WIP PDO and Warnings

2024-12-18 11:48:09 -05:00 · 2024-12-18 11:48:09 -05:00 · ea287cd7af
commit ea287cd7af
parent 974eb738f3
25 changed files with 208 additions and 191 deletions
--- a/admin/cms.php
+++ b/admin/cms.php
@ -36,11 +36,11 @@
            "website_content_management"
 			);
- if($_POST['action']=="save")
+ if(get_value_from_array($_POST, 'action',"save"))
 {
 	 $err=false;
 	foreach($config['languages'] AS $lang=>$langname) {
-		$filename=stripslashes($_POST['filename']);
+		$filename=stripslashes(get_value_from_array($_POST, 'filename', ''));
 //		$filename=ereg_replace("[^A-Za-z0-9\.\_\/]","_",$_POST['filename']);
 		if(substr($filename,-5)!=".html")
@ -51,7 +51,7 @@
 		$showlogoname="showlogo_$lang";
 		//get the dt here to insert with ALL the languages, we cant rely on the INSERT NOW() always inserting multiple records with the same timestamp!
 		$insertdt=date("Y-m-d H:i:s");
-		$text=stripslashes($_POST[$textname]);
+		$text=stripslashes(get_value_from_array($_POST,$textname, ''));
 		$q = $pdo->prepare("INSERT INTO cms (filename,dt,lang,text,title,showlogo) VALUES (
@ -59,8 +59,8 @@
 			'$insertdt',
 			'$lang',
 			'".$text."',
-			'".$_POST[$titlename]."',
+			'".get_value_from_array($_POST, $titlename, '')."',
-			'".$_POST[$showlogoname]."'
+			'".get_value_from_array($_POST, $showlogoname, '')."'
 			)");
 		$q->execute();
 		if($pdo->errorInfo()) {
@ -72,7 +72,7 @@
 		echo happy(i18n("%1 successfully saved",array($_POST['filename'])));
 }
- if($_GET['filename'] || $_GET['action']=="create")
+ if(get_value_from_array($_GET,'filename', '') || get_value_from_array($_GET,'action',"create"))
 {
 	echo "<a href=\"cms.php\">&lt;&lt; Back to file list</a><br />\n";
 	echo "<form method=\"post\" action=\"cms.php\">";
--- a/admin/cwsfregister.php
+++ b/admin/cwsfregister.php
@ -129,7 +129,7 @@ include "xml.inc.php";
 			);
 echo "<br />";
- if(count($_POST['cwsfdivision']))
+ if(count(get_value_from_array($_POST,'cwsfdivision', '')))
 {
 	foreach($_POST['cwsfdivision'] AS $p=>$d)
 	{
--- a/admin/donors_search.php
+++ b/admin/donors_search.php
@ -31,7 +31,9 @@
 		//we want to show all years, infact that year field probably shouldnt even be there.
 		$sql="";
 		if(get_value_from_array($_POST, 'search')) $sql.=" AND organization LIKE '%".$_POST['search']."%' ";
-		if(count(get_value_from_array($_POST, 'donortype'))) {
+		
 		//NEEDS AN ARRAY AS AN ARGUMENT INSTEAD OF A STRING
 		if(count(get_value_from_array($_POST, 'donortype', []))) {
 			$sql.=" AND (0 ";
 			foreach($_POST['donortype'] AS $d) {
 				$sql.=" OR donortype='$d'";
@ -42,7 +44,7 @@
 //		echo "query=$query";
 		$q=$pdo->prepare($query);
 		$q->execute();
-
+		$_POST['donortype'];
 		$thisyear=$config['FISCALYEAR'];
 		$lastyear=$config['FISCALYEAR']-1;
 		$rows=array();
--- a/admin/fair_stats.php
+++ b/admin/fair_stats.php
@ -30,7 +30,7 @@
 require_once('curl.inc.php');
 /* Hack so we can jump right to YSC stats */
- if($_GET['abbrv'] == 'YSC') {
+ if(get_value_from_array($_GET,'abbrv','YSC')) {
 	$q = $pdo->prepare("SELECT id FROM fairs WHERE abbrv='YSC'");
 	$q->execute();
 	$r = $q->fetch(PDO::FETCH_ASSOC);
@ -85,7 +85,7 @@
 $server_config['scholarships'] = false;
 $server_config['delegates'] = false;
- if($_GET['year']) $year=intval($_GET['year']);
+ if(get_value_from_array($_GET,'year')) $year=intval(get_value_from_array($_GET, 'year'));
 else $year=$config['FAIRYEAR'];
 if($_GET['id']) $fairs_id=intval($_GET['id']);
@ -98,7 +98,7 @@
 	$fair = $q->fetch(PDO::FETCH_ASSOC);
 }
- $action = $_POST['action'];
+ $action = get_value_from_array($_POST, 'action');
 if($action == 'sendstats') {
 	foreach(array_keys($stats_data) as $k) {
@ -134,7 +134,7 @@
 	}
 }
-
+global $PHPSELF;
 echo "<form name=\"fairselect\" action=\"$PHPSELF\" method=\"get\">";
 $q = $pdo->prepare("SELECT * FROM fairs WHERE `type`='sfiab' OR `type`='ysc' AND enable_stats='yes'");
 $q->execute();
@ -207,7 +207,7 @@
 $stats['year'] = $year;
 /* Now, overwrite all the stats with what we pulled down from the server */
- if(is_array($data['stats'])) {
+ if(is_array(get_value_from_array($data,'stats'))) {
 	 foreach($data['stats'] as $k=>$v) {
 		$stats[$k] = $v;
 	 }
@ -249,7 +249,7 @@
 $stats['schools_districts'] = count($districts);
 //numbers of students:
- $q=$pdo->error("SELECT students.*,schools.* 
+ $q=$pdo->prepare("SELECT students.*,schools.* 
 	 		FROM students
 				LEFT JOIN registrations ON students.registrations_id=registrations.id 
 				LEFT JOIN schools on students.schools_id=schools.id
@ -257,7 +257,7 @@
 				AND registrations.year='$year' 
 				AND (registrations.status='complete' OR registrations.status='paymentpending')");
 $q->execute();
- echo $pdo->errorInfo();
+ show_pdo_errors_if_any($pdo);
 $stats['students_total'] = $q->rowCount();
 $stats['students_public'] = 0;
 $stats['students_private'] = 0;
@ -301,7 +301,7 @@ $q->execute();
 			AND (registrations.status='complete' OR registrations.status='paymentpending') 
 			GROUP BY projects.id");
 $q->execute();
- echo $pdo->errorInfo();
+ show_pdo_errors_if_any($pdo);
 while($r=$q->fetch(PDO::FETCH_ASSOC)) {
 	$stats["projects_{$grademap[$r['grade']]}"]++;
 }
--- a/admin/judges.inc.php
+++ b/admin/judges.inc.php
@ -160,7 +160,7 @@ function getJudgingTeam($teamid)
 	$team=array();
 	$first=true;
-	while($r=$q->fetch(PDO::FETCH_OBJS))
+	while($r=$q->fetch(PDO::FETCH_OBJ))
 	{
 		$team['id']=$r->id;
 		$team['num']=$r->num;
@ -184,7 +184,7 @@ function getJudgingTeam($teamid)
 			lastname,
 			firstname");
 		$mq->execute();
-		show_pdo_errors_if_any();
+		show_pdo_errors_if_any($pdo);
 		while($mr=$mq->fetch(PDO::FETCH_OBJ))
@ -216,7 +216,7 @@ function getJudgingTeam($teamid)
 					name
 				");
 		$aq->execute();
-		while($ar=$aq->fetch(PDO::OBJ))
+		while($ar=$aq->fetch(PDO::FETCH_OBJ))
 		{
 			$team['awards'][]=array(
 					"id"=>$ar->id,
--- a/admin/judges_teams.php
+++ b/admin/judges_teams.php
@ -27,10 +27,10 @@
 user_auth_required('committee', 'admin');
 include "judges.inc.php";
-	if($_GET['edit']) $edit=$_GET['edit'];
+	if(get_value_from_array($_GET,'edit')) $edit=get_value_from_array($_GET,'edit');
-	if($_POST['edit']) $edit=$_POST['edit'];
+	if(get_value_from_array($_POST,'edit')) $edit=get_value_from_array($_POST,'edit');
-	if($_GET['action']) $action=$_GET['action'];
+	if(get_value_from_array($_GET,'action')) $action=get_value_from_array($_GET,'action');
-	if($_POST['action']) $action=$_POST['action'];
+	if(get_value_from_array($_POST,'action')) $action=get_value_from_array($_POST,'action');
 	if($action=="delete" && $_GET['delete'])
 	{
@ -294,7 +294,7 @@ function addclicked()
 		if(!$_SESSION['viewstate']['judges_teams_awards_show'])
