ayrisdev/xciptv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit with security patches

Browse Source
This commit is contained in:
mstfyldz
2026-02-22 17:08:48 +03:00
commit b44389a0a2
13 changed files with 1619 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.dockerignore Normal file
View File

@@ -0,0 +1,7 @@
.git
.gitignore
.DS_Store
README.md
DEPLOYMENT.md
dockerfile
.dockerignore

20
.gitignore vendored Normal file
View File

@@ -0,0 +1,20 @@
# Logs
*.log
rate_limit.json
api_access.log
# Tokens
tokens/
# IDE
.vscode/
.idea/
*.swp
*.swo
# OS
.DS_Store
Thumbs.db
# Vercel
.vercel

67
.htaccess Normal file
View File

@@ -0,0 +1,67 @@
# XC IPTV API - Apache Configuration
# CORS (Cross-Origin Resource Sharing)
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, OPTIONS"
Header set Access-Control-Allow-Headers "Content-Type, Authorization"
</IfModule>
# GZIP Compression
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json
</IfModule>
# Cache Control
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType application/json "access plus 5 minutes"
</IfModule>
# Security Headers
<IfModule mod_headers.c>
Header set X-Content-Type-Options "nosniff"
Header set X-Frame-Options "DENY"
Header set X-XSS-Protection "1; mode=block"
</IfModule>
# Disable Directory Listing
Options -Indexes
# Protect Config and Sensitive Files
<FilesMatch "^(config\.php|rate_limit\.json|.*\.log|.*\.md)$">
Order Allow,Deny
Deny from all
</FilesMatch>
# Protect Tokens Directory
<IfModule mod_rewrite.c>
RewriteRule ^tokens/ - [F,L]
</IfModule>
# Error Pages
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
# Rewrite Rules (opsiyonel - SEF URLs için)
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# API endpoint'i temizle
# /api/v1 yerine /api
RewriteRule ^api/?$ api_secured.php [L]
# Maintenance check
RewriteCond %{REQUEST_URI} !maintenance.html
RewriteCond %{DOCUMENT_ROOT}/maintenance.flag -f
RewriteRule .* /maintenance.html [R=503,L]
</IfModule>
# PHP Settings (eğer izin veriliyorsa)
<IfModule mod_php.c>
php_value upload_max_filesize 10M
php_value post_max_size 10M
php_value memory_limit 128M
php_value max_execution_time 30
</IfModule>

