From 61396667f34bbb29fb07cf7de958f9f39a25ff00 Mon Sep 17 00:00:00 2001
From: taoufiqaitali <23a.marketing@gmail.com>
Date: Wed, 16 Jan 2019 21:09:51 +0100
Subject: [PATCH 1/2] migrate from mysql to mysqli, fix compatibility with php
7
---
Code PHP/arduino.php | 46 +++++-----
Code PHP/badgecheckfunction.php | 28 +++---
Code PHP/dash.php | 154 ++++++++++++++++----------------
Code PHP/db.php.inc | 6 +-
Code PHP/index.php | 30 +++----
Code PHP/register.php | 8 +-
Code PHP/test.php | 10 +--
Code PHP/test2.php | 6 +-
8 files changed, 143 insertions(+), 145 deletions(-)
diff --git a/Code PHP/arduino.php b/Code PHP/arduino.php
index 38c4e80..09d5a79 100644
--- a/Code PHP/arduino.php
+++ b/Code PHP/arduino.php
@@ -20,27 +20,27 @@
//GET REFERENCE VALUES
//get total ticks per liter
-$refTicksPerLiterResult = mysql_query("SELECT value FROM ref_data WHERE name = 'ticks_per_liter' LIMIT 1")
-or die(mysql_error());
-$refTicksPerLiterRows = mysql_fetch_array( $refTicksPerLiterResult );
+$refTicksPerLiterResult = mysqli_query($GLOBALS["cnx"], "SELECT value FROM ref_data WHERE name = 'ticks_per_liter' LIMIT 1")
+or die(mysqli_error($GLOBALS["cnx"]));
+$refTicksPerLiterRows = mysqli_fetch_array( $refTicksPerLiterResult );
$refTicksPerLiter = $refTicksPerLiterRows['value'];
//get keg status
- $kegStateResult = mysql_query("SELECT AVG(percentconsumed) AS avgpercentconsumed FROM keg_stats")
- or die(mysql_error());
- $kegStateRows = mysql_fetch_array( $kegStateResult );
+ $kegStateResult = mysqli_query($GLOBALS["cnx"], "SELECT AVG(percentconsumed) AS avgpercentconsumed FROM keg_stats")
+ or die(mysqli_error($GLOBALS["cnx"]));
+ $kegStateRows = mysqli_fetch_array( $kegStateResult );
$kegState = (100 - round($kegStateRows['avgpercentconsumed'],0));
//Now that we know the RFID value has been passed, check to see if the RFID is a current user
-$userResult = mysql_query("SELECT * FROM users WHERE rfid = '$rfid' LIMIT 1")
-or die(mysql_error());
+$userResult = mysqli_query($GLOBALS["cnx"], "SELECT * FROM users WHERE rfid = '$rfid' LIMIT 1")
+or die(mysqli_error($GLOBALS["cnx"]));
-if(mysql_num_rows($userResult) == 1) {
+if(mysqli_num_rows($userResult) == 1) {
//echo "Thank you for using Das Bot";
- $userRows = mysql_fetch_array( $userResult );
+ $userRows = mysqli_fetch_array( $userResult );
$user = $userRows['username'];
$userID = $userRows['id'];
@@ -61,9 +61,9 @@
//echo "total ticks per Liter = $refTicksPerLiter
";
//GET CURRENT TOTAL CONSUMPTION
- $totalDrinkResult = mysql_query("SELECT sum(volume) as total FROM drinks WHERE userid = '$userID' LIMIT 1")
- or die(mysql_error());
- $totalDrinksRows = mysql_fetch_array( $totalDrinkResult );
+ $totalDrinkResult = mysqli_query($GLOBALS["cnx"], "SELECT sum(volume) as total FROM drinks WHERE userid = '$userID' LIMIT 1")
+ or die(mysqli_error($GLOBALS["cnx"]));
+ $totalDrinksRows = mysqli_fetch_array( $totalDrinkResult );
$totalDrinks = $totalDrinksRows['total'];
$litersConsumed = round($totalDrinks / $refTicksPerLiter, 1);
@@ -77,24 +77,24 @@
$curTime = time();
if($_GET['consumed1'] > 5) {
- $drink1 = mysql_real_escape_string($_GET['consumed1']);
+ $drink1 = mysqli_real_escape_string($GLOBALS["cnx"], $_GET['consumed1']);
