Add mysqli connect

Author: nosolored

.htaccess

@@ -1,85 +1,84 @@
-#  mod_rewrite in use
-
-# Redirecciona www a sin www
-
-Options +FollowSymLinks
-
-RewriteEngine On
-
-RewriteBase /
-
-
-
-Options +Indexes
-
-AddType text/x-component .htc
-
-
-
-RewriteCond %{REQUEST_FILENAME} !-f
-
-RewriteCond %{REQUEST_FILENAME} !-d
-
-RewriteCond %{REQUEST_URI} !^/index.php
-
-RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$  [NC]
-
-RewriteRule (.*) index.php
-
-RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
-
-
-
-## If you experience problems on your site block out the operations listed below
-
-## This attempts to block the most common type of exploit `attempts` to Joomla!
-
-#
-
-# Block out any script trying to set a mosConfig value through the URL
-
-RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
-
-# Block out any script trying to base64_encode crap to send via URL
-
-RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
-
-# Block out any script that includes a <script> tag in URL
-
-RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
-
-# Block out any script trying to set a PHP GLOBALS variable via URL
-
-RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
-
-# Block out any script trying to modify a _REQUEST variable via URL
-
-RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
-
-# Send all blocked request to homepage with 403 Forbidden error!
-
-RewriteRule ^(.*)$ index.php [F,L]
-
-#
-
-########## End - Rewrite rules to block out some common exploits
-
-
-
-# ErrorDocument 404 index.php
-
-
-
-Options +Indexes
-
-AddType text/x-component .htc
-
-
-
-php_flag register_globals off
-
-php_flag display_errors on
-
-php_flag magic_quotes_gpc off
-
-php_flag apc.cache_by_default off
+#  mod_rewrite in use
+
+# Redirecciona www a sin www
+
+Options +FollowSymLinks
+
+RewriteEngine On
+
+RewriteBase /
+
+
+
+Options +Indexes
+
+AddType text/x-component .htc
+
+
+
+RewriteCond %{REQUEST_FILENAME} !-f
+
+RewriteCond %{REQUEST_FILENAME} !-d
+
+RewriteCond %{REQUEST_URI} !^/index.php
+
+RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$  [NC]
+
+RewriteRule (.*) index.php
+
+RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
+
+
+
+## If you experience problems on your site block out the operations listed below
+
+## This attempts to block the most common type of exploit `attempts` to Joomla!
+
+#
+
+# Block out any script trying to set a mosConfig value through the URL
+
+RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
+
+# Block out any script trying to base64_encode crap to send via URL
+
+RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
+
+# Block out any script that includes a <script> tag in URL
+
+RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
+
+# Block out any script trying to set a PHP GLOBALS variable via URL
+
+RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
+
+# Block out any script trying to modify a _REQUEST variable via URL
+
+RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
+
+# Send all blocked request to homepage with 403 Forbidden error!
+
+RewriteRule ^(.*)$ index.php [F,L]
+
+#
+
+########## End - Rewrite rules to block out some common exploits
+
+
+
+# ErrorDocument 404 index.php
+
+
+
+Options +Indexes
+
+AddType text/x-component .htc
+
+
+php_flag display_errors on
+php_flag display_startup_errors on
+php_value error_reporting 8191
+php_flag register_globals off
+php_flag magic_quotes_gpc off
+
+

cron.php

@@ -6,40 +6,40 @@
 
 //ENVIO DE E-MAIL QUE ESTÁN PROXIMOS A LA FECHA DE RENOVACIÓN
 $sql = "SELECT notice_renewal,sender FROM parametros";
-$result = mysql_query($sql,$link);
-$row = mysql_fetch_assoc($result);
+$result = $link->query($sql);
+$row = $result->fetch_assoc();
 $dias = $row['notice_renewal'];
 $sender = $row['sender'];
 
-mysql_free_result($result);
+$result->free();
 
 $limite = $dias*24*60*60;
 
 $sql = "SELECT * FROM members WHERE (UNIX_TIMESTAMP(renewal) - UNIX_TIMESTAMP(NOW())) < ".$limite." AND email_renewal='0';";
 //echo $sql;
 //echo $limite;
-$result = mysql_query($sql,$link);
+$result = $link->query($sql);
 echo "<br><br>Begin of renewal notice";
-while($fila = mysql_fetch_assoc($result)){
+while($fila = $result->fetch_assoc()){
 	$candado = false;
 	$mensaje = '';
 	$subject = '';
 	echo "<br>Renewal notice for: ".$fila['email'];
 	$language = datosreg($fila['language'],'language','language','cod');
 	//Buscamos la plantilla que le corresponda
 	$sql = "SELECT message, subject FROM messages WHERE type='renewal' AND language='".$language."'";
-	$r_tmp = mysql_query($sql,$link);
+	$r_tmp = $link->query($sql);
 
-	if(mysql_num_rows($r_tmp)>0){
-		$f_tmp = mysql_fetch_assoc($r_tmp);
+	if($r_tmp->num_rows>0){
+		$f_tmp = $r_tmp->fetch_assoc();
 		$message = $f_tmp['message'];
 		$subject = $f_tmp['subject'];
 		if(trim($message) == ''){
 			$default_language = datosreg('1','language','language','vdefault');
 			$sql = "SELECT message, subject FROM messages WHERE type='renewal' AND language='".$default_language."'";
-			$r2_tmp = mysql_query($sql,$link);
-			if(mysql_num_rows($r2_tmp)>0){
-				$f2_tmp = mysql_fetch_assoc($r2_tmp);
+			$r2_tmp = $link->query($sql);
+			if($r2_tmp->num_rows>0){
+				$f2_tmp = $r2_tmp->fetch_assoc();
 				$message = $f2_tmp['message'];
 				$subject = $f2_tmp['subject'];
 				if(trim($message) == ''){
@@ -60,9 +60,9 @@
 		//buscamos mensaje por defecto	
 		$default_language = datosreg('1','language','language','vdefault');
 		$sql = "SELECT message, subject FROM messages WHERE type='renewal' AND language='".$default_language."'";
-		$r2_tmp = mysql_query($sql,$link);
-		if(mysql_num_rows($r2_tmp)>0){
-			$f2_tmp = mysql_fetch_assoc($r2_tmp);
+		$r2_tmp = $link->query($sql);
+		if($r2_tmp->num_rows>0){
+			$f2_tmp = $r2_tmp->fetch_assoc();
 			$message = $f2_tmp['message'];
 			$subject = $f2_tmp['subject'];
 			if(trim($message) == ''){
@@ -79,8 +79,8 @@
 
 	if($candado){
 		$sql = "DESCRIBE members";
-		$r_campos = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_campos)){
+		$r_campos = $link->query($sql);
+		while($aux = $r_campos->fetch_assoc()){
 			if($aux['Field']=="renewal"){
 				$message = str_replace("{{".$aux['Field']."}}", date("d/m/Y",strtotime($fila[$aux['Field']])), $message);
 			}elseif($aux['Field']=="quota"){
@@ -111,8 +111,8 @@
 		$mail->Subject = $subject;
 		$mail->AddAddress($fila['email']);
 		$sql = "SELECT responsible FROM responsible WHERE area='renewal';";
-		$r_resp = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_resp)){
+		$r_resp = $link->query($sql);
+		while($aux = $r_resp->fetch_assoc()){
 			//Copia a responsables
 			$mail->AddBCC($aux['responsible']);
 		}
@@ -125,7 +125,7 @@
 		$mail->Send();
 		//Actualizamos la tabla de miembros
 		$sql = "UPDATE members SET email_renewal='1' WHERE cod='".$fila['cod']."';";
-		mysql_query($sql,$link);
+		$link->query($sql);
 
