0
Kayıt Ol

Sql açıgı Gidermek Yardım

5

646

  • 21-12-2008, 20:04:46
    #1
    karker
    karker
    Üyeliği durduruldu
    arkadaslar asagıdaki kod'da sql açıgı var tam olarak kapatabilir misiniz!
    Şerefsiin biri sürekli katagorileri hackliyor yardım eden biri warmi?
    <?php

session_start();



//$_SESSION['login_pass'] = $login_pass;

//$_SESSION['login_user'] = $login_user;



session_register("login_pass");

session_register("login_user");

include "baglan.php";



$tablo_login = "SELECT * FROM login WHERE user = '$login_user' AND pass = '$login_pass' ";

$sorgu_login = mysql_query($tablo_login);

$pass = @mysql_result($sorgu_login, 0, "pass");





if(mysql_num_rows($sorgu_login) > 0) {

    header("Location: giris.php");

}



$tablo_login = "SELECT * FROM login";

$sorgu_login = mysql_query($tablo_login);

if(empty($HTTP_POST_VARS)) {

include "head.php";

?>

<body  leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">

<br>

<FORM METHOD="POST" ACTION="index.php">

<table width="400" background="images/bg50.jpg" border="0" align="center" cellpadding="2" cellspacing="2">

 <tr>

    <td align="center" background="images/bg50.jpg"><img src="images/logogiris.jpg" width="400" height="100"></td>

 </tr>

</table>



<table width="400" background="images/bg50.jpg" border="0" align="center" cellpadding="2" cellspacing="2">

 

  <tr>

    <td colspan="2" background="images/bg30.jpg" height="30" align="center"><b>Yönetim Paneli Girisi</b></td>

    

  </tr>

  <tr>

    <td ><b>Kullanici Adi</b></td>

    <td ><input class="input" name="user" type="text" id="kullanici_adi" size="25"></td>

  </tr>

  <tr>

    <td><b>Sifre</b></td>

    <td><input class="input" name="pass" type="password" id="sifre" size="10">

      <input class="buton" name="giris" type="submit" id="giris" value="Giris"></td>

  </tr>

 

</table>

</FORM>

<br><br>

<center>

</center>

<?php

}else{          <-- ///özel karekter kullanmayı engelleyici kod fonksiyon bilen warsa..\\\\\

    $user = $HTTP_POST_VARS["user"];    <-- ///bu alanalara dikkat \\\\\

    $pass = $HTTP_POST_VARS["pass"];    <-- ///bu alanalara dikkat\\\\\

    $pass = md5($pass);



    $tablo_login = "SELECT * FROM login WHERE user='$user' AND pass='$pass'";

    $sorgu_login = mysql_query($tablo_login);



    if(mysql_num_rows($sorgu_login) < 1) {

        header("Location: index.php");

    }else{

        $login_pass = @mysql_result($sorgu_login,0,"pass");

        //$_SESSION['login_pass'] = $login_pass;

        session_register("login_pass");

        

        $login_user = $user;

        session_register("login_user");

        

        header("Location: giris.php");

    }

    mysql_close();

}

?>
  • 21-12-2008, 20:20:01
    #2
    MC_delta_T
    MC_delta_T
    Üyeliği durduruldu
        $user = $HTTP_POST_VARS["user"];    <-- ///bu alanalara dikkat \\\\\
    $pass = $HTTP_POST_VARS["pass"];    <-- ///bu alanalara dikkat\\\\\
    yukarıdaki satıları şöyle değiştir öncelikle 

        $user= (get_magic_quotes_gpc()) ? $_POST['user'] : addslashes($_POST['user']);
$pass= (get_magic_quotes_gpc()) ? $_POST['pass'] : addslashes($_POST['pass']);
  • 21-12-2008, 21:41:57
    #3
    karker
    karker
    Üyeliği durduruldu
    Dedigini aynen yaptm: baska bisi warmidir sizce? şerefsizin biri sürekli hackliyor bende denyo lunchla saldirip sitesini kapatioyrm ama..;
    Bıktım bu adamdan;
    kodu tekrar yazım güncel sekliyle sql açıgı warsa bilen mutlaka yardım etsn lütfen

    <?php

session_start();



//$_SESSION['login_pass'] = $login_pass;