$insertDrinkQuery = "INSERT INTO `dasbot`.`drinks` (id,timestamp, userid, volume, kegid)
VALUES (NULL ,'$curTime', '$userID', '$drink1', 1)";
- mysql_query($insertDrinkQuery);
+ mysqli_query($GLOBALS["cnx"], $insertDrinkQuery);
}
if($_GET['consumed2'] > 5) {
- $drink2 = mysql_real_escape_string($_GET['consumed2']);
+ $drink2 = mysqli_real_escape_string($GLOBALS["cnx"], $_GET['consumed2']);
$insertDrinkQuery = "INSERT INTO `dasbot`.`drinks` (id,timestamp, userid, volume, kegid)
VALUES (NULL ,'$curTime', '$userID', '$drink2', 2)";
- mysql_query($insertDrinkQuery);
+ mysqli_query($GLOBALS["cnx"], $insertDrinkQuery);
}
if($_GET['consumed3'] > 5) {
- $drink3 = mysql_real_escape_string($_GET['consumed3']);
+ $drink3 = mysqli_real_escape_string($GLOBALS["cnx"], $_GET['consumed3']);
$insertDrinkQuery = "INSERT INTO `dasbot`.`drinks` (id,timestamp, userid, volume, kegid)
VALUES (NULL ,'$curTime', '$userID', '$drink3', 3)";
- mysql_query($insertDrinkQuery);
+ mysqli_query($GLOBALS["cnx"], $insertDrinkQuery);
}
//award badges via function
@@ -103,8 +103,8 @@
//get current leaders
$leaderQuery = "SELECT users.username, sum(drinks.volume) as total FROM drinks, users WHERE users.id= drinks.userid GROUP BY userid ORDER BY total DESC LIMIT 3";
- $leadersResult = mysql_query($leaderQuery)
- or die(mysql_error());
+ $leadersResult = mysqli_query($GLOBALS["cnx"], $leaderQuery)
+ or die(mysqli_error($GLOBALS["cnx"]));
//output message
$curDrinkLiters = round(($drink1 + $drink2 + $drink3)/$refTicksPerLiter, 1);
@@ -139,9 +139,9 @@
else {
//echo "User not found";
- mysql_query("INSERT INTO users (rfid)
+ mysqli_query($GLOBALS["cnx"], "INSERT INTO users (rfid)
VALUES ('$rfid')");
- $userID = mysql_insert_id();
+ $userID = ((is_null($___mysqli_res = mysqli_insert_id($GLOBALS["cnx"]))) ? false : $___mysqli_res);
echo "Hello! Das Bot v2.0 welcomes youID $userID!\n\n You must register at http://is.gd/kickthekeg before I can give you more beer.";
}
diff --git a/Code PHP/badgecheckfunction.php b/Code PHP/badgecheckfunction.php
index 7a1c78a..4b67dd9 100644
--- a/Code PHP/badgecheckfunction.php
+++ b/Code PHP/badgecheckfunction.php
@@ -7,10 +7,10 @@
function awardbadges($userid)
{
-$usernamelookupResult = mysql_query("SELECT username FROM dasbot.users WHERE id = $userid")
- or die(mysql_error());
+$usernamelookupResult = mysqli_query($GLOBALS["cnx"], "SELECT username FROM dasbot.users WHERE id = $userid")
+ or die(mysqli_error($GLOBALS["cnx"]));
-while($usernamelookupRows = mysql_fetch_array($usernamelookupResult)){
+while($usernamelookupRows = mysqli_fetch_array($usernamelookupResult)){
$username = $usernamelookupRows['username'];
}
@@ -22,17 +22,17 @@ function awardbadges($userid)
} else {
//get available badges
- $availablebadgesResult = mysql_query("SELECT bb.badgeid, bb.badgetitle, bb.badgeactive, bb.badgerules, bb.badgeqty, ba.badgeawardedcount
+ $availablebadgesResult = mysqli_query($GLOBALS["cnx"], "SELECT bb.badgeid, bb.badgetitle, bb.badgeactive, bb.badgerules, bb.badgeqty, ba.badgeawardedcount
FROM (dasbot.badges bb LEFT JOIN (SELECT badgeid, count(*) AS badgeawardedcount FROM dasbot.badgesawarded GROUP BY badgeid) ba
