function cevapOy($deger, $userID, $cevapID)
{
global $yol1, $currentFile;
if (!empty($userID) && !empty($cevapID)) {
if (cevapOyVar($userID, $cevapID)) {
$sql2 = "UPDATE eo_askanswerrate \r\n\t\t\t\t\tSET degeri='{$deger}'\r\n\t\t\t\t\tWHERE userID='{$userID}' and cevapID='{$cevapID}'\t\t\t\t\t\r\n\t\t\t\t\t";
} else {
$sql2 = "INSERT INTO eo_askanswerrate \r\n\t\t\t\t\t(degeri,userID,cevapID)\r\n\t\t\t \t\tVALUES\r\n\t\t\t\t\t('{$deger}','{$userID}', '{$cevapID}')\r\n\t\t\t\t\t";
}
$result2 = mysql_query($sql2, $yol1);
if ($result2) {
echo "Oy verdiniz.";
trackUser($currentFile, "success,QuesVote", RemoveXSS($_SESSION["usern"]));
} else {
echo "Oy verilemedi!";
trackUser($currentFile, "fail,QuesVote", RemoveXSS($_SESSION["usern"]));
}
} else {
echo "Oy verilemedi!";
}
}
<?php
include "api/conn.php";
if (IsLogin()) {
trackUser();
include "__header.php";
include "__nav.php";
include "__dashboard.php";
include "__footer.php";
} else {
include "__login.php";
}
if ($tur == "2") {
//yöneticiler iþlem yapabilir
$currentPage = $_SERVER["PHP_SELF"];
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if (isset($_POST["MM_update"]) && $_POST["MM_update"] == "form3") {
$updateSQL = sprintf("UPDATE eo_friends SET duvarYazisi=%s WHERE id=%s", RemoveXSS(GetSQLValueString($_POST['wall'], "text")), temizle(GetSQLValueString($_POST['id'], "int")));
mysql_select_db($_db, $yol);
$Result1 = mysql_query($updateSQL, $yol);
if ($Result1) {
trackUser($currentFile, "success,WallInfo", $adi);
echo "<font id='tamam'>{$metin['536']}</font>";
} else {
trackUser($currentFile, "fail,WallInfo", $adi);
echo "<font id='hata'>{$metin['626']}</font>";
}
}
if (isset($_GET['id']) && $_GET['id'] != "" && !empty($_GET['delCon']) and $_GET['delCon'] == "1") {
$deleteSQL = sprintf("DELETE FROM eo_friends WHERE id=%s", GetSQLValueString($_GET['id'], "int"));
mysql_select_db($_db, $yol);
$Result1 = mysql_query($deleteSQL, $yol) or die(mysql_error());
if ($Result1) {
echo "<font id='uyari'>{$metin['501']}</font>";
}
}
$pageCnt = GetSQLValueString(isset($_GET['pageCnt']) ? $_GET['pageCnt'] : "", "int");
if ($pageCnt == "NULL") {
$pageCnt = GetSQLValueString(isset($_SESSION['pageCnt2']) ? $_SESSION['pageCnt2'] : "", "int");
} else {
}
$status = array();
if ($rfc1867) {
$status = apc_fetch('upload_' . $id);
}
if (!$status) {
$status = array();
}
$status['done'] = 1;
$status['width'] = $size[0];
$status['url'] = $filename;
if ($rfc1867) {
apc_store('upload_' . $id, $status);
}
dosyaKaydet(strtolower($filename), getUserID2($_SESSION["usern"]));
trackUser($currentFile, "success,FileUp", $_SESSION["usern"]);
$status['id'] = getDosyaID($filename);
nicupload_output($status, $rfc1867);
exit;
} else {
if (isset($_GET['check'])) {
// Upload progress check
$check = $_GET['check'];
if (!is_numeric($check)) {
nicupload_error('Invalid upload progress id');
}
if ($rfc1867) {
$status = apc_fetch('upload_' . $check);
