
                }
                $endpraddrArr = explode('.', $return["endpripaddress"]);
-               if(! ereg('^(([0-9]){1,3}\.){3}([0-9]){1,3}$', 
$return["endpripaddress"]) ||
+               if(! preg_match('/^(([0-9]){1,3}\.){3}([0-9]){1,3}$/', 
$return["endpripaddress"]) ||
                        $endpraddrArr[0] < 1 || $endpraddrArr[0] > 255 ||
                        $endpraddrArr[1] < 0 || $endpraddrArr[1] > 255 ||
                        $endpraddrArr[2] < 0 || $endpraddrArr[2] > 255 ||
@@ -3122,7 +3122,7 @@ function processBulkComputerInput($check
                }
        }
        if(! empty($return['startmac'])) {
-               if(! ereg('^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$', 
$return["startmac"])) {
+               if(! preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', 
$return["startmac"])) {
                        $submitErr |= MACADDRERR;
                        $submitErrMsg[MACADDRERR] = "Invalid MAC address.  Must 
be XX:XX:XX:XX:XX:XX "
                                                  . "with each pair of XX being 
from 00 to FF (inclusive)";
@@ -3164,7 +3164,7 @@ function processBulkComputerInput($check
           $submitErr |= PROCSPEEDERR;
           $submitErrMsg[PROCSPEEDERR] = "Processor Speed must be between 500 
and 20000";
        }
-       if(! ereg('^[a-zA-Z0-9_%][-a-zA-Z0-9_.%]{1,35}$', $return["hostname"])) 
{
+       if(! preg_match('/^[a-zA-Z0-9_%][-a-zA-Z0-9_.%]{1,35}$/', 
$return["hostname"])) {
           $submitErr |= HOSTNAMEERR;
           $submitErrMsg[HOSTNAMEERR] = "Hostname must be <= 36 characters";
        }

Modified: incubator/vcl/trunk/web/.ht-inc/groups.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/groups.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/groups.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/groups.php Fri Aug  6 15:06:37 2010
@@ -592,7 +592,7 @@ function processGroupInput($checks=1) {
                return $return;
        }
        
-       if(! ereg('^[-a-zA-Z0-9_\.: ]{3,30}$', $return["name"])) {
+       if(! preg_match('/^[-a-zA-Z0-9_\.: ]{3,30}$/', $return["name"])) {
           $submitErr |= GRPNAMEERR;
           $submitErrMsg[GRPNAMEERR] = "Name must be between 3 and 30 
characters "
                                       . "and can only contain letters, 
numbers, and "
@@ -1004,7 +1004,7 @@ function confirmDeleteGroup() {
                        . "in use.";
                $question = "Delete the following resource group?";
                list($resourcetype, $name) = 
-                       split('/', $resourcegroups[$groupid]["name"]);
+                       explode('/', $resourcegroups[$groupid]["name"]);
                $target = "#resources";
        }
 

Modified: incubator/vcl/trunk/web/.ht-inc/help.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/help.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/help.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/help.php Fri Aug  6 15:06:37 2010
@@ -128,11 +128,11 @@ function submitHelpForm() {
        $testname = $name;
        if(get_magic_quotes_gpc())
                $testname = stripslashes($name);
-       if(! ereg('^([-A-Za-z \']{1,} [-A-Za-z \']{2,})*$', $testname)) {
+       if(! preg_match('/^([-A-Za-z \']{1,} [-A-Za-z \']{2,})*$/', $testname)) 
{
                $submitErr |= NAMEERR;
                $submitErrMsg[NAMEERR] = "Name can only contain letters, 
spaces, apostrophes ('), and dashes (-)";
        }
-       if(! 
eregi('^[_a-z0-9-]+(\.[_a-z0-9-]+)*...@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$',
+       if(! 
preg_match('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*...@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i',
           $email)) {
                $submitErr |= EMAILERR;
                $submitErrMsg[EMAILERR] = "Invalid email address, please 
correct";