 			$_SESSION['viewstate']['judges_teams_awards_show']='unassigned';
 		//now update the judges_teams_awards_show viewstate
-		if($_GET['judges_teams_awards_show'])
+		if(get_value_from_array($_GET, 'judges_teams_awards_show'))
 			$_SESSION['viewstate']['judges_teams_awards_show']=$_GET['judges_teams_awards_show'];
 		echo "<form name=\"judges\" method=\"post\" action=\"judges_teams.php\">";
@ -306,7 +306,8 @@ function addclicked()
 		echo "<tr><td>".i18n("Team Name").":</td><td><input type=\"text\" size=\"40\" name=\"team_name\" value=\"".$team['name']."\"></td></tr>";
 		echo "<tr><td>".i18n("Awards").":</td><td>";
-		if(count($team['awards']))
+	
 		if(count(get_value_from_array($team, 'awards')))
 		{
 			foreach($team['awards'] AS $award)
 			{
@ -374,8 +375,8 @@ function addclicked()
 		echo "<tr><td colspan=2>";
 		$q=$pdo->prepare($querystr);
 		$q->execute();
-
+		
-		echo $pdo->errorInfo();
+		show_pdo_errors_if_any($pdo);
 		echo "<select name=\"award\">";
 		echo "<option value=\"\">".i18n("Choose award to assign to team")."</option>\n";
--- a/admin/registration_receivedforms.php
+++ b/admin/registration_receivedforms.php
@ -341,7 +341,7 @@ if ($_POST['action'] == 'recieve_all')
 	// Grab all projects that don't have project numbers. Status should therefor be open or new but not complete 
 	$query_noprojectnumber = $pdo->prepare("SELECT * FROM projects WHERE projectnumber IS NULL AND year =".$config['FAIRYEAR']."");
 	// Define arrays to append to later
-	$query_noprojectnumber.execute();
+	$query_noprojectnumber->execute();
 	$completed_students = array();
 	$incomplete_students = array();
 	$newstatus_students = array();
--- a/admin/registration_stats.php
+++ b/admin/registration_stats.php
@ -112,8 +112,7 @@ else $wherestatus="";
 				$ORDERBY
 			");
 		$q->execute();
-		// FIXME
+		show_pdo_errors_if_any($pdo);
 		//echo $pdo->errorInfo();
 	$stats_totalprojects=0;
 	$stats_totalstudents=0;
@ -159,7 +158,7 @@ else $wherestatus="";
 					AND
 					students.schools_id=schools.id
 				");
-				echo $pdo->errorInfo();
+				show_pdo_errors_if_any($pdo);
 		$studnum=1;
 		$schools="";
--- a/admin/reports.inc.php
+++ b/admin/reports.inc.php
@ -424,7 +424,7 @@ foreach($report_stock as $n=>$v) {
 			WHERE reports_id='{$report['id']}' 
 			ORDER BY `ord`");
 	$q->execute();
-	print($pdo->erroInfo());
+	show_pdo_errors_if_any($pdo);
 	if($q->rowCount() == 0) return $report;
@ -521,7 +521,7 @@ foreach($report_stock as $n=>$v) {
 }
 function report_load_all() 
- {
+ {	global $pdo;
 	$ret = array();
 	$q = $pdo->prepare("SELECT * FROM reports ORDER BY `name`");
@ -822,7 +822,7 @@ foreach($report['col'] as $v)
 		echo "</pre>";
 		exit;
 	}
-	echo $pdo->erroInfo();
+	show_pdo_errors_if_any($pdo);
 	$ncols = count($report['col']);
 	$n_groups = count($report['group']);
--- a/admin/reports.php
+++ b/admin/reports.php
@ -86,7 +86,7 @@ case 'save':
 		$stmt = $pdo->prepare("INSERT INTO `reports_committee` (`users_id`,`reports_id`) 
 			VALUES('{$_SESSION['users_uid']}','$reports_id');");
 		$stmt->execute();
-		echo $pdo->errorInfo();
+		show_pdo_errors_if_any($pdo);
 		$id = $pdo->lastInsertId();
 	}
@ -247,7 +247,7 @@ $(document).ready(function() {
 			WHERE users_id='{$_SESSION['users_uid']}'
 			ORDER BY category,id");
 $q->execute();
- echo $pdo->errorInfo();
+ show_pdo_errors_if_any($pdo);
 if($q->rowCount()== 0) {
 	echo i18n('You have no reports saved');
 } else {
--- a/admin/reports_judges_teams_projects.php
+++ b/admin/reports_judges_teams_projects.php
@ -164,7 +164,7 @@
 				ORDER BY
 					projectnumber
 				");
-			$projq->execute(;)
+			$projq->execute();
 			while($proj=$projq->fetch(PDO::FETCH_OBJ))
 			{
--- a/admin/reports_mailinglabels_generator.php
+++ b/admin/reports_mailinglabels_generator.php
@ -147,7 +147,7 @@ if($report)
 					i18n($config['postalzip']));
 	}
-	while($r=$q-.fetch(PDO::FETCH_OBJ))
+	while($r=$q->fetch(PDO::FETCH_OBJ))
 	{
 		//handle C/O differently for schools, becuase, well, french schools are picky!
 		if($report=="schools") {
--- a/admin/reports_projects_judges_teams.php
+++ b/admin/reports_projects_judges_teams.php
@ -83,7 +83,7 @@
 				projects.projectnumber
 			");
 		$projq->execute();
-			echo $pdo->errorInfo();
+			show_pdo_errors_if_any($pdo);
 	while($proj=$projq->fetch(PDO::FETCH_OBJ))
 	{
@ -101,7 +101,7 @@
 		$students="";
 		$studnum=0;
-		while($studentinfo=$sq->fetch(PDO::fETCH_OBJ)
+		while($studentinfo=$sq->fetch(PDO::FETCH_OBJ))
 		{
 			if($studnum>0) $students.=", ";
 			$students.="$studentinfo->firstname $studentinfo->lastname";
--- a/admin/schools.php
+++ b/admin/schools.php
@ -27,18 +27,18 @@
 user_auth_required('committee', 'admin');
-	if($_POST['save']=="edit" || $_POST['save']=="add")
+	if(get_value_from_array($_POST,'save',"edit") || get_value_from_array($_POST,'save',"add"))
 	{
-		if($_POST['save']=="add")
+		if(get_value_from_array($_POST,'save',"add"))
 		{
 			$q=$pdo->prepare("INSERT INTO schools (year) VALUES ('".$config['FAIRYEAR']."')");
 			$q->execute();
 			$id=$pdo->lastInsertId();
 		}
 		else
-			$id=intval($_POST['id']);
+			$id=intval(get_value_from_array($_POST, 'id'));
-		$atrisk = $_POST['atrisk'] == 'yes' ? 'yes' : 'no';
+		$atrisk = get_value_from_array($_POST, 'atrisk') == 'yes' ? 'yes' : 'no';
 /*
 			"sciencehead='".mysql_escape_string(stripslashes($_POST['sciencehead']))."', ".
@ -54,7 +54,7 @@
 		$principal_update = '';
 		$sciencehead_update = '';
-		list($first, $last) = split(' ', $_POST['principal'], 2);
+		list($first, $last) = explode(' ', get_value_from_array($_POST,'principal') ?? '', 2);
 		/* Load existing entry if it exists, else make an entry if
 		 * there is data, else, do nothing */
 		if($i['principal_uid'] > 0) 
@ -65,7 +65,7 @@
 		} else 
 			$pl = false;
-		$em = $_POST['principalemail'];
+		$em = get_value_from_array($_POST,'principalemail');
 		/* If we loaded or created an entry, either
 		 * update and save, or purge it */
@ -83,8 +83,9 @@
 		/* Get info about science head */
-		list($first, $last) = split(' ', $_POST['sciencehead'], 2);
+		// FIX ME
-		$em = $_POST['scienceheademail'];
+		list($first, $last) = explode(' ', get_value_from_array($_POST, 'sciencehead', ''), 2);
 		$em = get_value_from_array($_POST,'scienceheademail');
 		if($em == '' && ($first != '' || $last != '')) $em = "*$first$last".user_generate_password();
 		/* Load existing record, or create new if there's something
 		 * to insert */
@ -122,52 +123,52 @@
 		}
 		$exec="UPDATE schools SET ".
-			"school='".stripslashes($_POST['school'])."', ".
+			"school='".get_value_from_array($_POST,'school')."', ".
-			"schoollang='".stripslashes($_POST['schoollang'])."', ".
