Upgrade from PHP 4 to PHP 5

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
jhoffm34
Forum Newbie
Posts: 5
Joined: Wed Dec 01, 2010 1:37 pm

Upgrade from PHP 4 to PHP 5

Post by jhoffm34 »

So I've been trying to update my website from PHP 4 to PHP 5. However, everytime I do when I access a database system one of our web developers install, it just comes up with a page that shows the code.

Does anyone know why this would happen?
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: Upgrade from PHP 4 to PHP 5

Post by Jonah Bron »

Sorry, I don't feel like deducing the IP of your machine, hacking into the system, reading your code, and answering your question right now. Maybe you could just post it?
jhoffm34
Forum Newbie
Posts: 5
Joined: Wed Dec 01, 2010 1:37 pm

Re: Upgrade from PHP 4 to PHP 5

Post by jhoffm34 »

sorry about that the url is http://www.digitalfilmacademy.com/dfadata/login.html
It seems to work now, but it is demanding that this username and password do not work, even though they work just fine with PHP 4 installed.
Last edited by jhoffm34 on Wed Dec 01, 2010 10:21 pm, edited 1 time in total.
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: Upgrade from PHP 4 to PHP 5

Post by Jonah Bron »

:)

Glad it's working. If it's not accepting your username/password, you probably need to do some debugging to figure out why.
jhoffm34
Forum Newbie
Posts: 5
Joined: Wed Dec 01, 2010 1:37 pm

Re: Upgrade from PHP 4 to PHP 5

Post by jhoffm34 »

As you can probably tell, I am very new to this, its really something my boss is demanding of me after our web developer left.

I know of course what debugging means but not necessarily how to go about it for this piece of code

Suggestions?
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: Upgrade from PHP 4 to PHP 5

Post by Jonah Bron »

<assert condition="username_system.type == database">

Well, first look at your query code. Is the query looking for a valid user returning nothing? Or is it failing somewhere else? If you can't figure it out, you can post here the code where you think the problem is.

</assert>
jhoffm34
Forum Newbie
Posts: 5
Joined: Wed Dec 01, 2010 1:37 pm

Re: Upgrade from PHP 4 to PHP 5

Post by jhoffm34 »

So the problem seems to originate here:

Code: Select all


$result = mysql_query("SELECT * FROM `$database2` . `$table2` WHERE `userName` = '$userName'");

while($row = mysql_fetch_array($result))
  {
  $isadmin =  $row['userType'];
  $Fullname =  $row['Firstname'] ." " . $row['Lastname'];
  $user_id = $row['userID'];

if($isadmin == "Administrator" && $userName == "victor" || $userName == "Victor" || $userPassword == "victor" ){

LogAsAdmin();
setcookie ("admin", $isadmin); //time()+(3600 * 24)
setcookie ("user", $userName); //time()+(3600 * 24)
setcookie ("fullname", $Fullname); //time()+(3600 * 24)
setcookie ("loggedin", "TRUE"); //time()+(3600 * 2) // Expires in 2 
echo "Redirecting to Inventory Admin page or click <a href='dfadata/inventory.php'>here</a> to do it now. <P>";
echo "<meta HTTP-EQUIV=\"REFRESH\" content=\"2; url=dfadata/inventory.php\">";
echo "<br><img src=rent/images/redirecting.gif>";

} elseif($isadmin == "Administrator"){

LogAsAdmin();
setcookie ("admin", $isadmin); //time()+(3600 * 24)
setcookie ("user", $userName); //time()+(3600 * 24)
setcookie ("fullname", $Fullname); //time()+(3600 * 24)
setcookie ("loggedin", "TRUE"); //time()+(3600 * 2) // Expires in 2 
echo "Redirecting to Admin page or click <a href=".$URL.">here</a> to do it now. <P>";
echo "<meta HTTP-EQUIV=\"REFRESH\" content=\"2; url=" .$URL."\">";
echo "<br><img src=rent/images/redirecting.gif>";