ON bb.badgeid = ba.badgeid) LEFT JOIN (SELECT badgeid FROM dasbot.badgesawarded WHERE userid = $userid) bc ON bb.badgeid = bc.badgeid
WHERE (bb.badgeqty = 0 OR bb.badgeqty > ba.badgeawardedcount OR ba.badgeawardedcount IS NULL) AND bc.badgeid IS NULL AND bb.badgeactive = 1")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
//establish counter for array of awarded badges
$b = 0;
//loop through available badges
- while($availablebadgesRows = mysql_fetch_array($availablebadgesResult)){
+ while($availablebadgesRows = mysqli_fetch_array($availablebadgesResult)){
$availablebadgesID = $availablebadgesRows['badgeid'];
$availablebadgesTitle = $availablebadgesRows['badgetitle'];
@@ -48,11 +48,11 @@ function awardbadges($userid)
//echo "
";
//check if badge should be awarded
- $awardbadgeResult = mysql_query("$availablebadgesRules")
- or die(mysql_error());
- echo mysql_error();
+ $awardbadgeResult = mysqli_query($GLOBALS["cnx"], "$availablebadgesRules")
+ or die(mysqli_error($GLOBALS["cnx"]));
+ echo mysqli_error($GLOBALS["cnx"]);
- while($awardbadgeRows = mysql_fetch_array($awardbadgeResult)){
+ while($awardbadgeRows = mysqli_fetch_array($awardbadgeResult)){
$awardbadgeBool = $awardbadgeRows['awardbadge'];
@@ -64,7 +64,7 @@ function awardbadges($userid)
//award badge if qualifies
if($awardbadgeBool == 1){
$awardBadge = "INSERT INTO dasbot.badgesawarded (userid, badgeid) VALUES ($userid, $availablebadgesID)";
- mysql_query($awardBadge);
+ mysqli_query($GLOBALS["cnx"], $awardBadge);
//store awarded badges in array
$awardedBadges[$b] = $availablebadgesID;
@@ -83,10 +83,10 @@ function awardbadges($userid)
{
//echo "Badge awarded: " . $awardedBadges[$i] . " ";
- $badgelookupResult = mysql_query("SELECT badgetitle, badgedescription FROM dasbot.badges WHERE badgeid = $awardedBadges[$i]")
- or die(mysql_error());
+ $badgelookupResult = mysqli_query($GLOBALS["cnx"], "SELECT badgetitle, badgedescription FROM dasbot.badges WHERE badgeid = $awardedBadges[$i]")
+ or die(mysqli_error($GLOBALS["cnx"]));
- while($badgelookupRows = mysql_fetch_array($badgelookupResult)){
+ while($badgelookupRows = mysqli_fetch_array($badgelookupResult)){
$badgetitle = $badgelookupRows['badgetitle'];
$badgedescription = $badgelookupRows['badgedescription'];
diff --git a/Code PHP/dash.php b/Code PHP/dash.php
index 85034af..567fa36 100644
--- a/Code PHP/dash.php
+++ b/Code PHP/dash.php
@@ -11,23 +11,23 @@
//GET REFERENCE VALUES
//get total ticks per liter
-$refTicksPerLiterResult = mysql_query("SELECT value FROM ref_data WHERE name = 'ticks_per_liter' LIMIT 1")
-or die(mysql_error());
-$refTicksPerLiterRows = mysql_fetch_array( $refTicksPerLiterResult );
+$refTicksPerLiterResult = mysqli_query($GLOBALS["cnx"], "SELECT value FROM ref_data WHERE name = 'ticks_per_liter' LIMIT 1")
+or die(mysqli_error($GLOBALS["cnx"]));
+$refTicksPerLiterRows = mysqli_fetch_array( $refTicksPerLiterResult );
$refTicksPerLiter = $refTicksPerLiterRows['value'];
//get current leaders
$leaderQuery = "SELECT users.username, sum(drinks.volume) as total FROM drinks, users WHERE users.id= drinks.userid AND users.username != 'orphan' AND users.username != 'Pitcher' GROUP BY userid ORDER BY total DESC LIMIT 5";
