Merge branch 'bug-1444' into test2-1260
authorBernhard Fröhlich <bernhard@cacert.org>
Sun, 25 Nov 2018 20:59:14 +0000 (21:59 +0100)
committerBernhard Fröhlich <bernhard@cacert.org>
Sun, 25 Nov 2018 20:59:14 +0000 (21:59 +0100)
# Conflicts:
# includes/account_stuff.php
# includes/general_stuff.php
# pages/account/12.php
# pages/account/13.php
# pages/account/18.php
# pages/account/2.php
# pages/account/26.php
# pages/account/27.php
# pages/account/28.php
# pages/account/29.php
# pages/account/3.php
# pages/account/30.php
# pages/account/31.php
# pages/account/32.php
# pages/account/33.php
# pages/account/34.php
# pages/account/41.php
# pages/account/43.php
# pages/account/49.php
# pages/account/5.php
# pages/account/51.php
# pages/account/53.php
# pages/account/54.php
# pages/account/56.php
# pages/account/58.php
# pages/account/59.php
# pages/account/9.php
# pages/gpg/2.php
# pages/wot/10.php
# pages/wot/9.php
# www/rss.php
# www/sqldump.php

110 files changed:
1  2 
includes/account.php
includes/account_stuff.php
includes/general.php
includes/general_stuff.php
includes/lib/general.php
includes/loggedin.php
includes/mysql.php.sample
includes/notary.inc.php
pages/account/12.php
pages/account/13.php
pages/account/15.php
pages/account/18.php
pages/account/19.php
pages/account/2.php
pages/account/22.php
pages/account/23.php
pages/account/25.php
pages/account/26.php
pages/account/27.php
pages/account/28.php
pages/account/29.php
pages/account/3.php
pages/account/30.php
pages/account/31.php
pages/account/32.php
pages/account/33.php
pages/account/34.php
pages/account/35.php
pages/account/41.php
pages/account/43.php
pages/account/49.php
pages/account/5.php
pages/account/51.php
pages/account/52.php
pages/account/53.php
pages/account/54.php
pages/account/55.php
pages/account/56.php
pages/account/57.php
pages/account/58.php
pages/account/59.php
pages/account/6.php
pages/account/9.php
pages/advertising/0.php
pages/gpg/2.php
pages/gpg/3.php
pages/wot/1.php
pages/wot/10.php
pages/wot/12.php
pages/wot/13.php
pages/wot/9.php
scripts/49de-lt2013-berlin-mail.php.txt
scripts/50de-ate-luebeck-mail.php.txt
scripts/51at-ate-graz-mail.php.txt
scripts/52at-ate-wien-mail.php.txt
scripts/53de-ate-amberg-mail.php.txt
scripts/54at-ate-linz-mail.php.txt
scripts/55de-ate-wiesbaden-mail.php.txt
scripts/56at-ate-oberwart-mail.php.txt
scripts/57at-ate-graz-mail.php.txt
scripts/58at-ate-wien-mail.php.txt
scripts/59de-ate-freiburg-mail.php.txt
scripts/60de-ate-bremen-mail.php.txt
scripts/61de-ate-dresden-mail.php.txt
scripts/62de-froscon2015-mail.php.txt
scripts/63dk-ate-nykobing-mail.php.txt
scripts/addpoints.php
scripts/assurer.php
scripts/consistence.php
scripts/country.php
scripts/cron/removedead.php
scripts/cron/updatesort.php
scripts/gpgcheck3.php
scripts/gpgfillmissingemail.php
scripts/gpgfillmissingkeyid.php
scripts/mailing archive/45au-ate-melbourne-mail.php.txt
scripts/mailing archive/46us-ate-raleigh-mail.php.txt
scripts/mailing archive/47us-fudcon-lawrence-mail.php.txt
scripts/mailing archive/48de-ate-kiel-mail.php.txt
scripts/mailing archive/oa01-allowance.php.txt
scripts/mailing archive/oa02-orgainformation.php.txt
scripts/mass-revoke.php
scripts/newsletter.php
scripts/newslettercebit.php
scripts/notify.php
scripts/oa03-csr_org_client_cert.php.txt
scripts/scanforexponents.php
scripts/send_thawte.php.txt
stamp/certdet.php
stamp/common.php
stamp/displogo.php
stamp/report.php
tverify/index.php
tverify/index/0.php
www/ac.php
www/account.php
www/advertising.php
www/api/ccsr.php
www/api/cemails.php
www/api/edu.php
www/cats/cats_import.php
www/disputes.php
www/gpg.php
www/index.php
www/news.php
www/rss.php
www/sqldump.php
www/stats.php
www/verify.php
www/wot.php

Simple merge
@@@ -185,50 -184,49 +184,49 @@@ function hideall() 
        ?></ul>
      </div>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('emailacc')">+ <?=_("Email Accounts")?></h3>
-       <ul class="menu" id="emailacc"><li><a href="account.php?id=1"><?=_("Add")?></a></li><li><a href="account.php?id=2"><?=_("View")?></a></li></ul>
+       <h3 class="pointer" onclick="explode('emailacc')">+ <?php echo _("Email Accounts")?></h3>
+       <ul class="menu" id="emailacc"><li><a href="account.php?id=1"><?php echo _("Add")?></a></li><li><a href="account.php?id=2"><?php echo _("View")?></a></li></ul>
      </div>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('clicerts')">+ <?=_("Client Certificates")?></h3>
-       <ul class="menu" id="clicerts"><li><a href="account.php?id=3"><?=_("New")?></a></li><li><a href="account.php?id=5"><?=_("View")?></a></li></ul>
+       <h3 class="pointer" onclick="explode('clicerts')">+ <?php echo _("Client Certificates")?></h3>
+       <ul class="menu" id="clicerts"><li><a href="account.php?id=3"><?php echo _("New")?></a></li><li><a href="account.php?id=5"><?php echo _("View")?></a></li></ul>
      </div>
- <? if($_SESSION['profile']['points'] >= 50) { ?>
+ <?php if($_SESSION['profile']['points'] >= 50) { ?>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('gpg')">+ <?=_("GPG/PGP Keys")?></h3>
-       <ul class="menu" id="gpg"><li><a href="gpg.php?id=0"><?=_("New")?></a></li><li><a href="gpg.php?id=2"><?=_("View")?></a></li></ul>
+       <h3 class="pointer" onclick="explode('gpg')">+ <?php echo _("GPG/PGP Keys")?></h3>
+       <ul class="menu" id="gpg"><li><a href="gpg.php?id=0"><?php echo _("New")?></a></li><li><a href="gpg.php?id=2"><?php echo _("View")?></a></li></ul>
      </div>
- <? } ?>
+ <?php } ?>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('domains')">+ <?=_("Domains")?></h3>
-       <ul class="menu" id="domains"><li><a href="account.php?id=7"><?=_("Add")?></a></li><li><a href="account.php?id=9"><?=_("View")?></a></li></ul>
+       <h3 class="pointer" onclick="explode('domains')">+ <?php echo _("Domains")?></h3>
+       <ul class="menu" id="domains"><li><a href="account.php?id=7"><?php echo _("Add")?></a></li><li><a href="account.php?id=9"><?php echo _("View")?></a></li></ul>
      </div>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('servercert')">+ <?=_("Server Certificates")?></h3>
-       <ul class="menu" id="servercert"><li><a href="account.php?id=10"><?=_("New")?></a></li><li><a href="account.php?id=12"><?=_("View")?></a></li></ul>
+       <h3 class="pointer" onclick="explode('servercert')">+ <?php echo _("Server Certificates")?></h3>
+       <ul class="menu" id="servercert"><li><a href="account.php?id=10"><?php echo _("New")?></a></li><li><a href="account.php?id=12"><?php echo _("View")?></a></li></ul>
      </div>
- <? if(mysqli_num_rows(mysqli_query($_SESSION['mconn'], "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
 -<?php if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
++<?php if(mysqli_num_rows(mysqli_query($_SESSION['mconn'], "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('clientorg')">+ <?=_("Org Client Certs")?></h3>
-       <ul class="menu" id="clientorg"><li><a href="account.php?id=16"><?=_("New")?></a></li><li><a href="account.php?id=18"><?=_("View")?></a></li></ul>
+       <h3 class="pointer" onclick="explode('clientorg')">+ <?php echo _("Org Client Certs")?></h3>
+       <ul class="menu" id="clientorg"><li><a href="account.php?id=16"><?php echo _("New")?></a></li><li><a href="account.php?id=18"><?php echo _("View")?></a></li></ul>
      </div>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('serverorg')">+ <?=_("Org Server Certs")?></h3>
-       <ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?=_("New")?></a></li><li><a href="account.php?id=22"><?=_("View")?></a></li></ul>
+       <h3 class="pointer" onclick="explode('serverorg')">+ <?php echo _("Org Server Certs")?></h3>
+       <ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?php echo _("New")?></a></li><li><a href="account.php?id=22"><?php echo _("View")?></a></li></ul>
      </div>
- <? } ?>
- <? if(mysqli_num_rows(mysqli_query($_SESSION['mconn'], "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
+ <?php } ?>
 -<?php if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
++<?php if(mysqli_num_rows(mysqli_query($_SESSION['mconn'], "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('orgadmin')">+ <?=_("Org Admin")?></h3>
-       <ul class="menu" id="orgadmin"><? if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?=_("New Organisation")?></a></li><li><a href="account.php?id=25"><?=_("View Organisations")?></a></li><? } ?><li><a href="account.php?id=35"><?=_("View")?></a></li></ul>
+       <h3 class="pointer" onclick="explode('orgadmin')">+ <?php echo _("Org Admin")?></h3>
+       <ul class="menu" id="orgadmin"><?php if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?php echo _("New Organisation")?></a></li><li><a href="account.php?id=25"><?php echo _("View Organisations")?></a></li><?php } ?><li><a href="account.php?id=35"><?php echo _("View")?></a></li></ul>
      </div>
- <? } ?>
+ <?php } ?>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3>
-       <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?></ul>
+       <h3 class="pointer" onclick="explode('WoT')">+ <?php echo _("CAcert Web of Trust")?></h3>
+       <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?php echo _("About")?></a></li><li><a href="wot.php?id=12"><?php echo _("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?php echo _("Rules")?></a></li><li><?php if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?php echo _("Becoming an Assurer")?></a><?php } else { ?><a href="wot.php?id=5"><?php echo _("Assure Someone")?></a><?php } ?></li><li><a href="wot.php?id=4"><?php echo _("Trusted ThirdParties")?></a></li><?php if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?php echo _("Organisation Assurance")?></div></a></li><?php } ?></ul>
      </div>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('WoTForms')">+ <?=_("CAP Forms")?></h3><?
-         $name = $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'];
+       <h3 class="pointer" onclick="explode('WoTForms')">+ <?php echo _("CAP Forms")?></h3><?php         $name = $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'];
          while(strstr($name, "  "))
                  $name = str_replace("  ", " ", $name);
          $extra = "?name=".urlencode($name);
Simple merge
@@@ -43,34 -43,33 +43,33 @@@ google_color_border = "FFFFFF"
    </div>
    <div id="pageNav">
      <div class="relatedLinks">
-       <h3><?=_("Join CAcert.org")?></h3>
-       <? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
-       <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=1"><?=_("Join")?></a>
-       <? } ?>
-       <a href="/policy/CAcertCommunityAgreement.html"><?=_("Community Agreement")?></a>
-       <a href="/index.php?id=3"><?=_("Root Certificate")?></a>
+       <h3><?php echo _("Join CAcert.org")?></h3>
+       <?php if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
+       <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=1"><?php echo _("Join")?></a>
+       <?php } ?>
+       <a href="/policy/CAcertCommunityAgreement.html"><?php echo _("Community Agreement")?></a>
+       <a href="/index.php?id=3"><?php echo _("Root Certificate")?></a>
      </div>
-     <? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
+     <?php if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
      <div class="relatedLinks">
-       <h3 class="pointer"><?=_("My Account")?></h3>
-       <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4"><?=_("Password Login")?></a>
-       <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=5"><?=_("Lost Password")?></a>
-       <a href="https://<?=$_SESSION['_config']['normalhostname']?>/index.php?id=4&amp;noauto=1"><?=_("Net Cafe Login")?></a>
-       <a href="https://<?=$_SESSION['_config']['securehostname']?>/index.php?id=4"><?=_("Certificate Login")?></a>
+       <h3 class="pointer"><?php echo _("My Account")?></h3>
+       <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=4"><?php echo _("Password Login")?></a>
+       <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=5"><?php echo _("Lost Password")?></a>
+       <a href="https://<?php echo $_SESSION['_config']['normalhostname']?>/index.php?id=4&amp;noauto=1"><?php echo _("Net Cafe Login")?></a>
+       <a href="https://<?php echo $_SESSION['_config']['securehostname']?>/index.php?id=4"><?php echo _("Certificate Login")?></a>
      </div>
-     <? } ?>
-     <? include("about_menu.php"); ?>
+     <?php } ?>
+     <?php include("about_menu.php"); ?>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('trans')">+ <?=_("Translations")?></h3>
-       <ul class="menu" id="trans"><? foreach(L10n::$translations as $key => $val) { ?><li><a href="<?=$_SERVER['SCRIPT_NAME']?>?id=<?=intval(array_key_exists('id',$_REQUEST)?$_REQUEST['id']:0)?>&amp;lang=<?=$key?>"><?=$val?></a></li><? } ?></ul>
+       <h3 class="pointer" onclick="explode('trans')">+ <?php echo _("Translations")?></h3>
+       <ul class="menu" id="trans"><?php foreach(L10n::$translations as $key => $val) { ?><li><a href="<?php echo $_SERVER['SCRIPT_NAME']?>?id=<?php echo intval(array_key_exists('id',$_REQUEST)?$_REQUEST['id']:0)?>&amp;lang=<?php echo $key?>"><?php echo $val?></a></li><?php } ?></ul>
      </div>
-     <? if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
+     <?php if(array_key_exists('mconn',$_SESSION) && $_SESSION['mconn']) { ?>
      <div class="relatedLinks">
-       <h3 class="pointer" onclick="explode('recom')"><?=_("Advertising")?></h3>
-       <ul class="menu" id="recom"><?
-       $query = "select * from `advertising` where `expires`>NOW() and `active`=1";
+       <h3 class="pointer" onclick="explode('recom')"><?php echo _("Advertising")?></h3>
+       <ul class="menu" id="recom"><?php       $query = "select * from `advertising` where `expires`>NOW() and `active`=1";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
                echo "<li><a href='$row[link]' target='_blank'>$row[title]</a></li>";
  ?></ul>
      </div>
Simple merge
Simple merge
Simple merge
Simple merge
        {
  ?>
    <tr>
-     <td colspan="8" class="DataTD"><?=_("No certificates are currently listed.")?></td>
+     <td colspan="8" class="DataTD"><?php echo _("No certificates are currently listed.")?></td>
    </tr>
- <? } else {
+ <?php } else {
 -      while($row = mysql_fetch_assoc($res))
 +      while($row = mysqli_fetch_assoc($res))
        {
                if($row['timeleft'] > 0)
                        $verified = _("Valid");
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-   $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0";
+ <?php   $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0";
 -  $res = mysql_query($query);
 -  $user = mysql_fetch_assoc($res);
 +  $res = mysqli_query($_SESSION['mconn'], $query);
 +  $user = mysqli_fetch_assoc($res);
  
