PNG  IHDR* pHYs+ IDATx]n#; cdLb Ǚ[at¤_:uP}>!Usă cag޿ ֵNu`ݼTâabO7uL&y^wFٝA"l[|ŲHLN밪4*sG3|Dv}?+y߉{OuOAt4Jj.u]Gz*҉sP'VQKbA1u\`& Af;HWj hsO;ogTu uj7S3/QzUr&wS`M$X_L7r2;aE+ώ%vikDA:dR+%KzƉo>eOth$z%: :{WwaQ:wz%4foɹE[9<]#ERINƻv溂E%P1i01 |Jvҗ&{b?9g=^wζXn/lK::90KwrюO\!ջ3uzuGv^;騢wq<Iatv09:tt~hEG`v;3@MNZD.1]L:{ծI3`L(÷ba")Y.iljCɄae#I"1 `3*Bdz>j<fU40⨬%O$3cGt]j%Fߠ_twJ;ABU8vP3uEԑwQ V:h%))LfraqX-ۿX]v-\9I gl8tzX ]ecm)-cgʒ#Uw=Wlێn(0hPP/ӨtQ“&J35 $=]r1{tLuǮ*i0_;NƝ8;-vݏr8+U-kruȕYr0RnC]*ެ(M:]gE;{]tg(#ZJ9y>utRDRMdr9㪩̞zֹb<ģ&wzJM"iI( .ꮅX)Qw:9,i좜\Ԛi7&N0:asϓc];=ΗOӣ APqz93 y $)A*kVHZwBƺnWNaby>XMN*45~ղM6Nvm;A=jֲ.~1}(9`KJ/V F9[=`~[;sRuk]rєT!)iQO)Y$V ی ۤmzWz5IM Zb )ˆC`6 rRa}qNmUfDsWuˤV{ Pݝ'=Kֳbg,UҘVz2ﴻnjNgBb{? ߮tcsͻQuxVCIY۠:(V뺕 ٥2;t`@Fo{Z9`;]wMzU~%UA蛚dI vGq\r82iu +St`cR.6U/M9IENDB` REDROOM
REDROOM
PHP 5.6.40
Preview: Helper.php Size: 9.98 KB
/home/ankaservis/public_html/includes/Helper.php
<?php
/**
 * Yardımcı Fonksiyonlar
 */

class Helper {
    /**
     * Mevcut protokolü al (HTTP veya HTTPS)
     */
    private static function getProtocol() {
        if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') {
            return 'https://';
        }
        if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
            return 'https://';
        }
        if (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443) {
            return 'https://';
        }
        return 'http://';
    }

    /**
     * Base URL'i al (protokol + host)
     */
    public static function getBaseUrl() {
        $protocol = self::getProtocol();
        $host = $_SERVER['HTTP_HOST'] ?? parse_url(APP_URL, PHP_URL_HOST);
        return $protocol . $host;
    }

    /**
     * URL oluştur
     */
    public static function url($path = '') {
        return self::getBaseUrl() . $path;
    }

    /**
     * Asset URL'i oluştur
     */
    public static function asset($path) {
        return self::getBaseUrl() . '/public/' . ltrim($path, '/');
    }

    /**
     * Optimize edilmiş resim URL'i oluştur (WebP desteği ile)
     * WebP varsa onu kullanır, yoksa orijinal dosyayı kullanır
     */
    public static function image($path) {
        $fullPath = APP_PATH . '/public/' . ltrim($path, '/');
        
        // WebP versiyonunu kontrol et
        $pathInfo = pathinfo($fullPath);
        $webpPath = $pathInfo['dirname'] . '/' . $pathInfo['filename'] . '.webp';
        
        if (file_exists($webpPath)) {
            // WebP varsa onu kullan
            $webpUrl = $pathInfo['dirname'] . '/' . $pathInfo['filename'] . '.webp';
            $webpUrl = str_replace(APP_PATH . '/public/', '', $webpUrl);
            return self::asset($webpUrl);
        }
        
        // WebP yoksa orijinal dosyayı kullan
        return self::asset($path);
    }

    /**
     * SEO uyumlu slug oluştur
     */
    public static function slug($text) {
        $turkish = ['ş', 'Ş', 'ı', 'İ', 'ğ', 'Ğ', 'ü', 'Ü', 'ö', 'Ö', 'ç', 'Ç'];
        $english = ['s', 's', 'i', 'i', 'g', 'g', 'u', 'u', 'o', 'o', 'c', 'c'];
        $text = str_replace($turkish, $english, $text);
        $text = strtolower($text);
        $text = preg_replace('/[^a-z0-9-]/', '-', $text);
        $text = preg_replace('/-+/', '-', $text);
        return trim($text, '-');
    }

