<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);

// 🔥 BOT TOKEN
define('BOT_TOKEN', '8845710834:AAGrj4s7Mjooa443i_PQFmDUjfe_1yqt_Rw');
define('API_URL', 'https://api.telegram.org/bot'.BOT_TOKEN.'/');

// ✅ API Endpoints
define('NUMBER_API_ENDPOINT', 'https://exploitsindia.site/osint-api/number.php?exploits={term}');
define('AADHAAR_API_ENDPOINT', 'https://exploitsindia.site/osint-api/aadhar.php?exploits={term}');
define('FAMILY_API_ENDPOINT', 'https://exploitsindia.site/osint-api/family.php?exploits={term}');
define('PINCODE_API_ENDPOINT', 'https://exploitsindia.site/osint-api/pincode.php?exploits={term}');
define('IFSC_API_ENDPOINT', 'https://exploitsindia.site/osint-api/ifsc.php?exploits={term}');
define('TELEGRAM_API_ENDPOINT', 'https://exploitsindia.site/osint-api/telegram.php?exploits={term}');
define('INSTAGRAM_API_ENDPOINT', 'https://exploitsindia.site/osint-api/instagram.php?exploits={term}');
define('VEHICLE_API_ENDPOINT', 'https://exploitsindia.site/osint-api/vehicle.php?exploits={term}');
define('PAN_API_ENDPOINT', 'https://exploitsindia.site/osint-api/pancard.php?exploits={term}');

define('ADMIN_ID', '8289397038');
define('STATE_DIR', __DIR__.'/bot_states');
define('USERS_FILE', __DIR__.'/users.json');
define('PREMIUM_FILE', __DIR__.'/premium.json');
define('SETTINGS_FILE', __DIR__.'/settings.json');
define('CACHE_DIR', __DIR__.'/cache');
define('QR_CODE_URL', 'https://i.postimg.cc/c41ZzJBj/IMG-2261.jpg');
define('WELCOME_IMAGE_URL', 'https://i.postimg.cc/qvq7bq2j/file-00000000876071fa940a67514983106f.png');

// 🔥 PROTECTED
$PROTECTED_USERNAMES = ['Cyb3rS0ldier', 'Anish_Exploits', 'ZephrexXx'];
$PROTECTED_NUMBERS = ['9628041918'];
$PROTECTED_IDS = ['8289397038'];
$PROTECTED_INSTAGRAM = ['Cyb3rS0ldier', 'Anish_Exploits'];
$PROTECTED_PAN = ['NTEPK1628C'];

date_default_timezone_set('Asia/Kolkata');

// ✅ PLANS
$PLANS = [
    '1' => ['days' => 1, 'price' => 19, 'name' => '1 Day'],
    '2' => ['days' => 3, 'price' => 49, 'name' => '3 Days'],
    '3' => ['days' => 7, 'price' => 99, 'name' => '7 Days'],
    '4' => ['days' => 15, 'price' => 149, 'name' => '15 Days'],
    '5' => ['days' => 30, 'price' => 249, 'name' => '1 Month'],
    '6' => ['days' => 60, 'price' => 449, 'name' => '2 Months'],
    '7' => ['days' => 90, 'price' => 599, 'name' => '3 Months'],
    '8' => ['days' => 180, 'price' => 999, 'name' => '6 Months'],
    '9' => ['days' => 365, 'price' => 1699, 'name' => '1 Year']
];

// Create directories
foreach ([STATE_DIR, CACHE_DIR] as $dir) {
    if (!is_dir($dir)) @mkdir($dir, 0755, true);
}

foreach ([USERS_FILE, PREMIUM_FILE, SETTINGS_FILE] as $file) {
    if (!file_exists($file)) file_put_contents($file, json_encode([], JSON_PRETTY_PRINT));
}

$update_raw = file_get_contents('php://input');
if (!$update_raw) exit;
$update = json_decode($update_raw, true);
if (!is_array($update)) exit;

$msg = $update['message'] ?? null;
$cb = $update['callback_query'] ?? null;

$chat_id = null;
$text = '';

if (is_array($msg)) {
    $chat_id = $msg['chat']['id'] ?? null;
    $text = isset($msg['text']) ? trim($msg['text']) : '';
} elseif (is_array($cb)) {
    $chat_id = $cb['message']['chat']['id'] ?? null;
    $text = trim($cb['data'] ?? '');
}
if (!$chat_id) exit;

$user_first = '';
$username = '';
if (isset($msg['from'])) {
    $user_first = $msg['from']['first_name'] ?? 'User';
    $username = $msg['from']['username'] ?? '';
} elseif (isset($cb['from'])) {
    $user_first = $cb['from']['first_name'] ?? 'User';
    $username = $cb['from']['username'] ?? '';
}

function is_admin($id) { return strval($id) === strval(ADMIN_ID); }
function is_protected_username($term) { global $PROTECTED_USERNAMES; return in_array(ltrim($term, '@'), $PROTECTED_USERNAMES); }
function is_protected_number($number) { global $PROTECTED_NUMBERS; return in_array($number, $PROTECTED_NUMBERS); }
function is_protected_id($id) { global $PROTECTED_IDS; return in_array($id, $PROTECTED_IDS); }
function is_protected_instagram($username) { global $PROTECTED_INSTAGRAM; return in_array(strtolower(ltrim($username, '@')), array_map('strtolower', $PROTECTED_INSTAGRAM)); }
function is_protected_pan($pan) { global $PROTECTED_PAN; return in_array(strtoupper($pan), array_map('strtoupper', $PROTECTED_PAN)); }

function http_get($url, $use_cache = false) {
    global $CACHE_DIR;
    $cache_key = md5($url);
    $cache_file = $CACHE_DIR . '/' . $cache_key . '.json';
    
    if ($use_cache && file_exists($cache_file) && (time() - filemtime($cache_file) < 300)) {
        return file_get_contents($cache_file);
    }
    
    $ch = curl_init($url);
    curl_setopt_array($ch, [
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_FOLLOWLOCATION => true,
        CURLOPT_TIMEOUT => 15,
        CURLOPT_CONNECTTIMEOUT => 10,
        CURLOPT_SSL_VERIFYPEER => false,
        CURLOPT_SSL_VERIFYHOST => 0,
        CURLOPT_USERAGENT => 'Mozilla/5.0'
    ]);
    $out = curl_exec($ch);
    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);
    
    if ($out && $http_code == 200) {
        if ($use_cache) file_put_contents($cache_file, $out);
        return $out;
    }
    return "Error: Request failed (HTTP $http_code)";
}

function sendMessage($chat_id, $text, $reply_kb = null) {
    $payload = ['chat_id' => $chat_id, 'text' => $text, 'parse_mode' => 'HTML'];
    if ($reply_kb) $payload['reply_markup'] = json_encode($reply_kb);
    $ch = curl_init(API_URL . 'sendMessage');
    curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query($payload), CURLOPT_TIMEOUT => 10]);
    curl_exec($ch);
    curl_close($ch);
}

function sendPhoto($chat_id, $photo_url, $caption = '', $reply_kb = null) {
    $payload = ['chat_id' => $chat_id, 'photo' => $photo_url, 'parse_mode' => 'HTML'];
    if (!empty($caption)) $payload['caption'] = $caption;
    if ($reply_kb) $payload['reply_markup'] = json_encode($reply_kb);
    $ch = curl_init(API_URL . 'sendPhoto');
    curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query($payload), CURLOPT_TIMEOUT => 10]);
    curl_exec($ch);
    curl_close($ch);
}

function deleteMessage($chat_id, $message_id) {
    $ch = curl_init(API_URL . 'deleteMessage');
    curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query(['chat_id' => $chat_id, 'message_id' => $message_id]), CURLOPT_TIMEOUT => 5]);
    curl_exec($ch);
    curl_close($ch);
}

function editMessage($chat_id, $message_id, $text, $reply_kb = null) {
    $payload = ['chat_id' => $chat_id, 'message_id' => $message_id, 'text' => $text, 'parse_mode' => 'HTML'];
    if ($reply_kb) $payload['reply_markup'] = json_encode($reply_kb);
    $ch = curl_init(API_URL . 'editMessageText');
    curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query($payload), CURLOPT_TIMEOUT => 5]);
    curl_exec($ch);
    curl_close($ch);
}

function answerCallback($callback_id, $text, $show_alert = false) {
    $ch = curl_init(API_URL . 'answerCallbackQuery');
    curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query(['callback_query_id' => $callback_id, 'text' => $text, 'show_alert' => $show_alert]), CURLOPT_TIMEOUT => 5]);
    curl_exec($ch);
    curl_close($ch);
}

