diff --git a/add.php b/add.php index 6587ce8..15fc380 100644 --- a/add.php +++ b/add.php @@ -5,8 +5,8 @@ // Get some personal data. ID, currency, measurement unit $owner = $_SESSION['SESS_MEMBER_ID']; - $GetPersonal = mysql_query("SELECT currency, measurement FROM members WHERE member_id = ".$owner.""); - $personal = mysql_fetch_assoc($GetPersonal); + $GetPersonal = mysqli_query($link,"SELECT currency, measurement FROM members WHERE member_id = ".$owner.""); + $personal = mysqli_fetch_assoc($GetPersonal); ?> @@ -352,4 +352,4 @@ - \ No newline at end of file + diff --git a/add_based.php b/add_based.php index 3aa6b89..de9b80e 100644 --- a/add_based.php +++ b/add_based.php @@ -7,12 +7,12 @@ $id = (int)$_GET['based']; // Get data from the old component to inherit. - $GetDataComponent = mysql_query("SELECT * FROM data WHERE id = ".$id." AND owner = ".$owner.""); - $executesql = mysql_fetch_assoc($GetDataComponent); + $GetDataComponent = mysqli_query($link,"SELECT * FROM data WHERE id = ".$id." AND owner = ".$owner.""); + $executesql = mysqli_fetch_assoc($GetDataComponent); // Get some personal data. ID, currency, measurement unit - $GetPersonal = mysql_query("SELECT currency, measurement FROM members WHERE member_id = ".$owner.""); - $personal = mysql_fetch_assoc($GetPersonal); + $GetPersonal = mysqli_query($link,"SELECT currency, measurement FROM members WHERE member_id = ".$owner.""); + $personal = mysqli_fetch_assoc($GetPersonal); // If the owner of component !== $owner. Show error. if ($executesql['owner'] !== $owner) { @@ -28,19 +28,19 @@ } // Get the head category name, based of the head category ID. - $GetHeadCatName = mysql_query("SELECT * FROM category_head WHERE id = ".$head_cat_id.""); - $executesql_head_catname = mysql_fetch_assoc($GetHeadCatName); + $GetHeadCatName = mysqli_query($link,"SELECT * FROM category_head WHERE id = ".$head_cat_id.""); + $executesql_head_catname = mysqli_fetch_assoc($GetHeadCatName); // Sub category == $sub_cat_id $sub_cat_id = $executesql['category']; // Get the sub category name, based of the sub category ID. - $GetSubCatName = mysql_query("SELECT * FROM category_sub WHERE id = ".$sub_cat_id.""); - $executesql_sub_catname = mysql_fetch_assoc($GetSubCatName); + $GetSubCatName = mysqli_query($link,"SELECT * FROM category_sub WHERE id = ".$sub_cat_id.""); + $executesql_sub_catname = mysqli_fetch_assoc($GetSubCatName); // Get ALL the sub categories. $GetDataComponentsAll = "SELECT * FROM category_sub"; - $sql_exec = mysql_Query($GetDataComponentsAll); + $sql_exec = mysqli_query($link,$GetDataComponentsAll); ?> @@ -100,9 +100,9 @@ '; echo ''; echo ''; diff --git a/include/autocomplete/autocomplete_manufacturer.php b/include/autocomplete/autocomplete_manufacturer.php index 3c673c5..1e4a9ee 100644 --- a/include/autocomplete/autocomplete_manufacturer.php +++ b/include/autocomplete/autocomplete_manufacturer.php @@ -4,9 +4,9 @@ if (!$q) return; $sql = "select DISTINCT manufacturer as manufacturer from data where manufacturer LIKE '%$q%' ORDER by name ASC"; -$rsd = mysql_query($sql); -while($rs = mysql_fetch_array($rsd)) { +$rsd = mysqli_query($link,$sql); +while($rs = mysqli_fetch_array($rsd)) { $manufacturer = $rs['manufacturer']; echo "$manufacturer\n"; } -?> \ No newline at end of file +?> diff --git a/include/autocomplete/autocomplete_name.php b/include/autocomplete/autocomplete_name.php index f3499b7..4e744eb 100644 --- a/include/autocomplete/autocomplete_name.php +++ b/include/autocomplete/autocomplete_name.php @@ -4,9 +4,9 @@ if (!