ezsystems · pbek · Sep 2, 2015 · Sep 20, 2018 · Sep 20, 2018 · crevillo
diff --git a/cronjobs/linkcheck.php b/cronjobs/linkcheck.php
@@ -79,7 +79,7 @@
               // Check if it is a valid internal link.
               foreach ( $siteURLs as $siteURL )
               {
-                  $siteURL = preg_replace("/\/$/e", "", $siteURL );
+                  $siteURL = preg_replace("/\/$/", "", $siteURL );
                   $fp = @fopen( $siteURL . "/". $url, "r" );
                   if ( !$fp )
                   {

diff --git a/design/admin/templates/setup/datatype_code.tpl b/design/admin/templates/setup/datatype_code.tpl
@@ -26,7 +26,7 @@ class {$full_class_name} extends eZDataType
     */
     function {$full_class_name}()
     {literal}{{/literal}
-        $this->eZDataType( self::{$constant_name}, "{$desc_name}" );
+        parent::__construct( self::{$constant_name}, "{$desc_name}" );
     {literal}}{/literal}
 
 {if $class_input}

diff --git a/design/admin/templates/shop/orderlist.tpl b/design/admin/templates/shop/orderlist.tpl
@@ -73,7 +73,7 @@
     {if is_null($Orders.item.account_name)}
         <s><i>{'( removed )'|i18n( 'design/admin/shop/orderlist' )}</i></s>
     {else}
-        <a href={concat( '/shop/customerorderview/', $Orders.item.user_id, '/', $Orders.item.account_email )|ezurl}>{$Orders.item.account_name|wash}</a>
+        <a href={concat( '/shop/customerorderview/', $Orders.item.user_id, '?email=', $Orders.item.account_email|urlencode )|ezurl}>{$Orders.item.account_name|wash}</a>
     {/if}
     </td>
 

diff --git a/design/standard/templates/setup/datatype_code.tpl b/design/standard/templates/setup/datatype_code.tpl
@@ -26,7 +26,7 @@ class {$full_class_name} extends eZDataType
     */
     function {$full_class_name}()
     {literal}{{/literal}
-        $this->eZDataType( self::{$constant_name}, "{$desc_name}" );
+        parent::__construct( self::{$constant_name}, "{$desc_name}" );
     {literal}}{/literal}
 
 {if $class_input}

diff --git a/extension/ezoe/ezxmltext/handlers/input/ezoexmlinput.php b/extension/ezoe/ezxmltext/handlers/input/ezoexmlinput.php
@@ -658,7 +658,7 @@ function validateInput( $http, $base, $contentObjectAttribute )
     */
 
     // Get section level and reset curent xml node according to input header.
-    function &sectionLevel( &$sectionLevel, $headerLevel, &$TagStack, &$currentNode, &$domDocument )
+    function sectionLevel( &$sectionLevel, $headerLevel, &$TagStack, &$currentNode, &$domDocument )
     {
         if ( $sectionLevel < $headerLevel )
         {
@@ -774,7 +774,7 @@ function inputXML( )
      \private
      \return the user input format for the given section
     */
-    function &inputSectionXML( &$section, $currentSectionLevel, $tdSectionLevel = null )
+    function inputSectionXML( &$section, $currentSectionLevel, $tdSectionLevel = null )
     {
         $output = '';
 
