We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

Evo & PHP5.4

    • 4310
    • 2,310 Posts
    bunk58 Reply #11, 11 years, 3 months ago
    Just noticed in my error log :
    PHP Deprecated: mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead. in /Users/david/Sites/modx-1.0.8/assets/plugins/managermanager/functions/utilities.inc.php on line 145
    So another PHP 5.4 patch :
    // Create a MySQL-safe list from an array
function makeSqlList($arr) {
	$arr = makeArray($arr);
	foreach($arr as $k=>$tv) {
        //if (substr($tv, 0, 2) == 'tv') {$tv=substr($tv,2);}
		$arr[$k] = "'".mysql_real_escape_string($tv)."'"; // Escape them for MySQL
	}
	$sql = " (".implode(',',$arr).") ";
	return $sql;
}
      • 13226
      • 953 Posts
      iusemodx Reply #12, 11 years, 3 months ago
      @bunk58

      Thanks for posting this information.

      I haven't experienced this error, but have updated to be on the safe side.

      I just searched all of the files in 12 sites for "mysql_escape_string" and only found one more, in:

      Module: Easy 2 Gallery
      File: comments.easy2gallery.php
      Line: 255

      $res = mysql_query('SELECT * FROM ' . $table_prefix . "site_htmlsnippets WHERE name='" . mysql_escape_string($name) . "'");
        Download the latest Evo release
        Report an issue about Evo
        Read the Evo documentation
      • sottwell Reply #13, 11 years, 3 months ago
        That's why it's a good practice to use the API. Evo's db API has for years used mysql_real_escape_string() if it's available.
        $modx->db->escape($name)


        Not to mention that the API has a select function, as well as the getFullTableName() function.

          Studying MODX in the desert - http://sottwell.com
          Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
          Join the Slack Community - http://modx.org
          • 16278
          • 928 Posts
          kp52 Reply #14, 11 years, 3 months ago
          Quote from: sottwell at Jan 28, 2013, 06:13 AM
          That's why it's a good practice to use the API. Evo's db API has for years used mysql_real_escape_string() if it's available.
          $modx->db->escape($name)


          Remembering, of course, to add 
          global $modx;
          if it's in a function, like this one (at beginning of the function definition).

          ;-) KP
            • 40024
            • 72 Posts
            dinpapa Reply #15, 11 years, 2 months ago
            Hi! I have found another bug, but not a solution yet. From time to time (i think when i edit a tv) i see an onBeforeDocFormSave error coming from ManagerManager plugin that says:
            "Warning: Illegal string offset 'template' in /homepages/0/d452752927/htdocs/assets/plugins/managermanager/mm.inc.php on line 78"

            That happens only when i have a site hosted on a server that runs php 5.4.

            I am using modx evo 1.0.7. [ed. note: dinpapa last edited this post 11 years, 2 months ago.]
            • Ryan Thrash Reply #16, 11 years, 2 months ago
              Just wanted to drop a line in with something I hope you find encouraging: http://tracker.modx.com/versions/267

              The simplified version of the process will be to take Pull Requests against specific tickets be they bug fixes, refactors or feature requests. Agel_Nash and Dmi3y have volunteered to lead the efforts on that. They deserve our gratitude—so thank you!

              Assigning issues to 1.0.9 will commence this week. Dmi3y has already started issuing PRs, too. smiley The goal for 1.0.9 is specifically to address compatibility with and the pending changes by some large web hosts to run PHP 5.4-only. [ed. note: rethrash last edited this post 11 years, 2 months ago.]
                Ryan Thrash, MODX Co-Founder
                Follow me on Twitter at @rthrash or catch my occasional unofficial thoughts at thrash.me
                • 40024
                • 72 Posts
                dinpapa Reply #17, 11 years, 2 months ago
                Thanx Ryan for the info. Yes, it is very good to know that a new and improved version of modx evolution, which will be compatible with php 5.4, is in the projects.
                For now, i have solved my problems by switching to a lower php version(thank goodness my server allowed me to do so tongue ).
                • Ryan Thrash Reply #18, 11 years, 1 month ago
                  And it's here: http://forums.modx.com/thread/83263/modx-evolution-1-0-9-is-now-available#dis-post-459337
                    Ryan Thrash, MODX Co-Founder
                    Follow me on Twitter at @rthrash or catch my occasional unofficial thoughts at thrash.me