dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix. use `mysqli_real_escape_string` instead or deprecated `mysql_real_escape_string` 

From PHP.net
```
Warning
This extension was deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0.
Instead, the MySQLi or PDO_MySQL extension should be used.
...
Alternatives to this function include:
 * mysqli_real_escape_string()
 * PDO::quote()
```
This commit is contained in:
Alexey Melnichuk 2016-03-29 16:34:36 +03:00
parent 6976624c67
commit b2c5bd85a3
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
resources/functions.php
View File

@ -54,7 +54,7 @@
if (!function_exists('check_str')) {
function check_str($string) {
global $db_type;
global $db_type, $db;
//when code in db is urlencoded the ' does not need to be modified
if ($db_type == "sqlite") {
if (function_exists('sqlite_escape_string')) {
@ -68,7 +68,12 @@
$string = pg_escape_string($string);
}
if ($db_type == "mysql") {
$tmp_str = mysql_real_escape_string($string);
if(function_exists('mysql_real_escape_string')){
$tmp_str = mysql_real_escape_string($string);
}
else{
$tmp_str = mysqli_real_escape_string($db, $string);
}
if (strlen($tmp_str)) {
$string = $tmp_str;
}