diff --git a/build-docker.sh b/build-docker.sh
new file mode 100644
index 0000000..73ed016
--- /dev/null
+++ b/build-docker.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+# build-docker.sh - 用 Docker 为三种架构分别打包
+# 前提：本机安装了 Docker + QEMU（用于跨架构）
+# 安装 QEMU：docker run --privileged --rm tonistiigi/binfmt --install all
+set -euo pipefail
+
+PLATFORMS=("linux/amd64" "linux/arm64" "linux/arm/v7")
+ARCH_NAMES=("x86_64" "arm64" "armhf")
+
+echo "开始多架构打包..."
+
+for i in "${!PLATFORMS[@]}"; do
+    PLATFORM="${PLATFORMS[$i]}"
+    ARCH_NAME="${ARCH_NAMES[$i]}"
+    OUTPUT="releases/nas-media-player-${ARCH_NAME}"
+
+    echo ""
+    echo "========================================="
+    echo "  打包架构: ${PLATFORM} → ${ARCH_NAME}"
+    echo "========================================="
+
+    docker run --rm \
+        --platform "${PLATFORM}" \
+        -v "$(pwd):/workspace" \
+        -w /workspace \
+        python:3.11-slim \
+        bash -c "
+            set -e
+            echo '--- 安装系统依赖 ---'
+            apt-get update -qq && apt-get install -y -q binutils
+
+            echo '--- 安装 Python 依赖 ---'
+            pip install --upgrade pip -q
+            pip install pyinstaller fastapi 'uvicorn[standard]' aiofiles \
+                pydantic python-multipart httptools -q
+
+            echo '--- 执行打包 ---'
+            pyinstaller nas-media-player.spec --clean --noconfirm
+
+            echo '--- 复制产物 ---'
+            mkdir -p releases
+            cp dist/nas-media-player releases/nas-media-player-${ARCH_NAME}
+            chmod +x releases/nas-media-player-${ARCH_NAME}
+            echo '产物大小:' \$(du -sh releases/nas-media-player-${ARCH_NAME})
+        "
+
+    echo "✅ ${ARCH_NAME} 打包完成 → ${OUTPUT}"
+done
+
+echo ""
+echo "========================================="
+echo "🎉 所有架构打包完成！"
+ls -lh releases/
+echo "========================================="
diff --git a/build.sh b/build.sh
new file mode 100644
index 0000000..ea2e7bf
--- /dev/null
+++ b/build.sh
@@ -0,0 +1,69 @@
+#!/bin/bash
+# build.sh - 一键打包脚本
+# 在对应架构的机器上执行（或用 Docker 交叉编译，见下方说明）
+set -euo pipefail
+
+ARCH=$(uname -m)
+OUTPUT_NAME="nas-media-player-${ARCH}"
+RELEASES_DIR="./releases"
+
+echo "========================================"
+echo "  NAS Media Player 打包脚本"
+echo "  当前架构: ${ARCH}"
+echo "========================================"
+
+# 1. 检查 Python 版本（建议 3.9+）
+python3 --version
+
+# 2. 创建并激活虚拟环境（隔离，避免污染系统）
+echo "[1/5] 创建虚拟环境..."
+python3 -m venv .venv-build
+source .venv-build/bin/activate
+
+# 3. 安装依赖
+echo "[2/5] 安装依赖..."
+pip install --upgrade pip -q
+pip install \
+    pyinstaller \
+    fastapi \
+    uvicorn[standard] \
+    aiofiles \
+    pydantic \
+    python-multipart \
+    httptools \
+    -q
+
+# 4. 执行打包
+echo "[3/5] 开始打包 (PyInstaller)..."
+pyinstaller nas-media-player.spec \
+    --clean \
+    --noconfirm
+
+# 5. 检查产物
+BINARY="./dist/nas-media-player"
+if [ ! -f "${BINARY}" ]; then
+    echo "❌ 打包失败！未找到 ${BINARY}"
+    exit 1
+fi
+
+# 6. 重命名并归档
+mkdir -p "${RELEASES_DIR}"
+cp "${BINARY}" "${RELEASES_DIR}/${OUTPUT_NAME}"
+chmod +x "${RELEASES_DIR}/${OUTPUT_NAME}"
+
+# 显示文件大小
+SIZE=$(du -sh "${RELEASES_DIR}/${OUTPUT_NAME}" | cut -f1)
+echo ""
+echo "========================================"
+echo "✅ 打包成功！"
+echo "   产物路径: ${RELEASES_DIR}/${OUTPUT_NAME}"
+echo "   文件大小: ${SIZE}"
+echo "========================================"
+
+# 7. 快速验证（不启动服务，只检查 --help）
+echo "[5/5] 验证二进制可执行..."
+"${RELEASES_DIR}/${OUTPUT_NAME}" --help 2>/dev/null || true
+echo "验证完成（如无错误输出则正常）"
+
+# 清理虚拟环境
+deactivate
diff --git a/build.yml b/build.yml
new file mode 100644
index 0000000..abdde69
--- /dev/null
+++ b/build.yml
@@ -0,0 +1,78 @@
+# .github/workflows/build.yml
+# 推送 tag（如 v1.0.0）时自动为三种架构打包并发布 Release
+
+name: Build Multi-Arch Binaries
+
+on:
+  push:
+    tags:
+      - 'v*'
+  workflow_dispatch:   # 支持手动触发
+
+jobs:
+  build:
+    name: Build ${{ matrix.arch }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - arch: x86_64
+            platform: linux/amd64
+            python-arch: x64
+          - arch: arm64
+            platform: linux/arm64
+            python-arch: arm64
+          - arch: armhf
+            platform: linux/arm/v7
+            python-arch: arm
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Build binary in Docker
+        run: |
+          docker run --rm \
+            --platform ${{ matrix.platform }} \
+            -v "${{ github.workspace }}:/workspace" \
+            -w /workspace \
+            python:3.11-slim \
+            bash -c "
+              set -e
+              apt-get update -qq && apt-get install -y -q binutils
+              pip install --upgrade pip -q
+              pip install pyinstaller fastapi 'uvicorn[standard]' aiofiles \
+                  pydantic python-multipart httptools -q
+              pyinstaller nas-media-player.spec --clean --noconfirm
+              mkdir -p releases
+              cp dist/nas-media-player releases/nas-media-player-${{ matrix.arch }}
+              chmod +x releases/nas-media-player-${{ matrix.arch }}
+            "
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: nas-media-player-${{ matrix.arch }}
+          path: releases/nas-media-player-${{ matrix.arch }}
+
+  release:
+    name: Create Release
+    needs: build
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/')
+
+    steps:
+      - name: Download all artifacts
+        uses: actions/download-artifact@v4
+        with:
+          path: releases/
+          merge-multiple: true
+
+      - name: Create GitHub Release
+        uses: softprops/action-gh-release@v2
+        with:
+          files: releases/*
+          generate_release_notes: true
diff --git a/index.html b/index.html
index c4e1498..f8aaf1c 100644
--- a/index.html
+++ b/index.html
@@ -1,1286 +1,879 @@
 <!DOCTYPE html>
 <html lang="zh-CN">
 <head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>NAS 轻量媒体播放器</title>
-    <style>
-        * { margin: 0; padding: 0; box-sizing: border-box; }
-        body { font-family: "Microsoft YaHei", Arial, sans-serif; max-width: 1400px; margin: 0 auto; padding: 20px; background: #f5f5f5; }
-        /* Logo样式 */
-        .logo-container {
-            text-align: center;
-            margin-bottom: 20px;
-        }
-        .logo {
-            max-width: 200px;
-            height: auto;
-            display: inline-block;
-            /* 可选：添加阴影增强视觉效果 */
-            box-shadow: 0 2px 5px rgba(0,0,0,0.1);
-            border-radius: 8px;
-            padding: 5px;
-            background: white;
-        }
-        h1 { color: #333; text-align: center; margin-bottom: 10px; }
-        .subtitle { color: #4285F4; text-align: center; margin-bottom: 30px; font-size: 18px; }
-        .subtitle a { color: #4285F4; text-decoration: none; }
-        .subtitle a:hover { text-decoration: underline; }
-        
-        /* 媒体容器优化 */
-        .media-container { 
-            width: 100%; 
-            background: #000; 
-            border-radius: 8px; 
-            overflow: hidden; 
-            box-shadow: 0 2px 10px rgba(0,0,0,0.1);
-            display: flex;
-            justify-content: center;
-            align-items: center;
-            min-height: 600px;
-            position: relative;
-        }
-        .media-content {
-            width: 100%;
-            height: 100%;
-            display: flex;
-            justify-content: center;
-            align-items: center;
-            padding: 20px;
-        }
-        video, audio { 
-            width: 100%; 
-            height: auto; 
-            max-height: 80vh;
-            display: none;
-            background: #000;
-        }
-        img { 
-            max-width: 100%; 
-            max-height: 80vh; 
-            object-fit: contain; 
-            display: none;
-            background: #000;
-        }
-        
-        /* 加载状态 */
-        .loading { 
-            position: absolute;
-            top: 50%;
-            left: 50%;
-            transform: translate(-50%, -50%);
-            text-align: center; 
-            color: #4285F4; 
-            z-index: 10;
-            background: rgba(0,0,0,0.7);
-            padding: 20px 30px;
-            border-radius: 8px;
-        }
-        .loading-spinner {
-            border: 4px solid rgba(66, 133, 244, 0.3);
-            border-radius: 50%;
-            border-top: 4px solid #4285F4;
-            width: 40px;
-            height: 40px;
-            animation: spin 1s linear infinite;
-            margin: 0 auto 15px;
-        }
-        @keyframes spin {
-            0% { transform: rotate(0deg); }
-            100% { transform: rotate(360deg); }
-        }
-        
-        .control-panel { margin: 20px 0; padding: 15px; background: #fff; border-radius: 8px; box-shadow: 0 2px 5px rgba(0,0,0,0.05); }
-        .select-group { display: inline-block; margin-right: 20px; margin-bottom: 15px; vertical-align: top; }
-        label { font-weight: bold; color: #555; margin-right: 10px; }
-        select, input[type="text"], input[type="file"], input[type="password"] { 
-            padding: 10px 15px; 
-            font-size: 16px; 
-            border: 1px solid #ddd; 
-            border-radius: 4px; 
-            outline: none;
-            min-width: 250px;
-        }
-        select:focus, input[type="text"]:focus, input[type="password"]:focus { border-color: #4285F4; box-shadow: 0 0 0 2px rgba(66,133,244,0.2); }
-        
-        .btn-group { display: inline-block; }
-        button { 
-            padding: 10px 20px; 
-            font-size: 16px; 
-            margin-right: 10px; 
-            border: none; 
-            border-radius: 4px; 
-            cursor: pointer; 
-            transition: all 0.3s;
-        }
-        .btn-primary { background: #4285F4; color: white; }
-        .btn-primary:hover { background: #3367D6; }
-        .btn-primary:disabled { background: #ccc; cursor: not-allowed; }
-        .btn-secondary { background: #28a745; color: white; }
-        .btn-secondary:hover { background: #218838; }
-        .btn-danger { background: #dc3545; color: white; }
-        .btn-danger:hover { background: #c82333; }
-        
-        .media-info { margin-top: 15px; color: #666; font-size: 14px; }
-        .dir-navigation { margin: 10px 0; padding: 10px; background: #f9f9f9; border-radius: 4px; }
-        
-        /* 上传区域 */
-        .upload-section { 
-            margin: 30px 0; 
-            padding: 20px; 
-            background: #fff; 
-            border-radius: 8px; 
-            box-shadow: 0 2px 5px rgba(0,0,0,0.05); 
-            border-top: 3px solid #4285F4;
-        }
-        .upload-section h2 { 
-            color: #333; 
-            margin-bottom: 20px; 
-            padding-bottom: 10px; 
-            border-bottom: 1px solid #eee;
-        }
-        .upload-form { 
-            display: flex; 
-            flex-wrap: wrap; 
-            gap: 15px; 
-            align-items: flex-end;
-        }
-        .form-row { 
-            flex: 1; 
-            min-width: 250px;
-        }
-        
-        /* 进度条 */
-        .upload-progress { 
-            margin-top: 15px; 
-            display: none;
-        }
-        .progress-container {
-            width: 100%;
-            height: 8px;
-            background-color: #e9ecef;
-            border-radius: 4px;
-            overflow: hidden;
-            box-shadow: inset 0 1px 2px rgba(0,0,0,0.1);
-        }
-        .progress-bar {
-            height: 100%;
-            background: linear-gradient(90deg, #4285F4, #3367D6);
-            border-radius: 4px;
-            width: 0%;
-            transition: width 0.2s ease-in-out;
-            position: relative;
-        }
-        .progress-bar::after {
-            content: '';
-            position: absolute;
-            top: 0;
-            left: 0;
-            right: 0;
-            bottom: 0;
-            background: linear-gradient(
-                to right,
-                rgba(255,255,255,0.1) 0%,
-                rgba(255,255,255,0.3) 50%,
-                rgba(255,255,255,0.1) 100%
-            );
-            background-size: 200% 100%;
-            animation: shimmer 1.5s infinite;
-            opacity: 0.7;
-        }
-        @keyframes shimmer {
-            0% { background-position: -200% 0; }
-            100% { background-position: 200% 0; }
-        }
-        .progress-stats {
-            display: flex;
-            justify-content: space-between;
-            margin-top: 8px;
-            font-size: 14px;
-            color: #666;
-        }
-        .speed-indicator {
-            color: #4285F4;
-            font-weight: bold;
-        }
-        
-        /* 消息提示 */
-        .message { 
-            margin-top: 15px; 
-            padding: 12px 15px; 
-            border-radius: 4px; 
-            display: none;
-            font-size: 14px;
-        }
-        .success { 
-            background: #d4edda; 
-            color: #155724; 
-            border: 1px solid #c3e6cb;
-        }
-        .error { 
-            background: #f8d7da; 
-            color: #721c24; 
-            border: 1px solid #f5c6cb;
-        }
-        .info {
-            background: #d1ecf1;
-            color: #0c5460;
-            border: 1px solid #bee5eb;
-        }
-        
-        .create-dir-form {
-            margin-top: 15px;
-            padding-top: 15px;
-            border-top: 1px dashed #ddd;
-        }
-        .file-info {
-            margin-top: 10px;
-            font-size: 13px;
-            color: #666;
-        }
-        
-        /* 媒体类型标签 */
-        .media-type-badge {
-            display: inline-block;
-            padding: 3px 8px;
-            border-radius: 4px;
-            font-size: 12px;
-            margin-left: 10px;
-        }
-        .type-video {
-            background-color: #e3f2fd;
-            color: #0d47a1;
-        }
-        .type-image {
-            background-color: #e8f5e9;
-            color: #1b5e20;
-        }
-        .type-audio {
-            background-color: #fff3e0;
-            color: #e65100;
-        }
-        
-        /* 密码保护模态框 */
-        .modal-overlay {
-            position: fixed;
-            top: 0;
-            left: 0;
-            right: 0;
-            bottom: 0;
-            background: rgba(0,0,0,0.7);
-            display: flex;
-            justify-content: center;
-            align-items: center;
-            z-index: 1000;
-            display: none;
-        }
-        .modal {
-            background: white;
-            padding: 30px;
-            border-radius: 8px;
-            width: 90%;
-            max-width: 400px;
-            box-shadow: 0 4px 20px rgba(0,0,0,0.2);
-        }
-        .modal h3 {
-            margin-bottom: 20px;
-            color: #333;
-            text-align: center;
-        }
-        .modal-form {
-            display: flex;
-            flex-direction: column;
-            gap: 15px;
-        }
-        .modal-footer {
-            display: flex;
-            justify-content: flex-end;
-            gap: 10px;
-            margin-top: 20px;
-        }
-        .protected-badge {
-            display: inline-block;
-            padding: 2px 6px;
-            background: #ffeb3b;
-            color: #333;
-            font-size: 12px;
-            border-radius: 3px;
-            margin-left: 5px;
-        }
-        /* 支持格式说明 */
-        .supported-formats {
-            margin: 20px 0;
-            padding: 15px;
-            background: #f0f7ff;
-            border-left: 4px solid #4285F4;
-            border-radius: 4px;
-            color: #333;
-            font-size: 14px;
-            white-space: normal;
-            word-wrap: break-word;
-            overflow-wrap: break-word;
-        }
-        .supported-formats strong {
-            color: #4285F4;
-        }
-        /* 响应式优化 */
-        @media (max-width: 768px) {
-            .media-container {
-                min-height: 400px;
-            }
-            .select-group {
-                display: block;
-                margin-right: 0;
-                margin-bottom: 15px;
-            }
-            .upload-form {
-                flex-direction: column;
-                align-items: stretch;
-            }
-            select, input[type="text"], input[type="password"] {
-                min-width: 100%;
-                width: 100%;
-            }
-            .supported-formats {
-                font-size: 13px;
-                padding: 12px;
-            }
-            .logo {
-                max-width: 150px;
-            }
-        }
-    </style>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>NAS 轻量媒体播放器</title>
+<style>
+* { margin: 0; padding: 0; box-sizing: border-box; }
+body { font-family: "Microsoft YaHei", Arial, sans-serif; max-width: 1400px; margin: 0 auto; padding: 20px; background: #f5f5f5; }
+
+.logo-container { text-align: center; margin-bottom: 20px; }
+.logo {
+  max-width: 200px; height: auto; display: inline-block;
+  box-shadow: 0 2px 5px rgba(0,0,0,0.1);
+  border-radius: 8px; padding: 5px; background: white;
+}
+
+h1 { color: #333; text-align: center; margin-bottom: 10px; }
+.subtitle { color: #4285F4; text-align: center; margin-bottom: 30px; font-size: 18px; }
+.subtitle a { color: #4285F4; text-decoration: none; }
+.subtitle a:hover { text-decoration: underline; }
+
+/* 媒体容器 */
+.media-container {
+  width: 100%; background: #000; border-radius: 8px; overflow: hidden;
+  box-shadow: 0 2px 10px rgba(0,0,0,0.1);
+  display: flex; justify-content: center; align-items: center;
+  min-height: 600px; position: relative;
+}
+.media-content {
+  width: 100%; height: 100%;
+  display: flex; justify-content: center; align-items: center; padding: 20px;
+}
+video, audio {
+  width: 100%; height: auto; max-height: 80vh; display: none; background: #000;
+}
+img {
+  max-width: 100%; max-height: 80vh; object-fit: contain; display: none; background: #000;
+}
+
+/* 加载状态 */
+.loading {
+  position: absolute; top: 50%; left: 50%;
+  transform: translate(-50%, -50%);
+  text-align: center; color: #4285F4; z-index: 10;
+  background: rgba(0,0,0,0.7); padding: 20px 30px; border-radius: 8px;
+  display: none; /* ← 修复：只用 display:none，不重复声明 */
+}
+.loading-spinner {
+  border: 4px solid rgba(66,133,244,0.3); border-radius: 50%;
+  border-top: 4px solid #4285F4; width: 40px; height: 40px;
+  animation: spin 1s linear infinite; margin: 0 auto 15px;
+}
+@keyframes spin { 0% { transform: rotate(0deg); } 100% { transform: rotate(360deg); } }
+
+.control-panel {
+  margin: 20px 0; padding: 15px; background: #fff;
+  border-radius: 8px; box-shadow: 0 2px 5px rgba(0,0,0,0.05);
+}
+.select-group { display: inline-block; margin-right: 20px; margin-bottom: 15px; vertical-align: top; }
+label { font-weight: bold; color: #555; margin-right: 10px; }
+select, input[type="text"], input[type="file"], input[type="password"] {
+  padding: 10px 15px; font-size: 16px; border: 1px solid #ddd;
+  border-radius: 4px; outline: none; min-width: 250px;
+}
+select:focus, input[type="text"]:focus, input[type="password"]:focus {
+  border-color: #4285F4; box-shadow: 0 0 0 2px rgba(66,133,244,0.2);
+}
+
+.btn-group { display: inline-block; }
+button {
+  padding: 10px 20px; font-size: 16px; margin-right: 10px;
+  border: none; border-radius: 4px; cursor: pointer; transition: all 0.3s;
+}
+.btn-primary { background: #4285F4; color: white; }
+.btn-primary:hover { background: #3367D6; }
+.btn-primary:disabled { background: #ccc; cursor: not-allowed; }
+.btn-secondary { background: #28a745; color: white; }
+.btn-secondary:hover { background: #218838; }
+.btn-danger { background: #dc3545; color: white; }
+.btn-danger:hover { background: #c82333; }
+
+.media-info { margin-top: 15px; color: #666; font-size: 14px; }
+.dir-navigation { margin: 10px 0; padding: 10px; background: #f9f9f9; border-radius: 4px; }
+
+/* 上传区域 */
+.upload-section {
+  margin: 30px 0; padding: 20px; background: #fff;
+  border-radius: 8px; box-shadow: 0 2px 5px rgba(0,0,0,0.05);
+  border-top: 3px solid #4285F4;
+}
+.upload-section h2 {
+  color: #333; margin-bottom: 20px; padding-bottom: 10px; border-bottom: 1px solid #eee;
+}
+.upload-form { display: flex; flex-wrap: wrap; gap: 15px; align-items: flex-end; }
+.form-row { flex: 1; min-width: 250px; }
+
+/* 进度条 */
+.upload-progress { margin-top: 15px; display: none; }
+.progress-container {
+  width: 100%; height: 8px; background-color: #e9ecef;
+  border-radius: 4px; overflow: hidden; box-shadow: inset 0 1px 2px rgba(0,0,0,0.1);
+}
+.progress-bar {
+  height: 100%; background: linear-gradient(90deg, #4285F4, #3367D6);
+  border-radius: 4px; width: 0%; transition: width 0.2s ease-in-out; position: relative;
+}
+.progress-bar::after {
+  content: ''; position: absolute; top: 0; left: 0; right: 0; bottom: 0;
+  background: linear-gradient(to right, rgba(255,255,255,0.1) 0%, rgba(255,255,255,0.3) 50%, rgba(255,255,255,0.1) 100%);
+  background-size: 200% 100%; animation: shimmer 1.5s infinite; opacity: 0.7;
+}
+@keyframes shimmer { 0% { background-position: -200% 0; } 100% { background-position: 200% 0; } }
+.progress-stats {
+  display: flex; justify-content: space-between;
+  margin-top: 8px; font-size: 14px; color: #666;
+}
+.speed-indicator { color: #4285F4; font-weight: bold; }
+
+/* 消息提示 */
+.message {
+  margin-top: 15px; padding: 12px 15px; border-radius: 4px;
+  display: none; font-size: 14px;
+}
+.success { background: #d4edda; color: #155724; border: 1px solid #c3e6cb; }
+.error { background: #f8d7da; color: #721c24; border: 1px solid #f5c6cb; }
+.info { background: #d1ecf1; color: #0c5460; border: 1px solid #bee5eb; }
+
+.create-dir-form {
+  margin-top: 15px; padding-top: 15px; border-top: 1px dashed #ddd;
+}
+.file-info { margin-top: 10px; font-size: 13px; color: #666; }
+
+/* 媒体类型标签 */
+.media-type-badge {
+  display: inline-block; padding: 3px 8px; border-radius: 4px;
+  font-size: 12px; margin-left: 10px;
+}
+.type-video { background-color: #e3f2fd; color: #0d47a1; }
+.type-image { background-color: #e8f5e9; color: #1b5e20; }
+.type-audio { background-color: #fff3e0; color: #e65100; }
+
+/* 密码保护模态框 */
+.modal-overlay {
+  position: fixed; top: 0; left: 0; right: 0; bottom: 0;
+  background: rgba(0,0,0,0.7);
+  display: none; /* ← 修复：只保留 display:none，去掉多余的 display:flex */
+  justify-content: center; align-items: center; z-index: 1000;
+}
+.modal {
+  background: white; padding: 30px; border-radius: 8px;
+  width: 90%; max-width: 400px; box-shadow: 0 4px 20px rgba(0,0,0,0.2);
+}
+.modal h3 { margin-bottom: 20px; color: #333; text-align: center; }
+.modal-form { display: flex; flex-direction: column; gap: 15px; }
+.modal-footer { display: flex; justify-content: flex-end; gap: 10px; margin-top: 20px; }
+.protected-badge {
+  display: inline-block; padding: 2px 6px; background: #ffeb3b;
+  color: #333; font-size: 12px; border-radius: 3px; margin-left: 5px;
+}
+
+/* 支持格式说明 */
+.supported-formats {
+  margin: 20px 0; padding: 15px;
+  background: #f0f7ff; border-left: 4px solid #4285F4; border-radius: 4px;
+  color: #333; font-size: 14px; word-wrap: break-word;
+}
+.supported-formats strong { color: #4285F4; }
+
+/* 响应式 */
+@media (max-width: 768px) {
+  .media-container { min-height: 400px; }
+  .select-group { display: block; margin-right: 0; margin-bottom: 15px; }
+  .upload-form { flex-direction: column; align-items: stretch; }
+  select, input[type="text"], input[type="password"] { min-width: 100%; width: 100%; }
+  .supported-formats { font-size: 13px; padding: 12px; }
+  .logo { max-width: 150px; }
+}
+</style>
 </head>
 <body>
 