    $year = intval(substr($user['dob'], 0, 4));
    $month = intval(substr($user['dob'], 5, 2));
Simple merge
@@@ -112,11 -111,11 +111,11 @@@ $status = array_key_exists('status',$_S
  ?>
  
    <tr>
-     <td colspan="9" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+     <td colspan="9" class="DataTD"><?php echo _("No client certificates are currently listed.")?></td>
    </tr>
- <? } else {
+ <?php } else {
    $orgname='';
 -  while($row = mysql_fetch_assoc($res))
 +  while($row = mysqli_fetch_assoc($res))
    {
      if ($row['O']<>$orgname) {
        $orgname=$row['O'];?>
      </td>
    </tr>
    <tr>
-     <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?=_("Renew")?>">&#160;&#160;&#160;&#160;
-           <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>"></td>
-     <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?=_("Change settings")?>"> </td>
+     <td class="DataTD" colspan="6"><input type="submit" name="renew" value="<?php echo _("Renew")?>">&#160;&#160;&#160;&#160;
+           <input type="submit" name="revoke" value="<?php echo _("Revoke/Delete")?>"></td>
+     <td class="DataTD" colspan="2"><input type="submit" name="change" value="<?php echo _("Change settings")?>"> </td>
    </tr>
    <tr>
-     <td class="DataTD" colspan="9"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
+     <td class="DataTD" colspan="9"><?php echo _("From here you can delete pending requests, or revoke valid certificates.")?></td>
    </tr>
- <? } ?>
+ <?php } ?>
  </table>
- <input type="hidden" name="oldid" value="<?=$id?>">
- <input type="hidden" name="csrf" value="<?=make_csrf('clicerchange')?>" />
+ <input type="hidden" name="oldid" value="<?php echo $id?>">
+ <input type="hidden" name="csrf" value="<?php echo make_csrf('clicerchange')?>" />
 -</form>
 +</form>
Simple merge
  <form method="post" action="account.php">
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="4" class="title"><?=_("Email Accounts")?></td>
+     <td colspan="4" class="title"><?php echo _("Email Accounts")?></td>
    </tr>
    <tr>
-     <td class="DataTD"><?=_("Default")?></td>
-     <td class="DataTD"><?=_("Status")?></td>
-     <td class="DataTD"><?=_("Delete")?></td>
-     <td class="DataTD"><?=_("Address")?></td>
+     <td class="DataTD"><?php echo _("Default")?></td>
+     <td class="DataTD"><?php echo _("Status")?></td>
+     <td class="DataTD"><?php echo _("Delete")?></td>
+     <td class="DataTD"><?php echo _("Address")?></td>
  
- <?
-       $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
+ <?php         $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        {
                if($row['hash'] == "")
                        $verified = _("Verified");
@@@ -114,11 -113,11 +113,11 @@@ $status = array_key_exists('dstatus',$_
    {
  ?>
    <tr>
-     <td colspan="8" class="DataTD"><?=_("No domains are currently listed.")?></td>
+     <td colspan="8" class="DataTD"><?php echo _("No domains are currently listed.")?></td>
    </tr>
- <? } else {
+ <?php } else {
    $orgname='';
 -  while($row = mysql_fetch_assoc($res))
 +  while($row = mysqli_fetch_assoc($res))
    {
      if ($row['O']<>$orgname) {
        $orgname=$row['O'];?>
Simple merge
        
        // Safe because $order_by only contains fixed strings
        $query = sprintf("select * from `orginfo` ORDER BY %s", $order_by);
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        {
 -              $r2 = mysql_query("select * from `org` where `orgid`='".intval($row['id'])."'");
 -              $admincount = mysql_num_rows($r2);
 -              $r2 = mysql_query("select * from `orgdomains` where `orgid`='".intval($row['id'])."'");
 -              $domcount = mysql_num_rows($r2);
 +              $r2 = mysqli_query($_SESSION['mconn'], "select * from `org` where `orgid`='".intval($row['id'])."'");
 +              $admincount = mysqli_num_rows($r2);
 +              $r2 = mysqli_query($_SESSION['mconn'], "select * from `orgdomains` where `orgid`='".intval($row['id'])."'");
 +              $domcount = mysqli_num_rows($r2);
  ?>
    <tr>
-     <td class="DataTD"><?=htmlspecialchars($row['O'])?>, <?=htmlspecialchars($row['ST'])?> <?=htmlspecialchars($row['C'])?></td>
-     <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?=intval($row['id'])?>"><?=_("Domains")?> (<?=$domcount?>)</a></td>
-     <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td>
-     <td class="DataTD"><a href="account.php?id=27&amp;orgid=<?=$row['id']?>"><?=_("Edit")?></a></td>
-     <td class="DataTD"><a href="account.php?id=31&amp;orgid=<?=$row['id']?>"><?=_("Delete")?></a></td>
-     <? if(array_key_exists('viewcomment',$_REQUEST) && $_REQUEST['viewcomment']!='') { ?>
-     <td class="DataTD"><?=sanitizeHTML($row['comments'])?></td>
-     <? } ?>
+     <td class="DataTD"><?php echo htmlspecialchars($row['O'])?>, <?php echo htmlspecialchars($row['ST'])?> <?php echo htmlspecialchars($row['C'])?></td>
+     <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?php echo intval($row['id'])?>"><?php echo _("Domains")?> (<?php echo $domcount?>)</a></td>
+     <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?php echo $row['id']?>"><?php echo _("Admins")?> (<?php echo $admincount?>)</a></td>
+     <td class="DataTD"><a href="account.php?id=27&amp;orgid=<?php echo $row['id']?>"><?php echo _("Edit")?></a></td>
+     <td class="DataTD"><a href="account.php?id=31&amp;orgid=<?php echo $row['id']?>"><?php echo _("Delete")?></a></td>
+     <?php if(array_key_exists('viewcomment',$_REQUEST) && $_REQUEST['viewcomment']!='') { ?>
+     <td class="DataTD"><?php echo sanitizeHTML($row['comments'])?></td>
+     <?php } ?>
    </tr>
- <? } ?>
+ <?php } ?>
  </table>
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-       $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ <?php         $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
 -      $row = mysql_fetch_assoc(mysql_query($query));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
    <tr>
-     <td colspan="3" class="title"><? printf(_("%s's Domains"), $row['O']); ?> (<a href="account.php?id=28&amp;orgid=<?=intval($row['id'])?>"><?=_("Add")?></a>)</td>
+     <td colspan="3" class="title"><?php printf(_("%s's Domains"), $row['O']); ?> (<a href="account.php?id=28&amp;orgid=<?php echo intval($row['id'])?>"><?php echo _("Add")?></a>)</td>
    </tr>
    <tr>
-     <td class="DataTD"><?=_("Domain")?></td>
-     <td class="DataTD"><?=_("Edit")?></td>
-     <td class="DataTD"><?=_("Delete")?></td>
+     <td class="DataTD"><?php echo _("Domain")?></td>
+     <td class="DataTD"><?php echo _("Edit")?></td>
+     <td class="DataTD"><?php echo _("Delete")?></td>
    </tr>
- <?
-       $query = "select * from `orgdomains` where `orgid`='".intval($_REQUEST['orgid'])."'";
+ <?php         $query = "select * from `orgdomains` where `orgid`='".intval($_REQUEST['orgid'])."'";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        { ?>
    <tr>
-     <td class="DataTD"><?=sanitizeHTML($row['domain'])?></a></td>
-     <td class="DataTD"><a href="account.php?id=29&amp;orgid=<?=intval($row['orgid'])?>&amp;domid=<?=intval($row['id'])?>"><?=_("Edit")?></a></td>
-     <td class="DataTD"><a href="account.php?id=30&amp;orgid=<?=intval($row['orgid'])?>&amp;domid=<?=intval($row['id'])?>"><?=_("Delete")?></a></td>
+     <td class="DataTD"><?php echo sanitizeHTML($row['domain'])?></a></td>
+     <td class="DataTD"><a href="account.php?id=29&amp;orgid=<?php echo intval($row['orgid'])?>&amp;domid=<?php echo intval($row['id'])?>"><?php echo _("Edit")?></a></td>
+     <td class="DataTD"><a href="account.php?id=30&amp;orgid=<?php echo intval($row['orgid'])?>&amp;domid=<?php echo intval($row['id'])?>"><?php echo _("Delete")?></a></td>
    </tr>
- <? } ?>
+ <?php } ?>
  </table>
@@@ -15,8 -15,7 +15,8 @@@
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
+ <?php         $row = mysql_fetch_assoc(mysql_query("select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'"));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'"));
  ?>
  <form method="post" action="account.php">
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
@@@ -15,9 -15,8 +15,8 @@@
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-       $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ <?php         $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
 -      $row = mysql_fetch_assoc(mysql_query($query));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
  ?>
  <form method="post" action="account.php">
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-       $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['domid'])."'";
+ <?php         $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['domid'])."'";
 -      $row = mysql_fetch_assoc(mysql_query($query));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
        $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
 -      $org = mysql_fetch_assoc(mysql_query($query));
 +      $org = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
  