$q) return; $sql = "select DISTINCT name as name from data where name LIKE '%$q%' ORDER by name ASC"; -$rsd = mysql_query($sql); -while($rs = mysql_fetch_array($rsd)) { +$rsd = mysqli_query($link,$sql); +while($rs = mysqli_fetch_array($rsd)) { $cname = $rs['name']; echo "$cname\n"; } -?> \ No newline at end of file +?> diff --git a/include/autocomplete/autocomplete_package.php b/include/autocomplete/autocomplete_package.php index ca7c93b..2cfca35 100644 --- a/include/autocomplete/autocomplete_package.php +++ b/include/autocomplete/autocomplete_package.php @@ -4,9 +4,9 @@ if (!$q) return; $sql = "select DISTINCT package as package from data where package LIKE '%$q%' ORDER by name ASC"; -$rsd = mysql_query($sql); -while($rs = mysql_fetch_array($rsd)) { +$rsd = mysqli_query($link,$sql); +while($rs = mysqli_fetch_array($rsd)) { $cname = $rs['package']; echo "$cname\n"; } -?> \ No newline at end of file +?> diff --git a/include/footer.php b/include/footer.php index ff30c92..f948610 100644 --- a/include/footer.php +++ b/include/footer.php @@ -4,13 +4,13 @@
- + members, - + components and - + projects.
@@ -18,4 +18,4 @@
Design by
- \ No newline at end of file + diff --git a/include/header.php b/include/header.php index 70d5726..958b34f 100644 --- a/include/header.php +++ b/include/header.php @@ -11,8 +11,8 @@ include('include/mysql_connect.php'); $owner = $_SESSION['SESS_MEMBER_ID']; - $GetName = mysql_query("SELECT firstname, lastname FROM members WHERE member_id = ".$owner.""); - $headername = mysql_fetch_assoc($GetName); + $GetName = mysqli_query($link, "SELECT firstname, lastname FROM members WHERE member_id = ".$owner.""); + $headername = mysqli_fetch_assoc($GetName); if(isset($_POST['submit']) && $_SERVER["REQUEST_URI"] == '/ecdb/my.php') { echo $_POST['firstname']; } else { echo $headername['firstname']; } echo ' '; diff --git a/include/include.php b/include/include.php index c024aa0..cfdf181 100644 --- a/include/include.php +++ b/include/include.php @@ -9,8 +9,8 @@ public function Index() { if(isset($_GET['by'])) { - $by = strip_tags(mysql_real_escape_string($_GET["by"])); - $order_q = strip_tags(mysql_real_escape_string($_GET["order"])); + $by = strip_tags(mysqli_real_escape_string($link,$_GET["by"])); + $order_q = strip_tags(mysqli_real_escape_string($link,$_GET["order"])); if($order_q == 'desc' or $order_q == 'asc'){ $order = $order_q; @@ -34,8 +34,8 @@ public function Index() { } - $sql_exec = mysql_Query($GetDataComponentsAll); - while($showDetails = mysql_fetch_array($sql_exec)) { + $sql_exec = mysqli_query($link,$GetDataComponentsAll); + while($showDetails = mysqli_fetch_array($sql_exec)) { echo ""; echo '"; echo '"; echo '"; echo ""; - while($showDetailsCat = mysql_fetch_array($sql_exec_catname)) { + while($showDetailsCat = mysqli_fetch_array($sql_exec_catname)) { $catname = $showDetailsCat['name']; } echo $catname; @@ -473,7 +473,7 @@ public function Search() { $owner = $_SESSION['SESS_MEMBER_ID']; - $query = mysql_real_escape_string($_GET['q']); + $query = mysqli_real_escape_string($link,$_GET['q']); $query1 = strtoupper($query); $query2 = strip_tags($query1); @@ -489,8 +489,8 @@ public function Search() { if (isset($_GET['by'])){ - $by = strip_tags(mysql_real_escape_string($_GET["by"])); - $order_q = strip_tags(mysql_real_escape_string($_GET["order"])); + $by = strip_tags(mysqli_real_escape_string($link,$_GET["by"])); + $order_q = strip_tags(mysqli_real_escape_string($link,$_GET["order"])); if($order_q == 'desc' or $order_q == 'asc'){ $order = $order_q; @@ -513,15 +513,15 @@ public function Search() { $SearchQuery = "SELECT * FROM data WHERE (name LIKE'%$find%' OR package LIKE'%$find%' OR manufacturer LIKE'%$find%' OR pins LIKE'%$find%' OR location LIKE'%$find%' OR comment LIKE'%$find%') AND owner = $owner ORDER by name ASC"; } - $sql_exec = mysql_query($SearchQuery); - $anymatches = mysql_num_rows($sql_exec); + $sql_exec = mysqli_query($link,$SearchQuery); + $anymatches = mysqli_num_rows($sql_exec); if ($anymatches == 0) { echo '