-    <!-- 居中Logo容器 -->
-    <div class="logo-container">
-        <img class="logo" src="data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+CjwhRE9DVFlQRSBzdmcgUFVCTElDICItLy9XM0MvL0RURCBTVkcgMS4xLy9FTiIgImh0dHA6Ly93d3cudzMub3JnL0dyYXBoaWNzL1NWRy8xLjEvRFREL3N2ZzExLmR0ZCI+CjxzdmcgdmVyc2lvbj0iMS4xIiBpZD0iTGF5ZXJfMSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgeD0iMHB4IiB5PSIwcHgiIHdpZHRoPSIxNDJweCIgaGVpZ2h0PSIxMTNweCIgdmlld0JveD0iMCAwIDE0MiAxMTMiIGVuYWJsZS1iYWNrZ3JvdW5kPSJuZXcgMCAwIDE0MiAxMTMiIHhtbDpzcGFjZT0icHJlc2VydmUiPiAgPGltYWdlIGlkPSJpbWFnZTAiIHdpZHRoPSIxNDIiIGhlaWdodD0iMTEzIiB4PSIwIiB5PSIwIgogICAgaHJlZj0iZGF0YTppbWFnZS9wbmc7YmFzZTY0LGlWQk9SdzBLR2dvQUFBQU5TVWhFVWdBQUFJNEFBQUJ4Q0FNQUFBQTA1MnYyQUFBQUJHZEJUVUVBQUxHUEMveGhCUUFBQUNCalNGSk4KQUFCNkpRQUFnSU1BQVBuL0FBQ0E2UUFBZFRBQUFPcGdBQUE2bUFBQUYyK1NYOFZHQUFBQy9WQk1WRVgvLy8vLy8vLy8vLzM3NHZYKwovZnYvL1BuOC92MzYvZnY5L3ZuNi8vejUvLzM3Ly8vOC9mLysvdi84L1B6OS9QcjgvUDc5Ly83OS8vdi8vL3YvL2Y3Ky9QMzQvZi80Ci8vL3E4L2ZNMHRla3NMeHdoWnBOYUg4L1VHSXhSRjAwU21kQlduRlpjb21LbksyN3h0RGY1T2piM3VFYk9sY0JJMFFDSUQwQkpVa0UKSjAwQkhrSUtMazhrUldWZmVJL3Q5LzBGS0VJQktWRUZMRk1ITDFJS01GUUlMbElITFZJSkxWQUlMMDhGTFV3Z1BWL1MydUhxN081NgpqWjRkTmswR0tWUUpLbEVLTFZNSU1WSUlMVTBHTDBzSEkwNUVZMzJDbEtVVE5GQUpMMVRDemRVR0xGRUZMbEVNTGxNSEtrL2Y3UFExClVXOEpLMU1JTGxNTEpVVWRORklLTEZBUExFb01MMVVITFZRQ0xWRzR3Y2tMTGxNSkxsWUtNRlZvZjVNRkwxTUVMRS85Ky96Ly8vaXQKdThZRExsankvUDRHTWxuNCt2eng5Zk1tUFZRM1YzUU9NRlVMTVZZS01GY0pNVlVLTDFvTk1GWUhNbFVDTDFVSUwxa0xNVmdRTGxvTQpMRmdLTWxVTE0xWUdNbFFOTVZVWU8xME1NVnNOTDFnSUoxVVVOMW82VzNpWXA3VG42ZXZ5OHZIMTlQVDI5dmJ4OGU4TU1sY3BUR3hTCmJZYjcrL3o1K2ZvSUtsWU9NVmY3Ky9rY1FXUU9NbFlKTTFrdFQyeno4dk1JTTFiMzkvZjE5Zk1MTWxrTE0xVDQ5L1VOTkZ2ejlQVVAKTlZvT05GZ1JPVjRsU1dzMFVHWUpORmNGTTFFUE4xdEJYbm43L2Z3eFVtNFZQV1B1N3U4NFVtMzQrUGtNTkZjTk0xajYrdmNKTTFzTwpNVmtMTUZvUE1sZ01NMW9NTkZnUE1scjE5dmtMTWxzS05WZ05OVmdlUldrTk5sWVFNVjBPTVZFUk0xME5OVmtOTkZVS05Gb3ZVM0VRCk0xVUxObGtJTWx3S05sMEpOVno4L1BjTE5Wc0lObGdRTjE0UU9GZ05NbHdNTVYwSk5Wb09OVndJTkZrZFJWNE5NMTRPT0Y0SU5sb0gKTlZrTE5WMFBPbDBMTlY4S05sc0pOMkFMTjE0TU5sdzFWV3dKTmwwTk4xOE9OVjROTjEwTk9Gc01ObUVPTldFTU9GMExPRjhNTjFvTApPbUVRTzJJTk9WNE9PR0FQT1Z3Tk9HSU5PV0FPT21FUE9WOE9PbDhSTjJFR09GczFWV29PT1dNTk9tRUtQVndOTzE4Tk8yVU1QR01HCk1HQURNMXNITjFzSE4xMTlpWkgzQUFBQUFYUlNUbE1BUU9iWVpnQUFBQUZpUzBkRUFJZ0ZIVWdBQUFBSmNFaFpjd0FBQ3hNQUFBc1QKQVFDYW5CZ0FBQUFIZEVsTlJRZm5CQUVORWhZT1VSYnVBQUFaSVVsRVFWUm8zdTJiRFZ4VDU3M0g5eHlPaUNZbjc2YzFnYnVaRUliUgpFdHVDVVF1c2dyMVFhSzJWYm8yTGhBNVphK2NDaGpWYlRrR3VCS0hoWlpoR3dmaEd2QlNzemtSYWM2cVJPVEhPSzJQTVdxL1pCUjNzClFuQ3dpcFFFZHJlNzNiZlAvWjlBQW1wN0s3Mno5M00vSDM5NGtwenpQT2M1MytmLzhqelB5WWxmK2NwRFBkUkRQZFFjaE1MQ1lJdjQKdjBTSndPZEZ6bzlhc0dEQndvVXNOcHZGSmpqei84K1FJakNjaTdONHhFSitKSUhqQ0xIWmJCNHVZUE9Ga1FUMjVjTVFySVVzbGtqSQpRaGcyNHlzUVFSS0VnSVcrWEpoSDVqL0tZckhnNm92RWt1aVl2L2txNkd1THBiSllPUnpEQ0lUNGdpL1JRamppTXlnb1RyYjQ2L0ZMCjRoV0twVUVwbGkxN0xFRVp1eHdKRnJCdzlHVlppUEVJd2dUTEpYL3plTHppaVNjVGsxYW9WQ3JZVmo2MmF2WHExZkhMbmxJbUkwVGkKYk1HWEVkUVJpTTFFUzBycU41YkVQL0gwbXJTVjZXdlhyZ0tscjFyMURQT2lXdk8zOGZFWnNZZ1FRR3cvY0k4SkJmd0ZMT0hDekdmagpGYXZYcmwyNWF2WEt0YXFzRlN1QUkxMjFJdkd4bGF2V1B2YllxbFdLSlRGZ0llSlIzZ04ybUVqQTRpT1VuUkQvNUtyVno4RGY2dFZyClY2OWVOU1hBV0FXR1VxMEMzejJuV0pMS2h1UW5XUStTQnBGTVBrY3ZVenozSFBobXBZcTUvS3JuMDRNMDZTdGdiMFhpcWxXSnExVHIKbmxPOXNPeXJ5U3pFSm9nSFNFT0lXR2o5aTh0ZTJQRGNTbFdPS2lkSEJhOWdpaytYNGlVSndpSUo5b01LYUlFSUVaajRtNG9YdnJVbQpiVU9pNmxOQlZMTU9MMTBXRFZsSXNoOE1EWVlXQ0xEc2w1OTRXcjB5YmMyR2pUa2hxV1krQlVsVVUweXFEZDlXTFpQQ2tJZ3RmQkEwCkJBOG1KczNMaW1mUzB0STJyVm1UdUhJMnlEVFZ0RzJtanEvSVVnRVBRdk9KQjJDZmlFaFNoTEpmWHJyMm1jZlVhYmtiMWp6UFhEMUwKRzFhV2FwYU5HT1ZrSmFvMnFwYmtJWUlnLy9yNWpnbEYyUHB2TG4xbDdjcE5hVG1KYXphb2N1LzBsT29PbnpFdkt6WWtKdVorWjBrbQpZZ254L3oxUEJLUHdIb0xoaHZXMXBXbWIxcTFMVXozM2ltcERibTRPazFiQjRKMks0THVzbzBwTHkxMEJQRXMxS0pJbCtGK2g0REM2CmtJeUk2WGtuSWgrT0tCVzVTZXZVZ0pPbXlrcExUTXo1SE9VQ1VPTHphWXB2cm9jNVZmVEZ6WUlJZGlRZkZ5d1FDUEFvRVR1NG1CSnQKM293SzRyK2JDN1paRjdyY05FL3U5SjRLRHFSdHpFbFQzWTIxTEFQaE9QZUxqajR3K1FraWtRZ1NGRFlCVEpjRUJrc3NISC8xRzRyWAowdFlCejZ3cnJWQ3RTR1BFaEZCV3prYlZwaFVyWmhkUCtXMmpRb0kyNC9nWE13M0JaaEhNRW1MTG9oUzUvSFZZN09FQ3lBeGNnRVV2ClNVcGtMcTBPeGNZR0NKbkUwRTdPY3pCUXE1NS9aZU5HMVN3eFNKQmdUeTJQMmt4OEVSN3dzb0FmK1VoeTZ1THZ2YlFzUHY2WnJiSkYKQkxQOHhKRDg4YlhwU2V1K3IxNjNUaHRLYjUwMnQ3QW9LMG1kQkFleXRQQmhrNjVRblRVcithZWt6b3BQUlZGUlh5QzUwQUl3QjRwZAovUGdTeGRMVjIxNUpXdnVkK01laTF4Tkl5RWN4ajZlbnF4a2NkWGlrMFdvMzZkVnFOWU9pWTNhM0ZXcHpBZXB1bkt6aUh6eTdIdCtNCjVzeURXQXNGYUxsMHllcFhpbC9aK01ZMlEzRngrZzkvOUxjdjU4bGhUUkcvRm5DK3IvNytqSFVLczVLU3RJV0Z1UUREZk5KdEt0UW0KcVF1THRQZmdaQlUvbm9sRmllYUtneDVsYlJZbUp5eFphNlRTaTdUcjNnUzdGK24xUDFxamVGWXBYL3gwWVE1WUI0d1J4bEZyazdLSwpzdUJObTFYQ3VLdW9KTW1nM1hRUGpiWXdTZjFDNlNNWVNjd3R1U0pFanl6QWtyLzVVczZiUlVaakRsaW1zRGc5Zlh0Wm1mcEhmNmQ0CitYSDFHN2xGV1pCWTMxODNxOS9hSFUrVlMxTk5CY255aXAyVlZXL0pTb3FUTnFYZmFSbEc2OUxpQy9ETmN4eWFGL0JaMlBydktkYVoKYzZZalk4b0dhdlhHRFQvYW9NdlpDSE80T20wVC9PWG1ibUl1a2xSZGsxcVFYTVhtMVBLRVNFamdxQzV6UlhwUjdxWmNHTENobU5rMgpKYXBXd041ajZxVXhLR3B1T0lnRmR5T0w0MytzMWpHQkNmK01JQ1lTOU9ha2VyMVdaOURwa2d3R28wNnJLOUVaU3hJeU1ndmlxdW9RCm5wK2ZUKzdpMUhJNUpGZGowUnZVYnh0MWpMUTZuVUd2TnhyMWFpczBwRXQ4ZGpsR3pPbk9BbTRxTVpraVo1dEJyV1p3WnNsb3RScVQKU3ZUR0lrcW4xcXNOUmJyZFNrbnlIZzZaVDdCNElvZ0pMcGVkdnl1U0U1dGdMdFRweW5SR0NvajA5VkRSYURUb2trcEt0SWF5TEVVQgpjenMwSitQdzF6KzdwcUdCUVlGL1JtT0l4bENtWjdwcmdGWkxkSWFTM1htU3VDMjFHRTZTY0dmZXVETXVXNU9DMS9Md3ZhYnFvaEo5CmlhNGhxVWdYYk1HUXBOTlJhcjFOVzZRcjFLY3ZqVVlrTmdjYzdGRVdTbzEvczdnb2Zjb3llbjNZT21hR1NiZlBxTmNWbDBwTjhrcEUKQ2poSXRMOHVXU05UYmswNGtCQUhjOUxCekVOYWZWR1QvYW5ER1RYU3ZPalUxTlJvWlhtcDFxeDlRMi9VcWt1S1h2aDdXUGZjL3pJKwpJb3FGRm4zdk84M3ZGQnUxT3ZXMHBvSzVSRnVvVTVjeDI0dXA0aTIxUXJoZHdmR0syTlNZQkRobTBKYWFHZ2tlR1Z2NllreWVTUktiCkxPZlZjbW81ak1nVXplS2k5Q1NvcE45a1ZIM2pWWXdrNzk4NDJFSk1FLzltZWtOUkF5UGpMQlVYRzVPTURjMHRyYWFLL2NRUkxpZHkKdjF3Uy9lN1JmWWIwNXVLRzRxMlNLcHczajNjc0x1WDFLaExpZzgrZHorVUdjZWFqWGFaOWtBMUd5SXFpTjErRys4QjU5eDNMQ09lagp2T2UzNmQ2RVVEUXkzdGRxaTZaeENvMWFZM0ZUamVRWVFaSWlnbE9seWR1cU5ocTFoV3BEb2M0U0hZZEkzcTc1SkpkRGtQa3NYRVJnCkJHZGEzQ040WnBGQlcxU1VwQzFXRjc4VWkvRDduN2RRSklGKzhtMmJycmd3S1RTRUpVRWFKWldBeDNUcUhURUZiM0ZGbkVqV3dlVE0KMWgwNm1BdDBTZHFrYXFsRWZKd1VrU1NQRFdzUlBqbC9aK1dlUFpVN09WZ2tleDZQaE5Fb3BWV2RwSWZCMjFCVy9PWXlDU0xuM1M4Twp3Z20wcURUWDBXdzAyTXdoT1kyVXVWNXZzN1hVU1Biazg0OFFlS1ZHZWRpMno2eXptZDgySnlnbDhrcFlEQkVuVGxTOUx0YVlaQkM3CkdhMmdqRHlUSEdkemEvTnhqbVNIMldtbzF6dk1CcW8rWHNaSDg0VDNGOGNJbGpTRS9LVzI5QWF6N3IxUVF1bmZQMWxpdHBtcFZra0sKbXlCeDdIV05zclNzeEZ3R01KWWFVeHpKZ1h1V0NuRkJabDdNdXp0Y0JrTjl2Wmt5R0pnUlJ4OWRkWVROM1lWWHRKWVlqRTRqYmRZWApHVDlRWkNJMjk3NiswUkJ4U1JMdTc3T1hOQlNaS2JNK0ZNSTJzODVjYjZpV1ZUeUNjL25jS28yMHRLemVScFhZZG16TmpEMkY3VG9ZClY1QXAzVzFwZWsrdmM5a01VTmRHd1dhZzlFWkQ5SDVpUGtkVUdYMzZiV3U5emd4Rnh2ZCtxSWpHWUdYMytRTXpnbnRkY1AzQzJNWGYKb3VyTnpRME5WRWhXcys2UVVrd0tvempFM214bHFlMmtycUc1MmFLTVBjYmx5VFdwTWRVNksxRG96QlFGaDQwNnM5N3MxTkxOelZUegpickVRNStDOGdsS3FtZElERGxRcSs0QVpCMFVFZ1F2L1o2SW9FZ2tSdHNYMDFhVXZGRkVVclhNM2gyaE9tOTN2U2lyNU9JK1lMOCswCk5PanE5V2J6VnBsNDc1NDRrL0t3M1FaekFkUUZGK21ncnRscE05VHJ5dDR1b1pxYkV6UjFZTzBqMmRXVTFXMXNleHZHWnIzT2NGS1IKQjZzNG5JakVJMG5zczMwR0syR0UyS2FuRkQ5K281NHlObE1uZFdIak9NL2t4V0ZrdmdnL1pub1hJa0JyZHJhYVVvNW5aN2EybTVtQgoydEZzTmxNMnczc0dJMlYxR1psektZUFphRHRacnVHSWVFZHc4VllyRFpheVVycDZvMWxYVnIrbU5YazV3Z1FZTG9TN1V0R25XeWlDClFMZ0lFMjlWUEZsRzA3YjNxWDNRT1ZzSUowR3luNnpsNHZNMU5VWmJVWE94bzFVU2w1eVo4ZE5tYXdNVFlNMUdRRERDR3pQQk01K00KelRxOXNjR1NHbGZINXBGQTR6WmFLYU81bUlLWlhhY3ZLenU3OW1kUExVNk5sY1BpVndpWjgya0dpb2hDRU1LeWwxY1htYzl0TjRSQwpXR2ZZQjhPeW9WVnpndUNRSlBnSkRHV3pialZwVERFV3lrM1JOSVFFaEFyRUROWHNicWFwS1h2U2xNMWhUTWpMM292eU9VU2xwTnBnCnBaeVUyK2hvcG9LRHhudnZ2ZGZ3eXZNS3hZNk1naE93MUJDeCtQY2FhTDl3RnlMeUZCMzE5U2QxdG5ETU5MdVo2SlRLRWNGRGV6V3QKSngzbm5aNkV6SUxVQ3orbmFkclI0WEk2bTV4T204ZERPNXhOOUFHNncrbDBuT21nNkl1V0dKbTRVU1NxSmNqR1RJdmpiYnFEdXVodQpjbG5QME5BZHA5bnMrb2RMMXM2MjE1NVVQQ1Y3RmNmSXlIdFdZNzhRd3AydVZQSCt0cktUKzVxZFRucGFQM1YyMFllaUt6Q2NWN3RUClp2SDhzcU9ManBIbFdad2RiamROaDJ0MU9McVlOK3JNZVFhc2ZXdWVTWHo4QkJaNWhFU25ORFVkWjJ4dXA2T0pwcytmb2MyaE0raDkKNTgwMDVhQUtGUW14TUg2eTJYZnlDS013SEVuamJSOThVRzkydTh5TzhHbG56TjJweDBndUcwK1dYblE1SGE2bWpCaExWd2UwMzlIQgoySUx1b0drM3ZEZ2NZQk9uM2RLcXpKUWtIenVCQ0Z5QWlCT25Zdk1zNTVzb3Q4dlJTZE9laXpUZEhHclc3WURPbktGb3MvdEpSZDZqCk1BcmRzUnlMRUFKTmRQeXZ6R2ZPT0E4MXU1enVFSS9UZGNpMG4rQ3hhOFd0blpTRFBubHhSNmtaQ0tDdkRnb0F3QzVuS0FhbWFjZnUKREtWSmsxeEhjcmg4eE9ZVHFDNUZMS3NwcFR1c2RKT2JEcHJiNFFEeVVMdE9jeE9ZeW5iNi9aTnZMSDEzUFNJWHpyWVBQZzliVUJDLwo2V1JUay9NUW5CUDJBcHdYdlJQdElrNW9xajEwUjhlQjgyNmFnZ2lCVmgwUUpSMzBBZGc2ZnBXUUVXMFNWeHg3NndUbmVHUGp3V01wCjh1d0NXWFROdXhZbjdmWTQzZTVtYVBBODFlRjB6R3JZNlFMWDB1K2YzbTZtWERiRjErVm9vWWdYam1mK1BDRmE5R3lhK1FQekI3WVAKVHRJWHFURE54YndVR0QvM210cWRUSnYwQVdnVFFKem5MMW85SGtpc0pxckQxVkdhQVV1K1BKQXlUeW1OeVNpL1lIRTZ6b01Ob1o0YgpJQnhONXgyZTVpNkh3OVAwODQ2WmZqb2NEcDNUdHAyeVhmNlFYdnIxOWFoMnhqdzRqb2xxNHMyMkR6dHRWOXBPMjl4bndpZEo1VGpKCjNtdXl1QzQ2YkIyT2k0NnBobWlYR1JJSzNwMGRkQlBUWS9CdXNPZ01RRGN4SHp3ZlVXNDNYRHg0MUZOYWZ1RnRwM3RIZEl4bmhvWjIKdlgvWlpuT2RkdGxzbC9YeFgzc1ZzUVRUNjFVWXNMSHMrSDM2RDh2YVBKN09OcXVWb2wxbllLUndkTFhHd2JTdzMyU1p2a3FIbTU2cgpncGk3S3pRMDNXV3BNTTJLSFZkSU5wQWhYb213QmRPM3BsRTRpeFdqTUo4OTU3cnE4WGl1UUxMUzU4MFhmK2s4MlM0bWVGeVIrRER0CjlIUkF0cGtaaTh4TlRKaWZkRlh2ekc1OTBXMlhLTStFanRQMEhUZzJTbEVnaEhVV1E0TUpmeUZNZnJ6bzhybHpsOTJlb0t4V3NMN0wKNGNqY1QzSTRjVEZPWnJCejBCNEloN25pT0duSHZwKzZxMU9PNzBuZVhYMU04dlB3Y2RjTUR2T3kvWjEvZkZVbzRFLzVTb2hTSDI4NAplKzdhNWVZUVRwdlQ3UEpzaFdWVlpHT2VpL0k0emJRUm9DamJYSDFsbzh3ZE5tZDFTcHlNbTFmTmtyakN4N2R2M3c1RzJjN1loc0c1CjNCd3Z3MWhCSEJ3VFB2clZiK25PbnJ2c3VXcWQ0dkYwYm0ranZKSTZIcm1yb0JTQ3FSUE9OYmhzbnRPMnVjclQxa2Jid0M2ZVhkR0gKU2NuTThkTlRUVm10UVJ5Ynk1Yit2ZVdJK1E0VFk3R1ErT1VzOE5VNXQyM2FPQjUzVzV1dC9CZzZRbFNVZDNaMmV0cXVYcjNpdWZycgpmM0pmbmFQYzFwNnJ6Yit1ZnF2Z0tDZjZNSko0UXNldFlYbUNPTzREZEx3RVo2eURXR3hrVWpTY3ZYYnU3RlZYRUliUlZXdWJDWEU1CnRiS09Uay92MW93TFZLZlYxZGxwdlRKSGVUcXBydXVYZDFjVVhOZ1pYWDJ3d0hOUCtaVXBuRE9VKzRsV3hIempqQkVZcWxGc1Azdm8Kck92WFV6Q01oZHFja0ZaSDhMaHkrc3B1eWJHRDhzelNHMTA5WGU2dU9hcmpOeDN1UHNmUjFndnQ1WWZ0NWUvMnpKVDBNSjk3dW01NApHRy9abkIrK1YveXo5Y3hBT0k4UVlydC92UDNzdVhPdWFmTXg5YTUwU2h2WlBFeENXUzBGZFREWkg4eTg2S0Y3NWtyenViclI1Wm1LCnBlM1g5c1VYb09BQ0dUdVZzTzN5NWJPWE84RTRiVEFTUXJVREY3dGtKL0xKUFZKM3AvSTQzRXYrQXNtcmI5eUFzeDhRVHR2N3A2a1gKb29NNE9KS1hYcnQyK2RxMW5rczlqSUpHN3ZERVl2a0VNTGd6ajhNOHdlRld4bmg2UEEvQ09oNG1PRHF0bmdOclloZ2NuRXZJU3orOAozTm5UZVdrR3A2dnJrcGhnMXhhMFhMb1JYY2ZpY0hqc3ZhMWRydjdPdnpyUHREb3ZYcmxjK0Z0V2NGQkdjVHMrWkZpbWFJSTROenA3CjVJaEhtQzUxWGlxUHczZnh5Rjlvamw3NTZKOGZGRTBYR09sYTd1RlREQTQ0YThlMnprdWRuVDFoSEkrbjMxTkI1Sk1taUtKT0pkeG0KczhWYmFVZzN6d1BVYWF0bFVkQTZ3a1ZQQlhHbXhaUjFlVnh4REk3SGJmVmN5WkJKVWc4UERBNzRXZ1o4ZjJYMWh6OE5EVnhKV0E0NApYS0dRbGJBTlBIVzlaOHBkVE9IQWpZL0VSQzFQMHRmVjM5Ly9VVi9IcFVPRGNHNy9GNzdzNStpai92NmhtNjlWTTg0U0loRVdrL3U3CnJyNmIxL29ZWFI5aUtnejdKTHhJUE83d1FIZi9VUC9BVU9pOFlkL3dvUmJmeUtDdmY5QTNNdFF5TXR3LzRQTU9qb3lFK3pneUFEMGUKZ3VLK0VWOExWTzlyNlI4K05QUjdlQjN5OWNGSlF6ZjdSL29INzdFeWcvUG1CV2FCZ1hBY1pTN3R1WDY5NzZQcllaeit2cEc4VTF4aQpUd1pjdFgvazBJeFpEZzEvZkxSOVJwYjJ3YUgrb1pZdzdrRExZUCtnWmFaNHlEZHkvZERJYjBadXRjOCs2VjZmLzM1dzZIYy9DQ1k2CnNUa0t4VDU5dmErbnEyOGFwei9vb0dvNXlUNGhPOUR2NnpuVWRhTS9ySjREVW5sY1dQSmtVL1hIZmYwWFE2WERCL29zcWVKd2NYSm0KZTBkL1g0K3ZSaE0zNnh6VFlQL2RPakFFT0ttTWRTSUV1R2lSNVIrdTl3MzBYSWVacElleFRuOGZFTXVJV2hSM29XVm9zTVhYTjh1cwpvOUpHVEVpSWdqK21RbnpFS2pnNjBCSXU3eCt3eXhwRkJDSUpJVW5BM2RZV2lYMWthRENqQWhFRWd2dHg1c2MrQ0drK3VqZWtmejk4CjdZblk0T0k5S2txSWxFOWU3K3ZzNjV2QzhRYmwyeW9tK0hVeStHUWZ1dTBOYTJ4WWVvcmdzRlBFakNvaTU3UDMxM1IzajRWTFB5bVgKWS9uc0xYVmJqaCt2MjdJcmtrakpHQnYzeWtSYzlxNDRjVWdtN3lmZXUzVjcyRlc2S0lpRDRSaUtmV0d3YTZSbmdORk5hTnZYUFRRNgo3azA5UVlwU2FqNFo2Ujd0RHA4Mk91aVZWdkh5a2JqYVlyRzBhMUErZVR6UFB6UWVLbTdwcmFuaWsvTk5oNE1TNTBkdVVYcEh4eVFrCnB6WmZabUYwbEhueER0MU5NemppVGF3SkxyKytFZ0d4ekhyeHcrdVh1c0k0QUJRWTl4NHVxT1VnemU2eDRZbndhUU5qM2pGcEZjRkIKNHFPVG85MEJqWWdrNjZJSEJtZWF2MTJ6bjUzUGt3VjhmdDl3UzNZK1hxZjBEdmtsT0llRFo5cDlvMTd2OEtoMzVQYjRQY1laLzhpbgpLSWljZXFMTjVGYkIwc0dSbXplSFF6Z2o0OTNlY1crNW5FK2VrQno5MVVqNE5GL0wrSWgwUDhuRHhPMUQ0Mk8zTklnbnFJdjJlUWZDCnpYcHJxdGpjSTdMeDBRSDdXQ0NiUng1WCtzWUdKRVQrZks1RXFsUktZWXRwSDV1OGZRL1BTTVB1VjdFcG5BaWNSSStVYjV3TVRQWU4KamtCWCt6OFpZTWJMZ2I1ZjFWUVFaSjNFTW5MSU4rQWJHaDRZaEpqdUg1WldrUnhDYklFQUJCd09lVHg2OXVEcXF6bUZ3eHB5YU1RMwpOT2pMNXVEN2xRTWp2dFI4TnNuWlg5VUkybis4TWJaOHVqNlRVc3hRNWhzWStPU213b1JDRHdZd0hDZVNTL29taC90dTNyeDVmYlRYCjJ4dndCOFlteGdOMlpRV2ZPQzZwOWs5MEJ5WUNBZi9vMkpnOUFNNDZnc1R0Z1VEZ0tPQnc2cUlEM2tCSTNZR2FLczZSZkZtdjN6OGEKQ0dSejJNZVY5ckd4d3hvZWp3Tjk0SkJzU0dPOGdHbHJTbjZ2Mys4ZDgvci84TTYvc0pCb0dpY0M4aEtUTFowYzhONzJEZC8wZC9zbgpBcmY5dmIwVGYveWp2VVpUeTZyVFpBVHN3REx1dHpOSTByMGNjZ1lIWWljd2kyZThaaTg1SDNDWWhQUm5zOGxHcGQxL2E3ZzlUellsCjB4NDJtNml3aDZ2ZkR0akhvSy9lajFkbmczRkMzM3d6MGNQS2VHNXljdEp1bjV3TWpBWjYvYmZ0UTcwVGdVLzgxYVlLRE1uempvN2IKZS8zMjIvN0E3UW13RG1SV3UzY0toMkJ3WnZSeFRWVVVPR3ZVM3RzOWRpdjdDSEZjNmU4ZG54ejFBN0lQdHZLZExDNnF1RFVhcWo3aApIK3NkdGR0dnJzNkVxVW9ZL2c0RGgyRnQrWVVudTBFQjcrakU1RmpnOXFUZDI5c0wxdmRLWXh2Um5vSVl2OWMrTWRFTEFTbzlSWEx2CnRNNk1jWHA3YXhvak9idGtmd3A0L1JPKzdGMmMvZEpiZ1c2N2Y1d3BoR3JsYnhHNytCWCtLV2N4Rmd4TVROZ0R3OS9OUU1Uc2gvMFIKOC9nSXJhOSs1MS85L2orUGVzR0dvNHhYb1htby9FbTdVbEp4NnFCRTJUN2gvZE9vZlV6YXlPSGVHVHV6Wk0rb2pPVE15d3c2MXg3TAppOXhTSUd2dnJUYUZKRG5JNWlDNTNUNU40NTMwK3IyQlQxNzU3YXN3anMvK0pRUWk4bkhXK3QzUGZQeVhXd0Z2Q3pUV3kvVEc3NThZCjl3ZnNmL0puUkd2a3g4U1pOWmFqdHlha2UySElEK0dRNkE0Yyt4L2Jzd2tvbmJwNEJYNkV4Q29PMnkvc1FjVDA3Nm9GK1lnckNmUk8KMHpDeTkzLzNKOHNSaWQvNXN4NE1waGpoOHBxbHYvbmorTC81Sjd1OUFOUGIyOXM5YVlkZVFpalpqN1puNUtXbXB0YTBqeXZmcWp6WQpPSVVUMjFoWnVUTjFGbzQvME51YXZiT3lzdkxnd2IwSEQxYSsvdnFwZzNIVmdRc3BWWldNOWtEdFUzc0t5cWREQjFoNmgzcEhucWhaClRvZzI0M2Q5bVNzVWlTSVJNdjM4dFgvN3k2MWV1L2MyMDRYZXdCZVdkMVpFM1Nzd2VlKzRIYTVqZisxbk1oYWFKOER2K1dvWkUrV3oKa1doOXpkcTB3TVNmQW9QZDNiZjl2dHYzcWZHNzlIbjFBNzd1MFluQXJjbC9mM3B4TW9ad1lkU25QTjJLUUxnb0VzZVNwVDk3b3JOLwpkUFRQbzhPM2VxYzFrem1mdmo5bmVXL2RIdTByZnI2OFlDRmlDd1NmOFdBVTR6TWhoSkpsaTcvK3hIZi80NTkrZWVNL0dmM2hEMy80Cno4L1JmMDNyczhxbldwaHA1NWV2L2VBSDd4ek95MFlJWTdISXozeUlEUXNrSHZQY0JzbGpaY3FZeGYveTJ3ZWtyVEhSRXZGeWhFRVcKUHZJLy9oNERFeEVremhaaEJIcVE0ak1MUTRMTjU2RFBlb0EwSytYWkdQOEluODlpOGJId2Y4T1kxbWZ0M3kzb05YTzlzTzRweDNHTQp4U09JS1B3K0hxZkQ1ZGdFd1dheitaRmZYSHo0aStSUDYrNUNsb0FVTEJSaTJQMCsyNC9Bd0YyNFFEU3R1M3NaMmcrVjMzMzg4NFF4CkQ0anVFK1doSHVxaEh1cWhIdXFoL3QvcHZ3RzBHTDBDS29ydG9BQUFBQ1YwUlZoMFpHRjBaVHBqY21WaGRHVUFNakF5TXkwd05DMHcKTVZReE16b3hPRG95TWlzd01Eb3dNRlhDVXhrQUFBQWxkRVZZZEdSaGRHVTZiVzlrYVdaNUFESXdNak10TURRdE1ERlVNVE02TVRnNgpNaklyTURBNk1EQWtuK3VsQUFBQUtIUkZXSFJrWVhSbE9uUnBiV1Z6ZEdGdGNBQXlNREl6TFRBMExUQXhWREV6T2pFNE9qSXlLekF3Ck9qQXdjNHJLZWdBQUFBQkpSVTVFcmtKZ2dnPT0iIC8+Cjwvc3ZnPgo=" /><br>
-     </div>
-    <h1>NAS 轻量媒体播放器</h1>
-    <div class="subtitle"><a href="/static/zhinan.html" target="_blank">设置使用指南</a></div>
-    
-    <div class="media-container">
-        <div id="loading" class="loading" style="display: none;">
-            <div class="loading-spinner"></div>
-            <div id="loading-text">加载中...</div>