 	}else{
 		//Notificamos al responsable
@@ -138,8 +138,8 @@
 		$mail->Subject = "Problem to send renewal notice e-mail";
 
 		$sql = "SELECT responsible FROM responsible WHERE area='renewal';";
-		$r_resp = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_resp)){
+		$r_resp = $link->query($sql);
+		while($aux = $r_resp->fetch_assoc()){
 			//Copia a responsables
 			$mail->AddAddress($aux['responsible']);
 		}
@@ -154,33 +154,33 @@
 	}	
 
 }
-mysql_free_result($result);
+$result->free();
 echo "<br>End of renewal notice";
 echo "<br><br>Begin of expiration notice";
 // ENVIO DE E-MAIL QUE HAN SIDO EXPIRADOS
 
 $sql = "SELECT * FROM members WHERE (UNIX_TIMESTAMP(renewal) - UNIX_TIMESTAMP(NOW())) < 0 AND email_expired='0';";
-$result = mysql_query($sql,$link);
-while($fila = mysql_fetch_assoc($result)){
+$result = $link->query($sql);
+while($fila = $result->fetch_assoc()){
 	$candado = false;
 	$mensaje = '';
 	$subject = '';
 	echo "<br>Expiration notice for: ".$fila['email'];
 	$language = datosreg($fila['language'],'language','language','cod');
 	//Buscamos la plantilla que le corresponda
 	$sql = "SELECT message, subject FROM messages WHERE type='expired' AND language='".$language."'";
-	$r_tmp = mysql_query($sql,$link);
+	$r_tmp = $link->query($sql);
 
-	if(mysql_num_rows($r_tmp)>0){
-		$f_tmp = mysql_fetch_assoc($r_tmp);
+	if($r_tmp->num_rows>0){
+		$f_tmp = $r_tmp->fetch_assoc();
 		$message = $f_tmp['message'];
 		$subject = $f_tmp['subject'];
 		if(trim($message) == ''){
 			$default_language = datosreg('1','language','language','vdefault');
 			$sql = "SELECT message, subject FROM messages WHERE type='expired' AND language='".$default_language."'";
-			$r2_tmp = mysql_query($sql,$link);
-			if(mysql_num_rows($r2_tmp)>0){
-				$f2_tmp = mysql_fetch_assoc($r2_tmp);
+			$r2_tmp = $link->query($sql);
+			if($r2_tmp->num_rows>0){
+				$f2_tmp = $r2_tmp->fetch_assoc();
 				$message = $f2_tmp['message'];
 				$subject = $f2_tmp['subject'];
 				if(trim($message) == ''){
@@ -201,9 +201,9 @@
 		//buscamos mensaje por defecto	
 		$default_language = datosreg('1','language','language','vdefault');
 		$sql = "SELECT message, subject FROM messages WHERE type='expired' AND language='".$default_language."'";
-		$r2_tmp = mysql_query($sql,$link);
-		if(mysql_num_rows($r2_tmp)>0){
-			$f2_tmp = mysql_fetch_assoc($r2_tmp);
+		$r2_tmp = $link->query($sql);
+		if($r2_tmp->num_rows>0){
+			$f2_tmp = $r2_tmp->fetch_assoc();
 			$message = $f2_tmp['message'];
 			$subject = $f2_tmp['subject'];
 			if(trim($message) == ''){
@@ -220,8 +220,8 @@
 
 	if($candado){
 		$sql = "DESCRIBE members";
-		$r_campos = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_campos)){
+		$r_campos = $link->query($sql);
+		while($aux = $r_campos->fetch_assoc()){
 			if($aux['Field']=="renewal"){
 				$message = str_replace("{{".$aux['Field']."}}", date("d/m/Y",strtotime($fila[$aux['Field']])), $message);
 			}elseif($aux['Field']=="quota"){
@@ -252,8 +252,8 @@
 		$mail->Subject = $subject;
 		$mail->AddAddress($fila['email']);
 		$sql = "SELECT responsible FROM responsible WHERE area='expired';";
-		$r_resp = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_resp)){
+		$r_resp = $link->query($sql);
+		while($aux = $r_resp->fetch_assoc()){
 			//Copia a responsables
 			$mail->AddBCC($aux['responsible']);
 		}
@@ -266,7 +266,7 @@
 		$mail->Send();
 		//Actualizamos la tabla de miembros
 		$sql = "UPDATE members SET email_expired='1', status='2' WHERE cod='".$fila['cod']."';";
-		mysql_query($sql,$link);
+		$link->query($sql);
 
 	}else{
 		//Notificamos al responsable
@@ -279,8 +279,8 @@
 		$mail->Subject = "Problem to send expiration notice e-mail";
 
 		$sql = "SELECT responsible FROM responsible WHERE area='renewal';";
-		$r_resp = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_resp)){
+		$r_resp = $link->query($sql);
+		while($aux = $r_resp->fetch_assoc()){
 			//Copia a responsables
 			$mail->AddAddress($aux['responsible']);
 		}
@@ -295,7 +295,7 @@
 	}	
 }
 echo "<br>End of expiration notice";
-mysql_free_result($result);
-mysql_close($link);
+$result->free();
+$link->close();
 
 ?>

form_member.php

@@ -24,7 +24,7 @@
 	$link = conectar();	
 	reset ($_POST);
 	while (list ($param, $val) = each ($_POST)) {
-	    $asignacion = "\$" . $param . "=mysql_real_escape_string(\$_POST['" . $param . "']);";
+	    $asignacion = "\$" . $param . "=$link->real_escape_string(\$_POST['" . $param . "']);";
     	eval($asignacion);
 	}
 	$renewal = str_replace('/','-',$renewal);
@@ -35,14 +35,14 @@
 		$vat = '';
 	}
 	$sql = "INSERT INTO members (name,surname,country,language,phone,email,renewal,quota,type,comment,status,date_arrival,institution,address,postal_code,vat) VALUES ('".$name."','".$surname."','".$country."','".$language."','".$phone."','".$email."','".date("Y-m-d",strtotime($renewal))."','".$quota."','".$type."','".$comment."','".$status."','".date("Y-m-d")."','".$institution."','".$address."','".$postal_code."','".$vat."');";
-	$result = mysql_query($sql,$link);
+	$result = $link->query($sql);
 	if (!$result) {									
-		die('Invalid query: Problems to insert data into the member table ' . mysql_error());	
+		die('Invalid query: Problems to insert data into the member table ' . $link->error);	
 	}
 
 	$sql = "SELECT max(cod) FROM members;";
-	$result = mysql_query($sql,$link);
-	$tmp_result = mysql_fetch_assoc($result);
+	$result = $link->query($sql);
+	$tmp_result = $result->fetch_assoc();
 	$cod_max = $tmp_result['max(cod)'];
 
