Mesaj #814517 - VezirHost - Sadece son girilen yazı gösteriliyor. Nasıl düzeltebilirim bunu?

25.03.2014 19:44

VezirHost WM Aracı Kullanıcı

Üyelik 12.04.2013
Yaş/Cinsiyet 44 / E
Meslek webhosting
Konum İzmir

Ad Soyad ** **
Mesajlar 1
Beğeniler 0 / 0
Ticaret 0, (%0)

Merhaba arkadaşlar elimde 1 adet script var bunu düzenliyorum fakat bir sorun var duyurular kısmına admin panelinden blog giriyorum ama üyelerin görebildiği indexte sadece 1 tane gösteriyor ve en son girileni gösteriyor nasıl düzeltebilirim bunu
aşağıda resimler mevcut

elimdeki script blog ile alakalı kodları:

BLOG.PHP



if (!function_exists("GetSQLValueString")) {

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 

{

  if (PHP_VERSION < 6) {

    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  }



  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);



  switch ($theType) {

    case "text":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;    

    case "long":

    case "int":

      $theValue = ($theValue != "") ? intval($theValue) : "NULL";

      break;

    case "double":

      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";

      break;

    case "date":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;

    case "defined":

      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

      break;

  }

  return $theValue;

}

}



mysql_select_db($database_ok_kisisel, $ok_kisisel);

$query_blgg = "SELECT * FROM blog ORDER BY id DESC";

$blgg = mysql_query($query_blgg, $ok_kisisel) or die(mysql_error());

$row_blgg = mysql_fetch_assoc($blgg);

$totalRows_blgg = mysql_num_rows($blgg);

?>









	



		Pixmania - Premium HTML Template

		

		

		

		

		

	

	







	

	

			

			

			

			   

			

			

			

		





	





mysql_free_result($blgg);

?>

BLOG-OKU.PHP



if (!function_exists("GetSQLValueString")) {

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 

{

  if (PHP_VERSION < 6) {

    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  }



  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);



  switch ($theType) {

    case "text":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;    

    case "long":

    case "int":

      $theValue = ($theValue != "") ? intval($theValue) : "NULL";

      break;

    case "double":

      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";

      break;

    case "date":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;

    case "defined":

      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

      break;

  }

  return $theValue;

}

}



$colname_blgs = "-1";

if (isset($_GET['id'])) {

  $colname_blgs = $_GET['id'];

}

mysql_select_db($database_ok_kisisel, $ok_kisisel);

$query_blgs = sprintf("SELECT * FROM blog WHERE id = %s", GetSQLValueString($colname_blgs, "int"));

$blgs = mysql_query($query_blgs, $ok_kisisel) or die(mysql_error());

$row_blgs = mysql_fetch_assoc($blgs);

$totalRows_blgs = mysql_num_rows($blgs);

?>









	



		Pixmania - Premium HTML Template

		

		

		

		



		

	

	







	

	

				

				

				

				Geri
		

				

				

				

				
				

				 				

				

				


				

				

				

				

				

	

		





	





mysql_free_result($blgs);

?>

ADMİN PANELİ DOSYALARI

BLOG.PHP



ob_start(); 

 session_start();

if (!isset($_SESSION)) {

  session_start();

}

$MM_authorizedUsers = "";

$MM_donotCheckaccess = "true";



// *** Restrict Access To Page: Grant or deny access to this page

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 

  // For security, start by assuming the visitor is NOT authorized. 

  $isValid = False; 



  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 

  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 

  if (!empty($UserName)) { 

    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 

    // Parse the strings into arrays. 

    $arrUsers = Explode(",", $strUsers); 

    $arrGroups = Explode(",", $strGroups); 

    if (in_array($UserName, $arrUsers)) { 

      $isValid = true; 

    } 

    // Or, you may restrict access to only certain users based on their username. 

    if (in_array($UserGroup, $arrGroups)) { 

      $isValid = true; 

    } 

    if (($strUsers == "") && true) { 

      $isValid = true; 

    } 

  } 

  return $isValid; 

}



$MM_restrictGoTo = "giris.php";

if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   

  $MM_qsChar = "?";

  $MM_referrer = $_SERVER['PHP_SELF'];

  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";

  if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) 

  $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];

  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);

  header("Location: ". $MM_restrictGoTo); 

  exit;

