Kopanel e sifre degiştirme bölümü eklemek (yardim)

[cezaaka]

Arkadaslar Kopanelimi Theme edit ile yaptım ReaL-DragoN Empire bakabilirsiniz

Sormak istedigim sifre degistirme işlemi icin bi bölüm acmak fakat güvenlik soırusu gibi seyler vardı digerlerinde sonucta bunu nasıl ayarlıcam account alırken sonucta yoktu oto üyelik oldugu icin?? yada sadece id ve eski şifresinin onayını aldıgı bi php kodu söleyebilirmisiniz??

 

[AraneL]

Cevap: Kopanel e sifre degiştirme bölümü eklemek (yardim)

Daha dün kendi panelime koydum

sifre.php

                                        <FORM ACTION="sifre2.php" METHOD="POST">
            <table width="100%" border="0" cellpadding="2" cellspacing="0">
  <tr>
    <th colspan="2"><div align="center"></div></th>
    </tr>
  <tr>
    <td width="50%"><div align="right">
      <div align="right"><strong>ID : </strong></div>
    </div></td>
    <td width="50%"><input type="TEXT" name="ID" maxlength="12" /></td>
  </tr>
  <tr>
    <td><div align="right">
      <div align="right"><strong>Eski Şifre : </strong></div>
    </div></td>
    <td><input type="PASSWORD" name="old_passw"  maxlength="21" id="old_passw"/></td>
  </tr>
  <tr>
    <td><div align="right">
      <div align="right"><strong>Yeni Sifre : </strong></div>
    </div></td>
	<td><input type="PASSWORD" name="new_pass"  maxlength="8"/></td>
	</tr>
  <tr>
   	<td><div align="right">
   	  <div align="right"><strong>Yeni Sifre (onay) : </strong></div>
   	</div></td>
	<td><input type="PASSWORD" name="new_pass_onay" maxlength="8" /></td>
	</tr>
  <tr>
    <td>&nbsp;</td>
    <td><input name="SUBMIT" type="SUBMIT" value="DEGISTIR" />
    <input name="RESET" type="RESET" value="RESET" /></td>
  </tr>
</table>
</FORM>

	</table>
</div>

sifre2.php

<?
include("settings.php");
	$msconnect=odbc_connect("$dbname","$dbuser","$dbpass");
	$oldpassword = $_POST['old_passw'];
	$newpassword = $_POST['new_pass'];
	$newpassword_onay = $_POST['new_pass_onay'];
	$getoldpw = odbc_exec ($msconnect, "SELECT strPasswd FROM TB_USER WHERE strAccountId = '".$_POST['ID']."'");
	$oldpw=odbc_result($getoldpw, 1);
	
		if ($oldpassword == $oldpw) {
			if ($newpassword != $newpassword_onay) {
				$changePassword = "<center>
				  Yazdiginiz Sifreler Birbiriyle Uyusmuyor!..<a class=style1 href='sifre.php'>Tekrar Deneyin</a>
				</center>";
			} else {
				$msteste="SELECT COUNT(strACcountID) FROM TB_USER WHERE strACcountID = '".$_POST['ID']."'";
				$msresul=odbc_exec($msconnect,$msteste) or die($lang[27]);
				odbc_fetch_row($msresul);
				if (odbc_result($msresul,1) > 0) {
					$mschange = "UPDATE TB_USER SET strPasswd = '".$newpassword."' WHERE strAccountID = '".$_POST['ID']."'";
					$msresul=odbc_exec($msconnect,$mschange) or die($lang[27]);
					$changePassword = "<center>
					  Sifreniz Basariyla Degisti ".$_POST['ID']." <br />
Anasayfaya Dönmek için <a class=style1 href='sifre.php'>Tiklayin.</a>
					</center>";
				}
				 else {
					$changePassword = "<center>
					  Yanlis Sifre ! <a class=style1 href='sifre.php'>Tekrar Deneyin</a>
					</center>";
				}
			}
}else {
					$changePassword = "<center>
					  Yanlis Sifre ! <a class=style1 href='sifre.php'>Tekrar Deneyin</a>
					</center>";
				}

			echo $changePassword;
?>
                                  
                                  </td>
                                </tr>
	</table>
</div>

Template giydirmelerini kendin yaparsın artık

 

[cezaaka]

Cevap: Kopanel e sifre degiştirme bölümü eklemek (yardim)

kardeşim tşk ederim ama şöle bi hata alıyorum..

