<?php
// 在文件最开头启动 session
session_start();

// 处理表单提交 - 使用会话防止重复提交
if ($_SERVER["REQUEST_METHOD"] == "POST" && 
    isset($_POST['form_submitted']) && 
    $_POST['form_submitted'] == '1' &&
    (!isset($_SESSION['last_submit']) || $_SESSION['last_submit'] != ($_POST['message'] ?? ''))) {
    
    $message = trim($_POST['message'] ?? '');
    
    if (!empty($message)) {
        // 防止HTML/JS注入
        $message = htmlspecialchars($message, ENT_QUOTES, 'UTF-8');
        
        // 获取当前时间
        $timestamp = date('Y-m-d H:i:s');
        
        // 创建消息数组
        $newMessage = [
            'content' => $message,
            'timestamp' => $timestamp
        ];
        
        // 读取现有消息 - 使用PHP 7.0的空合并运算符
        $messages = [];
        if (file_exists('messages.json')) {
            $messages = json_decode(file_get_contents('messages.json'), true) ?? [];
        }
        
        // 添加新消息到开头
        array_unshift($messages, $newMessage);
        
        // 限制消息数量（最多50条）
        if (count($messages) > 50) {
            $messages = array_slice($messages, 0, 5000);
        }
        
        // 保存消息到文件
        if (file_put_contents('messages.json', json_encode($messages, JSON_PRETTY_PRINT))) {
            // 记录最后一次提交的内容，防止重复
            $_SESSION['last_submit'] = $_POST['message'];
            
            // 设置成功标志
            $messagePosted = true;
        }
    }
}
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>匿名留言板 - 密码保护</title>
    <style>
        * {
            margin: 0;
            padding: 0;
            box-sizing: border-box;
            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
        }
        
        body {
            background: linear-gradient(135deg, #6a11cb 0%, #2575fc 100%);
            color: #333;
            line-height: 1.6;
            min-height: 100vh;
            padding: 20px;
            display: flex;
            justify-content: center;
            align-items: center;
        }
        
        .container {
            max-width: 800px;
            width: 100%;
            background-color: rgba(255, 255, 255, 0.95);
            border-radius: 15px;
            box-shadow: 0 10px 30px rgba(0, 0, 0, 0.2);
            overflow: hidden;
        }
        
        header {
            background: linear-gradient(to right, #4a00e0, #8e2de2);
            color: white;
            padding: 30px 20px;
            text-align: center;
        }
        
        h1 {
            font-size: 2.5rem;
            margin-bottom: 10px;
        }
        
        .tagline {
            font-size: 1.1rem;
            opacity: 0.9;
        }
        
        .main-content {
            padding: 30px;
        }
        
        .password-section {
            text-align: center;
            padding: 40px 20px;
        }
        
        .password-form {
            max-width: 400px;
            margin: 0 auto;
            background-color: #f8f9fa;
            padding: 30px;
            border-radius: 10px;
            box-shadow: 0 5px 15px rgba(0, 0, 0, 0.05);
        }
        
        .password-input {
            width: 100%;
            padding: 15px;
            border: 2px solid #e9ecef;
            border-radius: 8px;
            font-size: 1rem;
            margin-bottom: 20px;
            text-align: center;
            letter-spacing: 3px;
            font-weight: bold;
        }
        
        .password-input:focus {
            outline: none;
            border-color: #4a00e0;
        }
        
        .error-message {
            color: #e74c3c;
            margin-bottom: 15px;
            font-size: 0.9rem;
            min-height: 20px;
            padding: 8px;
            background-color: #fde8e8;
            border-radius: 4px;
            border-left: 4px solid #e74c3c;
        }
        
        .success-message {
            color: #27ae60;
            margin-bottom: 15px;
            font-size: 0.9rem;
            min-height: 20px;
            padding: 8px;
            background-color: #e8f6ef;
            border-radius: 4px;
            border-left: 4px solid #27ae60;
        }
        
        .btn {
            display: inline-block;
            background: linear-gradient(to right, #4a00e0, #8e2de2);
            color: white;
            border: none;
            padding: 12px 25px;
            border-radius: 50px;
            cursor: pointer;
            font-size: 1rem;
            font-weight: 600;
            transition: transform 0.3s, box-shadow 0.3s;
            box-shadow: 0 4px 15px rgba(74, 0, 224, 0.3);
            margin: 5px;
        }
        
