diff --git a/gulliver/js/maborak/core/server/services/service.comments.php b/gulliver/js/maborak/core/server/services/service.comments.php index 75cf2aa34..969c2ef6f 100755 --- a/gulliver/js/maborak/core/server/services/service.comments.php +++ b/gulliver/js/maborak/core/server/services/service.comments.php @@ -20,11 +20,13 @@ class Service_Comments } return $r; } - public function post() - { - $q="INSERT INTO comments (`UID`, `NOMBRE`, `COMENTARIO`) VALUES (NULL, '".mysql_escape_string($this->options->data->name)."', '".mysql_escape_string($this->options->data->comment)."')"; - $w = mysql_query($q,$this->db) or die(mysql_error()); - } + public function post() + { + // The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0. + // $q="INSERT INTO comments (`UID`, `NOMBRE`, `COMENTARIO`) VALUES (NULL, '".mysql_escape_string($this->options->data->name)."', '".mysql_escape_string($this->options->data->comment)."')"; + $q = "INSERT INTO comments (`UID`, `NOMBRE`, `COMENTARIO`) VALUES (NULL, '" . mysql_real_escape_string($this->options->data->name) . "', '". mysql_real_escape_string($this->options->data->comment). "')"; + $w = mysql_query($q,$this->db) or die(mysql_error()); + } function __call($n,$a) { return isset($this->n)?$this->$n($a):"Invalid action"; diff --git a/gulliver/system/class.dbMaintenance.php b/gulliver/system/class.dbMaintenance.php index c8d28d648..86222bf6c 100755 --- a/gulliver/system/class.dbMaintenance.php +++ b/gulliver/system/class.dbMaintenance.php @@ -257,7 +257,9 @@ class DataBaseMaintenance } $sql = "SELECT * INTO OUTFILE '{$this->outfile}' FIELDS TERMINATED BY '\t|\t' OPTIONALLY ENCLOSED BY '\"' LINES TERMINATED BY '\t\t\r\r\n' FROM $table"; - mysql_escape_string("';"); + // The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0. + // Commented that is not assigned to a variable. + // mysql_escape_string("';"); if( ! @mysql_query($sql) ) { echo mysql_error() . "\n"; return false; diff --git a/gulliver/system/class.g.php b/gulliver/system/class.g.php index 87999c1f0..f1d92e988 100755 --- a/gulliver/system/class.g.php +++ b/gulliver/system/class.g.php @@ -264,7 +264,9 @@ class G * @return string $errorBox or $buffer */ /*public static*/ function fatalErrorHandler($buffer) { - if (ereg("(error:)(.+)(:)(.+)(:)(.+)(/","",$regs[2]); G::customErrorLog('FATAL', $err, '', 0, ''); $ip_addr = G::getIpAddress(); diff --git a/rbac/engine/pre_processor.php b/rbac/engine/pre_processor.php index a5d1f8626..643ba4422 100755 --- a/rbac/engine/pre_processor.php +++ b/rbac/engine/pre_processor.php @@ -163,7 +163,8 @@ else{ //cuando no esta definido //***************** Session Initializations **************************/ ini_alter( 'session.auto_start', '1' ); - ini_alter( 'register_globals', 'Off' ); + // This feature has been DEPRECATED as of PHP 5.3.0. default value Off + // ini_alter( 'register_globals', 'Off' ); session_start(); ob_start(); diff --git a/workflow/engine/classes/class.Installer.php b/workflow/engine/classes/class.Installer.php index a95acb02f..34915109e 100755 --- a/workflow/engine/classes/class.Installer.php +++ b/workflow/engine/classes/class.Installer.php @@ -274,12 +274,21 @@ class Installer public function set_admin() { mysql_select_db($this->wf_site_name,$this->connection_database); - $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', - "Add 'admin' user in ProcessMaker (wf)"); - + // The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0. + // $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', + // "Add 'admin' user in ProcessMaker (wf)"); + $this->run_query('UPDATE USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . + ' `USR_PASSWORD` = \'' . md5($this->options['admin']['password']) . '\' ' . + ' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', + "Add 'admin' user in ProcessMaker (wf)"); mysql_select_db($this->rbac_site_name,$this->connection_database); - $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', - "Add 'admin' user in ProcessMaker (rb)"); + // The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0. + // $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', + // "Add 'admin' user in ProcessMaker (rb)"); + $this->run_query('UPDATE USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . + ' `USR_PASSWORD` = \'' . md5($this->options['admin']['password']) . '\' ' . + ' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', + "Add 'admin' user in ProcessMaker (rb)"); } /** diff --git a/workflow/engine/classes/class.xpdl.php b/workflow/engine/classes/class.xpdl.php index 0fb849e12..accd612d0 100755 --- a/workflow/engine/classes/class.xpdl.php +++ b/workflow/engine/classes/class.xpdl.php @@ -2596,7 +2596,9 @@ class Xpdl extends processes function calculateTimeScheduler($time) { $result = array(); - $result = split(' ',$time); + // The split function has been DEPRECATED as of PHP 5.3.0. + // $result = split(' ',$time); + $result = explode(' ', $time); //print_r($result); return $result; } @@ -3919,8 +3921,11 @@ class Xpdl extends processes $file = new DOMDocument(); foreach($array as $key => $value){ $link = $value->W_LINK; - $link = split('>',$link); - $link = split('<',$link[2]); + // This split function has been DEPRECATED as of PHP 5.3.0. + // $link = split('>',$link); + // $link = split('<',$link[2]); + $link = explode('>',$link); + $link = explode('<',$link[2]); $link = $link['0']; $uid = $value->W_PRO_UID; $name = $value->W_FILENAME; diff --git a/workflow/engine/config/paths.php b/workflow/engine/config/paths.php index 675f00d22..9e58954aa 100755 --- a/workflow/engine/config/paths.php +++ b/workflow/engine/config/paths.php @@ -57,7 +57,8 @@ ini_set('short_open_tag', 'on'); ini_set('asp_tags', 'on'); - ini_set('register_globals', 'off'); + // The register_globals feature has been DEPRECATED as of PHP 5.3.0. default value Off. + // ini_set('register_globals', 'off'); ini_set('default_charset', "UTF-8"); $e_all = defined('E_DEPRECATED') ? E_ALL ^ E_DEPRECATED : E_ALL; ini_set('error_reporting', ($config['debug'] ? $e_all : $e_all ^ E_NOTICE) ); diff --git a/workflow/engine/methods/appFolder/appFolderAjax.php b/workflow/engine/methods/appFolder/appFolderAjax.php index 5a3df608c..744447d0f 100755 --- a/workflow/engine/methods/appFolder/appFolderAjax.php +++ b/workflow/engine/methods/appFolder/appFolderAjax.php @@ -1320,15 +1320,31 @@ function get_max_upload_limit() { } function calc_php_setting_bytes( $value ) { - if(@eregi("G$",$value)) { - $value = substr($value,0,-1); - $value = round($value*1073741824); - } elseif(@eregi("M$",$value)) { - $value = substr($value,0,-1); - $value = round($value*1048576); - } elseif(@eregi("K$",$value)) { - $value = substr($value,0,-1); - $value = round($value*1024); +// if(@eregi("G$",$value)) { +// $value = substr($value,0,-1); +// $value = round($value*1073741824); +// } elseif(@eregi("M$",$value)) { +// $value = substr($value,0,-1); +// $value = round($value*1048576); +// } elseif(@eregi("K$",$value)) { +// $value = substr($value,0,-1); +// $value = round($value*1024); +// } + if ( @preg_match("/G$/i", $value) ) { + $value = substr($value, 0, -1); + $value = round($value * 1073741824); + } + else { + if ( @preg_match("/M$/i", $value) ) { + $value = substr($value, 0, -1); + $value = round($value * 1048576); + } + else { + if ( @preg_match("/K$/i", $value) ) { + $value = substr($value, 0, -1); + $value = round($value * 1024); + } + } } return $value; diff --git a/workflow/engine/methods/outputdocs/downloadFile.php b/workflow/engine/methods/outputdocs/downloadFile.php index d2d493c2f..f2424ff23 100755 --- a/workflow/engine/methods/outputdocs/downloadFile.php +++ b/workflow/engine/methods/outputdocs/downloadFile.php @@ -11,5 +11,7 @@ $fileJrxml = PATH_DYNAFORM . $aFields['PRO_UID'] . PATH_SEP . $aFields['OUT_DOC_UID'] . '.' . $extension ; $bDownload = true; - $downFileName = ereg_replace('[^A-Za-z0-9_]', '_', $aFields['OUT_DOC_TITLE'] ) . '.' . $extension; + // The ereg_replace function has been DEPRECATED as of PHP 5.3.0. + // $downFileName = ereg_replace('[^A-Za-z0-9_]', '_', $aFields['OUT_DOC_TITLE'] ) . '.' . $extension; + $downFileName = preg_replace('/[^A-Za-z0-9_]/i', '_', $aFields['OUT_DOC_TITLE'] ) . '.' . $extension; G::streamFile ( $fileJrxml, $bDownload, $downFileName ); diff --git a/workflow/engine/methods/outputdocs/outputdocs_Edit.php b/workflow/engine/methods/outputdocs/outputdocs_Edit.php index 118e4d69c..d293fd8f4 100755 --- a/workflow/engine/methods/outputdocs/outputdocs_Edit.php +++ b/workflow/engine/methods/outputdocs/outputdocs_Edit.php @@ -83,7 +83,9 @@ try { if ( $type == 'JRXML') $extension = 'jrxml'; if ( $type == 'ACROFORM') $extension = 'pdf'; - $downFileName = ereg_replace('[^A-Za-z0-9_]', '_', $aFields['OUT_DOC_TITLE'] ) . '.' . $extension; + // The ereg_replace function has been DEPRECATED as of PHP 5.3.0. + // $downFileName = ereg_replace('[^A-Za-z0-9_]', '_', $aFields['OUT_DOC_TITLE'] ) . '.' . $extension; + $downFileName = preg_replace('/[^A-Za-z0-9_]/i', '_', $aFields['OUT_DOC_TITLE'] ) . '.' . $extension; $filename = PATH_DYNAFORM . $aFields['PRO_UID'] . PATH_SEP . $aFields['OUT_DOC_UID'] . '.' . $extension ; if ( file_exists ( $filename) ) $aFields['FILENAME'] = $downFileName; diff --git a/workflow/engine/methods/setup/replacementLogo.php b/workflow/engine/methods/setup/replacementLogo.php index 42907db22..ea9cc5774 100755 --- a/workflow/engine/methods/setup/replacementLogo.php +++ b/workflow/engine/methods/setup/replacementLogo.php @@ -37,23 +37,35 @@ try {//ini_set('display_errors','1'); die; break; } - function changeNamelogo($snameLogo){ - $snameLogo = ereg_replace("[áàâãª]","a",$snameLogo); - $snameLogo = ereg_replace("[ÁÀÂÃ]","A",$snameLogo); - $snameLogo = ereg_replace("[ÍÌÎ]","I",$snameLogo); - $snameLogo = ereg_replace("[íìî]","i",$snameLogo); - $snameLogo = ereg_replace("[éèê]","e",$snameLogo); - $snameLogo = ereg_replace("[ÉÈÊ]","E",$snameLogo); - $snameLogo = ereg_replace("[óòôõº]","o",$snameLogo); - $snameLogo = ereg_replace("[ÓÒÔÕ]","O",$snameLogo); - $snameLogo = ereg_replace("[úùû]","u",$snameLogo); - $snameLogo = ereg_replace("[ÚÙÛ]","U",$snameLogo); - $snameLogo = str_replace("ç","c",$snameLogo); - $snameLogo = str_replace("Ç","C",$snameLogo); - $snameLogo = str_replace("[ñ]","n",$snameLogo); - $snameLogo = str_replace("[Ñ]","N",$snameLogo); + function changeNamelogo($snameLogo) + { + // The ereg_replace function has been DEPRECATED as of PHP 5.3.0. + // $snameLogo = ereg_replace("[áàâãª]","a",$snameLogo); + // $snameLogo = ereg_replace("[ÁÀÂÃ]","A",$snameLogo); + // $snameLogo = ereg_replace("[ÍÌÎ]","I",$snameLogo); + // $snameLogo = ereg_replace("[íìî]","i",$snameLogo); + // $snameLogo = ereg_replace("[éèê]","e",$snameLogo); + // $snameLogo = ereg_replace("[ÉÈÊ]","E",$snameLogo); + // $snameLogo = ereg_replace("[óòôõº]","o",$snameLogo); + // $snameLogo = ereg_replace("[ÓÒÔÕ]","O",$snameLogo); + // $snameLogo = ereg_replace("[úùû]","u",$snameLogo); + // $snameLogo = ereg_replace("[ÚÙÛ]","U",$snameLogo); + $snameLogo = preg_replace("/[áàâãª]/", "a", $snameLogo); + $snameLogo = preg_replace("/[ÁÀÂÃ]/", "A", $snameLogo); + $snameLogo = preg_replace("/[ÍÌÎ]/", "I", $snameLogo); + $snameLogo = preg_replace("/[íìî]/", "i", $snameLogo); + $snameLogo = preg_replace("/[éèê]/", "e", $snameLogo); + $snameLogo = preg_replace("/[ÉÈÊ]/", "E", $snameLogo); + $snameLogo = preg_replace("/[óòôõº]/", "o", $snameLogo); + $snameLogo = preg_replace("/[ÓÒÔÕ]/", "O", $snameLogo); + $snameLogo = preg_replace("/[úùû]/", "u", $snameLogo); + $snameLogo = preg_replace("/[ÚÙÛ]/", "U", $snameLogo); + $snameLogo = str_replace("ç","c",$snameLogo); + $snameLogo = str_replace("Ç","C",$snameLogo); + $snameLogo = str_replace("[ñ]","n",$snameLogo); + $snameLogo = str_replace("[Ñ]","N",$snameLogo); return ($snameLogo); - } + } $sfunction =$_GET['function']; switch($sfunction){ diff --git a/workflow/engine/methods/users/myInfo_Save.php b/workflow/engine/methods/users/myInfo_Save.php index 0d6144544..3549793a9 100755 --- a/workflow/engine/methods/users/myInfo_Save.php +++ b/workflow/engine/methods/users/myInfo_Save.php @@ -41,9 +41,11 @@ try {ini_set('display_errors','1'); $_POST['form']['USR_RESUME'] = $_FILES['form']['name']['USR_RESUME']; } if ($_POST['form']['USR_EMAIL'] != '') { - if (!ereg("^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*$", $_POST['form']['USR_EMAIL'])) { - G::SendTemporalMessage ('ID_INCORRECT_EMAIL', 'error'); - } + // The ereg function has been DEPRECATED as of PHP 5.3.0. + // if (!ereg("^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*$", $_POST['form']['USR_EMAIL'])) { + if ( !preg_match("/^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*$/", $_POST['form']['USR_EMAIL'])) { + G::SendTemporalMessage ('ID_INCORRECT_EMAIL', 'error'); + } } if (!isset($_POST['form']['USR_NEW_PASS'])) { $_POST['form']['USR_NEW_PASS'] = ''; diff --git a/workflow/engine/methods/users/users_ViewResume.php b/workflow/engine/methods/users/users_ViewResume.php index 899db0ea2..3290450fa 100755 --- a/workflow/engine/methods/users/users_ViewResume.php +++ b/workflow/engine/methods/users/users_ViewResume.php @@ -69,7 +69,9 @@ function DumpHeaders($filename) $isIE6 = 1; } - $aux = ereg_replace('[^-a-zA-Z0-9\.]', '_', $filename); + // The ereg_replace function has been DEPRECATED as of PHP 5.3.0. + // $aux = ereg_replace('[^-a-zA-Z0-9\.]', '_', $filename); + $aux = preg_replace('/[^-a-zA-Z0-9\.]/', '_', $filename); $aux = explode ('_', $aux); $downloadName = $aux[ count($aux)-1 ]; // $downloadName = $filename; diff --git a/workflow/engine/test/unit/gulliver/classGTest.php b/workflow/engine/test/unit/gulliver/classGTest.php index a4686524d..552722f7e 100755 --- a/workflow/engine/test/unit/gulliver/classGTest.php +++ b/workflow/engine/test/unit/gulliver/classGTest.php @@ -84,7 +84,9 @@ $t->isnt( PATH_GULLIVER, 'PATH_GULLIVER', 'Constant PATH_GULLIVER'); $phatSitio = "/home/arturo/processmaker/trunk/workflow/engine/class.x.php/"; $phatBuscar = "/processmaker/trunk/workflow/engine/class.x.php/"; - $t->is(( ereg( $phatBuscar , $phatSitio ) ), 1 , 'expandPath()'); + // The ereg function has been DEPRECATED as of PHP 5.3.0. + // $t->is(( ereg( $phatBuscar , $phatSitio ) ), 1 , 'expandPath()'); + $t->is(( preg_match( '/' . $phatBuscar . '/', $phatSitio ) ), 1 , 'expandPath()'); $t->is( G::LoadSystem("error"), NULL, 'LoadSystem()'); $t->can_ok( $obj, 'RenderPage', 'RenderPage()'); $t->can_ok( $obj, 'LoadSkin', 'LoadSkin()'); diff --git a/workflow/public_html/sysGeneric.php b/workflow/public_html/sysGeneric.php index e5a5a4eeb..3326ed2f2 100755 --- a/workflow/public_html/sysGeneric.php +++ b/workflow/public_html/sysGeneric.php @@ -18,8 +18,9 @@ $vVar = stripslashes($vVar); } } - - if (ini_get('magic_quotes_gpc') == '1') { + // The magic_quotes_gpc feature has been DEPRECATED as of PHP 5.3.0. + // if (ini_get('magic_quotes_gpc') == '1') { + if (get_magic_quotes_gpc() === 1) { strip_slashes($_POST); } @@ -391,7 +392,8 @@ //***************** Session Initializations **************************/ ini_set( 'session.auto_start', '1' ); - ini_set( 'register_globals', 'Off' ); + // The register_globals feature has been DEPRECATED as of PHP 5.3.0. default value Off. + // ini_set( 'register_globals', 'Off' ); session_start(); ob_start();