function sendPhotoWithCaption($chat_id, $photo_url, $caption, $reply_kb = null) {
    $payload = ['chat_id' => $chat_id, 'photo' => $photo_url, 'caption' => $caption, 'parse_mode' => 'HTML'];
    if ($reply_kb) $payload['reply_markup'] = json_encode($reply_kb);
    $ch = curl_init(API_URL . 'sendPhoto');
    curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query($payload), CURLOPT_TIMEOUT => 10]);
    curl_exec($ch);
    curl_close($ch);
}

function load_users() { $j = @file_get_contents(USERS_FILE); $d = json_decode($j, true); return is_array($d) ? $d : []; }
function save_users($u) { file_put_contents(USERS_FILE, json_encode($u, JSON_PRETTY_PRINT)); }
function load_premium() { $j = @file_get_contents(PREMIUM_FILE); $d = json_decode($j, true); return is_array($d) ? $d : []; }
function save_premium($p) { file_put_contents(PREMIUM_FILE, json_encode($p, JSON_PRETTY_PRINT)); }
function load_settings() { $j = @file_get_contents(SETTINGS_FILE); $d = json_decode($j, true); return is_array($d) ? $d : ['maintenance' => false, 'total_lookups' => 0]; }
function save_settings($s) { file_put_contents(SETTINGS_FILE, json_encode($s, JSON_PRETTY_PRINT)); }

// Track user payment screenshots
$payment_tracker_file = __DIR__ . '/payment_tracker.json';
function has_pending_payment($chat_id) {
    global $payment_tracker_file;
    if (file_exists($payment_tracker_file)) {
        $tracker = json_decode(file_get_contents($payment_tracker_file), true);
        return isset($tracker[$chat_id]) && ($tracker[$chat_id] + 300) > time();
    }
    return false;
}
function set_pending_payment($chat_id) {
    global $payment_tracker_file;
    $tracker = [];
    if (file_exists($payment_tracker_file)) $tracker = json_decode(file_get_contents($payment_tracker_file), true);
    $tracker[$chat_id] = time();
    file_put_contents($payment_tracker_file, json_encode($tracker, JSON_PRETTY_PRINT));
}
function clear_pending_payment($chat_id) {
    global $payment_tracker_file;
    if (file_exists($payment_tracker_file)) {
        $tracker = json_decode(file_get_contents($payment_tracker_file), true);
        unset($tracker[$chat_id]);
        file_put_contents($payment_tracker_file, json_encode($tracker, JSON_PRETTY_PRINT));
    }
}

function is_premium($chat_id) {
    if (is_admin($chat_id)) return true;
    $premium = load_premium();
    if (!isset($premium[$chat_id])) return false;
    $expiry = $premium[$chat_id]['expiry'];
    if ($expiry <= time()) { unset($premium[$chat_id]); save_premium($premium); return false; }
    return true;
}

function get_premium_details($chat_id) {
    if (is_admin($chat_id)) return ['status' => 'admin', 'message' => "👑 <b>ADMIN ACCESS</b>\n\nYou have unlimited access as admin."];
    $premium = load_premium();
    if (!isset($premium[$chat_id])) return ['status' => 'none', 'message' => "❌ No active premium subscription.\n\n💰 Click 'Buy Premium' to get access."];
    
    $expiry = $premium[$chat_id]['expiry'];
    $now = time();
    $remaining = $expiry - $now;
    $days_left = floor($remaining / 86400);
    $hours_left = floor(($remaining % 86400) / 3600);
    
    if ($remaining <= 0) return ['status' => 'expired', 'message' => "❌ Your premium has expired!\n\n💰 Click 'Buy Premium' to renew."];
    
    $plan_name = $premium[$chat_id]['plan'] ?? 'Premium';
    $expiry_date = date('d-m-Y h:i A', $expiry);
    
    $status_msg = "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
    $status_msg .= "✅ <b>PREMIUM ACTIVE</b>\n";
    $status_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n";
    $status_msg .= "📦 <b>Plan:</b> {$plan_name}\n";
    $status_msg .= "💰 <b>Amount:</b> ₹{$premium[$chat_id]['amount']}\n";
    $status_msg .= "📅 <b>Expiry Date:</b> {$expiry_date}\n\n";
    $status_msg .= "⏰ <b>Time Remaining:</b>\n";
    $status_msg .= "├─ Days: <code>{$days_left}</code>\n";
    $status_msg .= "└─ Hours: <code>{$hours_left}</code>\n\n";
    $status_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
    $status_msg .= "💪 <b>Powered by: Anish Exploits</b>";
    
    return ['status' => 'active', 'message' => $status_msg];
}

function load_active_premium() {
    $all_premium = load_premium();
    $active = [];
    $now = time();
    foreach ($all_premium as $uid => $data) {
        if ($data['expiry'] > $now) $active[$uid] = $data;
        else unset($all_premium[$uid]);
    }
    if (count($all_premium) != count(load_premium())) save_premium($all_premium);
    return $active;
}

// 🔥 UPDATED GRANT PREMIUM FUNCTION WITH ADMIN NOTIFICATION
function grant_premium($chat_id, $days, $amount, $plan_name, $user_name, $user_username) {
    $premium = load_premium();
    $expiry = time() + ($days * 86400);
    $expiry_date = date('d-m-Y h:i A', $expiry);
    $activation_date = date('d-m-Y h:i A', time());
    
    $premium[$chat_id] = [
        'chat_id' => $chat_id, 
        'name' => $user_name, 
        'username' => $user_username,
        'plan' => $plan_name, 
        'days' => $days, 
        'amount' => $amount,
        'expiry' => $expiry, 
        'expiry_date' => $expiry_date,
        'activated_at' => time(), 
        'activated_date' => $activation_date
    ];
    save_premium($premium);
    
    $users = load_users();
    if (!isset($users[$chat_id])) $users[$chat_id] = [];
    $users[$chat_id]['name'] = $user_name;
    $users[$chat_id]['username'] = $user_username;
    save_users($users);
    
    // 📱 NOTIFICATION TO USER
    $user_msg = "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
    $user_msg .= "✅ <b>PREMIUM ACTIVATED!</b>\n";
    $user_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n";
    $user_msg .= "📦 Plan: {$plan_name}\n";
    $user_msg .= "💰 Amount: ₹{$amount}\n";
    $user_msg .= "📅 Valid Till: {$expiry_date}\n\n";
    $user_msg .= "🎉 Congratulations! Enjoy unlimited lookups!\n\n";
    $user_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
    $user_msg .= "💳 BUY API : @Cyb3rS0ldier\n";
    $user_msg .= "🆘 SUPPORT : @Cyb3rS0ldier\n";
    $user_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━";
    sendMessage($chat_id, $user_msg);
    
    // 📱 NOTIFICATION TO ADMIN
    $admin_msg = "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
    $admin_msg .= "✅ <b>PREMIUM ACTIVATED!</b>\n";
    $admin_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n";
    $admin_msg .= "👤 <b>USER DETAILS:</b>\n";
    $admin_msg .= "├─ Chat ID: <code>{$chat_id}</code>\n";
    $admin_msg .= "├─ Name: {$user_name}\n";
    $admin_msg .= "└─ Username: @{$user_username}\n\n";
    $admin_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n";
    $admin_msg .= "📋 <b>PLAN DETAILS:</b>\n";
    $admin_msg .= "├─ Plan: {$plan_name}\n";
    $admin_msg .= "├─ Days: {$days} Days\n";
    $admin_msg .= "└─ Amount: ₹{$amount}\n\n";
    $admin_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n";
    $admin_msg .= "⏰ <b>VALIDITY:</b>\n";
    $admin_msg .= "├─ Start: {$activation_date}\n";
    $admin_msg .= "└─ Expiry: {$expiry_date}\n\n";
    $admin_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━";
    sendMessage(ADMIN_ID, $admin_msg);
    
    return $expiry;
}

function revoke_premium($chat_id) {
    $premium = load_premium();
    if (isset($premium[$chat_id])) { 
        $user_name = $premium[$chat_id]['name'];
        $user_username = $premium[$chat_id]['username'];
        unset($premium[$chat_id]); 
        save_premium($premium); 
        
        // Notify user
        sendMessage($chat_id, "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n❌ <b>PREMIUM REVOKED</b>\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\nYour premium access has been revoked by admin.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━");
        