-        </div>
-        <div class="media-content">
-            <video id="videoPlayer" controls autoplay preload="metadata">
-                您的浏览器不支持 HTML5 视频播放，请升级浏览器
-            </video>
-            <audio id="audioPlayer" controls></audio>
-            <img id="imageViewer" alt="图片预览" />
-        </div>
-    </div>
+<div class="logo-container">
+  <!-- Logo SVG 内嵌 base64（保持原版不变） -->
+  <img class="logo" src="data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+CjwhRE9DVFlQRSBzdmcgUFVCTElDICItLy9XM0MvL0RURCBTVkcgMS4xLy9FTiIgImh0dHA6Ly93d3cudzMub3JnL0dyYXBoaWNzL1NWRy8xLjEvRFREL3N2ZzExLmR0ZCI+CjxzdmcgdmVyc2lvbj0iMS4xIiBpZD0iTGF5ZXJfMSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgeD0iMHB4IiB5PSIwcHgiIHdpZHRoPSIxNDJweCIgaGVpZ2h0PSIxMTNweCIgdmlld0JveD0iMCAwIDE0MiAxMTMiIGVuYWJsZS1iYWNrZ3JvdW5kPSJuZXcgMCAwIDE0MiAxMTMiIHhtbDpzcGFjZT0icHJlc2VydmUiPiAgPGltYWdlIGlkPSJpbWFnZTAiIHdpZHRoPSIxNDIiIGhlaWdodD0iMTEzIiB4PSIwIiB5PSIwIgogICAgaHJlZj0iZGF0YTppbWFnZS9wbmc7YmFzZTY0LGlWQk9SdzBLR2dvQUFBQU5TVWhFVWdBQUFJNEFBQUJ4Q0FNQUFBQTA1MnYyQUFBQUJHZEJUVUVBQUxHUEMveGhCUUFBQUNCalNGSk4KQUFCNkpRQUFnSU1BQVBuL0FBQ0E2UUFBZFRBQUFPcGdBQUE2bUFBQUYyK1NYOFZHQUFBQy9WQk1WRVgvLy8vLy8vLy8vLzM3NHZYKwovZnYvL1BuOC92MzYvZnY5L3ZuNi8vejUvLzM3Ly8vOC9mLysvdi84L1B6OS9QcjgvUDc5Ly83OS8vdi8vL3YvL2Y3Ky9QMzQvZi80Ci8vL3E4L2ZNMHRla3NMeHdoWnBOYUg4L1VHSXhSRjAwU21kQlduRlpjb21LbksyN3h0RGY1T2piM3VFYk9sY0JJMFFDSUQwQkpVa0UKSjAwQkhrSUtMazhrUldWZmVJL3Q5LzBGS0VJQktWRUZMRk1ITDFJS01GUUlMbElITFZJSkxWQUlMMDhGTFV3Z1BWL1MydUhxN081NgpqWjRkTmswR0tWUUpLbEVLTFZNSU1WSUlMVTBHTDBzSEkwNUVZMzJDbEtVVE5GQUpMMVRDemRVR0xGRUZMbEVNTGxNSEtrL2Y3UFExClVXOEpLMU1JTGxNTEpVVWRORklLTEZBUExFb01MMVVITFZRQ0xWRzR3Y2tMTGxNSkxsWUtNRlZvZjVNRkwxTUVMRS85Ky96Ly8vaXQKdThZRExsankvUDRHTWxuNCt2eng5Zk1tUFZRM1YzUU9NRlVMTVZZS01GY0pNVlVLTDFvTk1GWUhNbFVDTDFVSUwxa0xNVmdRTGxvTQpMRmdLTWxVTE0xWUdNbFFOTVZVWU8xME1NVnNOTDFnSUoxVVVOMW82VzNpWXA3VG42ZXZ5OHZIMTlQVDI5dmJ4OGU4TU1sY3BUR3hTCmJZYjcrL3o1K2ZvSUtsWU9NVmY3Ky9rY1FXUU9NbFlKTTFrdFQyeno4dk1JTTFiMzkvZjE5Zk1MTWxrTE0xVDQ5L1VOTkZ2ejlQVVAKTlZvT05GZ1JPVjRsU1dzMFVHWUpORmNGTTFFUE4xdEJYbm43L2Z3eFVtNFZQV1B1N3U4NFVtMzQrUGtNTkZjTk0xajYrdmNKTTFzTwpNVmtMTUZvUE1sZ01NMW9NTkZnUE1scjE5dmtMTWxzS05WZ05OVmdlUldrTk5sWVFNVjBPTVZFUk0xME5OVmtOTkZVS05Gb3ZVM0VRCk0xVUxObGtJTWx3S05sMEpOVno4L1BjTE5Wc0lObGdRTjE0UU9GZ05NbHdNTVYwSk5Wb09OVndJTkZrZFJWNE5NMTRPT0Y0SU5sb0gKTlZrTE5WMFBPbDBMTlY4S05sc0pOMkFMTjE0TU5sdzFWV3dKTmwwTk4xOE9OVjROTjEwTk9Gc01ObUVPTldFTU9GMExPRjhNTjFvTApPbUVRTzJJTk9WNE9PR0FQT1Z3Tk9HSU5PV0FPT21FUE9WOE9PbDhSTjJFR09GczFWV29PT1dNTk9tRUtQVndOTzE4Tk8yVU1QR01HCk1HQURNMXNITjFzSE4xMTlpWkgzQUFBQUFYUlNUbE1BUU9iWVpnQUFBQUZpUzBkRUFJZ0ZIVWdBQUFBSmNFaFpjd0FBQ3hNQUFBc1QKQVFDYW5CZ0FBQUFIZEVsTlJRZm5CQUVORWhZT1VSYnVBQUFaSVVsRVFWUm8zdTJiRFZ4VDU3M0g5eHlPaUNZbjc2YzFnYnVaRUliUgpFdHVDVVF1c2dyMVFhSzJWYm8yTGhBNVphK2NDaGpWYlRrR3VCS0hoWlpoR3dmaEd2QlNzemtSYWM2cVJPVEhPSzJQTVdxL1pCUjNzClFuQ3dpcFFFZHJlNzNiZlAvWjlBQW1wN0s3Mno5M00vSDM5NGtwenpQT2M1MytmLzhqelB5WWxmK2NwRFBkUkRQZFFjaE1MQ1lJdjQKdjBTSndPZEZ6bzlhc0dEQndvVXNOcHZGSmpqei84K1FJakNjaTdONHhFSitKSUhqQ0xIWmJCNHVZUE9Ga1FUMjVjTVFySVVzbGtqSQpRaGcyNHlzUVFSS0VnSVcrWEpoSDVqL0tZckhnNm92RWt1aVl2L2txNkd1THBiSllPUnpEQ0lUNGdpL1JRamppTXlnb1RyYjQ2L0ZMCjRoV0twVUVwbGkxN0xFRVp1eHdKRnJCdzlHVlppUEVJd2dUTEpYL3plTHppaVNjVGsxYW9WQ3JZVmo2MmF2WHExZkhMbmxJbUkwVGkKYk1HWEVkUVJpTTFFUzBycU41YkVQL0gwbXJTVjZXdlhyZ0tscjFyMURQT2lXdk8zOGZFWnNZZ1FRR3cvY0k4SkJmd0ZMT0hDekdmagpGYXZYcmwyNWF2WEt0YXFzRlN1QUkxMjFJdkd4bGF2V1B2YllxbFdLSlRGZ0llSlIzZ04ybUVqQTRpT1VuUkQvNUtyVno4RGY2dFZyClY2OWVOU1hBV0FXR1VxMEMzejJuV0pMS2h1UW5XUStTQnBGTVBrY3ZVenozSFBobXBZcTUvS3JuMDRNMDZTdGdiMFhpcWxXSnExVHIKbmxPOXNPeXJ5U3pFSm9nSFNFT0lXR2o5aTh0ZTJQRGNTbFdPS2lkSEJhOWdpaytYNGlVSndpSUo5b01LYUlFSUVaajRtNG9YdnJVbQpiVU9pNmxOQlZMTU9MMTBXRFZsSXNoOE1EWVlXQ0xEc2w1OTRXcjB5YmMyR2pUa2hxV1krQlVsVVUweXFEZDlXTFpQQ2tJZ3RmQkEwCkJBOG1KczNMaW1mUzB0STJyVm1UdUhJMnlEVFZ0RzJtanEvSVVnRVBRdk9KQjJDZmlFaFNoTEpmWHJyMm1jZlVhYmtiMWp6UFhEMUwKRzFhV2FwYU5HT1ZrSmFvMnFwYmtJWUlnLy9yNWpnbEYyUHB2TG4xbDdjcE5hVG1KYXphb2N1LzBsT29PbnpFdkt6WWtKdVorWjBrbQpZZ254L3oxUEJLUHdIb0xoaHZXMXBXbWIxcTFMVXozM2ltcERibTRPazFiQjRKMks0THVzbzBwTHkxMEJQRXMxS0pJbCtGK2g0REM2CmtJeUk2WGtuSWgrT0tCVzVTZXZVZ0pPbXlrcExUTXo1SE9VQ1VPTHphWXB2cm9jNVZmVEZ6WUlJZGlRZkZ5d1FDUEFvRVR1NG1CSnQKM293SzRyK2JDN1paRjdyY05FL3U5SjRLRHFSdHpFbFQzWTIxTEFQaE9QZUxqajR3K1FraWtRZ1NGRFlCVEpjRUJrc3NISC8xRzRyWAowdFlCejZ3cnJWQ3RTR1BFaEZCV3prYlZwaFVyWmhkUCtXMmpRb0kyNC9nWE13M0JaaEhNRW1MTG9oUzUvSFZZN09FQ3lBeGNnRVV2ClNVcGtMcTBPeGNZR0NKbkUwRTdPY3pCUXE1NS9aZU5HMVN3eFNKQmdUeTJQMmt4OEVSN3dzb0FmK1VoeTZ1THZ2YlFzUHY2WnJiSkYKQkxQOHhKRDg4YlhwU2V1K3IxNjNUaHRLYjUwMnQ3QW9LMG1kQkFleXRQQmhrNjVRblRVcithZWt6b3BQUlZGUlh5QzUwQUl3QjRwZAovUGdTeGRMVjIxNUpXdnVkK01laTF4Tkl5RWN4ajZlbnF4a2NkWGlrMFdvMzZkVnFOWU9pWTNhM0ZXcHpBZXB1bkt6aUh6eTdIdCtNCjVzeURXQXNGYUxsMHllcFhpbC9aK01ZMlEzRngrZzkvOUxjdjU4bGhUUkcvRm5DK3IvNytqSFVLczVLU3RJV0Z1UUREZk5KdEt0UW0KcVF1THRQZmdaQlUvbm9sRmllYUtneDVsYlJZbUp5eFphNlRTaTdUcjNnUzdGK24xUDFxamVGWXBYL3gwWVE1WUI0d1J4bEZyazdLSwpzdUJObTFYQ3VLdW9KTW1nM1hRUGpiWXdTZjFDNlNNWVNjd3R1U0pFanl6QWtyLzVVczZiUlVaakRsaW1zRGc5Zlh0Wm1mcEhmNmQ0CitYSDFHN2xGV1pCWTMxODNxOS9hSFUrVlMxTk5CY255aXAyVlZXL0pTb3FUTnFYZmFSbEc2OUxpQy9ETmN4eWFGL0JaMlBydktkYVoKYzZZalk4b0dhdlhHRFQvYW9NdlpDSE80T20wVC9PWG1ibUl1a2xSZGsxcVFYTVhtMVBLRVNFamdxQzV6UlhwUjdxWmNHTENobU5rMgpKYXBXd041ajZxVXhLR3B1T0lnRmR5T0w0MytzMWpHQkNmK01JQ1lTOU9ha2VyMVdaOURwa2d3R28wNnJLOUVaU3hJeU1ndmlxdW9RCm5wK2ZUKzdpMUhJNUpGZGowUnZVYnh0MWpMUTZuVUd2TnhyMWFpczBwRXQ4ZGpsR3pPbk9BbTRxTVpraVo1dEJyV1p3WnNsb3RScVQKU3ZUR0lrcW4xcXNOUmJyZFNrbnlIZzZaVDdCNElvZ0pMcGVkdnl1U0U1dGdMdFRweW5SR0NvajA5VkRSYURUb2trcEt0SWF5TEVVQgpjenMwSitQdzF6KzdwcUdCUVlGL1JtT0l4bENtWjdwcmdGWkxkSWFTM1htU3VDMjFHRTZTY0dmZXVETXVXNU9DMS9Md3ZhYnFvaEo5CmlhNGhxVWdYYk1HUXBOTlJhcjFOVzZRcjFLY3ZqVVlrTmdjYzdGRVdTbzEvczdnb2Zjb3llbjNZT21hR1NiZlBxTmNWbDBwTjhrcEUKQ2poSXRMOHVXU05UYmswNGtCQUhjOUxCekVOYWZWR1QvYW5ER1RYU3ZPalUxTlJvWlhtcDFxeDlRMi9VcWt1S1h2aDdXUGZjL3pJKwpJb3FGRm4zdk84M3ZGQnUxT3ZXMHBvSzVSRnVvVTVjeDI0dXA0aTIxUXJoZHdmR0syTlNZQkRobTBKYWFHZ2tlR1Z2NllreWVTUktiCkxPZlZjbW81ak1nVXplS2k5Q1NvcE45a1ZIM2pWWXdrNzk4NDJFSk1FLzltZWtOUkF5UGpMQlVYRzVPTURjMHRyYWFLL2NRUkxpZHkKdjF3Uy9lN1JmWWIwNXVLRzRxMlNLcHczajNjc0x1WDFLaExpZzgrZHorVUdjZWFqWGFaOWtBMUd5SXFpTjErRys4QjU5eDNMQ09lagp2T2UzNmQ2RVVEUXkzdGRxaTZaeENvMWFZM0ZUamVRWVFaSWlnbE9seWR1cU5ocTFoV3BEb2M0U0hZZEkzcTc1SkpkRGtQa3NYRVJnCkJHZGEzQ040WnBGQlcxU1VwQzFXRjc4VWkvRDduN2RRSklGKzhtMmJycmd3S1RTRUpVRWFKWldBeDNUcUhURUZiM0ZGbkVqV3dlVE0KMWgwNm1BdDBTZHFrYXFsRWZKd1VrU1NQRFdzUlBqbC9aK1dlUFpVN09WZ2tleDZQaE5Fb3BWV2RwSWZCMjFCVy9PWXlDU0xuM1M4Twp3Z20wcURUWDBXdzAyTXdoT1kyVXVWNXZzN1hVU1Biazg0OFFlS1ZHZWRpMno2eXptZDgySnlnbDhrcFlEQkVuVGxTOUx0YVlaQkM3CkdhMmdqRHlUSEdkemEvTnhqbVNIMldtbzF6dk1CcW8rWHNaSDg0VDNGOGNJbGpTRS9LVzI5QWF6N3IxUVF1bmZQMWxpdHBtcFZra0sKbXlCeDdIV05zclNzeEZ3R01KWWFVeHpKZ1h1V0NuRkJabDdNdXp0Y0JrTjl2Wmt5R0pnUlJ4OWRkWVROM1lWWHRKWVlqRTRqYmRZWApHVDlRWkNJMjk3NiswUkJ4U1JMdTc3T1hOQlNaS2JNK0ZNSTJzODVjYjZpV1ZUeUNjL25jS28yMHRLemVScFhZZG16TmpEMkY3VG9ZClY1QXAzVzFwZWsrdmM5a01VTmRHd1dhZzlFWkQ5SDVpUGtkVUdYMzZiV3U5emd4Rnh2ZCtxSWpHWUdYMytRTXpnbnRkY1AzQzJNWGYKb3VyTnpRME5WRWhXcys2UVVrd0tvempFM214bHFlMmtycUc1MmFLTVBjYmx5VFdwTWRVNksxRG96QlFGaDQwNnM5N3MxTkxOelZUegpickVRNStDOGdsS3FtZElERGxRcSs0QVpCMFVFZ1F2L1o2SW9FZ2tSdHNYMDFhVXZGRkVVclhNM2gyaE9tOTN2U2lyNU9JK1lMOCswCk5PanE5V2J6VnBsNDc1NDRrL0t3M1FaekFkUUZGK21ncnRscE05VHJ5dDR1b1pxYkV6UjFZTzBqMmRXVTFXMXNleHZHWnIzT2NGS1IKQjZzNG5JakVJMG5zczMwR0syR0UyS2FuRkQ5K281NHlObE1uZFdIak9NL2t4V0ZrdmdnL1pub1hJa0JyZHJhYVVvNW5aN2EybTVtQgoydEZzTmxNMnczc0dJMlYxR1psektZUFphRHRacnVHSWVFZHc4VllyRFpheVVycDZvMWxYVnIrbU5YazV3Z1FZTG9TN1V0R25XeWlDClFMZ0lFMjlWUEZsRzA3YjNxWDNRT1ZzSUowR3luNnpsNHZNMU5VWmJVWE94bzFVU2w1eVo4ZE5tYXdNVFlNMUdRRERDR3pQQk01K00KelRxOXNjR1NHbGZINXBGQTR6WmFLYU81bUlLWlhhY3ZLenU3OW1kUExVNk5sY1BpVndpWjgya0dpb2hDRU1LeWwxY1htYzl0TjRSQwpXR2ZZQjhPeW9WVnpndUNRSlBnSkRHV3pialZwVERFV3lrM1JOSVFFaEFyRUROWHNicWFwS1h2U2xNMWhUTWpMM292eU9VU2xwTnBnCnBaeVUyK2hvcG9LRHhudnZ2ZGZ3eXZNS3hZNk1naE93MUJDeCtQY2FhTDl3RnlMeUZCMzE5U2QxdG5ETU5MdVo2SlRLRWNGRGV6V3QKSngzbm5aNkV6SUxVQ3orbmFkclI0WEk2bTV4T204ZERPNXhOOUFHNncrbDBuT21nNkl1V0dKbTRVU1NxSmNqR1RJdmpiYnFEdXVodQpjbG5QME5BZHA5bnMrb2RMMXM2MjE1NVVQQ1Y3RmNmSXlIdFdZNzhRd3AydVZQSCt0cktUKzVxZFRucGFQM1YyMFllaUt6Q2NWN3RUClp2SDhzcU9ManBIbFdad2RiamROaDJ0MU9McVlOK3JNZVFhc2ZXdWVTWHo4QkJaNWhFU25ORFVkWjJ4dXA2T0pwcytmb2MyaE0raDkKNTgwMDVhQUtGUW14TUg2eTJYZnlDS013SEVuamJSOThVRzkydTh5TzhHbG56TjJweDBndUcwK1dYblE1SGE2bWpCaExWd2UwMzlIQgoySUx1b0drM3ZEZ2NZQk9uM2RLcXpKUWtIenVCQ0Z5QWlCT25Zdk1zNTVzb3Q4dlJTZE9laXpUZEhHclc3WURPbktGb3MvdEpSZDZqCk1BcmRzUnlMRUFKTmRQeXZ6R2ZPT0E4MXU1enVFSS9UZGNpMG4rQ3hhOFd0blpTRFBubHhSNmtaQ0tDdkRnb0F3QzVuS0FhbWFjZnUKREtWSmsxeEhjcmg4eE9ZVHFDNUZMS3NwcFR1c2RKT2JEcHJiNFFEeVVMdE9jeE9ZeW5iNi9aTnZMSDEzUFNJWHpyWVBQZzliVUJDLwo2V1JUay9NUW5CUDJBcHdYdlJQdElrNW9xajEwUjhlQjgyNmFnZ2lCVmgwUUpSMzBBZGc2ZnBXUUVXMFNWeHg3NndUbmVHUGp3V01wCjh1d0NXWFROdXhZbjdmWTQzZTVtYVBBODFlRjB6R3JZNlFMWDB1K2YzbTZtWERiRjErVm9vWWdYam1mK1BDRmE5R3lhK1FQekI3WVAKVHRJWHFURE54YndVR0QvM210cWRUSnYwQVdnVFFKem5MMW85SGtpc0pxckQxVkdhQVV1K1BKQXlUeW1OeVNpL1lIRTZ6b01Ob1o0YgpJQnhONXgyZTVpNkh3OVAwODQ2WmZqb2NEcDNUdHAyeVhmNlFYdnIxOWFoMnhqdzRqb2xxNHMyMkR6dHRWOXBPMjl4bndpZEo1VGpKCjNtdXl1QzQ2YkIyT2k0NnBobWlYR1JJSzNwMGRkQlBUWS9CdXNPZ01RRGN4SHp3ZlVXNDNYRHg0MUZOYWZ1RnRwM3RIZEl4bmhvWjIKdlgvWlpuT2RkdGxzbC9YeFgzc1ZzUVRUNjFVWXNMSHMrSDM2RDh2YVBKN09OcXVWb2wxbllLUndkTFhHd2JTdzMyU1p2a3FIbTU2cgpncGk3S3pRMDNXV3BNTTJLSFZkSU5wQWhYb213QmRPM3BsRTRpeFdqTUo4OTU3cnE4WGl1UUxMUzU4MFhmK2s4MlM0bWVGeVIrRER0CjlIUkF0cGtaaTh4TlRKaWZkRlh2ekc1OTBXMlhLTStFanRQMEhUZzJTbEVnaEhVV1E0TUpmeUZNZnJ6bzhybHpsOTJlb0t4V3NMN0wKNGNqY1QzSTRjVEZPWnJCejBCNEloN25pT0duSHZwKzZxMU9PNzBuZVhYMU04dlB3Y2RjTUR2T3kvWjEvZkZVbzRFLzVTb2hTSDI4NAplKzdhNWVZUVRwdlQ3UEpzaFdWVlpHT2VpL0k0emJRUm9DamJYSDFsbzh3ZE5tZDFTcHlNbTFmTmtyakN4N2R2M3c1RzJjN1loc0c1CjNCd3Z3MWhCSEJ3VFB2clZiK25PbnJ2c3VXcWQ0dkYwYm0ranZKSTZIcm1yb0JTQ3FSUE9OYmhzbnRPMnVjclQxa2Jid0M2ZVhkR0gKU2NuTThkTlRUVm10UVJ5Ynk1Yit2ZVdJK1E0VFk3R1ErT1VzOE5VNXQyM2FPQjUzVzV1dC9CZzZRbFNVZDNaMmV0cXVYcjNpdWZycgpmM0pmbmFQYzFwNnJ6Yit1ZnF2Z0tDZjZNSko0UXNldFlYbUNPTzREZEx3RVo2eURXR3hrVWpTY3ZYYnU3RlZYRUliUlZXdWJDWEU1CnRiS09Uay92MW93TFZLZlYxZGxwdlRKSGVUcXBydXVYZDFjVVhOZ1pYWDJ3d0hOUCtaVXBuRE9VKzRsV3hIempqQkVZcWxGc1Azdm8Kck92WFV6Q01oZHFja0ZaSDhMaHkrc3B1eWJHRDhzelNHMTA5WGU2dU9hcmpOeDN1UHNmUjFndnQ1WWZ0NWUvMnpKVDBNSjk3dW01NApHRy9abkIrK1YveXo5Y3hBT0k4UVlydC92UDNzdVhPdWFmTXg5YTUwU2h2WlBFeENXUzBGZFREWkg4eTg2S0Y3NWtyenViclI1Wm1LCnBlM1g5c1VYb09BQ0dUdVZzTzN5NWJPWE84RTRiVEFTUXJVREY3dGtKL0xKUFZKM3AvSTQzRXYrQXNtcmI5eUFzeDhRVHR2N3A2a1gKb29NNE9KS1hYcnQyK2RxMW5rczlqSUpHN3ZERVl2a0VNTGd6ajhNOHdlRld4bmg2UEEvQ09oNG1PRHF0bmdOclloZ2NuRXZJU3orOAozTm5UZVdrR3A2dnJrcGhnMXhhMFhMb1JYY2ZpY0hqc3ZhMWRydjdPdnpyUHREb3ZYcmxjK0Z0V2NGQkdjVHMrWkZpbWFJSTROenA3CjVJaEhtQzUxWGlxUHczZnh5Rjlvamw3NTZKOGZGRTBYR09sYTd1RlREQTQ0YThlMnprdWRuVDFoSEkrbjMxTkI1Sk1taUtKT0pkeG0KczhWYmFVZzN6d1BVYWF0bFVkQTZ3a1ZQQlhHbXhaUjFlVnh4REk3SGJmVmN5WkJKVWc4UERBNzRXZ1o4ZjJYMWh6OE5EVnhKV0E0NApYS0dRbGJBTlBIVzlaOHBkVE9IQWpZL0VSQzFQMHRmVjM5Ly9VVi9IcFVPRGNHNy9GNzdzNStpai92NmhtNjlWTTg0U0loRVdrL3U3CnJyNmIxL29ZWFI5aUtnejdKTHhJUE83d1FIZi9VUC9BVU9pOFlkL3dvUmJmeUtDdmY5QTNNdFF5TXR3LzRQTU9qb3lFK3pneUFEMGUKZ3VLK0VWOExWTzlyNlI4K05QUjdlQjN5OWNGSlF6ZjdSL29INzdFeWcvUG1CV2FCZ1hBY1pTN3R1WDY5NzZQcllaeit2cEc4VTF4aQpUd1pjdFgvazBJeFpEZzEvZkxSOVJwYjJ3YUgrb1pZdzdrRExZUCtnWmFaNHlEZHkvZERJYjBadXRjOCs2VjZmLzM1dzZIYy9DQ1k2CnNUa0t4VDU5dmErbnEyOGFwei9vb0dvNXlUNGhPOUR2NnpuVWRhTS9ySjREVW5sY1dQSmtVL1hIZmYwWFE2WERCL29zcWVKd2NYSm0KZTBkL1g0K3ZSaE0zNnh6VFlQL2RPakFFT0ttTWRTSUV1R2lSNVIrdTl3MzBYSWVacElleFRuOGZFTXVJV2hSM29XVm9zTVhYTjh1cwpvOUpHVEVpSWdqK21RbnpFS2pnNjBCSXU3eCt3eXhwRkJDSUpJVW5BM2RZV2lYMWthRENqQWhFRWd2dHg1c2MrQ0drK3VqZWtmejk4CjdZblk0T0k5S2txSWxFOWU3K3ZzNjV2QzhRYmwyeW9tK0hVeStHUWZ1dTBOYTJ4WWVvcmdzRlBFakNvaTU3UDMxM1IzajRWTFB5bVgKWS9uc0xYVmJqaCt2MjdJcmtrakpHQnYzeWtSYzlxNDRjVWdtN3lmZXUzVjcyRlc2S0lpRDRSaUtmV0d3YTZSbmdORk5hTnZYUFRRNgo3azA5UVlwU2FqNFo2Ujd0RHA4Mk91aVZWdkh5a2JqYVlyRzBhMUErZVR6UFB6UWVLbTdwcmFuaWsvTk5oNE1TNTBkdVVYcEh4eVFrCnB6WmZabUYwbEhueER0MU5NemppVGF3SkxyKytFZ0d4ekhyeHcrdVh1c0k0QUJRWTl4NHVxT1VnemU2eDRZbndhUU5qM2pGcEZjRkIKNHFPVG85MEJqWWdrNjZJSEJtZWF2MTJ6bjUzUGt3VjhmdDl3UzNZK1hxZjBEdmtsT0llRFo5cDlvMTd2OEtoMzVQYjRQY1laLzhpbgpLSWljZXFMTjVGYkIwc0dSbXplSFF6Z2o0OTNlY1crNW5FK2VrQno5MVVqNE5GL0wrSWgwUDhuRHhPMUQ0Mk8zTklnbnFJdjJlUWZDCnpYcHJxdGpjSTdMeDBRSDdXQ0NiUng1WCtzWUdKRVQrZks1RXFsUktZWXRwSDV1OGZRL1BTTVB1VjdFcG5BaWNSSStVYjV3TVRQWU4KamtCWCt6OFpZTWJMZ2I1ZjFWUVFaSjNFTW5MSU4rQWJHaDRZaEpqdUg1WldrUnhDYklFQUJCd09lVHg2OXVEcXF6bUZ3eHB5YU1RMwpOT2pMNXVEN2xRTWp2dFI4TnNuWlg5VUkybis4TWJaOHVqNlRVc3hRNWhzWStPU213b1JDRHdZd0hDZVNTL29taC90dTNyeDVmYlRYCjJ4dndCOFlteGdOMlpRV2ZPQzZwOWs5MEJ5WUNBZi9vMkpnOUFNNDZnc1R0Z1VEZ0tPQnc2cUlEM2tCSTNZR2FLczZSZkZtdjN6OGEKQ0dSejJNZVY5ckd4d3hvZWp3Tjk0SkJzU0dPOGdHbHJTbjZ2Mys4ZDgvci84TTYvc0pCb0dpY0M4aEtUTFowYzhONzJEZC8wZC9zbgpBcmY5dmIwVGYveWp2VVpUeTZyVFpBVHN3REx1dHpOSTByMGNjZ1lIWWljd2kyZThaaTg1SDNDWWhQUm5zOGxHcGQxL2E3ZzlUellsCjB4NDJtNml3aDZ2ZkR0akhvSy9lajFkbmczRkMzM3d6MGNQS2VHNXljdEp1bjV3TWpBWjYvYmZ0UTcwVGdVLzgxYVlLRE1uempvN2IKZS8zMjIvN0E3UW13RG1SV3UzY0toMkJ3WnZSeFRWVVVPR3ZVM3RzOWRpdjdDSEZjNmU4ZG54ejFBN0lQdHZLZExDNnF1RFVhcWo3aApIK3NkdGR0dnJzNkVxVW9ZL2c0RGgyRnQrWVVudTBFQjcrakU1RmpnOXFUZDI5c0wxdmRLWXh2Um5vSVl2OWMrTWRFTEFTbzlSWEx2CnRNNk1jWHA3YXhvak9idGtmd3A0L1JPKzdGMmMvZEpiZ1c2N2Y1d3BoR3JsYnhHNytCWCtLV2N4Rmd4TVROZ0R3OS9OUU1Uc2gvMFIKOC9nSXJhOSs1MS85L2orUGVzR0dvNHhYb1htby9FbTdVbEp4NnFCRTJUN2gvZE9vZlV6YXlPSGVHVHV6Wk0rb2pPVE15d3c2MXg3TAppOXhTSUd2dnJUYUZKRG5JNWlDNTNUNU40NTMwK3IyQlQxNzU3YXN3anMvK0pRUWk4bkhXK3QzUGZQeVhXd0Z2Q3pUV3kvVEc3NThZCjl3ZnNmL0puUkd2a3g4U1pOWmFqdHlha2UySElEK0dRNkE0Yyt4L2Jzd2tvbmJwNEJYNkV4Q29PMnkvc1FjVDA3Nm9GK1lnckNmUk8KMHpDeTkzLzNKOHNSaWQvNXN4NE1waGpoOHBxbHYvbmorTC81Sjd1OUFOUGIyOXM5YVlkZVFpalpqN1puNUtXbXB0YTBqeXZmcWp6WQpPSVVUMjFoWnVUTjFGbzQvME51YXZiT3lzdkxnd2IwSEQxYSsvdnFwZzNIVmdRc3BWWldNOWtEdFUzc0t5cWREQjFoNmgzcEhucWhaClRvZzI0M2Q5bVNzVWlTSVJNdjM4dFgvN3k2MWV1L2MyMDRYZXdCZVdkMVpFM1Nzd2VlKzRIYTVqZisxbk1oYWFKOER2K1dvWkUrV3oKa1doOXpkcTB3TVNmQW9QZDNiZjl2dHYzcWZHNzlIbjFBNzd1MFluQXJjbC9mM3B4TW9ad1lkU25QTjJLUUxnb0VzZVNwVDk3b3JOLwpkUFRQbzhPM2VxYzFrem1mdmo5bmVXL2RIdTByZnI2OFlDRmlDd1NmOFdBVTR6TWhoSkpsaTcvK3hIZi80NTkrZWVNL0dmM2hEMy80Cno4L1JmMDNyczhxbldwaHA1NWV2L2VBSDd4ek95MFlJWTdISXozeUlEUXNrSHZQY0JzbGpaY3FZeGYveTJ3ZWtyVEhSRXZGeWhFRVcKUHZJLy9oNERFeEVremhaaEJIcVE0ak1MUTRMTjU2RFBlb0EwSytYWkdQOEluODlpOGJId2Y4T1kxbWZ0M3kzb05YTzlzTzRweDNHTQp4U09JS1B3K0hxZkQ1ZGdFd1dheitaRmZYSHo0aStSUDYrNUNsb0FVTEJSaTJQMCsyNC9Bd0YyNFFEU3R1M3NaMmcrVjMzMzg4NFF4CkQ0anVFK1doSHVxaEh1cWhIdXFoL3QvcHZ3RzBHTDBDS29ydG9BQUFBQ1YwUlZoMFpHRjBaVHBqY21WaGRHVUFNakF5TXkwd05DMHcKTVZReE16b3hPRG95TWlzd01Eb3dNRlhDVXhrQUFBQWxkRVZZZEdSaGRHVTZiVzlrYVdaNUFESXdNak10TURRdE1ERlVNVE02TVRnNgpNaklyTURBNk1EQWtuK3VsQUFBQUtIUkZXSFJrWVhSbE9uUnBiV1Z6ZEdGdGNBQXlNREl6TFRBMExUQXhWREV6T2pFNE9qSXlLekF3Ck9qQXdjNHJLZWdBQUFBQkpSVTVFcmtKZ2dnPT0iIC8+Cjwvc3ZnPgo=" /><br>
+</div>
 
