0

i have a short Question and i hope somebody can help me as i'm looking for a solution. Below my coding what worked for the last 8 years. now due to a PHP version update this is not working anymore but i cannot figure out why, many thanks for reading.

<?php require_once('Connections/connbowling.php'); ?>

<?php
if (!isset($_SESSION)){
    session_start();
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_bowlingl, $connbowling);
$query_rsWedstrijd = "SELECT * FROM FILES";
$rsWedstrijd = mysql_query($query_rsWedstrijd, $connbowling) or die(mysql_error());
$row_rsWedstrijd = mysql_fetch_assoc($rsWedstrijd);
$totalRows_rsWedstrijd = mysql_num_rows($rsWedstrijd);
$query_rsWedstrijd = "SELECT * FROM FILES";
$rsWedstrijd = mysql_query($query_rsWedstrijd, $connbowling) or die(mysql_error());
$row_rsWedstrijd = mysql_fetch_assoc($rsWedstrijd);
$totalRows_rsWedstrijd = mysql_num_rows($rsWedstrijd);

$editFormAction = $_SERVER['PHP_SELF'];
if(!empty($_FILES))
{
    $filename    =current(explode('.', $_FILES['input']['name']));
    $filetype    = $_FILES['input']['type'];
    $filesize     = $_FILES['input']['size'];
    $tmpname    = $_FILES['input']['tmp_name'];
    $content    = file_get_contents($tmpname);
    $fp                = fopen($tmpname,'r');
    $content     = fread($fp,$filesize);
    $content     = addslashes($content);
    $date       =$_POST['date1'];
    include("Connections/connbowling.php");
    $query="INSERT INTO FILES (FILENAME,FILETYPE,FILESIZE,CONTENT,DATUM) VALUES ('".$filename."','".$filetype."','".$filesize."','".$content."','".$date."');";

if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO files (`YEAR`, `DAY`) VALUES (%s, %s)",
                       GetSQLValueString($_POST['year'], "text"),
                       GetSQLValueString($_POST['DAY'], "text"));

  mysql_select_db($database_bowlingl, $bowlingl);
  $Result1 = mysql_query($insertSQL, $connbowling) or die(mysql_error());
$insertGoTo = "http://www.xxxxxxxxxxxxxxxxx";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));

}
    mysql_query($query) or die(mysql_error());
    echo("<table>\n");
    echo("<tr>\n");
    echo("\t<td>Bestandsnaam</td><td>".$filename."</td>\n");
    echo("</tr>\n");
    echo("<tr>\n");
    echo("\t<td>Type</td><td>".$filetype."</td>\n");
    echo("</tr>\n");
    echo("<tr>\n");
    echo("\t<td>Grootte</td><td>".$filesize."</td>\n");
    echo("</tr>\n");
    mysql_close();    
}   


?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtmlcodeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />



</head>



  <h3> Scores uploaden voor alleen de huisleague.!!</h3>
    <p><form action="<?php echo $row_rsWedstrijd['']; ?>" method="post" enctype="multipart/form-data" name="form1" id="form1">
      <input type="file" name="input" id="input" />

     <link type="text/css" href="../jquery.ui-1.5.2/_css/jquery-ui-1.7.2.custom.css" rel="stylesheet" />
    <script type="text/javascript" src="Scripts/jquery-1.3.2.js"></script>
    <script type="text/javascript" src="Scripts/ui.datepicker.js"></script>

        <script type="text/javascript">

       $(document).ready(function(){
                             $("#datepicker").datepicker({changeMonth:true,changeYear:true,showButtonPanel:true});

    //setter
    $("#datepicker").datepicker('option','dateFormat','yy-mm-dd');
  });

  </script>
      <input name="date1" id="datepicker"  />
      <p>&nbsp;</p>
<input type="submit" name="submit" id="submit" value="versturen" />
    </form></p>
    <p>&nbsp;</p>



<script type="text/javascript">

</script>
Jens
  • 67,715
  • 15
  • 98
  • 113
mikeb
  • 1
  • 1
  • 1
    `mysql_*` API was removed. Change to `mysqli_*` or `PDO` – Jens Apr 26 '17 at 11:15
  • 1
    Don't use `mysql_*` functions, they are deprecated as of PHP 5.5 and are removed altogether in PHP 7.0. Use [`mysqli`](http://php.net/manual/en/book.mysqli.php) or [`pdo`](http://php.net/manual/en/book.pdo.php) instead. [And this is why you shouldn't use `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). – Rajdeep Paul Apr 26 '17 at 11:15
  • sorry meaning? can you explain what supposed to be there? like this below? – mikeb Apr 26 '17 at 11:20
  • like line . $theValue = function_exists("mysqli_real_escape_string") ? mysqli_real_escape_string($theValue) : mysqli_escape_string($theValue); – mikeb Apr 26 '17 at 11:24
  • @mikeb RTM, [http://php.net/manual/en/mysqli.real-escape-string.php](http://php.net/manual/en/mysqli.real-escape-string.php). `mysqli_real_escape_string()` takes **2 arguments**, first is your connection handler and second is the string. – Rajdeep Paul Apr 26 '17 at 11:28
  • Ok sorry i'm lost what can i use instead... ? i'm new to this sorry. is there an easy way to put the code in pdo? – mikeb Apr 26 '17 at 11:44
  • Sorry is there a solution ?. – mikeb Apr 28 '17 at 12:41

0 Answers0