Warning: odbc_connect() [function.odbc-connect]: SQL error: [Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified, SQL state IM002 in SQLConnect in C:\AppServ\www\real\sifre2.php on line 3

Warning: odbc_exec(): supplied argument is not a valid ODBC-Link resource in C:\AppServ\www\real\sifre2.php on line 7

Warning: odbc_result(): supplied argument is not a valid ODBC result resource in C:\AppServ\www\real\sifre2.php on line 8

 

[AraneL]

Cevap: Kopanel e sifre degiştirme bölümü eklemek (yardim)

sayfaların ustune

<?
include('settings.php');
?>

ayar dosyanı tanıt

 

[4ChinG ..]

Cevap: Kopanel e sifre degiştirme bölümü eklemek (yardim)

Yanlış şifre diyor sürekli ? hö

 

[Khaimara]

Cevap: Kopanel e sifre degiştirme bölümü eklemek (yardim)

Sifre.php

<?
include('settings.php');
?>

<link href="style66.css" rel="stylesheet" type="text/css" />
<script src="Scripts/swfobject_modified.js" type="text/javascript"></script>
<?php
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///K2D v.1 Kopanel Coder by K2D MSN : [email protected] Tüm Haklary Ortada.///
/////////////////////////www.ironko.com////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
//K2D v.1 KOPanel//
?>
<? include 'settings.php'; 
include 'include/anti_inject.php';
?>
<? 
if ($floodkorumasi == 1) {
require_once ( 'class.floodblocker.php' );
 $flb = new FloodBlocker ( 'cache/' );
 $flb->rules = array (
    10=>10,
    60=>30,
    300=>50,
    3600=>200
  );
    if ( ! $flb->CheckFlood ( ) )
    die ( 'Asiri Yüklendiniz. Lütfen Tekrar Deneyin.' );
	}
?>
<? include ("include/functions.php"); ?>
<?php error_reporting(E_ALL ^ E_NOTICE); ?>
<?
include('settings.php');
$msconnect=odbc_connect("$dbname","$dbuser","$dbpass");

$karussay = odbc_exec($msconnect,"Select count(*) FROM USERDATA Where Nation=1");
$humansay = odbc_exec($msconnect,"Select count(*) FROM USERDATA Where Nation=2");
$karus = odbc_result($karussay,1);
$human = odbc_result($humansay,1);

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=windows-1254" />
<title><? echo ($name); ?></title>
<meta name="">
<link href="def.css" rel="stylesheet" type="text/css" />
<script src="Scripts/swfobject_modified.js" type="text/javascript"></script>
<style type="text/css">
<!--
.style28 {color: #FF9900;
	font-size: 10px;
	font-family: Arial, Helvetica, sans-serif;
	font-weight: bold;
}
.style2 {color: #FFFFFF;
	font-size: 10px;
	font-family: Arial, Helvetica, sans-serif;
	font-weight: bold;
}
.style22 {font-family: Arial, Helvetica, sans-serif; font-weight: bold; color: #FF0000; font-size: 10px; padding-left: 5px; }
.style30 {
	color: #FFFFFF;
	font-size: 12px;
	font-family: Arial, Helvetica, sans-serif;
}

-->
</style>
</head>
<body>                                 
                                        <FORM ACTION="sifre2.php" METHOD="POST">
            <table width="100%" border="0" cellpadding="2" cellspacing="0">
  <tr>
    <td colspan="2" align="right"><div align="center">
      <object id="FlashID" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="84" height="20">
        <param name="movie" value="swf/sifredegis.swf">
        <param name="quality" value="high">
        <param name="wmode" value="opaque">
        <param name="swfversion" value="7.0.70.0">
        <!-- This param tag prompts users with Flash Player 6.0 r65 and higher to download the latest version of Flash Player. Delete it if you don’t want users to see the prompt. -->
        <param name="expressinstall" value="Scripts/expressInstall.swf">
        <param name="BGCOLOR" value="#000000">
        <!-- Next object tag is for non-IE browsers. So hide it from IE using IECC. -->
        <!--[if !IE]>-->
        <object type="application/x-shockwave-flash" data="swf/sifredegis.swf" width="84" height="20">
          <!--<![endif]-->
          <param name="quality" value="high">
          <param name="wmode" value="opaque">
          <param name="swfversion" value="7.0.70.0">
          <param name="expressinstall" value="Scripts/expressInstall.swf">
          <param name="BGCOLOR" value="#000000">
          <!-- The browser displays the following alternative content for users with Flash Player 6.0 and older. -->
          <div>
            <h4>Content on this page requires a newer version of Adobe Flash Player.</h4>
            <p><a href="http://www.adobe.com/go/getflashplayer"><img src="http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif" alt="Get Adobe Flash player" /></a></p>
            </div>
          <!--[if !IE]>-->
          </object>
        <!--<![endif]-->
        </object>
    </div></td>
    </tr>
  <tr>
    <td width="40%"><div align="right">
      <div align="right"><font size="1" color="#666666"></a><span class="style2">ID :&nbsp; </div>