        $_SESSION['_config']['domain'] = $row['domain'];
  ?>
  <form method="post" action="account.php">
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="2" class="title"><?=_("New Client Certificate")?></td>
+     <td colspan="2" class="title"><?php echo _("New Client Certificate")?></td>
    </tr>
    <tr>
-     <td class="DataTD"><?=_("Add")?></td>
-     <td class="DataTD"><?=_("Address")?></td>
+     <td class="DataTD"><?php echo _("Add")?></td>
+     <td class="DataTD"><?php echo _("Address")?></td>
    </tr>
  
- <?
-       $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `hash`=''";
+ <?php         $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `hash`=''";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        { ?>
    <tr>
-     <td class="DataTD"><input type="checkbox" id="addid<?=intval($row['id'])?>" name="addid[]" value="<?=intval($row['id'])?>"></td>
-     <td class="DataTD" align="left"><label for="addid<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></label></td>
+     <td class="DataTD"><input type="checkbox" id="addid<?php echo intval($row['id'])?>" name="addid[]" value="<?php echo intval($row['id'])?>"></td>
+     <td class="DataTD" align="left"><label for="addid<?php echo intval($row['id'])?>"><?php echo sanitizeHTML($row['email'])?></label></td>
    </tr>
- <? }
+ <?php }
  if($_SESSION['profile']['points'] >= 50)
  {
        $fname = $_SESSION['profile']['fname'];
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-       $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['domid'])."'";
+ <?php         $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['domid'])."'";
 -      $row = mysql_fetch_assoc(mysql_query($query));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
        $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
 -      $org = mysql_fetch_assoc(mysql_query($query));
 +      $org = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
  
        $_SESSION['_config']['domain'] = $row['domain'];
  ?>
@@@ -15,9 -15,8 +15,8 @@@
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-       $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ <?php         $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
 -      $org = mysql_fetch_assoc(mysql_query($query));
 +      $org = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
  
  ?>
  <form method="post" action="account.php">
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-       $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ <?php         $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
 -      $row = mysql_fetch_assoc(mysql_query($query));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="500">
    <tr>
-     <td colspan="5" class="title"><? printf(_("%s's Administrators"), $row['O']); ?> (<a href="account.php?id=33&amp;orgid=<?=$row['id']?>"><?=_("Add")?></a>)</td>
+     <td colspan="5" class="title"><?php printf(_("%s's Administrators"), $row['O']); ?> (<a href="account.php?id=33&amp;orgid=<?php echo $row['id']?>"><?php echo _("Add")?></a>)</td>
    </tr>
    <tr>
-     <td class="DataTD"><?=_("Administrator")?></td>
-     <td class="DataTD"><?=_("Master Account")?></td>
-     <td class="DataTD"><?=_("Department")?></td>
-     <td class="DataTD"><?=_("Comments")?></td>
-     <td class="DataTD"><?=_("Delete")?></td>
+     <td class="DataTD"><?php echo _("Administrator")?></td>
+     <td class="DataTD"><?php echo _("Master Account")?></td>
+     <td class="DataTD"><?php echo _("Department")?></td>
+     <td class="DataTD"><?php echo _("Comments")?></td>
+     <td class="DataTD"><?php echo _("Delete")?></td>
    </tr>
- <?
-       $query = "select * from `org` where `orgid`='".intval($_REQUEST['orgid'])."'";
+ <?php         $query = "select * from `org` where `orgid`='".intval($_REQUEST['orgid'])."'";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        {
 -              $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($row['memid'])."'"));
 +              $user = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `users` where `id`='".intval($row['memid'])."'"));
  ?>
    <tr>
-     <td class="DataTD"><a href='mailto:<?=sanitizeHTML($user['email'])?>'><?=sanitizeHTML($user['fname'])?> <?=sanitizeHTML($user['lname'])?></a></td>
-     <td class="DataTD"><?=($row['masteracc'])?></a></td>
-     <td class="DataTD"><?=sanitizeHTML($row['OU'])?></a></td>
-     <td class="DataTD"><?=sanitizeHTML($row['comments'])?></a></td>
- <? if($row['masteracc'] == 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
-     <td class="DataTD"><a href="account.php?id=34&amp;orgid=<?=$row['orgid']?>&amp;memid=<?=$row['memid']?>"><?=_("Delete")?></a></td>
- <? } else { ?>
+     <td class="DataTD"><a href='mailto:<?php echo sanitizeHTML($user['email'])?>'><?php echo sanitizeHTML($user['fname'])?> <?php echo sanitizeHTML($user['lname'])?></a></td>
+     <td class="DataTD"><?php echo ($row['masteracc'])?></a></td>
+     <td class="DataTD"><?php echo sanitizeHTML($row['OU'])?></a></td>
+     <td class="DataTD"><?php echo sanitizeHTML($row['comments'])?></a></td>
+ <?php if($row['masteracc'] == 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
+     <td class="DataTD"><a href="account.php?id=34&amp;orgid=<?php echo $row['orgid']?>&amp;memid=<?php echo $row['memid']?>"><?php echo _("Delete")?></a></td>
+ <?php } else { ?>
      <td class="DataTD">N/A</td>
- <? } ?>
+ <?php } ?>
    </tr>
- <? } ?>
+ <?php } ?>
  </table>
@@@ -15,9 -15,8 +15,8 @@@
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-       $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
+ <?php         $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
 -      $row = mysql_fetch_assoc(mysql_query($query));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
        
        // Reset session variables regarding OrgAdmin's, present empty form
    if (array_key_exists('email',$_SESSION['_config']))     $_SESSION['_config']['email']=""; 
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-       $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['orgid'])."'";
+ <?php         $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['orgid'])."'";
 -      $row = mysql_fetch_assoc(mysql_query($query));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
        $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
 -      $org = mysql_fetch_assoc(mysql_query($query));
 +      $org = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
        $query = "select * from `users` where `id`='".intval($_REQUEST['memid'])."'";
 -      $user = mysql_fetch_assoc(mysql_query($query));
 +      $user = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
  
        $_SESSION['_config']['domain'] = $row['domain'];
  ?>
@@@ -29,34 -28,33 +28,33 @@@ while($row = mysqli_fetch_assoc($res)
  {
        ?>
        <tr>
-               <td colspan="3" class="title"><?=_("Organisation")?></td>
+               <td colspan="3" class="title"><?php echo _("Organisation")?></td>
        </tr>
        <tr>
-               <td class="DataTD"><?=_("Organisation Name")?>:</td>
-               <td colspan="2" class="DataTD" ><b><?=$row['O']?></b></td>
+               <td class="DataTD"><?php echo _("Organisation Name")?>:</td>
+               <td colspan="2" class="DataTD" ><b><?php echo $row['O']?></b></td>
        </tr>
        <tr>
-               <td class="DataTD"><?=_("Contact Email")?>:</td>
-               <td colspan="2" class="DataTD"><?=($row['contact'])?></td>
+               <td class="DataTD"><?php echo _("Contact Email")?>:</td>
+               <td colspan="2" class="DataTD"><?php echo ($row['contact'])?></td>
        </tr>
        <tr>
-               <td class="DataTD"><?=_("Town/Suburb")?>:</td>
-               <td colspan="2" class="DataTD"><?=($row['L'])?></td>
+               <td class="DataTD"><?php echo _("Town/Suburb")?>:</td>
+               <td colspan="2" class="DataTD"><?php echo ($row['L'])?></td>
        </tr>
        <tr>
-               <td class="DataTD"><?=_("State/Province")?>:</td>
-               <td colspan="2" class="DataTD"><?=($row['ST'])?></td>
+               <td class="DataTD"><?php echo _("State/Province")?>:</td>
+               <td colspan="2" class="DataTD"><?php echo ($row['ST'])?></td>
        </tr>
        <tr>
-               <td class="DataTD"><?=_("Country")?>:</td>
-               <td colspan="2" class="DataTD"><?=($row['C'])?></td>
+               <td class="DataTD"><?php echo _("Country")?>:</td>
+               <td colspan="2" class="DataTD"><?php echo ($row['C'])?></td>
        </tr>
-       <?
-       
+       <?php
        //domain info
        $query = "select `domain` from `orgdomains` where `orgid`='".intval($row['id'])."'";
 -      $res1 = mysql_query($query);
 -      while($domain = mysql_fetch_assoc($res1))
 +      $res1 = mysqli_query($_SESSION['mconn'], $query);
 +      while($domain = mysqli_fetch_assoc($res1))
        {
                ?>
                <tr>
        
        ?>
        <tr>
-               <td class="DataTD"><?=_("Administrator")?></td>
-               <td class="DataTD"><?=_("Master Account")?></td>
-               <td class="DataTD"><?=_("Department")?></td>
+               <td class="DataTD"><?php echo _("Administrator")?></td>
+               <td class="DataTD"><?php echo _("Master Account")?></td>
+               <td class="DataTD"><?php echo _("Department")?></td>
        </tr>
-       <?
-       
+       <?php
        //org admins
        $query = "select * from `org` where `orgid`='".intval($row['id'])."'";
 -      $res2 = mysql_query($query);
 -      while($org = mysql_fetch_assoc($res2))
 +      $res2 = mysqli_query($_SESSION['mconn'], $query);
 +      while($org = mysqli_fetch_assoc($res2))
        {
 -              $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($org['memid'])."'"));
 +              $user = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `users` where `id`='".intval($org['memid'])."'"));
                ?> 
                <tr>
-                       <td class="DataTD"><a href='mailto:<?=$user['email']?>'><?=($user['fname'])?> <?=($user['lname'])?></a></td>
-                       <td class="DataTD"><?=($org['masteracc'])?></td>
-                       <td class="DataTD"><?=($org['OU'])?></td>
+                       <td class="DataTD"><a href='mailto:<?php echo $user['email']?>'><?php echo ($user['fname'])?> <?php echo ($user['lname'])?></a></td>
+                       <td class="DataTD"><?php echo ($org['masteracc'])?></td>
+                       <td class="DataTD"><?php echo ($org['OU'])?></td>
                </tr>
-               <?
-               
+               <?php
                if(intval($org['masteracc']) === 1 &&
                                 intval($org['memid']) === intval($_SESSION['profile']['id']))
                { 
@@@ -50,28 -49,26 +49,26 @@@ require_once($_SESSION['_config']['file
  <form method="post" action="account.php">
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
    <tr>
-     <td colspan="2" class="title"><?=_("Additional Language Preferences")?></td>
+     <td colspan="2" class="title"><?php echo _("Additional Language Preferences")?></td>
    </tr>
- <?
-       $query = "select * from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."'";
+ <?php         $query = "select * from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."'";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        {
 -              $lang = mysql_fetch_assoc(mysql_query("select * from `languages` where `locale`='".mysql_escape_string($row['lang'])."'"));
 +              $lang = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `languages` where `locale`='".mysqli_real_escape_string($_SESSION['mconn'], $row['lang'])."'"));
  ?>
    <tr>
-     <td class="DataTD"><?=_("Additional Language")?>:</td>
-     <td class="DataTD" align="left"><? echo "${lang['lang']} - ${lang['country']}"; ?>
-               <a href="account.php?oldid=41&amp;action=dellang&amp;remove=<?=$row['lang']?>&amp;csrf=<?=make_csrf('seclang')?>"><?=_("Delete")?></a></td>
+     <td class="DataTD"><?php echo _("Additional Language")?>:</td>
+     <td class="DataTD" align="left"><?php echo "${lang['lang']} - ${lang['country']}"; ?>
+               <a href="account.php?oldid=41&amp;action=dellang&amp;remove=<?php echo $row['lang']?>&amp;csrf=<?php echo make_csrf('seclang')?>"><?php echo _("Delete")?></a></td>
    </tr>
- <? } ?>
+ <?php } ?>
    <tr>
-     <td class="DataTD"><?=_("Secondary languages")?>:</td>
+     <td class="DataTD"><?php echo _("Secondary languages")?>:</td>
      <td class="DataTD"><select name="addlang">
- <?
-       $query = "select * from `languages` order by `locale`";
+ <?php         $query = "select * from `languages` order by `locale`";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        {
                printf("<option value=\"%s\">[%s] %s (%s)</option>\n",
                        sanitizeHTML($row['locale']),
@@@ -68,41 -68,36 +68,38 @@@ if(intval(array_key_exists('userid',$_R
  ?>
          <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
              <tr>
-                 <td colspan="5" class="title"><?=_("Select Specific Account Details")?></td>
+                 <td colspan="5" class="title"><?php echo _("Select Specific Account Details")?></td>
              </tr>
              <tr>
-                 <td class="DataTD"><?=_("User ID")?></td>
-                 <td class="DataTD"><?=_("Email")?></td>
+                 <td class="DataTD"><?php echo _("User ID")?></td>
+                 <td class="DataTD"><?php echo _("Email")?></td>
              </tr>
- <?
 -<?php         while($row = mysql_fetch_assoc($res))
++<?php
 +        while($row = mysqli_fetch_assoc($res))
          {
  ?>
              <tr>
-                 <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>"><?=intval($row['id'])?></a></td>
-                 <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></a></td>
+                 <td class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>"><?php echo intval($row['id'])?></a></td>
+                 <td class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo intval($row['id'])?>"><?php echo sanitizeHTML($row['email'])?></a></td>
              </tr>
- <?
-         }
+ <?php         }
  