'; echo "Sorry, but we can not find an entry to match your query."; echo '
'; } - while($showDetails = mysql_fetch_array($sql_exec)) { + while($showDetails = mysqli_fetch_array($sql_exec)) { echo ""; echo 'View component ('; - $result = mysql_query("SELECT name FROM data WHERE id = '$component_id'"); - $name = mysql_fetch_array($result); + $result = mysqli_query($link,"SELECT name FROM data WHERE id = '$component_id'"); + $name = mysqli_fetch_array($result); echo $name['name']; echo ')'; echo ''; @@ -835,14 +835,14 @@ public function Add() { $sql = "UPDATE data SET name = '$name', manufacturer = '$manufacturer', package = '$package', pins = '$pins', smd = '$smd', quantity = '$quantity', location = '$location', scrap = '$scrap', width = '$width', height = '$height', depth = '$depth', weight = '$weight', datasheet = '$datasheet', comment = '$comment', category = '$category', url1 = '$url1', url2 = '$url2', url3 = '$url3', url4 = '$url4', price = '$price', public = '$public', order_quantity = '$order_quantity' WHERE id = '$id'"; - $sql_exec = mysql_query($sql); + $sql_exec = mysqli_query($link,$sql); if (!empty($project) && !empty($project_quantity)) { $proj_add="INSERT into projects_data (projects_data_owner_id, projects_data_project_id, projects_data_component_id, projects_data_quantity) VALUES ('$owner', '$project', '$id', '$project_quantity')"; - $sql_exec = mysql_query($proj_add) or die(mysql_error()); + $sql_exec = mysqli_query($link,$proj_add) or die(mysqli_error($link)); echo $project; echo ' Owner '; echo $owner; @@ -858,7 +858,7 @@ public function Add() { foreach ($proj as $quantity_proj_add){ $projects = array_search($quantity_proj_add, $proj); $sqlDeleteProject = "DELETE FROM projects_data WHERE projects_data_component_id = '$id' AND projects_data_project_id = '$projects'"; - $sql_exec_project_delete = mysql_query($sqlDeleteProject); + $sql_exec_project_delete = mysqli_query($link,$sqlDeleteProject); if ($quantity_proj_add == 0){ echo 'None'; @@ -868,7 +868,7 @@ public function Add() { VALUES ('$owner', '$projects', '$id', '$quantity_proj_add')"; - $sql_exec = mysql_query($proj_edit); + $sql_exec = mysqli_query($link,$proj_edit); /* echo 'Projid: '; @@ -888,4 +888,4 @@ public function Add() { } } } -?> \ No newline at end of file +?> diff --git a/include/include_category_head.php b/include/include_category_head.php index 5445037..4684f46 100644 --- a/include/include_category_head.php +++ b/include/include_category_head.php @@ -19,7 +19,7 @@ public function Head() { } $CategoryName = "SELECT * FROM category_head ORDER by name ASC"; - $sql_exec_catname = mysql_Query($CategoryName); + $sql_exec_catname = mysqli_query($link, $CategoryName); echo '
  • '; echo '
    • '; - while ($ShowDetailsCatname = mysql_fetch_array($sql_exec_catname)) { + while ($ShowDetailsCatname = mysqli_fetch_array($sql_exec_catname)) { echo '