+			"schoollang='".get_value_from_array($_POST,'schoollang')."', ".
-			"designate='".stripslashes($_POST['schooldesignate'])."', ".
+			"designate='".get_value_from_array($_POST,'schooldesignate')."', ".
-			"schoollevel='".stripslashes($_POST['schoollevel'])."', ".
+			"schoollevel='".get_value_from_array($_POST,'schoollevel')."', ".
-			"school='".stripslashes($_POST['school'])."', ".
+			"school='".get_value_from_array($_POST,'school')."', ".
-			"board='".stripslashes($_POST['board'])."', ".
+			"board='".get_value_from_array($_POST,'board')."', ".
-			"district='".stripslashes($_POST['district'])."', ".
+			"district='".get_value_from_array($_POST,'district')."', ".
-			"address='".stripslashes($_POST['address'])."', ".
+			"address='".get_value_from_array($_POST,'address')."', ".
-			"city='".stripslashes($_POST['city'])."', ".
+			"city='".get_value_from_array($_POST,'city')."', ".
-			"province_code='".stripslashes($_POST['province_code'])."', ".
+			"province_code='".get_value_from_array($_POST,'province_code')."', ".
-			"postalcode='".stripslashes($_POST['postalcode'])."', ".
+			"postalcode='".get_value_from_array($_POST,'postalcode')."', ".
-			"schoolemail='".stripslashes($_POST['schoolemail'])."', ".
+			"schoolemail='".get_value_from_array($_POST,'schoolemail')."', ".
-			"phone='".stripslashes($_POST['phone'])."', ".
+			"phone='".get_value_from_array($_POST,'phone')."', ".
-			"fax='".stripslashes($_POST['fax'])."', ".
+			"fax='".get_value_from_array($_POST,'fax')."', ".
-			"registration_password='".stripslashes($_POST['registration_password'])."', ".
+			"registration_password='".get_value_from_array($_POST, 'registration_password')."', ".
-			"projectlimit='".stripslashes($_POST['projectlimit'])."', ".
+			"projectlimit='".get_value_from_array($_POST,'projectlimit')."', ".
-			"projectlimitper='".stripslashes($_POST['projectlimitper'])."', ".
+			"projectlimitper='".get_value_from_array($_POST,'projectlimitper')."', ".
-			"accesscode='".stripslashes($_POST['accesscode'])."', ".
+			"accesscode='".get_value_from_array($_POST,'accesscode')."', ".
 			$sciencehead_update.$principal_update.
 			"atrisk='$atrisk' ".
 			"WHERE id='$id'";
 		$stmt = $pdo->prepare($exec);
 		$stmt->execute();
-		echo $pdo->errorInfo();
+		show_pdo_errors_if_any($pdo);
-		if($_POST['save']=="add")
+		if(get_value_from_array($_POST,'save',"add"))
 			$notice = 'added';
 		else
 			$notice = 'saved';
 	}
-	if($_GET['action']=="delete" && $_GET['delete'])
+	if(get_value_from_array($_GET,'action',"delete") && get_value_from_array($_GET, 'delete', ''))
 	{
 		$stmt = $pdo->prepare("DELETE FROM schools WHERE id='".$_GET['delete']."'");
 		$stmt->execute();
 		$notice = 'deleted';
 	}
-	if($_GET['action']=="clearaccesscodes")
+	if(get_value_from_array($_GET,'action',"clearaccesscodes"))
 	{
 		$stmt = $pdo->prepare("UPDATE schools SET accesscode=NULL WHERE year='{$config['FAIRYEAR']}'");
 		$stmt->execute();
 		$notice = 'clearaccess';
 	}
-	if($_GET['action']=="makeaccesscodes")
+	if(get_value_from_array($_GET,'action',"makeaccesscodes"))
 	{
 		$q=$pdo->prepare("SELECT id FROM schools WHERE year='{$config['FAIRYEAR']}' AND (accesscode IS NULL OR accesscode='')");
 		$q->execute();
@ -181,33 +182,33 @@
 		$notice = 'makeaccess';
 	}
-	if($_GET['action']=="edit" || $_GET['action']=="add")
+	if(get_value_from_array($_GET,'action',"edit") || get_value_from_array($_GET,'action',"add"))
 	{
- 		send_header(($_GET['action']=='edit') ? "Edit School" : "Add New School",
+ 		send_header(get_value_from_array($_GET, 'action', 'edit') ? "Edit School" : "Add New School",
 		array('Committee Main' => 'committee_main.php',
 			'Administration' => 'admin/index.php',
 			'School Management' => 'admin/schools.php'),
            "schools_management"
 				);
-		if($_GET['action']=="edit")
+		if(get_value_from_array($_GET,'action',"edit"))
 		{
 			$buttontext="Save School";
-			$q=$pdo->prepare("SELECT * FROM schools WHERE id='".$_GET['edit']."'");
+			$q=$pdo->prepare("SELECT * FROM schools WHERE id='".get_value_from_array($_GET, 'edit', '')."'");
 			$q->execute();
 			$r=$q->fetch(PDO::FETCH_OBJ);
 		}
-		else if($_GET['action']=="add")
+		else if(get_value_from_array($_GET, 'action',"add"))
 		{
 			$buttontext="Add School";
 		}
 		$buttontext=i18n($buttontext);
 		echo "<form method=\"post\" action=\"schools.php\">\n";
-		echo "<input type=\"hidden\" name=\"save\" value=\"".$_GET['action']."\">\n";
+		echo "<input type=\"hidden\" name=\"save\" value=\"".get_value_from_array($_GET, 'action')."\">\n";
-		if($_GET['action']=="edit")
+		if(get_value_from_array($_GET,'action',"edit"))
-			echo "<input type=\"hidden\" name=\"id\" value=\"".$_GET['edit']."\">\n";
+			echo "<input type=\"hidden\" name=\"id\" value=\"".get_value_from_array($_GET,'edit', '')."\">\n";
 		echo "<table>\n";
 		echo "<tr><td>".i18n("School Name")."</td><td><input type=\"text\" name=\"school\" value=\"".htmlspecialchars($r->school)."\" size=\"60\" maxlength=\"64\" /></td></tr>\n";
--- a/admin/winners.php
+++ b/admin/winners.php
@ -29,8 +29,8 @@ require_once('../fair_additional_materials.inc.php');
 $auth_type = user_auth_required(array('fair','committee'), 'admin');
-$award_awards_id = intval($_GET['award_awards_id']);
+$award_awards_id = intval(get_value_from_array($_GET,'award_awards_id'));
-$action = $_GET['action'];
+$action = get_value_from_array($_GET,'action');
 /* Load fairs */
 $fairs = array();
--- a/common.inc.php
+++ b/common.inc.php
@ -1165,12 +1165,12 @@ function committee_warnings()
 	//properly :)
 	$q = $pdo->prepare("SELECT DATE_ADD('".$config['dates']['fairdate']."', INTERVAL 4 MONTH) < NOW() AS rollovercheck");
 	$q->execute();
 	$r = $q->fetch(PDO::FETCH_OBJ);
 	// FIXME Clear out Important Dates as part of rollover
 	if($r->rollovercheck) {
 		echo error(i18n("It has been more than 4 months since your fair.  In order to prepare the system for the next year's fair, you should go to the SFIAB Configuration page, and click on 'Rollover Fair Year'.  Do not start updating the system with new information until the year has been properly rolled over."));
 	}
--- a/config/divisions_cwsf.php
+++ b/config/divisions_cwsf.php
@ -33,7 +33,7 @@
 			);
 ////// FIX ME!!!!!
