Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php if(!defined("SADECE_INDEX")){ die("Buraya giriş izniniz yoktur."); exit;}
- Class Database {
- function __construct(){
- $this->mysqlConnect();
- /********************************************* Sokarım *********************************************/
- $url_denied = array(
- '/bin', '/../', '../../', '/usr', '/etc', '/boot', '/dev', '/perl', '/initrd', '/lost+found', '/mnt', '/proc', '/root', '/sbin', '/cgi-bin', '/tmp', '/var',
- 'ps%20', 'wget%20', 'uname%20-a', '/chgrp', 'chgrp%20', '/chown', 'chown%20', '/chmod', 'chmod%20', 'md%20', 'mdir', 'rm%20', 'rmdir%20', 'mv%20', 'tftp%20', 'ftp%20', 'telnet%20', 'ls%20',
- 'gcc%20-o', 'cc%20', 'cpp%20', 'g++%20', 'python%20', 'tclsh8%20', 'nasm%20', 'perl%20', 'traceroute%20', 'nc%20', 'nmap%20', '%20-display%20', 'lsof%20',
- '.conf', '.htgroup', '.htpasswd', '.htaccess', '.history', '.bash_history',
- '/rksh', '/bash', '/zsh', '/csh', '/tcsh', '/rsh', '/ksh', '/icat', 'document.domain(',
- '/....', '..../', 'cat%20', '/*%0a.pl',
- '/server-status', 'chunked', '/mod_gzip_status',
- 'cmdd=', 'http://', 'exec', 'passthru', 'cmd', 'fopen', 'exit', 'fwrite',
- '<script', '/script>', '<?', '?>', 'javascript://', 'img src=',
- 'phpbb_root_path=', 'sql=', 'delete%20', '%20delete', 'drop%20', '%20drop', 'insert into', 'select%20', '%20select', 'union%20', '%20union', 'union(',
- 'chr%20', 'chr(', 'http_', 'http', 'txt?', 'gif?', 'jpg?', 'dat?', '_http', 'php_', '_php', '_global', 'global_', 'global[', '_globals', 'globals_', 'globals[', '_server', 'server_', 'server[',
- '$_request', '$_get', '$request', '$get', '\'', '/*', '+union', '/**/select',
- );
- $_server = isset($_SERVER) && !empty($_SERVER) ? '_SERVER' : 'HTTP_SERVER_VARS';
- $_env = isset($_ENV) && !empty($_ENV) ? '_ENV' : 'HTTP_ENV_VARS';
- if ( ($url_request = !empty(${$_server}['QUERY_STRING']) ? ${$_server}['QUERY_STRING'] : (!empty(${$_env}['QUERY_STRING']) ? ${$_env}['QUERY_STRING'] : getenv('QUERY_STRING'))) )
- {
- $url_request = preg_replace('/([\s]+)/', '%20', strtolower($url_request));
- $url_checked = preg_replace('/[\n\r]/', '', str_replace($url_denied, '', $url_request));
- if ( $url_request != $url_checked )
- { $remote_addr = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );
- $message = "Tarih: " . Date('D d M Y G:i', time()) . "\r\n ";
- $message .= "Sorgulanan Baglanti: " . $HTTP_SERVER_VARS['PHP_SELF'] . '?' . $url_request . "\r\n ";
- $message .= "IP: " . $remote_addr . "\r\n";
- $message .= "___________________________________________\r\n";
- $handle =fopen('attack_log.txt', 'a');
- fwrite($handle,$message);
- fclose($handle);
- die('<script>location.href="'.SITE_URL.'index.php";</script>'); exit;
- }
- }
- unset($_server);
- unset($_env);
- }
- /************ Dtabase ************/
- // Host - Sunucu IP Adresi veya "Localhost"
- private $_host = SERVER_IP;
- // Kullanıcı
- private $_user = MYSQL_KULLANICI;
- // Şifre
- private $_pass = MYSQL_PAROLA;
- // Portu
- private $_port = MYSQL_PORT;
- /************ Genel ************/
- // MySQL Bağlantısı
- private $_connect;
- // Select
- private $_select;
- // Güncelleme
- private $_update;
- // Silme
- private $_delete;
- // Ekleme
- private $_insert;
- // Sonuç Result
- private $_result = array();
- // Methodlar
- /* MySQL Bağlantısını Sağlar */
- private function mysqlConnect(){
- $this->_connect = @mysql_connect($this->_host.":".$this->_port,$this->_user,$this->_pass) or die('MySQL Baglantisi Saglanamadi : '.mysql_error());
- // Databaseyi seçtirelim
- $this->databaseConnect();
- // Karakter Setini Belirleyelim
- $this->characterSet();
- }
- /* Database Bağlantısını Sağlar */
- private function databaseConnect($db_adi = 'account'){
- mysql_select_db($db_adi,$this->_connect) or die('Database\'ye Baglantisi saglanamadi : '.mysql_error());
- }
- /* Database Character Seti Belirler */
- private function characterSet(){
- $this->query("SET NAMES 'UTF8'");
- $this->query("SET character_set_connection = 'UTF8'");
- $this->query("SET character_set_client = 'UTF8'");
- $this->query("SET character_set_results = 'UTF8'");
- $this->query("SET COLLATION_CONNECTION = 'utf8_turkish_ci' ");
- }
- /*
- MySQL Sorgu Tutucu
- * @param string $sql Cümlesi
- * @return string veri
- */
- public function query($sql,$bool = false){
- return @mysql_query($sql);
- }
- /*
- Database'den 1 tane veri çeker
- * @param string Sql Sorgu Cümlesi
- * @return string veri
- */
- public function fetch($sql){
- return @mysql_fetch_object($sql);
- }
- /*
- Database'den 1 tane veri çeker
- * @param string Sql Sorgu Cümlesi
- * @return string veri
- */
- public function fetch2($sql){
- return @mysql_fetch_array($sql);
- }
- /*
- Database'den 1 den fazla veri çeker
- * @param string Sql Sorgu Cümlesi
- * @return string veri
- */
- public function fetchAll($sql){
- while($row = $this->query($sql,true)){
- $this->_result[] = $row;
- }
- return $this->_result;
- }
- /// Veri Sayma işlemi yapıyor
- public function rowCount($sql){
- return @mysql_num_rows($sql);
- }
- // Mysql insert id fonksiyonu en son eklenen verinin idsi
- public function insert_id(){
- return mysql_insert_id();
- }
- public function affected_rows(){
- return mysql_affected_rows();
- }
- // Closs'ın Bitişi MySQL işlemleri tamamlandıkatn sonra kapat.
- function __destruct(){
- if(isset($this->_connect) ){
- return @mysql_close($this->_connect);
- }
- }
- }
Add Comment
Please, Sign In to add comment