 	/********************************************************************************************************/
@@ -51,18 +51,18 @@
 if($send_invoice =="YES"){	
 	$link = conectar2();
 	$sql = "SELECT body, footer, show_signature FROM invoice WHERE cod='1';";
-	$result_pdf = mysql_query($sql,$link);
-	$aux = mysql_fetch_assoc($result_pdf);
+	$result_pdf = $link->query($sql);
+	$aux = $result_pdf->fetch_assoc();
 	$message = $aux['body'];
 	$footer = quitar_html($aux['footer']);
 	$show_signature = ($aux['show_signature']=="YES")?(true):(false);
 	$sql = "SELECT * FROM members WHERE cod='".$cod_max."';";
-	$result_pdf = mysql_query($sql,$link);
-	$fila = mysql_fetch_assoc($result_pdf);
+	$result_pdf = $link->query($sql);
+	$fila = $result_pdf->fetch_assoc();
 	$sql = "DESCRIBE members";
-	$r_campos = mysql_query($sql,$link);
+	$r_campos = $link->query($sql);
 	$message = quitar_html($message);
-	while($aux = mysql_fetch_assoc($r_campos)){
+	while($aux = $r_campos->fetch_assoc()){
 		if($aux['Field']=="renewal"){
 			$message = str_replace("{{".$aux['Field']."}}", date("d/m/Y",strtotime($fila[$aux['Field']])), $message);
 		}elseif($aux['Field']=="quota"){
@@ -88,15 +88,15 @@
 	//echo $message;
 	$year = date("Y");
 	$sql = "SELECT max(num_invoice) AS num_invoice FROM invoices WHERE year='".$year."';";
-	$result = mysql_query($sql,$link);
-	$aux_invoice = mysql_fetch_assoc($result);
+	$result = $link->query($sql);
+	$aux_invoice = $result->fetch_assoc();
 	$num_invoice = ($aux_invoice['num_invoice']=='NULL')?('1'):($aux_invoice['num_invoice']+1);
 	//$num_invoice = datosreg('1','parametros','num_invoice','cod');
 
-	$sql = "INSERT INTO invoices (num_invoice,year,cod_member,message,quota,date) VALUES ('".$num_invoice."','".$year."','".$cod_max."','".mysql_real_escape_string($message)."','".$fila['quota']."','".date("Y-m-d")."');";
-	$result = mysql_query($sql,$link);
+	$sql = "INSERT INTO invoices (num_invoice,year,cod_member,message,quota,date) VALUES ('".$num_invoice."','".$year."','".$cod_max."','".$link->real_escape_string($message)."','".$fila['quota']."','".date("Y-m-d")."');";
+	$result = $link->query($sql);
 	if (!$result) {	
-		die('Invalid query 1: ' . mysql_error());	
+		die('Invalid query 1: ' . $link->error);	
 	}
 
 	//Crear el pdf que se enviará.
@@ -160,26 +160,26 @@ function Footer(){
 	$link = conectar();
 	$sql = "SELECT * FROM members WHERE cod='".$cod_max."';";
 	//echo $sql;
-	$result_tmp = mysql_query($sql,$link);
-	$fila = mysql_fetch_assoc($result_tmp);
+	$result_tmp = $link->query($sql);
+	$fila = $result_tmp->fetch_assoc();
 
 	//ENVIAR E-MAIL
 	$cod_language = $language;
 	$language = datosreg($cod_language,'language','language','cod');
 	//Buscamos la plantilla que le corresponda
 	$sql = "SELECT message, subject FROM messages WHERE type='welcome' AND language='".$language."'";
-	$r_tmp = mysql_query($sql,$link);
+	$r_tmp = $link->query($sql);
 
-	if(mysql_num_rows($r_tmp)>0){
-		$f_tmp = mysql_fetch_assoc($r_tmp);
+	if($r_tmp->num_rows>0){
+		$f_tmp = $r_tmp->fetch_assoc();
 		$message = $f_tmp['message'];
 		$subject = $f_tmp['subject'];
 		if(trim($message) == ''){
 			$default_language = datosreg('1','language','language','vdefault');
 			$sql = "SELECT message, subject FROM messages WHERE type='welcome' AND language='".$default_language."'";
-			$r2_tmp = mysql_query($sql,$link);
-			if(mysql_num_rows($r2_tmp)>0){
-				$f2_tmp = mysql_fetch_assoc($r2_tmp);
+			$r2_tmp = $link->query($sql);
+			if($r2_tmp->num_rows>0){
+				$f2_tmp = $r2_tmp->fetch_assoc();
 				$message = $f2_tmp['message'];
 				$subject = $f2_tmp['subject'];
 				if(trim($message) == ''){
@@ -200,9 +200,9 @@ function Footer(){
 		//buscamos mensaje por defecto	
 		$default_language = datosreg('1','language','language','vdefault');
 		$sql = "SELECT message, subject FROM messages WHERE type='welcome' AND language='".$default_language."'";
-		$r2_tmp = mysql_query($sql,$link);
-		if(mysql_num_rows($r2_tmp)>0){
-			$f2_tmp = mysql_fetch_assoc($r2_tmp);
+		$r2_tmp = $link->query($sql);
+		if($r2_tmp->num_rows>0){
+			$f2_tmp = $r2_tmp->fetch_assoc();
 			$message = $f2_tmp['message'];
 			$subject = $f2_tmp['subject'];
 			if(trim($message) == ''){
@@ -218,15 +218,15 @@ function Footer(){
 	}
 
 	$sql = "SELECT sender FROM parametros";
-	$result = mysql_query($sql,$link);
-	$row_sender = mysql_fetch_assoc($result);
+	$result = $link->query($sql);
+	$row_sender = $result->fetch_assoc();
 	$sender = $row_sender['sender'];
 
 
 	if($candado){
 		$sql = "DESCRIBE members";
-		$r_campos = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_campos)){
+		$r_campos = $link->query($sql);
+		while($aux = $r_campos->fetch_assoc()){
 			if($aux['Field']=="renewal"){
 				$message = str_replace("{{".$aux['Field']."}}", date("d/m/Y",strtotime($fila[$aux['Field']])), $message);
 			}elseif($aux['Field']=="quota"){
@@ -257,8 +257,8 @@ function Footer(){
 		$mail->Subject = $subject;
 		$mail->AddAddress($email);
 		/*$sql = "SELECT responsible FROM responsible WHERE area='renewal';";
-		$r_resp = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_resp)){
+		$r_resp = $link->query($sql);
+		while($aux = $r_resp->fetch_assoc()){
 			//Copia a responsables
 			$mail->AddBCC($aux['responsible']);
 		}
@@ -281,8 +281,8 @@ function Footer(){
 		$mail->Subject = "Problem to send welcome message e-mail";
 
 		$sql = "SELECT responsible FROM responsible WHERE area='renewal';";
-		$r_resp = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_resp)){
+		$r_resp = $link->query($sql);
+		while($aux = $r_resp->fetch_assoc()){
 			//Copia a responsables
 			$mail->AddAddress($aux['responsible']);
 		}
@@ -344,12 +344,7 @@ function Footer(){
 <!--[if IE]> <link rel="stylesheet" type="text/css" media="all" href="css/ie.css"/> <script src="js/html5.js"></script> <![endif]-->
 <!--Upgrade MSIE5.5-7 to be compatible with MSIE8: http://ie7-js.googlecode.com/svn/version/2.1(beta3)/IE8.js -->
 <!--[if lt IE 8]> <script src="js/IE8.js"></script> <![endif]-->
-<script type="text/javascript">
-	$(document).ready(function(){
-	/* setup navigation, content boxes, etc... */
-	Administry.setup();
-	}); 
-</script>
+
 