- if(count(get_value_from_array($_POST, 'cwsfdivision')))
+ if(count(get_value_from_array($_POST, 'cwsfdivision', '')))
 {
 	foreach($_POST['cwsfdivision'] AS $k=>$v)
 	{
--- a/config/rollover.php
+++ b/config/rollover.php
@ -66,6 +66,7 @@
 	/* Get field list for this table */
 	$q = $pdo->prepare("SHOW COLUMNS IN `$table`");
 	$q->execute();
 	show_pdo_errors_if_any($pdo);
 	while(($c = $q->fetch(PDO::FETCH_ASSOC))) {
 		$col[$c['Field']] = $c;
 	}
@ -87,8 +88,7 @@
 	/* Get data */
 	$q=$pdo->prepare("SELECT * FROM $table WHERE year='$currentfairyear' AND $where");
 	$q->execute();
-	// FIXME
+	show_pdo_errors_if_any($pdo);
 	//echo $pdo->errorInfo();
 	$names = '`'.join('`,`', $fields).'`';
 	/* Process data */
@ -105,12 +105,11 @@
 		$stmt = $pdo->prepare("INSERT INTO `$table`(`year`,$names) VALUES ('$newfairyear'$vals)");
 		$stmt->execute();
-		// FIXME
+		show_pdo_errors_if_any($pdo);
 		//echo $pdo->errorInfo();	
 	}
 }
- if(get_value_from_array($_POST, 'action', "rollover") && get_value_from_array($_POST, 'nextfairyear'))
+ if(get_value_from_array($_POST, 'action') == "rollover" && get_value_from_array($_POST, 'nextfairyear'))
 {
 	$newfairyear=intval(get_value_from_array($_POST, 'nextfairyear'));
 	$currentfairyear=intval($config['FAIRYEAR']);
@ -134,8 +133,7 @@
 		echo i18n("Rolling dates")."<br />";
 		$q=$pdo->prepare("SELECT DATE_ADD(date,INTERVAL 365 DAY) AS newdate,name,description FROM dates WHERE year='$currentfairyear'");
 		$q->execute();
-		// FIXME Error handling
+		show_pdo_errors_if_any($pdo);
 		//print_r($pdo->errorInfo());
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO dates (date,name,description,year) VALUES (
 				'".$r->newdate."',
@ -143,6 +141,7 @@
 				'".$r->description."',
 				'".$newfairyear."')");
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
@ -150,8 +149,7 @@
 		echo i18n("Rolling page texts")."<br />";
 		$q=$pdo->prepare("SELECT * FROM pagetext WHERE year='$currentfairyear'");
 		$q->execute();
-		// FIXME
+		show_pdo_errors_if_any($pdo);
 		//echo $pdo->errorInfo();
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO pagetext (textname,textdescription,text,lastupdate,year,lang) VALUES (
 				'".$r->textname."',
@ -161,14 +159,14 @@
 				'".$newfairyear."',
                '".$r->lang."')");
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n("Rolling project categories")."<br />";
 		//project categories
 		$q=$pdo->prepare("SELECT * FROM projectcategories WHERE year='$currentfairyear'");
 		$q->execute();
-		// FIXME
+		show_pdo_errors_if_any($pdo);
 		//echo $pdo->errorInfo();
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO projectcategories (id,category,category_shortform,mingrade,maxgrade,year) VALUES (
 				'".$r->id."',
@ -178,14 +176,14 @@
 				'".$r->maxgrade."',
 				'".$newfairyear."')");
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n("Rolling project divisions")."<br />";
 		//project divisions
 		$q=$pdo->prepare("SELECT * FROM projectdivisions WHERE year='$currentfairyear'");
 		$q->execute();
-		// FIXME
+		show_pdo_errors_if_any($pdo);
 		//echo $pdo->errorInfo();
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO projectdivisions (id,division,division_shortform,cwsfdivisionid,year) VALUES (
 				'".$r->id."',
@ -194,28 +192,28 @@
 				'".$r->cwsfdivisionid."',
 				'".$newfairyear."')");
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n("Rolling project category-division links")."<br />";
 		//project categories divisions links
 		$q=$pdo->prepare("SELECT * FROM projectcategoriesdivisions_link WHERE year='$currentfairyear'");
 		$q->execute();
-		// FIXME
+		show_pdo_errors_if_any($pdo);
 		//echo $pdo->errorInfo();
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO projectcategoriesdivisions_link (projectdivisions_id,projectcategories_id,year) VALUES (
 				'".$r->projectdivisions_id."',
 				'".$r->projectcategories_id."',
 				'".$newfairyear."')");
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n("Rolling project sub-divisions")."<br />";
 		//project subdivisions
 		$q=$pdo->prepare("SELECT * FROM projectsubdivisions WHERE year='$currentfairyear'");
 		$q->execute();
-		// FIXME
+		show_pdo_errors_if_any($pdo);
 		//echo $pdo->errorInfo();
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO projectsubdivisions (id,projectdivisions_id,subdivision,year) VALUES (
 				'".$r->id."',
@ -223,14 +221,14 @@
 				'".$r->subdivision."',
 				'".$newfairyear."')");
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n("Rolling safety questions")."<br />";
 		//safety questions 
 		$q=$pdo->prepare("SELECT * FROM safetyquestions WHERE year='$currentfairyear'");
 		$q->execute();
-		//FIXME
+		show_pdo_errors_if_any($pdo);
 		//echo $pdo->errorInfo();
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO safetyquestions (question,type,required,ord,year) VALUES (
 				'".$r->question."',
@ -239,6 +237,7 @@
 				'".$r->ord."',
 				'".$newfairyear."')");
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n("Rolling awards")."<br />";
@ -247,8 +246,7 @@
 		$q=$pdo->prepare("SELECT * FROM award_awards WHERE year='$currentfairyear'");
 		$q->execute();
-		//FIXME
+		show_pdo_errors_if_any($pdo);
 		//echo $pdo->errorInfo();
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			/* Roll the one award */
 			roll($cy, $ny, 'award_awards', "id='{$r->id}'");
@ -268,7 +266,7 @@
 		//award types
 		$q=$pdo->prepare("SELECT * FROM award_types WHERE year='$currentfairyear'");
 		$q->execute();
-		//echo $pdo->errorInfo();
+		show_pdo_errors_if_any($pdo);
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO award_types (id,type,`order`,year) VALUES (
 				'".$r->id."',
@ -276,13 +274,14 @@
 				'".$r->order."',
 				'".$newfairyear."')");
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n("Rolling schools")."<br />";
 		//award types
 		$q=$pdo->prepare("SELECT * FROM schools WHERE year='$currentfairyear'");
 		$q->execute();
-		//echo $pdo->errorInfo();
+		show_pdo_errors_if_any($pdo);
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			$puid = ($r->principal_uid == null) ? 'NULL' : ("'".intval($r->principal_uid)."'");
 			$shuid = ($r->sciencehead_uid == null) ? 'NULL' : ("'".intval($r->sciencehead_uid)."'");
@ -310,11 +309,13 @@
 				".$pdo->quote($r->projectlimitper).",
 				".$newfairyear.")");
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n("Rolling questions")."<br />";
 		$q = $pdo->prepare("SELECT * FROM questions WHERE year='$currentfairyear'");
 		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while($r=$q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO questions (id,year,section,db_heading,question,type,required,ord) VALUES (
 				'',
@ -326,6 +327,7 @@
 				".$pdo->quote($r->required).",
 				".$pdo->quote($r->ord).")");
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		//regfee items
@ -340,29 +342,31 @@
 		echo i18n('Rolling judging timeslots and rounds')."<br />";
 		$q=$pdo->prepare("SELECT * FROM judges_timeslots WHERE year='$currentfairyear' AND round_id='0'");
 		$q->execute();
-        //echo $pdo->errorInfo();
+        show_pdo_errors_if_any($pdo);
 		while($r=$q->fetch(PDO::FETCH_ASSOC)) {
 			$d = $newfairyear - $currentfairyear;
 			$stmt = $pdo->prepare("INSERT INTO judges_timeslots (`year`,`round_id`,`type`,`date`,`starttime`,`endtime`,`name`)
 				VALUES ('$newfairyear','0','{$r['type']}',DATE_ADD('{$r['date']}', INTERVAL $d YEAR),
 					'{$r['starttime']}','{$r['endtime']}','{$r['name']}')");
 			$stmt->execute();
-			//echo $pdo->errorInfo();
+			show_pdo_errors_if_any($pdo);
 			$round_id = $pdo->lastInsertId();
 			$qq = $pdo->prepare("SELECT * FROM judges_timeslots WHERE round_id='{$r['id']}'");
 			$qq->execute();
-			//echo $pdo->errorInfo();
