0

I have a lot of code for a website in php that uses deprecated mysql functions. (Sql injection protection was via real_escape_string). I am suddenly getting warnings at top of page that mysql_connect is deprecated probably because my host has upgrade their version of PHP and there is no question I have to upgrade to mysqli asap. This is no easy task as we are talking thousands of calls.

However, althoughthe site is flashing these warnings, the majority of the calls still work, i.e. you can log in and display data-driven pages. In fact I am getting warnings about just three functions, mysql_connect, mysql_numrows and dates.

Why would the database connection still work if mysql_connect supposedly is now totally deprecated? As a quick fix while I undertake the job of upgrading the whole site, can anyone suggest a substitute for mysql_numrows.

Thanks for any insights or suggestions.

Improve this question
15
  • This can easily be Google'd. Commented Oct 13, 2015 at 0:24
  • 1
    I've already googled it. No good answers. I take it you don't have any suggestions other than check google? Commented Oct 13, 2015 at 0:27
  • Deprecated and removed are two different things, which is why it still works (unless the host upgraded to 7 or above) Commented Oct 13, 2015 at 0:28
  • 1
    what are you asking about a substitute for mysql_numrows? You're going to have to elaborate on that and post some code. Commented Oct 13, 2015 at 0:28
  • 1
    You can use error_reporting(E_ALL & ~E_DEPRECATED); temporarily while you are trying to upgrade to mysqli. And the best recommendation that we can give is to study prepared statement Commented Oct 13, 2015 at 0:32

1 Answer 1

Reset to default
1

While this can be Googled, I want to explain the answer to the asker, and allow future readers to understand this question easily.

Deprecated code doesn't necessarily mean the code won't work. It indicates that it is no longer supported.

Now in theory, you can just go and put an @ in front of the function and the error won't appear. Now I recommend you NEVER DO THIS in a working environment. It exists to suppress warnings, but it still means you have security weaknesses. All php functions that express mysql_functionName() are outdated (or deprecated). To fix this, use something along the lines of mysqli_functionName() instead.

Using mysqli allows you to stay up to date. Now I see you are using procedural styling. This is allowed, but it is recommended that you use object-oriented-programming or PDO. I personally use OOP-mysqli.

Now it should be noted that it is not a seamless transition; meaning you cannot simply just add the i in mysql. Functions such as mysqli_connect() are different. mysqli_num_rows() on the other hand should handle the same by just adding the i in mysql. Check the Mysqli Documentation here for more info on the transitions.

To be more elaborate:

This are nearly the same: mysqli_num_rows()

These are different: mysqli_connect(), mysqli_real_escape_string()

This is removed mysql_result() (There is no built in equivalent in mysqli).

I hope this answer was elaborate enough for you.

EDIT:

Based on the question asked by the asker, it is not possible to combine both mysql and mysqli together. They are different calls to the database. If you call a mysqli_connect(), the variable you set it to is connected to that db call. It will only recognize mysqli. A lot of functions in mysqli such as mysqli_real_escape_string() and mysqli_query() require you to pass the connection of the original db call.

In conclusion, don't try to mix calls. It won't work and it has a lot of security issues and flaws.

It is my opinion that one should completely rewrite their code when the entire infrastructure changes, since it is safer to not risk any old code that might have been left behind in edits. This of course has a major flaw; being it means having to work super hard to rebuild. It is up to the user in this case depending on the size of the project.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Ok. THx. Got some good news. Host made upgrade for security reasons but it turns they have option for me to switch php version back so I have more time to do this. The specifics are very helpful.
One last question. Can these mysql and mysqli co-exist or do I have to change and debug everything before it will work correctly? I read somewhere they use same underlying library.
@user1904273 I went back and edited the question for you.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.