portoholic Posted May 25, 2014 Share Posted May 25, 2014 Hi All, Newbie here. I run a website using xmb forums software as a base login script to connect to my database and created my own crude and simple pages for adding and displaying the data learning as I went.Over the years with recent upgrades of php versions its now virtually useless and unsecure code. I archive a lot of news articles but have had trouble pasting text that includes apostrophe's and special characters, but managed to fix that using addslashes() now. Can someone suggest a tutorial or a way to rebuild my site from scratch or something I can use as a template to connect to my pages ?. Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted May 25, 2014 Share Posted May 25, 2014 the php.net documentation appendices contain migration sections that list what has been changed, removed, or added to php over time. becoming familiar with that information would be your first step - http://us3.php.net/manual/en/appendices.php as to the apostrophe's in data being put into database query statements, the specific reason your code stopped working was due the disabling and eventual removal of php's magic_quotes, which were escaping ALL external data, without taking into account things like character sets or even if you wanted that data to be escaped. however, instead of using addslashes(), which is identical to what the magic_quotes did, you should use your database library's proper string escape function (or use prepared queries with bound values.) Quote Link to comment Share on other sites More sharing options...
portoholic Posted May 25, 2014 Author Share Posted May 25, 2014 (edited) Ok thanks, looks like I have a lot of reading and learning to do then. I am really just a begginer at coding although my site has been up for 10 years and managed to do the job I needed. I can get away with it as is for now but should really rewrite it from scratch but not sure where to start. I still use mysql_query but read that it should be mysqli now or something else PDO and there is lots of conflict on which to use reading various posts on the net. Edited May 25, 2014 by portoholic Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted May 25, 2014 Share Posted May 25, 2014 there's also a section in the documentation that addresses the mysql/mysqli/pdo database libraries - http://us2.php.net/manual/en/mysqlinfo.api.choosing.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.