        .btn:hover {
            transform: translateY(-3px);
            box-shadow: 0 7px 20px rgba(74, 0, 224, 0.4);
        }
        
        .btn:active {
            transform: translateY(0);
        }
        
        .btn-secondary {
            background: linear-gradient(to right, #6c757d, #868e96);
            box-shadow: 0 4px 15px rgba(108, 117, 125, 0.3);
        }
        
        .btn-secondary:hover {
            box-shadow: 0 7px 20px rgba(108, 117, 125, 0.4);
        }
        
        .message-form {
            background-color: #f8f9fa;
            padding: 25px;
            border-radius: 10px;
            margin-bottom: 30px;
            box-shadow: 0 5px 15px rgba(0, 0, 0, 0.05);
        }
        
        .form-group {
            margin-bottom: 20px;
        }
        
        label {
            display: block;
            margin-bottom: 8px;
            font-weight: 600;
            color: #495057;
        }
        
        textarea {
            width: 100%;
            padding: 15px;
            border: 2px solid #e9ecef;
            border-radius: 8px;
            font-size: 1rem;
            resize: vertical;
            min-height: 120px;
            transition: border-color 0.3s;
        }
        
        textarea:focus {
            outline: none;
            border-color: #4a00e0;
        }
        
        .messages-section h2 {
            color: #343a40;
            margin-bottom: 20px;
            padding-bottom: 10px;
            border-bottom: 2px solid #e9ecef;
        }
        
        .message {
            background: white;
            padding: 20px;
            border-radius: 10px;
            margin-bottom: 20px;
            box-shadow: 0 3px 10px rgba(0, 0, 0, 0.08);
            border-left: 4px solid #8e2de2;
            transition: transform 0.3s;
        }
        
        .message:hover {
            transform: translateY(-5px);
        }
        
        .message-content {
            font-size: 1.1rem;
            margin-bottom: 10px;
            color: #495057;
        }
        
        .message-meta {
            font-size: 0.85rem;
            color: #6c757d;
            display: flex;
            justify-content: space-between;
        }
        
        .empty-message {
            text-align: center;
            padding: 40px 20px;
            color: #6c757d;
            font-style: italic;
        }
        
        .lock-icon {
            font-size: 4rem;
            margin-bottom: 20px;
            color: #4a00e0;
        }
        
        .hidden {
            display: none;
        }
        
        .logout-section {
            text-align: right;
            margin-bottom: 20px;
        }
        
        footer {
            text-align: center;
            padding: 20px;
            color: #6c757d;
            font-size: 0.9rem;
            border-top: 1px solid #e9ecef;
            background-color: #f8f9fa;
        }
        
        @media (max-width: 600px) {
            .container {
                border-radius: 10px;
            }
            
            h1 {
                font-size: 2rem;
            }
            
            .main-content {
                padding: 20px;
            }
            
            .message-meta {
                flex-direction: column;
            }
            
            .message-time {
                margin-top: 5px;
            }
        }
    </style>
</head>
<body>
    <div class="container">
        <header>
            <h1>匿名留言板</h1>
            <p class="tagline">畅所欲言，无需顾虑</p>
        </header>
        
        <div class="main-content">
            <!-- 密码输入区域 -->
            <div id="passwordSection" class="password-section">
                <div class="lock-icon">🔒</div>
                <h2>请输入访问密码</h2>
                <div class="password-form">
                    <input type="password" id="passwordInput" class="password-input" placeholder="输入密码" autocomplete="off">
                    <div id="errorMessage" class="error-message"></div>
                    <div id="successMessage" class="success-message"></div>
                    <button id="submitPassword" class="btn">进入留言板</button>
                </div>
            </div>
            
            <!-- 留言板内容区域 -->
            <div id="messageBoard" class="hidden">
                <div class="logout-section">
                    <button id="logoutBtn" class="btn btn-secondary">退出登录</button>
                </div>
                