-    <div class="control-panel">
-        <div class="select-group">
-            <label for="dirSelect">选择目录：</label>
-            <select id="dirSelect"></select>
-        </div>
-        <div class="select-group">
-            <label for="mediaSelect">选择媒体：</label>
-            <select id="mediaSelect"></select>
-        </div>
-        <div class="btn-group">
-            <button id="prevBtn" class="btn-primary" disabled>上一个</button>
-            <button id="nextBtn" class="btn-primary" disabled>下一个</button>
-        </div>
-        <div class="dir-navigation">
-            当前目录：<span id="currentDirPath">/</span>
-            <span id="protectedIndicator" class="protected-badge" style="display: none;">已加密</span>
-        </div>
-        <div class="media-info">
-            当前播放：<span id="currentMediaName">无</span> 
-            <span id="mediaTypeBadge" class="media-type-badge" style="display: none;"></span> | 
-            共 <span id="totalMediaCount">0</span> 个媒体文件
-        </div>
-    </div>
+<h1>NAS 轻量媒体播放器</h1>
+<div class="subtitle"><a href="/static/zhinan.html" target="_blank">设置使用指南</a></div>
 
-    <!-- 文件上传区域 -->
-    <div class="upload-section">
-        <h2>媒体文件上传</h2>
-        <div class="upload-form">
-            <div class="form-row">
-                <label for="uploadTargetDir">目标目录：</label>
-                <select id="uploadTargetDir">
-                    <option value="">加载中...</option>
-                </select>
-            </div>
-            <div class="form-row">
-                <label for="mediaFile">选择媒体文件：</label>
-                <input type="file" id="mediaFile" accept=".mp4,.avi,.mkv,.webm,.mov,.flv,.wmv,.mpeg,.mpg,.m4v,.jpg,.jpeg,.png,.gif,.bmp,.webp,.tiff,.tif,.mp3,.wav,.ogg,.flac,.aac,.m4a,.wma,.ape,.alac" />
-            </div>
-            <div class="form-row">
-                <button id="uploadBtn" class="btn-secondary">上传文件</button>
-            </div>
-        </div>
+<div class="media-container">
+  <div id="loading" class="loading">
+    <div class="loading-spinner"></div>
+    <div id="loading-text">加载中...</div>
+  </div>
+  <div class="media-content">
+    <video id="videoPlayer" controls preload="metadata">
+      您的浏览器不支持 HTML5 视频播放，请升级浏览器
+    </video>
+    <audio id="audioPlayer" controls></audio>
+    <img id="imageViewer" alt="图片预览" />
+  </div>
+</div>
 
