1 2 Previous Next 51 Replies Latest reply: Jan 30, 2015 12:14 PM by Ray Borduin RSS

    Warning: PHP plans to remove original mysql functions

    David_Powers CommunityMVP

      I've posted this in the Develop server-side applications with Dreamweaver forum, but it's worth repeating here because so many people seem to post about PHP problems in this forum.

       

      This has been a long time coming, but PHP has now officially deprecated the original mysql functions, as used in Dreamweaver server behaviors, and has announced that they will be removed "in the future".

       

      If you're still relying on Dreamweaver PHP server behaviors, it's time to start thinking of an alternative strategy. It's not clear when PHP will remove the mysql functions, but when it happens, Dreamweaver PHP server behaviors will stop working.

       

      This doesn't mean you will no longer be able to use the MySQL database with PHP, but you need to convert all your code to mysqli (MySQL Improved) or PDO. It's important to realize that you can't mix the different APIs.

       

      Note: this is a PHP decision, not one made by Adobe.

        • 1. Re: Warning: PHP plans to remove original mysql functions
          SnakEyez02 CommunityMVP

          Thanks for the update David.  Hopefully this means removal of mySQL functions in DW by CS7.

          • 2. Re: Warning: PHP plans to remove original mysql functions
            Ken Binney CommunityMVP

            Thanks for the heads-up -

             

            Will I need to be make any changes in simple sites using SSI without databases?

             

            For example:

             

              <?php require_once("PCheader.inc"); ?>

            • 3. Re: Warning: PHP plans to remove original mysql functions
              SnakEyez02 CommunityMVP

              You shouldn't need to Ken.  The mySQL functions are a library built into PHP.  It's simply being replaced by a different one.  The full list of changes are found here: http://php.net/manual/en/migration55.changes.php - there are 2 links for incompatibilities and also new features being introduced.

              • 4. Re: Warning: PHP plans to remove original mysql functions
                Ken Binney CommunityMVP

                Thanks pal -

                 

                Much appreciated.

                • 5. Re: Warning: PHP plans to remove original mysql functions
                  osgood_ CommunityMVP

                  David_Powers wrote:

                   

                   

                  This doesn't mean you will no longer be able to use the MySQL database with PHP, but you need to convert all your code to mysqli (MySQL Improved) or PDO. It's important to realize that you can't mix the different APIs.

                   

                   

                   

                  1) How complex is it going to be to covert the code?

                   

                  2) I'm assuming Adobe is ahead of the game and has something already planned to replace the current  database server behavious as that is what makes it a powerful program.

                   

                  3) will ALL the server behaviours stop working or is it just the one that connect to the database?

                   

                  4) Hummmm.....if behaviours are just going to stop working overnight when a host upgrade to the next version of php that's going to cause mayhem!

                  • 6. Re: Warning: PHP plans to remove original mysql functions
                    MurraySummers CommunityMVP

                    You would only need to worry about conversion on servers that update their PHP version. If you are on shared hosting that may not happen for a long time.

                    • 7. Re: Warning: PHP plans to remove original mysql functions
                      pziecina Community Member

                      osgood_ wrote:

                       

                      1) How complex is it going to be to covert the code?

                       

                      2) I'm assuming Adobe is ahead of the game and has something already planned to replace the current  database server behavious as that is what makes it a powerful program.

                       

                      3) will ALL the server behaviours stop working or is it just the one that connect to the database?

                       

                      4) Hummmm.....if behaviours are just going to stop working overnight when a host upgrade to the next version of php that's going to cause mayhem!

                       

                      Hi

                       

                      Item 1. This will depend on your current code.

                      Item 2. No Idea, (and as you know, anyone who does say anything also has no idea).

                      Item 3. Just those that are connected to a database. However PHP 5.4 does make some major changes to PHP, so it will be worth checking.

                      Item 4. They will not stop working overnight. Depending on your server-provider, thay may ask you to -

                      A. Update your code.

                      B. Change to another server-provider.

                      C. Move your site to a 'Legacy Server', (this is the worst option).

                       

                      Why "worst option"?

                      Well they may decide that that server will not be updated.

                       

                      PZ

                      • 8. Re: Warning: PHP plans to remove original mysql functions
                        David_Powers CommunityMVP

                        osgood_ wrote:

                         

                        1) How complex is it going to be to covert the code?

                        The MySQL Improved functions were designed to fairly easy to map to the old mysql ones, but there are considerable differences. Converting Dreamweaver server behaviors is not a trivial task.

                         

                        I haven't used the server behaviors for many years, so can't remember the details of the code. All database-related server behaviors use the deprecated functions, so will need to be replaced. I've been helping someone in the server-side forum, and remember seeing logout code obviously generated by Dreamweaver that uses session_unregister(), which has already been removed from PHP 5.4. My advice would be to start planning to replace all server behavior code now.

