Hi,.. I'm running php script on my quote site that I bought from someone on forum, he currently get banned and can't get to him anymore. when I login to my control panel, I see there's a big error file on my cpanel, when I check it say error my on sql database even my site still running, I think this error create every user visit my site, anyone can help me.. here an error that I got PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in .........fakepath/blabla/bla/bla/db.php on line 42 Code (markup): when I check on db.php at line 42 it say something like this: $db=mysql_connect(QA_FINAL_MYSQL_HOSTNAME, QA_FINAL_MYSQL_USERNAME, QA_FINAL_MYSQL_PASSWORD); Code (markup): anyone can solve this, get my signature for 3 month. thanks
That's a warning, not an error. It is very true that the mysql_ extension is deprecated, and should be exchanged with other means of connecting to the database (either mysqli_ or PDO) - however, it will take more than just fixing that one line. EVERY SINGLE ONE of the database queries and connections will have to be rewritten. EVERY. SINGLE. ONE.
As @PoPSiCLe said, you need to stop using mysql and upgrade to PDO, which is really not that difficult to do. Feel free to PM me if you would like my help. As a temporary solution you could hide the errors until you get it fixed. Just add the following at the top of the php file or in your header for the admin panel. ini_set('display_errors',0); PHP:
As the others stated above, you'd have to implement either PDO or MySQLi eventually. Without digging into any detailed arguments, as either sides can be very nuanced, it's been almost a decade since we've been first (subtly) told to stop using mysql_ functions. Not that it's any of my business, but shouldn't you at least have their email address or something?
No, you should definitely NOT stick with the code. You should fix it, or if you're not up to the task yourself, pay someone to fix it. It's a security threat, and it will be more than just warnings if your host upgrades their PHP-package. The mysql_ extension is going the way of the dodo - way too slow, but that's how it works when catering to people not fixing their code is more important than removing insecure code from the codebase.
The easiest solution would be to open cPanel (which I believe you said you were using), open "EasyApache" and rebuild Apache with PHP 5.4 (or lower). As soon as it's done your script will run without giving the warning.
Yeah of course, when you encounter an issue you just sweep in under the rug. Having your website vulnerable to trivial exploits such as an SQL injection is a serious problem, and should be dealt with asap.
That is the worst suggestion I've read on this forum, I think. And I'm including the umpteen versions of "my host is DA BEST", the scam-artists, the broken engrish me luff you wong time posts and most everything else. Seriously. Shut up.
EasyApach is in WHM, not cPanel. You can't fix a problem by downgrading PHP on the server, not only its a high security risk, but it will cause problems for other websites hosted on the same server.
You are exaggerating the problem. First of all, the user wanted to keep using the same code which is why I gave the advice. If the queries are properly sanitized then the website won't be vulnerable to trivial exploits such as an SQL injection. People were using MYSQL withput PDO for years, and the majority didn't have any problems. Assuming that other websites are hosted on the same server, yes.