Hatali kullanıcı adı veya şifre.'); } if ($_GET['custom']) { $siteConfig['fiyatUyelikZorunlu'] = 0; $qx = my_mysql_query("select * from xmlout where active = 1 AND code like '" . addslashes($_GET['custom']) . "' order by ID desc limit 0,1"); $dx = my_mysql_fetch_array($qx); if (!my_mysql_num_rows($qx)) exit(); $out .= $dx['xmlheader']; $order = 'order by catID'; $start = ($_GET['start'] ? $_GET['start'] : 0); if (userGroupID()) { $userID = $_SESSION['userID']; $xmlCat = hq("select xmlcat from userGroups where ID='" . userGroupID() . "'"); $xmlMarka = hq("select xmlmarka from userGroups where ID='" . userGroupID() . "'"); } $start = (int)($_GET['start'] ? $_GET['start'] : 0); if ($_GET['limit']) $limit = 'limit ' . (int)$start . ',' . (int) $_GET['limit']; if ($_GET['tID']) $filter = 'AND urun.tedarikciID= ' . (int)$_GET['tID']; if ($_GET['catID']) $filter .= "AND (showCatIDs like '%|" . $_GET['catID'] . "|%' OR catID='" . $_GET['catID'] . "' OR kategori.idPath like '%/" . $_GET['catID'] . "/%' OR kategori.idPath like '" . $_GET['catID'] . "/%')"; if ($_GET['tIDs']) { $filter = 'AND ('; $tIDs = explode(',', $_GET['tIDs']); foreach ($tIDs as $tID) { $tID = (int)$tID; if ($tID) $filter .= 'urun.tedarikciID = \'' . $tID . '\' OR '; } $filter .= ' 1 = 2) '; } if ($_SESSION['userGroupID']) { $xmlCat = hq("select xmlcat from userGroups where ID='" . userGroupID(). "'"); $xmlMarka = hq("select xmlmarka from userGroups where ID='" . userGroupID() . "'"); } $q = my_mysql_query("select urun.*,kategori.ckar,kategori.gg_Kod ,kategori.namePath from urun,kategori where urun.catID=kategori.ID AND catID!=0 AND markaID!=0 AND bakiyeOdeme=0 AND urun.active=1 AND urun.noxml != 1 AND kategori.noxml != 1 AND urun.stok > 0 AND urun.sigorta = 0 AND kategori.active = 1 $filter $order $limit"); while ($d = my_mysql_fetch_array($q)) { if ($xmlCat && (stristr($xmlCat, ',' . $d['catID'] . ',') === false)) continue; if ($xmlMarka && (stristr($xmlMarka, ',' . $d['markaID'] . ',') === false)) continue; if ($d['userGroup'] && (stristr($d['userGroup'], ',' . $_SESSION['userGroupID'] . ',') === false)) continue; $safeArray = array('name', 'detay', 'onDetay'); foreach ($safeArray as $safe) { $d[$safe] = ''; } $d['marka'] = ''; for ($i = 1; $i <= 10; $i++) { $check = 'resim' . ($i > 1 ? $i : ''); if($d[$check]) $d[$check] = 'http' . (siteConfig('httpsAktif') ? 's' : '') . '://' . $_SERVER['SERVER_NAME'] . $siteDizini . 'images/urunler/' . $d[$check]; } $stoklar = ''; if ($d['varID1'] || $d['varID2']) { $stoklar = ''; $var1 = trim(cleanstr(hq("select ozellik from var where ID='" . $d['varID1'] . "'"))); $var2 = trim(cleanstr(hq("select ozellik from var where ID='" . $d['varID2'] . "'"))); $vq = my_mysql_query("select kod,stok,var1,var2 from urunvarstok where urunID='" . $d['ID'] . "'"); while ($vd = my_mysql_fetch_array($vq)) { $stoklar .= ''; $price1 = hq("select fark from urunvars where urunID='" . $d['ID'] . "' AND varID='" . $d['varID1'] . "' AND var like '" . $vd['var1'] . "'"); $stoklar .= ''; if ($var2) { $price2 = hq("select fark from urunvars where urunID='" . $d['ID'] . "' AND varID='" . $d['varID2'] . "' AND var like '" . $vd['var2'] . "'"); $stoklar .= ''; } $stoklar .= '' . $vd['stok'] . ''; $stoklar .= '' . $vd['kod'] . ''; $stoklar .= ''; } $stoklar .= ''; } $xml = str_replace('{%STOKLAR%}', $stoklar, $dx['xml']); $xml = str_replace('{%KATEGORI_ADI%}', '', $xml); $xml = str_replace('{%MARKA_ADI%}', '', $xml); $out .= urunTemplateReplace($d, $xml); } $out .= $dx['xmlfooter']; /* $userID = $_SESSION['userID']; $view = hq("select xmlactive from userGroups where ID='".userGroupID()."' AND userGroups.ID = userGroupMembers.userGroupID AND (userGroups.xmlIP = '' OR userGroups.xmlIP like '%" . $_SERVER['REMOTE_ADDR'] . "%') order by xmlactive asc limit 0,1"); */ //if(userGroupID() && $view) exit($out); } function toIdeaPrice($fiyat) { $fiyat = my_money_format('', $fiyat); $fiyat = str_replace('.', '_', $fiyat); $fiyat = str_replace(',', '.', $fiyat); $fiyat = str_replace('_', ',', $fiyat); return $fiyat; } $func = 'build' . ucfirst($_GET['c']) . 'XMLFile'; $funcauto = 'buildauto' . ucfirst($_GET['c']) . 'XMLFile'; $view = hq("select status from xmlexport where code like '" . $_GET['c'] . "'"); if (!$view) { $userID = $_SESSION['userID']; $view = hq("select xmlactive from user,userGroups,userGroupMembers where user.ID = userGroupMembers.userID AND user.ID = '" . $userID . "' AND userGroups.ID = userGroupMembers.userGroupID AND (userGroups.xmlIP = '' OR userGroups.xmlIP like '%" . $_SERVER['REMOTE_ADDR'] . "%') order by xmlactive asc limit 0,1"); } if ($view) { if (!$_GET['autolang']) { $_SESSION['lang'] = $_SESSION['cache_setfiyat'] = $_SESSION['cache_setfiyatbirim'] = $langPrefix = null; } $code = substr(md5($_GET['c'] . $serialx), 0, 10); // Eski $code2 = substr(md5($_GET['c'] . checkx()), 0, 10); if ($_GET['xmlc'] == $code || $_GET['xmlc'] == $code2 || $_GET['c'] == 'google' || $_GET['c'] == 'googleimage') { checkForXmlCache(); echo ($func()); if ($_GET['autologin']) { $_SESSION['userID'] = $_SESSION['username'] = $_SESSION['password'] = $_SESSION['loginStatus'] = $_SESSION['siparisID'] = $_SESSION['bayi'] = $_SESSION['groupID'] = $_SESSION['userGroupID'] = $_SESSION['token'] = $_SESSION['user_xmlcat'] = ''; } } else exit('Geçersiz XML kodu.'); } else exit('İlgili servis pasif durumda.'); // if(function_exists($funcauto) && ($_SESSION['admin_isAdmin'] || $_SERVER['REMOTE_ADDR'] == '88.248.143.155')) exit($funcauto());