        // Notify admin
        $admin_msg = "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
        $admin_msg .= "❌ <b>PREMIUM REVOKED</b>\n";
        $admin_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n";
        $admin_msg .= "👤 Chat ID: <code>{$chat_id}</code>\n";
        $admin_msg .= "👤 Name: {$user_name}\n";
        $admin_msg .= "👤 Username: @{$user_username}\n\n";
        $admin_msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━";
        sendMessage(ADMIN_ID, $admin_msg);
        
        return true; 
    }
    return false;
}

function check_expiry_notifications() {
    $premium = load_premium();
    $notified = [];
    $file = __DIR__ . '/expiry_notified.json';
    if (file_exists($file)) $notified = json_decode(file_get_contents($file), true);
    if (!is_array($notified)) $notified = [];
    $now = time();
    $changed = false;
    foreach ($premium as $chat_id => $data) {
        $expiry = $data['expiry'];
        $remaining = $expiry - $now;
        $days_remaining = floor($remaining / 86400);
        if ($remaining <= 0 && !in_array($chat_id, $notified)) {
            sendMessage($chat_id, "⏰ <b>⚠️ YOUR PREMIUM HAS EXPIRED!</b>\n\nYour unlimited access is now over.\n\nTo continue enjoying unlimited lookups, please renew your subscription.\n\n💰 <b>Plans:</b>\n" . get_plans_text() . "\n\n📌 Click 'Buy Premium' button to renew.");
            $notified[] = $chat_id;
            $changed = true;
        } elseif ($remaining <= 604800 && $remaining > 0 && $days_remaining == 7 && !in_array($chat_id . "_7day", $notified)) {
            sendMessage($chat_id, "⚠️ <b>📅 PREMIUM EXPIRY ALERT!</b>\n\nYour premium will expire in <b>7 days</b>!\n\n📅 Expiry Date: <code>{$data['expiry_date']}</code>\n\nRenew now to continue uninterrupted access.\n\n💰 <b>Plans:</b>\n" . get_plans_text());
            $notified[] = $chat_id . "_7day";
            $changed = true;
        } elseif ($remaining <= 259200 && $remaining > 0 && $days_remaining == 3 && !in_array($chat_id . "_3day", $notified)) {
            sendMessage($chat_id, "⚠️ <b>⏰ PREMIUM EXPIRY ALERT!</b>\n\nYour premium will expire in <b>3 days</b>!\n\n📅 Expiry Date: <code>{$data['expiry_date']}</code>\n\nRenew now to continue uninterrupted access.\n\n💰 <b>Plans:</b>\n" . get_plans_text());
            $notified[] = $chat_id . "_3day";
            $changed = true;
        } elseif ($remaining <= 86400 && $remaining > 0 && $days_remaining == 1 && !in_array($chat_id . "_1day", $notified)) {
            sendMessage($chat_id, "⚠️ <b>🔴 LAST DAY ALERT!</b>\n\nYour premium will expire in <b>24 hours</b>!\n\n📅 Expiry Date: <code>{$data['expiry_date']}</code>\n\nRenew now to avoid interruption!\n\n💰 <b>Plans:</b>\n" . get_plans_text());
            $notified[] = $chat_id . "_1day";
            $changed = true;
        }
    }
    if ($changed) file_put_contents($file, json_encode($notified, JSON_PRETTY_PRINT));
}

function get_plans_text() {
    global $PLANS;
    $text = "";
    foreach ($PLANS as $plan) $text .= "• {$plan['name']} - ₹{$plan['price']}\n";
    return $text;
}

function dtfmt($ts) { return date('d-m-Y h:i A', $ts) . ' IST'; }

function clean_response($response) {
    $response = preg_replace('/💳 BUY API :.*?\n🆘 SUPPORT :.*?\n👮 Credit:.*?$/s', '', $response);
    $response = preg_replace('/💳 BUY API :.*?\n🆘 SUPPORT :.*?$/s', '', $response);
    $response = preg_replace('/BUY API:.*?\nSUPPORT:.*?$/s', '', $response);
    $response = preg_replace('/Credit :.*?\nApi By :.*?$/s', '', $response);
    $response = preg_replace('/👮 Credit:.*?$/s', '', $response);
    $response = preg_replace('/\n{3,}/', "\n\n", $response);
    return trim($response);
}

// ================= FORMAT FUNCTIONS =================
function format_number_response($response, $term, $retry = true) {
    if (is_protected_number($term)) {
        return "🔍 <b>Lookup Result for: {$term}</b>\n\n────────────────────────\n\n🛡️ <b>🔒 OWNER NUMBER IS PROTECTED</b>\n\n⚠️ Information cannot be displayed.\n🔐 This number is protected by the owner.\n\n────────────────────────\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    if (strpos($response, "Error") !== false || empty($response)) {
        if ($retry) { sleep(1); $url = str_replace('{term}', urlencode($term), NUMBER_API_ENDPOINT); $retry_response = http_get($url); return format_number_response($retry_response, $term, false); }
        return "❌ Error: No data found for this number.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    $response = clean_response($response);
    return "🔍 <b>NUMBER LOOKUP RESULT</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n" . $response . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
}

function format_aadhaar_response($response, $term, $retry = true) {
    if (strpos($response, "Error") !== false || empty($response)) {
        if ($retry) { sleep(1); $url = str_replace('{term}', urlencode($term), AADHAAR_API_ENDPOINT); $retry_response = http_get($url); return format_aadhaar_response($retry_response, $term, false); }
        return "❌ Error: No data found for this Aadhaar number.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    $response = clean_response($response);
    return "🪪 <b>AADHAAR LOOKUP RESULT</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n" . $response . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
}

function format_pincode_response($response, $term, $retry = true) {
    if (strpos($response, "Error") !== false || empty($response)) {
        if ($retry) { sleep(1); $url = str_replace('{term}', urlencode($term), PINCODE_API_ENDPOINT); $retry_response = http_get($url); return format_pincode_response($retry_response, $term, false); }
        return "❌ Error: No data found for this pincode.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    $response = clean_response($response);
    return "📍 <b>PINCODE LOOKUP RESULT</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n" . $response . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
}

function format_family_response($response, $term, $retry = true) {
    if (strpos($response, "Error") !== false || empty($response) || strlen($response) < 50) {
        if ($retry) { sleep(1); $url = str_replace('{term}', urlencode($term), FAMILY_API_ENDPOINT); $retry_response = http_get($url); return format_family_response($retry_response, $term, false); }
        return "❌ Error: No family data found for: $term\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    $response = clean_response($response);
    return $response . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
}

function format_ifsc_response($response, $term, $retry = true) {
    if (strpos($response, "Error") !== false || empty($response)) {
        if ($retry) { sleep(1); $url = str_replace('{term}', urlencode($term), IFSC_API_ENDPOINT); $retry_response = http_get($url); return format_ifsc_response($retry_response, $term, false); }
        return "❌ Error: No IFSC data found for: $term\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    $response = clean_response($response);
    return "🏦 <b>IFSC LOOKUP RESULT</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n" . $response . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
}

function format_telegram_response($response, $term, $retry = true) {
    if (is_protected_username($term)) {
        return "🔍 <b>TELEGRAM LOOKUP RESULT</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\nLookup Result for: {$term}\n────────────────────────\n\n🛡️ <b>🔒 OWNER USERNAME IS PROTECTED</b>\n\n⚠️ Information cannot be displayed.\n🔐 This username is protected by the owner.\n\n────────────────────────\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    
    if (is_numeric($term) && is_protected_id($term)) {
        return "🔍 <b>TELEGRAM LOOKUP RESULT</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\nLookup Result for: {$term}\n────────────────────────\n\n🛡️ <b>🔒 OWNER ID IS PROTECTED</b>\n\n⚠️ Information cannot be displayed.\n🔐 This Telegram ID is protected by the owner.\n\n────────────────────────\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    
    if (strpos($response, "Error") !== false || empty($response) || strlen($response) < 50) {
        if ($retry) { sleep(1); $url = str_replace('{term}', urlencode($term), TELEGRAM_API_ENDPOINT); $retry_response = http_get($url); return format_telegram_response($retry_response, $term, false); }
        return "❌ Error: No data found for this Telegram ID/Username.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    
    $response = clean_response($response);
    return $response . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
}