                <div class="message-form">
                    <h2>发布留言</h2>
                    <?php if (isset($messagePosted) && $messagePosted): ?>
                        <div class="success-message">留言发布成功！</div>
                    <?php endif; ?>
                    <form method="POST" action="" id="messageForm">
                        <input type="hidden" name="form_submitted" value="1">
                        <div class="form-group">
                            <label for="message">留言内容</label>
                            <textarea id="message" name="message" placeholder="请输入您的留言..." required></textarea>
                        </div>
                        <button type="submit" class="btn" name="submit">发布留言</button>
                    </form>
                </div>
                
                <div class="messages-section">
                    <h2>所有留言</h2>
                    <?php
                    // 显示消息
                    if (file_exists('messages.json')) {
                        $messages = json_decode(file_get_contents('messages.json'), true) ?? [];
                        
                        if (empty($messages)) {
                            echo '<div class="empty-message">暂无留言，快来发布第一条吧！</div>';
                        } else {
                            foreach ($messages as $msg) {
                                echo '<div class="message">';
                                echo '<div class="message-content">' . ($msg['content'] ?? '') . '</div>';
                                echo '<div class="message-meta">';
                                echo '<span class="message-author">匿名用户</span>';
                                echo '<span class="message-time">' . ($msg['timestamp'] ?? '') . '</span>';
                                echo '</div>';
                                echo '</div>';
                            }
                        }
                    } else {
                        echo '<div class="empty-message">暂无留言，快来发布第一条吧！</div>';
                    }
                    ?>
                </div>
            </div>
        </div>
        
        <footer>
            <p>匿名留言板 - 所有留言均为匿名发布</p>
        </footer>
    </div>

    <script>
        document.addEventListener('DOMContentLoaded', function() {
            const passwordSection = document.getElementById('passwordSection');
            const messageBoard = document.getElementById('messageBoard');
            const passwordInput = document.getElementById('passwordInput');
            const submitPassword = document.getElementById('submitPassword');
            const logoutBtn = document.getElementById('logoutBtn');
            const errorMessage = document.getElementById('errorMessage');
            const successMessage = document.getElementById('successMessage');
            const messageForm = document.getElementById('messageForm');
            
            // 预设密码
            const correctPassword = '112233';
            
            // 检查是否已经通过验证
            if (localStorage.getItem('authenticated') === 'true') {
                showMessageBoard();
            }
            
            // 提交密码
            submitPassword.addEventListener('click', function() {
                const enteredPassword = passwordInput.value.trim();
                
                if (enteredPassword === '') {
                    showError('请输入密码');
                    return;
                }
                
                if (enteredPassword === correctPassword) {
                    // 密码正确，显示留言板
                    localStorage.setItem('authenticated', 'true');
                    showSuccess('密码正确，正在进入...');
                    setTimeout(showMessageBoard, 500);
                } else {
                    // 密码错误
                    showError('密码错误，请重新输入');
                    passwordInput.value = '';
                    passwordInput.focus();
                }
            });
            
            // 按Enter键提交密码
            passwordInput.addEventListener('keypress', function(e) {
                if (e.key === 'Enter') {
                    submitPassword.click();
                }
            });
            
            // 退出功能
            logoutBtn.addEventListener('click', function() {
                localStorage.removeItem('authenticated');
                showPasswordSection();
                showSuccess('已成功退出登录');
            });
            
            // 表单提交时保持认证状态
            messageForm.addEventListener('submit', function() {
                // 确保认证状态被保留
                localStorage.setItem('authenticated', 'true');
            });
            
            function showMessageBoard() {
                passwordSection.classList.add('hidden');
                messageBoard.classList.remove('hidden');
                clearMessages();
            }
            
            function showPasswordSection() {
                passwordSection.classList.remove('hidden');
                messageBoard.classList.add('hidden');
                passwordInput.value = '';
                clearMessages();
                passwordInput.focus();
            }
            
            function showError(message) {
                errorMessage.textContent = message;
                successMessage.textContent = '';
            }
            
            function showSuccess(message) {
                successMessage.textContent = message;
                errorMessage.textContent = '';
            }
            
            function clearMessages() {
                errorMessage.textContent = '';
                successMessage.textContent = '';
            }
            
            // 页面加载完成后自动聚焦密码输入框
            passwordInput.focus();
        });
    </script>
</body>
</html>