if ($status['total'] > 500000 && $status['current'] / $status['total'] < 0.9) {
// Large file and we are < 90% complete
$status['interval'] = 3000;
}
}
if (isset($_POST["MM_update"]) && $_POST["MM_update"] == "form3" && $tur == "2") {
if (GetSQLValueString($_POST['messageid'], "text") == 'NULL' || GetSQLValueString($_POST['message'], "text") == 'NULL') {
echo "<font id='hata'>Bilgilerinde eksik alanlar vardýr.</font>";
} else {
$gelenyorum = str_replace("\r\n", "<br/>", $_POST['message']);
$gelenyorum = RemoveXSS($gelenyorum);
$updateSQL = sprintf("UPDATE eo_shoutbox SET message='%s' WHERE messageid=%s", $gelenyorum, temizle(GetSQLValueString($_POST['messageid'], "int")));
mysql_select_db($_db, $yol);
$Result1 = mysql_query($updateSQL, $yol);
if ($Result1) {
trackUser($currentFile, "success,ChatMess", $adi);
echo "<font id='tamam'> {$metin['536']}</font>";
} else {
trackUser($currentFile, "fail,ChatMess", $adi);
echo "<font id='hata'> Bilgide hata olduðundan güncelleme iþleminiz tamamlanamadý!</font>";
}
}
}
if (empty($_GET["yonU"])) {
$_GET["yonU"] = "";
}
if (empty($_SESSION["siraYonu2"])) {
$siraYonu = "desc";
$_SESSION["siraYonu2"] = $siraYonu;
} else {
if (!empty($_GET['siraYap']) and $_GET["yonU"] != "dur" && $_GET['siraYap'] == "OK") {
$siraYonu = $_SESSION["siraYonu2"] == "desc" ? "asc" : "desc";
$_SESSION["siraYonu2"] = $siraYonu;
} else {
function cevapSil($cevapID, $userID)
{
global $yol1, $tur, $currentFile;
if (!empty($userID) && !empty($cevapID)) {
if ($tur == "2" or cevapSahibi($cevapID) == $userID) {
$sql2 = "DELETE FROM eo_askanswerrate \r\n\t\t\t\t\t WHERE cevapID = {$cevapID}";
$result2 = mysql_query($sql2, $yol1);
$sql2 = "DELETE FROM eo_askanswer \r\n\t\t\t\t\t WHERE id = {$cevapID}";
$result2 = mysql_query($sql2, $yol1);
if ($result2) {
echo "Cevap ve oylar silindi.";
trackUser($currentFile, "success,DelAnsw", RemoveXSS($_SESSION["usern"]));
} else {
echo "Cevap ve oylar silinemedi!";
trackUser($currentFile, "fail,DelAnsw", RemoveXSS($_SESSION["usern"]));
}
}
} else {
echo "Cevap ve oylar silinemiyor!";
}
}
if ($adi == "") {
$adi = temizle(substr(isset($_SESSION["usern"]) ? $_SESSION["usern"] : "", 0, 15));
$par = temizle(isset($_SESSION["userp"]) ? $_SESSION["userp"] : "");
} else {
if (checkRealUser($adi, $par) == "-2") {
trackUser($currentFile, "fail,Login", $adi);
} else {
//eðer 5 dakika içinde zaten girmiþ ise (flood gibi)
$sonGirisDakikasi = sonLoginDakikasi($adi);
if ($sonGirisDakikasi >= 0 and $sonGirisDakikasi < 5) {
sessionDestroy();
header("Location: error.php?error=7");
die("<font id='hata'> " . $metin[404] . " (1)</font><p>" . $metin[402] . "</p>");
}
setcookie("theme", kullaniciTema($adi), time() + 60 * 60 * 24 * 30);
trackUser($currentFile, "success,Login", $adi);
//first time good login
header("Location: index.php");
}
}
/* if($adi=="" || $par=="") {
header("Location: error.php?error=2");
die("<font id='hata'> ".$metin[403]."</font><br/>".$metin[402]); //EMPTY?