205
DEPLOYMENT.md Normal file
View File

@@ -0,0 +1,205 @@
# 🚀 DEPLOYMENT GUIDE - Adım Adım
## 📦 DOSYALARI GITHUB'A YÜKLE
### 1⃣ GitHub'da Yeni Repo Oluştur
1. https://github.com/new adresine git
2. Repository name: **xciptv-api** (ya da istediğin isim)
3.**Public** seç (ücretsiz için)
4. ❌ README ekleme (bizde zaten var)
5. **Create repository** tıkla
### 2⃣ Dosyaları Yükle
İki yöntem var:
#### Yöntem A: GitHub Web'den (KOLAY ✅)
1. Yeni oluşturduğun repo sayfasında:
2. **"uploading an existing file"** linkine tıkla
3. Tüm dosyaları sürükle-bırak:
- api_secured.php
- login.html
- panel.html
- config.php
- index.php
- vercel.json
- composer.json
- .gitignore
- README.md
4. Commit message: "Initial commit"
5. **Commit changes** tıkla
#### Yöntem B: Git ile (Terminal)
```bash
# Dosyaların olduğu klasöre git
cd /path/to/xciptv-deploy
# Git başlat
git init
# Dosyaları ekle
git add .
# Commit
git commit -m "Initial commit"
# GitHub'a bağla (değiştir: USERNAME ve REPO_NAME)
git remote add origin https://github.com/USERNAME/REPO_NAME.git
# Push et
git branch -M main
git push -u origin main
```
---
## 🚀 VERCEL'E DEPLOY ET
### 1⃣ Vercel'e Git
1. https://vercel.com/new adresine git
2. **"Import Git Repository"** tıkla
### 2⃣ GitHub Repo'nu Seç
1. GitHub hesabını bağla (ilk seferse)
2. Listeden **xciptv-api** repo'sunu seç
3. **Import** tıkla
### 3⃣ Deploy Ayarları
```
Framework Preset: Other
Root Directory: ./
Build Command: (boş bırak)
Output Directory: (boş bırak)
Install Command: (boş bırak)
```
### 4⃣ Deploy!
**Deploy** butonuna tıkla ve bekle (30-60 saniye).
### 5⃣ URL'ini Al
Deploy bitince sana URL verecek:
```
https://xciptv-api-xxxxx.vercel.app
```
Bu URL'i kopyala! ✅
---
## 🧪 TEST ET
### 1⃣ Admin Panel
Tarayıcıda aç:
```
https://xciptv-api-xxxxx.vercel.app/login.html
```
Giriş yap:
- Username: **admin**
- Password: **admin123**
### 2⃣ API Test
Terminal'de test et:
```bash
# Token al
curl "https://xciptv-api-xxxxx.vercel.app/api_secured.php?action=get_token&api_key=myapp_v1_secret_key_2024"
```
Response gelirse **BAŞARILI!** 🎉
---
## ⚙️ ŞİFRE DEĞİŞTİR (ÖNEMLİ!)
### 1⃣ Yeni Şifre Oluştur
Bu PHP kodunu çalıştır:
```php
<?php
echo password_hash('YeniSifren123', PASSWORD_BCRYPT);
?>
```
Çıktı:
```
$2y$10$abcdefghijklmnopqrstuvwxyz...
```
### 2⃣ api_secured.php'yi Düzenle
GitHub'daki `api_secured.php` dosyasını aç → Edit:
```php
$SECURITY_CONFIG = [
'admin_username' => 'admin', // 👈 İstersen değiştir
'admin_password' => '$2y$10$abc...', // 👈 Yeni hash'i yapıştır
];
```
**Commit changes** → Vercel otomatik yeniden deploy eder (1 dk)
---
## 🎯 APK'YA BAĞLA
APK'da kullanacağın URL:
```
https://xciptv-api-xxxxx.vercel.app/api_secured.php
```
### Token Al:
```
?action=get_token&api_key=myapp_v1_secret_key_2024
```
### Config Çek:
```
?action=get_config&token=ALDGIN_TOKEN
```
---
## 🆘 SORUN ÇÖZME
### "500 Internal Server Error"
Vercel'de PHP çalışmıyorsa:
1. `vercel.json` dosyası var mı kontrol et
2. Repo'nun root'unda olmalı
### "404 Not Found"
URL'i doğru yazdığından emin ol:
```
✅ https://xxx.vercel.app/login.html
❌ https://xxx.vercel.app/login
```
### Şifre Çalışmıyor
Yeni hash oluştur ve güncelle:
```bash
php -r "echo password_hash('admin123', PASSWORD_BCRYPT);"
```
---
## 📞 Takıldın mı?
Geri gel, birlikte hallederiz! 💪

14
Dockerfile Normal file
View File

@@ -0,0 +1,14 @@
FROM php:7.4-apache
# Tüm dosyaları sunucuya kopyala
COPY . /var/www/html/
# Klasör izinlerini ayarla
RUN chown -R www-data:www-data /var/www/html \
&& chmod -R 755 /var/www/html
# Apache'nin PHP'yi işlemesini sağla ve AllowOverride ayarını aktifleştir
RUN a2enmod rewrite \
&& sed -i 's/AllowOverride None/AllowOverride All/g' /etc/apache2/apache2.conf
EXPOSE 80

17
README.md Normal file
View File

@@ -0,0 +1,17 @@
# XC IPTV API - Secured Panel
## 🚀 Quick Start
1. Admin Panel: `login.html`
2. Default Login: admin / admin123
3. API Endpoint: `api_secured.php`
## 🔐 Security
- Change password in `api_secured.php`
- Update API keys
- Configure in `config.php`
## 📖 Documentation
See full docs in repository.