@@ -895,7 +895,7 @@ function &inputSectionXML( &$section, $currentSectionLevel, $tdSectionLevel = nu
      \private
      \return the user input format for the given list item
     */
-    function &inputListXML( &$listNode, $currentSectionLevel, $listSectionLevel = null, $noParagraphs = true )
+    function inputListXML( &$listNode, $currentSectionLevel, $listSectionLevel = null, $noParagraphs = true )
     {
         $output = '';
         $tagName = $listNode instanceof DOMNode ? $listNode->nodeName : '';
@@ -933,7 +933,7 @@ function &inputListXML( &$listNode, $currentSectionLevel, $listSectionLevel = nu
      \private
      \return the user input format for the given table cell
     */
-    function &inputTdXML( &$tdNode, $currentSectionLevel, $tdSectionLevel = null )
+    function inputTdXML( &$tdNode, $currentSectionLevel, $tdSectionLevel = null )
     {
         $output = '';
         $tagName = $tdNode instanceof DOMNode ? $tdNode->nodeName : '';
@@ -962,7 +962,7 @@ function &inputTdXML( &$tdNode, $currentSectionLevel, $tdSectionLevel = null )
     /*!
      \return the input xml of the given paragraph
     */
-    function &inputParagraphXML( &$paragraph,
+    function inputParagraphXML( &$paragraph,
                                   $currentSectionLevel,
                                   $tdSectionLevel = null,
                                   $noRender = false )
@@ -1046,7 +1046,7 @@ function &inputParagraphXML( &$paragraph,
      \return the input xml for the given tag
      \as in the xhtml used inside the editor
     */
-    function &inputTagXML( &$tag, $currentSectionLevel, $tdSectionLevel = null )
+    function inputTagXML( &$tag, $currentSectionLevel, $tdSectionLevel = null )
     {
         $output       = '';
         $tagName      = $tag instanceof DOMNode ? $tag->nodeName : '';

diff --git a/extension/ezoe/modules/ezoe/classes/GoogleSpell.php b/extension/ezoe/modules/ezoe/classes/GoogleSpell.php
@@ -105,8 +105,8 @@ function &_getMatches($lang, $str) {
 	}
 
 	function _unhtmlentities($string) {
-		$string = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $string);
-		$string = preg_replace('~&#([0-9]+);~e', 'chr(\\1)', $string);
+		$string = preg_replace_callback('~&#x([0-9a-f]+);~i', function($m) {return chr(hexdec($m[1]));}, $string);
+		$string = preg_replace_callback('~&#([0-9]+);~', function($m) {return chr($m[1]);}, $string);
 
 		$trans_tbl = get_html_translation_table(HTML_ENTITIES);
 		$trans_tbl = array_flip($trans_tbl);

diff --git a/extension/ezoe/modules/ezoe/classes/SpellChecker.php b/extension/ezoe/modules/ezoe/classes/SpellChecker.php
@@ -12,7 +12,7 @@ class SpellChecker {
 	 *
 	 * @param $config Configuration name/value array.
 	 */
-	function SpellChecker(&$config) {
+	function __construct(&$config) {
 		$this->_config = $config;
 	}
 

diff --git a/extension/ezoe/modules/ezoe/classes/utils/mcejson.php b/extension/ezoe/modules/ezoe/classes/utils/mcejson.php
@@ -36,7 +36,7 @@ class Moxiecode_JSONReader
 	private $_lastLocations;
 	private $_needProp;
 
-	function Moxiecode_JSONReader($data) {
+	function __construct($data) {
 		$this->_data = $data;
 		$this->_len = strlen($data);
 		$this->_pos = -1;
@@ -367,7 +367,7 @@ function peek() {
  * @package MCManager.utils
  */
 class Moxiecode_JSON {
-	function Moxiecode_JSON() {
+	function __construct() {
 	}
 
 	function decode($input) {

diff --git a/extension/ezoe/modules/ezoe/spellcheck_rpc.php b/extension/ezoe/modules/ezoe/spellcheck_rpc.php
@@ -78,8 +78,8 @@ function getRequestParam($name, $default_value = false, $sanitize = false)
 // Try globals array
 if (!$raw && isset($_GLOBALS["HTTP_RAW_POST_DATA"]))
     $raw = $_GLOBALS["HTTP_RAW_POST_DATA"];
-else if (!$raw && isset($HTTP_RAW_POST_DATA))
-    $raw = $HTTP_RAW_POST_DATA;
+else if (!$raw)
+    $raw = file_get_contents("php://input");;
 
 // Try stream
 if (!$raw)

diff --git a/kernel/classes/datatypes/ezxmltext/ezxmloutputhandler.php b/kernel/classes/datatypes/ezxmltext/ezxmloutputhandler.php
@@ -136,7 +136,7 @@ function isValid()
      \pure
      \return the suffix for the attribute template, if false it is ignored.
     */
-    function &viewTemplateSuffix( &$contentobjectAttribute )
+    function viewTemplateSuffix( &$contentobjectAttribute )
     {
         $suffix = false;
         return $suffix;

diff --git a/kernel/shop/customerorderview.php b/kernel/shop/customerorderview.php
@@ -16,6 +16,13 @@
 $tpl = eZTemplate::factory();
 