+			show_pdo_errors_if_any($pdo);
 			while($rr=$qq->fetch(PDO::FETCH_ASSOC)) {
 				$stmt = $pdo->prepare("INSERT INTO judges_timeslots (`year`,`round_id`,`type`,`date`,`starttime`,`endtime`)
 						VALUES ('$newfairyear','$round_id','timeslot',DATE_ADD('{$rr['date']}', INTERVAL $d YEAR),
 							'{$rr['starttime']}','{$rr['endtime']}')");
 				$stmt->execute();
 				show_pdo_errors_if_any($pdo);
 			}
 		}
 		echo "<br /><br />";
 		$stmt = $pdo->prepare("UPDATE config SET val='$newfairyear' WHERE var='FAIRYEAR' AND year=0");
 		$stmt->execute();
 		show_pdo_errors_if_any($pdo);
 		echo happy(i18n("Fair year has been rolled over from %1 to %2",array($currentfairyear,$newfairyear)));
 		send_footer();
 		exit;
--- a/config/subdivisions.php
+++ b/config/subdivisions.php
@ -153,6 +153,7 @@
 	echo " <td><input type=\"text\" size=\"3\" name=\"id\" value=\"$divisionr->id\"></td>";
 	echo " <td><input type=\"text\" size=\"30\" name=\"subdivision\" value=\"$divisionr->subdivision\"></td>";
 	echo " <td><input type=\"submit\" value=\"".i18n($buttontext)."\"></td>";
 	$dq->execute();
 	echo "</tr>";
 }
 else
--- a/config/variables.php
+++ b/config/variables.php
@ -43,7 +43,7 @@
 }
 //for the Special category
- if(get_value_from_array($_POST, 'action', 'save')) {
+ if(get_value_from_array($_POST, 'action') == 'save') {
 	if(get_value_from_array($_POST, 'specialconfig')) {
 		foreach($_POST['specialconfig'] as $key=>$val) {
 			$stmt = $pdo->prepare("UPDATE config SET val='".stripslashes($val)."' WHERE year='0' AND var='$key'");
@ -117,7 +117,7 @@ $q->execute();
 		echo "</form>";
 	}
 	else {
-//		echo "<h3>".i18n("Configuration settings for fair year %1",array($config['FAIRYEAR']),array("fair year"))."</h3>";
+//		echo "<h3>".i18n("Configuration settings ftegory']or fair year %1",array($config['FAIRYEAR']),array("fair year"))."</h3>";
 		echo "<h3>".i18n($category)." ({$config['FAIRYEAR']})</h3>";
 		config_editor($category, $config['FAIRYEAR'], "var", $_SERVER['PHP_SELF']);
--- a/config_editor.inc.php
+++ b/config_editor.inc.php
@ -91,8 +91,9 @@ function config_update_variables($fairyear=NULL, $lastfairyear=NULL)
 					AND C2.year='$fairyear') 
 		WHERE config.year=-1 AND C2.year IS NULL");
 	$q->execute();
 	show_pdo_errors_if_any($pdo);
 	while($i = $q->fetch(PDO::FETCH_ASSOC)) {
 		$var = $i['var'];
 		/* See if this var exists for last year or
@ -103,22 +104,28 @@ function config_update_variables($fairyear=NULL, $lastfairyear=NULL)
 					OR config.year='-1')
 			ORDER BY config.year DESC");
 		$r2->execute();
 		show_pdo_errors_if_any($pdo);
 		if($r2->rowCount() < 1) {
 			/* Uhoh, this shouldn't happen */
 			echo "ERROR, Variable '$var' doesn't exist";
 			exit;
 		}
 		$v = $r2->fetch();
-		("INSERT INTO config (var,val,category,type,type_values,ord,description,year) VALUES (
+		$v = $r2->fetch(PDO::FETCH_ASSOC);
-	                '".$v['var']."',
+
-			'".$v['val']."',
+		$r3 = $pdo->prepare("INSERT INTO config (var,val,category,type,type_values,ord,description,year) VALUES (
-			'".$v['category']."',
+			".$pdo->quote($v['var']).",
-			'".$v['type']."',
+			".$pdo->quote($v['val']).",
-			'".$v['type_values']."',
+			".$pdo->quote($v['category']).",
-			'".$v['ord']."',
+			".$pdo->quote($v['type']).",
-			'".$v['description']."',
+			".$pdo->quote($v['type_values']).",
 			".$pdo->quote($v['ord']).",
 			".$pdo->quote($v['description']).",
 			'$fairyear')");
 		$r3->execute();
 		show_pdo_errors_if_any($pdo);
 	}
 }
--- a/lcsv.php
+++ b/lcsv.php
@ -144,7 +144,7 @@ class lcsv
 		if($this->csvdata)
 		{
 			$filename=strtolower($this->page_subheader);
-			$filename=ereg_replace("[^a-z0-9]","_",$filename);
+			$filename=preg_replace("[^a-z0-9]","_",$filename);
 			//header("Content-type: application/csv");
 			header("Content-type: text/x-csv");
 			header("Content-disposition: inline; filename=sfiab_".$filename.".csv");
--- a/questions.inc.php
+++ b/questions.inc.php
@ -25,7 +25,7 @@
 function questions_load_answers($section, $users_id)
-{
+{	global $pdo;
 	global $config;
 	$yearq=$pdo->prepare("SELECT `year` FROM users WHERE id='$users_id'");
 	$yearq->execute();
@ -49,7 +49,7 @@ function questions_load_questions($section, $year)
 			'ORDER BY ord ASC');
 	$q->execute();
-	print($pdo->errorInfo());
+	show_pdo_errors_if_any($pdo);
 	$qs = array();
 	while($r=$q->fetch(PDO::FETCH_OBJ)) {
@ -191,7 +191,7 @@ function questions_save_new_question($qs, $year)
 			"'".$qs['ord']."',".
 			"'$year' )");
 	$stmt->execute();
-	echo $pdo->errorInfo();
+	show_pdo_errors_if_any($pdo);
 }
@ -206,7 +206,7 @@ function questions_save_new_question($qs, $year)
 function questions_editor($section, $year, $array_name, $self) 
 {
 	global $config;
-
+	global $pdo;
 	if($_POST['action']=="save") {
 		$qs = questions_parse_from_http_headers('question');
--- a/tcpdf/tcpdf.php
+++ b/tcpdf/tcpdf.php
@ -76,7 +76,7 @@
 // dullus for text Justification.
 // Bob Vincent (pillarsdotnet@users.sourceforge.net) for <li> value attribute.
 // Patrick Benny for text stretch suggestion on Cell().
-// Johannes Güntert for JavaScript support.
+// Johannes G<EFBFBD>ntert for JavaScript support.
 // Denis Van Nuffelen for Dynamic Form.
 // Jacek Czekaj for multibyte justification
 // Anthony Ferrara for the reintroduction of legacy image methods.
@ -87,7 +87,7 @@
 // Mohamad Ali Golkar, Saleh AlMatrafe, Charles Abbott for Arabic and Persian support.
 // Moritz Wagner and Andreas Wurmser for graphic functions.
 // Andrew Whitehead for core fonts support.
-// Esteban Joël Marín for OpenType font conversion.
+// Esteban Jo<EFBFBD>l Mar<61>n for OpenType font conversion.
 // Teus Hagen for several suggestions and fixes.
 // Yukihiro Nakadaira for CID-0 CJK fonts fixes.
 // Kosmas Papachristos for some CSS improvements.
@ -2911,7 +2911,7 @@ class TCPDF {
 		if (empty($orientation)) {
 			$orientation = $default_orientation;
 		} else {
-			$orientation = strtoupper($orientation{0});
+			$orientation = strtoupper($orientation[0]);
 		}
 		if (in_array($orientation, $valid_orientations) AND ($orientation != $default_orientation)) {
 			$this->CurOrientation = $orientation;
@ -3363,7 +3363,7 @@ class TCPDF {
 			$slen = strlen($brd);
 			$newbrd = array();
 			for ($i = 0; $i < $slen; ++$i) {
-				$newbrd[$brd{$i}] = true;
+				$newbrd[$brd[$i]] = true;
 			}
 			$brd = $newbrd;
 		} elseif (($brd === 1) OR ($brd === true) OR (is_numeric($brd) AND (intval($brd) > 0))) {
@ -5869,7 +5869,7 @@ class TCPDF {
 			$slen = strlen($brd);
 			$newbrd = array();
 			for ($i = 0; $i < $slen; ++$i) {
-				$newbrd[$brd{$i}] = array('cap' => 'square', 'join' => 'miter');
+				$newbrd[$brd[$i]] = array('cap' => 'square', 'join' => 'miter');
 			}
 			$brd = $newbrd;
 		}
@ -6372,7 +6372,7 @@ class TCPDF {
 			$slen = strlen($brd);
 			$newbrd = array();
 			for ($i = 0; $i < $slen; ++$i) {
-				$newbrd[$brd{$i}] = array('cap' => 'square', 'join' => 'miter');
+				$newbrd[$brd[$i]] = array('cap' => 'square', 'join' => 'miter');
 			}
 			$brd = $newbrd;
 		}
@ -6434,7 +6434,7 @@ class TCPDF {
 	 * @param $cellpadding (float) Internal cell padding, if empty uses default cell padding.
 	 * @param $border (mixed) Indicates if borders must be drawn around the cell. The value can be a number:<ul><li>0: no border (default)</li><li>1: frame</li></ul> or a string containing some or all of the following characters (in any order):<ul><li>L: left</li><li>T: top</li><li>R: right</li><li>B: bottom</li></ul> or an array of line styles for each border group - for example: array('LTRB' => array('width' => 2, 'cap' => 'butt', 'join' => 'miter', 'dash' => 0, 'color' => array(0, 0, 0)))
 	 * @return float Return the minimal height needed for multicell method for printing the $txt param.