 <script src="js/jquery-ui.min.js" type="text/javascript"></script>
 <script type="text/javascript">
@@ -459,11 +454,11 @@ function Footer(){
 <?php
 $link = conectar();
 $sql = "SELECT * FROM country";
-$result = mysql_query($sql,$link);
-while($row = mysql_fetch_assoc($result)){
+$result = $link->query($sql);
+while($row = $result->fetch_assoc()){
 	echo '<option value="'.$row['iso'].'">'.$row['printable_name'].'</option>';
 }
-mysql_free_result($result);
+$result->free();
 ?>
 </select>
 </p>
@@ -475,11 +470,11 @@ function Footer(){
 <?php
 $link = conectar();
 $sql = "SELECT * FROM language WHERE active='1'";
-$result = mysql_query($sql,$link);
-while($row = mysql_fetch_assoc($result)){
+$result = $link->query($sql);
+while($row = $result->fetch_assoc()){
 	echo '<option value="'.$row['cod'].'">'.$row['language'].'</option>';
 }
-mysql_free_result($result);
+$result->free();
 ?>
 </select>
 </p>
@@ -497,7 +492,7 @@ function Footer(){
 <p>
 <label class="required" for="renewal">Renewal Date: (dd/mm/yyyy)</label>
 <br>
-<input id="renewal" class="hasDatepick" type="date" name="renewal" value="" placeholder="dd/mm/yyyy">
+<input id="renewal" type="text" name="renewal" value="" placeholder="dd/mm/yyyy">
 </p>
 <p>
 <label class="required" for="quota">Quota:</label>
@@ -516,11 +511,11 @@ function Footer(){
 <?php
 $link = conectar();
 $sql = "SELECT * FROM type_member";
-$result = mysql_query($sql,$link);
-while($row = mysql_fetch_assoc($result)){
+$result = $link->query($sql);
+while($row = $result->fetch_assoc()){
 	echo '<option value="'.$row['cod'].'">'.$row['name'].'</option>';
 }
-mysql_free_result($result);
+$result->free();
 ?>
 </select>
 </p>
@@ -554,11 +549,11 @@ function Footer(){
 <?php
 $link = conectar();
 $sql = "SELECT * FROM status";
-$result = mysql_query($sql,$link);
-while($row = mysql_fetch_assoc($result)){
+$result = $link->query($sql);
+while($row = $result->fetch_assoc()){
 	echo '<option value="'.$row['cod'].'">'.$row['status'].'</option>';
 }
-mysql_free_result($result);
+$result->free();
 ?>
 </select>
 </p>

funciones.php

@@ -11,7 +11,7 @@
 	$link = conectar();
 	reset ($_REQUEST);
 	while (list ($param, $val) = each ($_REQUEST)) {
-	    $asignacion = "\$" . $param . "=mysql_real_escape_string(\$_REQUEST['" . $param . "']);";
+	    $asignacion = "\$" . $param . "=$link->real_escape_string(\$_REQUEST['" . $param . "']);";
     	eval($asignacion);
 	}
 
@@ -58,12 +58,12 @@
 	$presql = "SELECT a.cod, a.num_invoice, a.year, a.date, b.name, b.surname, b.institution FROM invoices AS a, members AS b WHERE a.cod_member=b.cod AND".$filtro.";";
 	//echo $presql;
 
-	$result = mysql_query($presql,$link);
+	$result = $link->query($presql);
 	if (!$result) {
-		die('Invalid query: ' . mysql_error());
+		die('Invalid query: ' . $link->error);
 	}
 
-	$num_rows = mysql_num_rows($result);
+	$num_rows = $result->num_rows;
 	if($num_rows > 0){
 		$contenido = '<br /><div align="center">';
 		$contenido .= '<table class="stylized"  width="100%">';
@@ -91,7 +91,7 @@
 		<th class="option">Options</th>
 		</tr>';
 		$i = 0;
-		while($row = mysql_fetch_assoc($result)){
+		while($row = $result->fetch_assoc()){
 			$i += 1;
 			if($i%2==0){
 				$contenido .= '<tr class="campo2">';
@@ -117,8 +117,8 @@
 			}
 		$contenido .= '</table></div>';
 
-		mysql_free_result($result);
-		//mysql_free_result($result2);
+		$result->free();
+
 		echo json_encode(array("status"=>"true","contenido"=>$contenido ));		
 	}else{
 		echo json_encode(array("status"=>"false" ));		
@@ -129,7 +129,7 @@
 	$link = conectar();
 	reset ($_REQUEST);
 	while (list ($param, $val) = each ($_REQUEST)) {
-	    $asignacion = "\$" . $param . "=mysql_real_escape_string(\$_REQUEST['" . $param . "']);";
+	    $asignacion = "\$" . $param . "=$link->real_escape_string(\$_REQUEST['" . $param . "']);";
     	eval($asignacion);
 	}
 
@@ -177,12 +177,12 @@
 
 	//echo $presql;
 
-	$result = mysql_query($presql,$link);
+	$result = $link->query($presql);
 	if (!$result) {
-		die('Invalid query: ' . mysql_error());
+		die('Invalid query: ' . $link->error);
 	}
 
-	$num_rows = mysql_num_rows($result);
+	$num_rows = $result->num_rows;
 	if($num_rows > 0){
 		$contenido = '<br /><div align="center">';
 		$contenido .= '<table class="stylized"  width="100%">';
@@ -210,7 +210,7 @@
 		<th class="option">Options</th>
 		</tr>';
 		$i = 0;
-		while($row = mysql_fetch_assoc($result)){
+		while($row = $result->fetch_assoc()){
 			$i += 1;
 			if($i%2==0){
 				$contenido .= '<tr class="campo2">';
@@ -236,8 +236,7 @@
 			}
 		$contenido .= '</table></div>';
 
-		mysql_free_result($result);
-		//mysql_free_result($result2);
+		$result->free();
 		echo json_encode(array("status"=>"true","contenido"=>$contenido ));		
 	}else{
 		echo json_encode(array("status"=>"false" ));		
@@ -250,16 +249,16 @@
 	$cod = substr($_REQUEST['cod'],7);
 
 	$sql = "SELECT * FROM invoices WHERE cod='".$cod."';";
-	$result = mysql_query($sql,$link);
+	$result = $link->query($sql);
 	if (!$result) {	
 		echo json_encode(array("status"=>"false"));
-		die('Invalid query: ' . mysql_error());	
+		die('Invalid query: ' . $link->error);	
 	}else{
-		$aux = mysql_fetch_assoc($result);
+		$aux = $result->fetch_assoc();
 		$link = conectar2();
 		$sql = "SELECT footer, show_signature FROM invoice WHERE cod='1';";
-		$result = mysql_query($sql,$link);
-		$tmp_invoice = mysql_fetch_assoc($result);
+		$result = $link->query($sql);
+		$tmp_invoice = $result->fetch_assoc();
 
 		$num_invoice = $aux['num_invoice'];
 		$year = $aux['year'];
@@ -331,16 +330,16 @@ function Footer(){
 	$cod = substr($_REQUEST['cod'],7);
 
 	$sql = "SELECT * FROM invoices WHERE cod='".$cod."';";
-	$result = mysql_query($sql,$link);
+	$result = $link->query($sql);
 	if (!$result) {	
 		echo json_encode(array("status"=>"false"));
-		die('Invalid query: ' . mysql_error());	
+		die('Invalid query: ' . $link->error);	
 	}else{
-		$aux = mysql_fetch_assoc($result);
+		$aux = $result->fetch_assoc();
 		$link = conectar2();
 		$sql = "SELECT footer, show_signature FROM invoice WHERE cod='1';";
-		$result = mysql_query($sql,$link);
-		$tmp_invoice = mysql_fetch_assoc($result);
+		$result = $link->query($sql);
+		$tmp_invoice = $result->fetch_assoc();
 
 		$num_invoice = $aux['num_invoice'];
 		$year = $aux['year'];
@@ -407,27 +406,27 @@ function Footer(){
 	//ENVIAR E-MAIL
 	$link = conectar();
 	$sql = "SELECT * FROM members WHERE cod='".$cod_member."';";
-	$result = mysql_query($sql,$link);
+	$result = $link->query($sql);
 	if (!$result) {	
 		echo json_encode(array("status"=>"false"));
-		die('Invalid query: ' . mysql_error());	
+		die('Invalid query: ' . $link->error);	
 	}
-	$fila = mysql_fetch_assoc($result);
+	$fila = $result->fetch_assoc();
 	$language = datosreg($fila['language'],'language','language','cod');
 	//Buscamos la plantilla que le corresponda
 	$sql = "SELECT message, subject FROM messages WHERE type='invoice_forward' AND language='".$language."'";
-	$r_tmp = mysql_query($sql,$link);
+	$r_tmp = $link->query($sql);
 
