forked from tbagriyanik/eOgr
/
soruCevapla2.php
111 lines (94 loc) · 3.15 KB
/
soruCevapla2.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php
/*
eOgr - elearning project
Developer Site: http://yunus.sourceforge.net
Demo Site: http://yunus.sourceforge.net/eogr
Source Track: http://eogr.googlecode.com
Support: http://www.ohloh.net/p/eogr
This project is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 3 of the License, or any later version. See the GNU
Lesser General Public License for more details.
*/
@session_start();
ob_start (); // Buffer output
header("Content-Type: text/html; charset=iso-8859-9");
$taraDili=(isset($_COOKIE["lng"]))?$_COOKIE["lng"]:"";
if(!($taraDili=="TR" || $taraDili=="EN")) $taraDili="EN";
if ($taraDili=="TR")
require("lib/tr.php");
elseif ($taraDili=="EN")
require("lib/en.php");
else
require("lib/en.php");
require 'database.php';
require("conf.php");
if (!check_source()) die ("<font id='hata'>$metin[295]</font>");
/*
baglan2:
veritabaný baðlantýsý
*/
function baglan2()
{
global $_host;
global $_username;
global $_password;
return @mysql_connect($_host, $_username, $_password);
}
if(!baglan2())
die("<font id='hata'> Lüften, 'veritabanı' <a href=install.php>kurulumunu (installation)</a> yapınız!</font>");
$yol1 = baglan2();
if (!@mysql_select_db($_db, $yol1))
{
die("<font id='hata'>
Veritabanı <a href=install.php>ayarlarınızı</a> yapmadınız!<br/>
You need to go to <a href=install.php>installing page</a>!<br/>
</font>");
}
/*
temizle2:
xss temizleme
*/
function temizle2($metin)
{
$metin = str_replace("&", "", $metin);
$metin = str_replace("#", "", $metin);
$metin = str_replace("%", "", $metin);
$metin = str_replace("\n", "", $metin);
$metin = str_replace("\r", "", $metin);
$metin = str_replace("'", "`", $metin);
//$metin = str_replace('"', '¨', $metin);
$metin = str_replace("\\", "|", $metin);
$metin = str_replace("<", "‹", $metin);
$metin = str_replace(">", "›", $metin);
$metin = trim(htmlentities($metin));
return $metin;
}
/*
cevapKontrol:
sayfanýn cevabýnýn kontrol edilmesi
*/
function cevapKontrol($cevap, $id)
{
global $yol1;
global $metin;
$cevap = iconv( "UTF-8","ISO-8859-9", $cevap);
$sql1 = "SELECT id FROM eo_5sayfa where UPPER(cevap)=UPPER('$cevap') and id='$id' limit 0,1";
$result1 = mysql_query($sql1, $yol1);
if ($result1 && mysql_numrows($result1) == 1)
{
$sonuc = "<span><img src='img/tick_circle.png' border='0' style=\"vertical-align: middle;\" alt=\"ok\" /> $metin[348]</span>";
$_SESSION["cevaplar"][$id] = "D";
return $sonuc;
}else {
return "<p><img src='img/error.png' border='0' style=\"vertical-align: middle;\" alt=\"error\" /> $metin[349]</p>";
}
}
/*main*/
if(isset($_POST['cevap'])&& isset($_POST['id'])) {
echo iconv( "ISO-8859-9","UTF-8", cevapKontrol(temizle2($_POST['cevap']), temizle2($_POST['id'])));
die();
} else
echo "";
?>