}

?>

if (!function_exists("GetSQLValueString")) {

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 

{

  if (PHP_VERSION < 6) {

    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  }



  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);



  switch ($theType) {

    case "text":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;    

    case "long":

    case "int":

      $theValue = ($theValue != "") ? intval($theValue) : "NULL";

      break;

    case "double":

      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";

      break;

    case "date":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;

    case "defined":

      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

      break;

  }

  return $theValue;

}

}



if ((isset($_GET['sil'])) && ($_GET['sil'] != "")) {

  $deleteSQL = sprintf("DELETE FROM blog WHERE id=%s",

                       GetSQLValueString($_GET['sil'], "int"));



  mysql_select_db($database_ok_kisisel, $ok_kisisel);

  $Result1 = mysql_query($deleteSQL, $ok_kisisel) or die(mysql_error());

}



mysql_select_db($database_ok_kisisel, $ok_kisisel);

$query_blg = "SELECT * FROM blog";

$blg = mysql_query($query_blg, $ok_kisisel) or die(mysql_error());

$row_blg = mysql_fetch_assoc($blg);

$totalRows_blg = mysql_num_rows($blg);

?>







AdminCP



<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>





















	

		

			

				

					Blog KONULARIM

					 

				

				

					






 0) { // Show if recordset not empty ?>











						
							BAŞLIK
							TARİH
							İÇERİK
							İŞLEMLER
						
                                                  
                        
                              
                              
                              
                               
ÖnizleDüzenleSil

BAŞLIK	TARİH	İÇERİK	İŞLEMLER
			Önizle Düzenle Sil







mysql_free_result($blg);

?>

BLOG-DUZENLE.PHP



ob_start(); 

 session_start();

if (!isset($_SESSION)) {

  session_start();

}

$MM_authorizedUsers = "";

$MM_donotCheckaccess = "true";



// *** Restrict Access To Page: Grant or deny access to this page

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 

  // For security, start by assuming the visitor is NOT authorized. 

  $isValid = False; 



  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 

  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 

  if (!empty($UserName)) { 

    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 

    // Parse the strings into arrays. 

    $arrUsers = Explode(",", $strUsers); 

    $arrGroups = Explode(",", $strGroups); 

    if (in_array($UserName, $arrUsers)) { 

      $isValid = true; 

    } 

    // Or, you may restrict access to only certain users based on their username. 

    if (in_array($UserGroup, $arrGroups)) { 

      $isValid = true; 

    } 

    if (($strUsers == "") && true) { 

      $isValid = true; 

    } 

  } 

  return $isValid; 

}



$MM_restrictGoTo = "giris.php";

if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   

  $MM_qsChar = "?";

  $MM_referrer = $_SERVER['PHP_SELF'];

  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";

  if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) 

  $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];

  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);

  header("Location: ". $MM_restrictGoTo); 

  exit;

}

?>



error_reporting(E_ALL & ~E_NOTICE);

ini_set('error_reporting', E_ALL & ~E_NOTICE); 

//	---------------------------------------------

//	Pure PHP Upload version 1.1

//	-------------------------------------------

if (phpversion() > "4.0.6") {

	$HTTP_POST_FILES = &$_FILES;

}

define("MAX_SIZE",0);

define("DESTINATION_FOLDER", "../upload");

define("no_error", "#");

define("yes_error", "#");

$_accepted_extensions_ = "png,PNG,JPG,JPEG,jpg,jpg,gif,GIF";

if(strlen($_accepted_extensions_) > 0){

	$_accepted_extensions_ = @explode(",",$_accepted_extensions_);

} else {

	$_accepted_extensions_ = array();

}

$_file_ = $HTTP_POST_FILES['resim'];

if(is_uploaded_file($_file_['tmp_name']) && $HTTP_POST_FILES['resim']['error'] == 0){

	$errStr = "";

		$dosya =$_file_['name'];

	$uzanti = strtolower(strrchr($dosya,'.'));

	$_name_ = substr(md5(rand(0,9999999999)),-10)."hnk".$uzanti;

	$_type_ = $_file_['type'];

	$_tmp_name_ = $_file_['tmp_name'];

	$_size_ = $_file_['size'];

	if($_size_ > MAX_SIZE && MAX_SIZE > 0){

		$errStr = "File troppo pesante";

	}

	$_ext_ = explode(".", $_name_);