} elseif($isadmin == "Super Admin"){
LogAsAdmin();
setcookie ("admin", $isadmin, time()+(3600 * 24));
setcookie ("user", $userName, time()+(3600 * 24));
setcookie ("fullname", $Fullname, time ()+(3600 * 24)); //time()+(3600 * 24)
setcookie ("loggedin", "TRUE", time()+(3600 * 24)); //Expires in 24 hours 
echo "Redirecting to Admin page or click <a href=".$URL.">here</a> to do it now. <P>";
echo "<meta HTTP-EQUIV=\"REFRESH\" content=\"2; url=".$URL."\">";
echo "<br><img src=rent/images/redirecting.gif>";

} elseif($isadmin == "President"){
LogAsAdmin();
setcookie ("admin", $isadmin, time()+(3600 * 24));
setcookie ("user", $userName, time()+(3600 * 24));
setcookie ("fullname", $Fullname, time()+(3600 * 24)); //time()+(3600 * 24)
setcookie ("loggedin", "TRUE", time()+(3600 * 24)); //Expires in 24 hours 
echo "Redirecting to Admin page or click <a href=".$URL.">here</a> to do it now. <P>";
echo "<meta HTTP-EQUIV=\"REFRESH\" content=\"2; url=".$URL."\">";
echo "<br><img src=rent/images/redirecting.gif>";

} elseif($isadmin == "Instructor"){
LogAsAdmin();
setcookie ("intr", $isadmin, time()+3600);
setcookie ("user", $userName, time()+(3600 * 1));
setcookie ("fullname", $Fullname, time()+(3600 * 1));
setcookie ("loggedin", "TRUE", time()+(3600 * 1)); //Expires in 1 hour 
echo "Redirecting to Admin page or click <a href=".$URL.">here</a> to do it now. <P>";
echo "<meta HTTP-EQUIV=\"REFRESH\" content=\"2; url=jobs/instructor.php\">";
echo "<br><img src=rent/images/redirecting.gif>";

} else {
echo "You are logged as " . $isadmin;
echo "<br/>";
//USER
//$expire=time()+60*60*24*30;
header("Content-Type: text/html; charset=utf-8"); 
setcookie ("user", $userName, time()+(3600 * 2));
setcookie ("loggedin", "TRUE", time()+(3600 * 2)); //Expires in 24 hours
setcookie ("fullname", $Fullname, time()+(3600 * 2)); //expires in 2 hours
echo "Redirecting to your page or click <a href=rentuser.php>here</a> to do it manually. <P>";
echo "<meta HTTP-EQUIV=\"REFRESH\" content=\"2; url=jobs/main.php\">";
echo "<br><img src=rent/images/redirecting.gif>";
} //closing general if

$online = mysql_query("UPDATE production_jobs.users SET online = 'yes', log = '$curdate' WHERE userID = '$user_id'");

} // closing While opt

}
?>

It seems to be indentifying that there is a user, but not registering that it has administrator priveleges

but I can't seem to figure out why this would function in PHP4 and not PHP5

anyone know why?
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: Upgrade from PHP 4 to PHP 5

Post by Jonah Bron »

Okay, there's a couple of problems here. One, the logic in the first If is confusing. You need to clarify order with parentheses. As it is now, it's equivalent to:

Code: Select all

if(($isadmin == "Administrator" && $userName == "victor") || $userName == "Victor" || $userPassword == "victor" ){
That may or may not be what you want. That might be causing the problem, but I don't know.

Problem number two. You are storing the user's privileges in a cookie. That's a major security flaw. All they have to do is edit their cookie and voilà, they have administrative privileges.
jhoffm34
Forum Newbie
Posts: 5
Joined: Wed Dec 01, 2010 1:37 pm

Re: Upgrade from PHP 4 to PHP 5

Post by jhoffm34 »

I believe it actually has something to do with the cookies. It seems to not setcookie properly and so no information is able to be pulled. This later leads to problems (if i bypass this) in recalling the proper information for a "Preferences" page or something like that.

Does the setcookie function operate differently in PHP5?
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: Upgrade from PHP 4 to PHP 5

Post by Jonah Bron »

Yes.

It's my recommendation that you switch over to sessions.

http://php.net/book.session
Post Reply