1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Convert File From PHP 5.6 to 7.2

Discussion in 'PHP' started by FPForum, Aug 23, 2021.

  1. #1
    Hey everyone, I recently updated the PHP on my server from version 5.6 to 7.2 and everything seems to work fine in Wordpress, but one PHP file I made which is separate from my main website now does not work. It's a small file that basically connects to my database and displays a particular row.

    The page now is just blank..no errors displayed or anything. I tested by switching PHP back to 5.6 on the server and it begins working again. I was hoping someone could help pinpoint where the issue is here and what part of the code is causing it to work on 5.6 but no on 7.2..any help is appreciated!!


    
    <?php
    
    $regCode = $_GET['regCode'];
    
    
    if (!$link = mysql_connect('localhost', 'my_userhere', 'mypassword')) {
    
      echo 'Could not connect to mysql';
    
      exit;
    
    }
    
    
    if (!mysql_select_db('mydatabase_here', $link)) {
    
      echo 'Could not select database';
    
      exit;
    
    }
    
    
    $sql = "SELECT * from details where regCode like '%$regCode%'";
    
    $result = mysql_query($sql, $link);
    
    
    
    if (!$result) {
    
      echo "DB Error, could not query the database\n";
    
      echo 'MySQL Error: ' . mysql_error();
    
      exit;
    
    }
    
    
    //And we display the results
    
    while($response = mysql_fetch_array( $result ))
    
    {
    
    echo "Code: " .$response['regCode'];
    
    echo "<br> ";
    
    }
    
    
    $anymatches = mysql_num_rows($result);
    
    if ($anymatches == 0)
    
    {
    
    echo "False";
    
    }
    
    ?>
    
    Code (markup):
     
    FPForum, Aug 23, 2021 IP
  2. sarahk

    sarahk iTamer Staff

    Messages:
    28,494
    Likes Received:
    4,457
    Best Answers:
    123
    Trophy Points:
    665
    #2
    A few things:
    1. If it has anything to do with Wordpress use that database connection for the improved security

    2. Add these lines to get some debugging going on
      ini_set('display_errors',1);
      ini_set('display_startup_errors',1);
      error_reporting(E_ALL);
      PHP:
    3. Your host has probably blocked plain mysql_query calls
      $result = mysql_query($sql, $link);
      PHP:
      The quickest way to get back up and running is to use mysqli https://www.php.net/manual/en/mysqli.query.php

    4. Be very careful with what you do with regcode, it's a prime target for a SQL injection. If you're lucky it'll just be a kiddy hacker doing it for bragging rights and not somebody out to destroy your business.
      $regCode = $_GET['regCode'];
      PHP:
    5. While you're making changes these lines:

      //And we display the results
      while($response = mysql_fetch_array( $result )) {
              echo "Code: " .$response['regCode'];
              echo "<br> ";
          }
      
      $anymatches = mysql_num_rows($result);
      if ($anymatches == 0){
          echo "False";
      }
      PHP:
      might be better like this

      //And we display the results
      $anymatches = mysql_num_rows($result);
      if ($anymatches == 0){
          echo "False";
      }
      else {
          while($response = mysql_fetch_array( $result )) {
              echo "Code: " .$response['regCode'];
              echo "<br> ";
          }
      }
      PHP:
     
    sarahk, Aug 23, 2021 IP
    FPForum likes this.
  3. qwikad.com

    qwikad.com Illustrious Member Affiliate Manager

    Messages:
    7,151
    Likes Received:
    1,656
    Best Answers:
    29
    Trophy Points:
    475
    #3
    For simple pages you can use mysql to mysqli conversion tools:

    https://www.seabreezecomputers.com/mysql2mysqli/

    This should work:

    
    <?php
    $regCode = $_GET['regCode'];
    if (!$link = new mysqli('localhost', 'my_userhere', 'mypassword')) {
      echo 'Could not connect to mysql';
      exit;
    }
    if (!$link->select_db('mydatabase_here')) {
      echo 'Could not select database';
      exit;
    }
    $sql = "SELECT * from details where regCode like '%$regCode%'";
    $result = $link->query($sql);
    if (!$result) {
      echo "DB Error, could not query the database\n";
      echo 'MySQL Error: ' . $link->error;
      exit;
    }
    //And we display the results
    while($response =  $result ->fetch_array())
    {
    echo "Code: " .$response['regCode'];
    echo "<br> ";
    }
    $anymatches = $result->num_rows;
    if ($anymatches == 0)
    {
    echo "False";
    }
    ?>
    