function format_instagram_response($response, $term, $retry = true) {
    $clean_term = ltrim($term, '@');
    if (is_protected_instagram($clean_term)) {
        return "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n📸 <b>INSTAGRAM LOOKUP RESULT</b>\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\nLookup Result for: @{$clean_term}\n────────────────────────\n\n🛡️ <b>🔒 PROTECTED</b>\n\n⚠️ Information cannot be displayed.\n🔐 This Instagram account is protected.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    
    if (strpos($response, "Error") !== false || empty($response) || strlen($response) < 30) {
        if ($retry) { sleep(1); $url = str_replace('{term}', urlencode($term), INSTAGRAM_API_ENDPOINT); $retry_response = http_get($url); return format_instagram_response($retry_response, $term, false); }
        return "❌ Error: No data found for this Instagram username.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    
    $data = json_decode($response, true);
    if ($data && isset($data['status']) && $data['status'] === true && isset($data['data']['profile'])) {
        $profile = $data['data']['profile'];
        $output = "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n📸 <b>INSTAGRAM LOOKUP RESULT</b>\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n";
        $output .= "Lookup Result for: @" . ($profile['username'] ?? $clean_term) . "\n";
        $output .= "────────────────────────\n\n";
        $output .= "🆔 ID: " . ($profile['id'] ?? 'N/A') . "\n";
        $output .= "👤 Username: @" . ($profile['username'] ?? 'N/A') . "\n";
        $output .= "📛 Full Name: " . ($profile['full_name'] ?? 'N/A') . "\n";
        $output .= "📝 Bio: " . ($profile['biography'] ?? 'N/A') . "\n";
        $output .= "🔒 Private: " . ($profile['is_private'] ? "Yes" : "No") . "\n";
        $output .= "✅ Verified: " . ($profile['is_verified'] ? "Yes" : "No") . "\n";
        $output .= "👥 Followers: " . number_format($profile['followers'] ?? 0) . "\n";
        $output .= "👣 Following: " . number_format($profile['following'] ?? 0) . "\n";
        $output .= "📸 Posts: " . ($profile['posts'] ?? 0) . "\n";
        $output .= "\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
        return $output;
    }
    
    $response = clean_response($response);
    return "📸 <b>INSTAGRAM LOOKUP RESULT</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n" . $response . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
}

function format_vehicle_response($response, $term, $retry = true) {
    if (strpos($response, "Error") !== false || empty($response) || strlen($response) < 30) {
        if ($retry) { sleep(1); $url = str_replace('{term}', urlencode($term), VEHICLE_API_ENDPOINT); $retry_response = http_get($url); return format_vehicle_response($retry_response, $term, false); }
        return "❌ Error: No data found for this vehicle number.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    $response = clean_response($response);
    return "🚗 <b>VEHICLE LOOKUP RESULT</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n" . $response . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
}

function format_pan_response($response, $term, $retry = true) {
    if (is_protected_pan($term)) {
        return "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n🆔 <b>PAN LOOKUP RESULT</b>\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\nLookup Result for: {$term}\n────────────────────────\n\n🛡️ <b>🔒 PROTECTED PAN</b>\n\n⚠️ Information cannot be displayed.\n🔐 This PAN number is protected.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    
    if (strpos($response, "Error") !== false || strpos($response, "❌") !== false || empty($response) || strlen($response) < 20) {
        if ($retry) { 
            sleep(1); 
            $url = str_replace('{term}', urlencode($term), PAN_API_ENDPOINT); 
            $retry_response = http_get($url); 
            return format_pan_response($retry_response, $term, false); 
        }
        return "❌ Error: No data found for this PAN number.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
    }
    
    $data = json_decode($response, true);
    if ($data && isset($data['status']) && $data['status'] === true && isset($data['data'])) {
        $pan_data = $data['data'];
        $output = "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n🆔 <b>PAN LOOKUP RESULT</b>\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n";
        $output .= "Lookup Result for: " . ($pan_data['pan_number'] ?? $term) . "\n";
        $output .= "────────────────────────\n\n";
        $output .= "📋 <b>PAN STATUS</b>\n";
        $output .= "├ 🆔 PAN Number    : " . ($pan_data['pan_number'] ?? 'N/A') . "\n";
        $output .= "├ 📊 PAN Status    : " . ($pan_data['pan_status'] ?? 'VALID') . "\n";
        $output .= "├ ✅ Is Valid      : " . (($pan_data['is_valid'] ?? true) ? "Yes" : "No") . "\n";
        $output .= "└ 🏷️ Category      : " . ($pan_data['category'] ?? 'Individual') . "\n\n";
        $output .= "👤 <b>PERSONAL INFORMATION</b>\n";
        $output .= "├ 📛 Full Name     : " . ($pan_data['name'] ?? 'N/A') . "\n";
        $output .= "├ 🧬 Gender        : " . ($pan_data['gender'] ?? 'N/A') . "\n";
        $output .= "└ 📅 Date of Birth : " . ($pan_data['dob'] ?? 'N/A') . "\n\n";
        $output .= "🔗 <b>AADHAAR LINKING</b>\n";
        $output .= "├ 🔗 Aadhaar Linked: " . (($pan_data['aadhaar_linked'] ?? false) ? "Yes" : "No") . "\n";
        if (!empty($pan_data['aadhar_number'])) {
            $output .= "└ 🆔 Aadhaar Number: " . ($pan_data['aadhar_number'] ?? 'N/A') . "\n";
        }
        $output .= "\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
        $output .= "💳 BUY API : @Cyb3rS0ldier\n";
        $output .= "🆘 SUPPORT : @Cyb3rS0ldier\n";
        $output .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
        $output .= "👮 Credit: Anish Exploits";
        return $output;
    }
    
    $response = clean_response($response);
    return "🆔 <b>PAN LOOKUP RESULT</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n" . $response . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
}

function send_plans_with_qr($chat_id, $reply_kb = null) {
    global $PLANS;
    $plans_text = "";
    foreach ($PLANS as $plan) $plans_text .= "• {$plan['name']} - ₹{$plan['price']}\n";
    $caption = "<b>🔰 PREMIUM MEMBERSHIP PLANS</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n" . $plans_text . "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n💳 <b>PAYMENT:</b>\nQR Code scan karein aur payment karein.\n\n📌 <b>How to get access:</b>\n1️⃣ Scan QR Code & Pay\n2️⃣ Take screenshot of payment\n3️⃣ Send screenshot HERE in this bot\n4️⃣ Admin will verify and activate premium\n\n⚠️ <b>Note:</b> Fake payments will be rejected.\n❌ Send screenshot only ONCE!\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n🆔 <b>Your Chat ID:</b> <code>{$chat_id}</code>";
    sendPhotoWithCaption($chat_id, QR_CODE_URL, $caption, $reply_kb);
}

function verify_kb($uid) {
    global $PLANS;
    $buttons = [];
    foreach ($PLANS as $key => $plan) $buttons[] = [['text' => "✅ ₹{$plan['price']} ({$plan['name']})", 'callback_data' => "verify_{$uid}_{$key}"], ['text' => "❌ Fake", 'callback_data' => "fake_{$uid}_{$key}"]];
    return ['inline_keyboard' => $buttons];
}

function message_type_kb() {
    return ['inline_keyboard' => [[['text' => '💎 Message to Premium Users', 'callback_data' => 'msg_broadcast_premium']], [['text' => '🔔 Send to Single User', 'callback_data' => 'msg_single']], [['text' => '❌ Cancel', 'callback_data' => 'msg_cancel']]]];
}

// 🔥 USER KEYBOARD
function kb_user() {
    return [
        'keyboard' => [
            [['text' => '📱 𝐍𝐔𝐌𝐁𝐄𝐑 𝐋𝐎𝐎𝐊𝐔𝐏'], ['text' => '🪪 𝐀𝐀𝐃𝐇𝐀𝐀𝐑 𝐋𝐎𝐎𝐊𝐔𝐏']],
            [['text' => '👨‍👩‍👧‍👦 𝐅𝐀𝐌𝐈𝐋𝐘 𝐋𝐎𝐎𝐊𝐔𝐏'], ['text' => '📍 𝐏𝐈𝐍𝐂𝐎𝐃𝐄 𝐋𝐎𝐎𝐊𝐔𝐏']],
            [['text' => '🏦 𝐈𝐅𝐒𝐂 𝐋𝐎𝐎𝐊𝐔𝐏'], ['text' => '🆔 𝐏𝐀𝐍 𝐋𝐎𝐎𝐊𝐔𝐏']],
            [['text' => '📸 𝐈𝐍𝐒𝐓𝐀𝐆𝐑𝐀𝐌 𝐋𝐎𝐎𝐊𝐔𝐏'], ['text' => '📞 𝐓𝐄𝐋𝐄𝐆𝐑𝐀𝐌 𝐋𝐎𝐎𝐊𝐔𝐏']],
            [['text' => '🚗 𝐕𝐄𝐇𝐈𝐂𝐋𝐄 𝐋𝐎𝐎𝐊𝐔𝐏'], ['text' => '💰 𝐁𝐔𝐘 𝐏𝐑𝐄𝐌𝐈𝐔𝐌']],
            [['text' => '✅ 𝐌𝐘 𝐏𝐑𝐄𝐌𝐈𝐔𝐌 𝐒𝐓𝐀𝐓𝐔𝐒']]
        ],
        'resize_keyboard' => true
    ];
}