//$_SESSION['login_user'] = $login_user;



session_register("login_pass");

session_register("login_user");

include "baglan.php";



$tablo_login = "SELECT * FROM login WHERE user = '$login_user' AND pass = '$login_pass' ";

$sorgu_login = mysql_query($tablo_login);

$pass = @mysql_result($sorgu_login, 0, "pass");





if(mysql_num_rows($sorgu_login) > 0) {

	header("Location: giris.php");

}



$tablo_login = "SELECT * FROM login";

$sorgu_login = mysql_query($tablo_login);

if(empty($HTTP_POST_VARS)) {

include "head.php";

?>

<body  leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">

<br>

<FORM METHOD="POST" ACTION="index.php">

<table width="400" background="images/bg50.jpg" border="0" align="center" cellpadding="2" cellspacing="2">

 <tr>

    <td align="center" background="images/bg50.jpg"><img src="images/logogiris.jpg" width="400" height="100"></td>

 </tr>

</table>



<table width="400" background="images/bg50.jpg" border="0" align="center" cellpadding="2" cellspacing="2">

 

  <tr>

    <td colspan="2" background="images/bg30.jpg" height="30" align="center"><b>Yönetim Paneli Girisi</b></td>

    

  </tr>

  <tr>

    <td ><b>Kullanici Adi</b></td>

    <td ><input class="input" name="user" type="text" id="kullanici_adi" size="25"></td>

  </tr>

  <tr>

    <td><b>Sifre</b></td>

    <td><input class="input" name="pass" type="password" id="sifre" size="10">

      <input class="buton" name="giris" type="submit" id="giris" value="Giris"></td>

  </tr>

 

</table>

</FORM>

<br><br>

<center>

</center>

<?php

}else{

$user= (get_magic_quotes_gpc()) ? $_POST['user'] : addslashes($_POST['user']);
$pass= (get_magic_quotes_gpc()) ? $_POST['pass'] : addslashes($_POST['pass']); 

	$pass = md5($pass);



	$tablo_login = "SELECT * FROM login WHERE user='$user' AND pass='$pass'";

	$sorgu_login = mysql_query($tablo_login);



	if(mysql_num_rows($sorgu_login) < 1) {

		header("Location: index.php");

	}else{

		$login_pass = @mysql_result($sorgu_login,0,"pass");

		//$_SESSION['login_pass'] = $login_pass;

        session_register("login_pass");

		

		$login_user = $user;

        session_register("login_user");

		

		header("Location: giris.php");

	}

	mysql_close();

}

?>
  • 22-12-2008, 01:17:18
    #4
    idealist
    idealist
    Üyeliği durduruldu
    if(mysql_num_rows($sorgu_login) > 0) {
    header("Location: giris.php");

    bu bölüm olması muhtemel.
  • 22-12-2008, 18:33:14
    #5
    Dogu_Bey
    Dogu_Bey
    Üyeliği durduruldu
    cudi, Yigen Bunlarla İlgisi Yok Sen Eve Geldiğin Akşam Zaten get_magic_quotes_gpc ve addslashes Fonksiyonların Ekledim Kodlarına O Scriptin İçinde Başka Bi Yerde Açık Vardır.

    Ben Bakmayı Unuttum
    sen Buraya Kategorilerin Silindiği Yada Düzenlendiği Sayfayı Gondersene Büyük İhtimal Orda Giriş Kontrolu Yoktur Yada Başka Bi açık Vardır Orada

    bu sil.php de olabilir kategorisil.php de olabilir bilmem nede olabilir sen kategori silme linkine gore bak ve bana o dosyayı gonder buraya.