Modified: incubator/vcl/trunk/web/.ht-inc/images.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/images.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/images.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/images.php Fri Aug  6 15:06:37 2010
@@ -1523,9 +1523,9 @@ function confirmEditOrAddImage($state) {
        print "<TABLE>\n";
        print "  <TR valign=top>\n";
        print "    <TD>\n";
-       $data['description'] = mysql_escape_string($data['description']);
-       $data['usage'] = mysql_escape_string($data['usage']);
-       $data['comments'] = mysql_escape_string($data['comments']);
+       $data['description'] = mysql_real_escape_string($data['description']);
+       $data['usage'] = mysql_real_escape_string($data['usage']);
+       $data['comments'] = mysql_real_escape_string($data['comments']);
 
        if($state) {
                $data['nextmode'] = 'submitAddImage';
@@ -1775,7 +1775,7 @@ function updateExistingImage() {
        $comments = preg_replace("/\n/", '', $comments);
        if(get_magic_quotes_gpc())
                $comments = stripslashes($comments);
-       $comments = mysql_escape_string($comments);
+       $comments = mysql_real_escape_string($comments);
 
        $data = getRequestInfo($requestid);
        foreach($data["reservations"] as $res) {
@@ -1939,21 +1939,8 @@ function submitSetImageProduction() {
                        break;
                }
        }
-       /*$regs = array();
-       if(ereg('(.*)-v([0-9]){1,2}$', $data["image"], $regs)) {
-               $newname = $regs[1] . "-v" . ++$regs[2];
-               print "newname - $newname<br>\n";
-       }
-       else {
-               $newname = $data["image"] . "-v0";
-       }
-       $query = "UPDATE image "
-              . "SET name = '$newname', "
-              .     "test = 0 "
-              . "WHERE id = " . $data["imageid"];*/
        $query = "UPDATE request SET stateid = 17 WHERE id = $requestid";
        doQuery($query, 101);
-       //deleteRequest($data);
        print "<H2>Change Test Image to Production</H2>\n";
        print "<b>$prettyimage</b> is in the process of being ";
        print "updated to use the newly created image.<br>\n";
@@ -2464,7 +2451,7 @@ function processImageInput($checks=1) {
           $submitErr |= NAMEERR;
           $submitErrMsg[NAMEERR] = "An image already exists with this name.";
        }*/
-       if(ereg('-', $return["prettyname"]) ||
+       if(preg_match('/-/', $return["prettyname"]) ||
                strlen($return["prettyname"]) > 60 || 
strlen($return["prettyname"]) < 2) {
           $submitErr |= PRETTYNAMEERR;
           $submitErrMsg[PRETTYNAMEERR] = "Long Name must be from 2 to 60 
characters "
@@ -2625,8 +2612,8 @@ function addImage($data) {
                $data['description'] = stripslashes($data['description']);
                $data['usage'] = stripslashes($data['usage']);
        }
-       $data['description'] = mysql_escape_string($data['description']);
-       $data['usage'] = mysql_escape_string($data['usage']);
+       $data['description'] = mysql_real_escape_string($data['description']);
+       $data['usage'] = mysql_real_escape_string($data['usage']);
 
        $ownerdata = getUserInfo($data['owner'], 1);
        $ownerid = $ownerdata['id'];
@@ -3480,7 +3467,7 @@ function AJupdateRevisionComments() {
        $comments = htmlspecialchars($comments);
        if(get_magic_quotes_gpc())
                $comments = stripslashes($comments);
-       $comments = mysql_escape_string($comments);
+       $comments = mysql_real_escape_string($comments);
        $query = "UPDATE imagerevision "
               . "SET comments = '$comments' "
               . "WHERE id = $revisionid";

Modified: incubator/vcl/trunk/web/.ht-inc/managementnodes.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/managementnodes.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/managementnodes.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/managementnodes.php Fri Aug  6 15:06:37 2010
@@ -998,12 +998,12 @@ function submitMgmtnodeMapping() {
 
////////////////////////////////////////////////////////////////////////////////
 function updateMgmtnode($data) {
        $ownerid = getUserlistID($data["owner"]);
-       $data['installpath'] = mysql_escape_string($data['installpath']);
-       $data['keys'] = mysql_escape_string($data['keys']);
-       $data['imagelibuser'] = mysql_escape_string($data['imagelibuser']);
+       $data['installpath'] = mysql_real_escape_string($data['installpath']);
+       $data['keys'] = mysql_real_escape_string($data['keys']);
+       $data['imagelibuser'] = mysql_real_escape_string($data['imagelibuser']);
        if($data['imagelibuser'] != 'NULL')
                $data['imagelibuser'] = "'{$data['imagelibuser']}'";
-       $data['imagelibkey'] = mysql_escape_string($data['imagelibkey']);
+       $data['imagelibkey'] = mysql_real_escape_string($data['imagelibkey']);
        if($data['imagelibkey'] != 'NULL')
                $data['imagelibkey'] = "'{$data['imagelibkey']}'";
        if($data['imagelibenable'] != 1)
@@ -1044,12 +1044,12 @@ function updateMgmtnode($data) {
 