-	if(mysql_num_rows($r_tmp)>0){
-		$f_tmp = mysql_fetch_assoc($r_tmp);
+	if($r_tmp->num_rows>0){
+		$f_tmp = $r_tmp->fetch_assoc();
 		$message = $f_tmp['message'];
 		$subject = $f_tmp['subject'];
 		if(trim($message) == ''){
 			$default_language = datosreg('1','language','language','vdefault');
 			$sql = "SELECT message, subject FROM messages WHERE type='invoice_forward' AND language='".$default_language."'";
-			$r2_tmp = mysql_query($sql,$link);
-			if(mysql_num_rows($r2_tmp)>0){
-				$f2_tmp = mysql_fetch_assoc($r2_tmp);
+			$r2_tmp = $link->query($sql);
+			if($r2_tmp->num_rows>0){
+				$f2_tmp = $r2_tmp->fetch_assoc();
 				$message = $f2_tmp['message'];
 				$subject = $f2_tmp['subject'];
 				if(trim($message) == ''){
@@ -448,9 +447,9 @@ function Footer(){
 		//buscamos mensaje por defecto	
 		$default_language = datosreg('1','language','language','vdefault');
 		$sql = "SELECT message, subject FROM messages WHERE type='invoice_forward' AND language='".$default_language."'";
-		$r2_tmp = mysql_query($sql,$link);
-		if(mysql_num_rows($r2_tmp)>0){
-			$f2_tmp = mysql_fetch_assoc($r2_tmp);
+		$r2_tmp = $link->query($sql);
+		if($r2_tmp->num_rows>0){
+			$f2_tmp = $r2_tmp->fetch_assoc();
 			$message = $f2_tmp['message'];
 			$subject = $f2_tmp['subject'];
 			if(trim($message) == ''){
@@ -466,14 +465,14 @@ function Footer(){
 	}
 
 	$sql = "SELECT sender FROM parametros";
-	$result = mysql_query($sql,$link);
-	$row_sender = mysql_fetch_assoc($result);
+	$result = $link->query($sql);
+	$row_sender = $result->fetch_assoc();
 	$sender = $row_sender['sender'];
 
 	if($candado){
 		$sql = "DESCRIBE members";
-		$r_campos = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_campos)){
+		$r_campos = $link->query($sql);
+		while($aux = $r_campos->fetch_assoc()){
 			if($aux['Field']=="renewal"){
 				$message = str_replace("{{".$aux['Field']."}}", date("d/m/Y",strtotime($fila[$aux['Field']])), $message);
 			}elseif($aux['Field']=="quota"){
@@ -522,8 +521,8 @@ function Footer(){
 		$mail->Subject = "Problem to send renewed notice e-mail";
 
 		$sql = "SELECT responsible FROM responsible WHERE area='renewal';";
-		$r_resp = mysql_query($sql,$link);
-		while($aux = mysql_fetch_assoc($r_resp)){
+		$r_resp = $link->query($sql);
+		while($aux = $r_resp->fetch_assoc()){
 			//Copia a responsables
 			$mail->AddAddress($aux['responsible']);
 		}
@@ -547,14 +546,14 @@ function Footer(){
 
 	$presql = "DELETE FROM invoices WHERE cod ='".$cod."';";
 
-	$result = mysql_query($presql,$link);
+	$result = $link->query($presql);
 	if (!$result) {
 		echo json_encode(array("status"=>"false"));
-		die('Invalid query: ' . mysql_error());
+		die('Invalid query: ' . $link->error);
 	}
 	echo json_encode(array("status"=>"true","cod"=>"invoice".$cod));
 
-	mysql_close($link);
+	$link->close();
 }
 
 ?>

funciones/configuracion_invoice.php

@@ -158,21 +158,21 @@
 	global $saltt;
 
 	$sql = "UPDATE users SET pass='".sha1($saltt.md5($pass))."' WHERE email='".$correo."';";
-	$result2 = mysql_query($sql,$link);
+	$result2 = $link->query($sql);
 	if (!$result2) {
-		die('Invalid query: ' . mysql_error());
+		die('Invalid query: ' . $link->error);
 		$contenido = "Error update password";
 		echo json_encode(array("status"=>"false","contenido"=>$contenido ));	
 	}
 
 	$presql = "SELECT * FROM users WHERE email='".$correo."'";
-	$result = mysql_query($presql,$link);
+	$result = $link->query($presql);
 	if (!$result) {
-		die('Invalid query: ' . mysql_error());
+		die('Invalid query: ' . $link->error);
 	}
-	$num_rows = mysql_num_rows($result);
+	$num_rows = $result->num_rows;
 	if($num_rows > 0){
-		$row = mysql_fetch_assoc($result);
+		$row = $result->fetch_assoc();
 		//Mandar correo con nueva clave
 		//Email para el usuario de confirmación de pedido
 		$mail = new PHPMailer();

funciones/configuracion_searcher.php

@@ -28,8 +28,8 @@
 }else{
 	$link = conectar();
 	$sql =  "SELECT * FROM users WHERE cod='".$candado[1]."';";
-	$result = mysql_query($sql,$link);
-	if(mysql_num_rows($result)==0){
+	$result = $link->query($sql);
+	if($result->num_rows==0){
 		$_SESSION['tipo']= 'invitado';
 		header('Location: http://'.$_SERVER['SERVER_NAME'].'/login');
 	}
@@ -261,16 +261,16 @@ function(data){
 <tbody>
 <?php
 $link = conectar();
-$result_num = mysql_query("SELECT count('cod') AS num FROM members",$link);
-$tmp = mysql_fetch_assoc($result_num);
+$result_num = $link->query("SELECT count('cod') AS num FROM members");
+$tmp = $result_num->fetch_assoc();
 $num_members = $tmp['num'];
 $estilo = array("progress-green","progress-blue","progress-red");
 $sql = "SELECT * FROM status";
-$result = mysql_query($sql,$link);
+$result = $link->query($sql);
 $i = 0;
-while ($tmp_status = mysql_fetch_assoc($result)){
-	$result_num = mysql_query("SELECT count('cod') AS num FROM members WHERE status='".$tmp_status['cod']."'",$link);
-	$tmp = mysql_fetch_assoc($result_num);
+while ($tmp_status = $result->fetch_assoc()){
+	$result_num = $link->query("SELECT count('cod') AS num FROM members WHERE status='".$tmp_status['cod']."'");
+	$tmp = $result_num->fetch_assoc();
 	$num_status = $tmp['num'];
 	echo '<tr>';
 	echo '<td>'.$tmp_status['status'].'</td>';
@@ -305,8 +305,8 @@ function(data){
 <tbody>
 <?php
 $sql = "SELECT COUNT(*) AS cuenta, SUM(quota) AS suma FROM members WHERE date_arrival > '".date("Y-m")."-01'";
-$result = mysql_query($sql,$link);
-$aux = mysql_fetch_assoc($result);
+$result = $link->query($sql);
+$aux = $result->fetch_assoc();
 ?>
 <tr>
 <td>New inscriptions this month</td>
@@ -317,8 +317,8 @@ function(data){
 </tr>
 <?php
 $sql = "SELECT COUNT(*) AS cuenta, SUM(quota) AS suma FROM members WHERE date_arrival > '".date("Y")."-01-01'";
-$result = mysql_query($sql,$link);
-$aux = mysql_fetch_assoc($result);
+$result = $link->query($sql);
+$aux = $result->fetch_assoc();
 ?>
 <tr>
 <td>New inscriptions this year</td>
@@ -329,8 +329,8 @@ function(data){
 </tr>
 <?php
 $sql = "SELECT COUNT(*) AS cuenta, SUM(quota) AS suma FROM members WHERE mark_renewal > '".date("Y-m")."-01'";
-$result = mysql_query($sql,$link);
-$aux = mysql_fetch_assoc($result);
+$result = $link->query($sql);
+$aux = $result->fetch_assoc();
 ?>
 <tr>
 <td>Renovations this month</td>
@@ -341,8 +341,8 @@ function(data){
 </tr>
 <?php
 $sql = "SELECT COUNT(*) AS cuenta, SUM(quota) AS suma FROM members WHERE mark_renewal > '".date("Y")."-01-01'";
-$result = mysql_query($sql,$link);
-$aux = mysql_fetch_assoc($result);
+$result = $link->query($sql);
+$aux = $result->fetch_assoc();
 ?>
 <tr>
 <td>Renovations this year</td>
@@ -359,22 +359,22 @@ function(data){
 