// 🔥 ADMIN KEYBOARD
function kb_admin() {
    return [
        'keyboard' => [
            [['text' => '📱 𝐍𝐔𝐌𝐁𝐄𝐑 𝐋𝐎𝐎𝐊𝐔𝐏'], ['text' => '🪪 𝐀𝐀𝐃𝐇𝐀𝐀𝐑 𝐋𝐎𝐎𝐊𝐔𝐏']],
            [['text' => '👨‍👩‍👧‍👦 𝐅𝐀𝐌𝐈𝐋𝐘 𝐋𝐎𝐎𝐊𝐔𝐏'], ['text' => '📍 𝐏𝐈𝐍𝐂𝐎𝐃𝐄 𝐋𝐎𝐎𝐊𝐔𝐏']],
            [['text' => '🏦 𝐈𝐅𝐒𝐂 𝐋𝐎𝐎𝐊𝐔𝐏'], ['text' => '🆔 𝐏𝐀𝐍 𝐋𝐎𝐎𝐊𝐔𝐏']],
            [['text' => '📸 𝐈𝐍𝐒𝐓𝐀𝐆𝐑𝐀𝐌 𝐋𝐎𝐎𝐊𝐔𝐏'], ['text' => '📞 𝐓𝐄𝐋𝐄𝐆𝐑𝐀𝐌 𝐋𝐎𝐎𝐊𝐔𝐏']],
            [['text' => '🚗 𝐕𝐄𝐇𝐈𝐂𝐋𝐄 𝐋𝐎𝐎𝐊𝐔𝐏'], ['text' => '🛠 𝐁𝐎𝐓 𝐂𝐎𝐍𝐓𝐑𝐎𝐋']],
            [['text' => '💎 𝐆𝐑𝐀𝐍𝐓 𝐏𝐑𝐄𝐌𝐈𝐔𝐌'], ['text' => '⛔ 𝐑𝐄𝐕𝐎𝐊𝐄 𝐏𝐑𝐄𝐌𝐈𝐔𝐌']],
            [['text' => '❌ 𝐑𝐄𝐌𝐎𝐕𝐄 𝐔𝐒𝐄𝐑'], ['text' => '👥 𝐔𝐒𝐄𝐑𝐒 𝐒𝐔𝐌𝐌𝐀𝐑𝐘']],
            [['text' => '📊 𝐒𝐓𝐀𝐓𝐒'], ['text' => '📢 𝐔𝐒𝐄𝐑 𝐌𝐄𝐒𝐒𝐀𝐆𝐄']],
            [['text' => '📋 𝐏𝐑𝐄𝐌𝐈𝐔𝐌 𝐋𝐈𝐒𝐓']]
        ],
        'resize_keyboard' => true
    ];
}

function kb_cancel() { return ['keyboard' => [[['text' => '↩️ 𝐂𝐀𝐍𝐂𝐄𝐋']]], 'resize_keyboard' => true]; }

$state_file = STATE_DIR . "/state_{$chat_id}.json";
$state = @json_decode(@file_get_contents($state_file), true);
if (!is_array($state)) $state = [];

$settings = load_settings();
$users = load_users();

if (!isset($users[$chat_id])) {
    $users[$chat_id] = ['name' => $user_first, 'username' => $username];
    save_users($users);
}

check_expiry_notifications();

if (!empty($settings['maintenance']) && !is_admin($chat_id)) {
    sendMessage($chat_id, "🚧 Bot under maintenance. Please wait.");
    exit;
}

// 🔥 /start COMMAND - WITH IMAGE
if ($text === '/start') {
    if (is_admin($chat_id)) {
        $welcome = "╔══════════════════════════════╗\n";
        $welcome .= "⚑ <b>𝐀𝐃𝐌𝐈𝐍 𝐂𝐎𝐍𝐓𝐑𝐎𝐋 𝐏𝐀𝐍𝐄𝐋</b> ⚑\n";
        $welcome .= "╚══════════════════════════════╝\n\n";
        $welcome .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
        $welcome .= "🔧 <b>Admin Commands:</b>\n";
        $welcome .= "├─ 🛠 Bot Control\n";
        $welcome .= "├─ 💎 Grant Premium\n";
        $welcome .= "├─ ⛔ Revoke Premium\n";
        $welcome .= "├─ ❌ Remove User\n";
        $welcome .= "├─ 👥 Users Summary\n";
        $welcome .= "├─ 📊 Stats\n";
        $welcome .= "├─ 📢 User Message\n";
        $welcome .= "└─ 📋 Premium List\n\n";
        $welcome .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
        $welcome .= "💳 BUY API : @Cyb3rS0ldier\n";
        $welcome .= "🆘 SUPPORT : @Cyb3rS0ldier\n";
        $welcome .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
        $welcome .= "👮 Credit: Anish Exploits";
        
        sendPhoto($chat_id, WELCOME_IMAGE_URL, $welcome, kb_admin());
    } else {
        $caption = "╔══════════════════════════════╗\n";
        $caption .= "⚡ <b>𝗢𝗦𝗜𝗡𝗧 𝗔𝗖𝗖𝗘𝗦𝗦</b> ⚡\n";
        $caption .= "╚══════════════════════════════╝\n\n";
        $caption .= "  ◈ Secure Intelligence Hub ◈\n\n";
        $caption .= "⟡ Encrypted • Private • Fast ⟡\n\n";
        $caption .= "╭──────────────────────────────╮\n";
        $caption .= "│  🔐 Premium Access Enabled   │\n";
        $caption .= "│  🌐 Global Search Network    │\n";
        $caption .= "│  ⚡ Instant Query Response   │\n";
        $caption .= "│  🎯 Precision Intelligence   │\n";
        $caption .= "╰──────────────────────────────╯\n\n";
        $caption .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
        $caption .= "⚠️ <b>ACCESS LIMITED</b> ⚠️\n";
        $caption .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n";
        $caption .= "    💰 <b>𝐁𝐔𝐘 𝐏𝐑𝐄𝐌𝐈𝐔𝐌</b>\n\n";
        $caption .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
        $caption .= "🛰 User Network 🛜\n";
        $caption .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
        $caption .= "💳 BUY API : @Cyb3rS0ldier\n";
        $caption .= "🆘 SUPPORT : @Cyb3rS0ldier\n";
        $caption .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n";
        $caption .= "👮 Credit: Anish Exploits";
        
        sendPhoto($chat_id, WELCOME_IMAGE_URL, $caption, kb_user());
    }
    $state = ['stage' => 'idle'];
    @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
    exit;
}

if ($text === '↩️ 𝐂𝐀𝐍𝐂𝐄𝐋') {
    sendMessage($chat_id, "❌ Cancelled.", is_admin($chat_id) ? kb_admin() : kb_user());
    $state['stage'] = 'idle';
    @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
    exit;
}

// 🔥 CHECK PREMIUM STATUS BUTTON
if ($text === '✅ 𝐌𝐘 𝐏𝐑𝐄𝐌𝐈𝐔𝐌 𝐒𝐓𝐀𝐓𝐔𝐒') {
    $details = get_premium_details($chat_id);
    sendMessage($chat_id, $details['message'], is_admin($chat_id) ? kb_admin() : kb_user());
    exit;
}

// 🔥 BUY PREMIUM BUTTON
if ($text === '💰 𝐁𝐔𝐘 𝐏𝐑𝐄𝐌𝐈𝐔𝐌') {
    if (is_premium($chat_id) && !is_admin($chat_id)) {
        $details = get_premium_details($chat_id);
        sendMessage($chat_id, "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n⚠️ <b>YOU ALREADY HAVE PREMIUM!</b>\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n" . $details['message'] . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💡 You can still purchase another plan\nto extend your subscription!\n━━━━━━━━━━━━━━━━━━━━━━━━━━━", kb_cancel());
        exit;
    }
    send_plans_with_qr($chat_id, kb_cancel());
    exit;
}

