這成了我的解決方案,以提示從HamZa(謝謝!)
我創建了一個腳本,即在一個迭代選擇的目錄($dir
指定)
我們也可以說:我們正在在文件中尋找與$lookFor
我加了一些註釋中的代碼,這樣你就可以跟着我做。這不會解決function
-DB的。
所以如果你有DB連接的類,你將不得不添加一些功能。
眼下這個腳本不會改變你的文件(我評論它,所以你可以使用它只是通過您的代碼與「推薦」瀏覽變化)
而且還..我的天堂沒有做到這一點,腳本準備報表。
(這是第二步,這只是爲了修復東西的時候mysql_*
被刪除,將打破)
結果會是這個樣子:(實際上表明缺少功能我談。我「將不得不添加global $__db;
到每個function
然後終於來了!下面的代碼。
<?
/*IGNORE-MYSQL*/
function startsWith($haystack, $needle)
{
return strpos($haystack, $needle) === 0;
}
function endsWith($haystack, $needle)
{
return substr($haystack, -strlen($needle)) == $needle;
}
function doFlush()
{
@flush();
@ob_flush();
}
function runMySQLToMySQLi_replace($str, $useBoldShow = false, $replace = true)
{
$catchVars = '\$"\'a-zA-Z0-9_\.\*\->,\[\] ';
$regexTests = Array();
$regexTests['(?:['.$catchVars.']+\s?=\s?)?mysql_connect\((['.$catchVars.']+),\s?(['.$catchVars.']+),\s?(['.$catchVars.']+)\)'] = '\$__db = mysqli_connect($1, $2, $3)';
$regexTests['mysql_select_db\((['.$catchVars.']+)(?:,\s?['.$catchVars.']+)?\)'] = '\$__db->select_db($1)';
$regexTests['mysql_query\((['.$catchVars.'\(\)=]+)(?:,\s?['.$catchVars.']+)?\)'] = '\$__db->query($1)';
$regexTests['mysql_errno\(\)'] = '\$__db->errno';
$regexTests['mysql_error\(\)'] = '\$__db->error';
$regexTests['mysql_error\((['.$catchVars.']+)\)'] = '\$__db->error';
$regexTests['mysql_fetch_object\((['.$catchVars.']+)\)'] = '$1->fetch_object()';
$regexTests['mysql_fetch_row\((['.$catchVars.']+)\)'] = '$1->fetch_array()';
$regexTests['mysql_fetch_array\((['.$catchVars.']+)\)'] = '$1->fetch_array()';
$regexTests['mysql_fetch_assoc\((['.$catchVars.']+)\)'] = '$1->fetch_assoc()';
$regexTests['mysql_num_rows\((['.$catchVars.']+)\)'] = '$1->num_rows';
$regexTests['mysql_free_result\((['.$catchVars.']+)\)'] = '$1->free()';
$regexTests['mysql_insert_id\(\)'] = '\$__db->insert_id';
$regexTests['(['.$catchVars.']+) = mysql_result\((['.$catchVars.']+), (\d+)\)'] = "\$row = $2->fetch_array(); $1 = \$row[$3]";
$tmpVal = $str;
foreach($regexTests as $reg => $rep)
{
$match = preg_match("/" . $reg . "/i", $tmpVal);
if($match)
{
if($replace)
$tmpVal = preg_replace("/" . $reg . "/i", ($useBoldShow ? "[{b}]" : "") . $rep . ($useBoldShow ? "[/{b}]" : ""), $tmpVal);
else
$tmpVal = preg_replace("/" . $reg . "/i", ($useBoldShow ? "[{b}]" : "") . "$0" . ($useBoldShow ? "[/{b}]" : ""), $tmpVal);
}
}
return $tmpVal;
}
?>
<html>
<head>
<style>
body { margin: 0; padding: 0; }
.mysql_found { background-color: mistyrose; padding: 10px; border: 1px solid #c9c9c9; border-radius: 5px; margin: 10px; }
.no_select {
-webkit-touch-callout: none;
-webkit-user-select: none;
-khtml-user-select: none;
-moz-user-select: moz-none;
-ms-user-select: none;
user-select: none;
display: inline-block;
}
</style>
</head>
<body>
<pre><?
// Directory to search in
$dir = "/dir/to/search/in/";
$objects = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir), RecursiveIteratorIterator::SELF_FIRST);
// What we are looking for in all files
$lookFor = "mysql_";
foreach($objects as $name => $object)
{
// Ensure that it is PHP-files we're going through
if(endsWith($object->getFilename(), '.php'))
{
// Get all contents
$contents = file_get_contents($object->getPathname());
// Split it into rows
$rowSplit = preg_split('/$\R?^/m', $contents);
// Check the contents for $lookFor
if(strpos($contents, $lookFor) > 0 && strpos($contents, "/*IGNORE-MYSQL*/") === false)
{
echo "<div class=\"mysql_found\">\"" . $lookFor . "\" found in: " . $object->getPathname() . "\n";
echo "<hr noshade=\"noshade\" />\n";
echo "Source code:\n";
$lCount = 1;
foreach($rowSplit as $row)
{
echo "<div class=\"no_select\" unselectable=\"on\">" . str_pad($lCount++, strlen(count($rowSplit)), " ", STR_PAD_LEFT) . ": </div>" . str_replace(Array("[{b}]", "[/{b}]"), Array("<b style=\"background-color: #cfaaaa;\">", "</b>"), htmlentities(runMySQLToMySQLi_replace($row, true, false))) . "\n";
}
echo "\n\n";
$lCount = 1;
echo "Fixed code:<br /><br />";
$doneCode = "";
foreach($rowSplit as $row)
{
echo "<div class=\"no_select\" unselectable=\"on\">" . str_pad($lCount++, strlen(count($rowSplit)), " ", STR_PAD_LEFT) . ": </div>" . str_replace(Array("[{b}]", "[/{b}]"), Array("<b style=\"background-color: #cfaaaa;\">", "</b>"), htmlentities(runMySQLToMySQLi_replace($row, true))) . "\n";
// This is the code that actually does the replacing.
$doneCode .= runMySQLToMySQLi_replace($row) . "\n";
}
// This is commented out, since I want to make sure it works before I accept some changes.
// I actually tried it on 3 files without problems.
//if(isset($_GET['Accepted']))
// file_put_contents($object->getPathname(), $doneCode);
echo "</div>";
}
}
doFlush();
}
?></pre>
</body>
</html>
如果您想問我一些關於此代碼的信息,請執行此操作。 :)
不,你不能在一個正則表達式中搜索和替換不同的東西。至少不是你的情況。另外請注意,如果你不準備使用準備好的語句,那麼去mysqli幾乎沒有意義。我的2美分:花時間手動更新代碼(最好是使用PDO),這是非常值得的。不要忘記使用準備好的語句! – HamZa
我確實看到了準備好的語句的價值,但是我正在「修復」的項目中編寫的大部分SQL都使用了太多動態連接。但可以肯定的是,簡單的問題很容易被準備好的陳述取代。當查詢已經過清理時,我只想避免獲取更多代碼。現在,這只是一個問題,我可以多快得到'mysqli_ *'而不是'mysql_ *'。 – NoLifeKing
我的哀悼...那麼,如果你堅持,那麼這裏有一個想法:用PHP編輯你的PHP代碼! ** 1 - )**遍歷每個目錄/文件** 2 - )**編寫一個自定義函數,執行所有替換。 – HamZa