const express = require("express");
const app = express();
const bodyParser = require("body-parser");
const path = require("path");

app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());

// In-memory database
let users = [{ id: 1, name: "Admin", email: "admin@example.com", password: "1234", role: "admin" }];
let posts = [
  { id: 1, title: "Copyright Protection Guide", content: "Learn how to protect your content online." },
  { id: 2, title: "DMCA Takedown Method", content: "Steps to remove stolen content from websites." }
];
let loggedIn = false;

// Serve homepage
app.get("/", (req, res) => {
  let html = `
  <html>
  <head>
  <title>CopyrightPro CMS</title>
  <style>
  body { font-family: Arial; margin:0; background:#f5f5f5; }
  header{background:#111827;color:white;padding:20px;}
  nav a{color:white;margin:10px;text-decoration:none;}
  .container{padding:30px;}
  .post{background:white;padding:20px;margin-bottom:20px;border-radius:8px;}
  input,textarea{padding:10px;width:100%;margin:5px 0;}
  button{padding:10px 20px;background:#4f46e5;color:white;border:none;margin-top:10px;}
  @media(max-width:768px){.container{padding:10px;}}
  </style>
  <meta name='google-adsense-platform-account' content='ca-host-pub-1556223355139109'/>
<meta name='google-adsense-platform-domain' content='blogspot.com'/>

<script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3157558631207592&host=ca-host-pub-1556223355139109" crossorigin="anonymous"></script>

<!-- data-ad-client=ca-pub-3157558631207592 -->
<!-- --><style type="text/css">@import url(//www.blogger.com/static/v1/v-css/navbar/3334278262-classic.css);
div.b-mobile {display:none;}
</style>

</head>
  <body><script type="text/javascript">
    function setAttributeOnload(object, attribute, val) {
      if(window.addEventListener) {
        window.addEventListener('load',
          function(){ object[attribute] = val; }, false);
      } else {
        window.attachEvent('onload', function(){ object[attribute] = val; });
      }
    }
  </script>
<div id="navbar-iframe-container"></div>
<script type="text/javascript" src="https://apis.google.com/js/platform.js"></script>
<script type="text/javascript">
      gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() {
        if (gapi.iframes && gapi.iframes.getContext) {
          gapi.iframes.getContext().openChild({
              url: 'https://www.blogger.com/navbar/2619714864401668871?origin\x3dhttps://secret7team.blogspot.com',
              where: document.getElementById("navbar-iframe-container"),
              id: "navbar-iframe"
          });
        }
      });
    </script>
  <header>
  <h1>CopyrightPro CMS</h1>
  <nav>
  <a href="/">Home</a>
  <a href="/admin">Admin</a>
  </nav>
  </header>
  <div class="container">
  <h2>Latest Posts</h2>
  `;
  posts.forEach(p => {
    html += `<div class="post"><h3>${p.title}</h3><p>${p.content}</p></div>`;
  });
  html += `</div></body></html>`;
  res.send(html);
});

// Admin login page
app.get("/admin", (req, res) => {
  if (!loggedIn) {
    res.send(`
      <h2>Admin Login</h2>
      <form method="POST" action="/login">
      <input name="email" placeholder="Email">
      <input name="password" placeholder="Password">
      <button>Login</button>
      </form>
    `);
  } else {
    let postList = posts.map(p => `<li>${p.title}</li>`).join("");
    res.send(`
      <h1>Admin Dashboard</h1>
      <form method="POST" action="/post">
      <input name="title" placeholder="Post Title">
      <textarea name="content" placeholder="Post Content"></textarea>
      <button>Publish</button>
      </form>
      <h2>Existing Posts</h2>
      <ul>${postList}</ul>
      <form method="POST" action="/logout"><button>Logout</button></form>
    `);
  }
});

// Login logic
app.post("/login", (req, res) => {
  const { email, password } = req.body;
  const user = users.find(u => u.email === email && u.password === password);
  if (user && user.role === "admin") {
    loggedIn = true;
    res.redirect("/admin");
  } else {
    res.send("Invalid credentials. <a href='/admin'>Back</a>");
  }
});

// Logout
app.post("/logout", (req, res) => {
  loggedIn = false;
  res.redirect("/admin");
});

// Publish post
app.post("/post", (req, res) => {
  if (!loggedIn) return res.send("Login required.");
  const { title, content } = req.body;
  posts.push({ id: Date.now(), title, content });
  res.redirect("/admin");
});

app.listen(3000, () => {
  console.log("Full CMS running at http://localhost:3000");
});