function cevapOy($deger, $userID, $cevapID) { global $yol1, $currentFile; if (!empty($userID) && !empty($cevapID)) { if (cevapOyVar($userID, $cevapID)) { $sql2 = "UPDATE eo_askanswerrate \r\n\t\t\t\t\tSET degeri='{$deger}'\r\n\t\t\t\t\tWHERE userID='{$userID}' and cevapID='{$cevapID}'\t\t\t\t\t\r\n\t\t\t\t\t"; } else { $sql2 = "INSERT INTO eo_askanswerrate \r\n\t\t\t\t\t(degeri,userID,cevapID)\r\n\t\t\t \t\tVALUES\r\n\t\t\t\t\t('{$deger}','{$userID}', '{$cevapID}')\r\n\t\t\t\t\t"; } $result2 = mysql_query($sql2, $yol1); if ($result2) { echo "Oy verdiniz."; trackUser($currentFile, "success,QuesVote", RemoveXSS($_SESSION["usern"])); } else { echo "Oy verilemedi!"; trackUser($currentFile, "fail,QuesVote", RemoveXSS($_SESSION["usern"])); } } else { echo "Oy verilemedi!"; } }
<?php include "api/conn.php"; if (IsLogin()) { trackUser(); include "__header.php"; include "__nav.php"; include "__dashboard.php"; include "__footer.php"; } else { include "__login.php"; }
if ($tur == "2") { //yöneticiler iþlem yapabilir $currentPage = $_SERVER["PHP_SELF"]; $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if (isset($_POST["MM_update"]) && $_POST["MM_update"] == "form3") { $updateSQL = sprintf("UPDATE eo_friends SET duvarYazisi=%s WHERE id=%s", RemoveXSS(GetSQLValueString($_POST['wall'], "text")), temizle(GetSQLValueString($_POST['id'], "int"))); mysql_select_db($_db, $yol); $Result1 = mysql_query($updateSQL, $yol); if ($Result1) { trackUser($currentFile, "success,WallInfo", $adi); echo "<font id='tamam'>{$metin['536']}</font>"; } else { trackUser($currentFile, "fail,WallInfo", $adi); echo "<font id='hata'>{$metin['626']}</font>"; } } if (isset($_GET['id']) && $_GET['id'] != "" && !empty($_GET['delCon']) and $_GET['delCon'] == "1") { $deleteSQL = sprintf("DELETE FROM eo_friends WHERE id=%s", GetSQLValueString($_GET['id'], "int")); mysql_select_db($_db, $yol); $Result1 = mysql_query($deleteSQL, $yol) or die(mysql_error()); if ($Result1) { echo "<font id='uyari'>{$metin['501']}</font>"; } } $pageCnt = GetSQLValueString(isset($_GET['pageCnt']) ? $_GET['pageCnt'] : "", "int"); if ($pageCnt == "NULL") { $pageCnt = GetSQLValueString(isset($_SESSION['pageCnt2']) ? $_SESSION['pageCnt2'] : "", "int"); } else {
} $status = array(); if ($rfc1867) { $status = apc_fetch('upload_' . $id); } if (!$status) { $status = array(); } $status['done'] = 1; $status['width'] = $size[0]; $status['url'] = $filename; if ($rfc1867) { apc_store('upload_' . $id, $status); } dosyaKaydet(strtolower($filename), getUserID2($_SESSION["usern"])); trackUser($currentFile, "success,FileUp", $_SESSION["usern"]); $status['id'] = getDosyaID($filename); nicupload_output($status, $rfc1867); exit; } else { if (isset($_GET['check'])) { // Upload progress check $check = $_GET['check']; if (!is_numeric($check)) { nicupload_error('Invalid upload progress id'); } if ($rfc1867) { $status = apc_fetch('upload_' . $check); if ($status['total'] > 500000 && $status['current'] / $status['total'] < 0.9) { // Large file and we are < 90% complete $status['interval'] = 3000;
