Wierd and Annoying error: Call to undefined function mysql

 

This question already has an answer here:

  • Why shouldn't I use mysql_* functions in PHP? 14 answers

    • PHP 7 has gotten rid of mysql_query() because it's problematic in a variety of ways! The API does not encourage good practices, the official line is that it's unmaintained, and NO PREPARED STATEMENTS!?! It essentially is the biggest problem in PHP that encourages bad practices leading to sql injection, and that's a major big bad situation.

    However, I do work with legacy codebases, so I have to deal with the same situation as you in some cases. If you have a small codebase, just update your db connection method. If you have a large codebase, here is what I recommend:

  • Rollback your php version for this codebase to php 5.6, it will be supported for a bit yet.
  • Take your time to update to PDO (you can create a wrapper around PDO to make it less verbose and still allow prepared queries).
  • Ignore mysqli. If it takes you 5 minutes to upgrade from mysql_*, you are probably doing it wrong, and leaving yourself open to sql-injection. Just go for PDO and start using prepared queries so you can sleep at night.
  • If you still want to use php 7 in more modern projects, spin up a vagrant instance with the older php 5.6 legacy codebases on it.

    • The answer is simple and this information has been available long before the release of PHP 7. It has been removed and they suggest to move over to mysqli or PDO. For a complete list of changes you need to know about for migration see this guide.

    Your options:

  • Adjust your code to mysqli, which is quite the same just a little different. This wouldn't take long to adjust your code to.
  • Switch over to PDO, quite different but more flexible and has my preference.
  • The mysql_* have been removed, meaning they are open to be redefined. You can create wrapper functions that refer to MySqli or PDO instead.
  • Switch back to version 6 of PHP.

    • Why has it been removed?

  • It's not under development.
  • The mysql_* functions provide just a piece of functionality of what MySQL really has to offer. (think about transactions, prepared statements, asynchronous queries, etc)
  • People are still writing ( even today ) insecure code with those functions.

    • I'm not saying that using MySqli or PDO will magically prevent MySQL injections but at least they provide native support against those kind of attacks. The rest is up to you; the programmer, to make sure to point data where it needs to go.

    链接地址: http://www.djcxy.com/p/26584.html

    上一篇: 弃用

    下一篇: Wierd和恼人的错误:调用未定义的函数mysql