API tools faq
paste
Guest User

Untitled

a guest
Jun 10th, 2017
48
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 5.60 KB | None | 0 0
raw download clone embed print report
  1. <?php if(!defined("SADECE_INDEX")){ die("Buraya giriş izniniz yoktur."); exit;}
  2.  
  3. Class Database {
  4.  
  5.     function __construct(){
  6.  
  7.         $this->mysqlConnect();
  8.        
  9.  /********************************************* Sokarım *********************************************/
  10. $url_denied = array(
  11.    '/bin', '/../', '../../', '/usr', '/etc', '/boot', '/dev', '/perl', '/initrd', '/lost+found', '/mnt', '/proc', '/root', '/sbin', '/cgi-bin', '/tmp', '/var',
  12.    'ps%20', 'wget%20', 'uname%20-a', '/chgrp', 'chgrp%20', '/chown', 'chown%20', '/chmod', 'chmod%20', 'md%20', 'mdir', 'rm%20', 'rmdir%20', 'mv%20', 'tftp%20', 'ftp%20', 'telnet%20', 'ls%20',
  13.    'gcc%20-o', 'cc%20', 'cpp%20', 'g++%20', 'python%20', 'tclsh8%20', 'nasm%20', 'perl%20', 'traceroute%20', 'nc%20', 'nmap%20', '%20-display%20', 'lsof%20',
  14.    '.conf', '.htgroup', '.htpasswd', '.htaccess', '.history', '.bash_history',
  15.    '/rksh', '/bash', '/zsh', '/csh', '/tcsh', '/rsh', '/ksh', '/icat', 'document.domain(',
  16.    '/....', '..../', 'cat%20', '/*%0a.pl',
  17.    '/server-status', 'chunked', '/mod_gzip_status',
  18.    'cmdd=', 'http://', 'exec', 'passthru', 'cmd', 'fopen', 'exit', 'fwrite',
  19.    '<script', '/script>', '<?', '?>', 'javascript://', 'img src=',
  20.    'phpbb_root_path=', 'sql=', 'delete%20', '%20delete', 'drop%20', '%20drop', 'insert into', 'select%20', '%20select', 'union%20', '%20union', 'union(',
  21.    'chr%20', 'chr(', 'http_', 'http', 'txt?', 'gif?', 'jpg?', 'dat?', '_http', 'php_', '_php', '_global', 'global_', 'global[', '_globals', 'globals_', 'globals[', '_server', 'server_', 'server[',
  22.    '$_request', '$_get', '$request', '$get', '\'', '/*', '+union', '/**/select',
  23. );
  24. $_server = isset($_SERVER) && !empty($_SERVER) ? '_SERVER' : 'HTTP_SERVER_VARS';
  25. $_env = isset($_ENV) && !empty($_ENV) ? '_ENV' : 'HTTP_ENV_VARS';
  26. if ( ($url_request = !empty(${$_server}['QUERY_STRING']) ? ${$_server}['QUERY_STRING'] : (!empty(${$_env}['QUERY_STRING']) ? ${$_env}['QUERY_STRING'] : getenv('QUERY_STRING'))) )
  27. {
  28.    $url_request = preg_replace('/([\s]+)/', '%20', strtolower($url_request));
  29.    $url_checked = preg_replace('/[\n\r]/', '', str_replace($url_denied, '', $url_request));
  30.    if ( $url_request != $url_checked )
  31.    {       $remote_addr = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );
  32.         $message = "Tarih: " . Date('D d M Y G:i', time()) . "\r\n ";
  33.         $message .= "Sorgulanan Baglanti: " . $HTTP_SERVER_VARS['PHP_SELF'] . '?' . $url_request . "\r\n ";
  34.         $message .= "IP: " . $remote_addr . "\r\n";
  35.            $message .= "___________________________________________\r\n";
  36.      $handle =fopen('attack_log.txt', 'a');
  37.      fwrite($handle,$message);
  38.      fclose($handle);
  39.      
  40.      
  41.       die('<script>location.href="'.SITE_URL.'index.php";</script>'); exit;
  42.    }
  43. }
  44. unset($_server);
  45. unset($_env);
  46.  
  47.  
  48.        
  49.        
  50.  