}
*/
$pass = false;
if ($adi != "" && $par != "") {
$tur = checkRealUser($adi, $par);
//eðer pasif ise
if ($tur <= -1 || $tur > 2) {
sessionDestroy();
$gelenID = temizle($_GET["id"]);
$gelenDeger = temizle($_GET["value"]);
if ($gelenDeger == "0") {
$gelenDeger = "1";
} else {
if ($gelenDeger == "1") {
$gelenDeger = "0";
} else {
$gelenDeger = "0";
}
}
$gelenSorgu = "update eo_comments set active={$gelenDeger} WHERE id = ({$gelenID})";
$sonuc = mysql_query($gelenSorgu, $yol);
if ($sonuc) {
echo "<font id='uyari'>Seçilen kayýt güncellendi</font>";
trackUser($currentFile, "CmtUpd-{$gelenDeger}-{$gelenID}", $adi);
} else {
echo "<font id='hata'>Seçilen kayýt güncellenemedi!</font>";
}
}
if (empty($_GET["yonU"])) {
$_GET["yonU"] = "";
}
if (empty($_SESSION["siraYonu2"])) {
$siraYonu = "desc";
$_SESSION["siraYonu2"] = $siraYonu;
} else {
if (!empty($_GET['siraYap']) and $_GET["yonU"] != "dur" && $_GET['siraYap'] == "OK") {
$siraYonu = $_SESSION["siraYonu2"] == "desc" ? "asc" : "desc";
$_SESSION["siraYonu2"] = $siraYonu;
} else {
margin: 5px;
padding: 10px;
background:url(img/soruArka.gif) repeat-x top left fixed ;
background-color: #fff;
}
</style>
</head>
<body>
<?php
if (isset($_SESSION["usern"])) {
$adi = RemoveXSS($_SESSION["usern"]);
}
if (isset($_POST["reopenPwd"])) {
if ($_POST["reopenPwd"] == $_siteUnlockPwd and !empty($_siteUnlockPwd) and !empty($_POST["reopenPwd"])) {
if (siteAc()) {
trackUser($currentFile, "success,SiteUnlock", $adi);
die("<br/>{$metin['531']}<p>{$metin['402']}</p>");
}
}
}
?>
<TABLE align="center" width="100%" height="100%" style="background-color:#C00">
<tr>
<td height="100%" valign="middle" ><table align="center">
<tr>
<td><h2 align="center">eOgr - <?php
echo $metin[489];
?>
</h2>
<p style="margin-top:50px;"> <font color="#FF0000" > <?php
echo $metin[402];
$target_path = $destination_path . basename(strtolower($_FILES['myfile']['name']));
if (file_exists($target_path)) {
$result = -2;
trackUser($currentFile, "fail,FileUp", $_SESSION["usern"]);
} else {
if (@move_uploaded_file($_FILES['myfile']['tmp_name'], $target_path)) {
$result = 1;
dosyaKaydet(strtolower($_FILES['myfile']['name']), getUserID2($_SESSION["usern"]));
trackUser($currentFile, "success,FileUp", $_SESSION["usern"]);
} else {
$result = 0;
}
}
} catch (Exception $e) {
echo "<script>alert('Hata : {$e}');</script>";
trackUser($currentFile, "fail,FileUp", $_SESSION["usern"]);
$result = 0;
}
}
}
}
}
}
}
}
}
/*echo "<script>alert('$result - Hata : ".$_FILES['myfile']['name']."');</script>"; */
sleep(1);
//?