} } if (isset($_POST["MM_update"]) && $_POST["MM_update"] == "form3" && $tur == "2") { if (GetSQLValueString($_POST['messageid'], "text") == 'NULL' || GetSQLValueString($_POST['message'], "text") == 'NULL') { echo "<font id='hata'>Bilgilerinde eksik alanlar vardýr.</font>"; } else { $gelenyorum = str_replace("\r\n", "<br/>", $_POST['message']); $gelenyorum = RemoveXSS($gelenyorum); $updateSQL = sprintf("UPDATE eo_shoutbox SET message='%s' WHERE messageid=%s", $gelenyorum, temizle(GetSQLValueString($_POST['messageid'], "int"))); mysql_select_db($_db, $yol); $Result1 = mysql_query($updateSQL, $yol); if ($Result1) { trackUser($currentFile, "success,ChatMess", $adi); echo "<font id='tamam'> {$metin['536']}</font>"; } else { trackUser($currentFile, "fail,ChatMess", $adi); echo "<font id='hata'> Bilgide hata olduðundan güncelleme iþleminiz tamamlanamadý!</font>"; } } } if (empty($_GET["yonU"])) { $_GET["yonU"] = ""; } if (empty($_SESSION["siraYonu2"])) { $siraYonu = "desc"; $_SESSION["siraYonu2"] = $siraYonu; } else { if (!empty($_GET['siraYap']) and $_GET["yonU"] != "dur" && $_GET['siraYap'] == "OK") { $siraYonu = $_SESSION["siraYonu2"] == "desc" ? "asc" : "desc"; $_SESSION["siraYonu2"] = $siraYonu; } else {
function cevapSil($cevapID, $userID) { global $yol1, $tur, $currentFile; if (!empty($userID) && !empty($cevapID)) { if ($tur == "2" or cevapSahibi($cevapID) == $userID) { $sql2 = "DELETE FROM eo_askanswerrate \r\n\t\t\t\t\t WHERE cevapID = {$cevapID}"; $result2 = mysql_query($sql2, $yol1); $sql2 = "DELETE FROM eo_askanswer \r\n\t\t\t\t\t WHERE id = {$cevapID}"; $result2 = mysql_query($sql2, $yol1); if ($result2) { echo "Cevap ve oylar silindi."; trackUser($currentFile, "success,DelAnsw", RemoveXSS($_SESSION["usern"])); } else { echo "Cevap ve oylar silinemedi!"; trackUser($currentFile, "fail,DelAnsw", RemoveXSS($_SESSION["usern"])); } } } else { echo "Cevap ve oylar silinemiyor!"; } }
if ($adi == "") { $adi = temizle(substr(isset($_SESSION["usern"]) ? $_SESSION["usern"] : "", 0, 15)); $par = temizle(isset($_SESSION["userp"]) ? $_SESSION["userp"] : ""); } else { if (checkRealUser($adi, $par) == "-2") { trackUser($currentFile, "fail,Login", $adi); } else { //eðer 5 dakika içinde zaten girmiþ ise (flood gibi) $sonGirisDakikasi = sonLoginDakikasi($adi); if ($sonGirisDakikasi >= 0 and $sonGirisDakikasi < 5) { sessionDestroy(); header("Location: error.php?error=7"); die("<font id='hata'> " . $metin[404] . " (1)</font><p>" . $metin[402] . "</p>"); } setcookie("theme", kullaniciTema($adi), time() + 60 * 60 * 24 * 30); trackUser($currentFile, "success,Login", $adi); //first time good login header("Location: index.php"); } } /* if($adi=="" || $par=="") { header("Location: error.php?error=2"); die("<font id='hata'> ".$metin[403]."</font><br/>".$metin[402]); //EMPTY? } */ $pass = false; if ($adi != "" && $par != "") { $tur = checkRealUser($adi, $par); //eðer pasif ise if ($tur <= -1 || $tur > 2) { sessionDestroy();