-        <div id="fileInfo" class="file-info"></div>
-        
-	<div class="upload-progress" id="uploadProgress">
-            <div class="progress-container">
-                <div class="progress-bar" id="progressBar"></div>
-            </div>
-            <div class="progress-stats">
-                <span id="progressPercent">0%</span>
-                <span id="progressDetails">0 MB / 0 MB</span>
-                <span id="uploadSpeed" class="speed-indicator">0 KB/s</span>
-            </div>
-        </div>
-        <div id="message" class="message"></div>
-	<!-- 创建新目录 -->
-        <div class="create-dir-form">
-            <h3>创建新目录</h3>
-            <div class="form-row">
-                <label for="createTargetDir">父目录：</label>
-                <select id="createTargetDir">
-                    <option value="">加载中...</option>
-                </select>
-            </div>
-            <div class="form-row">
-                <label for="newDirName">新目录名称：</label>
-                <input type="text" id="newDirName" placeholder="输入目录名称" />
-            </div>
-            <div class="form-row">
-                <label for="dirPassword">设置访问密码（可选）：</label>
-                <input type="password" id="dirPassword" placeholder="留空则不设置密码保护" />
-            </div>
-            <div class="form-row">
-                <button id="createDirBtn" class="btn-primary">创建目录</button>
-            </div>
-        </div>
+<div class="control-panel">
+  <div class="select-group">
+    <label for="dirSelect">选择目录：</label>
+    <select id="dirSelect"></select>
+  </div>
+  <div class="select-group">
+    <label for="mediaSelect">选择媒体：</label>
+    <select id="mediaSelect"></select>
+  </div>
+  <div class="btn-group">
+    <button id="prevBtn" class="btn-primary" disabled>上一个</button>
+    <button id="nextBtn" class="btn-primary" disabled>下一个</button>
+  </div>
+  <div class="dir-navigation">
+    当前目录：<span id="currentDirPath">/</span>
+    <span id="protectedIndicator" class="protected-badge" style="display:none;">已加密</span>
+  </div>
+  <div class="media-info">
+    当前播放：<span id="currentMediaName">无</span>
+    <span id="mediaTypeBadge" class="media-type-badge" style="display:none;"></span> |
+    共 <span id="totalMediaCount">0</span> 个媒体文件
+  </div>
+</div>
 