?>
<script language="javascript" type="text/javascript">
$dbPassword = $_password;
$sqlFile = "REPAIR TABLE eo_1okul, eo_2sinif, eo_3ders, eo_4konu, eo_5sayfa, eo_floodprotection, eo_shoutbox, eo_sitesettings, eo_users, eo_sinifogre, eo_usertrack, eo_userworks, eo_webref_rss_details, eo_webref_rss_items,eo_comments,eo_rating, eo_files, eo_friends, eo_askanswer, eo_askanswerrate, eo_askquestion, eo_livelesson; \r\n\t\tOPTIMIZE TABLE eo_1okul, eo_2sinif, eo_3ders, eo_4konu, eo_5sayfa, eo_floodprotection, eo_shoutbox, eo_sitesettings, eo_users, eo_sinifogre, eo_usertrack, eo_userworks, eo_webref_rss_details, eo_webref_rss_items,eo_comments,eo_rating, eo_files, eo_friends, eo_askanswer, eo_askanswerrate, eo_askquestion, eo_livelesson;";
$baglan2 = mysql_connect($host, $dbUser, $dbPassword);
if (!$baglan2) {
echo "<font id='hata'> Lüften, 'veritabanı' <a href=install.php>kurulumunu (installation)</a> yapınız!</font>";
}
$yol22 = $baglan2;
if (mysql_select_db($_db, $yol22)) {
$newImport = new sqlImport($host, $dbUser, $dbPassword, $sqlFile);
$importumuz = $newImport->importa();
if ($importumuz == 0) {
trackUser($currentFile, "success,DBOptim", $adi);
echo "<font id='tamam'>{$metin['539']}</font><br/>";
} else {
echo "<font id='hata'>" . $importumuz . "</font><br/>";
trackUser($currentFile, "fail,DBOptim", $adi);
}
mysql_close($yol22);
}
$sqlFile = "";
}
} else {
@header("Location: error.php?error=9");
die($metin[447]);
}
?>
<br />
<form id="sqlimp" name="sqlimp" method="post" action="siteSettings2.php">
<label title="<?php
echo "SQL Import";
?>
echo "<font id='hata'> {$metin['413']} {$metin['416']}</font><br/>" . $metin[402];
break;
case 'noUser':
trackUser($currentFile, "fail,{$sonuc}", $_POST['userName']);
echo "<font id='hata'> {$metin['413']} {$metin['417']}</font><br/>" . $metin[402];
break;
case 'emptyData':
trackUser($currentFile, "fail,{$sonuc}", $_POST['userName']);
echo "<font id='hata'> {$metin['413']} {$metin['418']}</font><br/>" . $metin[402];
break;
case 'allOK':
trackUser($currentFile, "success,NewPwd", $_POST['userName']);
echo "<font id='tamam'> {$metin['414']} </font>" . $metin[402];
break;
case 'noChange':
trackUser($currentFile, "fail,{$sonuc}", $_POST['userName']);
echo "<font id='hata'> {$metin['413']} {$metin['419']}</font>" . $metin[402];
break;
}
} else {
if (!empty($_SESSION["passRem"]) and $_SESSION["passRem"] == "yes") {
die($metin[410]);
}
//form data?
?>
<script type="text/javascript" src="lib/jquery.validate.min.js"></script>
<script type="text/javascript">
$().ready(function() {
$("#form1").validate({
rules: {
userName: {
if ($_POST['prldeg'] == "secili") {
$updateSQL = sprintf("UPDATE eo_users SET realName=%s, userEmail=%s, userBirthDate='%s' WHERE id=%s", temizle(RemoveXSS(GetSQLValueString($_POST['realName'], "text"))), temizle(RemoveXSS(GetSQLValueString($_POST['userEmail'], "text"))), tarihYap($_POST['userBirthDate']), temizle(RemoveXSS(GetSQLValueString($_POST['id'], "int"))));
} else {
$updateSQL = sprintf("UPDATE eo_users SET userPassword=sha1(%s), realName=%s, userEmail=%s, userBirthDate='%s' WHERE id=%s", temizle(RemoveXSS(GetSQLValueString($_POST['userPassword'], "text"))), temizle(RemoveXSS(GetSQLValueString($_POST['realName'], "text"))), temizle(RemoveXSS(GetSQLValueString($_POST['userEmail'], "text"))), tarihYap($_POST['userBirthDate']), temizle(RemoveXSS(GetSQLValueString($_POST['id'], "int"))));
}
mysql_select_db($_db, $yol);
$Result1 = mysql_query($updateSQL, $yol);
if ($Result1) {
echo "<font id='tamam'> {$metin['536']}</font>";
trackUser($currentFile, "success,UserInf", $adi);