// ==================== 🔥 LOOKUP BUTTONS WITH PATTERNS ====================
$lookups = [
    '📱 𝐍𝐔𝐌𝐁𝐄𝐑 𝐋𝐎𝐎𝐊𝐔𝐏' => [
        'stage' => 'awaiting_number', 
        'prompt' => "📱 <b>Number Lookup</b>\n\nSend 10 digit mobile number:\n\nExample: <code>6209856775</code>", 
        'api_endpoint' => NUMBER_API_ENDPOINT, 
        'format_func' => 'format_number_response',
        'pattern' => '/^\d{10}$/',
        'error_msg' => "❌ Invalid mobile number! Send 10 digits only."
    ],
    '🪪 𝐀𝐀𝐃𝐇𝐀𝐀𝐑 𝐋𝐎𝐎𝐊𝐔𝐏' => [
        'stage' => 'awaiting_aadhaar', 
        'prompt' => "🪪 <b>Aadhaar Lookup</b>\n\nSend 12 digit Aadhaar number:\n\nExample: <code>718602632114</code>", 
        'api_endpoint' => AADHAAR_API_ENDPOINT, 
        'format_func' => 'format_aadhaar_response',
        'pattern' => '/^\d{12}$/',
        'error_msg' => "❌ Invalid Aadhaar number! Send 12 digits only."
    ],
    '👨‍👩‍👧‍👦 𝐅𝐀𝐌𝐈𝐋𝐘 𝐋𝐎𝐎𝐊𝐔𝐏' => [
        'stage' => 'awaiting_family', 
        'prompt' => "👨‍👩‍👧‍👦 <b>Family Lookup</b>\n\nSend Aadhaar Number:\n\nExample: <code>962397300673</code>", 
        'api_endpoint' => FAMILY_API_ENDPOINT, 
        'format_func' => 'format_family_response',
        'pattern' => '/^\d{12}$/',
        'error_msg' => "❌ Invalid Aadhaar number! Send 12 digits only."
    ],
    '📍 𝐏𝐈𝐍𝐂𝐎𝐃𝐄 𝐋𝐎𝐎𝐊𝐔𝐏' => [
        'stage' => 'awaiting_pincode', 
        'prompt' => "📍 <b>Pincode Lookup</b>\n\nSend 6 digit PINCODE:\n\nExample: <code>848115</code>", 
        'api_endpoint' => PINCODE_API_ENDPOINT, 
        'format_func' => 'format_pincode_response',
        'pattern' => '/^\d{6}$/',
        'error_msg' => "❌ Invalid pincode! Send 6 digits only."
    ],
    '🏦 𝐈𝐅𝐒𝐂 𝐋𝐎𝐎𝐊𝐔𝐏' => [
        'stage' => 'awaiting_ifsc', 
        'prompt' => "🏦 <b>IFSC Lookup</b>\n\nSend IFSC Code:\n\nExample: <code>SBIN0001234</code>", 
        'api_endpoint' => IFSC_API_ENDPOINT, 
        'format_func' => 'format_ifsc_response',
        'pattern' => '/^[A-Z]{4}0[A-Z0-9]{6}$/',
        'clean' => 'strtoupper',
        'error_msg' => "❌ Invalid IFSC code! Format: 4 letters + 0 + 6 digits/letters"
    ],
    '🆔 𝐏𝐀𝐍 𝐋𝐎𝐎𝐊𝐔𝐏' => [
        'stage' => 'awaiting_pan', 
        'prompt' => "🆔 <b>PAN Card Lookup</b>\n\nSend PAN Card Number:\n\nExample: <code>ABCDE1234F</code>\n\n📌 Format: 5 Letters + 4 Digits + 1 Letter", 
        'api_endpoint' => PAN_API_ENDPOINT, 
        'format_func' => 'format_pan_response',
        'pattern' => '/^[A-Z]{5}[0-9]{4}[A-Z]{1}$/i',
        'clean' => 'strtoupper',
        'error_msg' => "❌ Invalid PAN number!\n\n✅ Valid Format: ABCDE1234F\n   • First 5: Letters (A-Z)\n   • Next 4: Digits (0-9)\n   • Last 1: Letter (A-Z)"
    ],
    '📸 𝐈𝐍𝐒𝐓𝐀𝐆𝐑𝐀𝐌 𝐋𝐎𝐎𝐊𝐔𝐏' => [
        'stage' => 'awaiting_instagram', 
        'prompt' => "📸 <b>Instagram Lookup</b>\n\nSend Instagram username:\n\nExample: <code>instagramuser</code>", 
        'api_endpoint' => INSTAGRAM_API_ENDPOINT, 
        'format_func' => 'format_instagram_response',
        'pattern' => '/^[a-zA-Z0-9_.]{1,30}$/',
        'error_msg' => "❌ Invalid Instagram username! Use letters, numbers, underscore, dot only."
    ],
    '📞 𝐓𝐄𝐋𝐄𝐆𝐑𝐀𝐌 𝐋𝐎𝐎𝐊𝐔𝐏' => [
        'stage' => 'awaiting_telegram', 
        'prompt' => "📞 <b>Telegram Lookup</b>\n\nSend Telegram User ID or Username:\n\nExample: <code>7210696155</code> or <code>@username</code>", 
        'api_endpoint' => TELEGRAM_API_ENDPOINT, 
        'format_func' => 'format_telegram_response',
        'pattern' => '/^(@?[a-zA-Z0-9_]{5,32}|\d+)$/',
        'error_msg' => "❌ Invalid Telegram ID/Username! Must be 5-32 characters or numeric ID."
    ],
    '🚗 𝐕𝐄𝐇𝐈𝐂𝐋𝐄 𝐋𝐎𝐎𝐊𝐔𝐏' => [
        'stage' => 'awaiting_vehicle', 
        'prompt' => "🚗 <b>Vehicle Lookup</b>\n\nSend vehicle registration number:\n\nExample: <code>BR07PB6268</code>", 
        'api_endpoint' => VEHICLE_API_ENDPOINT, 
        'format_func' => 'format_vehicle_response',
        'pattern' => '/^[A-Z]{2}[0-9]{1,2}[A-Z]{1,2}[0-9]{4}$/i',
        'clean' => 'strtoupper',
        'error_msg' => "❌ Invalid vehicle number! Example: BR07PB6268, UP32AB1234"
    ]
];

foreach ($lookups as $btn => $cfg) {
    if ($text === $btn) {
        if (!is_premium($chat_id) && !is_admin($chat_id)) {
            send_plans_with_qr($chat_id, kb_cancel());
            exit;
        }
        sendMessage($chat_id, $cfg['prompt'], kb_cancel());
        $state['stage'] = $cfg['stage'];
        $state['api_endpoint'] = $cfg['api_endpoint'];
        $state['format_func'] = $cfg['format_func'];
        if (isset($cfg['pattern'])) $state['pattern'] = $cfg['pattern'];
        if (isset($cfg['clean'])) $state['clean'] = $cfg['clean'];
        if (isset($cfg['error_msg'])) $state['error_msg'] = $cfg['error_msg'];
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
}

// 🔥 HANDLE SCREENSHOT
if (isset($msg['photo']) && !is_admin($chat_id)) {
    if (has_pending_payment($chat_id)) {
        sendMessage($chat_id, "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n⚠️ <b>DUPLICATE SCREENSHOT DETECTED!</b>\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n❌ You have already sent a payment screenshot!\n\n⏳ Please wait for admin verification.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━", kb_cancel());
        exit;
    }
    
    set_pending_payment($chat_id);
    
    $photos = $msg['photo'];
    $file_id = end($photos)['file_id'];
    
    $user_details = "👤 <b>User Details:</b>\n├─ Name: <code>{$user_first}</code>\n├─ Username: " . ($username ? "@{$username}" : "None") . "\n├─ Chat ID: <code>{$chat_id}</code>\n└─ Time: <code>" . dtfmt(time()) . "</code>\n\n";
    
    sendMessage($chat_id, "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n✅ <b>SCREENSHOT RECEIVED!</b>\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n📸 Your payment screenshot has been sent to admin.\n\n⏳ <b>Please wait...</b> Admin will verify your payment.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━");
    