////////////////////////////////////////////////////////////////////////////////
 function addMgmtnode($data) {
        $ownerid = getUserlistID($data["owner"]);
-       $data['installpath'] = mysql_escape_string($data['installpath']);
-       $data['keys'] = mysql_escape_string($data['keys']);
-       $data['imagelibuser'] = mysql_escape_string($data['imagelibuser']);
+       $data['installpath'] = mysql_real_escape_string($data['installpath']);
+       $data['keys'] = mysql_real_escape_string($data['keys']);
+       $data['imagelibuser'] = mysql_real_escape_string($data['imagelibuser']);
        if($data['imagelibuser'] != 'NULL')
                $data['imagelibuser'] = "'{$data['imagelibuser']}'";
-       $data['imagelibkey'] = mysql_escape_string($data['imagelibkey']);
+       $data['imagelibkey'] = mysql_real_escape_string($data['imagelibkey']);
        if($data['imagelibkey'] != 'NULL')
                $data['imagelibkey'] = "'{$data['imagelibkey']}'";
        if($data['imagelibenable'] != 1)
@@ -1155,7 +1155,7 @@ function processMgmtnodeInput($checks=1)
        if(! $checks)
                return $return;
        
-       if(! ereg('^[a-zA-Z0-9_][-a-zA-Z0-9_\.]{1,49}$', $return["hostname"])) {
+       if(! preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\.]{1,49}$/', 
$return["hostname"])) {
           $submitErr |= MNHOSTNAMEERR;
           $submitErrMsg[MNHOSTNAMEERR] = "Hostname can only contain letters, 
numbers, dashes(-), periods(.), and underscores(_). It can be from 1 to 50 
characters long";
        }
@@ -1166,7 +1166,7 @@ function processMgmtnodeInput($checks=1)
                $submitErrMsg[MNHOSTNAMEERR] = "A node already exists with this 
hostname.";
        }
        $ipaddrArr = explode('.', $return["IPaddress"]);
-       if(! ereg('^(([0-9]){1,3}\.){3}([0-9]){1,3}$', $return["IPaddress"]) ||
+       if(! preg_match('/^(([0-9]){1,3}\.){3}([0-9]){1,3}$/', 
$return["IPaddress"]) ||
           $ipaddrArr[0] < 1 || $ipaddrArr[0] > 255 ||
           $ipaddrArr[1] < 0 || $ipaddrArr[1] > 255 ||
           $ipaddrArr[2] < 0 || $ipaddrArr[2] > 255 ||

Modified: incubator/vcl/trunk/web/.ht-inc/privileges.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/privileges.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/privileges.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/privileges.php Fri Aug  6 15:06:37 2010
@@ -916,7 +916,7 @@ function AJsubmitAddChildNode() {
        }
        $nodeInfo = getNodeInfo($parent);
        $newnode = processInputVar("newnode", ARG_STRING);
-       if(! ereg('^[-A-Za-z0-9_. ]+$', $newnode)) {
+       if(! preg_match('/^[-A-Za-z0-9_. ]+$/', $newnode)) {
                $text = "You can only use letters, numbers, spaces,<br>"
                      . "dashes(-), dots(.), and underscores(_).";
                print "dojo.byId('addChildNodeStatus').innerHTML = '$text';";
@@ -1678,7 +1678,7 @@ function printResourcePrivRow($privname,
                               $disabled) {
        global $user;
        print "  <TR>\n";
-       list($type, $name, $id) = split('/', $privname);
+       list($type, $name, $id) = explode('/', $privname);
        print "    <TH>\n";
        print "      <span id=\"resgrp$id\" 
onmouseover=getGroupMembers(\"$id\",";
        print "\"resgrp$id\",\"rgmcont\"); onmouseout=getGroupMembersCancel";
@@ -1798,7 +1798,7 @@ function getResourcePrivRowHTML($privnam
        $text = "";
        $js = "";
        $text .= "  <TR>";
-       list($type, $name, $id) = split('/', $privname);
+       list($type, $name, $id) = explode('/', $privname);
        $text .= "    <TH>";
        $text .= "      <span id=\"resgrp$id\" 
onmouseover=getGroupMembers(\"$id\",";
        $text .= "\"resgrp$id\",\"rgmcont\"); onmouseout=getGroupMembersCancel";