$gelenID = temizle($_GET["id"]); $gelenDeger = temizle($_GET["value"]); if ($gelenDeger == "0") { $gelenDeger = "1"; } else { if ($gelenDeger == "1") { $gelenDeger = "0"; } else { $gelenDeger = "0"; } } $gelenSorgu = "update eo_comments set active={$gelenDeger} WHERE id = ({$gelenID})"; $sonuc = mysql_query($gelenSorgu, $yol); if ($sonuc) { echo "<font id='uyari'>Seçilen kayýt güncellendi</font>"; trackUser($currentFile, "CmtUpd-{$gelenDeger}-{$gelenID}", $adi); } else { echo "<font id='hata'>Seçilen kayýt güncellenemedi!</font>"; } } if (empty($_GET["yonU"])) { $_GET["yonU"] = ""; } if (empty($_SESSION["siraYonu2"])) { $siraYonu = "desc"; $_SESSION["siraYonu2"] = $siraYonu; } else { if (!empty($_GET['siraYap']) and $_GET["yonU"] != "dur" && $_GET['siraYap'] == "OK") { $siraYonu = $_SESSION["siraYonu2"] == "desc" ? "asc" : "desc"; $_SESSION["siraYonu2"] = $siraYonu; } else {
margin: 5px; padding: 10px; background:url(img/soruArka.gif) repeat-x top left fixed ; background-color: #fff; } </style> </head> <body> <?php if (isset($_SESSION["usern"])) { $adi = RemoveXSS($_SESSION["usern"]); } if (isset($_POST["reopenPwd"])) { if ($_POST["reopenPwd"] == $_siteUnlockPwd and !empty($_siteUnlockPwd) and !empty($_POST["reopenPwd"])) { if (siteAc()) { trackUser($currentFile, "success,SiteUnlock", $adi); die("<br/>{$metin['531']}<p>{$metin['402']}</p>"); } } } ?> <TABLE align="center" width="100%" height="100%" style="background-color:#C00"> <tr> <td height="100%" valign="middle" ><table align="center"> <tr> <td><h2 align="center">eOgr - <?php echo $metin[489]; ?> </h2> <p style="margin-top:50px;"> <font color="#FF0000" > <?php echo $metin[402];
$target_path = $destination_path . basename(strtolower($_FILES['myfile']['name'])); if (file_exists($target_path)) { $result = -2; trackUser($currentFile, "fail,FileUp", $_SESSION["usern"]); } else { if (@move_uploaded_file($_FILES['myfile']['tmp_name'], $target_path)) { $result = 1; dosyaKaydet(strtolower($_FILES['myfile']['name']), getUserID2($_SESSION["usern"])); trackUser($currentFile, "success,FileUp", $_SESSION["usern"]); } else { $result = 0; } } } catch (Exception $e) { echo "<script>alert('Hata : {$e}');</script>"; trackUser($currentFile, "fail,FileUp", $_SESSION["usern"]); $result = 0; } } } } } } } } } /*echo "<script>alert('$result - Hata : ".$_FILES['myfile']['name']."');</script>"; */ sleep(1); //? ?> <script language="javascript" type="text/javascript">
$dbPassword = $_password; $sqlFile = "REPAIR TABLE eo_1okul, eo_2sinif, eo_3ders, eo_4konu, eo_5sayfa, eo_floodprotection, eo_shoutbox, eo_sitesettings, eo_users, eo_sinifogre, eo_usertrack, eo_userworks, eo_webref_rss_details, eo_webref_rss_items,eo_comments,eo_rating, eo_files, eo_friends, eo_askanswer, eo_askanswerrate, eo_askquestion, eo_livelesson; \r\n\t\tOPTIMIZE TABLE eo_1okul, eo_2sinif, eo_3ders, eo_4konu, eo_5sayfa, eo_floodprotection, eo_shoutbox, eo_sitesettings, eo_users, eo_sinifogre, eo_usertrack, eo_userworks, eo_webref_rss_details, eo_webref_rss_items,eo_comments,eo_rating, eo_files, eo_friends, eo_askanswer, eo_askanswerrate, eo_askquestion, eo_livelesson;"; $baglan2 = mysql_connect($host, $dbUser, $dbPassword); if (!$baglan2) { echo "<font id='hata'> Lüften, 'veritabanı' <a href=install.php>kurulumunu (installation)</a> yapınız!