	$_ext_ = strtolower($_ext_[count($_ext_)-1]);

	if(!in_array($_ext_, $_accepted_extensions_) && count($_accepted_extensions_) > 0){

		$errStr = "Estensione non valida";

	}

	if(!is_dir(DESTINATION_FOLDER) && is_writeable(DESTINATION_FOLDER)){

		$errStr = "Cartella di destinazione non valida";

	}

	if(empty($errStr)){

		if(@copy($_tmp_name_,DESTINATION_FOLDER . "/" . $_name_)){

			header("Location: " . no_error);

		} else {

			header("Location: " . yes_error);

		}

	} else {

		header("Location: " . yes_error);

	}

}

?>

if (!function_exists("GetSQLValueString")) {

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 

{

  if (PHP_VERSION < 6) {

    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  }



  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);



  switch ($theType) {

    case "text":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;    

    case "long":

    case "int":

      $theValue = ($theValue != "") ? intval($theValue) : "NULL";

      break;

    case "double":

      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";

      break;

    case "date":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;

    case "defined":

      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

      break;

  }

  return $theValue;

}

}



$editFormAction = $_SERVER['PHP_SELF'];

if (isset($_SERVER['QUERY_STRING'])) {

  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

}



if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "diger")) {

  $updateSQL = sprintf("UPDATE blog SET tarih=%s, baslik=%s, icerik=%s WHERE id=%s",

                       GetSQLValueString($_POST['tarih'], "text"),

                       GetSQLValueString($_POST['baslik'], "text"),

                       GetSQLValueString($_POST['icerik'], "text"),

                       GetSQLValueString($_POST['id'], "int"));



  mysql_select_db($database_ok_kisisel, $ok_kisisel);

  $Result1 = mysql_query($updateSQL, $ok_kisisel) or die(mysql_error());

}



if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "resim")) {

  $updateSQL = sprintf("UPDATE blog SET resim=%s WHERE id=%s",

                       GetSQLValueString($_name_, "text"),

                       GetSQLValueString($_POST['resid'], "int"));



  mysql_select_db($database_ok_kisisel, $ok_kisisel);

  $Result1 = mysql_query($updateSQL, $ok_kisisel) or die(mysql_error());

}



$colname_about = "-1";

if (isset($_GET['id'])) {

  $colname_about = $_GET['id'];

}

mysql_select_db($database_ok_kisisel, $ok_kisisel);

$query_about = sprintf("SELECT * FROM blog WHERE id = %s", GetSQLValueString($colname_about, "int"));

$about = mysql_query($query_about, $ok_kisisel) or die(mysql_error());

$row_about = mysql_fetch_assoc($about);

$totalRows_about = mysql_num_rows($about);

?>







AdminCP



<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>



















<script>

$(document).ready(function(){

	$('#datepicker').datepicker();

	

	$('.checkboxui, .radioui').buttonset();

	

	$('#slider').slider({ values: [20,50], range: true });

});

</script>



		

		


		

			

				

					HakkIMDA DÜZENLE

					 

				

				

					

						

						  Başlık:

						    

						  

						  

                      

				      Tarih:

						

						  İçerik:<?php echo $row_about['icerik']; ?>

						



						



						



						

						

                    

                    

                      

					    Resim







mysql_free_result($about);

?>

BLOG-EKLE.PHP



ob_start(); 

 session_start();

if (!isset($_SESSION)) {

  session_start();

}

$MM_authorizedUsers = "";

$MM_donotCheckaccess = "true";



// *** Restrict Access To Page: Grant or deny access to this page

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 

  // For security, start by assuming the visitor is NOT authorized. 

  $isValid = False; 



  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 

  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 

  if (!empty($UserName)) { 

    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 

    // Parse the strings into arrays. 