329
api_secured.php Normal file
View File

@@ -0,0 +1,329 @@
<?php
/**
* XC IPTV Secured API with Authentication
* Multi-Layer Security System
*/
// ==========================================
// GÜVENLİK AYARLARI
// ==========================================
$SECURITY_CONFIG = [
// Admin Login
'admin_username' => 'admin',
'admin_password' => password_hash('admin123', PASSWORD_BCRYPT), // Değiştir!
// API Keys (Her APK için farklı key)
'api_keys' => [
'myapp_v1_secret_key_2024', // APK 1
'myapp_v2_secret_key_2024', // APK 2
'myapp_v3_secret_key_2024', // APK 3
],
// IP Whitelist (Boş = tüm IP'ler)
'allowed_ips' => [],
// Rate Limiting
'rate_limit' => [
'enabled' => true,
'max_requests' => 60, // dakika başına
'block_duration' => 3600, // 1 saat ban
],
// Token Expiry (saat cinsinden)
'token_expiry' => 24,
];
// ==========================================
// SESSION BAŞLAT
// ==========================================
session_start();
// ==========================================
// RATE LIMIT KONTROLÜ
// ==========================================
function checkRateLimit($ip) {
global $SECURITY_CONFIG;
if (!$SECURITY_CONFIG['rate_limit']['enabled']) {
return true;
}
$log_file = 'rate_limit.json';
$max_requests = $SECURITY_CONFIG['rate_limit']['max_requests'];
$block_duration = $SECURITY_CONFIG['rate_limit']['block_duration'];
// Load log
$data = file_exists($log_file) ? json_decode(file_get_contents($log_file), true) : [];
// Check if IP is blocked
if (isset($data[$ip]['blocked_until']) && time() < $data[$ip]['blocked_until']) {
return false;
}
// Initialize or reset counter
if (!isset($data[$ip]) || time() - $data[$ip]['last_reset'] > 60) {
$data[$ip] = [
'count' => 1,
'last_reset' => time(),
'blocked_until' => null
];
} else {
$data[$ip]['count']++;
// Block if exceeded
if ($data[$ip]['count'] > $max_requests) {
$data[$ip]['blocked_until'] = time() + $block_duration;
file_put_contents($log_file, json_encode($data));
return false;
}
}
file_put_contents($log_file, json_encode($data));
return true;
}
// ==========================================
// API KEY KONTROLÜ
// ==========================================
function validateApiKey($key) {
global $SECURITY_CONFIG;
return in_array($key, $SECURITY_CONFIG['api_keys']);
}
// ==========================================
// TOKEN OLUŞTUR
// ==========================================
function generateToken($api_key) {
global $SECURITY_CONFIG;
$token_data = [
'api_key' => $api_key,
'issued_at' => time(),
'expires_at' => time() + ($SECURITY_CONFIG['token_expiry'] * 3600),
'random' => bin2hex(random_bytes(16))
];
// Token'ı encode et
$token = base64_encode(json_encode($token_data));
// Token'ı kaydet (opsiyonel)
$token_file = 'tokens/' . md5($token) . '.json';
@mkdir('tokens', 0755, true);
@file_put_contents($token_file, json_encode($token_data));
return $token;
}
// ==========================================
// TOKEN DOĞRULA
// ==========================================
function validateToken($token) {
if (empty($token)) return false;
try {
$token_data = json_decode(base64_decode($token), true);
if (!$token_data || !isset($token_data['expires_at'])) {
return false;
}
// Expire check
if (time() > $token_data['expires_at']) {
return false;
}
// API key check
if (!validateApiKey($token_data['api_key'])) {
return false;
}
return true;
} catch (Exception $e) {
return false;
}
}
// ==========================================
// IP KONTROL
// ==========================================
$client_ip = $_SERVER['REMOTE_ADDR'] ?? 'unknown';
if (!empty($SECURITY_CONFIG['allowed_ips']) && !in_array($client_ip, $SECURITY_CONFIG['allowed_ips'])) {
http_response_code(403);
die(json_encode([
'status' => 'error',
'error_code' => 'IP_BLOCKED',