</font>"; } $yol22 = $baglan2; if (mysql_select_db($_db, $yol22)) { $newImport = new sqlImport($host, $dbUser, $dbPassword, $sqlFile); $importumuz = $newImport->importa(); if ($importumuz == 0) { trackUser($currentFile, "success,DBOptim", $adi); echo "<font id='tamam'>{$metin['539']}</font><br/>"; } else { echo "<font id='hata'>" . $importumuz . "</font><br/>"; trackUser($currentFile, "fail,DBOptim", $adi); } mysql_close($yol22); } $sqlFile = ""; } } else { @header("Location: error.php?error=9"); die($metin[447]); } ?> <br /> <form id="sqlimp" name="sqlimp" method="post" action="siteSettings2.php"> <label title="<?php echo "SQL Import"; ?>
echo "<font id='hata'> {$metin['413']} {$metin['416']}</font><br/>" . $metin[402]; break; case 'noUser': trackUser($currentFile, "fail,{$sonuc}", $_POST['userName']); echo "<font id='hata'> {$metin['413']} {$metin['417']}</font><br/>" . $metin[402]; break; case 'emptyData': trackUser($currentFile, "fail,{$sonuc}", $_POST['userName']); echo "<font id='hata'> {$metin['413']} {$metin['418']}</font><br/>" . $metin[402]; break; case 'allOK': trackUser($currentFile, "success,NewPwd", $_POST['userName']); echo "<font id='tamam'> {$metin['414']} </font>" . $metin[402]; break; case 'noChange': trackUser($currentFile, "fail,{$sonuc}", $_POST['userName']); echo "<font id='hata'> {$metin['413']} {$metin['419']}</font>" . $metin[402]; break; } } else { if (!empty($_SESSION["passRem"]) and $_SESSION["passRem"] == "yes") { die($metin[410]); } //form data? ?> <script type="text/javascript" src="lib/jquery.validate.min.js"></script> <script type="text/javascript"> $().ready(function() { $("#form1").validate({ rules: { userName: {
if ($_POST['prldeg'] == "secili") { $updateSQL = sprintf("UPDATE eo_users SET realName=%s, userEmail=%s, userBirthDate='%s' WHERE id=%s", temizle(RemoveXSS(GetSQLValueString($_POST['realName'], "text"))), temizle(RemoveXSS(GetSQLValueString($_POST['userEmail'], "text"))), tarihYap($_POST['userBirthDate']), temizle(RemoveXSS(GetSQLValueString($_POST['id'], "int")))); } else { $updateSQL = sprintf("UPDATE eo_users SET userPassword=sha1(%s), realName=%s, userEmail=%s, userBirthDate='%s' WHERE id=%s", temizle(RemoveXSS(GetSQLValueString($_POST['userPassword'], "text"))), temizle(RemoveXSS(GetSQLValueString($_POST['realName'], "text"))), temizle(RemoveXSS(GetSQLValueString($_POST['userEmail'], "text"))), tarihYap($_POST['userBirthDate']), temizle(RemoveXSS(GetSQLValueString($_POST['id'], "int")))); } mysql_select_db($_db, $yol); $Result1 = mysql_query($updateSQL, $yol); if ($Result1) { echo "<font id='tamam'> {$metin['536']}</font>"; trackUser($currentFile, "success,UserInf", $adi); if ($_POST['prldeg'] != "secili") { trackUser($currentFile, "success,PasswdC", $adi); die("<font id='hata'> Parolanýzý deðiþtirdiðiniz için tekrar oturum açmanýz gerekmektedir!</font>"); } } else { trackUser($currentFile, "fail,UserInf", $adi); echo "<font id='hata'> Üye bilgilerinizde hata olduðunda güncelleme iþleminiz tamamlanamadý! Örneðin kullanýlan bir eposta adresi girdiniz.</font>"; } } } } $upID = getUserID($adi, $par); mysql_select_db($_db, $yol); if ($upID == "") { die("<font id='hata'>Kimlik hatasý</font>"); } $query_eoUsers = "select * from eo_users where id='{$upID}'"; $eoUsers = mysql_query($query_eoUsers, $yol); // if(mysql_query($query_limit_eoUsers, $yol)) die(mysql_error()); $row_eoUsers = mysql_fetch_row($eoUsers); ?>