                         

                        Only Adobe can announce what its plans concerning server behaviors are. However, the fact that they haven't been updated in years probably tells you something.

                         

                        I doubt if hosting companies will upgrade without warning. It's also significant that the PHP announcement merely says "in the future". A huge number of websites rely on the deprecated functions, not just DW server behaviors. But the message should be clear: start planning now.

                        • 9. Re: Warning: PHP plans to remove original mysql functions
                          osgood_ CommunityMVP

                          Ok folks I've read your replies thanks and need to look into this. Right now I'm none the wiser without doing some extensive Googling on the subject but a bit concerned.

                           

                          So how would something like the Dreamweaver crap posted below be translated into the new format assuming I was to connect using the follwing mysqli format?

                           

                          $mysqli = new mysqli('host' , 'username' , 'password' , 'database');

                           

                          Dreamweaver crap:

                           

                          mysql_select_db($database_conStarBreaks, $conStarBreaks);

                          $query_rsHolidayList = "SELECT * FROM holidays ORDER BY holidayDate";

                          $rsHolidayList = mysql_query($query_rsHolidayList, $conStarBreaks) or die(mysql_error());

                          $row_rsHolidayList = mysql_fetch_assoc($rsHolidayList);

                          $totalRows_rsHolidayList = mysql_num_rows($rsHolidayList);

                           

                          I can see some kind of tie up - $conStarBreaks above is the variable built up in the DW connections folder so I assume I could replace that with the variable $mysqli, right?

                           

                          mysql_select_db($database_conStarBreaks, $mysqli);

                           

                          But are we saying all of the mysql_ stuff is to become defunct - from this point on should not be used?

                          • 10. Re: Warning: PHP plans to remove original mysql functions
                            pziecina Community Member

                            Hi Os

                             

                            If you go to my website and download, (and install) the pdo extension it will get you started with using PDO.

                             

                            The documentation is also on the same page. Sorry about the bad formatting of the documentation, as I had to add the 'open source' info quickly, because people were selling the extension and then users were coming to my site and insisting on help/support.

                             

                            http://www.pziecina.com/design/dreamweaver/pdo_extension.php

                             

                            PZ

                            • 11. Re: Warning: PHP plans to remove original mysql functions
                              osgood_ CommunityMVP

                              pziecina wrote:

                               

                              Hi Os

                               

                              If you go to my website and download, (and install) the pdo extension it will get you started with using PDO.

                               

                              The documentation is also on the same page. Sorry about the bad formatting of the documentation, as I had to add the 'open source' info quickly, because people were selling the extension and then users were coming to my site and insisting on help/support.

                               

                              http://www.pziecina.com/design/dreamweaver/pdo_extension.php

                               

                              PZ

                              Now my brain is scrambled lol.

                               

                              I'm sort of exploring mysqli at the moement. I have the below that does the identical job to the Dreameweaver stuff I posted above.

                               

                               

                              <?php

                              $db = new mysqli('localhost' , 'root' , 'root' , kevtral');

                              if($db->connect_errno > 0){

                                  die('Unable to connect to database [' . $db->connect_error . ']');

                              }

                              $sql = <<<SQL

                                  SELECT *

                                  FROM holidays

                              SQL;

                               

                              if(!$result = $db->query($sql)){

                                  die('There was an error running the query [' . $db->error . ']');

                              }

                              ?>

                               

                              I can loop through the records using he below:

                               

                              <?php

                              while($row = $result->fetch_assoc()){

                                  echo $row['holidayTitle'] . '<br />';

                              }

                              ?>

                               

                              BUT when I put the loop around a <tr></tr> as below it does nothing:

                               

                              <?php do { ?>

                              <tr>

                              <td><?php echo $row['holidayTitle']; ?></td>

                              <td><?php echo $row['holidayDate']; ?></td>

                              <td><?php echo $row['holidayPrice']; ?></td>

                              </tr>

                              <?php } while ($row = $result->fetch_assoc()); ?>

                               

                              ALSO why would adding ORDER BY holidayDate (as below) stop things working? Is that not written correct for mysqli?

                               

                               

                              $sql = <<<SQL

                                  SELECT *

                                  FROM holidays ORDER BY holidayDate

                              SQL;

                              • 12. Re: Warning: PHP plans to remove original mysql functions
                                pziecina Community Member

                                Hi Os

                                 

                                Sorry but I have not used the old MySQL or MySQLi  in years, (I only use PDO now).

                                 

                                You best course of action is probably to buy Davis 'PHP Solutions' 2nd ed, or look at the book available form 'Larry Ullman'. Using MySQLi or PDO has little comparison to using Dw's SB's as they are both 'Object Orientated', (MySQLi can be done procedurally, but if you are learning new anyway!) the good news though is that the sql statements themselves can often be retained or easily modified.