    </div></td>
    <td width="60%"><input type="TEXT" name="ID" maxlength="15" /></td>
  </tr>
  <tr>
    <td><div align="right">
      <div align="right"><font size="1" color="#666666"></a><span class="style2">Eski Şifre :&nbsp; </div>
    </div></td>
    <td><input type="PASSWORD" name="old_passw"  maxlength="21" id="old_passw"/></td>

  </tr>
  <tr>
    <td><div align="right">
      <div align="right"><font size="1" color="#666666"></a><span class="style22">Yeni Şifre :&nbsp; </div>
    </div></td>
	<td><input type="PASSWORD" name="new_pass"  maxlength="21"/></td>
	</tr>
  <tr>

   	<td><div align="right">
   	  <div align="right"><font size="1" color="#666666"></a><span class="style22">Yeni Şifre (onay) : </div>
   	</div></td>
	<td><input type="PASSWORD" name="new_pass_onay" maxlength="21" /></td>
	</tr>
  <tr>
    <td>&nbsp;</td>
    <td><input name="SUBMIT" type="SUBMIT" value="DEĞIŞTIR" />

    <input name="RESET" type="RESET" value="RESET" /></td>
  </tr>
</table>
</FORM>

	</table>
</div>



<script type="text/javascript">
<!--
swfobject.registerObject("FlashID");
//-->
</script>
</body>

Sifre2.php

<?
include('settings.php');
?>

<link href="style66.css" rel="stylesheet" type="text/css" />
<body>
                                  
                                  <?
include("settings.php");
	$msconnect=odbc_connect("$dbname","$dbuser","$dbpass");
	$oldpassword = $_POST['old_passw'];
	$newpassword = $_POST['new_pass'];
	$newpassword_onay = $_POST['new_pass_onay'];
	$getoldpw = odbc_exec ($msconnect, "SELECT strPasswd FROM TB_USER WHERE strAccountId = '".$_POST['ID']."'");
	$oldpw=odbc_result($getoldpw, 1);
	
		if ($oldpassword == $oldpw) {
			if ($newpassword != $newpassword_onay) {
				$changePassword = "<center>
				  Yazdiginiz Sifreler Birbiriyle Uyusmuyor!..<a class=style1 href='sifre.php'>Tekrar Deneyin</a>
				</center>";
			} else {
				$msteste="SELECT COUNT(strACcountID) FROM TB_USER WHERE strACcountID = '".$_POST['ID']."'";
				$msresul=odbc_exec($msconnect,$msteste) or die($lang[27]);
				odbc_fetch_row($msresul);
				if (odbc_result($msresul,1) > 0) {
					$mschange = "UPDATE TB_USER SET strPasswd = '".$newpassword."' WHERE strAccountID = '".$_POST['ID']."'";
					$msresul=odbc_exec($msconnect,$mschange) or die($lang[27]);
					$changePassword = "<center>
					  Sifreniz Basariyla Degisti ".$_POST['ID']." <br />
Anasayfaya Dönmek için <a class=style1 href='sifre.php'>Tiklayin.</a>
					</center>";
				}
				 else {
					$changePassword = "<center>
					  Yanlis Sifre ! <a class=style1 href='sifre.php'>Tekrar Deneyin</a>
					</center>";
				}
			}
}else {
					$changePassword = "<center>
					  Yanlis Sifre ! <a class=style1 href='sifre.php'>Tekrar Deneyin</a>
					</center>";
				}

			echo $changePassword;
?>
                                  
                                  </td>
                                </tr>
	</table>
</div>



</body>

class.floodblocker.php

<?php
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
///K2D v.1 Kopanel Coder by K2D MSN : [email protected] Tüm Hakları Ortada.///
/////////////////////////www.ironko.com////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
// www.ironko.com
// ----------------------------------------------------------------------------
//
// class.floodblocker.php - FloodBlocker class, ver.0.01 (April 15, 2005)
//
// Description:
//   Class allowing to protect the scripts from flooding and to prevent
//   automatic download of the site from single IP.
//
// Author:
//   Vagharshak Tozalakyan <[email protected]>
//   This module was written by author on its leasure time.
//
// Warning:
//   This class is non commercial, non professional work. It should not have
//   unexpected results. However, if any damage is caused by this class the
//   author can not be responsible. The use of this class is at the risk of
//   the user.
//
// Requirements:
//   PHP >= 4.1.0
//
// ----------------------------------------------------------------------------