$islemi = "ders"; } elseif ($seciliSekme == "3") { $islemi = "konu"; } elseif ($seciliSekme == "4") { $islemi = "sayfa"; } elseif ($seciliSekme == "5") { $islemi = "canliders"; } if ($_GET["islem"] == "S") { $islemi .= ", Delete"; } elseif ($_GET["islem"] == "G") { $islemi .= ", Update"; } elseif ($_GET["islem"] == "E") { $islemi .= ", Insert"; } trackUser($currentFile, $islemi, $adi); $sql = ""; switch ($_GET["islem"]) { case "S": $sql = "Delete From {$tabloAdi} where id={$seciliKayit}"; $result = mysql_query($sql, $yol); if ($result) { echo "<font id='tamam'>{$metin['501']}</font>"; } else { echo "<font id='hata'><?php echo {$metin['102']} ?> işlemi tamamlanamadı! " . mysql_error() . "</font>"; } break; case "G": if ($seciliSekme == "0") { $okulAdi = temizle($_POST["okulAdi"]); if (!empty($okulAdi)) {
} } else { if (@chmod($_uploadFolder, 0755)) { echo "<font id='tamam'> Paylaþým klasörü salt okunur.</font>"; trackUser($currentFile, "success,SharedReadOnly", $adi); } } $ayar5char = temizle($_POST['ayar5char1'] . "-" . $_POST['ayar5char2'] . "-" . $_POST['ayar5char3'] . "-" . $_POST['ayar5char4'] . "-" . $_POST['ayar5char5'] . "-" . $_POST['ayar5char6'] . "-" . $_POST['ayar5char7'] . "-" . $_POST['ayar5char8'] . "-" . $_POST['ayar5char9'] . "-" . $_POST['ayar5char10'] . "-" . $_POST['ayar5char11'] . "-" . $_POST['ayar5char12'] . "-" . $_POST['ayar5char13'] . "-" . $_POST['ayar5char14'] . "-" . $_POST['ayar5char15'] . "-" . $_POST['ayar5char16'] . "-" . $_POST['ayar5char17']); $updateSQL = sprintf("\r\n\t\t\tUPDATE eo_sitesettings \r\n\t\t\tSET okulGenelAdi=%s, versiyon=%s, sayfaBlokSayisi=%s, \r\n\t\t\tsayfaKullaniciSayisi=%s, veriHareketleriSayisi=%s, \r\n\t\t\tayar4char=%s, ayar1int=%s, ayar2int=%s, ayar3int=%s, \r\n\t\t\tayar5char='%s',\r\n\t\t\tuploadFolder = %s,\r\n\t\t\tsiteUnlockPwd = %s,\r\n\t\t\tdefaultTheme = %s,\r\n\t\t\tdefaultLang = %s,\r\n\t\t\tfilesToPlay = %s,\r\n\t\t\tfileMaxUploadSize = %s,\r\n\t\t\tvideoChatSession = %s,\r\n\t\t\twhiteBoardSession = %s\r\n\t\t\t\r\n\t\t\tWHERE id='1'", temizle(GetSQLValueString($_POST['okulGenelAdi'], "text")), temizle(GetSQLValueString($_POST['versiyon'], "text")), temizle(GetSQLValueString($_POST['sayfaBlokSayisi'], "int")), temizle(GetSQLValueString($_POST['sayfaKullaniciSayisi'], "int")), temizle(GetSQLValueString($_POST['veriHareketleriSayisi'], "int")), temizle(GetSQLValueString($_POST['ayar4char'], "text")), temizle(GetSQLValueString($_POST['ayar1int'], "int")), temizle(GetSQLValueString($_POST['ayar2int'], "int")), temizle(GetSQLValueString($_POST['ayar3int'], "int")), $ayar5char, temizle(GetSQLValueString($_POST['uploadFolder'], "text")), temizle(GetSQLValueString($_POST['siteUnlockPwd'], "text")), temizle(GetSQLValueString($_POST['defaultTheme'], "text")), temizle(GetSQLValueString($_POST['defaultLang'], "text")), temizle(GetSQLValueString($_POST['filesToPlay'], "text")), temizle(GetSQLValueString($_POST['fileMaxUploadSize'], "int")), temizle(GetSQLValueString($_POST['videoChatSession'], "text")), temizle(GetSQLValueString($_POST['whiteBoardSession'], "text"))); mysql_select_db($_db, $yol); $Result1 = mysql_query($updateSQL, $yol); if ($Result1) { trackUser($currentFile, "success,SiteInfo", $adi); echo "<font id='uyari'> {$metin['536']}</font>"; } else { trackUser($currentFile, "fail,SiteInfo", $adi); echo "<font id='hata'> Site bilgilerinde hata olduðunda güncelleme iþleminiz tamamlanamadý!</font>"; } } } ?> <br /> <br /> <?php } else { @header("Location: error.php?error=9"); die($metin[447]); } ?> <form name="form5" action="siteSettings3.php" method="post"> <table width="90%" border="0" cellspacing="0" cellpadding="3">
$hits = trackUser("Tripped Default SkipFish Fuzzing"); $response = randfuzz($fuzzdatalen * $hits); break; //This is a Burp Spider default test injection //This is a Burp Spider default test injection case "Peter Winter": //Triggers Spider adding response to Target page header('Location: index.php', true, 302); $hits = trackUser("Tripped Default Burp Spider Fuzzing"); $response = randfuzz($fuzzdatalen * $hits); break; //This is a default string to test for SQLInjection //This is a default string to test for SQLInjection case "'": header("HTTP/1.0 500 Internal Server Error"); $hits = trackUser("Tripped Common SQLInjection Fuzzing"); $response = randfuzz($fuzzdatalen * $hits); break; //Base response for unrecognized test //Base response for unrecognized test default: $response = "testing"; } } //below is the random functions function randfuzz($len) { if (is_readable('/dev/urandom')) { $f = fopen('/dev/urandom', 'r'); $urandom = fread($f, $len); fclose($f);
$old_ids = DatabaseQueryReturn("SELECT * FROM `sessions` WHERE `timestamp` <= '" . ($time - VISIT_TIMEOUT) . "';"); foreach ($old_ids as $ids) { DatabaseQuery("DELETE FROM `sessions` WHERE `id`='{$ids['id']}'"); DatabaseQuery("DELETE FROM `sessions_cache` WHERE `name`='{$ids['id']}'"); } } if (!isset($a)) { if (!isset($_SESSION['us'])) { trackUser($_SERVER['REMOTE_ADDR']); ?> <font face="Century Gothic" style="letter-spacing : 2px;" size="0.8em" color="#000000"><center><b>Not Logged In</b><div id="link"> ( <a href="grid_account.php?a=login" title="Login" onclick="Modalbox.show(this.href, {title: this.title, width: 350}); return false;">Login</a> | <a href="grid_account.php?a=register" title="Registration" onclick="Modalbox.show(this.href, {title: this.title, width: 350}); return false;">Register</a> )</center></font></div> <?php } else { ?> <?php trackUser($_SESSION['us']); ?> <font face="Century Gothic" style="letter-spacing : 2px;" size="0.8em" color="#000000"><center>Logged In As: <b><?php echo $_SESSION['us']; ?> </b><div id="link"> ( <a href="javascript:void(0);" onclick="jah('grid_account.php?a=logout&sessions=true','account')">Logout</a> | <a href="grid_account.php?a=settings" title="Settings" onclick="Modalbox.show(this.href, {title: this.title, width: 350}); return false;">Settings</a> )</center></font></div> <?php } } elseif ($a == 'login') { ?> <?php if ($p == '1') { $us = $_GET['username']; $pw = $_GET['password']; $validate = DatabaseQueryReturn("SELECT COUNT(*) FROM `registered` WHERE `username`='{$us}' AND `password`='{$pw}'"); if ($validate[0]['COUNT(*)'] > 0) {