if ($_POST['prldeg'] != "secili") {
trackUser($currentFile, "success,PasswdC", $adi);
die("<font id='hata'> Parolanýzý deðiþtirdiðiniz için tekrar oturum açmanýz gerekmektedir!</font>");
}
} else {
trackUser($currentFile, "fail,UserInf", $adi);
echo "<font id='hata'> Üye bilgilerinizde hata olduðunda güncelleme iþleminiz tamamlanamadý! Örneðin kullanýlan bir eposta adresi girdiniz.</font>";
}
}
}
}
$upID = getUserID($adi, $par);
mysql_select_db($_db, $yol);
if ($upID == "") {
die("<font id='hata'>Kimlik hatasý</font>");
}
$query_eoUsers = "select * from eo_users where id='{$upID}'";
$eoUsers = mysql_query($query_eoUsers, $yol);
// if(mysql_query($query_limit_eoUsers, $yol)) die(mysql_error());
$row_eoUsers = mysql_fetch_row($eoUsers);
?>
$islemi = "ders";
} elseif ($seciliSekme == "3") {
$islemi = "konu";
} elseif ($seciliSekme == "4") {
$islemi = "sayfa";
} elseif ($seciliSekme == "5") {
$islemi = "canliders";
}
if ($_GET["islem"] == "S") {
$islemi .= ", Delete";
} elseif ($_GET["islem"] == "G") {
$islemi .= ", Update";
} elseif ($_GET["islem"] == "E") {
$islemi .= ", Insert";
}
trackUser($currentFile, $islemi, $adi);
$sql = "";
switch ($_GET["islem"]) {
case "S":
$sql = "Delete From {$tabloAdi} where id={$seciliKayit}";
$result = mysql_query($sql, $yol);
if ($result) {
echo "<font id='tamam'>{$metin['501']}</font>";
} else {
echo "<font id='hata'><?php echo {$metin['102']} ?> işlemi tamamlanamadı! " . mysql_error() . "</font>";
}
break;
case "G":
if ($seciliSekme == "0") {
$okulAdi = temizle($_POST["okulAdi"]);
if (!empty($okulAdi)) {
}
} else {
if (@chmod($_uploadFolder, 0755)) {
echo "<font id='tamam'> Paylaþým klasörü salt okunur.</font>";
trackUser($currentFile, "success,SharedReadOnly", $adi);
}
}
$ayar5char = temizle($_POST['ayar5char1'] . "-" . $_POST['ayar5char2'] . "-" . $_POST['ayar5char3'] . "-" . $_POST['ayar5char4'] . "-" . $_POST['ayar5char5'] . "-" . $_POST['ayar5char6'] . "-" . $_POST['ayar5char7'] . "-" . $_POST['ayar5char8'] . "-" . $_POST['ayar5char9'] . "-" . $_POST['ayar5char10'] . "-" . $_POST['ayar5char11'] . "-" . $_POST['ayar5char12'] . "-" . $_POST['ayar5char13'] . "-" . $_POST['ayar5char14'] . "-" . $_POST['ayar5char15'] . "-" . $_POST['ayar5char16'] . "-" . $_POST['ayar5char17']);
$updateSQL = sprintf("\r\n\t\t\tUPDATE eo_sitesettings \r\n\t\t\tSET okulGenelAdi=%s, versiyon=%s, sayfaBlokSayisi=%s, \r\n\t\t\tsayfaKullaniciSayisi=%s, veriHareketleriSayisi=%s, \r\n\t\t\tayar4char=%s, ayar1int=%s, ayar2int=%s, ayar3int=%s, \r\n\t\t\tayar5char='%s',\r\n\t\t\tuploadFolder = %s,\r\n\t\t\tsiteUnlockPwd = %s,\r\n\t\t\tdefaultTheme = %s,\r\n\t\t\tdefaultLang = %s,\r\n\t\t\tfilesToPlay = %s,\r\n\t\t\tfileMaxUploadSize = %s,\r\n\t\t\tvideoChatSession = %s,\r\n\t\t\twhiteBoardSession = %s\r\n\t\t\t\r\n\t\t\tWHERE id='1'", temizle(GetSQLValueString($_POST['okulGenelAdi'], "text")), temizle(GetSQLValueString($_POST['versiyon'], "text")), temizle(GetSQLValueString($_POST['sayfaBlokSayisi'], "int")), temizle(GetSQLValueString($_POST['sayfaKullaniciSayisi'], "int")), temizle(GetSQLValueString($_POST['veriHareketleriSayisi'], "int")), temizle(GetSQLValueString($_POST['ayar4char'], "text")), temizle(GetSQLValueString($_POST['ayar1int'], "int")), temizle(GetSQLValueString($_POST['ayar2int'], "int")), temizle(GetSQLValueString($_POST['ayar3int'], "int")), $ayar5char, temizle(GetSQLValueString($_POST['uploadFolder'], "text")), temizle(GetSQLValueString($_POST['siteUnlockPwd'], "text")), temizle(GetSQLValueString($_POST['defaultTheme'], "text")), temizle(GetSQLValueString($_POST['defaultLang'], "text")), temizle(GetSQLValueString($_POST['filesToPlay'], "text")), temizle(GetSQLValueString($_POST['fileMaxUploadSize'], "int")), temizle(GetSQLValueString($_POST['videoChatSession'], "text")), temizle(GetSQLValueString($_POST['whiteBoardSession'], "text")));