 <?php 
 $sql = "SELECT * FROM members WHERE email_renewal='1';";
-$result = mysql_query($sql,$link);
+$result = $link->query($sql);
 ?>
 <div class="colgroup leading">
 <div class="width6">
 <h4>
 Member renewal notice:
-<a href="#"><?php echo mysql_num_rows($result); ?></a>
+<a href="#"><?php echo $result->num_rows; ?></a>
 </h4>
 <hr>
 <?php 
-if(mysql_num_rows($result)>0){
+if($result->num_rows>0){
 	echo '<div id="result_searcher" align="center">';
 	echo '<table class="stylized"  width="100%">';
 	echo '<tr><th>N</th><th class="name">Name</th><th class="surname">Surname</th><th class="email">E-mail</th><th class="renewal">Renewal</th><th class="option">Options</th></tr>';
 	$i = 0;
-	while($row = mysql_fetch_assoc($result)){
+	while($row = $result->fetch_assoc()){
 		$i += 1;
 		if($i%2==0){
 			echo '<tr class="campo2">';
@@ -394,8 +394,7 @@ function(data){
 		echo '</tr>';
 		}
 	echo '</table></div>';
-			
-	mysql_free_result($result);
+	$result->free_result();
 }
 ?>
 </div>

funciones/configuracion_setting.php

@@ -157,7 +157,7 @@ Administry.videoSupport = function (wrapper, videoURL, width, height) {
 }
 
 // dateInput() - <input type="date"> support with fallback
-Administry.dateInput = function (e) {
+/*Administry.dateInput = function (e) {
 	var i = document.createElement("input"); 
 	i.setAttribute("type", "date");
 	if (i.type == "text") {
@@ -166,6 +166,7 @@ Administry.dateInput = function (e) {
 		$(e).datepick(); 
 	}    
 }
+*/
 
 // expandableRows() - expandable table rows
 Administry.expandableRows = function () {

funciones/configuracion_usuario.php

@@ -16,6 +16,7 @@ $(document).ready(function(){
 		var alta_ini = $("#arrival_ini").attr("value").replace(/\//g, '-');
 		var alta_fin = $("#arrival_fin").attr("value").replace(/\//g, '-');
 		$("#result_searcher").html('<div class="center"><br /><img src="images/loadingAnimation.gif" alt="cargando" /></div>');
+		$("#result_edit").html('');
 		$.post("funciones/configuracion_searcher.php",{tab:"buscar",name:nombre,surname:apellidos,email:vemail,country:pais,phone:telefono,quota:vquota,type:tipo,status:estado,language:lenguaje,renewal_ini:renovacion_ini,renewal_fin:renovacion_fin,arrival_ini:alta_ini,arrival_fin:alta_fin},mostrarBusqueda, "json"); 
 
 		return false;  
@@ -162,6 +163,7 @@ function Editarusuario()
 		var vorden = "ASC";
 		var vcampo = $(this).parent().attr("class");
 		$("#result_searcher").html('<div class="center"><br /><img src="images/loadingAnimation.gif" alt="cargando" /></div>');
+		$("#result_edit").html('');
 		$.post("funciones/configuracion_searcher.php",{tab:"buscar_ordenado",name:nombre,surname:apellidos,email:vemail,country:pais,phone:telefono,quota:vquota,type:tipo,status:estado,language:lenguaje,renewal_ini:renovacion_ini,renewal_fin:renovacion_fin,arrival_ini:alta_ini,arrival_fin:alta_fin,orden:vorden,campo:vcampo},mostrarBusqueda, "json"); 
 		e.preventDefault();
 	  	e.stopPropagation();
@@ -184,6 +186,7 @@ function Editarusuario()
 		var vorden = "DESC";
 		var vcampo = $(this).parent().attr("class");
 		$("#result_searcher").html('<div class="center"><br /><img src="images/loadingAnimation.gif" alt="cargando" /></div>');
+		$("#result_edit").html('');
 		$.post("funciones/configuracion_searcher.php",{tab:"buscar_ordenado",name:nombre,surname:apellidos,email:vemail,country:pais,phone:telefono,quota:vquota,type:tipo,status:estado,language:lenguaje,renewal_ini:renovacion_ini,renewal_fin:renovacion_fin,arrival_ini:alta_ini,arrival_fin:alta_fin,orden:vorden,campo:vcampo},mostrarBusqueda, "json");
 		e.preventDefault();
 	  	e.stopPropagation();

index.php

@@ -18,6 +18,7 @@
 	$_SESSION['tipo']= 'invitado';
 }
 */
+//echo $_SERVER['SERVER_NAME'];
 if(isset($_POST['username']) && isset($_POST['password'])){
 	if(login($_POST['username'],$_POST['password'],isset($_POST['loginkeeping']))==1){
 		header('Location: http://'.$_SERVER['SERVER_NAME'].'/index.php');	  

js/administry.js

@@ -1,6 +1,18 @@
 <?php
-	session_start();
+require 'funciones.php';
+session_start();
+if(isset($_SESSION['codusuario'])){
+	session_unset($_SESSION['codusuario']);
+	session_unset($_SESSION['usuario']);
+	session_unset($_SESSION['name']);
+	session_unset($_SESSION['last_login']);
+	session_unset($_SESSION['actual_login']);
+	session_unset($_SESSION['last_ip']);
+	session_unset($_SESSION['ip']);
+	session_unset($_SESSION['email']);
 	session_destroy();
-	setCookie("identificado",$cookie,time()-3600,'/'); //cookie 6min
-	header('Location: http://'.$_SERVER['SERVER_NAME']);
+}
+setCookie("identificado",0,time()-2592000,'/'); //cookie 60min
+session_write_close();
+header('Location: http://'.$_SERVER['SERVER_NAME']);
 ?>

js/conf_searcher.js

@@ -21,16 +21,16 @@
     <?php
 	$link = conectar();
 	$sql = "SELECT * FROM links";
-    $result_link = mysql_query($sql,$link);
-	while($aux_link = mysql_fetch_assoc($result_link)){
+    $result_link = $link->query($sql);
+	while($aux_link = $result_link->fetch_assoc()){
 		echo '<dl>';
 		echo '<dt>'.$aux_link['title'].'</dt>';
 		echo '<dd>';
 		$enlace = (strpos($aux_link['enlace'],'http') === false)?('http://'.$aux_link['enlace']):($aux_link['enlace']);
 		echo '<a href="'.$enlace.'">'.$aux_link['description'].'</a>';
 		echo '</dd>';
 	}
-    mysql_free_result($result_link);
+    $result_link->free();
 	?>    
     </dl>
     </section>

