'General', 'security.json' => 'Security', 'parking.json' => 'Parking', 'feature.json' => 'Feature', 'personal.json' => 'Personal', 'other.json' => 'Other', ]; // Optional: set a password to protect the editor (recommended on public servers). $editorPassword = ''; // e.g. 'ChangeMe123!' (leave blank to disable) /* ========================= AUTH (optional) ========================= */ if ($editorPassword !== '') { if (isset($_POST['logout'])) { unset($_SESSION['json_editor_authed']); header("Location: " . strtok($_SERVER["REQUEST_URI"], '?')); exit; } $authed = ($_SESSION['json_editor_authed'] ?? false) === true; if (!$authed) { $err = ''; if (isset($_POST['login_password'])) { if (hash_equals($editorPassword, (string)$_POST['login_password'])) { $_SESSION['json_editor_authed'] = true; header("Location: " . strtok($_SERVER["REQUEST_URI"], '?')); exit; } else { $err = 'Wrong password.'; } } echo "JSON Editor Login

JSON Editor

" . ($err ? "
".$err."
" : "") . "
Tip: Set \$editorPassword in the file to protect this editor.
"; exit; } } /* ========================= HELPERS ========================= */ function h(string $s): string { return htmlspecialchars($s, ENT_QUOTES, 'UTF-8'); } function isAllowed(string $f, array $allowed): bool { return array_key_exists($f, $allowed); } function readJsonFile(string $path): array { if (!is_file($path)) return ["apps" => []]; $raw = file_get_contents($path); if ($raw === false) return ["apps" => []]; $data = json_decode($raw, true); if (!is_array($data)) return ["apps" => []]; if (!isset($data["apps"]) || !is_array($data["apps"])) $data["apps"] = []; return $data; } function normalizeApps(array $apps): array { $out = []; foreach ($apps as $app) { if (!is_array($app)) continue; $item = [ "name" => trim((string)($app["name"] ?? "")), "url" => trim((string)($app["url"] ?? "")), "icon" => trim((string)($app["icon"] ?? "")), "tint" => trim((string)($app["tint"] ?? "")), "hint" => trim((string)($app["hint"] ?? "")), "target" => trim((string)($app["target"] ?? "_blank")), ]; if ($item["name"] === "" && $item["url"] === "" && $item["icon"] === "" && $item["hint"] === "") { continue; } // Light sanity: allow only common targets if (!in_array($item["target"], ["_blank","_self","_top","_parent"], true)) $item["target"] = "_blank"; $out[] = $item; } return $out; } function backupFile(string $path): void { if (!is_file($path)) return; $dir = dirname($path); $base = basename($path); $stamp = date('Ymd-His'); $bak = $dir . DIRECTORY_SEPARATOR . $base . ".bak-" . $stamp; @copy($path, $bak); } function writeJsonFile(string $path, array $data): bool { $json = json_encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES); if ($json === false) return false; $json .= "\n"; return file_put_contents($path, $json, LOCK_EX) !== false; } /* ========================= ROUTING / STATE ========================= */ if (!is_dir($dataDir)) { @mkdir($dataDir, 0755, true); } $file = $_GET['f'] ?? 'general.json'; $file = is_string($file) ? $file : 'general.json'; if (!isAllowed($file, $allowedFiles)) $file = 'general.json'; $path = $dataDir . DIRECTORY_SEPARATOR . $file; $notice = ''; $error = ''; $mode = $_GET['mode'] ?? 'structured'; $mode = ($mode === 'raw') ? 'raw' : 'structured'; /* ========================= SAVE HANDLERS ========================= */ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $action = $_POST['action'] ?? ''; if ($action === 'save_structured') { $apps = $_POST['apps'] ?? []; if (!is_array($apps)) $apps = []; $apps = normalizeApps($apps); $data = ["apps" => $apps]; backupFile($path); if (writeJsonFile($path, $data)) { $notice = "Saved: {$file}"; } else { $error = "Failed to save: {$file} (check permissions)."; } } elseif ($action === 'save_raw') { $raw = (string)($_POST['raw_json'] ?? ''); $decoded = json_decode($raw, true); if (!is_array($decoded)) { $error = "Raw JSON is invalid."; } else { if (!isset($decoded["apps"]) || !is_array($decoded["apps"])) $decoded["apps"] = []; $decoded["apps"] = normalizeApps($decoded["apps"]); backupFile($path); if (writeJsonFile($path, $decoded)) { $notice = "Saved: {$file}"; } else { $error = "Failed to save: {$file} (check permissions)."; } } } elseif ($action === 'create_file') { // Allow creating missing allowed file if (!is_file($path)) { $data = ["apps" => []]; if (writeJsonFile($path, $data)) { $notice = "Created: {$file}"; } else { $error = "Failed to create: {$file} (check permissions)."; } } else { $notice = "{$file} already exists."; } } elseif ($action === 'delete_row') { // Not used (handled client-side) but kept safe. } } $data = readJsonFile($path); $apps = $data["apps"] ?? []; if (!is_array($apps)) $apps = []; $rawJsonPretty = json_encode(["apps" => normalizeApps($apps)], JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES); if ($rawJsonPretty === false) $rawJsonPretty = "{\n \"apps\": []\n}"; /* ========================= UI ========================= */ ?> JSON Section Editor

JSON Section Editor

Edits your /data/*.json app lists. Saves backups as .bak-YYYYMMDD-HHMMSS.
does not exist yet in /data.
File:
Name
URL
Icon (URL or data URI)
Tint (CSS gradient/colour)
Hint (tooltip)
Target
"","url"=>"","icon"=>"","tint"=>"","hint"=>"","target"=>"_blank"]]; foreach ($appsNorm as $i => $app): ?>
File:
Fields supported by your dashboard: name, url, icon, tint, hint, target. Leave icon blank to use the first letter badge.
Quick tip: If your dashboard page can’t load JSON when opened as file://, run it via a local web server or your hosting. This editor already runs on your server, so saving here is safe.