                                 

                                PZ

                                • 13. Re: Warning: PHP plans to remove original mysql functions
                                  osgood_ CommunityMVP

                                  HI PZ,

                                   

                                  No worries I sorted most of the issues out by trial and error. It's all good now. I'm already begining to think this is a lot cleaner and simpler than the overbloated code produced by DW.

                                   

                                  What I might do is see if I can convert a site I've just finished using sql_ to the improved sqli stuff and see how I go. I think it will be a good few years yet before sql_ gets finally confined to the dustin, but its good to get ahead of the game, starting from now.

                                   

                                  Thanks

                                  Os

                                  • 14. Re: Warning: PHP plans to remove original mysql functions
                                    David_Powers CommunityMVP

                                    osgood_ wrote:

                                     

                                    BUT when I put the loop around a <tr></tr> as below it does nothing:

                                    You're making the mistake of trying to adapt one style of coding to another. Dreamweaver's server behaviors automatically get the first row of results before running the do... while loop.

                                     

                                    Although the mysqli functions were designed to map relatively easily to the old ones, simplifying the migration process, it's not as easy as that. Dreamweaver's server behaviors built in custom routines, such as the GetSQLValueString() function to prevent SQL injection. There's a thread in the server-side application forum asking how to convert that to mysqli. The simple answer is that you shouldn't even attempt to do so. MySQLi uses prepared statements that avoid the need for GetSQLValueString().

                                     

                                    The bottom line is that you shouldn't even attempt to convert the server behavior code. You need to start from scratch. Tough, but true.

                                     

                                    Having said that, I don't believe that PHP will drop support for the old mysql functions in a hurry. Nor will hosts stop supporting them overnight. My advice is to leave existing sites as they are, but to avoid using server behaviors (or the old mysql functions) for any new projects. Of course, if your existing project is likely to continue running for several years, you'll need to think about migrating it at some stage.

                                     

                                    This is simply a warning that change is coming. As Paula suggests, maybe it's time to crack open a book on the subject. My PHP Solutions, 2nd Edition uses only MySQLi and PDO. It's not the only book out there, but I reckon it's pretty good (but then I would, wouldn't I? )

                                    • 15. Re: Warning: PHP plans to remove original mysql functions
                                      osgood_ CommunityMVP

                                      Hi David the below actually worked just fine. I had another instance of the -> fetch line on the page above it which I think was stopping it from working initially.

                                       

                                      <?php while($row = $result->fetch_assoc()){ ?>

                                      <tr>

                                      <td><?php echo $row['holidayTitle']; ?></td>

                                      <td><?php echo $row['holidayDate']; ?></td>

                                      <td><?php echo $row['holidayPrice']; ?></td>

                                      </tr>

                                      <?php } ?>

                                       

                                      I hear what you say. Looking at the website I'm currently working on which relies heavily on the sql_ stuff it would be quite extensive to go through it and change all of that. I might do it at some stage after the site has gone live just as an experiment and see what kind of a muddle I get myself into.

                                       

                                      I'll check out your book....I've got a couple, which I still refer to all of the time.

                                       

                                      I've never much liked the server behaviour code DW writes anyway. Could never understand it. Looked to me to always be bloated and more than required so have recently been looking at more hand coding it that area to get more familar with what is happening.

                                       

                                      I'm off to watch Jonathan Creek now lol

                                       

                                      Thanks

                                       

                                      Os

                                      • 16. Re: Warning: PHP plans to remove original mysql functions
                                        Ben Pleysier CommunityMVP

                                        Hi PZ,

                                         

                                        Although I have been in possession of your extension, I have chosen to use MySQLi mainly because I saw this as being a natural PHP extension. As such, I imagine that it would be maintained within the PHP/MySQL framework.

                                         

                                        I know that PDO is  flexible in that it can be used for other databases; but in reality we usually stick with MySQL.

                                         

                                        Please give me your reasons for choosing PDO. It is still early stage and if I were to change my mind, I would love to do so now.

                                        • 17. Re: Warning: PHP plans to remove original mysql functions
                                          David_Powers CommunityMVP

                                          Ben, PDO was introduced with great fanfare in PHP 5.1 (2005). It was intended to be "the future of database connectivity" in PHP because it's an abstraction layer that allows you to use the same code to communicate with different databases. Unfortunately, it hasn't lived up to expectations for a variety of reasons. One has been the failure of those responsible for its development to deliver equal functionality for each database system. The other is the fact that different database systems have their own dialects of SQL.

                                           

                                          That's not to say that PDO is a bad choice. If you're in a situation where you're likely to need to communicate with different database systems, PDO is the only logical choice. However, you need to recognize that you won't be able to access all the native functionality of each database system. You'll also need to restrict yourself to generic SQL, or to rewrite the SQL queries for different systems.