-	 * @author Alexander Escalona Fernández, Nicola Asuni
+	 * @author Alexander Escalona Fern<EFBFBD>ndez, Nicola Asuni
 	 * @public
 	 * @since 4.5.011
 	 */
@ -6538,7 +6538,7 @@ class TCPDF {
 	 * @param $cellpadding (float) Internal cell padding, if empty uses default cell padding.
 	 * @param $border (mixed) Indicates if borders must be drawn around the cell. The value can be a number:<ul><li>0: no border (default)</li><li>1: frame</li></ul> or a string containing some or all of the following characters (in any order):<ul><li>L: left</li><li>T: top</li><li>R: right</li><li>B: bottom</li></ul> or an array of line styles for each border group - for example: array('LTRB' => array('width' => 2, 'cap' => 'butt', 'join' => 'miter', 'dash' => 0, 'color' => array(0, 0, 0)))
 	 * @return float Return the minimal height needed for multicell method for printing the $txt param.
-	 * @author Nicola Asuni, Alexander Escalona Fernández
+	 * @author Nicola Asuni, Alexander Escalona Fern<EFBFBD>ndez
 	 * @public
 	 */
 	public function getStringHeight($w, $txt, $reseth=false, $autopadding=true, $cellpadding='', $border=0) {
@ -7210,7 +7210,7 @@ class TCPDF {
 		$this->checkPageRegions($h, $x, $y);
 		$cached_file = false; // true when the file is cached
 		// check if we are passing an image as file or string
-		if ($file{0} === '@') { // image from string
+		if ($file[0] === '@') { // image from string
 			$imgdata = substr($file, 1);
 			$file = K_PATH_CACHE.'img_'.md5($imgdata);
 			$fp = fopen($file, 'w');
@ -7300,7 +7300,7 @@ class TCPDF {
 				// height difference
 				$hdiff = ($oldh - $h);
 				// vertical alignment
-				switch (strtoupper($fitbox{1})) {
+				switch (strtoupper($fitbox[1])) {
 					case 'T': {
 						break;
 					}
@ -7321,7 +7321,7 @@ class TCPDF {
 				// width difference
 				$wdiff = ($oldw - $w);
 				// horizontal alignment
-				switch (strtoupper($fitbox{0})) {
+				switch (strtoupper($fitbox[0])) {
 					case 'L': {
 						if ($this->rtl) {
 							$x -= $wdiff;
@ -7600,7 +7600,7 @@ class TCPDF {
 	public function set_mqr($mqr) {
 		if (!defined('PHP_VERSION_ID')) {
 			$version = PHP_VERSION;
-			define('PHP_VERSION_ID', (($version{0} * 10000) + ($version{2} * 100) + $version{4}));
+			define('PHP_VERSION_ID', (($version[0] * 10000) + ($version[2] * 100) + $version[4]));
 		}
 		if (PHP_VERSION_ID < 50300) {
 			@set_magic_quotes_runtime($mqr);
@ -7615,7 +7615,7 @@ class TCPDF {
 	public function get_mqr() {
 		if (!defined('PHP_VERSION_ID')) {
 			$version = PHP_VERSION;
-			define('PHP_VERSION_ID', (($version{0} * 10000) + ($version{2} * 100) + $version{4}));
+			define('PHP_VERSION_ID', (($version[0] * 10000) + ($version[2] * 100) + $version[4]));
 		}
 		if (PHP_VERSION_ID < 50300) {
 			return @get_magic_quotes_runtime();
@ -8099,7 +8099,7 @@ class TCPDF {
 			$dest = $dest ? 'D' : 'F';
 		}
 		$dest = strtoupper($dest);
-		if ($dest{0} != 'F') {
+		if ($dest[0] != 'F') {
 			$name = preg_replace('/[\s]+/', '_', $name);
 			$name = preg_replace('/[^a-zA-Z0-9_\.-]/', '', $name);
 		}
@ -9803,12 +9803,12 @@ class TCPDF {
 				$font = file_get_contents($fontfile);
 				$compressed = (substr($file, -2) == '.z');
 				if ((!$compressed) AND (isset($info['length2']))) {
-					$header = (ord($font{0}) == 128);
+					$header = (ord($font[0]) == 128);
 					if ($header) {
 						//Strip first binary header
 						$font = substr($font, 6);
 					}
-					if ($header AND (ord($font{$info['length1']}) == 128)) {
+					if ($header AND (ord($font[$info['length1']]) == 128)) {
 						//Strip second binary header
 						$font = substr($font, 0, $info['length1']).substr($font, ($info['length1'] + 6));
 					}
@ -11282,7 +11282,7 @@ class TCPDF {
 			$strarr = array();
 			$strlen = strlen($str);
 			for ($i=0; $i < $strlen; ++$i) {
-				$strarr[] = ord($str{$i});
+				$strarr[] = ord($str[$i]);
 			}
 			// insert new value on cache
 			$this->cache_UTF8StringToArray[$strkey]['s'] = $strarr;
@ -11296,7 +11296,7 @@ class TCPDF {
 		$str .= ''; // force $str to be a string
 		$length = strlen($str);
 		for ($i = 0; $i < $length; ++$i) {
-			$char = ord($str{$i}); // get one string character at time
+			$char = ord($str[$i]); // get one string character at time
 			if (count($bytes) == 0) { // get starting octect
 				if ($char <= 0x7F) {
 					$unichar = $char; // use the character "as is" because is ASCII
@ -11578,7 +11578,7 @@ class TCPDF {
 	 * @public
 	 */
 	public function addHtmlLink($url, $name, $fill=false, $firstline=false, $color='', $style=-1, $firstblock=false) {
-		if (!$this->empty_string($url) AND ($url{0} == '#')) {
+		if (!$this->empty_string($url) AND ($url[0] == '#')) {
 			// convert url to internal link
 			$lnkdata = explode(',', $url);
 			if (isset($lnkdata[0])) {
@ -11971,7 +11971,7 @@ class TCPDF {
 			$j = 0;
 			for ($i = 0; $i < 256; ++$i) {
 				$t = $rc4[$i];
-				$j = ($j + $t + ord($k{$i})) % 256;
+				$j = ($j + $t + ord($k[$i])) % 256;
 				$rc4[$i] = $rc4[$j];
 				$rc4[$j] = $t;
 			}
@ -11991,7 +11991,7 @@ class TCPDF {
 			$rc4[$a] = $rc4[$b];
 			$rc4[$b] = $t;
 			$k = $rc4[($rc4[$a] + $rc4[$b]) % 256];
-			$out .= chr(ord($text{$i}) ^ $k);
+			$out .= chr(ord($text[$i]) ^ $k);
 		}
 		return $out;
 	}
@ -12045,7 +12045,7 @@ class TCPDF {
 			for ($i = 1; $i <= 19; ++$i) {
 				$ek = '';
 				for ($j = 0; $j < $len; ++$j) {
-					$ek .= chr(ord($this->encryptdata['key']{$j}) ^ $i);
+					$ek .= chr(ord($this->encryptdata['key'][$j]) ^ $i);
 				}
 				$enc = $this->_RC4($ek, $enc);
 			}
@ -12096,7 +12096,7 @@ class TCPDF {
 				for ($i = 1; $i <= 19; ++$i) {
 					$ek = '';
 					for ($j = 0; $j < $len; ++$j) {
-						$ek .= chr(ord($owner_key{$j}) ^ $i);
+						$ek .= chr(ord($owner_key[$j]) ^ $i);
 					}
 					$enc = $this->_RC4($ek, $enc);
 				}
@ -12411,7 +12411,7 @@ class TCPDF {
 			++$bslenght;
 		}
 		for ($i = 0; $i < $bslenght; $i += 2) {
-			$string .= chr(hexdec($bs{$i}.$bs{($i + 1)}));
+			$string .= chr(hexdec($bs[$i].$bs[($i + 1)]));
 		}
 		return $string;
 	}
@ -12924,7 +12924,7 @@ class TCPDF {
 	}
 	/**
-	 * Append a cubic Bézier curve to the current path. The curve shall extend from the current point to the point (x3, y3), using (x1, y1) and (x2, y2) as the Bézier control points.
+	 * Append a cubic B<EFBFBD>zier curve to the current path. The curve shall extend from the current point to the point (x3, y3), using (x1, y1) and (x2, y2) as the B<EFBFBD>zier control points.
 	 * The new current point shall be (x3, y3).
 	 * @param $x1 (float) Abscissa of control point 1.
 	 * @param $y1 (float) Ordinate of control point 1.