-$leadersResult = mysql_query($leaderQuery)
- or die(mysql_error());
+$leadersResult = mysqli_query($GLOBALS["cnx"], $leaderQuery)
+ or die(mysqli_error($GLOBALS["cnx"]));
//get keg status
-$kegConsumedResult = mysql_query("SELECT kegid, percentconsumed FROM keg_stats ORDER BY kegid ASC")
- or die(mysql_error());
+$kegConsumedResult = mysqli_query($GLOBALS["cnx"], "SELECT kegid, percentconsumed FROM keg_stats ORDER BY kegid ASC")
+ or die(mysqli_error($GLOBALS["cnx"]));
//preset values:
$keg1Consumed = 0;
@@ -35,7 +35,7 @@
$keg3Consumed = 0;
$i = 0;
-while($kegConsumedRows = mysql_fetch_assoc($kegConsumedResult)){
+while($kegConsumedRows = mysqli_fetch_assoc($kegConsumedResult)){
if($kegConsumedRows['kegid'] == "1")
$keg1Consumed = round($kegConsumedRows['percentconsumed']);
@@ -53,7 +53,7 @@
//GET FUN FACTS
//largest vessel
-$largestVesselResult = mysql_query("
+$largestVesselResult = mysqli_query($GLOBALS["cnx"], "
SELECT u.username
FROM users u,
drinks d
@@ -62,13 +62,13 @@
AND u.username != 'orphan'
ORDER BY d.volume DESC
LIMIT 1")
- or die(mysql_error());
-while($largestVesselRows = mysql_fetch_assoc($largestVesselResult)){
+ or die(mysqli_error($GLOBALS["cnx"]));
+while($largestVesselRows = mysqli_fetch_assoc($largestVesselResult)){
$largestVesselUser = $largestVesselRows['username'];
}
//Most trips
-$mostTripsResult = mysql_query("
+$mostTripsResult = mysqli_query($GLOBALS["cnx"], "
SELECT u.username,
count(d.volume) as drinks
FROM users u,
@@ -80,14 +80,14 @@
ORDER BY drinks DESC
LIMIT 1")
- or die(mysql_error());
-while($mostTripsRows = mysql_fetch_assoc($mostTripsResult)){
+ or die(mysqli_error($GLOBALS["cnx"]));
+while($mostTripsRows = mysqli_fetch_assoc($mostTripsResult)){
$mostTripsUser = $mostTripsRows['username'];
$mostTripsCount = $mostTripsRows['drinks'];
}
//least drank
-$leasDrankResult = mysql_query("
+$leasDrankResult = mysqli_query($GLOBALS["cnx"], "
SELECT users.username as username,
sum(drinks.volume) as total,
count(drinks.volume) as drink_count
@@ -99,8 +99,8 @@
GROUP BY userid
ORDER BY total ASC
LIMIT 1")
- or die(mysql_error());
-while($leastDrankRows = mysql_fetch_assoc($leasDrankResult)){
+ or die(mysqli_error($GLOBALS["cnx"]));
+while($leastDrankRows = mysqli_fetch_assoc($leasDrankResult)){
$leastDrankUser = $leastDrankRows['username'];
$leastDrankCount = $leastDrankRows['drink_count'];
$leastDrankVolume = round($leastDrankRows['total'] / $refTicksPerLiter, 1);
@@ -111,7 +111,7 @@
$recentDrinksFeed = "";
-$recentDrinksResult = mysql_query("
+$recentDrinksResult = mysqli_query($GLOBALS["cnx"], "
SELECT users.username as username,
drinks.volume as volume,
drinks.timestamp as time,
@@ -125,8 +125,8 @@
AND users.username != 'Pitcher'
ORDER BY drinks.id DESC
LIMIT 5")
- or die(mysql_error());
-while($recentDrinksRows = mysql_fetch_assoc($recentDrinksResult)){
+ or die(mysqli_error($GLOBALS["cnx"]));
+while($recentDrinksRows = mysqli_fetch_assoc($recentDrinksResult)){
$recentDrinksUser = $recentDrinksRows['username'];
$recentDrinksTime= date("g:i a", $recentDrinksRows['time']+(3600*3)); //fix the time zone thing