 -        if(mysql_num_rows($res) >= 100) {
 +        if(mysqli_num_rows($res) >= 100) {
  ?>
              <tr>
-                 <td class="DataTD" colspan="2"><?=_("Only the first 100 rows are displayed.")?></td>
+                 <td class="DataTD" colspan="2"><?php echo _("Only the first 100 rows are displayed.")?></td>
              </tr>
- <?
-         } else {
+ <?php         } else {
  ?>
              <tr>
-                 <td class="DataTD" colspan="2"><? printf(_("%s rows displayed."), mysqli_num_rows($res)); ?></td>
 -                <td class="DataTD" colspan="2"><?php printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td>
++                <td class="DataTD" colspan="2"><?php printf(_("%s rows displayed."), mysqli_num_rows($res)); ?></td>
              </tr>
- <?
-         }
+ <?php         }
  ?>
          </table><br><br>
- <?
 -<?php     } elseif(mysql_num_rows($res) == 1) {
 -        $row = mysql_fetch_assoc($res);
++<?php
 +    } elseif(mysqli_num_rows($res) == 1) {
 +        $row = mysqli_fetch_assoc($res);
          $_REQUEST['userid'] = $row['id'];
      } else {
          printf(_("No users found matching %s"), sanitizeHTML($email));
@@@ -400,24 -387,21 +389,22 @@@ if(intval($_REQUEST['userid']) > 0) 
          </tr>
      </table>
      <br/>
-     <?
-     //list secondary email addresses
+     <?php     //list secondary email addresses
                  $dres = get_email_addresses(intval($row['id']),$row['email']);
 -                if(mysql_num_rows($dres) > 0) {
 +                if(mysqli_num_rows($dres) > 0) {
      ?>
      <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
          <tr>
-             <td colspan="5" class="title"><?=_("Alternate Verified Email Addresses")?></td>
+             <td colspan="5" class="title"><?php echo _("Alternate Verified Email Addresses")?></td>
          </tr>
-     <?
 -    <?php                     while($drow = mysql_fetch_assoc($dres)) {
++    <?php
 +                    while($drow = mysqli_fetch_assoc($dres)) {
      ?>
          <tr>
-             <td class="DataTD"><?=_("Secondary Emails")?>:</td>
-             <td class="DataTD"><?=sanitizeHTML($drow['email'])?></td>
+             <td class="DataTD"><?php echo _("Secondary Emails")?>:</td>
+             <td class="DataTD"><?php echo sanitizeHTML($drow['email'])?></td>
          </tr>
-     <?
-                     }
+     <?php                     }
      ?>
      </table>
      <br/>
      ?>
      <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
          <tr>
-             <td colspan="5" class="title"><?=_("Verified Domains")?></td>
+             <td colspan="5" class="title"><?php echo _("Verified Domains")?></td>
          </tr>
-     <?
 -    <?php                     while($drow = mysql_fetch_assoc($dres)) {
++    <?php
 +                    while($drow = mysqli_fetch_assoc($dres)) {
      ?>
          <tr>
-             <td class="DataTD"><?=_("Domain")?>:</td>
-             <td class="DataTD"><?=sanitizeHTML($drow['domain'])?></td>
+             <td class="DataTD"><?php echo _("Domain")?>:</td>
+             <td class="DataTD"><?php echo sanitizeHTML($drow['domain'])?></td>
          </tr>
-     <?
-                     }
+     <?php                     }
      ?>
      </table>
      <br/>
                          where `domains`.`memid` = '".intval($row['id'])."'
                              and `revoked` != '0000-00-00 00:00:00'
                          ";
 -                    $dres = mysql_query($query);
 -                    $drow = mysql_fetch_assoc($dres);
 +                    $dres = mysqli_query($_SESSION['mconn'], $query);
 +                    $drow = mysqli_fetch_assoc($dres);
                      $revoked = $drow['revoked'];
      ?>
-             <td class="DataTD"><?=intval($total)?></td>
-             <td class="DataTD"><?=intval($valid)?></td>
-             <td class="DataTD"><?=intval($expired)?></td>
-             <td class="DataTD"><?=intval($revoked)?></td>
-             <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
-     <?
-                 } else { // $total > 0
+             <td class="DataTD"><?php echo intval($total)?></td>
+             <td class="DataTD"><?php echo intval($valid)?></td>
+             <td class="DataTD"><?php echo intval($expired)?></td>
+             <td class="DataTD"><?php echo intval($revoked)?></td>
+             <td class="DataTD"><?php echo ($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
+     <?php                 } else { // $total > 0
      ?>
-             <td colspan="5" class="DataTD"><?=_("None")?></td>
-     <?
-                 }
+             <td colspan="5" class="DataTD"><?php echo _("None")?></td>
+     <?php                 }
      ?>
          </tr>
          <!-- client certificates -->
                          where `memid` = '".intval($row['id'])."'
                              and `revoked` != '0000-00-00 00:00:00'
                          ";
 -                    $dres = mysql_query($query);
 -                    $drow = mysql_fetch_assoc($dres);
 +                    $dres = mysqli_query($_SESSION['mconn'], $query);
 +                    $drow = mysqli_fetch_assoc($dres);
                      $revoked = $drow['revoked'];
      ?>
-             <td class="DataTD"><?=intval($total)?></td>
-             <td class="DataTD"><?=intval($valid)?></td>
-             <td class="DataTD"><?=intval($expired)?></td>
-             <td class="DataTD"><?=intval($revoked)?></td>
-             <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
-     <?
-                 } else { // $total > 0
+             <td class="DataTD"><?php echo intval($total)?></td>
+             <td class="DataTD"><?php echo intval($valid)?></td>
+             <td class="DataTD"><?php echo intval($expired)?></td>
+             <td class="DataTD"><?php echo intval($revoked)?></td>
+             <td class="DataTD"><?php echo ($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
+     <?php                 } else { // $total > 0
      ?>
-             <td colspan="5" class="DataTD"><?=_("None")?></td>
-     <?
-                 }
+             <td colspan="5" class="DataTD"><?php echo _("None")?></td>
+     <?php                 }
      ?>
          </tr>
          <!-- gpg certificates -->
                          where `memid` = '".intval($row['id'])."'
                              and `expire` <= NOW()
                          ";
 -                    $dres = mysql_query($query);
 -                    $drow = mysql_fetch_assoc($dres);
 +                    $dres = mysqli_query($_SESSION['mconn'], $query);
 +                    $drow = mysqli_fetch_assoc($dres);
                      $expired = $drow['expired'];
      ?>
-             <td class="DataTD"><?=intval($total)?></td>
-             <td class="DataTD"><?=intval($valid)?></td>
-             <td class="DataTD"><?=intval($expired)?></td>
+             <td class="DataTD"><?php echo intval($total)?></td>
+             <td class="DataTD"><?php echo intval($valid)?></td>
+             <td class="DataTD"><?php echo intval($expired)?></td>
              <td class="DataTD"></td>
-             <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
-     <?
-                 } else { // $total > 0
+             <td class="DataTD"><?php echo ($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
+     <?php                 } else { // $total > 0
      ?>
-             <td colspan="5" class="DataTD"><?=_("None")?></td>
-     <?
-                 }
+             <td colspan="5" class="DataTD"><?php echo _("None")?></td>
+     <?php                 }
      ?>
          </tr>
          <!-- org server certificates -->
                          where `org`.`memid` = '".intval($row['id'])."'
                              and `orgcerts`.`revoked` != '0000-00-00 00:00:00'
                          ";
 -                    $dres = mysql_query($query);
 -                    $drow = mysql_fetch_assoc($dres);
 +                    $dres = mysqli_query($_SESSION['mconn'], $query);
 +                    $drow = mysqli_fetch_assoc($dres);
                      $revoked = $drow['revoked'];
      ?>
-             <td class="DataTD"><?=intval($total)?></td>
-             <td class="DataTD"><?=intval($valid)?></td>
-             <td class="DataTD"><?=intval($expired)?></td>
-             <td class="DataTD"><?=intval($revoked)?></td>
-             <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
-     <?
-                 } else { // $total > 0
+             <td class="DataTD"><?php echo intval($total)?></td>
+             <td class="DataTD"><?php echo intval($valid)?></td>
+             <td class="DataTD"><?php echo intval($expired)?></td>
+             <td class="DataTD"><?php echo intval($revoked)?></td>
+             <td class="DataTD"><?php echo ($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
+     <?php                 } else { // $total > 0
      ?>
-             <td colspan="5" class="DataTD"><?=_("None")?></td>
-     <?
-                 }
+             <td colspan="5" class="DataTD"><?php echo _("None")?></td>
+     <?php                 }
      ?>
          </tr>
          <!-- org client certificates -->
                          where `org`.`memid` = '".intval($row['id'])."'
                              and `orgcerts`.`revoked` != '0000-00-00 00:00:00'
                          ";
 -                    $dres = mysql_query($query);
 -                    $drow = mysql_fetch_assoc($dres);
 +                    $dres = mysqli_query($_SESSION['mconn'], $query);
 +                    $drow = mysqli_fetch_assoc($dres);
                      $revoked = $drow['revoked'];
      ?>
-             <td class="DataTD"><?=intval($total)?></td>
-             <td class="DataTD"><?=intval($valid)?></td>
-             <td class="DataTD"><?=intval($expired)?></td>
-             <td class="DataTD"><?=intval($revoked)?></td>
-             <td class="DataTD"><?=($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
-     <?
-                 } else { // $total > 0
+             <td class="DataTD"><?php echo intval($total)?></td>
+             <td class="DataTD"><?php echo intval($valid)?></td>
+             <td class="DataTD"><?php echo intval($expired)?></td>
+             <td class="DataTD"><?php echo intval($revoked)?></td>
+             <td class="DataTD"><?php echo ($maxexpire != "0000-00-00 00:00:00")?substr($maxexpire, 0, 10) : _("Pending")?></td>
+     <?php                 } else { // $total > 0
      ?>
-             <td colspan="5" class="DataTD"><?=_("None")?></td>
-     <?
-                 }
+             <td colspan="5" class="DataTD"><?php echo _("None")?></td>
+     <?php                 }
      ?>
          </tr>
          <tr>
      ?>
      <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
          <tr>
-             <td colspan="8" class="title"><?=_("Assurance Points")?></td>
+             <td colspan="8" class="title"><?php echo _("Assurance Points")?></td>
          </tr>
          <tr>
-             <td class="DataTD"><b><?=_("ID")?></b></td>
-             <td class="DataTD"><b><?=_("Date")?></b></td>
-             <td class="DataTD"><b><?=_("Who")?></b></td>
-             <td class="DataTD"><b><?=_("Email")?></b></td>
-             <td class="DataTD"><b><?=_("Points")?></b></td>
-             <td class="DataTD"><b><?=_("Location")?></b></td>
-             <td class="DataTD"><b><?=_("Method")?></b></td>
-             <td class="DataTD"><b><?=_("Revoke")?></b></td>
+             <td class="DataTD"><b><?php echo _("ID")?></b></td>
+             <td class="DataTD"><b><?php echo _("Date")?></b></td>
+             <td class="DataTD"><b><?php echo _("Who")?></b></td>
+             <td class="DataTD"><b><?php echo _("Email")?></b></td>
+             <td class="DataTD"><b><?php echo _("Points")?></b></td>
+             <td class="DataTD"><b><?php echo _("Location")?></b></td>
+             <td class="DataTD"><b><?php echo _("Method")?></b></td>
+             <td class="DataTD"><b><?php echo _("Revoke")?></b></td>
          </tr>
-     <?
-         $query = "select * from `notary` where `to`='".intval($_GET['userid'])."'  and `deleted` = 0";
+     <?php         $query = "select * from `notary` where `to`='".intval($_GET['userid'])."'  and `deleted` = 0";
 -        $dres = mysql_query($query);
 +        $dres = mysqli_query($_SESSION['mconn'], $query);
          $points = 0;
 -        while($drow = mysql_fetch_assoc($dres)) {
 -            $fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($drow['from'])."'"));
 +        while($drow = mysqli_fetch_assoc($dres)) {
 +            $fromuser = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `users` where `id`='".intval($drow['from'])."'"));
              $points += $drow['points'];
      ?>
          <tr>
      ?>
      <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
          <tr>
-             <td colspan="8" class="title"><?=_("Assurance Points The User Issued")?></td>
+             <td colspan="8" class="title"><?php echo _("Assurance Points The User Issued")?></td>
          </tr>
          <tr>
-             <td class="DataTD"><b><?=_("ID")?></b></td>
-             <td class="DataTD"><b><?=_("Date")?></b></td>
-             <td class="DataTD"><b><?=_("Who")?></b></td>
-             <td class="DataTD"><b><?=_("Email")?></b></td>
-             <td class="DataTD"><b><?=_("Points")?></b></td>
-             <td class="DataTD"><b><?=_("Location")?></b></td>
-             <td class="DataTD"><b><?=_("Method")?></b></td>
-             <td class="DataTD"><b><?=_("Revoke")?></b></td>
+             <td class="DataTD"><b><?php echo _("ID")?></b></td>
+             <td class="DataTD"><b><?php echo _("Date")?></b></td>
+             <td class="DataTD"><b><?php echo _("Who")?></b></td>
+             <td class="DataTD"><b><?php echo _("Email")?></b></td>
+             <td class="DataTD"><b><?php echo _("Points")?></b></td>
+             <td class="DataTD"><b><?php echo _("Location")?></b></td>
+             <td class="DataTD"><b><?php echo _("Method")?></b></td>
+             <td class="DataTD"><b><?php echo _("Revoke")?></b></td>
          </tr>
-     <?
-         $query = "select * from `notary` where `from`='".intval($_GET['userid'])."' and `deleted` = 0";
+     <?php         $query = "select * from `notary` where `from`='".intval($_GET['userid'])."' and `deleted` = 0";
 -        $dres = mysql_query($query);
 +        $dres = mysqli_query($_SESSION['mconn'], $query);
          $points = 0;
 -        while($drow = mysql_fetch_assoc($dres)) {
 -            $fromuser = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($drow['to'])."'"));
 +        while($drow = mysqli_fetch_assoc($dres)) {
 +            $fromuser = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `users` where `id`='".intval($drow['to'])."'"));
              $points += intval($drow['points']);
      ?>
          <tr>
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-       $userid=0; if(array_key_exists('userid',$_GET)) $userid=intval($_GET['userid']);
+ <?php         $userid=0; if(array_key_exists('userid',$_GET)) $userid=intval($_GET['userid']);
        if($userid <= 0)
        {
 -              $domainsearch = $domain = mysql_escape_string(stripslashes($_POST['domain']));
 +              $domainsearch = $domain = mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_POST['domain']));
                if(!strstr($domain, "%"))
                        $domainsearch = "%$domain%";
                if(preg_match("/^\d+$/",$domain))
                                `domains`.`deleted`=0 and `users`.`deleted`=0 and
                                `users`.`verified`=1
                                group by `users`.`id` limit 100";
 -              $res = mysql_query($query);
 -              if(mysql_num_rows($res) >= 1) { ?>
 +              $res = mysqli_query($_SESSION['mconn'], $query);
 +              if(mysqli_num_rows($res) >= 1) { ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="5" class="title"><?=_("Select Specific User Account Details")?></td>
+     <td colspan="5" class="title"><?php echo _("Select Specific User Account Details")?></td>
    </tr>
- <?
 -<?php         while($row = mysql_fetch_assoc($res))
++<?php
 +      while($row = mysqli_fetch_assoc($res))
        { ?>
    <tr>
-     <td class="DataTD"><?=_("Domain")?>:</td>
-     <td class="DataTD"><?=$row['domid']?></td>
-     <td class="DataTD"><a href="account.php?id=43&amp;userid=<?=$row['id']?>"><?=sanitizeHTML($row['domain'])?></a></td>
+     <td class="DataTD"><?php echo _("Domain")?>:</td>
+     <td class="DataTD"><?php echo $row['domid']?></td>
+     <td class="DataTD"><a href="account.php?id=43&amp;userid=<?php echo $row['id']?>"><?php echo sanitizeHTML($row['domain'])?></a></td>
    </tr>
- <? } if(mysqli_num_rows($res) >= 100) { ?>
 -<?php } if(mysql_num_rows($res) >= 100) { ?>
++<?php } if(mysqli_num_rows($res) >= 100) { ?>
    <tr>
-     <td class="DataTD" colspan="3"><?=_("Only the first 100 rows are displayed.")?></td>
+     <td class="DataTD" colspan="3"><?php echo _("Only the first 100 rows are displayed.")?></td>
    </tr>
- <? } else { ?>
+ <?php } else { ?>
    <tr>
-     <td class="DataTD" colspan="3"><? printf(_("%s rows displayed."), mysqli_num_rows($res)); ?></td>
 -    <td class="DataTD" colspan="3"><?php printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td>
++    <td class="DataTD" colspan="3"><?php printf(_("%s rows displayed."), mysqli_num_rows($res)); ?></td>
    </tr>
- <? } ?>
+ <?php } ?>
  </table><br><br>
 -<?            } elseif(mysql_num_rows($res) == 1) {
 -                      $row = mysql_fetch_assoc($res);
 +<?            } elseif(mysqli_num_rows($res) == 1) {
 +                      $row = mysqli_fetch_assoc($res);
                        $_GET['userid'] = intval($row['id']);
                } else {
                        ?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
                                <tr>
                                <td colspan="5" class="title"><?printf(_("No personal domains found matching %s"), sanitizeHTML($domain));?></td>
                        </tr>
-               </table><br><br><?
-               }
+               </table><br><br><?php           }
  