    Semih VURAL
  • 24-12-2008, 18:04:50
    #6
    karker
    karker
    Üyeliği durduruldu
    Semih abi walla 3 php dosyası var! ben yolluyorum sana bakarsın bi. Online Yardım ve Yataklık Uzmanı Semih abi
    haber_kat_duzelt.php
    <?php 
require_once("guvenlik.php");
require_once("baglan.php");
require_once("ayarlar.php");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-9">
<title>Untitled Document</title>
</head>
<?php  

 include "head.php"; ?>
<body>

<table width="800" border="0" cellspacing="0" cellpadding="0" align="center" class="anatablo">
  <tr>
    <td><?php 
	
	include "ust.php"; ?></td>
  </tr>
  <tr>
    <td>
	<?
require_once("baglan.php");
$gelen_kat = $_GET["id"];
$strSQL2 ="SELECT * FROM haber_kat WHERE id = '$gelen_kat'";
$sorgu2 =  mysql_query($strSQL2);
while ($haberkat=mysql_fetch_array ($sorgu2)){
$id2 =$haberkat["id"];
$kategori2 =$haberkat["kategori"];
$sira2 =$haberkat["sira"];
$gizle2 =$haberkat["gizle"];
}
$ekle = $_POST["ekle"];

if($ekle == "1"){

$kategori = $_POST["kategori"];
$sira = $_POST["sira"];
$gizle = $_POST["gizle"];

$sqlsorgu = "UPDATE haber_kat SET kategori = '$kategori' , sira = '$sira' , gizle = '$gizle' WHERE id = '$gelen_kat'";
mysql_query($sqlsorgu);
echo "<table align='center' width='98%' class='haberler' bgcolor='#F1FCDC'><tr><td align='center'><h1> TEBRIKLER HABER KATEGORIS DÜZENLENDI</h1></td></tr></table>";
echo "<meta http-equiv='refresh' content='3;URL=haber_kat_listele.php'>";
}
?>

<form  enctype="multipart/form-data" name="kategori_ekle" method="POST" action="haber_kat_duzelt.php?id=<?=$gelen_kat?>">
	<INPUT TYPE="hidden" name="ekle" value="1">
	<input type="hidden" name="MAX_FILE_SIZE" value="1048576">
	<table  align="center" width="98%" border="0" cellpadding="0" cellspacing="0" class="haberler">
  <tr>
     <td colspan="2" height="30" background="images/bg30.jpg"><b>HABER KATEGORISI DÜZENLE</b></td>
  </tr>
  <tr>
    <td width="120" bordercolor="#F7F3F0">Kategori Adi</td>
    <td bordercolor="#F7F3F0"><input name="kategori" type="text" size="50" maxlength="100" class="input" value="<?=$kategori2?>">      &nbsp;&nbsp;&nbsp;
	  </td>
  </tr>
	  <tr>
    <td width="120" bordercolor="#F7F3F0">Sira</td>
    <td bordercolor="#F7F3F0"><input name="sira" type="text" size="10" maxlength="3" class="input" value="<?=$sira2?>">      &nbsp;&nbsp;&nbsp;
	  </td>
	  </tr>
	  <tr>
	  <td>Durum</td>
	  <td>Göster: <input name="gizle" type="radio" value="0" checked>&nbsp;Gizle:<input name="gizle" type="radio" value="1"></td>
	  </tr>
	  <tr>
	    <td></td>
		<td><input type="submit" value="Kaydet" class="buton"></td>
	  </tr>
</table>
</form>
	</td>
  </tr>
  <tr>
    <td><?php include "alt.php"; ?></td>
  </tr>
</table>


</body>
</html>
    haber_kat_sil.php
    <?php
require_once("guvenlik.php");
require_once("baglan.php");
require_once("ayarlar.php");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<?php include "head.php"; ?>
</head>

<body>

<table width="800" border="0" cellspacing="0" cellpadding="0" align="center" class="anatablo">
  <tr>
    <td align="center"><?php include "ust.php"; ?></td>
  </tr>
  <tr>
    <td>
	<?php
	$sil = $_GET["id"];
	$sql     = "DELETE FROM haber_kat WHERE id=$sil";
        $sorgu   = mysql_query ($sql);
		echo "$sil numarali kategori sistemden silindi.";
		echo "<meta http-equiv='refresh' content='3;URL=haber_kat_listele.php'>";
	?>
	</td>
  </tr>
  <tr>
    <td><?php include "alt.php"; ?></td>
  </tr>
</table>


</body>
</html>
    haber_kat_ekle.php
    <?php 
require_once("guvenlik.php");
require_once("baglan.php");
require_once("ayarlar.php");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<?php 
include "head.php"; ?>
</head>