 $Email = urldecode( $Email );
+
+// workaround because it seems not possible to get an urlencoded "+" character accross $Params
+if ( $http->hasGetVariable( "email" ) )
+{
+    $Email = $http->getVariable( "email" );
+}
+
 $productList = eZOrder::productList( $CustomerID, $Email );
 $orderList = eZOrder::orderList( $CustomerID, $Email );
 

diff --git a/kernel/url/view.php b/kernel/url/view.php
@@ -50,7 +50,7 @@
     $preFix = $protocol . "://" . $domain;
     $preFix .= eZSys::wwwDir();
 
-    $link = preg_replace("/^\//e", "", $link );
+    $link = preg_replace("/^\//", "", $link );
     $link = $preFix . "/" . $link;
 }
 

diff --git a/lib/ezdb/classes/ezmysqlidb.php b/lib/ezdb/classes/ezmysqlidb.php
@@ -844,7 +844,7 @@ function escapeString( $str )
         else
         {
             eZDebug::writeDebug( 'escapeString called before connection is made', __METHOD__ );
-            return mysql_escape_string( $str );
+            return mysqli_real_escape_string( $str );
         }
     }
 

diff --git a/lib/ezdbschema/classes/ezmysqlschema.php b/lib/ezdbschema/classes/ezmysqlschema.php
@@ -655,7 +655,7 @@ function escapeSQLString( $value )
             return $this->DBInstance->escapeString( $value );
         }
 
-        return mysql_escape_string( $value );
+        return mysqli_real_escape_string( $value );
     }
 
     function schemaType()

diff --git a/lib/ezfile/classes/ezgzipzlibcompressionhandler.php b/lib/ezfile/classes/ezgzipzlibcompressionhandler.php
@@ -51,11 +51,15 @@ function compressionLevel()
     static function isAvailable()
     {
         $extensionName = 'zlib';
+
+        // dl() is removed in PHP 7.0, see https://secure.php.net/manual/en/function.dl.php
+        /*
         if ( !extension_loaded( $extensionName ) )
         {
             $dlExtension = ( eZSys::osType() == 'win32' ) ? '.dll' : '.so';
             @dl( $extensionName . $dlExtension );
         }
+        */
         return extension_loaded( $extensionName );
     }
 

diff --git a/lib/ezpdf/classes/class.ezpdftable.php b/lib/ezpdf/classes/class.ezpdftable.php
@@ -33,7 +33,7 @@ class eZPDFTable extends Cezpdf
      * @param string $paper
      * @param string $orientation
      */
-    function eZPDFTable($paper='a4',$orientation='portrait')
+    function __construct($paper='a4',$orientation='portrait')
     {
         parent::__construct( $paper, $orientation );
         $this->TOC = array();
@@ -1516,7 +1516,7 @@ function callFont( $params )
         return '';
     }
 
-    function &fixWhitespace( &$text )
+    function fixWhitespace( &$text )
     {
         $text = str_replace( array( self::SPACE,
                                     self::TAB,

diff --git a/lib/ezpdf/classes/class.pdf.php b/lib/ezpdf/classes/class.pdf.php
@@ -2014,10 +2014,10 @@ function selectFont( $fontName, $encoding = '', $set = 1 )
                     // note that pdf supports only binary format type 1 font files, though there is a
                     // simple utility to convert them from pfa to pfb.
                     $fp = fopen( $fbfile, 'rb' );
-                    $tmp = get_magic_quotes_runtime();
-                    set_magic_quotes_runtime( 0 );
+//                    $tmp = get_magic_quotes_runtime();
+//                    set_magic_quotes_runtime( 0 );
                     $data = fread( $fp, filesize( $fbfile ) );
-                    set_magic_quotes_runtime( $tmp );
+//                    set_magic_quotes_runtime( $tmp );
                     fclose( $fp );
 