                                           

                                          If you don't need to work with different database systems, choose the native functions. In the case of MySQL, use MySQLi. Of course, if MySQL goes south, or you change your mind about which DB to use, you'll need to rewrite everything again.

                                           

                                          Isn't life wonderful?

                                          • 18. Re: Warning: PHP plans to remove original mysql functions
                                            Ben Pleysier CommunityMVP

                                            Thank you David. Your explanation confirms my thoughts.

                                             

                                            However, there is still no clear reason (in my mind) to use one or the other. I already have an indecisive better half and now I am adding to our woes.

                                             

                                            As far as Oracle discontinuing MySQL, I have been thinking about MariaDB.

                                             

                                            MySQL's creator, Michael "Monty" Widenius, is scathing on database's future with Oracle

                                             

                                            Life is wonderful!!!

                                            • 19. Re: Warning: PHP plans to remove original mysql functions
                                              pziecina Community Member

                                              Hi Ben

                                               

                                              The main reason that I use PDO is because I do have to connect to different types of databases, and learning one method in php, is much easier that learning three different methods in three different server side languages.

                                               

                                              When David says -

                                              "However, you need to recognize that you won't be able to access all the native functionality of each database system. You'll also need to restrict yourself to generic SQL, or to rewrite the SQL queries for different systems.".

                                               

                                              Depending on how you read what David has written, full database access is possible. It is not possible if one uses some of the database library's provided via the php site for pdo, but if you are using one of the major 'players' such as Microsofts SQL, (MSSQL) or the Oracle database, then they provide there own librarys for using with PHP's PDO, which do allow full functionality and access to all database functions.

                                               

                                              What David is I think pointing out, is that if one uses SQL database specific statements then these are not transferable to other databases, and this is where good documentation of the code is essential.

                                               

                                              PZ

                                              • 20. Re: Warning: PHP plans to remove original mysql functions
                                                Ben Pleysier CommunityMVP

                                                Thank you Paula,

                                                 

                                                I have been researching the subjects (one of the latest submissions) and am satisfied with the use of MySQLi rather than PDO. I am basing my preference on the fact that I am confronted with only  one database, namely MySQL.

                                                 

                                                I really appreciate both your's and David's inputs.

                                                 

                                                Ben

                                                • 21. Re: Warning: PHP plans to remove original mysql functions
                                                  osgood_ CommunityMVP

                                                  Thanks for the link Ben......need to get my head around that from now on.

                                                   

                                                  Hummm ......just finished up a project using sql_ BUM! Never mind it'll have to do for now, hopefully I won't be around when it stops working

                                                   

                                                  Os

                                                  • 22. Re: Warning: PHP plans to remove original mysql functions
                                                    David_Powers CommunityMVP

                                                    Adobe has finally confirmed the death (or at least exile) of server behaviors:

                                                     

                                                    http://blogs.adobe.com/dreamweaver/2013/04/nextgendreamweaver.html

                                                     

                                                    They will be removed from the next version of DW, and will be available only as an extension.

                                                    • 23. Re: Warning: PHP plans to remove original mysql functions
                                                      Ben Pleysier CommunityMVP

                                                      We have removed the Bindings, Server Behaviors, Components, and Databases panel, as well as Spry,

                                                      Not to forget ADDT!

                                                       

                                                      I know that these are old technologies, but they could have been upgraded long ago.

                                                      As we move forward we will continue to focus Dreamweaver on modern web standards and technologies including HTML5, jQuery, and more.
                                                      This is a forward step for DW; has been mainstream for others.

                                                       

                                                      Where is the facility for working with frameworks such as Foudation 4 and Twitter Bootstrap?

                                                       

                                                      When will we see enhancements like SASS/Compass and LESS?

                                                       

                                                      When will we see compression and minimisation modules for HTML, JS and CSS.

                                                       

                                                      I get the impression that Adobe regard DW as a freebee in a design suite, not as a professional standalone tool for development.

                                                       

                                                      Note: The above has been excreted in anger by a grumpy old man. Hopefully it will not sway younger more ambitious developers away from what is basically a good (read: handy) product.

                                                      • 24. Re: Warning: PHP plans to remove original mysql functions
                                                        David_Powers CommunityMVP

                                                        Ben Pleysier wrote:

                                                        As we move forward we will continue to focus Dreamweaver on modern web standards and technologies including HTML5, jQuery, and more.
                                                        This is a forward step for DW; has been mainstream for others.

                                                         

                                                         

                                                        Where is the facility for working with frameworks such as Foudation 4 and Twitter Bootstrap?

                                                         

                                                        When will we see enhancements like SASS/Compass and LESS?

                                                         

                                                        When will we see compression and minimisation modules for HTML, JS and CSS.

