Replace direct mysql_xxx() calls with query_xxx() calls. Replace calls to mysql_insert_id()

with calls specific to the appdb or bugzilla database. Fixes a bug where a call to
mysql_insert_id() can potentially retrieve an id from either the bugzilla or appdb database,
depending on whichever database was last opened by mysql_connect().

unit_test/test_query.php

@@ -30,7 +30,7 @@ function test_query_parameters()
         return false;
     }
 
-    $oRow = mysql_fetch_object($hResult);
+    $oRow = query_fetch_object($hResult);
     $iUserCount = $oRow->count;
 
     /* see that '~' strings are replaced with parameters */
@@ -41,7 +41,7 @@ function test_query_parameters()
     $hResult = query_parameters($sQuery, "user_list", "1' OR 1='1");
     if($hResult)
     {
-        $oRow = mysql_fetch_object($hResult);
+        $oRow = query_fetch_object($hResult);
         if($iUserCount != $oRow->count)
         {
             echo "sQuery of '".$sQuery."' returned ".$oRow->count." entries instead of the expected ".$iUserCount."\n";
@@ -88,7 +88,7 @@ function test_query_parameters()
      *       properly with slashes in the query, they were incorrectly being recognized
      *       as tokens that should be replaced with parameters
      */
-    $sQuery = "SELECT count(*) as count, '".mysql_real_escape_string("\r\n")."' as x from ?";
+    $sQuery = "SELECT count(*) as count, '".query_escape_string("\r\n")."' as x from ?";
     $hResult = query_parameters($sQuery, "user_list");
     if(!$hResult)
     {