<% Function QueryFilter(Str) Str = Replace(Str, "*", "[INJ]",1,-1,1) Str = Replace(Str, "=", "[INJ]",1,-1,1) Str = Replace(Str, "<", "[INJ]",1,-1,1) Str = Replace(Str, ">", "[INJ]",1,-1,1) Str = Replace(Str, ";", "[INJ]",1,-1,1) Str = Replace(Str, "(", "[INJ]",1,-1,1) Str = Replace(Str, ")", "[INJ]",1,-1,1) Str = Replace(Str, "+", "[INJ]",1,-1,1) Str = Replace(Str, "#", "[INJ]",1,-1,1) Str = Replace(Str, "'", "[INJ]", 1, -1, 1) Str = Replace(Str, "&", "[INJ]", 1, -1, 1) Str = Replace(Str, "%", "[INJ]", 1, -1, 1) Str = Replace(Str, "?", "[INJ]", 1, -1, 1) Str = Replace(Str, "´", "[INJ]", 1, -1, 1) Str = Replace(Str, ",", "[INJ]",1,-1,1) Str = Replace(Str, "UNION", "[INJ]",1,-1,1) Str = Replace(Str, "SELECT", "[INJ]",1,-1,1) Str = Replace(Str, "WHERE", "[INJ]",1,-1,1) Str = Replace(Str, "LIKE", "[INJ]",1,-1,1) Str = Replace(Str, "FROM", "[INJ]",1,-1,1) Str = Replace(Str, "UPDATE", "[INJ]",1,-1,1) Str = Replace(Str, "INSERT", "[INJ]",1,-1,1) Str = Replace(Str, "ORDER", "[INJ]",1,-1,1) Str = Replace(Str, "GROUP", "[INJ]",1,-1,1) Str = Replace(Str, "ALTER", "[INJ]",1,-1,1) Str = Replace(Str, "ADD", "[INJ]",1,-1,1) Str = Replace(Str, "MODIFY", "[INJ]",1,-1,1) Str = Replace(Str, "RENAME", "[INJ]",1,-1,1) Str = Replace(Str, Chr(39), "[INJ]", 1, -1, 1) If InStr(1,Str,"[INJ]",1) then Response.Redirect "Default.asp" end if QueryFilter = Str End Function %> <% KatID = Temizle(QueryFilter(Request.QueryString("kid"))) ResID = Temizle(QueryFilter(Request.QueryString("rid"))) %>

<%=DikeyBol%>

Lütfen görmek istediğiniz kategoriyi seçiniz:

<% If KatID = "" Then KatID = 1 SQL = "SELECT * FROM tblIlluzyon WHERE fldKategori=" & KatID If ResID <> "" Then SQL = SQL & " AND fldID=" & ResID SQL = SQL & " ORDER BY fldID ASC LIMIT 1" Set IlkResim = Bag.Execute(SQL) If IlkResim.EOF Then Response.Write "

Üzgünüm! aradığınız resim veritabanında bulunamadı...

" Else ResID = IlkResim("fldID") Response.Write "

" & IlkResim("fldAciklama") & "

" End If %>

Bu Kategoriye Ait Diğer Resimler:

<% Set DigerResimler = Bag.Execute("SELECT * FROM tblIlluzyon WHERE fldKategori=" & KatID & " AND fldID<>" & ResID) Do While Not DigerResimler.EOF Response.Write " " DigerResimler.MoveNext Loop %>

A R A M A

<%=YatayBol%>

R E K L A M

<%=Hr%>