    $data = [
        'chat_id' => ADMIN_ID,
        'photo' => $file_id,
        'caption' => "💰 <b>PREMIUM PAYMENT RECEIVED</b>\n\n" . $user_details . "━━━━━━━━━━━━━━━━━━━━━━\n\n📸 Select Plan for verification:",
        'reply_markup' => json_encode(verify_kb($chat_id)),
        'parse_mode' => 'HTML'
    ];
    
    $ch = curl_init(API_URL . "sendPhoto");
    curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query($data), CURLOPT_TIMEOUT => 10]);
    curl_exec($ch);
    curl_close($ch);
    
    $state['stage'] = 'waiting_verification';
    $state['payment_time'] = time();
    @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
    exit;
}

// Handle Callback
if ($cb) {
    $callback_data = $text;
    $callback_id = $cb['id'];
    $message_id = $cb['message']['message_id'];
    $from_id = $cb['from']['id'];
    $admin_chat_id = $cb['message']['chat']['id'];
    
    if (strpos($callback_data, "fake_") === 0 && $from_id == ADMIN_ID) {
        $parts = explode("_", $callback_data);
        $uid = $parts[1];
        $plan_key = $parts[2];
        $plan = $PLANS[$plan_key] ?? null;
        if ($plan) {
            $users = load_users();
            $user_name = $users[$uid]['name'] ?? 'Unknown';
            $user_username = $users[$uid]['username'] ?? 'Unknown';
            sendMessage($uid, "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n❌ <b>PAYMENT REJECTED!</b>\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\nReason: <b>FAKE PAYMENT DETECTED</b>\n\n⚠️ Please send genuine payment screenshot.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits");
            sendMessage(ADMIN_ID, "⚠️ <b>FAKE PAYMENT ATTEMPT</b>\n\nUser: <code>$uid</code>\nName: $user_name\nUsername: @$user_username\nPlan: {$plan['name']}\nAmount: ₹{$plan['price']}\n\nUser has been notified.");
            deleteMessage($admin_chat_id, $message_id);
            clear_pending_payment($uid);
            answerCallback($callback_id, "❌ Fake Payment Rejected!");
        }
        exit;
    }
    
    if (strpos($callback_data, "verify_") === 0 && $from_id == ADMIN_ID) {
        $parts = explode("_", $callback_data);
        $uid = $parts[1];
        $plan_key = $parts[2];
        $plan = $PLANS[$plan_key] ?? null;
        if ($plan) {
            $users = load_users();
            $user_name = $users[$uid]['name'] ?? $user_first;
            $user_username = $users[$uid]['username'] ?? $username;
            $expiry = grant_premium($uid, $plan['days'], $plan['price'], $plan['name'], $user_name, $user_username);
            $expiry_date = dtfmt($expiry);
            deleteMessage($admin_chat_id, $message_id);
            clear_pending_payment($uid);
            answerCallback($callback_id, "✅ Premium Activated!");
        }
        exit;
    }
    
    if (strpos($callback_data, "msg_") === 0 && $from_id == ADMIN_ID) {
        if ($callback_data == 'msg_broadcast_premium') {
            editMessage($admin_chat_id, $message_id, "💎 <b>Broadcast to PREMIUM users</b>\n\nSend your message:", kb_cancel());
            $state['stage'] = 'admin_broadcast_premium';
            @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
            answerCallback($callback_id, "Send broadcast message to premium users");
        } elseif ($callback_data == 'msg_single') {
            editMessage($admin_chat_id, $message_id, "🔔 <b>Send to single user</b>\n\nSend chat ID:", kb_cancel());
            $state['stage'] = 'admin_single_user_id';
            @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
            answerCallback($callback_id, "Enter chat ID");
        } elseif ($callback_data == 'msg_cancel') {
            editMessage($admin_chat_id, $message_id, "❌ Cancelled.");
            answerCallback($callback_id, "Cancelled");
        }
        exit;
    }
}

// ==================== 🔥 INPUT HANDLER ====================
if (isset($state['stage']) && in_array($state['stage'], ['awaiting_number', 'awaiting_aadhaar', 'awaiting_family', 'awaiting_pincode', 'awaiting_ifsc', 'awaiting_pan', 'awaiting_instagram', 'awaiting_telegram', 'awaiting_vehicle'])) {
    
    if ($text === '↩️ 𝐂𝐀𝐍𝐂𝐄𝐋') {
        sendMessage($chat_id, "❌ Cancelled.", is_admin($chat_id) ? kb_admin() : kb_user());
        $state['stage'] = 'idle';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
    
    $query = trim($text);
    
    if (isset($state['clean'])) {
        $clean_func = $state['clean'];
        $query = $clean_func($query);
    }
    
    if ($state['stage'] == 'awaiting_instagram') {
        $query = ltrim($query, '@');
    }
    
    if (isset($state['pattern'])) {
        if (!preg_match($state['pattern'], $query)) {
            $error_msg = isset($state['error_msg']) ? $state['error_msg'] : "❌ Invalid input format! Please try again.";
            sendMessage($chat_id, $error_msg, kb_cancel());
            exit;
        }
    }
    
    if ($state['stage'] == 'awaiting_pan') {
        $query = strtoupper($query);
        if (!preg_match('/^[A-Z]{5}[0-9]{4}[A-Z]{1}$/', $query)) {
            sendMessage($chat_id, "❌ Invalid PAN number!\n\n✅ Valid Format: ABCDE1234F\n   • First 5 characters: Letters (A-Z)\n   • Next 4 characters: Digits (0-9)\n   • Last character: Letter (A-Z)\n\nExample: NTEPK1628C", kb_cancel());
            exit;
        }
    }
    
    if ($state['stage'] == 'awaiting_vehicle') {
        $query = strtoupper($query);
        if (!preg_match('/^[A-Z]{2}[0-9]{1,2}[A-Z]{1,2}[0-9]{4}$/', $query)) {
            sendMessage($chat_id, "❌ Invalid vehicle number!\n\nValid formats:\n├─ BR07PB6268\n├─ UP32AB1234\n├─ DL09C1234\n└─ MH12AB1234", kb_cancel());
            exit;
        }
    }
    
    if ($state['stage'] == 'awaiting_ifsc') {
        $query = strtoupper($query);
        if (!preg_match('/^[A-Z]{4}0[A-Z0-9]{6}$/', $query)) {
            sendMessage($chat_id, "❌ Invalid IFSC code!\n\nFormat: 4 letters + 0 + 6 digits/letters\nExample: SBIN0001234", kb_cancel());
            exit;
        }
    }
    
    if (!empty($query)) {
        sendMessage($chat_id, "⏳ Fetching details...");
        $url = str_replace('{term}', urlencode($query), $state['api_endpoint']);
        $response = http_get($url);
        $format_func = $state['format_func'];
        $formatted = $format_func($response, $query);
        sendMessage($chat_id, $formatted, is_admin($chat_id) ? kb_admin() : kb_user());
        
        $s = load_settings();
        $s['total_lookups'] = ($s['total_lookups'] ?? 0) + 1;
        save_settings($s);
        
        $state['stage'] = 'idle';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
    } else {
        sendMessage($chat_id, "❌ Invalid input! Please try again.", kb_cancel());
    }
    exit;
}

// Admin Broadcast
if (($state['stage'] ?? '') === 'admin_broadcast_premium') {
    if ($text === '↩️ 𝐂𝐀𝐍𝐂𝐄𝐋') {
        sendMessage($chat_id, "❌ Broadcast cancelled.", kb_admin());
    } else {
        $premium_list = load_active_premium();
        $sent = 0;
        foreach ($premium_list as $uid => $info) {
            @sendMessage($uid, "💎 <b>Premium Broadcast</b>\n\n" . $text . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits");
            $sent++;
        }
        sendMessage($chat_id, "✅ Broadcast sent to $sent premium users!", kb_admin());
    }
    $state['stage'] = 'idle';
    @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
    exit;
}

// Admin Single User - Chat ID
if (($state['stage'] ?? '') === 'admin_single_user_id') {
    if ($text === '↩️ 𝐂𝐀𝐍𝐂𝐄𝐋') {
        sendMessage($chat_id, "❌ Cancelled.", kb_admin());
    } elseif (is_numeric($text)) {
        $state['target_user'] = $text;
        $state['stage'] = 'admin_single_user_msg';
        sendMessage($chat_id, "📝 Send message to user <code>$text</code>:", kb_cancel());
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
    } else {
        sendMessage($chat_id, "❌ Invalid chat ID. Send numeric ID:", kb_cancel());
    }
    exit;
}