                $query = "select `orgid`,`domain`,`id` from `orgdomains` where `domain` like '$domainsearch' or `id`='$domain' limit 100";
 -              $res = mysql_query($query);
 -              if(mysql_num_rows($res) >= 1) { ?>
 +              $res = mysqli_query($_SESSION['mconn'], $query);
 +              if(mysqli_num_rows($res) >= 1) { ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="5" class="title"><?=_("Select Specific Organisation Account Details")?></td>
+     <td colspan="5" class="title"><?php echo _("Select Specific Organisation Account Details")?></td>
    </tr>
- <?
 -<?php         while($row = mysql_fetch_assoc($res))
++<?php
 +      while($row = mysqli_fetch_assoc($res))
        { ?>
    <tr>
-     <td class="DataTD"><?=_("Domain")?>:</td>
-     <td class="DataTD"><?=$row['id']?></td>
-     <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?=intval($row['orgid'])?>"><?=sanitizeHTML($row['domain'])?></a></td>
+     <td class="DataTD"><?php echo _("Domain")?>:</td>
+     <td class="DataTD"><?php echo $row['id']?></td>
+     <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?php echo intval($row['orgid'])?>"><?php echo sanitizeHTML($row['domain'])?></a></td>
    </tr>
- <? } if(mysqli_num_rows($res) >= 100) { ?>
 -<?php } if(mysql_num_rows($res) >= 100) { ?>
++<?php } if(mysqli_num_rows($res) >= 100) { ?>
    <tr>
-     <td class="DataTD" colspan="3"><?=_("Only the first 100 rows are displayed.")?></td>
+     <td class="DataTD" colspan="3"><?php echo _("Only the first 100 rows are displayed.")?></td>
    </tr>
- <? } else { ?>
+ <?php } else { ?>
    <tr>
-     <td class="DataTD" colspan="3"><? printf(_("%s rows displayed."), mysqli_num_rows($res)); ?></td>
 -    <td class="DataTD" colspan="3"><?php printf(_("%s rows displayed."), mysql_num_rows($res)); ?></td>
++    <td class="DataTD" colspan="3"><?php printf(_("%s rows displayed."), mysqli_num_rows($res)); ?></td>
    </tr>
- <? } ?>
+ <?php } ?>
  </table><br><br>
 -<?            } elseif(mysql_num_rows($res) == 1) {
 -                      $row = mysql_fetch_assoc($res);
 +<?            } elseif(mysqli_num_rows($res) == 1) {
 +                      $row = mysqli_fetch_assoc($res);
                        $_GET['userid'] = intval($row['id']);
                } else {
                        ?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
        {
  ?>
    <tr>
-     <td colspan="10" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
+     <td colspan="10" class="DataTD"><?php echo _("No client certificates are currently listed.")?></td>
    </tr>
- <? } else {
+ <?php } else {
 -      while($row = mysql_fetch_assoc($res))
 +      while($row = mysqli_fetch_assoc($res))
        {
                if($row['timeleft'] > 0)
                        $verified = _("Valid");
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <? if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?>
- <?
-       $uid = intval($_GET['photoid']);
+ <?php if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?>
+ <?php         $uid = intval($_GET['photoid']);
        $query = "select * from `tverify` where `id`='$uid' and `modified`=0";
 -      $res = mysql_query($query);
 -      if(mysql_num_rows($res) > 0) { ?>
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      if(mysqli_num_rows($res) > 0) { ?>
- <img src="account.php?id=51&amp;photoid=<?=$uid ?>&amp;img=show" border="0" width="800">
- <? } else {
+ <img src="account.php?id=51&amp;photoid=<?php echo $uid ?>&amp;img=show" border="0" width="800">
+ <?php } else {
          $query = "select * from `tverify` where `id`='$uid' and `modified`=1";
 -        $res = mysql_query($query);
 -        if(mysql_num_rows($res) > 0)
 +        $res = mysqli_query($_SESSION['mconn'], $query);
 +        if(mysqli_num_rows($res) > 0)
          {
                  echo _("This UID has already been voted on.");
          } else {
@@@ -65,17 -65,16 +65,16 @@@ if($_SESSION['profile']['tverify'] <= 0
  