'message' => 'Your IP is not whitelisted'
]));
}
// Rate limit check
if (!checkRateLimit($client_ip)) {
http_response_code(429);
die(json_encode([
'status' => 'error',
'error_code' => 'RATE_LIMIT_EXCEEDED',
'message' => 'Too many requests. Try again later.',
'retry_after' => $SECURITY_CONFIG['rate_limit']['block_duration']
]));
}
// ==========================================
// ENDPOINT: LOGIN (Admin Panel)
// ==========================================
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'login') {
header('Content-Type: application/json');
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if ($username === $SECURITY_CONFIG['admin_username'] &&
password_verify($password, $SECURITY_CONFIG['admin_password'])) {
$_SESSION['admin_logged_in'] = true;
$_SESSION['login_time'] = time();
echo json_encode([
'status' => 'success',
'message' => 'Login successful',
'redirect' => 'panel.php'
]);
} else {
sleep(2); // Brute force protection
echo json_encode([
'status' => 'error',
'message' => 'Invalid credentials'
]);
}
exit;
}
// ==========================================
// ENDPOINT: GET TOKEN (APK için)
// ==========================================
if (isset($_GET['action']) && $_GET['action'] === 'get_token') {
header('Content-Type: application/json');
$api_key = $_GET['api_key'] ?? $_POST['api_key'] ?? '';
if (!validateApiKey($api_key)) {
http_response_code(401);
echo json_encode([
'status' => 'error',
'error_code' => 'INVALID_API_KEY',
'message' => 'Invalid API key'
]);
exit;
}
$token = generateToken($api_key);
echo json_encode([
'status' => 'success',
'token' => $token,
'expires_in' => $SECURITY_CONFIG['token_expiry'] * 3600,
'issued_at' => time()
]);
exit;
}
// ==========================================
// ENDPOINT: GET CONFIG (Ana API)
// ==========================================
if (isset($_GET['action']) && $_GET['action'] === 'get_config') {
header('Content-Type: application/json');
// Token kontrolü
$token = $_GET['token'] ?? $_SERVER['HTTP_AUTHORIZATION'] ?? '';
$token = str_replace('Bearer ', '', $token);
if (!validateToken($token)) {
http_response_code(401);
echo json_encode([
'status' => 'error',
'error_code' => 'INVALID_TOKEN',
'message' => 'Invalid or expired token'
]);
exit;
}
// ==========================================
// CONFIG (Token geçerli ise döndür)
// ==========================================
require_once 'config.php';
$config = [
'app' => [
'name' => 'MAGTV Android Player',
'customer_id' => 'v2000',
'expiry' => 'LIFETIME',
'version' => '7.0',
],
'portals' => [
[
'id' => 1,
'name' => 'GİRİŞ 1',
'url' => 'http://hdd.inoon.uk',
'port' => '8080',
],
[
'id' => 2,
'name' => 'GİRİŞ 2',
'url' => 'http://hdd.inoon.uk',
'port' => '8080',
],
[
'id' => 3,
'name' => 'GİRİŞ 3',
'url' => 'http://imagson.site',
'port' => '8080',
],
],
];
echo json_encode([
'status' => 'success',
'data' => $config,
'timestamp' => time()
], JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
exit;
}
// ==========================================
// ADMIN PANEL ACCESS CHECK
// ==========================================
// Güvenli oturum kontrolü artık panel.php'nin en üstünde yapılmaktadır.
// ==========================================
// DEFAULT: API Dökümantasyonu
// ==========================================
if (!isset($_GET['action'])) {
header('Content-Type: application/json');
echo json_encode([
'name' => 'XC IPTV Secured API',
'version' => '2.0',
'status' => 'online',
'security' => 'enabled',
'endpoints' => [
'POST /api.php?action=login' => 'Admin login',
'GET /api.php?action=get_token&api_key=YOUR_KEY' => 'Get access token',
'GET /api.php?action=get_config&token=YOUR_TOKEN' => 'Get portal config',
],
'documentation' => 'https://docs.yourdomain.com'
], JSON_PRETTY_PRINT);
}
?>