mysql_select_db($_db, $yol);
$Result1 = mysql_query($updateSQL, $yol);
if ($Result1) {
trackUser($currentFile, "success,SiteInfo", $adi);
echo "<font id='uyari'> {$metin['536']}</font>";
} else {
trackUser($currentFile, "fail,SiteInfo", $adi);
echo "<font id='hata'> Site bilgilerinde hata olduðunda güncelleme iþleminiz tamamlanamadý!</font>";
}
}
}
?>
<br />
<br />
<?php
} else {
@header("Location: error.php?error=9");
die($metin[447]);
}
?>
<form name="form5" action="siteSettings3.php" method="post">
<table width="90%" border="0" cellspacing="0" cellpadding="3">
$hits = trackUser("Tripped Default SkipFish Fuzzing");
$response = randfuzz($fuzzdatalen * $hits);
break;
//This is a Burp Spider default test injection
//This is a Burp Spider default test injection
case "Peter Winter":
//Triggers Spider adding response to Target page
header('Location: index.php', true, 302);
$hits = trackUser("Tripped Default Burp Spider Fuzzing");
$response = randfuzz($fuzzdatalen * $hits);
break;
//This is a default string to test for SQLInjection
//This is a default string to test for SQLInjection
case "'":
header("HTTP/1.0 500 Internal Server Error");
$hits = trackUser("Tripped Common SQLInjection Fuzzing");
$response = randfuzz($fuzzdatalen * $hits);
break;
//Base response for unrecognized test
//Base response for unrecognized test
default:
$response = "testing";
}
}
//below is the random functions
function randfuzz($len)
{
if (is_readable('/dev/urandom')) {
$f = fopen('/dev/urandom', 'r');
$urandom = fread($f, $len);
fclose($f);
$old_ids = DatabaseQueryReturn("SELECT * FROM `sessions` WHERE `timestamp` <= '" . ($time - VISIT_TIMEOUT) . "';");
foreach ($old_ids as $ids) {
DatabaseQuery("DELETE FROM `sessions` WHERE `id`='{$ids['id']}'");
DatabaseQuery("DELETE FROM `sessions_cache` WHERE `name`='{$ids['id']}'");
}
}
if (!isset($a)) {
if (!isset($_SESSION['us'])) {
trackUser($_SERVER['REMOTE_ADDR']);
?>
<font face="Century Gothic" style="letter-spacing : 2px;" size="0.8em" color="#000000"><center><b>Not Logged In</b><div id="link"> ( <a href="grid_account.php?a=login" title="Login" onclick="Modalbox.show(this.href, {title: this.title, width: 350}); return false;">Login</a> | <a href="grid_account.php?a=register" title="Registration" onclick="Modalbox.show(this.href, {title: this.title, width: 350}); return false;">Register</a> )</center></font></div>
<?php
} else {
?>
<?php
trackUser($_SESSION['us']);
?>
<font face="Century Gothic" style="letter-spacing : 2px;" size="0.8em" color="#000000"><center>Logged In As: <b><?php
echo $_SESSION['us'];
?>
</b><div id="link"> ( <a href="javascript:void(0);" onclick="jah('grid_account.php?a=logout&sessions=true','account')">Logout</a> | <a href="grid_account.php?a=settings" title="Settings" onclick="Modalbox.show(this.href, {title: this.title, width: 350}); return false;">Settings</a> )</center></font></div>
<?php
}
} elseif ($a == 'login') {
?>
<?php
if ($p == '1') {
$us = $_GET['username'];
$pw = $_GET['password'];
$validate = DatabaseQueryReturn("SELECT COUNT(*) FROM `registered` WHERE `username`='{$us}' AND `password`='{$pw}'");
if ($validate[0]['COUNT(*)'] > 0) {
echo "<br/>{$metin['7']}, " . temizle($_POST["realN"]) . "<br/><br/>";
echo $metin[408];
$_SESSION["tur"] = "0";
//varsayýlan öðrencidir...