  <br>
  <form method="post" action="account.php">
- <?=_("Comment")?>: <input type="text" name="comment"><br>
- <input type="submit" name="agree" value="<?=_("I agree with this Application")?>">
- <input type="submit" name="disagree" value="<?=_("I don't agree with this Application")?>">
- <input type="hidden" name="oldid" value="<?=intval($_GET['id'])?>">
- <input type="hidden" name="uid" value="<?=intval($uid)?>">
+ <?php echo _("Comment")?>: <input type="text" name="comment"><br>
+ <input type="submit" name="agree" value="<?php echo _("I agree with this Application")?>">
+ <input type="submit" name="disagree" value="<?php echo _("I don't agree with this Application")?>">
+ <input type="hidden" name="oldid" value="<?php echo intval($_GET['id'])?>">
+ <input type="hidden" name="uid" value="<?php echo intval($uid)?>">
  </form>
- <?
-       } else {
+ <?php         } else {
                $query = "select * from `tverify` where `id`='".intval($uid)."' and `modified`=1";
 -              $res = mysql_query($query);
 -              if(mysql_num_rows($res) > 0) {
 +              $res = mysqli_query($_SESSION['mconn'], $query);
 +              if(mysqli_num_rows($res) > 0) {
                        echo _("This UID has already been voted on.")."<br/>";
                } else {
                        if($uid) echo _("Unable to locate a valid request for that UID.")."<br/>";
@@@ -15,8 -15,7 +15,8 @@@
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
 -<?php         $town = array_key_exists('town',$_REQUEST)?mysql_escape_string(stripslashes($_REQUEST['town'])):"";
++<?php
 +      $town = array_key_exists('town',$_REQUEST)?mysqli_real_escape_string($_SESSION['mconn'], stripslashes($_REQUEST['town'])):"";
        $regid = array_key_exists('regid',$_REQUEST)?intval($_REQUEST['regid']):0;
        $ccid = array_key_exists('ccid',$_REQUEST)?intval($_REQUEST['ccid']):0;
        $start = array_key_exists('start',$_REQUEST)?intval($_REQUEST['start']):0;
    </tr>
  </table>
  <input type="hidden" name="action" value="add">
- <input type="hidden" name="ccid" value="<?=$ccid?>">
+ <input type="hidden" name="ccid" value="<?php echo $ccid?>">
  <input type="hidden" name="oldid" value="54">
  </form>
- <? } if($regid > 0 && $_REQUEST['action'] == "edit") {
+ <?php } if($regid > 0 && $_REQUEST['action'] == "edit") {
        $query = "select * from `regions` where `id`='$regid' order by `name`";
 -      $row = mysql_fetch_assoc(mysql_query($query));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
        $name = $row['name'];
  ?>
  <form method="post" action="account.php">
    </tr>
  </table>
  <input type="hidden" name="action" value="add">
- <input type="hidden" name="regid" value="<?=$regid?>">
+ <input type="hidden" name="regid" value="<?php echo $regid?>">
  <input type="hidden" name="oldid" value="54">
  </form>
- <? } if($locid > 0 && $_REQUEST['action'] == "edit") {
+ <?php } if($locid > 0 && $_REQUEST['action'] == "edit") {
        $query = "select * from `locations` where `id`='$locid'";
 -      $row = mysql_fetch_assoc(mysql_query($query));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
  
        if($name == "")
                $name = $row['name'];
    </tr>
  </table>
  <input type="hidden" name="action" value="edit">
- <input type="hidden" name="locid" value="<?=$locid?>">
+ <input type="hidden" name="locid" value="<?php echo $locid?>">
  <input type="hidden" name="oldid" value="54">
  </form>
- <? } if($locid > 0 && $_REQUEST['action'] == "aliases") {
+ <?php } if($locid > 0 && $_REQUEST['action'] == "aliases") {
        $query = "select * from `localias` where `locid`='".intval($locid)."'";
 -      $res = mysql_query($query);
 -      $rc = mysql_num_rows($res);
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      $rc = mysqli_num_rows($res);
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
        </form>
      </td>
    </tr>
- <?
 -<?php         while($row = mysql_fetch_assoc($res))
++<?php
 +      while($row = mysqli_fetch_assoc($res))
        {
  ?>
    <tr>
@@@ -167,27 -166,26 +167,26 @@@ function Show_Stuff(
  document.getElementById("display1").style.display = "none";
  -->
  </script>
- <? } if($locid > 0 && $_REQUEST['action'] == "move") {
+ <?php } if($locid > 0 && $_REQUEST['action'] == "move") {
        $query = "select * from `locations` where `id`='$locid'";
 -      $row = mysql_fetch_assoc(mysql_query($query));
 +      $row = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], $query));
        $newreg = $_REQUEST['newreg'] = $row['regid'];
  ?>
  <form method="post" action="account.php">
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="2" class="title"><?=_("Move Location")?></td>
+     <td colspan="2" class="title"><?php echo _("Move Location")?></td>
    </tr>
    <tr>
-     <td class="DataTD"><?=_("Location")?>:</td>
-     <td class="DataTD"><?=$row['name']?></td>
+     <td class="DataTD"><?php echo _("Location")?>:</td>
+     <td class="DataTD"><?php echo $row['name']?></td>
    </tr>
    <tr>
-     <td class="DataTD"><?=_("Set Region")?>:</td>
+     <td class="DataTD"><?php echo _("Set Region")?>:</td>
      <td class="DataTD"><select name="newreg">
- <?
-       $query = "select * from `regions` where `ccid`='".intval($row['ccid'])."' order by `name`";
+ <?php         $query = "select * from `regions` where `ccid`='".intval($row['ccid'])."' order by `name`";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        {
                echo "<option value='".intval($row['id'])."'";
                if($_REQUEST['newreg'] == $row['id'])
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="5" class="title"><?=_("Your passed Tests")?></td>
+     <td colspan="5" class="title"><?php echo _("Your passed Tests")?></td>
    </tr>
    <tr>
-     <td class="DataTD"><?=_("The list of tests you did pass at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>'?></td>
+     <td class="DataTD"><?php echo _("The list of tests you did pass at").' <a href="https://cats.cacert.org/">https://cats.cacert.org/</a>'?></td>
    </tr>
  </table>
- <?
-   } else {
+ <?php   } else {
      $user_id = intval($_REQUEST['userid']);
      $query = "select * from `users` where `id`='$user_id' and `users`.`deleted`=0";
 -    $res = mysql_query($query);
 -    if(mysql_num_rows($res) <= 0)
 +    $res = mysqli_query($_SESSION['mconn'], $query);
 +    if(mysqli_num_rows($res) <= 0)
      {
        echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are afoot!");
      } else {
@@@ -19,14 -19,13 +19,13 @@@ Foundation, Inc., 51 Franklin Street, F
  
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="1" class="title"><?=_("Name")?></td>
-     <td colspan="1" class="title"><?=_("Email")?></td>
-     <td colspan="1" class="title"><?=_("Country")?></td>
+     <td colspan="1" class="title"><?php echo _("Name")?></td>
+     <td colspan="1" class="title"><?php echo _("Email")?></td>
+     <td colspan="1" class="title"><?php echo _("Country")?></td>
    </tr>
-   <?
-     $query = "select users.fname,users.lname,users.email, countries.name from users left join countries on users.ccid=countries.id where orgadmin=1;";
+   <?php     $query = "select users.fname,users.lname,users.email, countries.name from users left join countries on users.ccid=countries.id where orgadmin=1;";
 -    $res = mysql_query($query);
 -    while($row = mysql_fetch_assoc($res))
 +    $res = mysqli_query($_SESSION['mconn'], $query);
 +    while($row = mysqli_fetch_assoc($res))
      {
    ?>
      <tr>
Simple merge
@@@ -31,24 -31,22 +31,24 @@@ if ($_SESSION['profile']['admin'] != 1 
                                FROM `orginfo`, `org`
                                WHERE `orginfo`.`id` = `org`.`orgid`
                                AND `org`.`memid`='$user_id' order by `orginfo`.`o`";
 -                      $res1 = mysql_query($query);?>
 -                      <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"><?php                  if (mysql_num_rows($res1) <= 0) {?>
 +                      $res1 = mysqli_query($_SESSION['mconn'], $query);?>
-                       <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"><?
++                      <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"><?php
 +                      if (mysqli_num_rows($res1) <= 0) {?>
                                <tr>
-                                       <td colspan="2" class="title"><?=sprintf(_('%s is not listed as Organisation Administrator'), $username)?></td>
+                                       <td colspan="2" class="title"><?php echo sprintf(_('%s is not listed as Organisation Administrator'), $username)?></td>
                                </tr>
                        <?}else{?>
                                <tr>
-                                       <td colspan="2" class="title"><?=sprintf(_('%s is listed as Organisation Administrator for:'), $username)?></td>
+                                       <td colspan="2" class="title"><?php echo sprintf(_('%s is listed as Organisation Administrator for:'), $username)?></td>
                                </tr>
                                <tr>
-                                       <td class="DataTD"><b><?=_('Organisation')?></b></td>
-                                       <td class="DataTD"><b><?=_('Masteraccount')?></b></td>
-                               </tr><?
+                                       <td class="DataTD"><b><?php echo _('Organisation')?></b></td>
+                                       <td class="DataTD"><b><?php echo _('Masteraccount')?></b></td>
 -                              </tr><?php                              while($drow = mysql_fetch_assoc($res1)){?>
++                              </tr><?php
 +                              while($drow = mysqli_fetch_assoc($res1)){?>
                                        <tr>
-                                               <td class="DataTD"><?=$drow['o']?></td>
-                                               <td class="DataTD"><?=$drow['masteracc'] ? _("Yes") : _("No") ?></td>
+                                               <td class="DataTD"><?php echo $drow['o']?></td>
+                                               <td class="DataTD"><?php echo $drow['masteracc'] ? _("Yes") : _("No") ?></td>
                                        </tr>
                                <?}
                        }
@@@ -156,12 -155,11 +155,12 @@@ $dres = get_email_addresses($userid,'',
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
      <tr>
-         <td colspan="3" class="title"><?=_('Email addresses')?></td>
+         <td colspan="3" class="title"><?php echo _('Email addresses')?></td>
      </tr>
- <?
 -<?php if (mysql_num_rows($dres) > 0) {
++<?php
 +if (mysqli_num_rows($dres) > 0) {
      output_log_email_header();
 -    while ($drow = mysql_fetch_assoc($dres))
 +    while ($drow = mysqli_fetch_assoc($dres))
      {
          output_log_email($drow,$email);
      }
@@@ -182,12 -178,11 +179,12 @@@ $dres = get_domains($userid, 1)
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
      <tr>
-         <td colspan="3" class="title"><?=_('Domains')?></td>
+         <td colspan="3" class="title"><?php echo _('Domains')?></td>
      </tr>
 -<?php if (mysql_num_rows($dres) > 0) {
 +<?
 +if (mysqli_num_rows($dres) > 0) {
      output_log_domains_header();
 -    while ($drow = mysql_fetch_assoc($dres))
 +    while ($drow = mysqli_fetch_assoc($dres))
      {
            output_log_domains($drow);
      }
@@@ -208,12 -201,11 +203,12 @@@ $dres = get_training_results($userid)
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
      <tr>
-         <td colspan="3" class="title"><?=_('Trainings')?></td>
+         <td colspan="3" class="title"><?php echo _('Trainings')?></td>
      </tr>
- <?
 -<?php if (mysql_num_rows($dres) > 0) {
++<?php
 +if (mysqli_num_rows($dres) > 0) {
      output_log_training_header();
 -    while ($drow = mysql_fetch_assoc($dres))
 +    while ($drow = mysqli_fetch_assoc($dres))
      {
          output_log_training($drow);
      }
@@@ -234,12 -224,11 +227,12 @@@ $dres = get_user_agreements($userid)
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
      <tr>
-         <td colspan="4" class="title"><?=_('User agreements')?></td>
+         <td colspan="4" class="title"><?php echo _('User agreements')?></td>
      </tr>
- <?
 -<?php if (mysql_num_rows($dres) > 0) {
++<?php
 +if (mysqli_num_rows($dres) > 0) {
      output_log_agreement_header();
 -    while ($drow = mysql_fetch_assoc($dres))
 +    while ($drow = mysqli_fetch_assoc($dres))
      {
          output_log_agreement($drow);
      }
@@@ -264,12 -251,11 +255,12 @@@ if (1 == $support) 
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
      <tr>
-         <td colspan="<?=$colspan?>" class="title"><?=_('Client certificates')?></td>
+         <td colspan="<?php echo $colspan?>" class="title"><?php echo _('Client certificates')?></td>
      </tr>
- <?
 -<?php if (mysql_num_rows($dres) > 0) {
++<?php
 +if (mysqli_num_rows($dres) > 0) {
      output_client_cert_header($support);
 -    while ($drow = mysql_fetch_assoc($dres))
 +    while ($drow = mysqli_fetch_assoc($dres))
      {
          output_client_cert($drow,$support);
      }
@@@ -294,12 -278,11 +283,12 @@@ if (1 == $support) 
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
      <tr>
-         <td colspan="<?=$colspan?>" class="title"><?=_('Server certificates')?></td>
+         <td colspan="<?php echo $colspan?>" class="title"><?php echo _('Server certificates')?></td>
      </tr>
- <?
 -<?php if (mysql_num_rows($dres) > 0) {
++<?php
 +if (mysqli_num_rows($dres) > 0) {
      output_server_certs_header($support);
 -    while ($drow = mysql_fetch_assoc($dres))
 +    while ($drow = mysqli_fetch_assoc($dres))
      {
          output_server_certs($drow,$support);
      }
@@@ -324,12 -305,11 +311,12 @@@ if (1 == $support) 
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
      <tr>
-         <td colspan="<?=$colspan?>" class="title"><?=_('GPG/PGP certificates')?></td>
+         <td colspan="<?php echo $colspan?>" class="title"><?php echo _('GPG/PGP certificates')?></td>
      </tr>
- <?
 -<?php if (mysql_num_rows($dres) > 0) {
++<?php
 +if (mysqli_num_rows($dres) > 0) {
      output_gpg_certs_header($support);
 -    while ($drow = mysql_fetch_assoc($dres))
 +    while ($drow = mysqli_fetch_assoc($dres))
      {
          output_gpg_certs($drow, $support);
      }
@@@ -359,12 -335,11 +342,12 @@@ if (1 == $support) 
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
      <tr>
-         <td colspan="<?=$colspan?>" class="title"><?=_('Admin log')?></td>
+         <td colspan="<?php echo $colspan?>" class="title"><?php echo _('Admin log')?></td>
      </tr>
- <?
 -<?php if (mysql_num_rows($dres) > 0) {
++<?php
 +if (mysqli_num_rows($dres) > 0) {
      output_log_se_header($support);
 -    while ($drow = mysql_fetch_assoc($dres))
 +    while ($drow = mysqli_fetch_assoc($dres))
      {
         output_log_se($drow,$support);
      }
Simple merge
  <form method="post" action="account.php">
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="3" class="title"><?=_("Domains")?></td>
+     <td colspan="3" class="title"><?php echo _("Domains")?></td>
    </tr>
    <tr>
-     <td class="DataTD"><?=_("Delete")?></td>
-     <td class="DataTD"><?=_("Status")?></td>
-     <td class="DataTD"><?=_("Address")?></td>
+     <td class="DataTD"><?php echo _("Delete")?></td>
+     <td class="DataTD"><?php echo _("Status")?></td>
+     <td class="DataTD"><?php echo _("Address")?></td>
  