  • '; echo ''; echo ' \ No newline at end of file +?> diff --git a/include/include_component_add_category_menu.php b/include/include_component_add_category_menu.php index 9ea5c49..ab5753f 100644 --- a/include/include_component_add_category_menu.php +++ b/include/include_component_add_category_menu.php @@ -6,13 +6,13 @@ public function MenuCat() { include('include/mysql_connect.php'); $HeadCategoryNameQuery = "SELECT * FROM category_head ORDER by name ASC"; - $sql_exec_headcat = mysql_Query($HeadCategoryNameQuery); + $sql_exec_headcat = mysqli_query($link,$HeadCategoryNameQuery); echo ''; - while ($HeadCategory = mysql_fetch_array($sql_exec_headcat)) { + while ($HeadCategory = mysqli_fetch_array($sql_exec_headcat)) { echo ''; - while ($Project = mysql_fetch_array($sql_exec_projname)) { + while ($Project = mysqli_fetch_array($sql_exec_projname)) { echo ''; $GetDataProject = "SELECT * FROM projects WHERE project_owner = '$owner'"; - $sql = mysql_query($GetDataProject); + $sql = mysqli_query($link,$GetDataProject); - while($row1 = mysql_fetch_array($sql)){ + while($row1 = mysqli_fetch_array($sql)){ $query1 = "SELECT projects_data.projects_data_project_id, projects_data.projects_data_component_id FROM projects_data RIGHT JOIN projects ON projects.project_id = projects_data.projects_data_project_id WHERE projects.project_owner = '$owner'"; - $result1 = mysql_query($query1); + $result1 = mysqli_query($link,$query1); echo '
    '; @@ -79,11 +79,11 @@ public function Settings() { else { if (!empty($oldpass) && !empty($newpass)) { $sql="UPDATE members SET firstname = '$firstname', lastname = '$lastname', mail = '$mail', passwd = '".md5($newpass)."', measurement = '$measurement', currency = '$currency' WHERE member_id = '$owner'"; - $sql_exec = mysql_query($sql); + $sql_exec = mysqli_query($link,$sql); } else { $sql="UPDATE members SET firstname = '$firstname', lastname = '$lastname', mail = '$mail', measurement = '$measurement', currency = '$currency' WHERE member_id = '$owner'"; - $sql_exec = mysql_query($sql); + $sql_exec = mysqli_query($link,$sql); } echo '
    '; @@ -93,4 +93,4 @@ public function Settings() { } } } -?> \ No newline at end of file +?> diff --git a/include/include_proj_add.php b/include/include_proj_add.php index f85bfd3..9cef8b3 100644 --- a/include/include_proj_add.php +++ b/include/include_proj_add.php @@ -7,7 +7,7 @@ public function AddProj () { if(isset($_POST['submit'])) { $owner = $_SESSION['SESS_MEMBER_ID']; - $name = mysql_real_escape_string($_POST['name']); + $name = mysqli_real_escape_string($link,$_POST['name']); if ($name == '') { echo '
    '; @@ -16,9 +16,9 @@ public function AddProj () { } else { $sql="INSERT into projects (project_owner, project_name) VALUES ('$owner', '$name')"; - $sql_exec = mysql_query($sql); + $sql_exec = mysqli_query($link,$sql); - $proj_id = mysql_insert_id(); + $proj_id = mysqli_insert_id($link); echo '
    '; echo 'Project added!'; @@ -27,4 +27,4 @@ public function AddProj () { } } } -?> \ No newline at end of file +?> diff --git a/include/include_proj_list_projets.php b/include/include_proj_list_projets.php index 1b4bd75..7caf49a 100644 --- a/include/include_proj_list_projets.php +++ b/include/include_proj_list_projets.php @@ -9,13 +9,13 @@ public function ProjList() { $owner = $_SESSION['SESS_MEMBER_ID']; - $GetPersonal = mysql_query("SELECT currency FROM members WHERE member_id = ".$owner.""); - $personal = mysql_fetch_assoc($GetPersonal); + $GetPersonal = mysqli_query($link,"SELECT currency FROM members WHERE member_id = ".$owner.""); + $personal = mysqli_fetch_assoc($GetPersonal); if(isset($_GET['by'])) { - $by = strip_tags(mysql_real_escape_string($_GET["by"])); - $order_q = strip_tags(mysql_real_escape_string($_GET["order"])); + $by = strip_tags(mysqli_real_escape_string($link,$_GET["by"])); + $order_q = strip_tags(mysqli_real_escape_string($link,$_GET["order"])); if($order_q == 'desc' or $order_q == 'asc'){ $order = $order_q; @@ -35,9 +35,9 @@ public function ProjList() { $GetDataComponentsAll = "SELECT * FROM projects WHERE project_owner = ".