The adoption of new and more secure systems for the development of applications implies the upgrade of the old programming languages. This is the case of PHP, the fifth version of which is going towards the end of the support. The new release improves different aspects but also removes the old deprecated MySQL extension, supporting only the newer libraries of functions for the connection to the databases. The already existent projects therefore must be renewed to conform to the new language version. Moreover, the conversion of the source code, to be more safe against the possibility of injections, should also involve the transformation of the query code to support the prepared statement technique. The simple manual implementation of the changes to translate large projects might be too long and expensive or even unfeasible. Instead a specific tool that automatically applies the transformation rules should achieve this task, obtaining the conversion in a reasonable way. The purpose of the present thesis is then the identification of the methods for converting the old PHP source code to support the new PDO framework. Thus various conversion techniques are analysed to find out the best procedure that correctly obtain the wanted results. The elements to be updated are collected and elaborated to create a universal processing scheme. Finally, the resulting programmed tool is executed with different example codes to prove the capabilities of the developed product.

MySQL extension automatic porting to PDO for PHP migration and security improvement

Mondin, Fabio
2017/2018

Abstract

The adoption of new and more secure systems for the development of applications implies the upgrade of the old programming languages. This is the case of PHP, the fifth version of which is going towards the end of the support. The new release improves different aspects but also removes the old deprecated MySQL extension, supporting only the newer libraries of functions for the connection to the databases. The already existent projects therefore must be renewed to conform to the new language version. Moreover, the conversion of the source code, to be more safe against the possibility of injections, should also involve the transformation of the query code to support the prepared statement technique. The simple manual implementation of the changes to translate large projects might be too long and expensive or even unfeasible. Instead a specific tool that automatically applies the transformation rules should achieve this task, obtaining the conversion in a reasonable way. The purpose of the present thesis is then the identification of the methods for converting the old PHP source code to support the new PDO framework. Thus various conversion techniques are analysed to find out the best procedure that correctly obtain the wanted results. The elements to be updated are collected and elaborated to create a universal processing scheme. Finally, the resulting programmed tool is executed with different example codes to prove the capabilities of the developed product.
2017-10-26
File in questo prodotto:
File Dimensione Formato  
843351-1212240.pdf

non disponibili

Tipologia: Altro materiale allegato
Dimensione 2.03 MB
Formato Adobe PDF
2.03 MB Adobe PDF

I documenti in UNITESI sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14247/17356