- <?
-       $query = "select * from `domains` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
+ <?php         $query = "select * from `domains` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
 -      $res = mysql_query($query);
 -      if(mysql_num_rows($res) <= 0)
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      if(mysqli_num_rows($res) <= 0)
        {
  ?>
    <tr>
-     <td colspan="3" class="DataTD"><?=_("No domains are currently listed.")?></td>
+     <td colspan="3" class="DataTD"><?php echo _("No domains are currently listed.")?></td>
    </tr>
- <? } else {
+ <?php } else {
 -      while($row = mysql_fetch_assoc($res))
 +      while($row = mysqli_fetch_assoc($res))
        {
                if($row['hash'] == "")
                        $verified = _("Verified");
Simple merge
diff --cc pages/gpg/2.php
        {
  ?>
    <tr>
-     <td colspan="6" class="DataTD"><?=_("No OpenPGP keys are currently listed.")?></td>
+     <td colspan="6" class="DataTD"><?php echo _("No OpenPGP keys are currently listed.")?></td>
    </tr>
- <? } else {
+ <?php } else {
 -      while($row = mysql_fetch_assoc($res))
 +      while($row = mysqli_fetch_assoc($res))
        {
                $verified = '';
                if($row['timeleft'] > 0)
diff --cc pages/gpg/3.php
      along with this program; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */ ?>
- <?
-       $certid = intval($_REQUEST['cert']);
+ <?php         $certid = intval($_REQUEST['cert']);
        $query = "select * from `gpg` where `id`='$certid' and `memid`='".intval($_SESSION['profile']['id'])."'";
 -      $res = mysql_query($query);
 -      if(mysql_num_rows($res) <= 0)
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      if(mysqli_num_rows($res) <= 0)
        {
                echo _("No such OpenPGP key attached to your account.");
                showfooter();
                exit;
        }
 -      $row = mysql_fetch_assoc($res);
 +      $row = mysqli_fetch_assoc($res);
  ?>
- <h3><?=_("Below is your OpenPGP key")?></h3>
+ <h3><?php echo _("Below is your OpenPGP key")?></h3>
  <pre>
- <? readfile($row['crt']); ?>
+ <?php readfile($row['crt']); ?>
  </pre>
diff --cc pages/wot/1.php
  ?>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="550">
    <tr>
-     <td class="title"><?=_("Name")?></td>
-     <td class="title"><?=_("Max Points")?></td>
-     <td class="title"><?=_("Contact Details")?></td>
-     <td class="title"><?=_("Email Assurer")?></td>
-     <td class="title"><?=_("Assurer Challenge")?></td>
+     <td class="title"><?php echo _("Name")?></td>
+     <td class="title"><?php echo _("Max Points")?></td>
+     <td class="title"><?php echo _("Contact Details")?></td>
+     <td class="title"><?php echo _("Email Assurer")?></td>
+     <td class="title"><?php echo _("Assurer Challenge")?></td>
    </tr>
  
 -<?            while($row = mysql_fetch_assoc($list)) { ?>
 +<?            while($row = mysqli_fetch_assoc($list)) { ?>
    <tr>
-     <td class="DataTD" width="100"><nobr><?=sanitizeHTML($row['fname'])?> <?=substr($row['lname'], 0, 1)?>.</nobr></td>
-     <td class="DataTD"><?=maxpoints($row['id'])?></td>
-     <td class="DataTD"><?=sanitizeHTML($row['contactinfo'])?></td>
-     <td class="DataTD"><a href="wot.php?id=9&amp;userid=<?=intval($row['id'])?>"><?=_("Email Me")?></a></td>
-     <td class="DataTD"><?=$row['assurer']?_("Yes"):("<font color=\"#ff0000\">"._("Not yet!")."</font>")?></td>
+     <td class="DataTD" width="100"><nobr><?php echo sanitizeHTML($row['fname'])?> <?php echo substr($row['lname'], 0, 1)?>.</nobr></td>
+     <td class="DataTD"><?php echo maxpoints($row['id'])?></td>
+     <td class="DataTD"><?php echo sanitizeHTML($row['contactinfo'])?></td>
+     <td class="DataTD"><a href="wot.php?id=9&amp;userid=<?php echo intval($row['id'])?>"><?php echo _("Email Me")?></a></td>
+     <td class="DataTD"><?php echo $row['assurer']?_("Yes"):("<font color=\"#ff0000\">"._("Not yet!")."</font>")?></td>
    </tr>
- <?
-               }
+ <?php                 }
        }
  ?>
  </table>
@@@ -40,9 -39,9 +39,9 @@@
                        inner join `notary` on `users`.`id` = `notary`.`from`
                        GROUP BY `notary`.`from` HAVING count(*) > '$rc'";
  