// Admin Single User - Message
if (($state['stage'] ?? '') === 'admin_single_user_msg') {
    if ($text === '↩️ 𝐂𝐀𝐍𝐂𝐄𝐋') {
        sendMessage($chat_id, "❌ Cancelled.", kb_admin());
    } else {
        $target = $state['target_user'];
        @sendMessage($target, "📩 <b>Message from Admin</b>\n\n" . $text . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits");
        sendMessage($chat_id, "✅ Sent to <code>$target</code>!", kb_admin());
    }
    $state['stage'] = 'idle';
    @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
    exit;
}

// ADMIN PANEL
if (is_admin($chat_id)) {
    if ($text === '📢 𝐔𝐒𝐄𝐑 𝐌𝐄𝐒𝐒𝐀𝐆𝐄') {
        sendMessage($chat_id, "📢 <b>User Message</b>\n\nChoose an option:", message_type_kb());
        $state['stage'] = 'idle';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
    
    if ($text === '📋 𝐏𝐑𝐄𝐌𝐈𝐔𝐌 𝐋𝐈𝐒𝐓') {
        $premium = load_active_premium();
        if (empty($premium)) {
            sendMessage($chat_id, "📋 No active premium users.", kb_admin());
        } else {
            $msg = "💎 <b>ACTIVE PREMIUM USERS</b>\n\n";
            $msg .= "Total Active: " . count($premium) . "\n\n";
            foreach ($premium as $uid => $data) {
                $msg .= "├─ <b>User:</b> <code>$uid</code>\n";
                $msg .= "├─ <b>Name:</b> " . ($data['name'] ?? 'N/A') . "\n";
                $msg .= "├─ <b>Username:</b> @" . ($data['username'] ?? 'N/A') . "\n";
                $msg .= "├─ <b>Plan:</b> {$data['plan']}\n";
                $msg .= "├─ <b>Amount:</b> ₹{$data['amount']}\n";
                $msg .= "└─ <b>Expiry:</b> {$data['expiry_date']}\n\n";
            }
            $msg .= "━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
            sendMessage($chat_id, $msg, kb_admin());
        }
        exit;
    }
    
    if ($text === '🛠 𝐁𝐎𝐓 𝐂𝐎𝐍𝐓𝐑𝐎𝐋') {
        $status = !empty($settings['maintenance']) ? "🔴 Maintenance ON" : "🟢 Live";
        sendMessage($chat_id, "Bot Status: $status", ['keyboard' => [[['text' => '🟢 ENABLE'], ['text' => '🔴 DISABLE']], [['text' => '↩️ 𝐂𝐀𝐍𝐂𝐄𝐋']]], 'resize_keyboard' => true]);
        $state['stage'] = 'admin_bot_control';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
    
    if (($state['stage'] ?? '') === 'admin_bot_control') {
        if ($text === '🟢 ENABLE') {
            $settings['maintenance'] = false;
            save_settings($settings);
            sendMessage($chat_id, "✅ Enabled!", kb_admin());
        } elseif ($text === '🔴 DISABLE') {
            $settings['maintenance'] = true;
            save_settings($settings);
            sendMessage($chat_id, "🔴 Disabled!", kb_admin());
        } else {
            sendMessage($chat_id, "Back.", kb_admin());
        }
        $state['stage'] = 'idle';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
    
    if ($text === '💎 𝐆𝐑𝐀𝐍𝐓 𝐏𝐑𝐄𝐌𝐈𝐔𝐌') {
        sendMessage($chat_id, "📝 Send: <code>chatid days</code>\nExample: <code>123456789 30</code>\n\nPlans: 1, 3, 7, 15, 30, 60, 90, 180, 365 days", kb_cancel());
        $state['stage'] = 'admin_grant';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
    
    if (($state['stage'] ?? '') === 'admin_grant') {
        if ($text === '↩️ 𝐂𝐀𝐍𝐂𝐄𝐋') {
            sendMessage($chat_id, "Cancelled.", kb_admin());
        } else {
            $parts = preg_split('/\s+/', trim($text));
            if (count($parts) >= 2 && is_numeric($parts[0]) && is_numeric($parts[1])) {
                $days = (int)$parts[1];
                $plan_name = $days . " Days";
                $price_map = [1 => 19, 3 => 49, 7 => 99, 15 => 149, 30 => 249, 60 => 449, 90 => 599, 180 => 999, 365 => 1699];
                $amount = $price_map[$days] ?? 249;
                $users = load_users();
                $user_name = $users[$parts[0]]['name'] ?? 'Unknown';
                $user_username = $users[$parts[0]]['username'] ?? 'Unknown';
                grant_premium($parts[0], $days, $amount, $plan_name, $user_name, $user_username);
                sendMessage($chat_id, "✅ Granted to <code>{$parts[0]}</code> for {$days} days!", kb_admin());
            } else {
                sendMessage($chat_id, "❌ Invalid! Use: <code>chatid days</code>", kb_cancel());
            }
        }
        $state['stage'] = 'idle';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
    
    if ($text === '⛔ 𝐑𝐄𝐕𝐎𝐊𝐄 𝐏𝐑𝐄𝐌𝐈𝐔𝐌') {
        sendMessage($chat_id, "📝 Send chat ID to revoke:", kb_cancel());
        $state['stage'] = 'admin_revoke';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
    
    if (($state['stage'] ?? '') === 'admin_revoke') {
        if ($text === '↩️ 𝐂𝐀𝐍𝐂𝐄𝐋') {
            sendMessage($chat_id, "Cancelled.", kb_admin());
        } else {
            if (revoke_premium($text)) {
                sendMessage($chat_id, "✅ Revoked for <code>$text</code>!", kb_admin());
            } else {
                sendMessage($chat_id, "❌ User not found or no premium!", kb_admin());
            }
        }
        $state['stage'] = 'idle';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
    
    if ($text === '❌ 𝐑𝐄𝐌𝐎𝐕𝐄 𝐔𝐒𝐄𝐑') {
        sendMessage($chat_id, "📝 Send chat ID:", kb_cancel());
        $state['stage'] = 'admin_remove';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
    
    if (($state['stage'] ?? '') === 'admin_remove') {
        if ($text === '↩️ 𝐂𝐀𝐍𝐂𝐄𝐋') {
            sendMessage($chat_id, "Cancelled.", kb_admin());
        } else {
            $u = load_users();
            if (isset($u[$text])) {
                unset($u[$text]);
                save_users($u);
                revoke_premium($text);
                sendMessage($chat_id, "✅ Removed!", kb_admin());
            } else {
                sendMessage($chat_id, "❌ Not found!", kb_admin());
            }
        }
        $state['stage'] = 'idle';
        @file_put_contents($state_file, json_encode($state, JSON_PRETTY_PRINT));
        exit;
    }
    
    if ($text === '👥 𝐔𝐒𝐄𝐑𝐒 𝐒𝐔𝐌𝐌𝐀𝐑𝐘') {
        $u = load_users();
        $premium = load_active_premium();
        $total = count($u);
        $premium_count = count($premium);
        $free_count = $total - $premium_count;
        $expired_count = count(load_premium()) - $premium_count;
        $msg = "📊 <b>USERS SUMMARY</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n👥 Total Users: <code>$total</code>\n💎 Active Premium: <code>$premium_count</code>\n🎁 Free Users: <code>$free_count</code>";
        if ($expired_count > 0) $msg .= "\n⏰ Expired Premium: <code>$expired_count</code>";
        $msg .= "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
        sendMessage($chat_id, $msg, kb_admin());
        exit;
    }
    
    if ($text === '📊 𝐒𝐓𝐀𝐓𝐒') {
        $s = load_settings();
        $premium = load_active_premium();
        $total_revenue = 0;
        foreach ($premium as $p) $total_revenue += $p['amount'];
        $msg = "📈 <b>BOT STATISTICS</b>\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n🔍 Total Lookups: <code>{$s['total_lookups']}</code>\n💰 Total Revenue: <code>₹{$total_revenue}</code>\n⚡ Bot Status: " . (!empty($settings['maintenance']) ? "🔴 Maintenance" : "🟢 Live") . "\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n💳 BUY API : @Cyb3rS0ldier\n🆘 SUPPORT : @Cyb3rS0ldier\n━━━━━━━━━━━━━━━━━━━━━━━━━━━\n👮 Credit: Anish Exploits";
        sendMessage($chat_id, $msg, kb_admin());
        exit;
    }
}

if (!empty($text) && $text[0] !== '/') {
    sendMessage($chat_id, "❌ Unknown command. Use buttons.", is_admin($chat_id) ? kb_admin() : kb_user());
}
?>