<% if Session("durum")="giris_yapmis" then %>
<% Response.Redirect "giris_sayfasi.asp" %>
<%else %>
Şifre:
<% end if %>
<%
Set baglanti = Server.CreateObject("ADODB.Connection")
baglanti.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" &
Server.MapPath
("database/db.mdb")
%>
<%
'Sql Injection 'ı Önlemek ve HTML Kodlarını Pasif Hale Getirmek İçin
Kullanılan
Karakter Temizleme Metodu
function guvenlik(data)
data = Replace (data ,"`","",1,-1,1)
data = Replace (data ,"=","",1,-1,1)
data = Replace (data ,"&","",1,-1,1)
data = Replace (data ,"%","",1,-1,1)
data = Replace (data ,"!","",1,-1,1)
data = Replace (data ,"#","",1,-1,1)
data = Replace (data ,"<","",1,-1,1)
data = Replace (data ,">","",1,-1,1)
data = Replace (data ,"*","",1,-1,1)
data = Replace (data ,"And","",1,-1,1)
data = Replace (data ,"'","",1,-1,1)
data = Replace (data ,"Chr(34)","",1,-1,1)
data = Replace (data ,"Chr(39)","",1,-1,1)
data = Replace (data ,"select","",1,-1,1)
data = Replace (data ,"join","",1,-1,1)
data = Replace (data ,"union","",1,-1,1)
data = Replace (data ,"where","",1,-1,1)
data = Replace (data ,"insert","",1,-1,1)
data = Replace (data ,"delete","",1,-1,1)
data = Replace (data ,"update","",1,-1,1)
data = Replace (data ,"like","",1,-1,1)
data = Replace (data ,"drop","",1,-1,1)
data = Replace (data ,"create","",1,-1,1)
data = Replace (data ,"modify","",1,-1,1)
data = Replace (data ,"rename","",1,-1,1)
data = Replace (data ,"alter","",1,-1,1)
data = Replace (data ,"cast","",1,-1,1)
guvenlik=data
end function
%>
<%
If trim(guvenlik(request.form("kullanici_adi")))="" then
Response.Write
"