    $arrUsers = Explode(",", $strUsers); 

    $arrGroups = Explode(",", $strGroups); 

    if (in_array($UserName, $arrUsers)) { 

      $isValid = true; 

    } 

    // Or, you may restrict access to only certain users based on their username. 

    if (in_array($UserGroup, $arrGroups)) { 

      $isValid = true; 

    } 

    if (($strUsers == "") && true) { 

      $isValid = true; 

    } 

  } 

  return $isValid; 

}



$MM_restrictGoTo = "giris.php";

if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   

  $MM_qsChar = "?";

  $MM_referrer = $_SERVER['PHP_SELF'];

  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";

  if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) 

  $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];

  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);

  header("Location: ". $MM_restrictGoTo); 

  exit;

}

?>



error_reporting(E_ALL & ~E_NOTICE);

ini_set('error_reporting', E_ALL & ~E_NOTICE); 

//	---------------------------------------------

//	Pure PHP Upload version 1.1

//	-------------------------------------------

if (phpversion() > "4.0.6") {

	$HTTP_POST_FILES = &$_FILES;

}

define("MAX_SIZE",0);

define("DESTINATION_FOLDER", "../upload");

define("no_error", "#");

define("yes_error", "#");

$_accepted_extensions_ = "png,PNG,JPG,JPEG,jpg,jpg,gif,GIF";

if(strlen($_accepted_extensions_) > 0){

	$_accepted_extensions_ = @explode(",",$_accepted_extensions_);

} else {

	$_accepted_extensions_ = array();

}

$_file_ = $HTTP_POST_FILES['resim'];

if(is_uploaded_file($_file_['tmp_name']) && $HTTP_POST_FILES['resim']['error'] == 0){

	$errStr = "";

		$dosya =$_file_['name'];

	$uzanti = strtolower(strrchr($dosya,'.'));

	$_name_ = substr(md5(rand(0,9999999999)),-10)."hnk".$uzanti;

	$_type_ = $_file_['type'];

	$_tmp_name_ = $_file_['tmp_name'];

	$_size_ = $_file_['size'];

	if($_size_ > MAX_SIZE && MAX_SIZE > 0){

		$errStr = "File troppo pesante";

	}

	$_ext_ = explode(".", $_name_);

	$_ext_ = strtolower($_ext_[count($_ext_)-1]);

	if(!in_array($_ext_, $_accepted_extensions_) && count($_accepted_extensions_) > 0){

		$errStr = "Estensione non valida";

	}

	if(!is_dir(DESTINATION_FOLDER) && is_writeable(DESTINATION_FOLDER)){

		$errStr = "Cartella di destinazione non valida";

	}

	if(empty($errStr)){

		if(@copy($_tmp_name_,DESTINATION_FOLDER . "/" . $_name_)){

			header("Location: " . no_error);

		} else {

			header("Location: " . yes_error);

		}

	} else {

		header("Location: " . yes_error);

	}

} ?>

if (!function_exists("GetSQLValueString")) {

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 

{

  if (PHP_VERSION < 6) {

    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  }



  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);



  switch ($theType) {

    case "text":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;    

    case "long":

    case "int":

      $theValue = ($theValue != "") ? intval($theValue) : "NULL";

      break;

    case "double":

      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";

      break;

    case "date":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;

    case "defined":

      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

      break;

  }

  return $theValue;

}

}



$editFormAction = $_SERVER['PHP_SELF'];

if (isset($_SERVER['QUERY_STRING'])) {

  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

}



if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {

  $insertSQL = sprintf("INSERT INTO blog (tarih, baslik, resim, icerik) VALUES (%s, %s, %s, %s)",

                       GetSQLValueString($_POST['tarih'], "text"),

                       GetSQLValueString($_POST['baslik'], "text"),

                       GetSQLValueString($_name_, "text"),

                       GetSQLValueString($_POST['icerik'], "text"));



  mysql_select_db($database_ok_kisisel, $ok_kisisel);

  $Result1 = mysql_query($insertSQL, $ok_kisisel) or die(mysql_error());



  $insertGoTo = "blog.php";

  if (isset($_SERVER['QUERY_STRING'])) {

    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

    $insertGoTo .= $_SERVER['QUERY_STRING'];

  }

  header(sprintf("Location: %s", $insertGoTo));

}

?>







AdminCP



<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>

<script></script>























<script>

$(document).ready(function(){

	$('#datepicker').datepicker();

	

	$('.checkboxui, .radioui').buttonset();

	

	$('#slider').slider({ values: [20,50], range: true });

});

</script>



		

		

		

			

				

					Forms styled with JQtransform

					 

				

				

					

						

						  Başlık:

					  

				      Tarih:

						

						  İçerik:

						  

						  

						  Bir değer gerekiyor.

						



						

						Resim Ekle

Blog KONULARIM

HakkIMDA DÜZENLE

Forms styled with JQtransform

Üye Girişi Yap