if ($id) { $db->query("\n UPDATE makaleler SET \n baslik = '{$baslik}',\n altbaslik = '{$altbaslik}',\n aciklama = '{$aciklama}',\n icerik = '{$icerik}',\n tarih = '{$tarih}',\n aktif = {$aktif},\n kullanici = {$kullanici},\n yapiskan = {$yapiskan},\n url = '{$url}',\n sablon = '{$sablon}',\n akis = {$akis},\n sid = {$sid}\n WHERE id = {$id}\n "); } else { $db->query("\n INSERT INTO makaleler \n ( \n baslik,\n altbaslik,\n aciklama,\n icerik,\n tarih,\n aktif,\n kullanici,\n yapiskan,\n url,\n sablon,\n akis,\n sid\n ) VALUES (\n '{$baslik}',\n '{$altbaslik}',\n '{$aciklama}',\n '{$icerik}',\n '{$tarih}',\n {$aktif},\n {$kullanici},\n {$yapiskan},\n '{$url}',\n '{$sablon}',\n {$akis},\n {$sid}\n )\n "); $id = current($db->query("SELECT LAST_INSERT_ID() FROM makaleler")->fetch_row()); } $etiketidliste = array(); $rs = $db->query("SELECT eid FROM etiketgruplari WHERE mid = {$id}"); while ($item = current($rs->fetch_row())) { $etiketidliste[$item] = 'sil'; } foreach ($etiket as $item) { if ($item) { $dummyid = current($db->query("SELECT id FROM etiketler WHERE isim = '" . s_addslashes($item) . "' AND sid = {$_SESSION['sid']}")->fetch_row()); if (!$dummyid) { $db->query("INSERT INTO etiketler (isim, sid) VALUES('" . s_addslashes($item) . "', {$_SESSION['sid']})"); $dummyid = current($db->query("SELECT LAST_INSERT_ID() FROM etiketler")->fetch_row()); } $etiketidliste[$dummyid] = $etiketidliste[$dummyid] == 'sil' ? 'kal' : 'ekle'; } } foreach ($etiketidliste as $item => $val) { switch ($val) { case 'sil': $db->query("DELETE FROM etiketgruplari WHERE eid = {$item} AND mid = {$id}"); break; case 'ekle': $db->query("INSERT INTO etiketgruplari (eid, mid) VALUES({$item}, {$id})"); break; } }
<?php if (!$_SESSION['user']['id']) { return; } if ($_POST['id']) { $siteurl = $_POST['url']; if (substr($siteurl, -1) == '/') { $siteurl = substr($siteurl, 0, strlen($siteurl) - 1); } $anadizin = $_POST['anadizin']; while (strpos($anadizin, '//') !== FALSE) { $anadizin = str_replace('//', '/', '/' . $anadizin . '/'); } $db->query("\n UPDATE sitebilgi \n SET \n dil = '" . s_addslashes($_POST['dil']) . "',\n charset = '" . s_addslashes($_POST['charset']) . "',\n zamandilimi = '" . s_addslashes($_POST['zamandilimi']) . "',\n aciklama = '" . s_addslashes($_POST['aciklama']) . "',\n keywords = '" . s_addslashes($_POST['keywords']) . "',\n isim = '" . s_addslashes($_POST['isim']) . "',\n url = '" . s_addslashes($siteurl) . "',\n foto = '" . s_addslashes($_POST['foto']) . "',\n baslik = '" . s_addslashes($_POST['baslik']) . "',\n asbaslik = '" . s_addslashes($_POST['asbaslik']) . "',\n asaltbaslik = '" . s_addslashes($_POST['asaltbaslik']) . "',\n tarihformat = '" . s_addslashes($_POST['tarihformat']) . "',\n tarihsaatformat = '" . s_addslashes($_POST['tarihsaatformat']) . "',\n kisametin = " . (intval($_POST['kisametin']) > 0 ? intval($_POST['kisametin']) : 0) . ",\n ortametin = " . (intval($_POST['ortametin']) > 0 ? intval($_POST['ortametin']) : 0) . ",\n uzunmetin = " . (intval($_POST['uzunmetin']) > 0 ? intval($_POST['uzunmetin']) : 0) . ",\n satirsayi = " . (intval($_POST['satirsayi']) > 0 ? intval($_POST['satirsayi']) : 0) . ",\n yazar = '" . s_addslashes($_POST['yazar']) . "',\n yazarposta = '" . s_addslashes($_POST['yazarposta']) . "',\n anadizin = '" . s_addslashes($anadizin) . "',\n postaadres = '" . s_addslashes($_POST['postaadres']) . "',\n postasunucu = '" . s_addslashes($_POST['postasunucu']) . "',\n postakullanici = '" . s_addslashes($_POST['postakullanici']) . "',\n postasifre = '" . s_addslashes($_POST['postasifre']) . "',\n postaport = '" . s_addslashes($_POST['postaport']) . "',\n postaauth = " . (intval($_POST['postaauth']) > 0 ? intval($_POST['postaauth']) : 0) . ",\n g_analytics = '" . s_addslashes($_POST['g_analytics']) . "',\n aktif = " . ($_POST['aktif'] ? 1 : 0) . "\n WHERE id = {$_POST['id']}"); $ad = str_replace('\\', '/', $_SERVER['DOCUMENT_ROOT']); $ad = str_replace('//', '/', $ad . $anadizin . '.htaccess'); if (file_exists($ad)) { $htaccess = file_get_contents($ad); $htaccess = explode('ReWriteBase', $htaccess); if (count($htaccess) == 2) { $htaccess[1] = end(explode("\n", $htaccess[1], 2)); $htaccess = implode('ReWriteBase ' . $anadizin . "\n", $htaccess); file_put_contents($ad, $htaccess); } } } $q = $db->query("SELECT id FROM sosyal WHERE sid = {$_SESSION['sid']}"); while ($r = current($q->fetch_assoc())) { if ($_POST['sil_' . $r]) { $db->query("DELETE FROM sosyal WHERE id = {$r}");
/* ** Basit Blog 1.0.0 ** https://github.com/hozakar/basitblog ** ** Copyright 2014, Hakan Özakar ** http://beltslib.net ** ** CC0 1.0 Universal Licence ile lisanslanmıştır ** https://creativecommons.org/publicdomain/zero/1.0/ */ include "yonetim/inc/sistem/functions.php"; if ($_POST['yorum']) { $mid = current($db->query("SELECT id FROM makaleler WHERE url = '{$_REQUEST['url']}'")->fetch_row()); if ($mid) { $db->query("INSERT INTO yorumlar (mid, yorum, isim, eposta, web) VALUES(\n {$mid},\n '" . sql_filtre(htmlspecialchars(s_addslashes($_POST['yorum']))) . "',\n '" . sql_filtre(htmlspecialchars(s_addslashes($_POST['isim']))) . "',\n '" . sql_filtre(htmlspecialchars(s_addslashes($_POST['eposta']))) . "',\n '" . sql_filtre(htmlspecialchars(s_addslashes($_POST['web']))) . "'\n )"); } header('location: ' . $site->sb['anadizin'] . $_REQUEST['url'] . '.html'); return; } if ($_REQUEST['url']) { $site->makale($_REQUEST['url']); $dosya = getDir('index.php') . "yonetim/sablon/" . $site->url['sablon']; } else { $dosya = getDir('index.php') . "yonetim/sablon/" . $anasayfasablon; } /* Log tutalım ileride lazım olur... */ $log_sayfa = 'anasayfa'; if ($_GET['ara']) { $log_sayfa = 'arama'; $log_terim = $_GET['ara'];