    /**
     * Metni kısalt
     */
    public static function excerpt($text, $length = 150) {
        if (mb_strlen($text) <= $length) {
            return $text;
        }
        return mb_substr($text, 0, $length) . '...';
    }

    /**
     * Tarih formatla
     */
    public static function dateFormat($date, $format = 'd.m.Y') {
        return date($format, strtotime($date));
    }

    /**
     * CSRF token oluştur
     */
    public static function csrfToken() {
        if (!isset($_SESSION[CSRF_TOKEN_NAME])) {
            $_SESSION[CSRF_TOKEN_NAME] = bin2hex(random_bytes(32));
        }
        return $_SESSION[CSRF_TOKEN_NAME];
    }

    /**
     * CSRF token doğrula
     */
    public static function verifyCsrfToken($token) {
        return isset($_SESSION[CSRF_TOKEN_NAME]) && hash_equals($_SESSION[CSRF_TOKEN_NAME], $token);
    }

    /**
     * XSS koruması
     */
    public static function escape($string) {
        return htmlspecialchars($string, ENT_QUOTES, 'UTF-8');
    }

    /**
     * Redirect
     */
    public static function redirect($url) {
        header('Location: ' . $url);
        exit;
    }

    /**
     * JSON response
     */
    public static function json($data, $statusCode = 200) {
        http_response_code($statusCode);
        header('Content-Type: application/json; charset=utf-8');
        echo json_encode($data, JSON_UNESCAPED_UNICODE);
        exit;
    }
    
    /**
     * reCAPTCHA v3 doğrulama
     */
    public static function verifyRecaptcha($token) {
        if (!self::isRecaptchaEnabled()) {
            return true;
        }
        
        if (empty($token)) {
            // Production'da token yoksa hata logla ama geçici olarak true döndür
            if (defined('DEBUG_MODE') && DEBUG_MODE) {
                error_log('reCAPTCHA: Token boş - ' . ($_SERVER['HTTP_HOST'] ?? 'unknown'));
            }
            // Production'da token yoksa false döndür
            return false;
        }
        
        $url = 'https://www.google.com/recaptcha/api/siteverify';
        $data = [
            'secret' => RECAPTCHA_SECRET_KEY,
            'response' => $token,
            'remoteip' => $_SERVER['REMOTE_ADDR'] ?? ''
        ];
        
        $options = [
            'http' => [
                'header' => "Content-type: application/x-www-form-urlencoded\r\n",
                'method' => 'POST',
                'content' => http_build_query($data),
                'timeout' => 10
            ]
        ];
        
        $context = stream_context_create($options);
        $result = @file_get_contents($url, false, $context);
        
        if ($result === false) {
            // API çağrısı başarısız oldu, geçici olarak true döndür (spam koruması devam eder)
            if (defined('DEBUG_MODE') && DEBUG_MODE) {
                error_log('reCAPTCHA: API çağrısı başarısız - ' . ($_SERVER['HTTP_HOST'] ?? 'unknown'));
            }
            // Production'da API hatası varsa false döndür
            return false;
        }
        
        $response = json_decode($result, true);
        
        if ($response && isset($response['success']) && $response['success'] === true) {
            $score = $response['score'] ?? 0;
            $threshold = defined('RECAPTCHA_SCORE_THRESHOLD') ? RECAPTCHA_SCORE_THRESHOLD : 0.5;
            
            if (defined('DEBUG_MODE') && DEBUG_MODE) {
                error_log('reCAPTCHA: Score=' . $score . ', Threshold=' . $threshold);
            }
            
            return $score >= $threshold;
        }
        
        // Hata detaylarını logla
        if (defined('DEBUG_MODE') && DEBUG_MODE && isset($response['error-codes'])) {
            error_log('reCAPTCHA Hataları: ' . implode(', ', $response['error-codes']));
        }
        
        return false;
    }
    
    /**
     * reCAPTCHA aktif mi?
     */
    public static function isRecaptchaEnabled() {
        if (!defined('RECAPTCHA_SITE_KEY') || empty(RECAPTCHA_SITE_KEY) ||
            !defined('RECAPTCHA_SECRET_KEY') || empty(RECAPTCHA_SECRET_KEY)) {
            return false;
        }
        