Modified: incubator/vcl/trunk/web/.ht-inc/requests.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/requests.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/requests.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/requests.php Fri Aug  6 15:06:37 2010
@@ -2138,7 +2138,7 @@ function connectRequest() {
                $serverIP = $requestData["reservations"][0]["reservedIP"];
                $osname = $requestData["reservations"][0]["OS"];
                $passwd = $requestData["reservations"][0]["password"];
-               if(eregi("windows", $osname)) {
+               if(preg_match("/windows/i", $osname)) {
                        print "You will need to use a ";
                        print "Remote Desktop program to connect to the ";
                        print "system. If you did not click on the 
<b>Connect!</b> button from ";
@@ -2226,7 +2226,7 @@ function connectRequest() {
                        print "<strong><big>NOTE:</big> You cannot use the 
Windows Remote ";
                        print "Desktop Connection to connect to this computer. 
You must use an ";
                        print "ssh client.</strong>\n";
-                       /*if(eregi("windows", $_SERVER["HTTP_USER_AGENT"])) {
+                       /*if(preg_match("/windows/i", 
$_SERVER["HTTP_USER_AGENT"])) {
                                print "<br><br><h3>NEW!</h3>\n";
                                print "Connect to the server using a java 
applet:<br>\n";
                                print "<FORM action=\"" . BASEURL . SCRIPT . 
"\" method=post>\n";
@@ -2252,7 +2252,7 @@ function connectRequest() {
                        print "<LI><b>Platform</b>: {$res["OS"]}</LI>\n";
                        print "<LI><b>Remote Computer</b>: 
{$res["reservedIP"]}</LI>\n";
                        print "<LI><b>User ID</b>: " . $user['login'] . 
"</LI>\n";
-                       if(eregi("windows", $res["OS"])) {
+                       if(preg_match("/windows/i", $res["OS"])) {
                                if(strlen($res['password'])) {
                                        print "<LI><b>Password</b>: 
{$res['password']}<br></LI>\n";
                                        print "</UL>\n";
@@ -2293,7 +2293,7 @@ function connectRequest() {
                                        print "<LI><b>Password</b>: (use your 
campus password)</LI>\n";
                                        print "</UL>\n";
                                }
-                               /*if(eregi("windows", 
$_SERVER["HTTP_USER_AGENT"])) {
+                               /*if(preg_match("/windows/i", 
$_SERVER["HTTP_USER_AGENT"])) {
                                        print "Connect to the server using a 
java applet:<br>\n";
                                        print "<FORM action=\"" . BASEURL . 
SCRIPT . "\" method=post>\n";
                                        print "<INPUT type=submit 
value=\"Connect with Applet\">\n";
@@ -2458,7 +2458,7 @@ function processRequestInput($checks=1) 
                        $submitErr |= STARTDAYERR;
                        $submitErrMsg[STARTDAYERR] = "The submitted start date 
is invalid. ";
                }
-               if(! ereg('^((0?[1-9])|(1[0-2]))$', $return["hour"], $regs)) {
+               if(! preg_match('/^((0?[1-9])|(1[0-2]))$/', $return["hour"], 
$regs)) {
                        $submitErr |= STARTHOURERR;
                        $submitErrMsg[STARTHOURERR] = "The submitted hour must 
be from 1 to 12.";
                }
@@ -2481,7 +2481,7 @@ function processRequestInput($checks=1) 
                        $submitErr |= ENDDAYERR;
                        $submitErrMsg[ENDDAYERR] = "The submitted end date is 
invalid. ";
                }
-               if(! ereg('^((0?[1-9])|(1[0-2]))$', $return["endhour"])) {
+               if(! preg_match('/^((0?[1-9])|(1[0-2]))$/', 
$return["endhour"])) {
                        $submitErr |= ENDHOURERR;
                        $submitErrMsg[ENDHOURERR] = "The submitted hour must be 
from 1 to 12.";
                }
@@ -2513,7 +2513,7 @@ function processRequestInput($checks=1) 
        }
 
        if($return["ending"] != "length") {
-               if(! ereg('^(20[0-9]{2})-([0-1][0-9])-([0-3][0-9]) 
(([0-1][0-9])|(2[0-3])):([0-5][0-9]):([0-5][0-9])$', $return["enddate"], 
$regs)) {
+               if(! preg_match('/^(20[0-9]{2})-([0-1][0-9])-([0-3][0-9]) 
(([0-1][0-9])|(2[0-3])):([0-5][0-9]):([0-5][0-9])$/', $return["enddate"], 
$regs)) {
                        $submitErr |= ENDDATEERR;
                        $submitErrMsg[ENDDATEERR] = "The submitted date/time is 
invalid.";
                }