@ -12940,7 +12940,7 @@ class TCPDF {
 	}
 	/**
-	 * Append a cubic Bézier curve to the current path. The curve shall extend from the current point to the point (x3, y3), using the current point and (x2, y2) as the Bézier control points.
+	 * Append a cubic B<EFBFBD>zier curve to the current path. The curve shall extend from the current point to the point (x3, y3), using the current point and (x2, y2) as the B<EFBFBD>zier control points.
 	 * The new current point shall be (x3, y3).
 	 * @param $x2 (float) Abscissa of control point 2.
 	 * @param $y2 (float) Ordinate of control point 2.
@ -12954,7 +12954,7 @@ class TCPDF {
 	}
 	/**
-	 * Append a cubic Bézier curve to the current path. The curve shall extend from the current point to the point (x3, y3), using (x1, y1) and (x3, y3) as the Bézier control points.
+	 * Append a cubic B<EFBFBD>zier curve to the current path. The curve shall extend from the current point to the point (x3, y3), using (x1, y1) and (x3, y3) as the B<EFBFBD>zier control points.
 	 * The new current point shall be (x3, y3).
 	 * @param $x1 (float) Abscissa of control point 1.
 	 * @param $y1 (float) Ordinate of control point 1.
@ -14381,7 +14381,7 @@ class TCPDF {
 	 * Adds a javascript
 	 * @param $script (string) Javascript code
 	 * @public
-	 * @author Johannes Güntert, Nicola Asuni
+	 * @author Johannes G<EFBFBD>ntert, Nicola Asuni
 	 * @since 2.1.002 (2008-02-12)
 	 */
 	public function IncludeJS($script) {
@ -14406,7 +14406,7 @@ class TCPDF {
 	/**
 	 * Create a javascript PDF string.
 	 * @protected
-	 * @author Johannes Güntert, Nicola Asuni
+	 * @author Johannes G<EFBFBD>ntert, Nicola Asuni
 	 * @since 2.1.002 (2008-02-12)
 	 */
 	protected function _putjavascript() {
@ -16144,7 +16144,7 @@ class TCPDF {
 	 * @param $col1 (array) first color (Grayscale, RGB or CMYK components).
 	 * @param $col2 (array) second color (Grayscale, RGB or CMYK components).
 	 * @param $coords (array) array of the form (x1, y1, x2, y2) which defines the gradient vector (see linear_gradient_coords.jpg). The default value is from left to right (x1=0, y1=0, x2=1, y2=0).
-	 * @author Andreas Würmser, Nicola Asuni
+	 * @author Andreas W<EFBFBD>rmser, Nicola Asuni
 	 * @since 3.1.000 (2008-06-09)
 	 * @public
 	 */
@ -16162,7 +16162,7 @@ class TCPDF {
 	 * @param $col1 (array) first color (Grayscale, RGB or CMYK components).
 	 * @param $col2 (array) second color (Grayscale, RGB or CMYK components).
 	 * @param $coords (array) array of the form (fx, fy, cx, cy, r) where (fx, fy) is the starting point of the gradient with color1, (cx, cy) is the center of the circle with color2, and r is the radius of the circle (see radial_gradient_coords.jpg). (fx, fy) should be inside the circle, otherwise some areas will not be defined.
-	 * @author Andreas Würmser, Nicola Asuni
+	 * @author Andreas W<EFBFBD>rmser, Nicola Asuni
 	 * @since 3.1.000 (2008-06-09)
 	 * @public
 	 */
@ -16185,7 +16185,7 @@ class TCPDF {
 	 * @param $coords_min (array) minimum value used by the coordinates. If a coordinate's value is smaller than this it will be cut to coords_min. default: 0
 	 * @param $coords_max (array) maximum value used by the coordinates. If a coordinate's value is greater than this it will be cut to coords_max. default: 1
 	 * @param $antialias (boolean) A flag indicating whether to filter the shading function to prevent aliasing artifacts.
-	 * @author Andreas Würmser, Nicola Asuni
+	 * @author Andreas W<EFBFBD>rmser, Nicola Asuni
 	 * @since 3.1.000 (2008-06-09)
 	 * @public
 	 */
@ -16270,7 +16270,7 @@ class TCPDF {
 	 * @param $y (float) ordinate of the top left corner of the rectangle.
 	 * @param $w (float) width of the rectangle.
 	 * @param $h (float) height of the rectangle.
-	 * @author Andreas Würmser, Nicola Asuni
+	 * @author Andreas W<EFBFBD>rmser, Nicola Asuni
 	 * @since 3.1.000 (2008-06-09)
 	 * @protected
 	 */
@ -16661,7 +16661,7 @@ class TCPDF {
 		// check page for no-write regions and adapt page margins if necessary
 		$this->checkPageRegions($h, $x, $y);
 		$k = $this->k;
-		if ($file{0} === '@') { // image from string
+		if ($file[0] === '@') { // image from string
 			$data = substr($file, 1);
 		} else { // EPS/AI file
 			$data = file_get_contents($file);
@ -16774,7 +16774,7 @@ class TCPDF {
 		$cnt = count($lines);
 		for ($i=0; $i < $cnt; ++$i) {
 			$line = $lines[$i];
-			if (($line == '') OR ($line{0} == '%')) {
+			if (($line == '') OR ($line[0] == '%')) {
 				continue;
 			}
 			$len = strlen($line);
@ -16878,7 +16878,7 @@ class TCPDF {
 					if ($skip) {
 						break;
 					}
-					$line{$len-1} = strtolower($cmd);
+					$line[$len-1] = strtolower($cmd);
 					$this->_out($line);
 					break;
 				}
@ -17766,19 +17766,19 @@ class TCPDF {
 		// remove empty blocks
 		$cssdata = preg_replace('/([^\}\{]+)\{\}/', '', $cssdata);
 		// replace media type parenthesis
-		$cssdata = preg_replace('/@media[\s]+([^\{]*)\{/i', '@media \\1§', $cssdata);
+		$cssdata = preg_replace('/@media[\s]+([^\{]*)\{/i', '@media \\1<EFBFBD>', $cssdata);
-		$cssdata = preg_replace('/\}\}/si', '}§', $cssdata);
+		$cssdata = preg_replace('/\}\}/si', '}<EFBFBD>', $cssdata);
 		// trim string
 		$cssdata = trim($cssdata);
 		// find media blocks (all, braille, embossed, handheld, print, projection, screen, speech, tty, tv)
 		$cssblocks = array();
 		$matches = array();
-		if (preg_match_all('/@media[\s]+([^\§]*)§([^§]*)§/i', $cssdata, $matches) > 0) {
+		if (preg_match_all('/@media[\s]+([^\<EFBFBD>]*)<29>([^<5E>]*)<29>/i', $cssdata, $matches) > 0) {
 			foreach ($matches[1] as $key => $type) {
 				$cssblocks[$type] = $matches[2][$key];
 			}
 			// remove media blocks
-			$cssdata = preg_replace('/@media[\s]+([^\§]*)§([^§]*)§/i', '', $cssdata);
+			$cssdata = preg_replace('/@media[\s]+([^\<EFBFBD>]*)<29>([^<5E>]*)<29>/i', '', $cssdata);
 		}
 		// keep 'all' and 'print' media, other media types are discarded
 		if (isset($cssblocks['all']) AND !empty($cssblocks['all'])) {
@ -17870,7 +17870,7 @@ class TCPDF {
 				$attrib = strtolower(trim($attrib[0]));
 				if (!empty($attrib)) {
 					// check if matches class, id, attribute, pseudo-class or pseudo-element
-					switch ($attrib{0}) {
+					switch ($attrib[0]) {
 						case '.': { // class
 							if (in_array(substr($attrib, 1), $class)) {
 								$valid = true;
@ -17937,7 +17937,7 @@ class TCPDF {
 							break;
 						}
 						case ':': { // pseudo-class or pseudo-element
-							if ($attrib{1} == ':') { // pseudo-element
+							if ($attrib[1] == ':') { // pseudo-element
 								// pseudo-elements are not supported!