                                                        HTML5 and jQuery have been supported in Dreamweaver since CS5.5. As for the other features, submit feature requests for them through the form at https://www.adobe.com/cfusion/mmform/index.cfm?name=wishform if you haven't already done so.

                                                        • 25. Re: Warning: PHP plans to remove original mysql functions
                                                          osgood_ CommunityMVP

                                                          David_Powers wrote:

                                                           

                                                          osgood_ wrote:

                                                           

                                                          1) How complex is it going to be to covert the code?

                                                          I've been helping someone in the server-side forum, and remember seeing logout code obviously generated by Dreamweaver that uses session_unregister(), which has already been removed from PHP 5.4. My advice would be to start planning to replace all server behavior code now.

                                                           

                                                          Hi David,

                                                           

                                                          I can't see 'session_unregister' used in associaton with the 'logout server behaviour' code that DW produces: (maybe an early version perhaps?)

                                                           

                                                          This is the DW logout code below, it's using - unset($_SESSION['username']);

                                                           

                                                          // ** Logout the current user. **

                                                          $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";

                                                          if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){

                                                            $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);

                                                          }

                                                           

                                                          if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){

                                                            //to fully log out a visitor we need to clear the session varialbles

                                                            $_SESSION['username'] = NULL;

                                                            $_SESSION['password'] = NULL;

                                                            unset($_SESSION['username']);

                                                            unset($_SESSION['password']);

                                                           

                                                            $logoutGoTo = "logout_successful.php";

                                                            if ($logoutGoTo) {

                                                              header("Location: $logoutGoTo");

                                                              exit;

                                                            }

                                                          }

                                                           

                                                           

                                                          Just been playing around with mysqli connection and replacing/adapting the USER AUTHENTICATION behaviours.

                                                           

                                                          Got rid of all the bloated 'login' stuff and replaced it with much more streamlined code (after connecting using mysqli)

                                                           

                                                          <?php

                                                           

                                                          $username = trim($_POST['username']);

                                                          $_SESSION['username'] = $username;

                                                          $password = trim($_POST['password']);

                                                          $_SESSION['password'] = $password;

                                                           

                                                          $sql = 'SELECT * FROM users';

                                                          $result = $conn->query($sql) or die(mysqli_error());

                                                          while ($row = $result->fetch_assoc()) {

                                                          if ($row['username'] == $username && $row['password'] == $password) {

                                                          header ('Location: password_secure_page.php');

                                                          }

                                                          }

                                                           

                                                          ?>

                                                           

                                                          I'll have a go at streamlining the 'log out' stuff later because that looks overly bloated and more complex than it needs to be to me.

                                                           

                                                          Now I've had a chance to assess this in more depth the DW server behaviours ARE as is being said by those with more knowledege wildly outdated BUT their significance as part of the DW toolbox is/was huge. Not replacing them is going to hurt Adobe badly.

                                                           

                                                          Os

                                                          • 26. Re: Warning: PHP plans to remove original mysql functions
                                                            David_Powers CommunityMVP

                                                            osgood_ wrote:

                                                             

                                                            I can't see 'session_unregister' used in associaton with the 'logout server behaviour' code that DW produces: (maybe an early version perhaps?)

                                                            Quite likely. I remember seeing it recently in code that somebody posted in the server-side forum. Even though the code had been updated by Dreamweaver, the person asking the question was probably using an old version of the program. That's one of the dangers of the server behaviors: putting too much trust in the program to take care of everything for you.

                                                            Got rid of all the bloated 'login' stuff and replaced it with much more streamlined code (after connecting using mysqli)

                                                             

                                                            <?php

                                                             

                                                            $username = trim($_POST['username']);

                                                            $_SESSION['username'] = $username;

                                                            $password = trim($_POST['password']);

                                                            $_SESSION['password'] = $password;

                                                             

                                                            $sql = 'SELECT * FROM users';

                                                            $result = $conn->query($sql) or die(mysqli_error());

                                                            while ($row = $result->fetch_assoc()) {

                                                            if ($row['username'] == $username && $row['password'] == $password) {

                                                            header ('Location: password_secure_page.php');

                                                            }

                                                            }

                                                             

                                                            ?>

                                                            That's certainly one way of doing it. However, you're running a security risk by creating the session variables before checking the user's credentials, and do you really want to store the password as a session variable. Another point is that you're mixing the procedural function mysqli_error() with an object-oriented connection. It won't work, because mysqli_error() requires the link as an argument. (It's not causing a problem because the SQL query is succeeding.)