$owner." ORDER by project_name ASC"; } - $sql_exec = mysql_Query($GetDataComponentsAll); + $sql_exec = mysqli_query($link,$GetDataComponentsAll); - while($showDetails = mysql_fetch_array($sql_exec)) { + while($showDetails = mysqli_fetch_array($sql_exec)) { echo ""; echo '"; - $components = mysql_query("SELECT projects_data_project_id FROM projects_data WHERE projects_data_project_id = ".$showDetails['project_id'].""); - $number_components = mysql_num_rows($components); + $components = mysqli_query($link,"SELECT projects_data_project_id FROM projects_data WHERE projects_data_project_id = ".$showDetails['project_id'].""); + $number_components = mysqli_num_rows($components); if ($number_components == 0){ echo "-"; } @@ -64,9 +64,9 @@ public function ProjList() { echo ''; $GetDataPrice = "SELECT SUM(total) FROM (SELECT projects_data_quantity * price AS total FROM projects_data JOIN `data` WHERE data.id = projects_data_component_id AND projects_data_project_id = ".$showDetails['project_id'].") AS project_total"; - $sql_exec_price = mysql_Query($GetDataPrice) or die(mysql_error()); + $sql_exec_price = mysqli_query($link,$GetDataPrice) or die(mysqli_error($link)); - while($showPrice = mysql_fetch_array($sql_exec_price)) { + while($showPrice = mysqli_fetch_array($sql_exec_price)) { if ($showPrice['SUM(total)'] == 0){ echo "-"; } diff --git a/include/include_proj_show.php b/include/include_proj_show.php index 42b85d3..2703b62 100644 --- a/include/include_proj_show.php +++ b/include/include_proj_show.php @@ -6,13 +6,13 @@ public function ProjectShowComponents() { include('mysql_connect.php'); $owner = $_SESSION['SESS_MEMBER_ID']; - $project_id = (int)mysql_real_escape_string($_GET["proj_id"]); + $project_id = (int)mysqli_real_escape_string($link,$_GET["proj_id"]); if(isset($_GET['by'])) { - $by = strip_tags(mysql_real_escape_string($_GET["by"])); - $order_q = strip_tags(mysql_real_escape_string($_GET["order"])); + $by = strip_tags(mysqli_real_escape_string($link,$_GET["by"])); + $order_q = strip_tags(mysqli_real_escape_string($link,$_GET["order"])); if($order_q == 'desc' or $order_q == 'asc'){ $order = $order_q; @@ -35,8 +35,8 @@ public function ProjectShowComponents() { $GetDataComponentsAll = "SELECT * FROM projects_data, data WHERE owner = ".$owner." AND projects_data.projects_data_component_id = data.id AND projects_data.projects_data_project_id = ".$project_id." ORDER by name ASC"; } - $sql_exec = mysql_Query($GetDataComponentsAll); - while($showDetails = mysql_fetch_array($sql_exec)) { + $sql_exec = mysqli_query($link,$GetDataComponentsAll); + while($showDetails = mysqli_fetch_array($sql_exec)) { echo ""; echo '"; $comp_id = $showDetails['id']; - $ShowQuant = mysql_query("SELECT projects_data_quantity FROM projects_data WHERE projects_data_component_id = '$comp_id' AND projects_data_project_id = '$project_id'"); - $quant = mysql_fetch_assoc($ShowQuant); + $ShowQuant = mysqli_query($link,"SELECT projects_data_quantity FROM projects_data WHERE projects_data_component_id = '$comp_id' AND projects_data_project_id = '$project_id'"); + $quant = mysqli_fetch_assoc($ShowQuant); $quantity = $quant['projects_data_quantity']; if ($quantity == ""){ diff --git a/include/include_proj_show_.php b/include/include_proj_show_.php index 74b1ad1..06a8c85 100644 --- a/include/include_proj_show_.php +++ b/include/include_proj_show_.php @@ -10,12 +10,12 @@ public function ProjectShowComponents() { if(isset($_GET['proj_id'])) { - $proj_id = mysql_real_escape_string((int)$_GET['proj_id']); + $proj_id = mysqli_real_escape_string($link,(int)$_GET['proj_id']); $GetComponentIDs = "SELECT component_id FROM projects_data WHERE owner = ".$owner." AND project_id = ".