// Errors and warnings

define ( 'E_TMP_DIR',    'Incorrect temprorary directory specified.' );
define ( 'E_IP_ADDR',    'Incorrect IP address specified.' );
define ( 'E_LOG_FILE',   'Log file access error! Check permissions to write.' );
define ( 'E_CRON_FNAME', 'The name of cron file must begin with dot.' );
define ( 'E_CRON_FILE',  'Cron file access error! Check permissions to write.' );
define ( 'E_CRON_JOB',   'Unable to perform the cron job.' );


// Class definition

class FloodBlocker
{
  var $logs_path;
  var $ip_addr;
  var $rules;
  var $cron_file;
  var $cron_interval;

  // After how many of seconds to consider a file as old? By default the files
  // will consider as old after 7200 secs (2 hours).
  var $logs_timeout;


  /*
    Description:
      Class constructor.
    Prototype:
      void FloodBlocker ( string logs_path, string ip = '' )
    Parameters:
      logs_path - the directory where log files will be saved
      ip - the ip address of the current connection,
           $_SERVER['REMOTE_ADDR'] will be used if ip=''
  */
  function FloodBlocker ( $logs_path, $ip = '' )
  {

    if ( ! is_dir ( $logs_path ) )
      trigger_error ( E_TMP_DIR, E_USER_ERROR );

    $logs_path = str_replace ( '\\', '/', $logs_path );
    if ( substr ( $logs_path, -1 ) != '/' )
      $logs_path .= '/';

    $this->logs_path = $logs_path;

    if ( empty ( $ip ) )
      $ip = $_SERVER['REMOTE_ADDR'];

    $ip = ip2long ( $ip );
    if ( $ip == -1 || $ip === FALSE )
      trigger_error ( E_IP_ADDR, E_USER_ERROR );

    $this->ip_addr = $ip;

    $this->rules = array ( );
    $this->cron_file = '.time';
    $this->cron_interval = 1800;  // 30 minutes
    $this->logs_timeout = 7200;  // 2 hours

  }


  /*
    Description:
      Used to check flooding. Generally this function acts as private method
      and will be called internally by public methods. However, it can be called
      directly when storing logs in db.
    Prototype:
      bool RawCheck ( array &info )
    Parameters:
      info - $interval=>$time, $interval=>$count array
    Return:
      FALSE if flood detected, otherwise - TRUE.
  */
  function RawCheck ( &$info )
  {

    $no_flood = TRUE;

    foreach ( $this->rules as $interval=>$limit )
    {
      if ( ! isset ( $info[$interval] ) )
      {
        $info[$interval]['time'] = time ( );
        $info[$interval]['count'] = 0;
      }

      $info[$interval]['count'] += 1;

      if ( time ( ) - $info[$interval]['time'] > $interval )
      {
        $info[$interval]['count'] = 1;
        $info[$interval]['time'] = time ( );
      }

      if ( $info[$interval]['count'] > $limit )
      {
        $info[$interval]['time'] = time ( );
        $no_flood = FALSE;
      }

      // The following two lines can be used for debugging
      // echo $info[$interval]['count'].'  ';
      // echo $info[$interval]['time'].'<br>';

    }  // foreach

    return $no_flood;

  }


  /*
    Description:
      Checks flooding. Must be called after setting up all necessary properties.
    Prototype:
      bool CheckFlood ( )
    Return:
      FALSE if flood detected, otherwise - TRUE.
  */
  function CheckFlood ( )
  {

    $this->CheckCron ( );

    $path = $this->logs_path . $this->ip_addr;

    if ( ! ( $f = fopen ( $path, 'a+' ) ) )
      trigger_error ( E_LOG_FILE, E_USER_ERROR);

    flock ( $f, LOCK_EX );

    $info = fread ( $f, filesize ( $path ) + 10 );
    $info = unserialize( $info );