13
composer.json Normal file
View File

@@ -0,0 +1,13 @@
{
"name": "xciptv/api",
"description": "XC IPTV Secured API Panel",
"type": "project",
"require": {
"php": ">=7.4"
},
"config": {
"platform": {
"php": "8.2"
}
}
}

166
config.php Normal file
View File

@@ -0,0 +1,166 @@
<?php
/**
* XC IPTV API - Yapılandırma Dosyası
*
* Sadece bu dosyayı düzenleyerek tüm ayarları değiştirebilirsin
*/
return [
// ==========================================
// PANEL AYARLARI
// ==========================================
'panel' => [
'url' => 'http://panel.example.com', // Panel URL
'port' => '8080', // Panel Port
'api_path' => '/player_api.php', // API endpoint
'timeout' => 30, // Connection timeout (saniye)
],
// ==========================================
// UYGULAMA AYARLARI
// ==========================================
'app' => [
'name' => 'My IPTV',
'package' => 'com.myiptv.app',
'version' => '7.0',
'version_code' => 70,
// Güncelleme
'force_update' => false,
'latest_version' => '7.0',
'update_url' => 'https://yourdomain.com/downloads/myiptv.apk',
'update_message' => 'Yeni versiyon mevcut! Lütfen güncelleyin.',
// Splash Screen
'splash_duration' => 3, // saniye
'splash_logo' => 'https://yourdomain.com/assets/logo.png',
],
// ==========================================
// ÖZELLİKLER
// ==========================================
'features' => [
'live_tv' => true,
'vod' => true,
'series' => true,
'catchup' => true,
'epg' => true,
'recording' => false,
'parental_control' => true,
'multi_profile' => false,
'chromecast' => true,
'download' => false,
],
// ==========================================
// PLAYER AYARLARI
// ==========================================
'player' => [
'default_quality' => 'auto',
'buffer_size' => 'medium', // small, medium, large
'hardware_acceleration' => true,
'subtitle_enabled' => true,
'audio_passthrough' => false,
],
// ==========================================
// REKLAM AYARLARI (AdMob)
// ==========================================
'ads' => [
'enabled' => false,
'provider' => 'admob', // admob, facebook, unity
// AdMob IDs
'banner_id' => 'ca-app-pub-xxxxx',
'interstitial_id' => 'ca-app-pub-xxxxx',
'rewarded_id' => 'ca-app-pub-xxxxx',
'native_id' => 'ca-app-pub-xxxxx',
// Görüntüleme Sıklığı
'show_on_startup' => false,
'show_between_videos' => true,
'videos_between_ads' => 3, // Her 3 videoda bir
],
// ==========================================
// BAKIM MODU
// ==========================================
'maintenance' => [
'enabled' => false,
'title' => 'Bakımda',
'message' => 'Sistem şu an bakımda. Lütfen daha sonra tekrar deneyin.',
'estimated_time' => '2 saat',
'support_url' => 'https://yourdomain.com/support',
],
// ==========================================
// DUYURULAR
// ==========================================
'announcement' => [
'enabled' => false,
'type' => 'info', // info, warning, error, success
'title' => 'Önemli Duyuru',
'message' => 'Sistemde güncellemeler yapılmaktadır.',
'show_once' => true, // Kullanıcıya bir kere göster
'button_text' => 'Anladım',
'link' => '', // Opsiyonel: Daha fazla bilgi linki
],
// ==========================================
// GÜVENLİK
// ==========================================
'security' => [
'require_ssl' => false, // HTTPS zorunlu
'api_key_required' => false,
'api_key' => 'your-secret-api-key-here',
'rate_limit' => 100, // İstek limiti (dakika başına)
'allowed_ips' => [], // Boşsa tüm IP'ler izinli
'blocked_ips' => [],
],
// ==========================================
// SOSYAL MEDYA & DESTEK
// ==========================================
'social' => [
'facebook' => '',
'twitter' => '',
'instagram' => '',
'telegram' => '',
'website' => 'https://yourdomain.com',
'support_email' => 'support@yourdomain.com',
'support_phone' => '+90 XXX XXX XX XX',
],
// ==========================================
// GELİŞMİŞ AYARLAR
// ==========================================
'advanced' => [
'cache_enabled' => true,
'cache_duration' => 3600, // 1 saat
'debug_mode' => false,
'log_enabled' => true,
'log_file' => 'api.log',
'compression' => true, // GZIP sıkıştırma
],
// ==========================================
// VERSİYON GEÇMİŞİ
// ==========================================
'changelog' => [
'7.0' => [
'date' => '2024-02-21',
'changes' => [
'Yeni arayüz tasarımı',
'Performans iyileştirmeleri',
'Bug düzeltmeleri'
]
],
'6.5' => [
'date' => '2024-01-15',
'changes' => [
'EPG desteği eklendi',
'Chromecast entegrasyonu'
]
]
]
];

5
index.php Normal file
View File

@@ -0,0 +1,5 @@
<?php
// Redirect to login
header('Location: login.html');
exit;
?>