$recentDrinksBeer= $recentDrinksRows['beerName'];
@@ -177,7 +177,7 @@
//badge 1
-$badge1Result = mysql_query("
+$badge1Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -190,13 +190,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 1
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge1_num_winners = mysql_num_rows($badge1Result);
+$badge1_num_winners = mysqli_num_rows($badge1Result);
$i=0;
if($badge1_num_winners != 0) {
$badge1Winners = "";
- while($badge1Rows = mysql_fetch_assoc($badge1Result)){
+ while($badge1Rows = mysqli_fetch_assoc($badge1Result)){
if($i<3)
$badge1Winners = $badge1Winners.$badge1Rows['username']."
";
$badge1Title = $badge1Rows['title'];
@@ -213,7 +213,7 @@
//badge 2
-$badge2Result = mysql_query("
+$badge2Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -226,13 +226,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 18
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge2_num_winners = mysql_num_rows($badge2Result);
+$badge2_num_winners = mysqli_num_rows($badge2Result);
$i=0;
if($badge2_num_winners != 0) {
$badge2Winners = "";
- while($badge2Rows = mysql_fetch_assoc($badge2Result)){
+ while($badge2Rows = mysqli_fetch_assoc($badge2Result)){
if($i<3)
$badge2Winners = $badge2Winners.$badge2Rows['username']."
";
$badge2Title = $badge2Rows['title'];
@@ -247,7 +247,7 @@
} //end Badge 2
//badge 3
-$badge3Result = mysql_query("
+$badge3Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -260,13 +260,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 5
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge3_num_winners = mysql_num_rows($badge3Result);
+$badge3_num_winners = mysqli_num_rows($badge3Result);
$i=0;
if($badge3_num_winners != 0) {
$badge3Winners = "";
- while($badge3Rows = mysql_fetch_assoc($badge3Result)){
+ while($badge3Rows = mysqli_fetch_assoc($badge3Result)){
if($i<3)
$badge3Winners = $badge3Winners.$badge3Rows['username']."
";
$badge3Title = $badge3Rows['title'];
@@ -282,7 +282,7 @@
//badge 4
-$badge4Result = mysql_query("
+$badge4Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -295,13 +295,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 4
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge4_num_winners = mysql_num_rows($badge4Result);
+$badge4_num_winners = mysqli_num_rows($badge4Result);
$i=0;
if($badge4_num_winners != 0) {
$badge4Winners = "";
- while($badge4Rows = mysql_fetch_assoc($badge4Result)){
+ while($badge4Rows = mysqli_fetch_assoc($badge4Result)){
if($i<3)
$badge4Winners = $badge4Winners.$badge4Rows['username']."
";
$badge4Title = $badge4Rows['title'];
@@ -316,7 +316,7 @@
} //end Badge 4
//badge 5
-$badge5Result = mysql_query("
+$badge5Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -329,13 +329,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 3
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge5_num_winners = mysql_num_rows($badge5Result);
+$badge5_num_winners = mysqli_num_rows($badge5Result);
$i=0;
if($badge5_num_winners != 0) {
$badge5Winners = "";
- while($badge5Rows = mysql_fetch_assoc($badge5Result)){
+ while($badge5Rows = mysqli_fetch_assoc($badge5Result)){
if($i<3)
$badge5Winners = $badge5Winners.$badge5Rows['username']."