$proj_id." ORDER by name ASC"; - $sql_exec_GetComponentIDs = mysql_Query($GetComponentIDs); + $sql_exec_GetComponentIDs = mysqli_query($link,$GetComponentIDs); - while($showDetails_ComponentIDs = mysql_fetch_array($sql_exec_GetComponentIDs)) { + while($showDetails_ComponentIDs = mysqli_fetch_array($sql_exec_GetComponentIDs)) { $ComponentID = $showDetails_ComponentIDs['component_id']; } @@ -26,8 +26,8 @@ public function ProjectShowComponents() { $by = $_GET["by"]; $order = $_GET["order"]; - $bysql = mysql_real_escape_string($by); - $ordersql = mysql_real_escape_string($order); + $bysql = mysqli_real_escape_string($link,$by); + $ordersql = mysqli_real_escape_string($link,$order); if($by == 'price' or $by == 'pins' or $by == 'quantity') { @@ -43,8 +43,8 @@ public function ProjectShowComponents() { } - $sql_exec = mysql_Query($GetDataComponentsAll); - while($showDetails = mysql_fetch_array($sql_exec)) { + $sql_exec = mysqli_query($link,$GetDataComponentsAll); + while($showDetails = mysqli_fetch_array($sql_exec)) { echo ""; echo ' \ No newline at end of file +?> diff --git a/include/include_proj_show_price.php b/include/include_proj_show_price.php index dbdbe9b..8ba0d35 100644 --- a/include/include_proj_show_price.php +++ b/include/include_proj_show_price.php @@ -7,13 +7,13 @@ public function ProjectSumTotal() { $project_id = (int)$_GET["proj_id"]; $owner = $_SESSION['SESS_MEMBER_ID']; - $GetPersonal = mysql_query("SELECT currency FROM members WHERE member_id = ".$owner.""); - $personal = mysql_fetch_assoc($GetPersonal); + $GetPersonal = mysqli_query($link,"SELECT currency FROM members WHERE member_id = ".$owner.""); + $personal = mysqli_fetch_assoc($GetPersonal); $GetDataPrice = "SELECT SUM(total) FROM (SELECT projects_data_quantity * price AS total FROM projects_data JOIN `data` WHERE data.id = projects_data_component_id AND projects_data_project_id = ".$project_id.") AS project_total"; - $sql_exec_price = mysql_Query($GetDataPrice) or die(mysql_error()); + $sql_exec_price = mysqli_query($GetDataPrice) or die(mysqli_error($link)); - while($showPrice = mysql_fetch_array($sql_exec_price)) { + while($showPrice = mysqli_fetch_array($sql_exec_price)) { if ($showPrice['SUM(total)'] == 0){ echo "0 "; echo ' '; @@ -27,4 +27,4 @@ public function ProjectSumTotal() { } } } -?> \ No newline at end of file +?> diff --git a/include/include_proj_update.php b/include/include_proj_update.php index 2a95833..9052f3c 100644 --- a/include/include_proj_update.php +++ b/include/include_proj_update.php @@ -7,7 +7,7 @@ public function AddProj () { if(isset($_POST['submit'])) { $owner = $_SESSION['SESS_MEMBER_ID']; - $name = mysql_real_escape_string($_POST['name']); + $name = mysqli_real_escape_string($link,$_POST['name']); $id = (int)$_GET['proj_id']; if ($name == '') { @@ -15,11 +15,11 @@ public function AddProj () { } else { $sql = "UPDATE projects SET project_name = '".$name."' WHERE project_id = ".$id." "; - $sql_exec = mysql_query($sql); + $sql_exec = mysqli_query($link,$sql); header("location: " . $_SERVER['REQUEST_URI']); } } } } -?> \ No newline at end of file +?