    Code (markup):
    By the way, php7.1 and php7.2 are both EOL. You should use php7.3 or php7.4
     
    qwikad.com, Aug 23, 2021 IP
    FPForum likes this.
  4. FPForum

    FPForum Notable Member

    Messages:
    4,171
    Likes Received:
    102
    Best Answers:
    0
    Trophy Points:
    225
    Digital Goods:
    2
    #4
    Thanks for the responses everyone! I wasn't aware of the mysql to mysqli converter tools out there. I'll try the updated version and see how it does qwikad. If that doesn't work I'll add the debug code Sarah provided and see if I can at least get some errors to show up. I knew 7.1 and 7.2 were nearing EOL, but didn't realize that had already taken place. Excellent info everyone thank you so much for your help! I'll keep you posted on the results.
     
    FPForum, Aug 23, 2021 IP
  5. SpacePhoenix

    SpacePhoenix Well-Known Member

    Messages:
    196
    Likes Received:
    28
    Best Answers:
    2
    Trophy Points:
    155
    #5
    7.3 goes EOL in December. You might want to keep in mind compatibility with 8.0 at the same time so that when you move over to 8.0 eventually you're not having to fix things again.

    You should migrate over to using prepared Statements for ALL database calls, even if the data being used is internally from the site, that way you don't risk opening up a security hole if the source of some data is changed to an external source
     
    SpacePhoenix, Aug 24, 2021 IP
    FPForum and sarahk like this.
  6. qwikad.com

    qwikad.com Illustrious Member Affiliate Manager

    Messages:
    7,151
    Likes Received:
    1,656
    Best Answers:
    29
    Trophy Points:
    475
    #6
    Is mysqli supported in php 8? I tried to google it couldn't find a definitive answer.
     
    qwikad.com, Aug 24, 2021 IP
  7. SpacePhoenix

    SpacePhoenix Well-Known Member

    Messages:
    196
    Likes Received:
    28
    Best Answers:
    2
    Trophy Points:
    155
    #7
    Yep, it is.

    https://www.php.net/manual/en/mysqli.prepare.php

    At the top it has got:

    which shows what PHP versions that give function is supported in
     
    SpacePhoenix, Aug 24, 2021 IP
  8. FPForum

    FPForum Notable Member

    Messages:
    4,171
    Likes Received:
    102
    Best Answers:
    0
    Trophy Points:
    225
    Digital Goods:
    2
    #8
    Thanks for the great info SpacePhoenix and everyone else! I'll be keeping the PHP update to 8 in mind for the future. I notice when switching PHP over to 7.3 Wordpress suddenly starts throwing some errors, so I'm keeping it at 7.2 for the time being. Anyone else notice issues when switching over to PHP 7.3?
     
    FPForum, Aug 24, 2021 IP
  9. deathshadow

    deathshadow Acclaimed Member

    Messages:
    9,732
    Likes Received:
    1,998
    Best Answers:
    253
    Trophy Points:
    515
    #9
    The code presented here horrifies me for one simple reason. The lack of sanitation. HELLO SCRIPT INJECTION!

    It's called prepare/execute, USE IT!

    This is what happens when you just slop old mysql code into mysqli, and a good deal of why I believe in cutting the cord and going with PDO.

    
    <?php
    
    $regCode = $_GET['regCode'];
    
    try {
    	$db = new PDO(
    		'mysql:dbname=mydatabasehere;host=localhost',
    		'my_userhere',
    		'my_password'
    	);
    } catch (PDOException $e) {
    	die('Could not connect to MySQL : ', $e->message);
    }
    
    $stmt = $db->prepare('
    	SELECT *
    	FROM details
    	WHERE regCode like ?
    ');
    
    if ($stmt->execute([ '%' . $_GET['regCode'] . '%'])) {
    	if ($response = $stmt->fetch()) {
    		do {
    			echo '
    				Code: ', $response['regCode'], '<br>';
    		} while ($response = $stmt->fetch());
    	} else echo 'No Matches Found';
    } else echo '
    	DB Error, could not query the database<br>
    	MySQL Error: ', $stmt->errorInfo();
    
    Code (markup):
    Might have typos as I'm drive-by posting, but that is a far more sane/rational and safe approach than just dumping $_GET into your query string, a practice we're supposed to have stopped doing SIXTEEN FREAKING YEARS AGO!!! It's more than half the reason the old mysql_ functions went away in the first damned place!

    Also, when possible avoid double quoted strings and string addition, it's inefficient.
     
    deathshadow, Sep 1, 2021 IP
    sarahk and SpacePhoenix like this.