This became my solution, with tips from HamZa (Thanks!)
I created a script, that iterates over a directory of choosing (Specified in $dir
)
We also get to say what we're looking for in the files with $lookFor
I added some comments in the code, so you can follow what I do. This WON'T solve function
-db's though.
So if you have classes with DB-connections you'll have to add something for functions.
Right now this script won't change your files (I commented it out, so you can use it to just browse through your code with the "recommended" changes)
And also.. I haven't made it so the script prepares statements.
(That is step two, this was just to fix things that would break when mysql_*
gets removed)
The result will look something like this: (Actually showing that missing function I talked about.. I'll have to add global $__db;
into each function
And then finally! Here's the code.
<?
/*IGNORE-MYSQL*/
function startsWith($haystack, $needle)
{
return strpos($haystack, $needle) === 0;
}
function endsWith($haystack, $needle)
{
return substr($haystack, -strlen($needle)) == $needle;
}
function doFlush()
{
@flush();
@ob_flush();
}
function runMySQLToMySQLi_replace($str, $useBoldShow = false, $replace = true)
{
$catchVars = '\$"\'a-zA-Z0-9_\.\*\->,\[\] ';
$regexTests = Array();
$regexTests['(?:['.$catchVars.']+\s?=\s?)?mysql_connect\((['.$catchVars.']+),\s?(['.$catchVars.']+),\s?(['.$catchVars.']+)\)'] = '\$__db = mysqli_connect($1, $2, $3)';
$regexTests['mysql_select_db\((['.$catchVars.']+)(?:,\s?['.$catchVars.']+)?\)'] = '\$__db->select_db($1)';
$regexTests['mysql_query\((['.$catchVars.'\(\)=]+)(?:,\s?['.$catchVars.']+)?\)'] = '\$__db->query($1)';
$regexTests['mysql_errno\(\)'] = '\$__db->errno';
$regexTests['mysql_error\(\)'] = '\$__db->error';
$regexTests['mysql_error\((['.$catchVars.']+)\)'] = '\$__db->error';
$regexTests['mysql_fetch_object\((['.$catchVars.']+)\)'] = '$1->fetch_object()';
$regexTests['mysql_fetch_row\((['.$catchVars.']+)\)'] = '$1->fetch_array()';
$regexTests['mysql_fetch_array\((['.$catchVars.']+)\)'] = '$1->fetch_array()';
$regexTests['mysql_fetch_assoc\((['.$catchVars.']+)\)'] = '$1->fetch_assoc()';
$regexTests['mysql_num_rows\((['.$catchVars.']+)\)'] = '$1->num_rows';
$regexTests['mysql_free_result\((['.$catchVars.']+)\)'] = '$1->free()';
$regexTests['mysql_insert_id\(\)'] = '\$__db->insert_id';
$regexTests['(['.$catchVars.']+) = mysql_result\((['.$catchVars.']+), (\d+)\)'] = "\$row = $2->fetch_array(); $1 = \$row[$3]";
$tmpVal = $str;
foreach($regexTests as $reg => $rep)
{
$match = preg_match("/" . $reg . "/i", $tmpVal);
if($match)
{
if($replace)
$tmpVal = preg_replace("/" . $reg . "/i", ($useBoldShow ? "[{b}]" : "") . $rep . ($useBoldShow ? "[/{b}]" : ""), $tmpVal);
else
$tmpVal = preg_replace("/" . $reg . "/i", ($useBoldShow ? "[{b}]" : "") . "$0" . ($useBoldShow ? "[/{b}]" : ""), $tmpVal);
}
}
return $tmpVal;
}
?>
<html>
<head>
<style>
body { margin: 0; padding: 0; }
.mysql_found { background-color: mistyrose; padding: 10px; border: 1px solid #c9c9c9; border-radius: 5px; margin: 10px; }
.no_select {
-webkit-touch-callout: none;
-webkit-user-select: none;
-khtml-user-select: none;
-moz-user-select: moz-none;
-ms-user-select: none;
user-select: none;
display: inline-block;
}
</style>
</head>
<body>
<pre><?
// Directory to search in
$dir = "/dir/to/search/in/";
$objects = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir), RecursiveIteratorIterator::SELF_FIRST);
// What we are looking for in all files
$lookFor = "mysql_";
foreach($objects as $name => $object)
{
// Ensure that it is PHP-files we're going through
if(endsWith($object->getFilename(), '.php'))
{
// Get all contents
$contents = file_get_contents($object->getPathname());
// Split it into rows
$rowSplit = preg_split('/$\R?^/m', $contents);
// Check the contents for $lookFor
if(strpos($contents, $lookFor) > 0 && strpos($contents, "/*IGNORE-MYSQL*/") === false)
{
echo "<div class=\"mysql_found\">\"" . $lookFor . "\" found in: " . $object->getPathname() . "\n";
echo "<hr noshade=\"noshade\" />\n";
echo "Source code:\n";
$lCount = 1;
foreach($rowSplit as $row)
{
echo "<div class=\"no_select\" unselectable=\"on\">" . str_pad($lCount++, strlen(count($rowSplit)), " ", STR_PAD_LEFT) . ": </div>" . str_replace(Array("[{b}]", "[/{b}]"), Array("<b style=\"background-color: #cfaaaa;\">", "</b>"), htmlentities(runMySQLToMySQLi_replace($row, true, false))) . "\n";
}
echo "\n\n";
$lCount = 1;
echo "Fixed code:<br /><br />";
$doneCode = "";
foreach($rowSplit as $row)
{
echo "<div class=\"no_select\" unselectable=\"on\">" . str_pad($lCount++, strlen(count($rowSplit)), " ", STR_PAD_LEFT) . ": </div>" . str_replace(Array("[{b}]", "[/{b}]"), Array("<b style=\"background-color: #cfaaaa;\">", "</b>"), htmlentities(runMySQLToMySQLi_replace($row, true))) . "\n";
// This is the code that actually does the replacing.
$doneCode .= runMySQLToMySQLi_replace($row) . "\n";
}
// This is commented out, since I want to make sure it works before I accept some changes.
// I actually tried it on 3 files without problems.
//if(isset($_GET['Accepted']))
// file_put_contents($object->getPathname(), $doneCode);
echo "</div>";
}
}
doFlush();
}
?></pre>
</body>
</html>
If you want to ask me something about this code, do it. :)