                     // create the font descriptor
@@ -3564,8 +3564,8 @@ function addPngFromFile( $file, $x, $y, $w = 0, $h = 0 )
     {
         // read in a png file, interpret it, then add to the system
         $error = 0;
-        $tmp = get_magic_quotes_runtime();
-        set_magic_quotes_runtime(0);
+//        $tmp = get_magic_quotes_runtime();
+//        set_magic_quotes_runtime(0);
         $fp = @fopen( $file, 'rb' );
         if ( $fp )
         {
@@ -3581,7 +3581,7 @@ function addPngFromFile( $file, $x, $y, $w = 0, $h = 0 )
             $error = 1;
             $errormsg = 'trouble opening file: '.$file;
         }
-        set_magic_quotes_runtime( $tmp );
+//        set_magic_quotes_runtime( $tmp );
 
         if ( !$error )
         {
@@ -3832,10 +3832,10 @@ function addJpegFromFile( $img, $x, $y, $w = 0, $h = 0 )
 
         $fp = fopen( $img, 'rb' );
 
-        $tmp = get_magic_quotes_runtime();
-        set_magic_quotes_runtime( 0 );
+//        $tmp = get_magic_quotes_runtime();
+//        set_magic_quotes_runtime( 0 );
         $data = fread( $fp, filesize( $img ) );
-        set_magic_quotes_runtime( $tmp );
+//        set_magic_quotes_runtime( $tmp );
 
         fclose( $fp );
 
@@ -3888,8 +3888,8 @@ function addImage( &$img, $x, $y, $w = 0, $h = 0, $quality = 75 )
         imagejpeg( $img, $tmpName, $quality );
         $fp = fopen( $tmpName, 'rb' );
 
-        $tmp = get_magic_quotes_runtime();
-        set_magic_quotes_runtime( 0 );
+//        $tmp = get_magic_quotes_runtime();
+//        set_magic_quotes_runtime( 0 );
         $fp = @fopen( $tmpName, 'rb' );
         if ( $fp )
         {
@@ -3906,7 +3906,7 @@ function addImage( &$img, $x, $y, $w = 0, $h = 0, $quality = 75 )
             $errormsg = 'trouble opening file';
         }
     //  $data = fread($fp,filesize($tmpName));
-        set_magic_quotes_runtime( $tmp );
+//        set_magic_quotes_runtime( $tmp );
     //  fclose( $fp );
         unlink( $tmpName );
         $this->addJpegImage_common( $data, $x, $y, $w, $h, $imageWidth, $imageHeight );

diff --git a/lib/ezsoap/classes/ezsoapserver.php b/lib/ezsoap/classes/ezsoapserver.php
@@ -50,8 +50,7 @@ class eZSOAPServer
 {
     public function __construct()
     {
-        global $HTTP_RAW_POST_DATA;
-        $this->RawPostData = $HTTP_RAW_POST_DATA;
+        $this->RawPostData = file_get_contents( "php://input" );
     }
 
 

diff --git a/tests/toolkit/extras/tests-files/workflowevent_regression_fetchtemplaterepeat.php b/tests/toolkit/extras/tests-files/workflowevent_regression_fetchtemplaterepeat.php
@@ -13,7 +13,7 @@ class WorkflowEventRegressionFetchTemplateRepeatType extends eZWorkflowEventType
     const WORKFLOW_TYPE_STRING = 'fetchtemplaterepeat';
     function __construct()
     {
-        $this->eZWorkflowEventType( WorkflowEventRegressionFetchTemplateRepeatType::WORKFLOW_TYPE_STRING, "WorkflowEventRegressionFetchTemplateRepeatType test" );
+        parent::__construct( WorkflowEventRegressionFetchTemplateRepeatType::WORKFLOW_TYPE_STRING, "WorkflowEventRegressionFetchTemplateRepeatType test" );
         $this->setTriggerTypes( array( 'content' => array( 'publish' => array( 'before' ) ) ) );
     }
-Original file line number
+Diff line change
@@ Expand Up / @@ -844,7 +844,7 @@ function escapeString( $str ) @@
             else
             {
                 eZDebug::writeDebug( 'escapeString called before connection is made', __METHOD__ );
-                return mysql_escape_string( $str );
+                return mysqli_real_escape_string( $str );
             }
         }
@@ Expand Down @@