";
$badge5Title = $badge5Rows['title'];
@@ -350,7 +350,7 @@
} //end Badge 5
//badge 6
-$badge6Result = mysql_query("
+$badge6Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -363,13 +363,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 16
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge6_num_winners = mysql_num_rows($badge6Result);
+$badge6_num_winners = mysqli_num_rows($badge6Result);
$i=0;
if($badge6_num_winners != 0) {
$badge6Winners = "";
- while($badge6Rows = mysql_fetch_assoc($badge6Result)){
+ while($badge6Rows = mysqli_fetch_assoc($badge6Result)){
if($i<3)
$badge6Winners = $badge6Winners.$badge6Rows['username']."
";
$badge6Title = $badge6Rows['title'];
@@ -384,7 +384,7 @@
} //end Badge 6
//badge7
-$badge7Result = mysql_query("
+$badge7Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -397,13 +397,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 7
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge7_num_winners = mysql_num_rows($badge7Result);
+$badge7_num_winners = mysqli_num_rows($badge7Result);
$i=0;
if($badge7_num_winners != 0) {
$badge7Winners = "";
- while($badge7Rows = mysql_fetch_assoc($badge7Result)){
+ while($badge7Rows = mysqli_fetch_assoc($badge7Result)){
if($i<3)
$badge7Winners = $badge7Winners.$badge7Rows['username']."
";
$badge7Title = $badge7Rows['title'];
@@ -418,7 +418,7 @@
} //end badge7
//badge8
-$badge8Result = mysql_query("
+$badge8Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -431,13 +431,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 17
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge8_num_winners = mysql_num_rows($badge8Result);
+$badge8_num_winners = mysqli_num_rows($badge8Result);
$i=0;
if($badge8_num_winners != 0) {
$badge8Winners = "";
- while($badge8Rows = mysql_fetch_assoc($badge8Result)){
+ while($badge8Rows = mysqli_fetch_assoc($badge8Result)){
if($i<3)
$badge8Winners = $badge8Winners.$badge8Rows['username']."
";
$badge8Title = $badge8Rows['title'];
@@ -452,7 +452,7 @@
} //end badge8
//badge9
-$badge9Result = mysql_query("
+$badge9Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -465,13 +465,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 12
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge9_num_winners = mysql_num_rows($badge9Result);
+$badge9_num_winners = mysqli_num_rows($badge9Result);
$i=0;
if($badge9_num_winners != 0) {
$badge9Winners = "";
- while($badge9Rows = mysql_fetch_assoc($badge9Result)){
+ while($badge9Rows = mysqli_fetch_assoc($badge9Result)){
if($i<3)
$badge9Winners = $badge9Winners.$badge9Rows['username']."
";
$badge9Title = $badge9Rows['title'];
@@ -486,7 +486,7 @@
} //end badge9
//badge10
-$badge10Result = mysql_query("
+$badge10Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -499,13 +499,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 13
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge10_num_winners = mysql_num_rows($badge10Result);
+$badge10_num_winners = mysqli_num_rows($badge10Result);
$i=0;
if($badge10_num_winners != 0) {
$badge10Winners = "";
- while($badge10Rows = mysql_fetch_assoc($badge10Result)){
+ while($badge10Rows = mysqli_fetch_assoc($badge10Result)){
if($i<3)
$badge10Winners = $badge10Winners.$badge10Rows['username']."
";
$badge10Title = $badge10Rows['title'];
@@ -520,7 +520,7 @@
} //end badge10
//badge11
-$badge11Result = mysql_query("
+$badge11Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -533,13 +533,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 14
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge11_num_winners = mysql_num_rows($badge11Result);
+$badge11_num_winners = mysqli_num_rows($badge11Result);
$i=0;
if($badge11_num_winners != 0) {
$badge11Winners = "";
- while($badge11Rows = mysql_fetch_assoc($badge11Result)){
+ while($badge11Rows = mysqli_fetch_assoc($badge11Result)){
if($i<3)
$badge11Winners = $badge11Winners.$badge11Rows['username']."
