Deprecated escape function message

Hi,

I'm new to Modx and just recently started experiencing issues after receiving the following message:

Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead.

I see this message in the "Manage Files" window, along with a message saying Invalid path "/var/www/vhosts/website.com/httpdocs/". The file tree is also unavailable in this Manage Files tab.

I'm currently running Modx Evolution 1.0.3 with Database Version 5.5.16 and PHP Version 5.4.3

Do I need to upgrade to the latest version of Evolution?

Any info or suggestions on how to fix this issue would be greatly appreciated.

Thanks in advance!

Upgrading would be the best solution.

MODX 1.0.6 will still have a problem with PHP 5.4.3, because it still has mysql_escape_string() in a couple of places. I experimented briefly with PHP 5.4 a few weeks ago, and found I had to comment out line 123 in manager/includes/extenders/dbapi.mysql.class.inc.php even to log in, as far as I recall (didn't keep notes, tsk tsk).


PHP has had mysql_real_escape_string() since v 4.3.0, so it's probably time the whole function was rewritten to expect it to be available:


(The other place I found the old escape function as live code was line 145 of assets/plugins/managermanager/functions/utilities.inc.php)

;) KP

Thank you both for taking the time to reply to my thread.

@KP I tried both of your suggestions, as well as updating the escape function in the utilities.inc.php file but no luck with any of them.

Today I'm unable to login and still seeing the message about the deprecated escape function, but am also seeing a message saying:

Warning: Cannot modify header information - headers already sent by (output started at /dbapi.mysql.class.inc.php:123) in /manager/processors/login.processor.php on line 264

I took a look at this line of code which is:


But I'm not quite sure if/how the deprecated escape function and the remember me cookie are effecting one another (I'm not efficient with PHP...yet).

I'm a little worried that having changed the escape function code didn't produce a change, is it possible that the database (or some other file) could be corrupted?

I don't know if this is related but I've tried uploading a CSS file and an image into the assets folder and have been unable to view them in a browser (yet I'm able to view CSS files and images that were uploaded previous to this deprecated function issue). The browser returns a "Not Found" page. Could this issue also be related to the deprecated function? Or perhaps a cache or server issue?

Sorry for the long post, it just seems like things are snowballing

Have you "inherited" an existing site, or is this a new site?

The site already existed, I took on the project for a friend in an effort to become familiar with Modx. I guess I'm going to become VERY familiar with Modx with this project

I had the same problem with MODx 1.0.6 and PHP 5.4.4. My solution was to change the PHP function escape() located in /manager/includes/extenders/dbapi.mysql.class.inc.php to this:



A pitty this wasn't fixed in the recent 1.0.7 Update.

Did you file it in the tracker (http://tracker.modx.com/projects/evo/issues?set_filter=1) and/or a pull request on github (https://github.com/modxcms/evolution) by any chance? That's the best way to get things included.

Quote from: Bogdanio at Nov 30, 2012, 03:17 PM

I had the same problem with MODx 1.0.6 and PHP 5.4.4. My solution was to change the PHP function escape() located in /manager/includes/extenders/dbapi.mysql.class.inc.php to this:

function escape($s) {
      if ($this->conn) {
         $s = mysql_real_escape_string($s, $this->conn);
      } else {
         $s = mysql_real_escape_string($s);
      }
      return $s;
   }

A pitty this wasn't fixed in the recent 1.0.7 Update.

No actually I didn't, thanks for the hint. Is there any further development taking actually for Evolution? When I take a look at the change logs of 1.0.6 and 1.0.7 it doesn't look like.

Bogdan

Quote from: Bogdanio at Dec 03, 2012, 08:02 AM

No actually I didn't, thanks for the hint. Is there any further development taking actually for Evolution? When I take a look at the change logs of 1.0.6 and 1.0.7 it doesn't look like.

Bogdan

I think all ongoing development is focused on MODX Cloud/Revolution, any updates to Evolution are going to be security only in nature (as 1.0.7 was). Granted a few community members have forked Evolution to ClipperCMS (http://www.clippercms.com/) which will continue the legacy (granted it's fairly quiet too).

It'll be interesting to see what happens to say the least.