Greetings. We are upgrading a PHP application we wrote 10 years ago to run on PHP7.x. The most time-consuming part of this is converting all of our mysql_query() commands to PDO and encapsulating all output variables in htmlentities to prevent SQL injection.
Basically, we need to convert queries like the [login to view URL] into php_sql_after.png... convert variables to bound values and update the fetch statements. Capitalize MySQL keywords to help readability while you are at it.
Our application currently sanitizes user provided variables before storing in the database. This is done with an Apache module that we will be discontinuing as the industry has standardized on filtering on output instead of input... therefore, any time a variable is echoed to the user, we need to wrap it in htmlentities(). We know that MVC is the way of the future, but we are saving that for a total rewrite next year... right now we just want to run PHP7 safely. We are also using a WAF and security headers. We will also be running some security scanning software before deployment.
Source code will be provided in a tarball and the edited tarball can be returned the same way.
- Update 330-350 mysql_query statements
- Add htmlentities() as needed for all variable output in 33k Non-Comment Lines of Code (as counted by PHPLOC)
- I will be very, very busy until November 3rd and may not be able to respond every day until then. Expect to not hear from me on weekends and for me to take 2 business days to reply to messages until then. I'll do my best to respond faster, but this project is not a huge rush right now. After November 3rd, I'll be much faster replying. I just want to be up-front about this so you don't think you are being ignored or that I won't release milestones... it's just going to take me a little while to review your work.
- Include three milestones: "first look" at 20% of the contract value, "primary" for 60% of the contract value and "warranty" for the remaining 20%. We will try to review your code and release funds as soon as possible, but it's a large enough project that it will take us several weeks to fully review and test. We will release the "first look" within one business day of submitting the completed code... we will take a quick look and if it appears you were on-track, we will release this milestone. We will release the "primary" milestone within 3 business days, assuming no bugs are found (or 3 business days after receiving new bug-free code). We will release the warranty milestone no later than 30 calendar days after the release, but probably sooner as we complete our review.
- Feel free to send up smaller submissions to make sure the work being performed us up to our standard before you to lots of work. We want to make this transaction as low risk for you as possible.
- We get a lot of Freelancers who "race" to submit a bid as fast as they can, thinking that we will pick the first submission. This is not the case. We like carefully thought out proposals or ones that have questions. To show us that you read the proposal all the way through, please make the first word of your reply "stegosaurus".
In the end, this is not a difficult project... we just don't have time to do it ourselves right now. We look forward to working with you.
30 freelancers are bidding on average $226 for this job
Hi I’m an expert in this field and I can get this done for you starting right away no problem. Please let us discuss more in chat so we can get this professionally done.