login.php

@@ -133,8 +133,8 @@ function(data){
 <section class="column width6 first">
 		<?php 
 		$sql = "SELECT * FROM users WHERE cod='".$_SESSION['codusuario']."';";
-		$result = mysql_query($sql,$link);
-		$row = mysql_fetch_assoc($result);
+		$result = $link->query($sql);
+		$row = $result->fetch_assoc();
         echo '<h3>Form edit user</h3>';
 		echo '<div class="box box-info">If the password is blank, will not change the current password</div>';
 		echo '<form id="user_edit" action="#" method="post"><fieldset>';

logout.php

@@ -140,15 +140,15 @@
 			$link = conectar();
 			$sql = "SELECT * FROM country";
 			echo '<option value=""></option>';
-			$result = mysql_query($sql,$link);
+			$result = $link->query($sql);
 			if(!$result){
-				die('Invalid query: ' . mysql_error());
+				die('Invalid query: ' . $link->error);
 			}
-			while($row = mysql_fetch_assoc($result)){
+			while($row = $result->fetch_assoc()){
 				echo '<option value="'.$row['iso'].'" style="max-width:200px">'.$row['name'].'</option>';
 			}
-			mysql_free_result($result);
-			mysql_close($link);
+			$result->free_result();
+			$result->close();
 			?>
         </select>
         Phone: <input type="text" name="phone" id="phone" size="17" />
@@ -160,32 +160,32 @@
        		$link = conectar();
 			$sql = "SELECT * FROM type_member";
 			echo '<option value=""></option>';
-			$result = mysql_query($sql,$link);
+			$result = $link->query($sql);
 			if(!$result){
-				die('Invalid query: ' . mysql_error());
+				die('Invalid query: ' . $link->error);
 			}
-			while($row = mysql_fetch_assoc($result)){
+			while($row = $result->fetch_assoc()){
 				echo '<option value="'.$row['cod'].'" style="max-width:200px">'.$row['name'].'</option>';
 			}
-			mysql_free_result($result);
-			mysql_close($link);
+			$result->free_result();
+			$result->close();
     	?>
         </select>
         Status: 
         <select name="status" id="status">
         <?php 
 		$link = conectar();
 		$sql = "SELECT * FROM status";
-		$result = mysql_query($sql,$link);	
+		$result = $link->query($sql);	
 		if (!$result) {									
-			die('Invalid query2: ' . mysql_error());	
+			die('Invalid query2: ' . $link->error);	
 		}
 		echo '<option value="" selected="selected"></option>';
-		while($row = mysql_fetch_assoc($result)){
+		while($row = $result->fetch_assoc()){
 			echo '<option value="'.$row['cod'].'">'.$row['status'].'</option>';
 		}
-   	 	mysql_free_result($result);
-    	mysql_close($link);
+   	 	$result->free_result();
+    	$result->close();
     	?>
         </select>
     	Language:
@@ -194,32 +194,32 @@
 		echo '<option value="" selected="selected"></option>';
 		$link = conectar();
 		$sql = "SELECT * FROM language WHERE active='1' ORDER BY language ASC";
-		$result = mysql_query($sql,$link);	
+		$result = $link->query($sql);	
 		if (!$result) {									
-			die('Invalid query2: ' . mysql_error());	
+			die('Invalid query2: ' . $link->error);	
 		}
-		while($row = mysql_fetch_assoc($result)){
+		while($row = $result->fetch_assoc()){
 			echo '<option value="'.$row['cod'].'">'.$row['language'].'</option>';
 		}
-		mysql_free_result($result);
-		mysql_close($link);
+		$result->free_result();
+		$result->close();
    		?>
         </select>
         <br /><br />
         Date renewal between:
-        <input type="date" name="renewal_ini" id="renewal_ini" placeholder="dd/mm/yyyy" />
+        <input type="text" name="renewal_ini" id="renewal_ini" placeholder="dd/mm/yyyy" />
         &nbsp;&nbsp; to &nbsp;&nbsp;
-        <input type="date" name="renewal_fin" id="renewal_fin" placeholder="dd/mm/yyyy" />
+        <input type="text" name="renewal_fin" id="renewal_fin" placeholder="dd/mm/yyyy" />
         <?php
         if(Comprobariexplorer($_SERVER['HTTP_USER_AGENT'])){
         	echo '&nbsp;&nbsp;(dd/mm/yyyy)';
         }
 		?>
         <br /><br />
         &nbsp;&nbsp;Date arrival between: &nbsp;
-        <input type="date" name="arrival_ini" id="arrival_ini" placeholder="dd/mm/yyyy" />
+        <input type="text" name="arrival_ini" id="arrival_ini" placeholder="dd/mm/yyyy" />
         &nbsp;&nbsp; to &nbsp;&nbsp;
-        <input type="date" name="arrival_fin" id="arrival_fin" placeholder="dd/mm/yyyy" />
+        <input type="text" name="arrival_fin" id="arrival_fin" placeholder="dd/mm/yyyy" />
          <?php
         if(Comprobariexplorer($_SERVER['HTTP_USER_AGENT'])){
         	echo '&nbsp;&nbsp;(dd/mm/yyyy)';

menu/right-menu.php

@@ -19,12 +19,13 @@
 echo "</pre>";
 */
 if(isset($_POST['sendform'])){
-	$mbody = mysql_real_escape_string($_POST['mbody']);
-	$mfooter = mysql_real_escape_string($_POST['footer']);
-	$show = ($_POST['show_signature']=="YES")?("YES"):("NO");
 	$link = conectar();
+	$mbody = $link->real_escape_string($_POST['mbody']);
+	$mfooter = $link->real_escape_string($_POST['footer']);
+	$show = ($_POST['show_signature']=="YES")?("YES"):("NO");
+	
 	$sql = "UPDATE invoice SET body='".$mbody."', footer='".$mfooter."', show_signature='".$show."' WHERE cod='1';";
-	$result = mysql_query($sql,$link);
+	$result = $link->query($sql);
 