    $result = $this->RawCheck ( $info );

    ftruncate ( $f, 0 );
    fwrite ( $f, serialize( $info ) );
    fflush ( $f );

    flock($f, LOCK_UN);

    fclose($f);

    return $result;

  }


  /*
    Description:
      Checks the cron file and calls CronJob() to delete old entries from logs
      directory if the time-out is reached.
    Prototype:
      void CheckCron ( )
  */
  function CheckCron ( )
  {

    if ( substr ( $this->cron_file, 0, 1 ) != '.' )
    {
      trigger_error ( E_CRON_FNAME, E_USER_WARNING );
      return;
    }

    $path = $this->logs_path . $this->cron_file;

    if ( ! ( $f = fopen ( $path, 'a+' ) ) )
    {
      trigger_error ( E_CRON_FILE, E_USER_WARNING );
      return;
    }

    flock ( $f, LOCK_EX );

    $last_cron = fread ( $f, filesize ( $path ) + 10 );
    $last_cron = abs ( intval ( $last_cron ) );

    if ( time ( ) - $last_cron > $this->cron_interval )
    {
      $this->CronJob ( );
      $last_cron = time ( );
    }

    ftruncate ( $f, 0 );
    fwrite ( $f, $last_cron );
    fflush ( $f );

    flock ( $f, LOCK_UN );

    fclose ( $f );

  }


  /*
    Description:
      Deletes all old files from logs directory, except the files starting
      with dot.
    Prototype:
      void CronJob ( )
  */
  function CronJob ( )
  {

    $path = $this->logs_path;

    if ( ! ( $dir_hndl = opendir ( $this->logs_path ) ) )
    {
      trigger_error ( E_CRON_JOB, E_USER_WARNING);
      return;
    }

    while ( $fname = readdir ( $dir_hndl ) )
    {
      if ( substr( $fname, 0, 1 ) == '.' )
        continue;
      clearstatcache ( );
      $ftm = filemtime ( $path . $fname );
      if ( time ( ) - $ftm > $this->logs_timeout )
        @unlink ( $path . $fname );
    }

    closedir ( $dir_hndl );

  }

}  // end of class definition



/*
  $flb = new FloodBlocker ( 'example/tmp-ips/' );
  $flb->rules = array ( 10=>5 );
  $res = $flb->CheckFlood ( );
  if ( $res )
    echo 'Succeed!';
  else
    die ( 'Too many requests! Please try later.' );
*/

?>

anti_inject.php

<?php
// www.ironko.com
// [email protected] / [email protected] / [email protected] //
function test($tekst)
{
	$tekst = strtolower($tekst);
	$helpTekst = $tekst;
	$tekst = strip_tags($tekst);
	$banlist = array ("'", ";", "%", "$", "-", ">", "drop", "\"", "<", "\\", "|", "/", "=", "echo", "insert", "select", "update", "delete", "distinct", "having", "truncate", "replace", "handler", "like", "procedure", "limit", "order by", "group by", "asc", "desc", "union", "include", "userdata", "tb_user", "account_char");
	$tekst = str_replace($banlist, " ", $tekst);
	$tekst = trim($tekst);
	if (strcmp($helpTekst,$tekst)) filelogs('attack_log', $helpTekst);
	return($tekst);
}

function test_link($linkx)
{
	$linkx = strtolower($linkx);
	$helpLink = $linkx;
	$linkx = strip_tags($linkx);
	$banlist = array ("'", ";", "%", "$", "-", ">", "drop", "\"", "<", "\\", "|", "=", "echo", "insert", "select", "update", "delete", "distinct", "having", "truncate", "replace", "handler", "like", "procedure", "limit", "order by", "group by", "asc", "desc", "union", "include", "userdata", "tb_user", "account_char");
	$linkx = str_replace($banlist, " ", $linkx);
	$linkx = trim($linkx);
	if (strcmp($helpLink,$linkx)) 
	{
		return true;
	}else return false;	
}