> diff --git a/include/include_shoplist.php b/include/include_shoplist.php index 9907773..0a6ce4e 100644 --- a/include/include_shoplist.php +++ b/include/include_shoplist.php @@ -12,8 +12,8 @@ public function ShoplistList() { $by = $_GET["by"]; $order = $_GET["order"]; - $bysql = mysql_real_escape_string($by); - $ordersql = mysql_real_escape_string($order); + $bysql = mysqli_real_escape_string($link,$by); + $ordersql = mysqli_real_escape_string($link,$order); if($by == 'price' or $by == 'pins' or $by == 'quantity') { @@ -29,9 +29,9 @@ public function ShoplistList() { } - $sql_exec = mysql_Query($GetDataComponentsAll); + $sql_exec = mysqli_query($link,$GetDataComponentsAll); - while($showDetails = mysql_fetch_array($sql_exec)) { + while($showDetails = mysqli_fetch_array($sql_exec)) { echo ""; echo ' 0 ORDER by name ASC"; - $sql_exec = mysql_Query($GetDataComponentsAll); - while($showDetails = mysql_fetch_array($sql_exec)) { + $sql_exec = mysqli_query($link,$GetDataComponentsAll); + while($showDetails = mysqli_fetch_array($sql_exec)) { $price = $showDetails['price']; $quantity = $showDetails['order_quantity']; @@ -33,4 +33,4 @@ public function ShoplistPriceSum() { } } } -?> \ No newline at end of file +?> diff --git a/include/login/config.php b/include/login/config.php index 113fa3e..e6b2e82 100644 --- a/include/login/config.php +++ b/include/login/config.php @@ -1,6 +1,6 @@ \ No newline at end of file + define('DB_DATABASE', 'database'); +?> diff --git a/include/mysql_connect.php b/include/mysql_connect.php index 5565c8a..b0cbcfe 100644 --- a/include/mysql_connect.php +++ b/include/mysql_connect.php @@ -1,10 +1,10 @@ - \ No newline at end of file + diff --git a/login-exec.php b/login-exec.php index f166b7d..7f541eb 100644 --- a/login-exec.php +++ b/login-exec.php @@ -12,13 +12,13 @@ $errflag = false; //Connect to mysql server - $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); + $link = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { - die('Failed to connect to server: ' . mysql_error()); + die('Failed to connect to server: ' . mysqli_error($link)); } //Select database - $db = mysql_select_db(DB_DATABASE); + $db = mysqli_select_db($link, DB_DATABASE); if(!$db) { die("Unable to select database"); } @@ -29,13 +29,13 @@ function clean($str) { if(get_magic_quotes_gpc()) { $str = stripslashes($str); } - return mysql_real_escape_string($str); + return mysqli_real_escape_string($link, $str); } //Sanitize the POST values - $login = clean($_POST['login']); - $password = clean($_POST['password']); - + $login = ($_POST['login']); + $password = ($_POST['password']); + //Input Validations if($login == '') { $errmsg_arr[] = 'Login ID missing'; @@ -56,28 +56,29 @@ function clean($str) { //Create query $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; - $result=mysql_query($qry); + $result=mysqli_query($link, $qry); //Check whether the query was successful or not if($result) { - if(mysql_num_rows($result) == 1) { + if(mysqli_num_rows($result) == 1) { //Login Successful session_regenerate_id(); - $member = mysql_fetch_assoc($result); + $member = mysqli_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); $member_id = $_SESSION['SESS_MEMBER_ID']; - mysql_query("INSERT INTO members_stats (members_stats_member) VALUES ('$member_id')"); + mysqli_query($link, "INSERT INTO members_stats (members_stats_member) VALUES ('$member_id')"); header("location: index.php"); exit(); }else { + print('Am here'); //Login failed - header("location: login-failed.php"); + //header("location: login-failed.php"); exit(); } }else { die("Query failed"); } -?> \ No newline at end of file +?> diff --git a/my.php b/my.php index 47eee32..62de7d6 100644 --- a/my.php +++ b/my.php @@ -5,8 +5,8 @@ $owner = $_SESSION['SESS_MEMBER_ID']; - $GetDataComponent = mysql_query("SELECT * FROM members WHERE member_id = ".$owner.""); - $executesql = mysql_fetch_assoc($GetDataComponent); + $GetDataComponent = mysqli_query($link,"SELECT * FROM members WHERE member_id = ".$owner.""); + $executesql = mysqli_fetch_assoc($GetDataComponent); ?