<body>

<table width="800" border="0" cellspacing="0" cellpadding="0" align="center" class="anatablo">
  <tr>
    <td><?php include "ust.php"; ?></td>
  </tr>
  <tr>
    <td>
	<?php $ekle = $_POST["ekle"];

if($ekle == "1"){

$kategori = $_POST["kategori"];
$sira = $_POST["sira"];

$sqlsorgu = "INSERT INTO haber_kat VALUES('','$kategori','$sira','')";
mysql_query($sqlsorgu);
echo "<table align='center' width='98%' class='haberler' bgcolor='#F1FCDC'><tr><td align='center'><h3> TEBRIKLER HABER KATEGORISI EKLENDI</h3></td></tr></table>";
echo "<meta http-equiv='refresh' content='3;URL=haber_kat_listele.php'>";
}
?>

<form  enctype="multipart/form-data" name="kategori_ekle" method="POST" action="haber_kat_ekle.php">
	<INPUT TYPE="hidden" name="ekle" value="1">
	<input type="hidden" name="MAX_FILE_SIZE" value="1048576">
	<table  align="center" width="98%" border="0" cellpadding="0" cellspacing="3" class="haberler">
  <tr>
     <td colspan="2" background="images/bg30.jpg" height="30"><b>HABER KATEGORISI EKLE</b></td>
  </tr>
  <tr>
    <td width="120" bordercolor="#F7F3F0">Kategori Adi</td>
    <td bordercolor="#F7F3F0"><input name="kategori" type="text" size="50" maxlength="100" class="input">      &nbsp;&nbsp;&nbsp;
	  </td>
  </tr>
	  <tr>
    <td width="120" bordercolor="#F7F3F0">Sira</td>
    <td bordercolor="#F7F3F0"><input name="sira" type="text" size="10" maxlength="3" class="input">      &nbsp;&nbsp;&nbsp;
	  <input type="submit"value="EKLE" class="buton"></td>
	  </tr>
</table>
</form>
	</td>
  </tr>
  <tr>
    <td><?php include "alt.php"; ?></td>
  </tr>
</table>


</body>
</html>
    haber_kat_listele.php
    <?php 
require_once("guvenlik.php");
require_once("baglan.php");
require_once("ayarlar.php");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<?php include "head.php"; ?>
</head>

<body>

<table width="800" border="0" cellspacing="0" cellpadding="0" align="center" class="anatablo">
  <tr>
    <td><?php include "ust.php"; ?></td>
  </tr>
  <tr>
    <td>
	
<table width="400" align="center" border="0" cellspacing="3" cellpadding="0" class="haberler">
  <tr>
    <td align="center" height="30" background="images/bg30.jpg"><strong>Kategori</strong></td>
    <td width="80" align="center" bgcolor="#F1FCDC" ><strong>Düzenle</strong></td>
    <td width="80" align="center" bgcolor="#DFEAFF"><strong>Listele</strong></td>
    <td width="50" align="center" bgcolor="#FFDDDD"><strong>Sil</strong></td>
  </tr>
  <?php 
  $strSQL ="SELECT * FROM haber_kat ORDER BY kategori ASC";
$sorgu =  mysql_query($strSQL);


while ($haber=mysql_fetch_array ($sorgu)){
$id =$haber["id"];
$kategori = $haber["kategori"];
  
  ?>
  <tr>
    <td><?=$kategori?></td>
    <td bgcolor="#F1FCDC" align="center"><a href="haber_kat_duzelt.php?id=<?=$id?>"><img src="images/duzenle.gif" width="15" height="15" border="0"></a></td>
    <td bgcolor="#DFEAFF" align="center"><a href="haber_listele.php?haber_kategorisi=<?=$id?>"><img src="images/listele.gif" width="14" height="15" border="0"></a></td>
    <td bgcolor="#FFDDDD" align="center"><a href="haber_kat_sil.php?id=<?=$id?>"><img src="images/sil.gif" width="16" height="15" border="0"></a></td>
  </tr>
  <?php } ?>
</table>
	</td>
  </tr>
  <tr>
    <td><?php include "alt.php"; ?></td>
  </tr>
</table>


</body>
</html>
    3 dü 4 oldu hadi hoca bi el at bunlar pek yardım etmiyor bazılar haric
    bu arada net' e girdginde msn acsan daha faydalı olur ya :d