-        
+<!-- 文件上传区域 -->
+<div class="upload-section">
+  <h2>媒体文件上传</h2>
+  <div class="upload-form">
+    <div class="form-row">
+      <label for="uploadTargetDir">目标目录：</label>
+      <select id="uploadTargetDir"><option value="">加载中...</option></select>
     </div>
-	
-    <!-- 密码保护模态框 -->
-    <div class="modal-overlay" id="passwordModal">
-        <div class="modal">
-            <h3>🔒 目录已加密保护</h3>
-            <div id="modalMessage" class="info" style="display: block; margin-bottom: 15px;">请输入访问密码</div>
-            <div class="modal-form">
-                <div>
-                    <label for="modalPassword">密码：</label>
-                    <input type="password" id="modalPassword" placeholder="请输入访问密码" />
-                </div>
-            </div>
-            <div class="modal-footer">
-                <button id="cancelBtn" class="btn-danger">取消</button>
-                <button id="confirmBtn" class="btn-primary">确认</button>
-            </div>
-        </div>
+    <div class="form-row">
+      <label for="mediaFile">选择媒体文件：</label>
+      <input type="file" id="mediaFile"
+        accept=".mp4,.avi,.mkv,.webm,.mov,.flv,.wmv,.mpeg,.mpg,.m4v,.jpg,.jpeg,.png,.gif,.bmp,.webp,.tiff,.tif,.mp3,.wav,.ogg,.flac,.aac,.m4a,.wma,.ape,.alac" />
     </div>
+    <div class="form-row">
+      <button id="uploadBtn" class="btn-secondary">上传文件</button>
+    </div>
+  </div>
+
+  <div id="fileInfo" class="file-info"></div>
+
+  <div class="upload-progress" id="uploadProgress">
+    <div class="progress-container">
+      <div class="progress-bar" id="progressBar"></div>
+    </div>
+    <div class="progress-stats">
+      <span id="progressPercent">0%</span>
+      <span id="progressDetails">0 MB / 0 MB</span>
+      <span id="uploadSpeed" class="speed-indicator">0 KB/s</span>
+    </div>
+  </div>
+  <div id="message" class="message"></div>
+
+  <!-- 创建新目录 -->
+  <div class="create-dir-form">
+    <h3>创建新目录</h3>
+    <div class="form-row">
+      <label for="createTargetDir">父目录：</label>
+      <select id="createTargetDir"><option value="">加载中...</option></select>
+    </div>
+    <div class="form-row">
+      <label for="newDirName">新目录名称：</label>
+      <input type="text" id="newDirName" placeholder="输入目录名称" />
+    </div>
+    <div class="form-row">
+      <label for="dirPassword">设置访问密码（可选）：</label>
+      <input type="password" id="dirPassword" placeholder="留空则不设置密码保护" />
+    </div>
+    <div class="form-row">
+      <button id="createDirBtn" class="btn-primary">创建目录</button>
+    </div>
+  </div>
+</div>
+
+<!-- 密码保护模态框 -->
+<div class="modal-overlay" id="passwordModal">
+  <div class="modal">
+    <h3>🔒 目录已加密保护</h3>
+    <div id="modalMessage" class="info" style="display:block;margin-bottom:15px;">请输入访问密码</div>
+    <div class="modal-form">
+      <div>
+        <label for="modalPassword">密码：</label>
+        <input type="password" id="modalPassword" placeholder="请输入访问密码" />
+      </div>
+    </div>
+    <div class="modal-footer">
+      <button id="cancelBtn" class="btn-danger">取消</button>
+      <button id="confirmBtn" class="btn-primary">确认</button>
+    </div>
+  </div>
+</div>
+
 <!-- 支持格式说明 -->
-    <div class="supported-formats">
-        <strong>支持格式：</strong>.mp4,.avi,.mkv,.webm,.mov,.flv,.wmv,.mpeg,.mpg,.m4v,.jpg,.jpeg,.png,.gif,.bmp,.webp,.tiff,.tif,.mp3,.wav,.ogg,.flac,.aac,.m4a,.wma,.ape,.alac
-    </div>
-    <script>
-        // DOM元素
-        const videoPlayer = document.getElementById('videoPlayer');
-        const audioPlayer = document.getElementById('audioPlayer');
-        const imageViewer = document.getElementById('imageViewer');
-        const dirSelect = document.getElementById('dirSelect');
-        const mediaSelect = document.getElementById('mediaSelect');
-        const prevBtn = document.getElementById('prevBtn');
-        const nextBtn = document.getElementById('nextBtn');
-        const loading = document.getElementById('loading');
-        const loadingText = document.getElementById('loading-text');
-        const currentMediaName = document.getElementById('currentMediaName');
-        const mediaTypeBadge = document.getElementById('mediaTypeBadge');
-        const totalMediaCount = document.getElementById('totalMediaCount');
-        const currentDirPath = document.getElementById('currentDirPath');
-        const protectedIndicator = document.getElementById('protectedIndicator');
-        
-        // 上传相关元素
-        const uploadTargetDir = document.getElementById('uploadTargetDir');
-        const createTargetDir = document.getElementById('createTargetDir');
-        const mediaFile = document.getElementById('mediaFile');
-        const uploadBtn = document.getElementById('uploadBtn');
-        const createDirBtn = document.getElementById('createDirBtn');
-        const newDirName = document.getElementById('newDirName');
-        const dirPassword = document.getElementById('dirPassword');
-        const uploadProgress = document.getElementById('uploadProgress');
-        const progressBar = document.getElementById('progressBar');
-        const progressPercent = document.getElementById('progressPercent');
-        const progressDetails = document.getElementById('progressDetails');
-        const uploadSpeed = document.getElementById('uploadSpeed');
-        const message = document.getElementById('message');
-        const fileInfo = document.getElementById('fileInfo');
-        
-        // 密码模态框元素
-        const passwordModal = document.getElementById('passwordModal');
-        const modalPassword = document.getElementById('modalPassword');
-        const confirmBtn = document.getElementById('confirmBtn');
-        const cancelBtn = document.getElementById('cancelBtn');
-        const modalMessage = document.getElementById('modalMessage');
-        
-        // 全局状态（新增本地存储键，用于持久化目录状态）
-        const LAST_VISITED_DIR_KEY = 'last_visited_dir';
-        let mediaList = [];
-        let dirList = [];
-        let allDirs = [];
-        let protectedDirs = [];
-        let currentIndex = -1;
-        let currentDir = "";
-        let currentProtectedDir = null;
-        let shouldAutoPlayAfterAuth = false;
-        let pendingUploadFile = null;
-        let pendingUploadDir = "";
-        
-        // 上传进度跟踪
-        let uploadStartTime = null;
-        let uploadedBytes = 0;
-        let totalBytes = 0;
-        let speedHistory = [];
-        let lastUpdateTime = 0;
+<div class="supported-formats">
+  <strong>支持格式：</strong>
+  .mp4 .avi .mkv .webm .mov .flv .wmv .mpeg .mpg .m4v
+  .jpg .jpeg .png .gif .bmp .webp .tiff .tif
+  .mp3 .wav .ogg .flac .aac .m4a .wma .ape .alac
+</div>
 