";
$badge11Title = $badge11Rows['title'];
@@ -554,7 +554,7 @@
} //end badge11
//badge12
-$badge12Result = mysql_query("
+$badge12Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -567,13 +567,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 9
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge12_num_winners = mysql_num_rows($badge12Result);
+$badge12_num_winners = mysqli_num_rows($badge12Result);
$i=0;
if($badge12_num_winners != 0) {
$badge12Winners = "";
- while($badge12Rows = mysql_fetch_assoc($badge12Result)){
+ while($badge12Rows = mysqli_fetch_assoc($badge12Result)){
if($i<3)
$badge12Winners = $badge12Winners.$badge12Rows['username']."
";
$badge12Title = $badge12Rows['title'];
@@ -588,7 +588,7 @@
} //end badge12
//badge13
-$badge13Result = mysql_query("
+$badge13Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -601,13 +601,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 15
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge13_num_winners = mysql_num_rows($badge13Result);
+$badge13_num_winners = mysqli_num_rows($badge13Result);
$i=0;
if($badge13_num_winners != 0) {
$badge13Winners = "";
- while($badge13Rows = mysql_fetch_assoc($badge13Result)){
+ while($badge13Rows = mysqli_fetch_assoc($badge13Result)){
if($i<3)
$badge13Winners = $badge13Winners.$badge13Rows['username']."
";
$badge13Title = $badge13Rows['title'];
@@ -622,7 +622,7 @@
} //end badge13
//badge14
-$badge14Result = mysql_query("
+$badge14Result = mysqli_query($GLOBALS["cnx"], "
SELECT u.username as username,
b.badgeimg as active,
b.badgeimg_inactive as inactive,
@@ -635,13 +635,13 @@
AND ba.badgeid = b.badgeid
AND b.badgeid = 8
AND u.username != 'orphan'")
- or die(mysql_error());
+ or die(mysqli_error($GLOBALS["cnx"]));
-$badge14_num_winners = mysql_num_rows($badge14Result);
+$badge14_num_winners = mysqli_num_rows($badge14Result);
$i=0;
if($badge14_num_winners != 0) {
$badge14Winners = "";
- while($badge14Rows = mysql_fetch_assoc($badge14Result)){
+ while($badge14Rows = mysqli_fetch_assoc($badge14Result)){
if($i<3)
$badge14Winners = $badge14Winners.$badge14Rows['username']."
";
$badge14Title = $badge14Rows['title'];
@@ -708,7 +708,7 @@ function drawChart() {
@@ -107,15 +107,15 @@ function drawChart() {
else if (isset($_GET['name']) && isset($_GET['id'])) { //form submitted, username provided
- $name = mysql_real_escape_string($_GET['name']);
- $id = mysql_real_escape_string($_GET['id']);
+ $name = mysqli_real_escape_string($GLOBALS["cnx"], $_GET['name']);
+ $id = mysqli_real_escape_string($GLOBALS["cnx"], $_GET['id']);
//check to make sure the user really is an orphan
- $orphanVerifyResult = mysql_query("SELECT * FROM users WHERE username='orphan' AND id=$id")
- or die(mysql_error());
- if(mysql_num_rows($orphanVerifyResult) == 1) {
+ $orphanVerifyResult = mysqli_query($GLOBALS["cnx"], "SELECT * FROM users WHERE username='orphan' AND id=$id")
+ or die(mysqli_error($GLOBALS["cnx"]));
+ if(mysqli_num_rows($orphanVerifyResult) == 1) {
$updateQuery = "UPDATE `dasbot`.`users` SET `username` = '$name' WHERE `users`.`id` =$id";
- mysql_query($updateQuery);
+ mysqli_query($GLOBALS["cnx"], $updateQuery);
echo "Registration
";
echo "Prost, $name! You are now registered!