?>
<?php

  $gokaykarak = $_SERVER['QUERY_STRING'];
  $wormkoruyucu = array('chr(', 'chr=', 'chr%20', '%20chr', 'wget%20', '%20wget', 'wget(',
 			       'cmd=', '%20cmd', 'cmd%20', 'rush=', '%20rush', 'rush%20',
                   'union%20', '%20union', 'union(', 'union=', 'echr(', '%20echr', 'echr%20', 'echr=',
                   'esystem(', 'esystem%20', 'cp%20', '%20cp', 'cp(', 'mdir%20', '%20mdir', 'mdir(',
                   'mcd%20', 'mrd%20', 'rm%20', '%20mcd', '%20mrd', '%20rm',
                   'mcd(', 'mrd(', 'rm(', 'mcd=', 'mrd=', 'mv%20', 'rmdir%20', 'mv(', 'rmdir(',
                   'chmod(', 'chmod%20', '%20chmod', 'chmod(', 'chmod=', 'chown%20', 'chgrp%20', 'chown(', 'chgrp(',
                   'locate%20', 'grep%20', 'locate(', 'grep(', 'diff%20', 'kill%20', 'kill(', 'killall',
                   'passwd%20', '%20passwd', 'passwd(', 'telnet%20', 'vi(', 'vi%20',
                   'insert%20into', 'select%20', 'nigga(', '%20nigga', 'nigga%20', 'fopen', 'fwrite', '%20like', 'like%20',
                   '$_request', '$_get', '$request', '$get', '.system', 'HTTP_PHP', '&aim', '%20getenv', 'getenv%20',
                   'new_password', '&icq','/etc/password','/etc/shadow', '/etc/groups', '/etc/gshadow',
                   'HTTP_USER_AGENT', 'HTTP_HOST', '/bin/ps', 'wget%20', 'uname\x20-a', '/usr/bin/id',
                   '/bin/echo', '/bin/kill', '/bin/', '/chgrp', '/chown', '/usr/bin', 'g\+\+', 'bin/python',
                   'bin/tclsh', 'bin/nasm', 'perl%20', 'traceroute%20', 'ping%20', '.pl', '/usr/X11R6/bin/xterm', 'lsof%20',
                   '/bin/mail', '.conf', 'motd%20', 'HTTP/1.', '.inc.php', 'config.php', 'cgi-', '.eml',
                   'file\://', 'window.open', '<SCRIPT>', 'javascript\://','img src', 'img%20src','.jsp','ftp.exe',
                   'xp_enumdsn', 'xp_availablemedia', 'xp_filelist', 'xp_cmdshell', 'nc.exe', '.htpasswd',
                   'servlet', '/etc/passwd', 'wwwacl', '~root', '~ftp', '.js', '.jsp', 'admin_', '.history',
                   'bash_history', '.bash_history', '~nobody', 'server-info', 'server-status', 'reboot%20', 'halt%20',
                   'powerdown%20', '/home/ftp', '/home/www', 'secure_site, ok', 'chunked', 'org.apache', '/servlet/con',
                   '<script', '/robot.txt' ,'/perl' ,'mod_gzip_status', 'db_mysql.inc', '.inc', 'select%20from',
                   'select from', 'drop%20', '.system', 'getenv', 'http_', '_php', 'php_', 'phpinfo()', '<?php', '?>', 'sql=');

  $wormyakala = str_replace($wormkoruyucu, '*', $gokaykarak);

  if ($gokaykarak != $wormyakala)
    {
      $kayit1 = $_SERVER['REMOTE_ADDR'];
      $kayit2 = $_SERVER['HTTP_USER_AGENT'];


      die( "<center><h1><b>Saldiri Tespit Edildi!</b></h1> <br /><br /><b>Isleminiz Engellenmis, Bilgileriniz Resmi Kurumlara İletilmiştir ;</b><br />$kayit1 - $kayit2" );
    }

//Bitis

?>
</body>

Function.php

<?
function getNation($nation) {
	if ($nation == 1) {
		$nation = '<img src="images/karus.gif">';
	} elseif ($nation == 2) {
		$nation = '<img src="images/elmo.gif">';
	}

	return $nation;
}

function getClass($class) {
	global $lang;

	$class3 = $class;
	$class2 = $class;

	if ($class == 105) {
		$class2 = $lang['warrior'];
	}
	if ($class == 107) {
		$class2 = $lang['rogue'];
	}
	if ($class == 109) {
		$class2 = $lang['mage'];
	}
	if ($class == 111) {
		$class2 = $lang['priest'];
	}
	if ($class == 205) {
		$class2 = $lang['warrior'];
	}
	if ($class == 207) {
		$class2 = $lang['rogue'];
	}
	if ($class == 209) {
		$class2 = $lang['mage'];
	}
	if ($class == 211) {
		$class2 = $lang['priest'];
	}
	if ($class2 == $class3) {
		$class2 = 'Newbie';
	}

	return $class2;
}

?>

Sorunsuz bir şekilde kullanabilirsin bir sorun çıkarsa yardımcı olurum.