-        // 工具函数：获取本地存储的上次访问目录
-        function getLastVisitedDir() {
-            try {
-                return localStorage.getItem(LAST_VISITED_DIR_KEY) || "";
-            } catch (e) {
-                console.warn('获取本地存储失败:', e);
-                return "";
-            }
+<script>
+// ── DOM 元素 ────────────────────────────────────────────────────────────────────
+const videoPlayer   = document.getElementById('videoPlayer');
+const audioPlayer   = document.getElementById('audioPlayer');
+const imageViewer   = document.getElementById('imageViewer');
+const dirSelect     = document.getElementById('dirSelect');
+const mediaSelect   = document.getElementById('mediaSelect');
+const prevBtn       = document.getElementById('prevBtn');
+const nextBtn       = document.getElementById('nextBtn');
+const loading       = document.getElementById('loading');
+const loadingText   = document.getElementById('loading-text');
+const currentMediaName = document.getElementById('currentMediaName');
+const mediaTypeBadge   = document.getElementById('mediaTypeBadge');
+const totalMediaCount  = document.getElementById('totalMediaCount');
+const currentDirPath   = document.getElementById('currentDirPath');
+const protectedIndicator = document.getElementById('protectedIndicator');
+
+const uploadTargetDir = document.getElementById('uploadTargetDir');
+const createTargetDir = document.getElementById('createTargetDir');
+const mediaFile     = document.getElementById('mediaFile');
+const uploadBtn     = document.getElementById('uploadBtn');
+const createDirBtn  = document.getElementById('createDirBtn');
+const newDirName    = document.getElementById('newDirName');
+const dirPassword   = document.getElementById('dirPassword');
+const uploadProgress = document.getElementById('uploadProgress');
+const progressBar   = document.getElementById('progressBar');
+const progressPercent = document.getElementById('progressPercent');
+const progressDetails = document.getElementById('progressDetails');
+const uploadSpeed   = document.getElementById('uploadSpeed');
+const message       = document.getElementById('message');
+const fileInfo      = document.getElementById('fileInfo');
+
+const passwordModal = document.getElementById('passwordModal');
+const modalPassword = document.getElementById('modalPassword');
+const confirmBtn    = document.getElementById('confirmBtn');
+const cancelBtn     = document.getElementById('cancelBtn');
+const modalMessage  = document.getElementById('modalMessage');
+
+// ── 全局状态 ────────────────────────────────────────────────────────────────────
+const LAST_VISITED_DIR_KEY = 'nas_last_visited_dir';
+let mediaList = [];
+let dirList   = [];
+let allDirs   = [];
+let currentIndex = -1;
+let currentDir   = '';
+let currentProtectedDir = null;
+let pendingUploadFile = null;
+let pendingUploadDir  = '';
+let uploadStartTime = null;
+let uploadedBytes   = 0;
+let totalBytes      = 0;
+let speedHistory    = [];
+let lastUpdateTime  = 0;
+
+// ── 工具函数 ────────────────────────────────────────────────────────────────────
+
+function getLastVisitedDir() {
+  try { return localStorage.getItem(LAST_VISITED_DIR_KEY) || ''; }
+  catch (e) { return ''; }
+}
+
+function saveLastVisitedDir(dirPath) {
+  try { localStorage.setItem(LAST_VISITED_DIR_KEY, dirPath); }
+  catch (e) { /* 忽略存储失败 */ }
+}
+
+function showLoading(text = '加载中...') {
+  loadingText.textContent = text;
+  loading.style.display = 'block';
+}
+
+function hideLoading() {
+  loading.style.display = 'none';
+}
+
+/** 显示操作结果消息（自动 3 秒后隐藏） */
+function showMessage(text, type = 'success') {
+  message.textContent = text;
+  message.className = `message ${type}`;
+  message.style.display = 'block';
+  setTimeout(() => { message.style.display = 'none'; }, 3000);
+}
+
+function formatFileSize(bytes) {
+  if (bytes === 0) return '0 Bytes';
+  const k = 1024;
+  const sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB'];
+  const i = Math.floor(Math.log(bytes) / Math.log(k));
+  return parseFloat((bytes / Math.pow(k, i)).toFixed(2)) + ' ' + sizes[i];
+}
+
+function calculateSpeed(currentBytes) {
+  const now = Date.now();
+  if (lastUpdateTime === 0) { lastUpdateTime = now; uploadedBytes = currentBytes; return 0; }
+  const elapsed = (now - lastUpdateTime) / 1000;
+  if (elapsed > 0.5) {
+    const speed = (currentBytes - uploadedBytes) / elapsed / 1024;
+    speedHistory.push(speed);
+    if (speedHistory.length > 10) speedHistory.shift();
+    uploadedBytes = currentBytes;
+    lastUpdateTime = now;
+    return speedHistory.reduce((a, b) => a + b, 0) / speedHistory.length;
+  }
+  return speedHistory.length > 0 ? speedHistory[speedHistory.length - 1] : 0;
+}
+
+// ── 目录管理 ────────────────────────────────────────────────────────────────────
+
+/**
+ * 修复：option 元素不支持内嵌 HTML，使用纯文本拼接保护标识。
+ */
+function populateDirSelect(selectedDir = '') {
+  dirSelect.innerHTML = dirList.map(dir => {
+    const lock = dir.protected ? ' 🔒' : '';
+    const isSelected = dir.path === selectedDir ? 'selected' : '';
+    return `<option value="${escAttr(dir.path)}" ${isSelected}>${escText(dir.name)}${lock}</option>`;
+  }).join('');
+}
+
+function populateUploadDirSelect() {
+  const makeOpt = dir => {
+    const lock = dir.protected ? ' 🔒' : '';
+    const isSel = dir.path === currentDir ? 'selected' : '';
+    return `<option value="${escAttr(dir.path)}" ${isSel}>${escText(dir.name)}${lock}</option>`;
+  };
+  uploadTargetDir.innerHTML = allDirs.map(makeOpt).join('');
+  createTargetDir.innerHTML = allDirs.map(makeOpt).join('');
+}
+
+/** 简易 HTML attribute 和 text 转义（防 XSS） */
+function escAttr(str) { return String(str).replace(/"/g, '&quot;'); }
+function escText(str) { return String(str).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); }
+
+async function loadAllDirectories() {
+  try {
+    const resp = await fetch('/api/all-directories');
+    if (!resp.ok) throw new Error(`HTTP ${resp.status}`);
+    const data = await resp.json();
+    allDirs = data.directories || [];
+    populateUploadDirSelect();
+  } catch (err) {
+    console.error('加载目录失败：', err);
+    showMessage('加载目录失败，请重试', 'error');
+  }
+}
+
+async function loadDirectoryTree() {
+  try {
+    const resp = await fetch('/api/directories');
+    if (!resp.ok) throw new Error(`HTTP ${resp.status}`);
+    const data = await resp.json();
+    dirList = flattenDirectories(data.directories || []);
+    populateDirSelect(currentDir);
+  } catch (err) {
+    console.error('加载目录树失败：', err);
+  }
+}
+
+function flattenDirectories(dirs, parentPath = '', result = []) {
+  result.push({ name: parentPath || '主目录', path: parentPath, protected: false });
+  dirs.forEach(dir => {
+    const fullPath = parentPath ? `${parentPath}/${dir.name}` : dir.name;
+    result.push({ name: fullPath, path: fullPath, protected: dir.protected || false });
+    if (dir.children && dir.children.length > 0) {
+      flattenDirectories(dir.children, fullPath, result);
+    }
+  });
+  return result;
+}
+
+// ── 密码模态框 ──────────────────────────────────────────────────────────────────
+
+function showPasswordModal(dirPath, autoPlay = false, isUpload = false, targetDir = '', file = null) {
+  currentProtectedDir = dirPath;
+  if (isUpload && file && targetDir) {
+    pendingUploadFile = file;
+    pendingUploadDir  = targetDir;
+  }
+  modalPassword.value = '';
+  modalMessage.textContent = '请输入访问密码';
+  modalMessage.className = 'info';
+  modalMessage.style.display = 'block';
+  passwordModal.style.display = 'flex';  // ← 覆盖 display:none，显示为 flex
+  modalPassword.focus();
+}
+
+function hidePasswordModal() {
+  passwordModal.style.display = 'none';
+  currentProtectedDir = null;
+  modalPassword.value = '';
+}
+
+async function verifyDirectoryPassword(password) {
+  try {
+    const fd = new FormData();
+    fd.append('dir_path', currentProtectedDir);
+    fd.append('password', password);
+    const resp = await fetch('/api/verify-dir-password', {
+      method: 'POST', body: fd, credentials: 'include'
+    });
+    const result = await resp.json();
+
+    if (result.success) {
+      hidePasswordModal();
+      showMessage('验证成功！正在加载目录...');
+      saveLastVisitedDir(currentDir);
+      await loadMediaInDir(currentDir, true);
+      populateDirSelect(currentDir);
+
+      if (pendingUploadFile && pendingUploadDir) {
+        const f = pendingUploadFile, d = pendingUploadDir;
+        pendingUploadFile = null; pendingUploadDir = '';
+        performUpload(d, f);
+      }
+      return true;
+    } else {
+      modalMessage.textContent = '密码错误，请重试';
+      modalMessage.className = 'error';
+      return false;
+    }
+  } catch (err) {
+    console.error('验证密码失败:', err);
+    modalMessage.textContent = '验证失败：' + err.message;
+    modalMessage.className = 'error';
+    return false;
+  }
+}
+
+// ── 媒体加载 ────────────────────────────────────────────────────────────────────
+
+async function loadMediaInDir(subdir, isAfterAuth = false) {
+  try {
+    showLoading('加载媒体列表中...');
+    currentDir = subdir;
+    saveLastVisitedDir(subdir);
+
+    const url = subdir ? `/api/media?subdir=${encodeURIComponent(subdir)}` : '/api/media';
+    const resp = await fetch(url, { credentials: 'include' });
+    if (!resp.ok) throw new Error(`HTTP ${resp.status}`);
+    const data = await resp.json();
+    mediaList = data.media || [];
+
+    // 受保护目录且尚未认证
+    if (!isAfterAuth && data.protected && mediaList.length === 0) {
+      protectedIndicator.style.display = 'inline-block';
+      if (data.top_protected_dir) {
+        hideLoading();
+        showPasswordModal(data.top_protected_dir, false);
+        return;
+      }
+    } else {
+      protectedIndicator.style.display = data.protected ? 'inline-block' : 'none';
+    }
+
+    currentDirPath.textContent = currentDir ? `/${currentDir}` : '/';
+    totalMediaCount.textContent = mediaList.length;
+
+    // 填充媒体选择框
+    mediaSelect.innerHTML = mediaList.map((media, idx) => {
+      const icon = media.type === 'image' ? '🖼️' : (media.type === 'audio' ? '🎵' : '📹');
+      const size = media.size ? ` (${formatFileSize(media.size)})` : '';
+      return `<option value="${idx}">${icon} ${escText(media.name)}${size}</option>`;
+    }).join('');
+
+    if (mediaList.length > 0) {
+      await playMedia(0);
+    } else {
+      hideAllMedia();
+      currentMediaName.textContent = '无';
+      mediaTypeBadge.style.display = 'none';
+      currentIndex = -1;
+    }
+
+    updateButtons();
+    hideLoading();
+  } catch (err) {
+    console.error('加载媒体失败：', err);
+    hideLoading();                                     // ← 修复：错误时正确隐藏 loading
+    showMessage(`加载失败: ${err.message}`, 'error');
+  }
+}
+
+function hideAllMedia() {
+  videoPlayer.pause(); audioPlayer.pause();
+  videoPlayer.src = ''; audioPlayer.src = ''; imageViewer.src = '';
+  videoPlayer.style.display = 'none';
+  audioPlayer.style.display = 'none';
+  imageViewer.style.display = 'none';
+}
+
+/**
+ * 构建媒体 URL。
+ * 注意：不再对视频/音频 URL 添加时间戳，避免影响断点续传 Range 请求。
+ * 图片添加时间戳以防止缓存旧内容。
+ */
+function buildMediaUrl(media) {
+  const base = currentDir
+    ? `/api/media/${encodeURIComponent(currentDir)}/${encodeURIComponent(media.name)}`
+    : `/api/media/${encodeURIComponent(media.name)}`;
+  return media.type === 'image' ? base + '?t=' + Date.now() : base;
+}
+
+async function playMedia(idx) {
+  if (idx < 0 || idx >= mediaList.length) return;
+  showLoading('加载媒体中...');
+  currentIndex = idx;
+  const media = mediaList[idx];
+
+  currentMediaName.textContent = media.name;
+  if (media.type === 'video') {
+    mediaTypeBadge.textContent = '视频'; mediaTypeBadge.className = 'media-type-badge type-video';
+  } else if (media.type === 'audio') {
+    mediaTypeBadge.textContent = '音频'; mediaTypeBadge.className = 'media-type-badge type-audio';
+  } else {
+    mediaTypeBadge.textContent = '图片'; mediaTypeBadge.className = 'media-type-badge type-image';
+  }
+  mediaTypeBadge.style.display = 'inline-block';
+  hideAllMedia();
+
+  const mediaUrl = buildMediaUrl(media);
+
+  try {
+    if (media.type === 'video') {
+      videoPlayer.src = mediaUrl;
+      videoPlayer.style.display = 'block';
+      videoPlayer.oncanplay = () => hideLoading();
+      videoPlayer.onerror = () => {
+        hideLoading();
+        showMessage('视频加载失败，请检查文件', 'error');
+      };
+      await videoPlayer.play().catch(err => { console.warn('自动播放失败:', err); hideLoading(); });
+
+    } else if (media.type === 'audio') {
+      audioPlayer.src = mediaUrl;
+      audioPlayer.style.display = 'block';
+      audioPlayer.oncanplay = () => hideLoading();
+      audioPlayer.onerror = () => {
+        hideLoading();
+        showMessage('音频加载失败，请检查文件', 'error');
+      };
+      await audioPlayer.play().catch(err => { console.warn('自动播放失败:', err); hideLoading(); });
+
+    } else {
+      imageViewer.style.display = 'block';
+      imageViewer.onload  = () => hideLoading();
+      imageViewer.onerror = () => {
+        hideLoading();
+        showMessage('图片加载失败，请检查文件或路径', 'error');
+      };
+      imageViewer.src = mediaUrl;
+    }
+
+    mediaSelect.value = idx;
+    updateButtons();
+  } catch (err) {
+    hideLoading();
+    showMessage(`播放失败: ${err.message}`, 'error');
+  }
+}
+
+function updateButtons() {
+  prevBtn.disabled = currentIndex <= 0;
+  nextBtn.disabled = currentIndex >= mediaList.length - 1;
+}
+
+// ── 上传功能 ────────────────────────────────────────────────────────────────────
+
+async function performUpload(targetDir, file) {
+  uploadBtn.disabled = true;
+  uploadProgress.style.display = 'block';
+  progressBar.style.width = '0%';
+  progressPercent.textContent = '0%';
+  progressDetails.textContent = '0 MB / 0 MB';
+  uploadSpeed.textContent = '0 KB/s';
+  speedHistory = []; lastUpdateTime = 0; uploadedBytes = 0; totalBytes = file.size;
+  uploadStartTime = Date.now();
+
+  return new Promise((resolve) => {
+    const fd = new FormData();
+    fd.append('target_dir', targetDir);
+    fd.append('file', file);
+
+    const xhr = new XMLHttpRequest();
+    xhr.open('POST', '/api/upload-media');
+
+    xhr.upload.onprogress = (e) => {
+      if (!e.lengthComputable) return;
+      const pct = Math.round((e.loaded / e.total) * 100);
+      progressBar.style.width = pct + '%';
+      progressPercent.textContent = pct + '%';
+      progressDetails.textContent = `${formatFileSize(e.loaded)} / ${formatFileSize(e.total)}`;
+      const spd = calculateSpeed(e.loaded);
+      uploadSpeed.textContent = spd > 1024
+        ? `${(spd / 1024).toFixed(1)} MB/s`
+        : `${Math.round(spd)} KB/s`;
+    };
+
+    xhr.onload = () => {
+      uploadProgress.style.display = 'none';
+      uploadBtn.disabled = false;
+      try {
+        const result = JSON.parse(xhr.responseText);
+        if (result.success) {
+          showMessage(result.message);
+          mediaFile.value = '';
+          fileInfo.textContent = '';
+          // 刷新媒体列表
+          loadAllDirectories();
+          if (currentDir === targetDir) loadMediaInDir(currentDir, true);
+        } else {
+          showMessage(result.message || '上传失败', 'error');
         }
+      } catch (e) {
+        showMessage('上传响应解析失败', 'error');
+      }
+      resolve();
+    };
 
-        // 工具函数：保存上次访问目录到本地存储
-        function saveLastVisitedDir(dirPath) {
-            try {
-                localStorage.setItem(LAST_VISITED_DIR_KEY, dirPath);
-            } catch (e) {
-                console.warn('保存本地存储失败:', e);
-            }
-        }
+    xhr.onerror = () => {
+      uploadProgress.style.display = 'none';
+      uploadBtn.disabled = false;
+      showMessage('网络错误，上传失败', 'error');
+      resolve();
+    };
 
-        // 显示加载状态
-        function showLoading(text = '加载中...') {
-            loadingText.textContent = text;
-            loading.style.display = 'block';
-        }
+    xhr.send(fd);
+  });
+}
 
-        // 隐藏加载状态
-        function hideLoading() {
-            loading.style.display = 'none';
-        }
+// ── 创建目录 ────────────────────────────────────────────────────────────────────
 
-        // 显示消息
-        function showMessage(text, type = 'success') {
-            message.textContent = text;
-            message.className = `message ${type}`;
-            message.style.display = 'block';
-            
-            setTimeout(() => {
-                message.style.display = 'none';
-            }, 3000);
-        }
+async function createDirectory() {
+  const targetPath = createTargetDir.value || '';
+  const dirName    = newDirName.value.trim();
+  const password   = dirPassword.value.trim();
 
-        // 格式化文件大小
-        function formatFileSize(bytes) {
-            if (bytes === 0) return '0 Bytes';
-            const k = 1024;
-            const sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB'];
-            const i = Math.floor(Math.log(bytes) / Math.log(k));
-            return parseFloat((bytes / Math.pow(k, i)).toFixed(2)) + ' ' + sizes[i];
-        }
+  if (!dirName) { showMessage('请输入目录名称', 'error'); return; }
 
-        // 计算上传速度
-        function calculateSpeed(currentBytes) {
-            const now = Date.now();
-            if (lastUpdateTime === 0) {
-                lastUpdateTime = now;
-                uploadedBytes = currentBytes;
-                return 0;
-            }
-            
-            const elapsed = (now - lastUpdateTime) / 1000; // 秒
-            if (elapsed > 0.5) { // 至少0.5秒更新一次
-                const speed = (currentBytes - uploadedBytes) / elapsed / 1024; // KB/s
-                speedHistory.push(speed);
-                
-                if (speedHistory.length > 10) {
-                    speedHistory.shift();
-                }
-                
-                const avgSpeed = speedHistory.reduce((a, b) => a + b, 0) / speedHistory.length;
-                
-                uploadedBytes = currentBytes;
-                lastUpdateTime = now;
-                
-                return avgSpeed;
-            }
-            
-            return speedHistory.length > 0 ? speedHistory[speedHistory.length - 1] : 0;
-        }
+  try {
+    const fd = new FormData();
+    fd.append('target_path', targetPath);
+    fd.append('new_dir', dirName);
+    if (password) fd.append('dir_password', password);
 
-        // 扁平化目录结构
-        function flattenDirectories(dirs, parentPath = "", result = []) {
-            result.push({ name: parentPath || "主目录", path: parentPath, protected: false });
-            dirs.forEach(dir => {
-                const fullPath = parentPath ? `${parentPath}/${dir.name}` : dir.name;
-                result.push({ 
-                    name: fullPath, 
-                    path: fullPath, 
-                    protected: dir.protected || false 
-                });
-                if (dir.children && dir.children.length > 0) {
-                    flattenDirectories(dir.children, fullPath, result);
-                }
-            });
-            return result;
-        }
+    const resp = await fetch('/api/create-directory', { method: 'POST', body: fd });
+    const result = await resp.json();
 
-        // 初始化目录选择框（新增：选中指定目录）
-        function populateDirSelect(selectedDir = "") {
-            dirSelect.innerHTML = dirList.map(dir => {
-                const protectedBadge = dir.protected ? '<span class="protected-badge">🔒</span>' : '';
-                const isSelected = dir.path === selectedDir ? 'selected' : '';
-                return `<option value="${dir.path}" ${isSelected}>${dir.name}${protectedBadge}</option>`;
-            }).join('');
-        }
+    if (result.success) {
+      showMessage(result.message);
+      newDirName.value = '';
+      dirPassword.value = '';
+      // 刷新所有目录列表
+      await Promise.all([loadAllDirectories(), loadDirectoryTree()]);
+    } else {
+      showMessage(result.message || '创建失败', 'error');
+    }
+  } catch (err) {
+    console.error('创建目录失败:', err);
+    showMessage(`创建失败: ${err.message}`, 'error');
+  }
+}
 
-        // 加载目录列表
-        async function loadAllDirectories() {
-            try {
-                const response = await fetch('/api/all-directories');
-                if (!response.ok) throw new Error('Network response was not ok');
-                
-                const data = await response.json();
-                allDirs = data.directories || [];
-                
-                // 填充上传目录选择框
-                uploadTargetDir.innerHTML = allDirs.map(dir => {
-                    const protectedBadge = dir.protected ? '<span class="protected-badge">🔒</span>' : '';
-                    const isSelected = dir.path === currentDir ? 'selected' : '';
-                    return `<option value="${dir.path}" ${isSelected}>${dir.name}${protectedBadge}</option>`;
-                }).join('');
-                
-                // 填充创建目录的父目录选择框
-                createTargetDir.innerHTML = allDirs.map(dir => {
-                    const protectedBadge = dir.protected ? '<span class="protected-badge">🔒</span>' : '';
-                    return `<option value="${dir.path}">${dir.name}${protectedBadge}</option>`;
-                }).join('');
-                
-            } catch (err) {
-                console.error('加载目录失败：', err);
-                showMessage('加载目录失败，请重试', 'error');
-            }
-        }
+// ── 事件绑定 ────────────────────────────────────────────────────────────────────
 
-        // 加载受保护目录列表
-        async function loadProtectedDirectories() {
-            try {
-                const response = await fetch('/api/protected-directories');
-                if (!response.ok) throw new Error('Network response was not ok');
-                
-                const data = await response.json();
-                protectedDirs = data.protected_dirs || [];
-                
-            } catch (err) {
-                console.error('加载受保护目录失败：', err);
-            }
-        }
+dirSelect.addEventListener('change', async () => {
+  const selected = dirSelect.value;
+  currentDir = selected;
+  await loadMediaInDir(selected);
+  // 同步上传目标目录选中状态
+  uploadTargetDir.value = selected;
+});
 
-        // 显示密码模态框（支持上传场景）
-        function showPasswordModal(dirPath, autoPlay = false, isUpload = false, targetDir = "", file = null) {
-            console.log('showPasswordModal:', { dirPath, isUpload, targetDir, file: !!file });
-            
-            currentProtectedDir = dirPath;
-            shouldAutoPlayAfterAuth = autoPlay;
-            
-            // 保存上传信息到全局变量
-            if (isUpload && file && targetDir) {
-                pendingUploadFile = file;
-                pendingUploadDir = targetDir;
-                console.log('保存上传信息:', { fileName: file.name, targetDir });
-            }
-            
-            modalPassword.value = '';
-            modalMessage.textContent = '请输入访问密码';
-            modalMessage.className = 'info';
-            modalMessage.style.display = 'block';
-            passwordModal.style.display = 'flex';
-            modalPassword.focus();
-        }
+mediaSelect.addEventListener('change', () => {
+  const idx = parseInt(mediaSelect.value, 10);
+  if (!isNaN(idx)) playMedia(idx);
+});
 
-        // 隐藏密码模态框
-        function hidePasswordModal() {
-            passwordModal.style.display = 'none';
-            currentProtectedDir = null;
-            shouldAutoPlayAfterAuth = false;
-            modalPassword.value = '';
-        }
+prevBtn.addEventListener('click', () => { if (currentIndex > 0) playMedia(currentIndex - 1); });
+nextBtn.addEventListener('click', () => { if (currentIndex < mediaList.length - 1) playMedia(currentIndex + 1); });
 
-        // 验证目录密码（核心修复：保持目录状态，不刷新页面）
-        async function verifyDirectoryPassword(password) {
-            try {
-                console.log('验证密码:', { dirPath: currentProtectedDir, currentDir });
-                
-                const formData = new FormData();
-                formData.append('dir_path', currentProtectedDir);
-                formData.append('password', password);
-                
-                const response = await fetch('/api/verify-dir-password', {
-                    method: 'POST',
-                    body: formData,
-                    credentials: 'include'
-                });
-                
-                const result = await response.json();
-                console.log('验证结果:', result);
-                
-                if (result.success) {
-                    hidePasswordModal();
-                    showMessage('验证成功！正在加载目录...');
-                    
-                    // 关键修复1：保存当前目录到本地存储，持久化状态
-                    saveLastVisitedDir(currentDir);
-                    
-                    // 关键修复2：重新加载当前目录，强制刷新媒体列表
-                    await loadMediaInDir(currentDir, true); // 第二个参数表示"验证后加载"，跳过密码检查
-                    
-                    // 关键修复3：更新目录选择框，确保选中当前目录
-                    populateDirSelect(currentDir);
-                    
-                    // 检查是否有等待上传的文件
-                    if (pendingUploadFile && pendingUploadDir) {
-                        console.log('开始上传加密目录文件:', { 
-                            fileName: pendingUploadFile.name, 
-                            targetDir: pendingUploadDir 
-                        });
-                        performUpload(pendingUploadDir, pendingUploadFile);
-                        pendingUploadFile = null;
-                        pendingUploadDir = "";
-                    }
-                    
-                    return true;
-                } else {
-                    modalMessage.textContent = '密码错误，请重试';
-                    modalMessage.className = 'error';
-                    return false;
-                }
-            } catch (err) {
-                console.error('验证密码失败:', err);
-                modalMessage.textContent = '验证失败：' + err.message;
-                modalMessage.className = 'error';
-                return false;
-            }
-        }
+// 视频播放结束后自动下一个
+videoPlayer.addEventListener('ended', () => {
+  if (currentIndex < mediaList.length - 1) playMedia(currentIndex + 1);
+});
+audioPlayer.addEventListener('ended', () => {
+  if (currentIndex < mediaList.length - 1) playMedia(currentIndex + 1);
+});
 