> diff --git a/proj_edit.php b/proj_edit.php index cbbf276..2e8d46f 100644 --- a/proj_edit.php +++ b/proj_edit.php @@ -6,15 +6,15 @@ $owner = $_SESSION['SESS_MEMBER_ID']; $id = (int)$_GET['proj_id']; - $GetDataProjectName = mysql_query("SELECT * FROM projects WHERE project_id = ".$id." AND project_owner = ".$owner.""); - $executesql = mysql_fetch_assoc($GetDataProjectName); + $GetDataProjectName = mysqli_query($link,"SELECT * FROM projects WHERE project_id = ".$id." AND project_owner = ".$owner.""); + $executesql = mysqli_fetch_assoc($GetDataProjectName); if(isset($_POST['delete'])) { $sqlDeleteProject = "DELETE FROM projects WHERE project_id = ".$id." "; - $sql_exec_component_delete = mysql_query($sqlDeleteProject); + $sql_exec_component_delete = mysqli_query($link,$sqlDeleteProject); $sqlDeleteProject = "DELETE FROM projects_data WHERE projects_data_project_id = ".$id." "; - $sql_exec_project_delete = mysql_query($sqlDeleteProject); + $sql_exec_project_delete = mysqli_query($link,$sqlDeleteProject); header("Location: ."); } @@ -71,4 +71,4 @@
    - \ No newline at end of file + diff --git a/proj_list.php b/proj_list.php index 65fd044..950a75a 100644 --- a/proj_list.php +++ b/proj_list.php @@ -34,8 +34,8 @@ $AddProj = new ProjAdd; $AddProj->AddProj(); - $proj_query = mysql_query("SELECT * FROM projects WHERE project_owner= $owner"); - if(mysql_num_rows($proj_query) == 0){ + $proj_query = mysqli_query($link,"SELECT * FROM projects WHERE project_owner= $owner"); + if(mysqli_num_rows($proj_query) == 0){ echo '
    To create a BOM-list (Bill Of Material) you have to first create a project. You will then be able to add your components to your project and automaticly create a BOM-list.
    '; } ?> diff --git a/proj_show.php b/proj_show.php index c173012..dce023f 100644 --- a/proj_show.php +++ b/proj_show.php @@ -14,12 +14,12 @@ Viewing project - "; echo $row['project_name']; diff --git a/register-exec.php b/register-exec.php index 0a7014d..ef87028 100644 --- a/register-exec.php +++ b/register-exec.php @@ -12,18 +12,18 @@ $errflag = false; //Connect to mysql server - $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); + $link = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { - die('Failed to connect to server: ' . mysql_error()); + die('Failed to connect to server: ' . mysqli_error($link)); } //Select database - $db = mysql_select_db(DB_DATABASE); + $db = mysqli_select_db($link, DB_DATABASE); if(!$db) { die("Unable to select database"); } - mysql_set_charset('utf8'); + mysqli_set_charset($link, 'utf8'); //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { @@ -31,7 +31,7 @@ function clean($str) { if(get_magic_quotes_gpc()) { $str = stripslashes($str); } - return mysql_real_escape_string($str); + return mysqli_real_escape_string($link, $str); } //Sanitize the POST values @@ -95,13 +95,13 @@ function clean($str) { //Check for duplicate login ID if($login != '') { $qry = "SELECT * FROM members WHERE login='$login'"; - $result = mysql_query($qry); + $result = mysqli_query($link,$qry); if($result) { - if(mysql_num_rows($result) > 0) { + if(mysqli_num_rows($result) > 0) { $errmsg_arr[] = 'Username already in use'; $errflag = true; } - @mysql_free_result($result); + @mysqli_free_result($result); } else { die("Query failed"); @@ -118,7 +118,7 @@ function clean($str) { //Create INSERT query $qry = "INSERT INTO members(firstname, lastname, login, mail, passwd) VALUES('$fname','$lname','$login','$mail','".md5($_POST['password'])."')"; - $result = @mysql_query($qry); + $result = @mysqli_query($link,$qry); //Check whether the query was successful or not if($result) { @@ -127,4 +127,4 @@ function clean($str) { }else { die("Query failed"); } -?> \ No newline at end of file +?>