Modified: incubator/vcl/trunk/web/.ht-inc/schedules.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/schedules.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/schedules.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/schedules.php Fri Aug  6 15:06:37 2010
@@ -701,8 +701,8 @@ function processScheduleInput($checks=1)
           $submitErrMsg[SCHOWNERERR] = "The submitted unity ID is invalid.";
        }
        for($i = 0; $i < $return["count"]; $i++) {
-               if((! ereg('^((0?[1-9])|(1[0-2])):([0-5][0-9]) (am|pm)$', 
$return["startTime"][$i])) ||
-                  (! ereg('^((0?[1-9])|(1[0-2])):([0-5][0-9]) (am|pm)$', 
$return["endTime"][$i]))) {
+               if((! preg_match('/^((0?[1-9])|(1[0-2])):([0-5][0-9]) 
(am|pm)$/', $return["startTime"][$i])) ||
+                  (! preg_match('/^((0?[1-9])|(1[0-2])):([0-5][0-9]) 
(am|pm)$/', $return["endTime"][$i]))) {
                        $submitErr |= (1 << $i);
                        $submitErrMsg[1 << $i] = "Time must be of the form 
[H]H:MM&nbsp;am/pm";
                }
@@ -979,7 +979,7 @@ function submitScheduleTime() {
 ///
 
////////////////////////////////////////////////////////////////////////////////
 function daytimeToMin($day, $time, $startend) {
-       if(! ereg('^(((0)?([1-9]))|(1([0-2]))):([0-5][0-9]) ((am)|(pm))', 
$time))
+       if(! preg_match('/^(((0)?([1-9]))|(1([0-2]))):([0-5][0-9]) 
((am)|(pm))/', $time))
                return -1;
        list($hour, $other) = explode(':', $time);
        list($min, $meridian) = explode(' ', $other);

Modified: incubator/vcl/trunk/web/.ht-inc/userpreferences.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/userpreferences.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/userpreferences.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/userpreferences.php Fri Aug  6 15:06:37 2010
@@ -592,7 +592,7 @@ function processUserPrefsInput($checks=1
           $submitErr |= PREFNAMEERR;
           $submitErrMsg[PREFNAMEERR] = "Preferred name can only be up to 25 
characters";
        }
-       if(! ereg('^[a-zA-Z ]*$', $return["preferredname"])) {
+       if(! preg_match('/^[a-zA-Z ]*$/', $return["preferredname"])) {
           $submitErr |= PREFNAMEERR;
           $submitErrMsg[PREFNAMEERR] = "Preferred name can only contain 
letters and spaces";
        }