 								// (::first-line, ::first-letter, ::before, ::after)
 							} else { // pseudo-class
@ -18566,7 +18566,7 @@ class TCPDF {
 				$tagname = strtolower($tag[1]);
 				// check if we are inside a table header
 				if ($tagname == 'thead') {
-					if ($element{0} == '/') {
+					if ($element[0] == '/') {
 						$thead = false;
 					} else {
 						$thead = true;
@ -18581,7 +18581,7 @@ class TCPDF {
 				} else {
 					$dom[$key]['block'] = false;
 				}
-				if ($element{0} == '/') {
+				if ($element[0] == '/') {
 					// *** closing html tag
 					$dom[$key]['opening'] = false;
 					$dom[$key]['parent'] = end($level);
@ -18794,13 +18794,13 @@ class TCPDF {
 						}
 						// font style
 						if (isset($dom[$key]['style']['font-weight'])) {
-							if (strtolower($dom[$key]['style']['font-weight']{0}) == 'n') {
+							if (strtolower($dom[$key]['style']['font-weight'][0]) == 'n') {
 								$dom[$key]['fontstyle'] = '';
-							} elseif (strtolower($dom[$key]['style']['font-weight']{0}) == 'b') {
+							} elseif (strtolower($dom[$key]['style']['font-weight'][0]) == 'b') {
 								$dom[$key]['fontstyle'] .= 'B';
 							}
 						}
-						if (isset($dom[$key]['style']['font-style']) AND (strtolower($dom[$key]['style']['font-style']{0}) == 'i')) {
+						if (isset($dom[$key]['style']['font-style']) AND (strtolower($dom[$key]['style']['font-style'][0]) == 'i')) {
 							$dom[$key]['fontstyle'] .= 'I';
 						}
 						// font color
@ -18819,13 +18819,13 @@ class TCPDF {
 							foreach ($decors as $dec) {
 								$dec = trim($dec);
 								if (!$this->empty_string($dec)) {
-									if ($dec{0} == 'u') {
+									if ($dec[0] == 'u') {
 										// underline
 										$dom[$key]['fontstyle'] .= 'U';
-									} elseif ($dec{0} == 'l') {
+									} elseif ($dec[0] == 'l') {
 										// line-trough
 										$dom[$key]['fontstyle'] .= 'D';
-									} elseif ($dec{0} == 'o') {
+									} elseif ($dec[0] == 'o') {
 										// overline
 										$dom[$key]['fontstyle'] .= 'O';
 									}
@ -18844,7 +18844,7 @@ class TCPDF {
 						}
 						// check for text alignment
 						if (isset($dom[$key]['style']['text-align'])) {
-							$dom[$key]['align'] = strtoupper($dom[$key]['style']['text-align']{0});
+							$dom[$key]['align'] = strtoupper($dom[$key]['style']['text-align'][0]);
 						}
 						// check for CSS border properties
 						if (isset($dom[$key]['style']['border'])) {
@ -19008,9 +19008,9 @@ class TCPDF {
 						// font size
 						if (isset($dom[$key]['attribute']['size'])) {
 							if ($key > 0) {
-								if ($dom[$key]['attribute']['size']{0} == '+') {
+								if ($dom[$key]['attribute']['size'][0] == '+') {
 									$dom[$key]['fontsize'] = $dom[($dom[$key]['parent'])]['fontsize'] + intval(substr($dom[$key]['attribute']['size'], 1));
-								} elseif ($dom[$key]['attribute']['size']{0} == '-') {
+								} elseif ($dom[$key]['attribute']['size'][0] == '-') {
 									$dom[$key]['fontsize'] = $dom[($dom[$key]['parent'])]['fontsize'] - intval(substr($dom[$key]['attribute']['size'], 1));
 								} else {
 									$dom[$key]['fontsize'] = intval($dom[$key]['attribute']['size']);
@ -19052,10 +19052,10 @@ class TCPDF {
 					if (($dom[$key]['value'] == 'pre') OR ($dom[$key]['value'] == 'tt')) {
 						$dom[$key]['fontname'] = $this->default_monospaced_font;
 					}
-					if (($dom[$key]['value']{0} == 'h') AND (intval($dom[$key]['value']{1}) > 0) AND (intval($dom[$key]['value']{1}) < 7)) {
+					if (($dom[$key]['value'][0] == 'h') AND (intval($dom[$key]['value'][1]) > 0) AND (intval($dom[$key]['value'][1]) < 7)) {
 						// headings h1, h2, h3, h4, h5, h6
 						if (!isset($dom[$key]['attribute']['size']) AND !isset($dom[$key]['style']['font-size'])) {
-							$headsize = (4 - intval($dom[$key]['value']{1})) * 2;
+							$headsize = (4 - intval($dom[$key]['value'][1])) * 2;
 							$dom[$key]['fontsize'] = $dom[0]['fontsize'] + $headsize;
 						}
 						if (!isset($dom[$key]['style']['font-weight'])) {
@ -19117,7 +19117,7 @@ class TCPDF {
 					}
 					// check for text alignment
 					if (isset($dom[$key]['attribute']['align']) AND (!$this->empty_string($dom[$key]['attribute']['align'])) AND ($dom[$key]['value'] !== 'img')) {
-						$dom[$key]['align'] = strtoupper($dom[$key]['attribute']['align']{0});
+						$dom[$key]['align'] = strtoupper($dom[$key]['attribute']['align'][0]);
 					}
 					// check for text rendering mode (the following attributes do not exist in HTML)
 					if (isset($dom[$key]['attribute']['stroke'])) {
@ -19798,7 +19798,7 @@ Putting 1 is equivalent to putting 0 and calling Ln() just after. Default value:
 									if (($stroffset !== false) AND ($stroffset <= $strpiece[2][1])) {
 										// set offset to the end of string section
 										$offset = strpos($pmid, ')]', $stroffset);
-										while (($offset !== false) AND ($pmid{($offset - 1)} == '\\')) {
+										while (($offset !== false) AND ($pmid[($offset - 1)] == '\\')) {
 											$offset = strpos($pmid, ')]', ($offset + 1));
 										}
 										if ($offset === false) {
@ -20871,7 +20871,7 @@ Putting 1 is equivalent to putting 0 and calling Ln() just after. Default value:
 					$imglink = '';
 					if (isset($this->HREF['url']) AND !$this->empty_string($this->HREF['url'])) {
 						$imglink = $this->HREF['url'];
-						if ($imglink{0} == '#') {
+						if ($imglink[0] == '#') {
 							// convert url to internal link
 							$lnkdata = explode(',', $imglink);
 							if (isset($lnkdata[0])) {
@ -24705,7 +24705,7 @@ Putting 1 is equivalent to putting 0 and calling Ln() just after. Default value:
 			// convert SVG to raster image using GD or ImageMagick libraries
 			return $this->Image($file, $x, $y, $w, $h, 'SVG', $link, $align, true, 300, $palign, false, false, $border, false, false, false);
 		}
-		if ($file{0} === '@') { // image from string
+		if ($file[0] === '@') { // image from string
 			$this->svgdir = '';
 			$svgdata = substr($file, 1);
 		} else { // SVG file
@ -25613,7 +25613,7 @@ Putting 1 is equivalent to putting 0 and calling Ln() just after. Default value:
 					}
 					break;
 				}
-				case 'Q': { // quadratic Bézier curveto
+				case 'Q': { // quadratic B<EFBFBD>zier curveto
 					foreach ($params as $ck => $cp) {
 						$params[$ck] = $cp;
 						if ((($ck + 1) % 4) == 0) {
@ -25639,7 +25639,7 @@ Putting 1 is equivalent to putting 0 and calling Ln() just after. Default value:
 					}
 					break;
 				}
-				case 'T': { // shorthand/smooth quadratic Bézier curveto
+				case 'T': { // shorthand/smooth quadratic B<EFBFBD>zier curveto
 					foreach ($params as $ck => $cp) {
 						$params[$ck] = $cp;
 						if (($ck % 2) != 0) {
@ -26179,11 +26179,11 @@ Putting 1 is equivalent to putting 0 and calling Ln() just after. Default value:
 					$this->SVGTransform($tm);
 					$obstyle = $this->setSVGStyles($svgstyle, $prev_svgstyle, $x, $y, $w, $h);
 					// fix image path
-					if (!$this->empty_string($this->svgdir) AND (($img{0} == '.') OR (basename($img) == $img))) {
+					if (!$this->empty_string($this->svgdir) AND (($img[0] == '.') OR (basename($img) == $img))) {
 						// replace relative path with full server path
 						$img = $this->svgdir.'/'.$img;
 					}
-					if (($img{0} == '/') AND ($_SERVER['DOCUMENT_ROOT'] != '/')) {
+					if (($img[0] == '/') AND ($_SERVER['DOCUMENT_ROOT'] != '/')) {
 						$findroot = strpos($img, $_SERVER['DOCUMENT_ROOT']);
 						if (($findroot === false) OR ($findroot > 1)) {
 							// replace relative path with full server path
--- a/user.inc.php
+++ b/user.inc.php
@ -561,7 +561,9 @@ function user_delete_principal($u)
 {
 }
-function user_delete_teacher($u){} $pdo->errorInfo();
+function user_delete_teacher($u)
 {
 }
 function user_delete_parent($u)
 {