        $host = $_SERVER['HTTP_HOST'] ?? '';
        if (empty($host)) {
            return false;
        }
        
        // Localhost'ta devre dışı
        $localHosts = ['localhost', '127.0.0.1', 'ankaservis.com.test'];
        if (in_array($host, $localHosts, true)) {
            return false;
        }
        
        // Production domain kontrolü - www olmadan da kontrol et
        if (defined('RECAPTCHA_ALLOWED_HOSTS') && is_array(RECAPTCHA_ALLOWED_HOSTS)) {
            $hostWithoutWww = preg_replace('/^www\./', '', $host);
            $hostWithWww = 'www.' . $hostWithoutWww;
            
            if (!in_array($host, RECAPTCHA_ALLOWED_HOSTS, true) && 
                !in_array($hostWithoutWww, RECAPTCHA_ALLOWED_HOSTS, true) &&
                !in_array($hostWithWww, RECAPTCHA_ALLOWED_HOSTS, true)) {
                return false;
            }
        }
        
        return true;
    }
    
    /**
     * Honeypot kontrolü (bot tespiti)
     */
    public static function checkHoneypot($honeypotField) {
        // Honeypot alanı doldurulmuşsa bot olabilir
        return empty($honeypotField);
    }
    
    /**
     * Rate limiting kontrolü (IP bazlı)
     */
    public static function checkRateLimit($ip, $maxRequests = 5, $timeWindow = 300) {
        // 5 dakika içinde maksimum 5 istek
        if (empty($ip)) {
            return true;
        }
        
        $cacheFile = APP_PATH . '/storage/rate_limit_' . md5($ip) . '.txt';
        $storageDir = dirname($cacheFile);
        
        if (!is_dir($storageDir)) {
            mkdir($storageDir, 0755, true);
        }
        
        $currentTime = time();
        $requests = [];
        
        if (file_exists($cacheFile)) {
            $data = file_get_contents($cacheFile);
            $requests = json_decode($data, true) ?: [];
        }
        
        // Eski istekleri temizle
        $requests = array_filter($requests, function($timestamp) use ($currentTime, $timeWindow) {
            return ($currentTime - $timestamp) < $timeWindow;
        });
        
        // İstek sayısını kontrol et
        if (count($requests) >= $maxRequests) {
            return false;
        }
        
        // Yeni isteği ekle
        $requests[] = $currentTime;
        file_put_contents($cacheFile, json_encode($requests));
        
        return true;
    }
    
    /**
     * IP adresini al
     */
    public static function getIpAddress() {
        $ipKeys = ['HTTP_CF_CONNECTING_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_REAL_IP', 'REMOTE_ADDR'];
        
        foreach ($ipKeys as $key) {
            if (!empty($_SERVER[$key])) {
                $ip = $_SERVER[$key];
                if (strpos($ip, ',') !== false) {
                    $ip = explode(',', $ip)[0];
                }
                $ip = trim($ip);
                if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
                    return $ip;
                }
            }
        }
        
        return $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0';
    }
    
    /**
     * Telefon numarasını normalize et
     * 10 haneli numaralara otomatik 0 ekler
     */
    public static function normalizePhone($phone) {
        if (empty($phone)) {
            return '';
        }
        
        // Sadece rakamları al
        $phone = preg_replace('/\D/', '', $phone);
        
        // 10 haneli numara ise (0'sız) otomatik 0 ekle
        if (strlen($phone) === 10 && substr($phone, 0, 1) !== '0') {
            $phone = '0' . $phone;
        }
        
        return $phone;
    }
}

Directory Contents

Dirs: 0 × Files: 6
Name Size Perms Modified Actions
autoloader.php
337 B lrw-r--r-- 2025-11-17 19:50:58
Edit Download
BrevoService.php
57.47 KB lrw-r--r-- 2025-11-17 19:50:58
Edit Download
Database.php
4.49 KB lrw-r--r-- 2025-11-17 19:50:59
Edit Download
Helper.php
9.98 KB lrw-r--r-- 2025-11-17 19:50:59
Edit Download
router.php
8.82 KB lrw-r--r-- 2025-11-17 19:50:59
Edit Download
View.php
1.62 KB lrw-r--r-- 2025-11-17 19:50:59
Edit Download
If ZipArchive is unavailable, a .tar will be created (no compression).
© 2026 REDROOM — Secure File Manager. All rights reserved. Built with ❤️ & Red Dark UI