                                                             

                                                            I would suggest changing your code like this:

                                                             

                                                            <?php

                                                            session_start();

                                                            $username = trim($_POST['username']);

                                                             

                                                            $sql = 'SELECT username, password FROM users';

                                                            $result = $conn->query($sql) or die($conn->error);

                                                            while ($row = $result->fetch_assoc()) {

                                                            if ($row['username'] ==$username && $row['password'] == trim($_POST['password'])) {

                                                                $_SESSION['username'] = $username;

                                                                header ('Location: password_secure_page.php');

                                                                exit;

                                                            }

                                                            }

                                                             

                                                            ?>

                                                            • 27. Re: Warning: PHP plans to remove original mysql functions
                                                              osgood_ CommunityMVP

                                                              David_Powers wrote:

                                                               

                                                              osgood_ wrote:

                                                               

                                                              I can't see 'session_unregister' used in associaton with the 'logout server behaviour' code that DW produces: (maybe an early version perhaps?)

                                                              Quite likely. I remember seeing it recently in code that somebody posted in the server-side forum. Even though the code had been updated by Dreamweaver, the person asking the question was probably using an old version of the program. That's one of the dangers of the server behaviors: putting too much trust in the program to take care of everything for you.

                                                               

                                                              Ok, that's probably why I'm not seeing 'session_unregister' then.

                                                               

                                                               

                                                              David_Powers wrote:

                                                               

                                                              That's certainly one way of doing it. However, you're running a security risk by creating the session variables before checking the user's credentials,

                                                               

                                                               

                                                              Oooopps am I. Can you elaborate a bit?

                                                               

                                                               

                                                              David_Powers wrote:

                                                               

                                                              and do you really want to store the password as a session variable.

                                                               

                                                              I was checking that both the username AND password had been set on the secure login page which required a the password to be stored as a session variable.

                                                               

                                                              I guess there's really no reason why I need to check to see if the password has been set because if the username isn't set the same results would occur, failed login.

                                                              • 28. Re: Warning: PHP plans to remove original mysql functions
                                                                osgood_ CommunityMVP

                                                                Thats all working good, as you say no need for the password to be stored in a session variable. Why did DW do this if its not necessary, any idea?

                                                                 

                                                                Also you say

                                                                 

                                                                `Another point is that you're mixing the procedural function mysqli_error() with an object-oriented connection. It won't work, because mysqli_error() requires the link as an argument. (It's not causing a problem because the SQL query is succeeding.)'

                                                                 

                                                                How am I doing that?

                                                                 

                                                                I'm using this to connect:

                                                                 

                                                                <?php $conn = new mysqli('localhost' , 'root' , 'root' , 'donations'); ?>

                                                                • 29. Re: Warning: PHP plans to remove original mysql functions
                                                                  David_Powers CommunityMVP

                                                                  osgood_ wrote:

                                                                   

                                                                  David_Powers wrote:

                                                                   

                                                                  That's certainly one way of doing it. However, you're running a security risk by creating the session variables before checking the user's credentials,

                                                                   

                                                                   

                                                                  Oooopps am I. Can you elaborate a bit?

                                                                   

                                                                  Your script immediately assigns the username and password to session variables before checking if there's a match in the database. So, even if the login fails, the user would be able to access password-protected pages. They wouldn't be automatically redirected, but they would definitely be able to access pages by going to them directly.

                                                                   

                                                                  Compare the revised script I suggested. The session variable is created only after a matching record is found.

                                                                  • 30. Re: Warning: PHP plans to remove original mysql functions
                                                                    David_Powers CommunityMVP

                                                                    osgood_ wrote:

                                                                     

                                                                    Thats all working good, as you say no need for the password to be stored in a session variable. Why did DW do this if its not necessary, any idea?

                                                                     

                                                                    It didn't. The Log In User server behavior creates two session variables:

                                                                     

                                                                    $_SESSION['MM_Username'] = $loginUsername;

                                                                    $_SESSION['MM_UserGroup'] = $loginStrGroup;

                                                                     

                                                                    The first stores the username. The second stores the user's access level, if required. By default, the server behavior doesn't use the access level.

                                                                    osgood_ wrote:

                                                                     

                                                                    Also you say

                                                                     

                                                                    `Another point is that you're mixing the procedural function mysqli_error() with an object-oriented connection. It won't work, because mysqli_error() requires the link as an argument. (It's not causing a problem because the SQL query is succeeding.)'

                                                                     

                                                                    How am I doing that?

                                                                    Your script has this:

                                                                     

                                                                    $result = $conn->query($sql) or die(mysqli_error());

                                                                     

                                                                    It should be this:

                                                                     

                                                                    $result = $conn->query($sql) or die($conn->error);

                                                                    • 31. Re: Warning: PHP plans to remove original mysql functions
                                                                      osgood_ CommunityMVP

                                                                      David_Powers wrote:

                                                                       

                                                                      osgood_ wrote:

                                                                       

                                                                      David_Powers wrote:

                                                                       

                                                                      That's certainly one way of doing it. However, you're running a security risk by creating the session variables before checking the user's credentials,

                                                                       

                                                                       

                                                                      Oooopps am I. Can you elaborate a bit?