  51.     }
  52. /************ Dtabase ************/
  53. // Host - Sunucu IP Adresi veya "Localhost"
  54. private $_host = SERVER_IP;
  55. // Kullanıcı
  56. private $_user = MYSQL_KULLANICI;
  57. // Şifre
  58. private $_pass = MYSQL_PAROLA;
  59. // Portu
  60. private $_port = MYSQL_PORT;
  61.  
  62. /************ Genel ************/
  63.  
  64. // MySQL Bağlantısı
  65. private $_connect;
  66.  
  67. // Select
  68. private $_select;
  69. // Güncelleme
  70. private $_update;
  71. // Silme
  72. private $_delete;
  73. // Ekleme
  74. private $_insert;
  75.  
  76. // Sonuç Result
  77. private $_result = array();
  78.  
  79.     // Methodlar
  80.  
  81.  
  82.     /* MySQL Bağlantısını Sağlar */
  83.     private function mysqlConnect(){
  84.         $this->_connect = @mysql_connect($this->_host.":".$this->_port,$this->_user,$this->_pass) or die('MySQL Baglantisi Saglanamadi : '.mysql_error());
  85.  
  86.         // Databaseyi seçtirelim
  87.         $this->databaseConnect();
  88.  
  89.         // Karakter Setini Belirleyelim
  90.         $this->characterSet();
  91.     }
  92.  
  93.     /* Database Bağlantısını Sağlar */
  94.     private function databaseConnect($db_adi = 'account'){
  95.     mysql_select_db($db_adi,$this->_connect) or die('Database\'ye Baglantisi saglanamadi : '.mysql_error());
  96.     }
  97.  
  98.     /* Database Character Seti Belirler */
  99.     private function characterSet(){
  100.         $this->query("SET NAMES 'UTF8'");
  101.         $this->query("SET character_set_connection = 'UTF8'");
  102.         $this->query("SET character_set_client = 'UTF8'");
  103.         $this->query("SET character_set_results = 'UTF8'");
  104.         $this->query("SET COLLATION_CONNECTION = 'utf8_turkish_ci' ");
  105.     }
  106.  
  107.     /*
  108.     MySQL Sorgu Tutucu
  109.     * @param string $sql Cümlesi
  110.     * @return string veri
  111.     */
  112.     public function query($sql,$bool = false){
  113.         return @mysql_query($sql);
  114.     }
  115.  
  116.     /*
  117.     Database'den 1 tane veri çeker
  118.     * @param string Sql Sorgu Cümlesi
  119.     * @return string veri
  120.     */
  121.     public function fetch($sql){
  122.  
  123.         return @mysql_fetch_object($sql);
  124.  
  125.     }
  126.    
  127.  
  128.     /*
  129.     Database'den 1 tane veri çeker
  130.     * @param string Sql Sorgu Cümlesi
  131.     * @return string veri
  132.     */
  133.     public function fetch2($sql){
  134.  
  135.         return @mysql_fetch_array($sql);
  136.  
  137.     }
  138.  
  139.  
  140.     /*
  141.     Database'den 1 den fazla veri çeker
  142.     * @param string Sql Sorgu Cümlesi
  143.     * @return string veri
  144.     */
  145.     public function fetchAll($sql){
  146.  
  147.         while($row = $this->query($sql,true)){
  148.         $this->_result[] = $row;
  149.         }
  150.         return $this->_result;
  151.     }
  152.  
  153.  
  154.  
  155.     /// Veri Sayma işlemi yapıyor
  156.     public function rowCount($sql){
  157.    
  158.     return @mysql_num_rows($sql);
  159.    
  160.     }
  161.  
  162.     // Mysql insert id fonksiyonu en son eklenen verinin idsi
  163.    
  164.     public function insert_id(){
  165.     return mysql_insert_id();
  166.     }
  167.  
  168.     public function affected_rows(){
  169.     return mysql_affected_rows();
  170.     }
  171.  
  172.     // Closs'ın Bitişi MySQL işlemleri tamamlandıkatn sonra kapat.
  173.     function __destruct(){
  174.         if(isset($this->_connect) ){
  175.             return @mysql_close($this->_connect);
  176.         }
  177.  
  178.     }
  179.  
  180. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!