304
login.html Normal file
View File

@@ -0,0 +1,304 @@
<!DOCTYPE html>
<html lang="tr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Admin Login - XC IPTV Panel</title>
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
padding: 20px;
}
.login-container {
background: white;
border-radius: 20px;
box-shadow: 0 20px 60px rgba(0, 0, 0, 0.3);
padding: 50px 40px;
width: 100%;
max-width: 400px;
animation: slideIn 0.5s ease-out;
}
@keyframes slideIn {
from {
opacity: 0;
transform: translateY(-30px);
}
to {
opacity: 1;
transform: translateY(0);
}
}
.logo {
text-align: center;
margin-bottom: 40px;
}
.logo-icon {
font-size: 64px;
margin-bottom: 10px;
}
.logo h1 {
font-size: 24px;
color: #2c3e50;
margin-bottom: 5px;
}
.logo p {
color: #7f8c8d;
font-size: 14px;
}
.form-group {
margin-bottom: 25px;
}
.form-group label {
display: block;
margin-bottom: 10px;
color: #2c3e50;
font-weight: 600;
font-size: 14px;
}
.form-group input {
width: 100%;
padding: 15px;
border: 2px solid #e0e0e0;
border-radius: 10px;
font-size: 14px;
transition: all 0.3s;
}
.form-group input:focus {
outline: none;
border-color: #667eea;
box-shadow: 0 0 0 4px rgba(102, 126, 234, 0.1);
}
.btn-login {
width: 100%;
padding: 15px;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
border: none;
border-radius: 10px;
font-size: 16px;
font-weight: 600;
cursor: pointer;
transition: all 0.3s;
text-transform: uppercase;
letter-spacing: 1px;
}
.btn-login:hover {
transform: translateY(-2px);
box-shadow: 0 10px 25px rgba(102, 126, 234, 0.4);
}
.btn-login:active {
transform: translateY(0);
}
.btn-login:disabled {
background: #95a5a6;
cursor: not-allowed;
transform: none;
}
.alert {
padding: 12px 15px;
border-radius: 8px;
margin-bottom: 20px;
font-size: 14px;
display: none;
}
.alert-error {
background: #fee;
color: #c33;
border: 1px solid #fcc;
}
.alert-success {
background: #efe;
color: #3c3;
border: 1px solid #cfc;
}
.remember-me {
display: flex;
align-items: center;
gap: 8px;
margin-bottom: 20px;
}
.remember-me input[type="checkbox"] {
width: 18px;
height: 18px;
cursor: pointer;
}
.remember-me label {
font-size: 14px;
color: #7f8c8d;
cursor: pointer;
}
.footer {
text-align: center;
margin-top: 30px;
padding-top: 20px;
border-top: 1px solid #e0e0e0;
}
.footer p {
color: #95a5a6;
font-size: 12px;
}
.loading {
display: inline-block;
width: 20px;
height: 20px;
border: 3px solid rgba(255, 255, 255, .3);
border-radius: 50%;
border-top-color: white;
animation: spin 1s ease-in-out infinite;
}
@keyframes spin {
to {
transform: rotate(360deg);
}
}
</style>
</head>
<body>
<div class="login-container">
<div class="logo">
<div class="logo-icon">🔐</div>
<h1>Admin Panel</h1>
<p>XC IPTV Management System</p>
</div>
<div id="alertBox" class="alert"></div>
<form id="loginForm">
<div class="form-group">
<label for="username">👤 Kullanıcı Adı</label>
<input type="text" id="username" name="username" placeholder="Kullanıcı adınızı girin" required
autocomplete="username">
</div>
<div class="form-group">
<label for="password">🔒 Şifre</label>
<input type="password" id="password" name="password" placeholder="Şifrenizi girin" required
autocomplete="current-password">
</div>
<div class="remember-me">
<input type="checkbox" id="remember" name="remember">
<label for="remember">Beni hatırla</label>
</div>
<button type="submit" class="btn-login" id="loginBtn">
Giriş Yap
</button>
</form>
<div class="footer">
<p>© 2024 XC IPTV Panel. Tüm hakları saklıdır.</p>
<p style="margin-top: 10px; font-size: 11px;">
<strong>Varsayılan Giriş:</strong><br>
Username: admin | Password: admin123
</p>
</div>
</div>
<script>
const loginForm = document.getElementById('loginForm');
const loginBtn = document.getElementById('loginBtn');
const alertBox = document.getElementById('alertBox');
// Show alert
function showAlert(message, type = 'error') {
alertBox.textContent = message;
alertBox.className = `alert alert-${type}`;
alertBox.style.display = 'block';
setTimeout(() => {
alertBox.style.display = 'none';
}, 5000);
}
// Login form submit
loginForm.addEventListener('submit', async (e) => {
e.preventDefault();
const username = document.getElementById('username').value;
const password = document.getElementById('password').value;
// Disable button
loginBtn.disabled = true;
loginBtn.innerHTML = '<span class="loading"></span> Giriş yapılıyor...';
try {
const response = await fetch('api_secured.php', {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
body: `action=login&username=${encodeURIComponent(username)}&password=${encodeURIComponent(password)}`
});
const data = await response.json();
if (data.status === 'success') {
showAlert('✅ Giriş başarılı! Yönlendiriliyorsunuz...', 'success');
setTimeout(() => {
window.location.href = data.redirect || 'panel.php';
}, 1000);
} else {
showAlert('❌ ' + (data.message || 'Giriş başarısız!'), 'error');
loginBtn.disabled = false;
loginBtn.textContent = 'Giriş Yap';
}
} catch (error) {
showAlert('❌ Bağlantı hatası! Lütfen tekrar deneyin.', 'error');
loginBtn.disabled = false;
loginBtn.textContent = 'Giriş Yap';
}
});
// Auto-focus username
document.getElementById('username').focus();
// Enter key support
document.getElementById('password').addEventListener('keypress', (e) => {
if (e.key === 'Enter') {
loginForm.dispatchEvent(new Event('submit'));
}
});
</script>
</body>
</html>