                                                                       

                                                                      Your script immediately assigns the username and password to session variables before checking if there's a match in the database. So, even if the login fails, the user would be able to access password-protected pages. They wouldn't be automatically redirected, but they would definitely be able to access pages by going to them directly.

                                                                       

                                                                       

                                                                      Right, that's dumb, won't be doing that then.

                                                                       

                                                                      Cheers

                                                                       

                                                                      Os

                                                                      • 32. Re: Warning: PHP plans to remove original mysql functions
                                                                        osgood_ CommunityMVP

                                                                        David_Powers wrote:

                                                                         

                                                                        osgood_ wrote:

                                                                         

                                                                        Thats all working good, as you say no need for the password to be stored in a session variable. Why did DW do this if its not necessary, any idea?

                                                                         

                                                                        It didn't. The Log In User server behavior creates two session variables:

                                                                         

                                                                        $_SESSION['MM_Username'] = $loginUsername;

                                                                        $_SESSION['MM_UserGroup'] = $loginStrGroup;

                                                                         

                                                                        The first stores the username. The second stores the user's access level, if required. By default, the server behavior doesn't use the access level.

                                                                         

                                                                        Yes, just looked. Good so can forget the password session variable, completely unecessary.

                                                                         

                                                                         

                                                                        David_Powers wrote:

                                                                         

                                                                        Your script has this:

                                                                         

                                                                        $result = $conn->query($sql) or die(mysqli_error());

                                                                         

                                                                        It should be this:

                                                                         

                                                                        $result = $conn->query($sql) or die($conn->error);

                                                                         

                                                                        Didn't see that change.

                                                                         

                                                                        So you say:

                                                                        (It's not causing a problem because the SQL query is succeeding.

                                                                         

                                                                        What SQL query? I'm not seeing any SQL query in the code just mysqli???

                                                                         

                                                                        So are you say this is a SQL query?

                                                                         

                                                                        mysqli_error

                                                                         

                                                                         

                                                                        OK I think maybe the penny has just dropped. I've been using this:

                                                                         

                                                                        $sql_2 = 'SELECT name FROM donations';

                                                                        $result_2 = $conn->query($sql_2) or die(mysqli_error());

                                                                         

                                                                        When I should have been using this:

                                                                         

                                                                        $sql_2= 'SELECT name FROM donations';

                                                                        $result_2 = $conn->query($sql_2) or die($conn->error);

                                                                         

                                                                        Yah I think thats it and a couple of less () to concern myself with.

                                                                         

                                                                        If it was I was given a bum steer by a tut I was following.

                                                                        • 33. Re: Warning: PHP plans to remove original mysql functions
                                                                          David_Powers CommunityMVP

                                                                          osgood_ wrote:

                                                                           

                                                                          What SQL query? I'm not seeing any SQL query in the code just mysqli???

                                                                           

                                                                          So are you say this is a SQL query?

                                                                           

                                                                          mysqli_error

                                                                          SQL stands for Structured Query Language, which is used by all relational databases to insert, update, delete, and select data stored in the database.

                                                                           

                                                                          "SELECT username, password FROM users" is a SQL query (or statement).

                                                                           

                                                                          MySQL is the name of a relational database system. MySQLi (MySQL Improved) is the name of a PHP API for communicating with the MySQL database.

                                                                           

                                                                          The mysqli_error() function is part of the procedural (as opposed to object-oriented) interface of the MySQLi API. It requires as its argument a reference to the link created by mysqli_connect(). You're using the object-oriented interface:

                                                                           

                                                                          $conn = new mysqli('localhost' , 'root' , 'root' , 'donations');

                                                                           

                                                                          Therefore, you need to use the object-oriented property to display the error:

                                                                           

                                                                          $conn->error

                                                                          • 34. Re: Warning: PHP plans to remove original mysql functions
                                                                            osgood_ CommunityMVP

                                                                            David_Powers wrote:

                                                                             

                                                                            osgood_ wrote:

                                                                             

                                                                            What SQL query? I'm not seeing any SQL query in the code just mysqli???

                                                                             

                                                                            So are you say this is a SQL query?

                                                                             

                                                                            mysqli_error

                                                                            SQL stands for Structured Query Language, which is used by all relational databases to insert, update, delete, and select data stored in the database.

                                                                             

                                                                            "SELECT username, password FROM users" is a SQL query (or statement).

                                                                             

                                                                            MySQL is the name of a relational database system. MySQLi (MySQL Improved) is the name of a PHP API for communicating with the MySQL database.