Modified: incubator/vcl/trunk/web/.ht-inc/utils.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/utils.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/utils.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/utils.php Fri Aug  6 15:06:37 2010
@@ -943,7 +943,7 @@ function doQuery($query, $errcode, $db="
        global $totalQueries, $queryTimes;
        $totalQueries++;
        if($db == "vcl") {
-               if((! $nolog) && ereg('^(UPDATE|INSERT|DELETE)', $query)) {
+               if((! $nolog) && preg_match('/^(UPDATE|INSERT|DELETE)/', 
$query)) {
                        $logquery = str_replace("'", "\'", $query);
                        $logquery = str_replace('"', '\"', $logquery);
                        if(isset($user['id']))
@@ -1414,7 +1414,7 @@ function getUserResources($userprivs, $r
                foreach(array_keys($nodeprivs[$nodeid]["resources"]) as 
$resourceid) {
                        foreach($resourceprivs as $priv) {
                                if(in_array($priv, 
$nodeprivs[$nodeid]["resources"][$resourceid])) {
-                                       list($type, $name, $id) = split('/', 
$resourceid);
+                                       list($type, $name, $id) = explode('/', 
$resourceid);
                                        if(! array_key_exists($type, 
$resourcegroups))
                                                $resourcegroups[$type] = 
array();
                                        if(! in_array($name, 
$resourcegroups[$type]))
@@ -1428,7 +1428,7 @@ function getUserResources($userprivs, $r
                                if(in_array($priv, 
$nodeprivs[$nodeid]["cascaderesources"][$resourceid]) &&
                                        ! (array_key_exists($resourceid, 
$nodeprivs[$nodeid]["resources"]) &&
                                        in_array("block", 
$nodeprivs[$nodeid]["resources"][$resourceid]))) {
-                                       list($type, $name, $id) = split('/', 
$resourceid);
+                                       list($type, $name, $id) = explode('/', 
$resourceid);
                                        if(! array_key_exists($type, 
$resourcegroups))
                                                $resourcegroups[$type] = 
array();
                                        if(! in_array($name, 
$resourcegroups[$type]))
@@ -3114,8 +3114,8 @@ function addUser($loginid) {
 function updateUserPrefs($userid, $preferredname, $width, $height, $bpp, 
$audio,
                          $mapdrives, $mapprinters, $mapserial) {
        global $mysql_link_vcl;
-       $preferredname = mysql_escape_string($preferredname);
-       $audio = mysql_escape_string($audio);
+       $preferredname = mysql_real_escape_string($preferredname);
+       $audio = mysql_real_escape_string($audio);
        $query = "UPDATE user SET "
               .        "preferredname = '$preferredname', "
               .        "width = '$width', "
@@ -7189,7 +7189,7 @@ function getUserMaxTimes($uid=0) {
 ///
 
////////////////////////////////////////////////////////////////////////////////
 function getResourceGroupID($groupdname) {
-       list($type, $name) = split('/', $groupdname);
+       list($type, $name) = explode('/', $groupdname);
        $query = "SELECT g.id "
               . "FROM resourcegroup g, "
               .      "resourcetype t "
@@ -7674,7 +7674,7 @@ function addContinuationsEntry($nextmode
                $data['______parent'] = $continuationid;
        $serdata = serialize($data);
        $contid = md5($mode . $nextmode . $serdata . $user['id']);
-       $serdata = mysql_escape_string($serdata);
+       $serdata = mysql_real_escape_string($serdata);
        $expiretime = unixToDatetime(time() + $duration);
        $query = "SELECT id, "
               .        "parentid "
@@ -7984,7 +7984,7 @@ function xmlRPChandler($function, $args,
        else
                $keyid = $user['id'];
        if(function_exists($function)) {
-               $saveargs = mysql_escape_string(serialize($args));
+               $saveargs = mysql_real_escape_string(serialize($args));
                $query = "INSERT INTO xmlrpcLog "
                       .        "(xmlrpcKeyid, " 
                       .        "timestamp, "
@@ -8157,7 +8157,7 @@ function validateAPIgroupInput($items, $
        }
        # affiliation
        if(array_key_exists('affiliation', $items)) {
-               $esc_affiliation = mysql_escape_string($items['affiliation']);
+               $esc_affiliation = 
mysql_real_escape_string($items['affiliation']);
                $affilid = getAffiliationID($esc_affiliation);
                if(is_null($affilid)) {
                        return array('status' => 'error',
@@ -8168,14 +8168,14 @@ function validateAPIgroupInput($items, $
        }
        # name
        if(array_key_exists('name', $items)) {
-               if(! ereg('^[-a-zA-Z0-9_\.: ]{3,30}$', $items['name'])) {
+               if(! preg_match('/^[-a-zA-Z0-9_\.: ]{3,30}$/', $items['name'])) 
{
                        return array('status' => 'error',
                                     'errorcode' => 19,
                                     'errormsg' => 'Name must be between 3 and 
30 characters '
                                                 . 'and can only contain 
letters, numbers, and '
                                                 . 'these characters: - _ . :');
                }
-               $esc_name = mysql_escape_string($items['name']);
+               $esc_name = mysql_real_escape_string($items['name']);
                $doesexist = checkForGroupName($esc_name, 'user', '', $affilid);
                if($exists && ! $doesexist) {
                        return array('status' => 'error',
@@ -8193,7 +8193,7 @@ function validateAPIgroupInput($items, $
        }
        # owner
        if(array_key_exists('owner', $items)) {
-               if(! validateUserid(mysql_escape_string($items['owner']))) {
+               if(! validateUserid(mysql_real_escape_string($items['owner']))) 
{
                        return array('status' => 'error',
                                     'errorcode' => 20,
                                     'errormsg' => 'submitted owner is 
invalid');
@@ -8207,8 +8207,8 @@ function validateAPIgroupInput($items, $
                                     'errorcode' => 24,
                                     'errormsg' => 'submitted managingGroup is 
invalid');
                }
-               $esc_mgName = mysql_escape_string($parts[0]);
-               $esc_mgAffil = mysql_escape_string($parts[1]);
+               $esc_mgName = mysql_real_escape_string($parts[0]);
+               $esc_mgAffil = mysql_real_escape_string($parts[1]);
                $mgaffilid = getAffiliationID($esc_mgAffil);
                if(! checkForGroupName($esc_mgName, 'user', '', $mgaffilid)) {
                        return array('status' => 'error',