455
panel.php Normal file
View File

@@ -0,0 +1,455 @@
<?php
session_start();
if (!isset($_SESSION['admin_logged_in']) || $_SESSION['admin_logged_in'] !== true) {
header('Location: login.html');
exit;
}
?>
<!DOCTYPE html>
<html lang="tr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>XC IPTV Panel - Portal Yönetimi</title>
<style>
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
min-height: 100vh;
padding: 20px;
}
.container {
max-width: 1400px;
margin: 0 auto;
background: white;
border-radius: 12px;
box-shadow: 0 20px 60px rgba(0,0,0,0.3);
overflow: hidden;
}
.header {
background: linear-gradient(135deg, #2c3e50 0%, #34495e 100%);
color: white;
padding: 30px;
text-align: center;
}
.header h1 {
font-size: 28px;
margin-bottom: 10px;
}
.header p {
opacity: 0.8;
font-size: 14px;
}
.content {
padding: 30px;
display: grid;
grid-template-columns: repeat(auto-fit, minmax(400px, 1fr));
gap: 30px;
}
.section {
background: #f8f9fa;
border-radius: 8px;
padding: 25px;
border: 1px solid #e0e0e0;
}
.section h2 {
font-size: 18px;
margin-bottom: 20px;
color: #2c3e50;
border-bottom: 2px solid #667eea;
padding-bottom: 10px;
}
.form-group {
margin-bottom: 20px;
}
.form-group label {
display: block;
margin-bottom: 8px;
font-weight: 600;
color: #555;
font-size: 14px;
}
.form-group input,
.form-group select {
width: 100%;
padding: 12px 15px;
border: 2px solid #e0e0e0;
border-radius: 6px;
font-size: 14px;
transition: all 0.3s;
}
.form-group input:focus,
.form-group select:focus {
outline: none;
border-color: #667eea;
box-shadow: 0 0 0 3px rgba(102, 126, 234, 0.1);
}
.portal-box {
background: white;
border-radius: 8px;
padding: 20px;
margin-bottom: 15px;
border: 2px solid #e0e0e0;
position: relative;
}
.portal-box.active {
border-color: #27ae60;
background: #f0fff4;
}
.portal-box h3 {
font-size: 16px;
margin-bottom: 15px;
color: #2c3e50;
}
.portal-status {
position: absolute;
top: 15px;
right: 15px;
padding: 5px 12px;
border-radius: 20px;
font-size: 12px;
font-weight: 600;
}
.portal-status.active {
background: #27ae60;
color: white;
}
.portal-status.inactive {
background: #e74c3c;
color: white;
}
.btn {
padding: 12px 25px;
border: none;
border-radius: 6px;
font-size: 14px;
font-weight: 600;
cursor: pointer;
transition: all 0.3s;
text-transform: uppercase;
letter-spacing: 0.5px;
}
.btn-primary {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
}
.btn-primary:hover {
transform: translateY(-2px);
box-shadow: 0 10px 20px rgba(102, 126, 234, 0.3);
}
.btn-success {
background: #27ae60;
color: white;
}
.btn-danger {
background: #e74c3c;
color: white;
}
.checkbox-group {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(120px, 1fr));
gap: 10px;
}
.checkbox-item {
display: flex;
align-items: center;
gap: 8px;
}
.checkbox-item input[type="checkbox"] {
width: 18px;
height: 18px;
}
.api-url {
background: #2c3e50;
color: white;
padding: 15px;
border-radius: 6px;
font-family: 'Courier New', monospace;
font-size: 13px;
margin-top: 20px;
word-break: break-all;
}
.copy-btn {
background: #3498db;
color: white;
border: none;
padding: 8px 15px;
border-radius: 4px;
cursor: pointer;
margin-top: 10px;
font-size: 12px;
}
.stats {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(150px, 1fr));
gap: 15px;
margin-top: 20px;
}
.stat-box {
background: white;
padding: 20px;
border-radius: 8px;
text-align: center;
border: 2px solid #e0e0e0;
}
.stat-value {
font-size: 32px;
font-weight: bold;
color: #667eea;
}
.stat-label {
font-size: 12px;
color: #666;
margin-top: 5px;
text-transform: uppercase;
}
</style>
</head>
<body>
<div class="container">
<div class="header">
<h1>📺 XC IPTV Panel Yönetimi</h1>
<p>appsnscripts Style - Multi Portal Manager</p>
</div>
<div class="content">
<!-- APP SETTINGS -->
<div class="section">
<h2>📱 App Settings</h2>
<div class="form-group">
<label>App Name</label>
<input type="text" value="MAGTV Android Player" id="appName">
</div>
<div class="form-group">
<label>Customer ID Number</label>
<input type="text" value="v2000" id="customerId">
</div>
<div class="form-group">
<label>App Expiry</label>
<select id="expiry">
<option value="LIFETIME" selected>LIFETIME</option>
<option value="2025-12-31">2025-12-31</option>
<option value="2026-12-31">2026-12-31</option>
</select>
</div>
<div class="form-group">
<label>Developer Name</label>
<input type="text" value="Ayris.Dev" id="developerName">
</div>
<div class="form-group">
<label>Developer Contact</label>
<input type="url" value="https://ayris.dev" id="developerContact">
</div>
<div class="form-group">
<label>Backup URL (API Endpoint)</label>
<input type="url" value="https://hc28.otttrun.com/api3/" id="backupUrl">
</div>