                                                                             

                                                                            The mysqli_error() function is part of the procedural (as opposed to object-oriented) interface of the MySQLi API. It requires as its argument a reference to the link created by mysqli_connect(). You're using the object-oriented interface:

                                                                             

                                                                            $conn = new mysqli('localhost' , 'root' , 'root' , 'donations');

                                                                             

                                                                            Therefore, you need to use the object-oriented property to display the error:

                                                                             

                                                                            $conn->error

                                                                            Thanks David for the clarification.

                                                                             

                                                                            Blimey theres a lot to take in isn't there lol.

                                                                             

                                                                            I think I've got the right combo now. Grrrrr was thrown a curve ball from an online source  I was following which was using this - die(mysqli_error()); instead of die($conn->error); as part of the query.

                                                                             

                                                                            Suits me down to the ground as I was having trouble remembering die(mysqli_error()); but as $conn (or whatever the variable is for the connection) is part of the query it makes it easier.

                                                                             

                                                                            Os

                                                                            • 35. Re: Warning: PHP plans to remove original mysql functions
                                                                              Energize Community Member

                                                                              Adobe have obviously had a roadmap for Dreamweaver from the outset to become a design and layout tool - They've gradually been downscaling and not updating support for developers.... ADDT went first, when it should have been developed further, now the servers behaviors are on their way out, Adobe say because they're outdated, YES that's true because you Adobe made the decision to let them become outdated.

                                                                               

                                                                              Where's the development in dreamweaver for MySQLi or PDO? How many hours have Adobe put into that if they're serious about keeping it as a developmt tool?? ..... Third parties have already worked on PDO extensions/support for Dreamweaver but Adobe with all it's resouces and might have done what so far?? Can only be one reason for this - Adobe want Dreamweaver to be design/layout tool and care not about it as a developer tool.

                                                                               

                                                                              Macromedia Dreamweaver/Ultradev used to be a about a community all pulling together to help make the best web design & development tool out there, now it's just about what Adobe want to do!!

                                                                               

                                                                              It would just be nice if corporate Adobe were transparent and honest becasue for small developers it's hell,  you clearly don't give a sh*t about the small guys.

                                                                               

                                                                              Hope one day to see a new Macromedia rise, a dedicated web deisgn/develpoment software company, not a jack of all trades and master of none that Adobe have become!!

                                                                               

                                                                              P.S. Fireworks rocks - the best web graphics tool ever my a million miles !!

                                                                              • 36. Re: Warning: PHP plans to remove original mysql functions
                                                                                osgood_ CommunityMVP

                                                                                Energize wrote:

                                                                                 

                                                                                 

                                                                                P.S. Fireworks rocks - the best web graphics tool ever my a million miles !!

                                                                                 

                                                                                I agree BUT you do know that Adobe have already taken the decision to phase Fireworks out as well don't you?

                                                                                • 37. Re: Warning: PHP plans to remove original mysql functions
                                                                                  Energize Community Member

                                                                                  osgood_ wrote:

                                                                                   

                                                                                  I agree BUT you do know that Adobe have already taken the decision to phase Fireworks out as well don't you?

                                                                                   

                                                                                  I know ... it's a terrible shame, I still have Fireworks 8 on my laptop, it's great for doing basic common web graphics jobs. It's light, fast, easy to use ... as soon as Adobe got hold of it became like all adobe software, bloated and slow, other than tighter compatability with Photoshop which was handy I saw little development of Fireworks under Adobe ...

                                                                                  • 38. Re: Warning: PHP plans to remove original mysql functions
                                                                                    osgood_ CommunityMVP

                                                                                    Energize wrote:

                                                                                     

                                                                                    osgood_ wrote:

                                                                                     

                                                                                    I agree BUT you do know that Adobe have already taken the decision to phase Fireworks out as well don't you?

                                                                                     

                                                                                    I know ... it's a terrible shame, I still have Fireworks 8 on my laptop, it's great for doing basic common web graphics jobs. It's light, fast, easy to use ... as soon as Adobe got hold of it became like all adobe software, bloated and slow, other than tighter compatability with Photoshop which was handy I saw little development of Fireworks under Adobe ...

                                                                                     

                                                                                    I have Fireworks CS6 and will keep it going for as long as is possible. Eventually I will have to find an alternative when the OS doesn't supprt it any longer (unless I retire first). It is a great shame because as you say Fireworks is a purpose built software program for web graphics, quick and intuitive to use. Illustrator and Photoshop are cluncky and bloated, combining both DTP and Web...it can't be good. It's like introducing DTP facilities into Dreamweaver, madness. BUT Adobe have obviously done their homework and they say not enough people are using Fireworks to make it financially viable for them to continue developing it any longer.

                                                                                    • 39. Re: Warning: PHP plans to remove original mysql functions
                                                                                      HAROONMIND Community Member
                                                                                      • So When DW is Plan to Update their Version or is Abode provide any specific update for DW ?
                                                                                      1 2 Previous Next