$_SESSION["usern"] = $_POST['userName'];
$_SESSION["userp"] = sha1($_POST['userPassword1']);
trackUser($currentFile, "success,Login", $_SESSION["usern"]);
if (ayarGetir("ayar4char") != "") {
if (newUserMail($_POST['userName'], $_POST['email']) == "allOK") {
echo "<br/><br/>Yeni Üyelik Epostasý Baþarýlýdýr.";
} else {
echo "<br/><br/>Yeni Üyelik Epostasý Baþarýlý olamadý!";
}
}
} else {
trackUser($currentFile, "fail,NewUser", $_POST['userName']);
echo $metin[409];
}
} else {
require_once "lib/phplivex.php";
/*
validate:
yeni kullanýcý adý testi
*/
function validate($username)
{
global $metin;
if (strlen($username) >= 5) {
//usleep(250000);
if (checkUserName($username)) {
$msg = $metin[411];
$filtr2 = "";
$arayici = temizle(isset($_GET['arama']) ? $_GET['arama'] : "");
if ($arayici != "") {
$filtr2 = " where (userName like '%{$arayici}%' or realName like '%{$arayici}%' ) ";
} else {
$filtr2 = " where 1=1 ";
}
if (isset($_GET['id']) && $_GET['id'] != "" && (!empty($_GET['delCon']) and $_GET['delCon'] == "1")) {
$deleteSQL = sprintf("DELETE FROM eo_users WHERE id=%s", temizle(GetSQLValueString($_GET['id'], "int")));
mysql_select_db($_db, $yol);
$Result1 = mysql_query($deleteSQL, $yol);
if ($Result1) {
trackUser($currentFile, "success,DelMember", $adi);
echo "<font id='uyari'> {$metin['501']}</font>";
} else {
trackUser($currentFile, "fail,DelMember", $adi);
echo "<font id='hata'>Üye silme iþleminiz tamamlanamadý!</font>";
}
}
$pageCnt = GetSQLValueString(isset($_GET['pageCnt']) ? $_GET['pageCnt'] : "", "int");
if ($pageCnt == "NULL") {
$pageCnt = GetSQLValueString(isset($_SESSION['pageCnt']) ? $_SESSION['pageCnt'] : "", "int");
} else {
$_SESSION['pageCnt'] = $pageCnt;
}
if ($pageCnt >= 1) {
$maxRows_eoUsers = $pageCnt;
} else {
$maxRows_eoUsers = ayarGetir("sayfaKullaniciSayisi");
}
$pageNum_eoUsers = 0;
$Result3 = mysql_query($deleteSQL3, $yol) or die(mysql_error());
if ($Result3) {
$delSonuc = "<font id='uyari'>Soru ve cevaplarý silindi</font>";
}
trackUser($currentFile, "success,DelQue", $adi);
echo $delSonuc;
}
}
if (isset($_POST["gonder"])) {
if ($_POST["ccode3"] == $_SESSION["ccode3"]) {
if (!empty($_POST["soru"]) and !empty($_POST["dersID"])) {
if (soruEkle($_POST)) {
trackUser($currentFile, "success,AddQue", $adi);
echo "<font id='tamam'>Sorunuz eklendi.</font>";
} else {
trackUser($currentFile, "fail,AddQue", $adi);
echo "<font id='hata'>Sorunuz eklenemedi!</font>";
}
}
}
}
$ccode3 = newPassw();
$_SESSION["ccode3"] = $ccode3;
?>
<fieldset>
<legend><?php
echo $metin[645];
?>
</legend>
<form action="askQuestion.php" method="post" name="soruGonder">
<textarea cols="50" rows="5" name="soru" style="height:93px;border:1px solid #000;"></textarea>