Modified: incubator/vcl/trunk/web/.ht-inc/vcldocs.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/vcldocs.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/vcldocs.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/vcldocs.php Fri Aug  6 15:06:37 2010
@@ -280,7 +280,7 @@ function submitEditDoc() {
        }
        $title = getContinuationVar('title');
        $data = rawurldecode(getContinuationVar('data'));
-       $name = ereg_replace('[^-A-Za-z0-9_]', '', $title);
+       $name = preg_replace('/[^-A-Za-z0-9_]/', '', $title);
        $query = "SELECT name FROM documentation WHERE name = '$name'";
        $qh = doQuery($query, 101);
        $count = 1;

Modified: incubator/vcl/trunk/web/.ht-inc/vm.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/vm.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/vm.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/vm.php Fri Aug  6 15:06:37 2010
@@ -806,7 +806,7 @@ function AJupdateVMprofileItem() {
        else {
                if(get_magic_quotes_gpc())
                        $newvalue = stripslashes($newvalue);
-               $newvalue2 = mysql_escape_string($newvalue);
+               $newvalue2 = mysql_real_escape_string($newvalue);
                $newvalue2 = "'$newvalue2'";
        }
 
@@ -837,7 +837,7 @@ function AJnewProfile() {
        $newprofile = processInputVar('newname', ARG_STRING);
        if(get_magic_quotes_gpc()) {
                $newprofile = stripslashes($newprofile);
-               $newprofile = mysql_escape_string($newprofile);
+               $newprofile = mysql_real_escape_string($newprofile);
        }
        # TODO add check for existing name
        $query = "SELECT id FROM vmprofile WHERE profilename = '$newprofile'";

Modified: incubator/vcl/trunk/web/.ht-inc/xmlrpcWrappers.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/xmlrpcWrappers.php?rev=983011&r1=983010&r2=983011&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/xmlrpcWrappers.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/xmlrpcWrappers.php Fri Aug  6 15:06:37 2010
@@ -1423,7 +1423,7 @@ function XMLRPCeditUserGroup($name, $aff
                                  'affiliation' => $affiliation);
                if(! empty($newName)) {
                        $validate['name'] = $newName;
-                       $tmp = mysql_escape_string($newName);
+                       $tmp = mysql_real_escape_string($newName);
                        $updates[] = "name = '$tmp'";
                }
                if(! empty($newAffiliation))
@@ -1441,7 +1441,7 @@ function XMLRPCeditUserGroup($name, $aff
        }
 
        if(! empty($newOwner)) {
-               $newownerid = getUserlistID(mysql_escape_string($newOwner));
+               $newownerid = 
getUserlistID(mysql_real_escape_string($newOwner));
                $updates[] = "ownerid = $newownerid";
        }
        if(! empty($newManagingGroup)) {
@@ -1585,7 +1585,7 @@ function XMLRPCaddUsersToGroup($name, $a
        foreach($users as $_user) {
                if(empty($_user))
                        continue;
-               $esc_user = mysql_escape_string($_user);
+               $esc_user = mysql_real_escape_string($_user);
                if(validateUserid($esc_user) == 1)
                        addUserGroupMember($esc_user, $rc['id']);
                else
@@ -1666,7 +1666,7 @@ function XMLRPCremoveUsersFromGroup($nam
        foreach($users as $_user) {
                if(empty($_user))
                        continue;
-               $esc_user = mysql_escape_string($_user);
+               $esc_user = mysql_real_escape_string($_user);
                # check that affiliation of user can be determined because 
getUserlistID
                #   will abort if it can't find it
                $affilok = 0;


Reply via email to