<% if Session("durum")="giris_yapmis" then %> <% Response.Redirect "giris_sayfasi.asp" %> <%else %>
<% end if %> <% Set baglanti = Server.CreateObject("ADODB.Connection") baglanti.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath ("database/db.mdb") %> <% 'Sql Injection 'ı Önlemek ve HTML Kodlarını Pasif Hale Getirmek İçin Kullanılan Karakter Temizleme Metodu function guvenlik(data) data = Replace (data ,"`","",1,-1,1) data = Replace (data ,"=","",1,-1,1) data = Replace (data ,"&","",1,-1,1) data = Replace (data ,"%","",1,-1,1) data = Replace (data ,"!","",1,-1,1) data = Replace (data ,"#","",1,-1,1) data = Replace (data ,"<","",1,-1,1) data = Replace (data ,">","",1,-1,1) data = Replace (data ,"*","",1,-1,1) data = Replace (data ,"And","",1,-1,1) data = Replace (data ,"'","",1,-1,1) data = Replace (data ,"Chr(34)","",1,-1,1) data = Replace (data ,"Chr(39)","",1,-1,1) data = Replace (data ,"select","",1,-1,1) data = Replace (data ,"join","",1,-1,1) data = Replace (data ,"union","",1,-1,1) data = Replace (data ,"where","",1,-1,1) data = Replace (data ,"insert","",1,-1,1) data = Replace (data ,"delete","",1,-1,1) data = Replace (data ,"update","",1,-1,1) data = Replace (data ,"like","",1,-1,1) data = Replace (data ,"drop","",1,-1,1) data = Replace (data ,"create","",1,-1,1) data = Replace (data ,"modify","",1,-1,1) data = Replace (data ,"rename","",1,-1,1) data = Replace (data ,"alter","",1,-1,1) data = Replace (data ,"cast","",1,-1,1) guvenlik=data end function %> <% If trim(guvenlik(request.form("kullanici_adi")))="" then Response.Write "


" response.end end if If trim(guvenlik(request.form("sifre")))="" then Response.Write "


" response.end end if %> <% Set rs = Server.CreateObject("Adodb.Recordset") Sorgu = "select id, kullanici_adi, sifre from uyeler where kullanici_adi = '" & guvenlik(request.form("kullanici_adi")) & "' and sifre = '" & guvenlik(Request.form ("sifre")) & "'" rs.Open Sorgu, Baglanti, 1, 3 If rs.BOF And RS.EOF Then Response.Write "


" Else Session("durum") = "giris_yapmis" Session("id") = rs("id") Session("kullanici_adi") = rs("kullanici_adi") Response.Cookies("TekTech")("kullanici_adi") = Request.Form("kullanici_adi") Response.Cookies("TekTech")("sifre") = Request.Form("sifre") Response.Cookies("TekTech").Expires = Now()+15 Response.Redirect "giris_sayfasi.asp" End If %> <% Set baglanti = Server.CreateObject("ADODB.Connection") baglanti.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("database/db.mdb") %> <% if Session("durum")="giris_yapmis" then %> <% Set rs = Server.CreateObject("Adodb.Recordset") id = Session("id") Sorgu = "Select * from uyeler where id= " & id rs.Open Sorgu, Baglanti, 1, 3 if rs.eof then Response.Write "
" else %> Kullanıcı Adı: <%=rs("kullanici_adi")%> ÇIKIŞ YAP <% end if %> <%else %>


<% end if %> <% Session("durum")="" Response.Cookies("TekTech")("kullanici_adi")="" Response.Cookies("TekTech")("sifre")="" Session("id")="" %> <% Response.Redirect "giris.asp" % <% Set Baglanti = Server.CreateObject("ADODB.Connection") Baglanti.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("DB.MDB") 'Database Dosyasi Set rs = Server.CreateObject("ADODB.RecordSet") mertSQL = "SELECT * from rs.open mertSQL,Baglanti,1,3 %>