echo "<br/>{$metin['7']}, " . temizle($_POST["realN"]) . "<br/><br/>"; echo $metin[408]; $_SESSION["tur"] = "0"; //varsayýlan öðrencidir... $_SESSION["usern"] = $_POST['userName']; $_SESSION["userp"] = sha1($_POST['userPassword1']); trackUser($currentFile, "success,Login", $_SESSION["usern"]); if (ayarGetir("ayar4char") != "") { if (newUserMail($_POST['userName'], $_POST['email']) == "allOK") { echo "<br/><br/>Yeni Üyelik Epostasý Baþarýlýdýr."; } else { echo "<br/><br/>Yeni Üyelik Epostasý Baþarýlý olamadý!"; } } } else { trackUser($currentFile, "fail,NewUser", $_POST['userName']); echo $metin[409]; } } else { require_once "lib/phplivex.php"; /* validate: yeni kullanýcý adý testi */ function validate($username) { global $metin; if (strlen($username) >= 5) { //usleep(250000); if (checkUserName($username)) { $msg = $metin[411];
$filtr2 = ""; $arayici = temizle(isset($_GET['arama']) ? $_GET['arama'] : ""); if ($arayici != "") { $filtr2 = " where (userName like '%{$arayici}%' or realName like '%{$arayici}%' ) "; } else { $filtr2 = " where 1=1 "; } if (isset($_GET['id']) && $_GET['id'] != "" && (!empty($_GET['delCon']) and $_GET['delCon'] == "1")) { $deleteSQL = sprintf("DELETE FROM eo_users WHERE id=%s", temizle(GetSQLValueString($_GET['id'], "int"))); mysql_select_db($_db, $yol); $Result1 = mysql_query($deleteSQL, $yol); if ($Result1) { trackUser($currentFile, "success,DelMember", $adi); echo "<font id='uyari'> {$metin['501']}</font>"; } else { trackUser($currentFile, "fail,DelMember", $adi); echo "<font id='hata'>Üye silme iþleminiz tamamlanamadý!</font>"; } } $pageCnt = GetSQLValueString(isset($_GET['pageCnt']) ? $_GET['pageCnt'] : "", "int"); if ($pageCnt == "NULL") { $pageCnt = GetSQLValueString(isset($_SESSION['pageCnt']) ? $_SESSION['pageCnt'] : "", "int"); } else { $_SESSION['pageCnt'] = $pageCnt; } if ($pageCnt >= 1) { $maxRows_eoUsers = $pageCnt; } else { $maxRows_eoUsers = ayarGetir("sayfaKullaniciSayisi"); } $pageNum_eoUsers = 0;
$Result3 = mysql_query($deleteSQL3, $yol) or die(mysql_error()); if ($Result3) { $delSonuc = "<font id='uyari'>Soru ve cevaplarý silindi</font>"; } trackUser($currentFile, "success,DelQue", $adi); echo $delSonuc; } } if (isset($_POST["gonder"])) { if ($_POST["ccode3"] == $_SESSION["ccode3"]) { if (!empty($_POST["soru"]) and !empty($_POST["dersID"])) { if (soruEkle($_POST)) { trackUser($currentFile, "success,AddQue", $adi); echo "<font id='tamam'>Sorunuz eklendi.</font>"; } else { trackUser($currentFile, "fail,AddQue", $adi); echo "<font id='hata'>Sorunuz eklenemedi!</font>"; } } } } $ccode3 = newPassw(); $_SESSION["ccode3"] = $ccode3; ?> <fieldset> <legend><?php echo $metin[645]; ?> </legend> <form action="askQuestion.php" method="post" name="soruGonder"> <textarea cols="50" rows="5" name="soru" style="height:93px;border:1px solid #000;"></textarea>