[], 'warnings' => []]); // تنبيهات البوت الذكي $kw = $pdo->prepare("SELECT keyword, warning_ar, warning_en, severity FROM blacklist_keywords WHERE is_active=1 AND (LOWER(:q) LIKE CONCAT('%', LOWER(keyword), '%') OR LOWER(:q2) LIKE CONCAT('%', LOWER(keyword_en), '%'))"); $kw->execute([':q' => $q, ':q2' => $q]); $warnings = $kw->fetchAll(PDO::FETCH_ASSOC); // البحث في البلاغات $stmt = $pdo->prepare("SELECT id, report_type, name, phone, page_name, keywords, description, image_path, created_at FROM blacklist_reports WHERE status='approved' AND (name LIKE :q OR phone LIKE :q OR page_name LIKE :q OR keywords LIKE :q OR description LIKE :q) ORDER BY created_at DESC LIMIT 50"); $stmt->execute([':q' => "%$q%"]); gozz_json(['reports' => $stmt->fetchAll(PDO::FETCH_ASSOC), 'warnings' => $warnings]); } /* ===================================================== 2) إضافة بلاغ جديد ===================================================== */ if ($action === 'submit_report' && $_SERVER['REQUEST_METHOD'] === 'POST') { if (!hash_equals($CSRF, $_POST['csrf_token'] ?? '')) gozz_json(['ok'=>false,'msg'=>'CSRF']); $type = $_POST['type'] ?? 'other'; $name = trim($_POST['name'] ?? ''); $phone = trim($_POST['phone'] ?? ''); $page = trim($_POST['page_name'] ?? ''); $keywords = trim($_POST['keywords'] ?? ''); $desc = trim($_POST['description'] ?? ''); $allowed = ['product','financial','service','other']; if (!in_array($type, $allowed, true)) $type = 'other'; if ($name === '' || $desc === '') { $_SESSION['flash'] = ['type'=>'error','msg'=>'الاسم والوصف حقول إجبارية | Name and description are required']; gozz_redirect('blacklist.php'); } if (mb_strlen($desc) > 2000 || mb_strlen($name) > 255) { $_SESSION['flash'] = ['type'=>'error','msg'=>'بيانات تتجاوز الحد المسموح']; gozz_redirect('blacklist.php'); } // ===== رفع الصورة بشكل آمن ===== $imagePath = null; if (!empty($_FILES['image']['tmp_name']) && $_FILES['image']['error'] === UPLOAD_ERR_OK) { $allowedMime = ['image/jpeg'=>'jpg','image/png'=>'png','image/webp'=>'webp','image/gif'=>'gif']; $finfo = new finfo(FILEINFO_MIME_TYPE); $mime = $finfo->file($_FILES['image']['tmp_name']); if (isset($allowedMime[$mime]) && $_FILES['image']['size'] <= 5 * 1024 * 1024) { $ext = $allowedMime[$mime]; $fname = 'rpt_' . date('Ymd') . '_' . bin2hex(random_bytes(8)) . '.' . $ext; $dir = __DIR__ . '/uploads/blacklist/'; if (!is_dir($dir)) @mkdir($dir, 0755, true); if (move_uploaded_file($_FILES['image']['tmp_name'], $dir . $fname)) { $imagePath = 'uploads/blacklist/' . $fname; } } } $stmt = $pdo->prepare("INSERT INTO blacklist_reports (report_type, name, phone, page_name, keywords, description, image_path, reporter_id, reporter_ip, status) VALUES (?,?,?,?,?,?,?,?,?, 'approved')"); $stmt->execute([ $type, $name, $phone, $page, $keywords, $desc, $imagePath, $_SESSION['user_id'] ?? null, $_SERVER['REMOTE_ADDR'] ?? null ]); $_SESSION['flash'] = ['type'=>'success','msg'=>'✓ تم إرسال البلاغ بنجاح | Report submitted successfully']; gozz_redirect('blacklist.php'); } /* ===================================================== 3) حذف بلاغ (الأدمن فقط) ===================================================== */ if ($action === 'delete' && $_SERVER['REQUEST_METHOD'] === 'POST') { if (!hash_equals($CSRF, $_POST['csrf_token'] ?? '')) gozz_redirect('blacklist.php'); $code = $_POST['admin_code'] ?? ''; if (!hash_equals(GOZZ_ADMIN_CODE, $code)) { $_SESSION['flash'] = ['type'=>'error','msg'=>'كود الأدمن غير صحيح | Invalid admin code']; gozz_redirect('blacklist.php'); } $id = (int)($_POST['report_id'] ?? 0); if ($id > 0) { $img = $pdo->prepare("SELECT image_path FROM blacklist_reports WHERE id=?"); $img->execute([$id]); $row = $img->fetch(); if ($row && !empty($row['image_path']) && file_exists(__DIR__.'/'.$row['image_path'])) { @unlink(__DIR__.'/'.$row['image_path']); } $pdo->prepare("DELETE FROM blacklist_reports WHERE id=?")->execute([$id]); $_SESSION['flash'] = ['type'=>'success','msg'=>'✓ تم حذف البلاغ | Report deleted']; } gozz_redirect('blacklist.php'); } /* ===================================================== 4) تحميل البلاغات الأولية ===================================================== */ $initial = $pdo->query("SELECT id, report_type, name, phone, page_name, keywords, description, image_path, created_at FROM blacklist_reports WHERE status='approved' ORDER BY created_at DESC LIMIT 30")->fetchAll(PDO::FETCH_ASSOC); $totalReports = (int)$pdo->query("SELECT COUNT(*) FROM blacklist_reports WHERE status='approved'")->fetchColumn(); $flash = $_SESSION['flash'] ?? null; unset($_SESSION['flash']); ?>

نظام نشط · حماية لحظية

نظام Gozz Blacklist
لحماية الجزائريين من الاحتيال والمنتجات المزيفة

ابحث عن أي اسم، رقم، صفحة، أو منتج قبل التعامل. أبلغ عن أي محتال لحماية الآخرين.

بلاغ موثق

24/7

مراقبة مستمرة

100%

مجاني وآمن

تقديم إبلاغ

ساحة الإبلاغات

أحدث البلاغات

لا توجد بلاغات بعد. كن أول من يبلّغ!

['ar'=>'منتج مزيف','en'=>'Fake Product','icon'=>'fa-box','class'=>'badge-product'], 'financial' => ['ar'=>'احتيال مالي','en'=>'Financial Scam','icon'=>'fa-money-bill-wave','class'=>'badge-financial'], 'service' => ['ar'=>'خدمة سيئة','en'=>'Bad Service','icon'=>'fa-screwdriver-wrench','class'=>'badge-service'], 'other' => ['ar'=>'آخر','en'=>'Other','icon'=>'fa-circle-info','class'=>'badge-other'] ]; $t = $typeMap[$r['report_type']] ?? $typeMap['other']; ?>

حذف (أدمن)