";
@@ -136,11 +136,11 @@ function drawChart() {
@@ -96,7 +96,7 @@ function drawChart() {
$name = $_GET['name'];
$id = $_GET['id'];
-mysql_query("UPDATE users SET username = '$name' WHERE id = $id");
+mysqli_query($GLOBALS["cnx"], "UPDATE users SET username = '$name' WHERE id = $id");
?>
diff --git a/Code PHP/test.php b/Code PHP/test.php
index cdbd122..eb19cda 100644
--- a/Code PHP/test.php
+++ b/Code PHP/test.php
@@ -5,10 +5,10 @@
$userid = 27;
-$usernamelookupResult = mysql_query("SELECT kegid, percentconsumed FROM dasbot.keg_stats ORDER BY kegid ASC")
- or die(mysql_error());
+$usernamelookupResult = mysqli_query($GLOBALS["cnx"], "SELECT kegid, percentconsumed FROM dasbot.keg_stats ORDER BY kegid ASC")
+ or die(mysqli_error($GLOBALS["cnx"]));
-while($usernamelookupRows = mysql_fetch_array($usernamelookupResult)){
+while($usernamelookupRows = mysqli_fetch_array($usernamelookupResult)){
echo "Keg ID: ";
echo $usernamelookupRows['kegid'];
@@ -22,6 +22,4 @@
-?>
-
-
+?>
\ No newline at end of file
diff --git a/Code PHP/test2.php b/Code PHP/test2.php
index de3a828..a7da7df 100644
--- a/Code PHP/test2.php
+++ b/Code PHP/test2.php
@@ -5,10 +5,10 @@
$userid = 27;
-$usernamelookupResult = mysql_query("SELECT kegid, percentconsumed FROM dasbot.keg_stats ORDER BY kegid ASC")
- or die(mysql_error());
+$usernamelookupResult = mysqli_query($GLOBALS["cnx"], "SELECT kegid, percentconsumed FROM dasbot.keg_stats ORDER BY kegid ASC")
+ or die(mysqli_error($GLOBALS["cnx"]));
-while($usernamelookupRows = mysql_fetch_array($usernamelookupResult)){
+while($usernamelookupRows = mysqli_fetch_array($usernamelookupResult)){
//echo "Keg ID: ";
echo $usernamelookupRows['kegid'];
From d5158d30fd5742ea89acc41ceff34dcafc29a88c Mon Sep 17 00:00:00 2001
From: taoufiqaitali <23a.marketing@gmail.com>
Date: Wed, 16 Jan 2019 21:14:35 +0100
Subject: [PATCH 2/2] rename db.php.inc to db.inc.php for security
---
Code PHP/arduino.php | 2 +-
Code PHP/badgecheckfunction.php | 2 +-
Code PHP/dash.php | 2 +-
Code PHP/{db.php.inc => db.inc.php} | 0
Code PHP/index.php | 2 +-
Code PHP/register.php | 2 +-
Code PHP/test.php | 2 +-
Code PHP/test2.php | 2 +-
readme.md | 2 +-
9 files changed, 8 insertions(+), 8 deletions(-)
rename Code PHP/{db.php.inc => db.inc.php} (100%)
diff --git a/Code PHP/arduino.php b/Code PHP/arduino.php
index 09d5a79..d1f4a8a 100644
--- a/Code PHP/arduino.php
+++ b/Code PHP/arduino.php
@@ -3,7 +3,7 @@
//Test URL
//http://www.tinkurlab.com/projects/dasbot/arduino.php?rfid=12345678&consumed1=750&consumed2=0&consumed3=0
-require('db.php.inc');
+require('db.inc.php');
include 'badgecheckfunction.php';
diff --git a/Code PHP/badgecheckfunction.php b/Code PHP/badgecheckfunction.php
index 4b67dd9..e551830 100644
--- a/Code PHP/badgecheckfunction.php
+++ b/Code PHP/badgecheckfunction.php
@@ -1,6 +1,6 @@