 -      $rank = mysql_num_rows(mysql_query($query)) + 1;
 +      $rank = mysqli_num_rows(mysqli_query($_SESSION['mconn'], $query)) + 1;
  ?>
-     <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($rc), intval($rank))?></td>
+     <td class="DataTD"><?php echo sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($rc), intval($rank))?></td>
    </tr>
  </table>
  <center>
  <br>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="6" class="title"><?=_("Your Assurance Points")?></td>
+     <td colspan="6" class="title"><?php echo _("Your Assurance Points")?></td>
    </tr>
    <tr>
-     <td class="DataTD"><b><?=_("ID")?></b></td>
-     <td class="DataTD"><b><?=_("Date")?></b></td>
-     <td class="DataTD"><b><?=_("Who")?></b></td>
-     <td class="DataTD"><b><?=_("Points")?></b></td>
-     <td class="DataTD"><b><?=_("Location")?></b></td>
-     <td class="DataTD"><b><?=_("Method")?></b></td>
+     <td class="DataTD"><b><?php echo _("ID")?></b></td>
+     <td class="DataTD"><b><?php echo _("Date")?></b></td>
+     <td class="DataTD"><b><?php echo _("Who")?></b></td>
+     <td class="DataTD"><b><?php echo _("Points")?></b></td>
+     <td class="DataTD"><b><?php echo _("Location")?></b></td>
+     <td class="DataTD"><b><?php echo _("Method")?></b></td>
    </tr>
- <?
-       $query = "select `id`, `date`, `from`, `points`, `location`, `method` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
+ <?php         $query = "select `id`, `date`, `from`, `points`, `location`, `method` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted`=0";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        {
 -              $fromuser = mysql_fetch_assoc(mysql_query("select `fname`, `lname` from `users` where `id`='".intval($row['from'])."'"));
 +              $fromuser = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select `fname`, `lname` from `users` where `id`='".intval($row['from'])."'"));
  ?>
    <tr>
-     <td class="DataTD"><?=intval($row['id'])?></td>
-     <td class="DataTD"><?=$row['date']?></td>
-     <td class="DataTD"><a href="wot.php?id=9&amp;userid=<?=intval($row['from'])?>"><?=sanitizeHTML(trim($fromuser['fname']." ".$fromuser['lname']))?></td>
-     <td class="DataTD"><?=intval($row['points'])?></td>
-     <td class="DataTD"><?=sanitizeHTML($row['location'])?></td>
-     <td class="DataTD"><?=_(sprintf("%s", $row['method']))?></td>
+     <td class="DataTD"><?php echo intval($row['id'])?></td>
+     <td class="DataTD"><?php echo $row['date']?></td>
+     <td class="DataTD"><a href="wot.php?id=9&amp;userid=<?php echo intval($row['from'])?>"><?php echo sanitizeHTML(trim($fromuser['fname']." ".$fromuser['lname']))?></td>
+     <td class="DataTD"><?php echo intval($row['points'])?></td>
+     <td class="DataTD"><?php echo sanitizeHTML($row['location'])?></td>
+     <td class="DataTD"><?php echo _(sprintf("%s", $row['method']))?></td>
    </tr>
- <?
-   $thawte = ($row['method'] == "Thawte Points Transfer") || $thawte;
+ <?php   $thawte = ($row['method'] == "Thawte Points Transfer") || $thawte;
  } ?>
    <tr>
-     <td class="DataTD" colspan="3"><b><?=_("Total Points")?>:</b></td>
-     <td class="DataTD"><?=intval($_SESSION['profile']['points'])?></td>
+     <td class="DataTD" colspan="3"><b><?php echo _("Total Points")?>:</b></td>
+     <td class="DataTD"><?php echo intval($_SESSION['profile']['points'])?></td>
      <td class="DataTD" colspan="2">&nbsp;</td>
    </tr>
  </table>
  <br>
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="6" class="title"><?=_("Assurance Points You Issued")?></td>
+     <td colspan="6" class="title"><?php echo _("Assurance Points You Issued")?></td>
    </tr>
    <tr>
-     <td class="DataTD"><b><?=_("ID")?></b></td>
-     <td class="DataTD"><b><?=_("Date")?></b></td>
-     <td class="DataTD"><b><?=_("Who")?></b></td>
-     <td class="DataTD"><b><?=_("Points")?></b></td>
-     <td class="DataTD"><b><?=_("Location")?></b></td>
-     <td class="DataTD"><b><?=_("Method")?></b></td>
+     <td class="DataTD"><b><?php echo _("ID")?></b></td>
+     <td class="DataTD"><b><?php echo _("Date")?></b></td>
+     <td class="DataTD"><b><?php echo _("Who")?></b></td>
+     <td class="DataTD"><b><?php echo _("Points")?></b></td>
+     <td class="DataTD"><b><?php echo _("Location")?></b></td>
+     <td class="DataTD"><b><?php echo _("Method")?></b></td>
    </tr>
- <?
-       $points = 0;
+ <?php         $points = 0;
        $query = "select `id`, `date`, `points`, `to`, `location`, `method` from `notary` where `from`='".intval($_SESSION['profile']['id'])."' and `to`!='".intval($_SESSION['profile']['id'])."'  and `deleted`=0" ;
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        {
 -              $fromuser = mysql_fetch_assoc(mysql_query("select `fname`, `lname` from `users` where `id`='".intval($row['to'])."'"));
 +              $fromuser = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select `fname`, `lname` from `users` where `id`='".intval($row['to'])."'"));
                $points += intval($row['points']);
                $name = trim($fromuser['fname']." ".$fromuser['lname']);
                if($name == "")
@@@ -108,16 -107,16 +107,16 @@@ document.f.location.focus()
                                `users`.`assurer` = 1 AND `users`.`listme` = 1 HAVING `distance` <= '$maxdist' ORDER BY `distance` LIMIT 50";
                                //echo $query;
        }
 -      $res = mysql_query($query);
 +      $res = mysqli_query($_SESSION['mconn'], $query);
  ?><table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="700">
    <tr>
-     <td class="title"><?=_("Name")?></td>
-     <td class="title"><?=_("Distance")?></td>
-     <td class="title"><?=_("Max Points")?></td>
-     <td class="title"><?=_("Contact Details")?></td>
-     <td class="title"><?=_("Email Assurer")?></td>
+     <td class="title"><?php echo _("Name")?></td>
+     <td class="title"><?php echo _("Distance")?></td>
+     <td class="title"><?php echo _("Max Points")?></td>
+     <td class="title"><?php echo _("Contact Details")?></td>
+     <td class="title"><?php echo _("Email Assurer")?></td>
    </tr>
 -<?    while($row = mysql_fetch_assoc($res))
 +<?    while($row = mysqli_fetch_assoc($res))
        {
                $points = maxpoints($row['uid']);
                if($points > 35)
Simple merge
diff --cc pages/wot/9.php
  
                        $_SESSION['_config']['pagehash'] = md5(date("U"));
  ?>
- <? if($_SESSION['_config']['error'] != "") { ?><font color="#ff0000" size="+1">ERROR: <?=$_SESSION['_config']['error']?></font><? unset($_SESSION['_config']['error']); } ?>
+ <?php if($_SESSION['_config']['error'] != "") { ?><font color="#ff0000" size="+1">ERROR: <?php echo $_SESSION['_config']['error']?></font><?php unset($_SESSION['_config']['error']); } ?>
  <form method="post" action="wot.php">
- <input type="hidden" name="userid" value="<?=intval($user['id'])?>">
+ <input type="hidden" name="userid" value="<?php echo intval($user['id'])?>">
  <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
    <tr>
-     <td colspan="2" class="title"><?=_("Contact Assurer")?></td>
+     <td colspan="2" class="title"><?php echo _("Contact Assurer")?></td>
    </tr>
    <tr>
-     <td class="DataTD"><?=_("To")?>:</td>
-     <td class="DataTD" align="left"><?=sanitizeHTML(trim($user['fname'].' '.substr($user['lname'], 0, 1)))?></td>
+     <td class="DataTD"><?php echo _("To")?>:</td>
+     <td class="DataTD" align="left"><?php echo sanitizeHTML(trim($user['fname'].' '.substr($user['lname'], 0, 1)))?></td>
    </tr>
- <? if($userlang != "") { ?>
+ <?php if($userlang != "") { ?>
    <tr>
-     <td class="DataTD"><?=_("Language")?>:</td>
-     <td class="DataTD" align="left"><? printf(_("%s prefers to be contacted in %s"), sanitizeHTML($user['fname']), L10n::$translations[$userlang]) ?></td>
+     <td class="DataTD"><?php echo _("Language")?>:</td>
+     <td class="DataTD" align="left"><?php printf(_("%s prefers to be contacted in %s"), sanitizeHTML($user['fname']), L10n::$translations[$userlang]) ?></td>
    </tr>
- <? } ?>
- <?
-       $query = "select * from `addlang` where `userid`='".intval($user['id'])."'";
+ <?php } ?>
+ <?php         $query = "select * from `addlang` where `userid`='".intval($user['id'])."'";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        {
 -              $lang = mysql_fetch_assoc(mysql_query("select * from `languages` where `locale`='".mysql_real_escape_string($row['lang'])."'"));
 +              $lang = mysqli_fetch_assoc(mysqli_query($_SESSION['mconn'], "select * from `languages` where `locale`='".mysqli_real_escape_string($_SESSION['mconn'], $row['lang'])."'"));
  ?>
    <tr>
-     <td class="DataTD"><?=_("Additional Language")?>:</td>
-     <td class="DataTD" align="left"><? printf(_("%s will also accept email in %s - %s"), sanitizeHTML($user['fname']), $lang['lang'], $lang['country']) ?></td>
+     <td class="DataTD"><?php echo _("Additional Language")?>:</td>
+     <td class="DataTD" align="left"><?php printf(_("%s will also accept email in %s - %s"), sanitizeHTML($user['fname']), $lang['lang'], $lang['country']) ?></td>
    </tr>
- <? } ?>
+ <?php } ?>
    <tr>
-     <td class="DataTD"><?=_("Subject")?>:</td>
-     <td class="DataTD" align="left"><input type="text" name="subject" value="<?=sanitizeHTML($_POST['subject'])?>"></td>
+     <td class="DataTD"><?php echo _("Subject")?>:</td>
+     <td class="DataTD" align="left"><input type="text" name="subject" value="<?php echo sanitizeHTML($_POST['subject'])?>"></td>
    </tr>
    <tr>
-     <td class="DataTD"><?=_("Message")?>:</td>
-     <td class="DataTD"><textarea name="message" cols="40" rows="5" wrap="virtual"><?=sanitizeHTML($_POST['message'])?></textarea></td>
+     <td class="DataTD"><?php echo _("Message")?>:</td>
+     <td class="DataTD"><textarea name="message" cols="40" rows="5" wrap="virtual"><?php echo sanitizeHTML($_POST['message'])?></textarea></td>
    </tr>
    <tr>
-     <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Send")?>"></td>
+     <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?php echo _("Send")?>"></td>
    </tr>
  </table>
- <input type="hidden" name="pageid" value="<?=$_SESSION['_config']['pagehash']?>">
- <input type="hidden" name="userid" value="<?=intval($_REQUEST['userid'])?>">
- <input type="hidden" name="oldid" value="<?=intval($id)?>">
+ <input type="hidden" name="pageid" value="<?php echo $_SESSION['_config']['pagehash']?>">
+ <input type="hidden" name="userid" value="<?php echo intval($_REQUEST['userid'])?>">
+ <input type="hidden" name="oldid" value="<?php echo intval($id)?>">
  </form>
- <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p>
- <? } } ?>
+ <p>[ <a href='javascript:history.go(-1)'><?php echo _("Go Back")?></a> ]</p>
+ <?php } } ?>
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
index 7e0939c,3ab8d80..1d32a39
mode 100644,100755..100644
Simple merge
Simple merge
Simple merge
Simple merge
index 4db7d7b,2ae9db3..f6073b5
mode 100644,100755..100644
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
diff --cc www/ac.php
Simple merge
diff --cc www/account.php
Simple merge
Simple merge
Simple merge
Simple merge
diff --cc www/api/edu.php
Simple merge
Simple merge
Simple merge
diff --cc www/gpg.php
Simple merge
diff --cc www/index.php
Simple merge
diff --cc www/news.php
Simple merge
diff --cc www/rss.php
@@@ -8,20 -8,19 +8,19 @@@
                <link>http://www.CAcert.org/</link>
                <copyright>Copyright &#169; 2002-present, CAcert Inc.</copyright>
                <description>News feed for CAcert.org</description>
-               <pubDate><?=date("D, d M Y H:i:s O")?></pubDate>
-               <lastBuildDate><?=date("D, d M Y H:i:s O")?></lastBuildDate>
-               <ttl>3600</ttl><?
-       $query = "select *, UNIX_TIMESTAMP(`when`) as `TS` from news order by `when` desc limit 10";
+               <pubDate><?php echo date("D, d M Y H:i:s O")?></pubDate>
+               <lastBuildDate><?php echo date("D, d M Y H:i:s O")?></lastBuildDate>
+               <ttl>3600</ttl><?php    $query = "select *, UNIX_TIMESTAMP(`when`) as `TS` from news order by `when` desc limit 10";
 -      $res = mysql_query($query);
 -      while($row = mysql_fetch_assoc($res))
 +      $res = mysqli_query($_SESSION['mconn'], $query);
 +      while($row = mysqli_fetch_assoc($res))
        { ?>
                <item>
-                       <title><?=strip_tags($row['short'])?></title>
-                       <description><?=strip_tags($row['story'])?></description>
-                       <link>http://www.cacert.org/news.php?from=rss&amp;id=<?=$row['id']?></link>
-                       <pubDate><?=date("D, d M Y H:i:s O", $row['TS'])?></pubDate>
+                       <title><?php echo strip_tags($row['short'])?></title>
+                       <description><?php echo strip_tags($row['story'])?></description>
+                       <link>http://www.cacert.org/news.php?from=rss&amp;id=<?php echo $row['id']?></link>
+                       <pubDate><?php echo date("D, d M Y H:i:s O", $row['TS'])?></pubDate>
                </item>
- <? } ?>
+ <?php } ?>
  
        </channel>
  </rss>
diff --cc www/sqldump.php
@@@ -24,9 -24,8 +24,9 @@@
  #
  # Database: `cacert`
  #
- <?
 -<?php     $tables = mysql_query("SHOW TABLES");
 -    while(list($table_name) = mysql_fetch_array($tables))
++<?php
 +    $tables = mysqli_query($_SESSION['mconn'], "SHOW TABLES");
 +    while(list($table_name) = mysqli_fetch_array($tables), MYSQLI_BOTH)
      {
          echo "# --------------------------------------------------------\n\n";
          echo "#\n# Table structure for table `$table_name`\n#\n\n";
diff --cc www/stats.php
Simple merge
diff --cc www/verify.php
Simple merge
diff --cc www/wot.php
Simple merge