 	//Gestion de imagenes
 	/* =========================== Procedemos a subir los archivos =========================== */
@@ -205,11 +206,11 @@
     <?php
 	$link = conectar();
 	$sql = "SELECT * FROM language WHERE active='1'";
-	$result = mysql_query($sql,$link);
-	while($row = mysql_fetch_assoc($result)){
+	$result = $link->query($sql);
+	while($row = $result->fetch_assoc()){
 		echo "<option id='".$row['cod']."'>".$row['language']."</option>";
 	}
-	mysql_free_result($result);
+	$result->free_result();
 	?>
 </select>
 <div id="result_message"></div>
@@ -220,8 +221,8 @@
 <form id="form_invoice" method="post" action="setting" enctype="multipart/form-data">
 <?php
 $sql = "SELECT * FROM invoice;";
-$result = mysql_query($sql,$link);
-$row = mysql_fetch_assoc($result);
+$result = $link->query($sql);
+$row = $result->fetch_assoc();
 echo '<h4>Header:</h4>';
 echo '<img src="images/pdf_invoices/logo.png" alt="logo header" /><br><br>';
 echo 'If you want to change the logo, select a new image: ';
@@ -236,10 +237,10 @@
 echo '</div>';
 echo '<div style="float:left;width:20%;text-align:center;">';
 $sql = "DESCRIBE members";
-$rs = mysql_query($sql,$link);
+$rs = $link->query($sql);
 echo "<br>";
-echo "<select id='field_invoice' size='".(mysql_num_rows($rs)-4)."'>";
-while($fila = mysql_fetch_assoc($rs)){
+echo "<select id='field_invoice' size='".($rs->num_rows-4)."'>";
+while($fila = $rs->fetch_assoc()){
 	if($fila['Field']!='cod' && $fila['Field']!='mark_renewal' && $fila['Field']!='email_renewal' && $fila['Field']!='email_expired'){
 		echo "<option value='".$fila['Field']."'>".$fila['Field']."</option>";
 	}
@@ -270,15 +271,15 @@
 <?php
 $link = conectar();
 $sql = "SELECT * FROM links;";
-$result = mysql_query($sql,$link);
-if(mysql_affected_rows()<=0){
+$result = $link->query($sql);
+if($link->affected_rows<=0){
 	//No hay registros
 	echo 'No links';
 }else{
 	//Mostrar la tabla
 	echo '<table class="stylized" id="tbl_links" width="100%">';
 	echo '<tr><th>Title</th><th>Description</th><th class="ta-center">Options</th></tr>';
-	while($row = mysql_fetch_assoc($result)){
+	while($row = $result->fetch_assoc()){
 		echo '<tr><td>'.$row['title'].'</td>';
 		echo '<td>'.$row['description'].'</td>';
 		echo '<td id="link'.$row['cod'].'" class="ta-center">';
@@ -306,12 +307,12 @@
 <?php
 $link = conectar();
 $sql = "SELECT * FROM language WHERE active='0';";
-$result = mysql_query($sql,$link);
+$result = $link->query($sql);
 echo "<select id='lang_disp' size='10' style='width:100%'>";
-while($fila = mysql_fetch_assoc($result)){
+while($fila = $result->fetch_assoc()){
 	echo "<option value='".$fila['cod']."'>".$fila['language']."</option>";
 }
-mysql_free_result($result);
+$result->free_result();
 echo "</select>";
 ?>
 </td>
@@ -323,12 +324,12 @@
 <?php
 $link = conectar();
 $sql = "SELECT * FROM language WHERE active='1';";
-$result = mysql_query($sql,$link);
+$result = $link->query($sql);
 echo "<select id='lang_acti' size='10' style='width:100%'>";
-while($fila = mysql_fetch_assoc($result)){
+while($fila = $result->fetch_assoc()){
 	echo "<option value='".$fila['cod']."'>".$fila['language']."</option>";
 }
-mysql_free_result($result);
+$result->free_result();
 echo "</select>";
 ?>
 </td>
@@ -341,36 +342,39 @@
 <?php 
 $link = conectar();
 $sql = "SELECT * FROM language WHERE active='1';";
-$result = mysql_query($sql,$link);
-while($fila = mysql_fetch_assoc($result)){
+$result = $link->query($sql);
+while($fila = $result->fetch_assoc()){
 	if($fila['vdefault'] == '1'){
 		echo "<option value='".$fila['cod']."' selected='selected'>".$fila['language']."</option>";
 	}else{
 		echo "<option value='".$fila['cod']."'>".$fila['language']."</option>";
 	}
 }
-mysql_free_result($result);
+$result->free_result();
 ?>
 </select>
 <div id="mslang" style="display:inline-block; margin: 0 0 0 15px;"></div>
 <br>
 <h4>Renewal Notice:</h4>
 <?php 
 $sql = "SELECT notice_renewal FROM parametros;";
-$result = mysql_query($sql,$link);
-$valor = mysql_result($result,0);
+$result = $link->query($sql);
+$tmp_aux = $result->fetch_assoc();
+$valor = $tmp_aux['notice_renewal'];
+
 echo '<input type="number" id="avisorenovacion" value="'.$valor.'" class="ta-center" style="width: 50px;"> days to send notification by e-mail.';
-mysql_free_result($result);
+$result->free_result();
 ?>
 <br>
 
 <h4>Sender's e-mail:</h4>
 <?php 
 $sql = "SELECT sender FROM parametros;";
-$result = mysql_query($sql,$link);
-$valor = mysql_result($result,0);
+$result = $link->query($sql);
+$tmp_aux = $result->fetch_assoc();
+$valor = $tmp_aux['sender'];
 echo 'E-mail sender automated mails: <input type="text" id="senderemail" value="'.$valor.'" class="half">';
-mysql_free_result($result);
+$result->free_result();
 ?>
 <br>
 
@@ -379,17 +383,17 @@
 <?php
 $link = conectar();
 $sql = "SELECT * FROM responsible WHERE area='renewal'";
-$result = mysql_query($sql,$link);
+$result = $link->query($sql);
 echo '<div id="result_renewal" align="center">';
-if(mysql_affected_rows()<=0){
+if($link->affected_rows<=0){
 	//No hay registros
 	echo '<input type="text" id="emailresponsible_ren" > &nbsp;&nbsp;';
 	echo '<input type="button" class="btn btn-blue" id="add_email_responsible_ren" value="Add e-mail">';
 }else{
 	//Mostrar la tabla
 	echo '<table class="stylized" id="resp_renewal_email" width="60%">';
 	echo '<tr><th>E-mail</th><th class="ta-center">Options</th></tr>';
-	while($row = mysql_fetch_assoc($result)){
+	while($row = $result->fetch_assoc()){
 		echo '<tr><td>'.$row['responsible'].'</td>';
 		echo '<td id="resp'.$row['cod'].'" class="ta-center">';
 		echo '<a href="#" title="Delete" class="icon-elim"><img src="images/delete.png" /></a>';
@@ -409,17 +413,17 @@
 <?php
 $link = conectar();
 $sql = "SELECT * FROM responsible WHERE area='expired'";
-$result = mysql_query($sql,$link);
+$result = $link->query($sql);
 echo '<div id="result_expired" align="center">';
-if(mysql_affected_rows()<=0){
+if($link->affected_rows<=0){
 	//No hay registros
 	echo '<input type="text" id="emailresponsible_exp" > &nbsp;&nbsp;';
 	echo '<input type="button" class="btn btn-blue" id="add_email_responsible_exp" value="Add e-mail">';
 }else{
 	//Mostrar la tabla
 	echo '<table class="stylized" id="resp_expired_email" width="60%">';
 	echo '<tr><th>E-mail</th><th class="ta-center">Options</th></tr>';
-	while($row = mysql_fetch_assoc($result)){
+	while($row = $result->fetch_assoc()){
 		echo '<tr><td>'.$row['responsible'].'</td>';
 		echo '<td id="resp'.$row['cod'].'" class="ta-center">';
 		echo '<a href="#" title="Delete" class="icon-elim"><img src="images/delete.png" /></a>';
@@ -438,17 +442,17 @@
 <?php
 $link = conectar();
 $sql = "SELECT * FROM type_member;";
-$result = mysql_query($sql,$link);
+$result = $link->query($sql);
 echo '<div id="result_type" align="center">';
-if(mysql_affected_rows()<=0){
+if($link->affected_rows<=0){
 	//No hay registros
 	echo '<input type="text" id="typemembervalue" > &nbsp;&nbsp;';
 	echo '<input type="button" class="btn btn-blue" id="add_new_type" value="Add type">';
 }else{
 	//Mostrar la tabla
 	echo '<table class="stylized" id="resp_type" width="60%">';
 	echo '<tr><th>E-mail</th><th class="ta-center">Options</th></tr>';
-	while($row = mysql_fetch_assoc($result)){
+	while($row = $result->fetch_assoc()){
 		echo '<tr><td>'.$row['name'].'</td>';
 		echo '<td id="type'.$row['cod'].'" class="ta-center">';
 		echo '<a href="#" title="Delete" class="icon-elim-type"><img src="images/delete.png" /></a>';