<button class="btn btn-primary" onclick="saveAppSettings()">💾 Kaydet</button>
</div>
<!-- PORTAL SETTINGS -->
<div class="section" style="grid-column: span 2;">
<h2>🌐 Portal Settings</h2>
<div style="display: grid; grid-template-columns: repeat(auto-fit, minmax(300px, 1fr)); gap: 20px;">
<!-- Portal 1 -->
<div class="portal-box active">
<span class="portal-status active">ACTIVE</span>
<h3>Portal 1</h3>
<div class="form-group">
<label>Portal Name</label>
<input type="text" value="GİRİŞ 1">
</div>
<div class="form-group">
<label>Portal Address</label>
<input type="text" value="http://hdd.inoon.uk:8080">
</div>
</div>
<!-- Portal 2 -->
<div class="portal-box active">
<span class="portal-status active">ACTIVE</span>
<h3>Portal 2</h3>
<div class="form-group">
<label>Portal Name</label>
<input type="text" value="GİRİŞ 2">
</div>
<div class="form-group">
<label>Portal Address</label>
<input type="text" value="http://hdd.inoon.uk:8080">
</div>
</div>
<!-- Portal 3 -->
<div class="portal-box active">
<span class="portal-status active">ACTIVE</span>
<h3>Portal 3</h3>
<div class="form-group">
<label>Portal Name</label>
<input type="text" value="GİRİŞ 3">
</div>
<div class="form-group">
<label>Portal Address</label>
<input type="text" value="http://imagson.site:8080">
</div>
</div>
<!-- Portal 4 -->
<div class="portal-box">
<span class="portal-status inactive">INACTIVE</span>
<h3>Portal 4</h3>
<div class="form-group">
<label>Portal Name</label>
<input type="text" placeholder="Portal 4 Name">
</div>
<div class="form-group">
<label>Portal Address</label>
<input type="text" placeholder="http://example.com:8080">
</div>
</div>
<!-- Portal 5 -->
<div class="portal-box">
<span class="portal-status inactive">INACTIVE</span>
<h3>Portal 5</h3>
<div class="form-group">
<label>Portal Name</label>
<input type="text" placeholder="Portal 5 Name">
</div>
<div class="form-group">
<label>Portal Address</label>
<input type="text" placeholder="http://example.com:8080">
</div>
</div>
</div>
<button class="btn btn-success" onclick="savePortals()" style="margin-top: 20px;">💾 Portalları Kaydet</button>
</div>
<!-- UI CONTROL -->
<div class="section">
<h2>🎨 UI Control</h2>
<div class="form-group">
<label>Show Live TV Icon?</label>
<div class="checkbox-group">
<div class="checkbox-item"><input type="checkbox" checked> Portal 1</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 2</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 3</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 4</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 5</div>
</div>
</div>
<div class="form-group">
<label>Show VOD Icon?</label>
<div class="checkbox-group">
<div class="checkbox-item"><input type="checkbox" checked> Portal 1</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 2</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 3</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 4</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 5</div>
</div>
</div>
<div class="form-group">
<label>Show Series Icon?</label>
<div class="checkbox-group">
<div class="checkbox-item"><input type="checkbox" checked> Portal 1</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 2</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 3</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 4</div>
<div class="checkbox-item"><input type="checkbox" checked> Portal 5</div>
</div>
</div>
</div>
<!-- API INFO -->
<div class="section">
<h2>🔗 API Information</h2>
<div class="stats">
<div class="stat-box">
<div class="stat-value">3</div>
<div class="stat-label">Active Portals</div>
</div>
<div class="stat-box">
<div class="stat-value">∞</div>
<div class="stat-label">License Status</div>
</div>
</div>
<div class="api-url" id="apiUrl">
https://yourdomain.com/api/app.php
</div>
<button class="copy-btn" onclick="copyApiUrl()">📋 Kopyala</button>
<button class="btn btn-primary" onclick="testApi()" style="width: 100%; margin-top: 15px;">
🧪 API'yi Test Et
</button>
</div>
</div>
</div>
<script>
function saveAppSettings() {
alert('✅ App ayarları kaydedildi!');
}
function savePortals() {
alert('✅ Portal ayarları kaydedildi!');
}
function copyApiUrl() {
const url = document.getElementById('apiUrl').textContent;
navigator.clipboard.writeText(url);
alert('📋 API URL kopyalandı!');
}
function testApi() {
const apiUrl = document.getElementById('apiUrl').textContent;
window.open(apiUrl, '_blank');
}
</script>
</body>
</html>

17
vercel.json Normal file
View File

@@ -0,0 +1,17 @@
{
"version": 2,
"functions": {
"api/**/*.php": {
"runtime": "vercel-php@0.6.0"
}
},
"routes": [
{
"src": "/(.*)",
"dest": "/$1"
}
],
"env": {
"PHP_VERSION": "8.2"
}
}