-        // 加载媒体文件列表（核心修复：添加验证后加载标记，持久化目录状态）
-        async function loadMediaInDir(subdir, isAfterAuth = false) {
-            try {
-                showLoading('加载媒体列表中...');
-                
-                // 关键修复1：保存当前目录到全局变量和本地存储
-                currentDir = subdir;
-                saveLastVisitedDir(subdir);
-                
-                const url = subdir ? `/api/media?subdir=${encodeURIComponent(subdir)}` : '/api/media';
-                const response = await fetch(url, {
-                    credentials: 'include'
-                });
-                
-                if (!response.ok) {
-                    throw new Error(`HTTP error! status: ${response.status}`);
-                }
-                
-                const data = await response.json();
-                mediaList = data.media || [];
-                
-                // 关键修复2：验证后加载时，跳过密码模态框（已验证通过）
-                if (!isAfterAuth && data.protected) {
-                    protectedIndicator.style.display = 'inline-block';
-                    if (data.top_protected_dir) {
-                        showPasswordModal(data.top_protected_dir, mediaList.length > 0);
-                        hideLoading();
-                        return;
-                    }
-                } else {
-                    protectedIndicator.style.display = data.protected ? 'inline-block' : 'none';
-                }
-                
-                // 更新UI
-                currentDirPath.textContent = currentDir ? `/${currentDir}` : '/';
-                totalMediaCount.textContent = mediaList.length;
+// 文件选择信息显示
+mediaFile.addEventListener('change', () => {
+  if (mediaFile.files.length > 0) {
+    const f = mediaFile.files[0];
+    fileInfo.textContent = `已选择: ${f.name} (${formatFileSize(f.size)})`;
+  } else {
+    fileInfo.textContent = '';
+  }
+});
 
-                // 填充媒体选择框
-                mediaSelect.innerHTML = mediaList.map((media, idx) => {
-                    let typeIcon = '📹';
-                    if (media.type === 'image') typeIcon = '🖼️';
-                    if (media.type === 'audio') typeIcon = '🎵';
-                    const sizeInfo = media.size ? ` (${formatFileSize(media.size)})` : '';
-                    return `<option value="${idx}">${typeIcon} ${media.name}${sizeInfo}</option>`;
-                }).join('');
+// 上传按钮
+uploadBtn.addEventListener('click', async () => {
+  const file = mediaFile.files[0];
+  if (!file) { showMessage('请选择要上传的文件', 'error'); return; }
+  const targetDir = uploadTargetDir.value || '';
 
-                // 如果有媒体，默认播放第一个
-                if (mediaList.length > 0) {
-                    await playMedia(0);
-                } else {
-                    hideAllMedia();
-                    currentMediaName.textContent = "无";
-                    mediaTypeBadge.style.display = 'none';
-                    currentIndex = -1;
-                }
+  // 检查受保护目录认证
+  try {
+    const resp = await fetch(`/api/media?subdir=${encodeURIComponent(targetDir)}`, { credentials: 'include' });
+    const data = await resp.json();
+    if (data.protected && !data.media) {
+      // 未认证，弹出密码框
+      showPasswordModal(data.top_protected_dir, false, true, targetDir, file);
+      return;
+    }
+  } catch (e) { /* 忽略检查失败，直接尝试上传 */ }
 
-                updateButtons();
-                hideLoading();
-                
-            } catch (err) {
-                console.error('加载媒体失败：', err);
-                showLoading('加载媒体失败，请重试', true);
-                showMessage(`加载失败: ${err.message}`, 'error');
-            }
-        }
+  performUpload(targetDir, file);
+});
 
-        // 隐藏所有媒体播放器
-        function hideAllMedia() {
-            videoPlayer.style.display = 'none';
-            audioPlayer.style.display = 'none';
-            imageViewer.style.display = 'none';
-            videoPlayer.pause();
-            audioPlayer.pause();
-            videoPlayer.src = "";
-            audioPlayer.src = "";
-            imageViewer.src = "";
-        }
+// 创建目录按钮
+createDirBtn.addEventListener('click', createDirectory);
 
-        // 构建媒体URL
-        function buildMediaUrl(media) {
-            let url;
-            if (currentDir) {
-                url = `/api/media/${encodeURIComponent(currentDir)}/${encodeURIComponent(media.name)}`;
-            } else {
-                url = `/api/media/${encodeURIComponent(media.name)}`;
-            }
-            // 添加时间戳防止缓存
-            return url + '?t=' + Date.now();
-        }
+// 模态框按钮
+confirmBtn.addEventListener('click', () => {
+  const pwd = modalPassword.value;
+  if (!pwd) { modalMessage.textContent = '请输入密码'; modalMessage.className = 'error'; return; }
+  verifyDirectoryPassword(pwd);
+});
 
-        // 播放媒体文件
-        async function playMedia(idx) {
-            if (idx < 0 || idx >= mediaList.length) return;
-            
-            showLoading('加载媒体中...');
-            currentIndex = idx;
-            const media = mediaList[currentIndex];
-            
-            try {
-                // 更新信息显示
-                currentMediaName.textContent = media.name;
-                
-                if (media.type === 'video') {
-                    mediaTypeBadge.textContent = '视频';
-                    mediaTypeBadge.className = 'media-type-badge type-video';
-                } else if (media.type === 'audio') {
-                    mediaTypeBadge.textContent = '音频';
-                    mediaTypeBadge.className = 'media-type-badge type-audio';
-                } else {
-                    mediaTypeBadge.textContent = '图片';
-                    mediaTypeBadge.className = 'media-type-badge type-image';
-                }
-                
-                mediaTypeBadge.style.display = 'inline-block';
+cancelBtn.addEventListener('click', () => {
+  hidePasswordModal();
+  pendingUploadFile = null; pendingUploadDir = '';
+});
 
-                // 隐藏所有媒体
-                hideAllMedia();
+modalPassword.addEventListener('keydown', (e) => {
+  if (e.key === 'Enter') confirmBtn.click();
+});
 
-                // 构建URL
-                const mediaUrl = buildMediaUrl(media);
-                
-                if (media.type === 'video') {
-                    // 视频处理
-                    videoPlayer.src = mediaUrl;
-                    videoPlayer.style.display = 'block';
-                    
-                    videoPlayer.oncanplay = function() {
-                        hideLoading();
-                    };
-                    
-                    videoPlayer.onerror = function(e) {
-                        console.error('Video error:', e);
-                        showLoading('视频加载失败', true);
-                        showMessage('视频加载失败，请检查文件', 'error');
-                        setTimeout(hideLoading, 2000);
-                    };
-                    
-                    await videoPlayer.play().catch(err => {
-                        console.warn('自动播放失败:', err);
-                        hideLoading();
-                    });
-                    
-                } else if (media.type === 'audio') {
-                    // 音频处理
-                    audioPlayer.src = mediaUrl;
-                    audioPlayer.style.display = 'block';
-                    
-                    audioPlayer.oncanplay = function() {
-                        hideLoading();
-                    };
-                    
-                    audioPlayer.onerror = function(e) {
-                        console.error('Audio error:', e);
-                        showLoading('音频加载失败', true);
-                        showMessage('音频加载失败，请检查文件', 'error');
-                        setTimeout(hideLoading, 2000);
-                    };
-                    
-                    await audioPlayer.play().catch(err => {
-                        console.warn('自动播放失败:', err);
-                        hideLoading();
-                    });
-                    
-                } else {
-                    // 图片处理
-                    imageViewer.style.display = 'block';
-                    imageViewer.onload = function() {
-                        hideLoading();
-                        console.log('图片加载成功:', mediaUrl);
-                    };
-                    
-                    imageViewer.onerror = function(e) {
-                        console.error('图片加载失败:', e, mediaUrl);
-                        showLoading('图片加载失败', true);
-                        showMessage('图片加载失败，请检查文件或路径', 'error');
-                        setTimeout(hideLoading, 2000);
-                    };
-                    
-                    imageViewer.src = '';
-                    imageViewer.src = mediaUrl;
-                }
-                
-                mediaSelect.value = idx;
-                updateButtons();
-                
-            } catch (err) {
-                console.error('播放媒体失败:', err);
-                showLoading('播放失败', true);
-                showMessage(`播放失败: ${err.message}`, 'error');
-                setTimeout(hideLoading, 2000);
-            }
-        }
+// 键盘快捷键（左/右箭头切换媒体）
+document.addEventListener('keydown', (e) => {
+  if (passwordModal.style.display === 'flex') return;
+  if (['INPUT', 'SELECT', 'TEXTAREA'].includes(e.target.tagName)) return;
+  if (e.key === 'ArrowLeft' && !prevBtn.disabled) prevBtn.click();
+  if (e.key === 'ArrowRight' && !nextBtn.disabled) nextBtn.click();
+});
 
-        // 更新按钮状态
-        function updateButtons() {
-            prevBtn.disabled = currentIndex <= 0;
-            nextBtn.disabled = currentIndex >= mediaList.length - 1;
-        }
+// ── 页面初始化 ──────────────────────────────────────────────────────────────────
+async function init() {
+  showLoading('初始化中...');
+  try {
+    await Promise.all([loadAllDirectories(), loadDirectoryTree()]);
 
-        // 创建目录
-        async function createDirectory() {
-            const targetPath = createTargetDir.value || "";
-            const dirName = newDirName.value.trim();
-            const password = dirPassword.value.trim();
-            
-            if (!dirName) {
-                showMessage('请输入目录名称', 'error');
-                return;
-            }
-            
-            try {
-                const formData = new FormData();
-                formData.append('target_path', targetPath);
-                formData.append('new_dir', dirName);
-                if (password) {
-                    formData.append('dir_password', password);
-                }
-                
-                const response = await fetch('/api/create-directory', {
-                    method: 'POST',
-                    body: formData
-                });
-                
-                const result = await response.json();
-                
-                if (result.success) {
-                    showMessage(result.message);
-                    newDirName.value = '';
-                    dirPassword.value = '';
-                    
-                    // 重新加载目录列表，并选中新创建的目录
-                    await loadAllDirectories();
-                    await loadProtectedDirectories();
-                    
-                    const dirResponse = await fetch('/api/directories');
-                    const dirData = await dirResponse.json();
-                    dirList = flattenDirectories(dirData.directories);
-                    populateDirSelect(result.path); // 选中新目录
-                    
-                    // 加载新目录的媒体列表
-                    await loadMediaInDir(result.path);
-                    
-                } else {
-                    showMessage(result.message || '创建目录失败', 'error');
-                }
-                
-            } catch (err) {
-                console.error('创建目录失败:', err);
-                showMessage('创建目录失败：' + err.message, 'error');
-            }
-        }
+    // 恢复上次访问的目录
+    const lastDir = getLastVisitedDir();
+    const targetDir = (lastDir && dirList.some(d => d.path === lastDir)) ? lastDir : '';
 
-        // 检查目录是否受保护
-        function isDirectoryProtected(dirPath) {
-            return protectedDirs.some(pdir => dirPath === pdir || dirPath.startsWith(pdir + '/'));
-        }
+    if (dirSelect.options.length > 0) {
+      dirSelect.value = targetDir;
+      currentDir = targetDir;
+    }
 
-        // 获取顶级受保护目录
-        function getTopProtectedDirectory(dirPath) {
-            for (const pdir of protectedDirs) {
-                if (dirPath === pdir || dirPath.startsWith(pdir + '/')) {
-                    return pdir;
-                }
-            }
-            return null;
-        }
+    await loadMediaInDir(targetDir);
+  } catch (err) {
+    console.error('初始化失败:', err);
+    hideLoading();
+    showMessage('初始化失败，请刷新页面重试', 'error');
+  }
+}
 
-        // 检查是否有认证Cookie
-        function hasAuthCookie(dirPath) {
-            const topDir = getTopProtectedDirectory(dirPath);
-            if (!topDir) return true;
-            const cookieName = `auth_${encodeURIComponent(topDir)}`;
-            return document.cookie.includes(cookieName);
-        }
-
-        // 上传媒体文件
-        async function uploadMedia() {
-            const file = mediaFile.files[0];
-            if (!file) {
-                showMessage('请选择要上传的媒体文件', 'error');
-                return;
-            }
-            
-            const targetDir = uploadTargetDir.value;
-            if (!targetDir) {
-                showMessage('请选择目标目录', 'error');
-                return;
-            }
-            
-            console.log('准备上传:', { fileName: file.name, targetDir, size: file.size });
-            
-            if (isDirectoryProtected(targetDir) && !hasAuthCookie(targetDir)) {
-                const topDir = getTopProtectedDirectory(targetDir);
-                showMessage('目标目录需要密码验证，请输入密码', 'info');
-                showPasswordModal(topDir, false, true, targetDir, file);
-                return;
-            }
-            
-            performUpload(targetDir, file);
-        }
-
-        // 实际执行上传函数
-        function performUpload(targetDir, file) {
-            if (!file || !targetDir) {
-                showMessage('上传参数缺失', 'error');
-                console.error('上传参数缺失:', { hasFile: !!file, hasDir: !!targetDir });
-                return;
-            }
-            
-            console.log('开始上传:', { 
-                targetDir, 
-                fileName: file.name, 
-                size: formatFileSize(file.size),
-                type: file.type 
-            });
-            
-            fileInfo.textContent = `文件名: ${file.name} | 大小: ${formatFileSize(file.size)}`;
-            uploadProgress.style.display = 'block';
-            
-            uploadStartTime = Date.now();
-            uploadedBytes = 0;
-            totalBytes = file.size;
-            speedHistory = [];
-            lastUpdateTime = 0;
-            
-            const formData = new FormData();
-            formData.append('target_dir', targetDir);
-            formData.append('file', file);
-            
-            const xhr = new XMLHttpRequest();
-            xhr.open('POST', '/api/upload-media', true);
-            xhr.withCredentials = true;
-            
-            xhr.upload.addEventListener('progress', (e) => {
-                if (e.lengthComputable) {
-                    const percent = (e.loaded / e.total) * 100;
-                    progressBar.style.width = `${percent}%`;
-                    progressPercent.textContent = `${Math.round(percent)}%`;
-                    progressDetails.textContent = `${formatFileSize(e.loaded)} / ${formatFileSize(e.total)}`;
-                    
-                    const speed = calculateSpeed(e.loaded);
-                    if (speed > 1024) {
-                        uploadSpeed.textContent = `${(speed / 1024).toFixed(2)} MB/s`;
-                    } else {
-                        uploadSpeed.textContent = `${speed.toFixed(0)} KB/s`;
-                    }
-                    
-                    if (percent > 0 && percent < 100) {
-                        const elapsed = (Date.now() - uploadStartTime) / 1000;
-                        const totalTime = elapsed / (percent / 100);
-                        const remaining = totalTime - elapsed;
-                        
-                        if (remaining > 60) {
-                            uploadSpeed.textContent += ` | 剩余: ${Math.round(remaining / 60)} 分钟`;
-                        } else {
-                            uploadSpeed.textContent += ` | 剩余: ${Math.round(remaining)} 秒`;
-                        }
-                    }
-                }
-            });
-            
-            xhr.addEventListener('load', () => {
-                console.log('上传响应:', { status: xhr.status, response: xhr.responseText });
-                
-                try {
-                    const result = JSON.parse(xhr.responseText);
-                    
-                    if (result.success) {
-                        progressBar.style.width = '100%';
-                        progressPercent.textContent = '100%';
-                        uploadSpeed.textContent = '上传完成！';
-                        showMessage(result.message);
-                        mediaFile.value = '';
-                        fileInfo.textContent = '';
-                        
-                        if (targetDir === currentDir) {
-                            setTimeout(() => {
-                                loadMediaInDir(currentDir);
-                            }, 1000);
-                        }
-                        
-                    } else {
-                        showMessage(result.message || '上传失败', 'error');
-                    }
-                } catch (err) {
-                    showMessage('上传完成但处理响应失败: ' + err.message, 'error');
-                    console.error('解析响应失败:', err, xhr.responseText);
-                }
-                
-                setTimeout(() => {
-                    uploadProgress.style.display = 'none';
-                }, 3000);
-            });
-            
-            xhr.addEventListener('error', (e) => {
-                console.error('上传错误:', e);
-                showMessage('上传失败：网络错误', 'error');
-                uploadProgress.style.display = 'none';
-            });
-            
-            xhr.addEventListener('abort', () => {
-                console.log('上传被取消');
-                showMessage('上传已取消', 'info');
-                uploadProgress.style.display = 'none';
-            });
-            
-            xhr.send(formData);
-        }
-
-        // 初始化应用（核心修复：优先加载上次访问目录）
-        async function initApp() {
-            try {
-                showLoading('初始化中...');
-                
-                // 关键修复1：获取上次访问的目录（优先于默认根目录）
-                const lastDir = getLastVisitedDir();
-                console.log('初始化 - 上次访问目录:', lastDir);
-                
-                // 加载目录列表
-                const dirResponse = await fetch('/api/directories');
-                const dirData = await dirResponse.json();
-                dirList = flattenDirectories(dirData.directories);
-                
-                // 关键修复2：初始化目录选择框时，选中上次访问的目录
-                populateDirSelect(lastDir);
-                
-                // 加载所有目录（用于上传）
-                await loadAllDirectories();
-                
-                // 加载受保护目录列表
-                await loadProtectedDirectories();
-                
-                // 关键修复3：优先加载上次访问的目录，而不是默认根目录
-                const initDir = lastDir || "";
-                await loadMediaInDir(initDir);
-                
-                hideLoading();
-            } catch (err) {
-                console.error('初始化失败:', err);
-                showMessage('初始化失败：' + err.message, 'error');
-                hideLoading();
-            }
-        }
-
-        // 事件监听器
-        dirSelect.addEventListener('change', (e) => {
-            const selectedDir = e.target.value;
-            loadMediaInDir(selectedDir);
-        });
-
-        mediaSelect.addEventListener('change', (e) => {
-            playMedia(parseInt(e.target.value));
-        });
-
-        prevBtn.addEventListener('click', () => {
-            if (currentIndex > 0) {
-                playMedia(currentIndex - 1);
-            }
-        });
-
-        nextBtn.addEventListener('click', () => {
-            if (currentIndex < mediaList.length - 1) {
-                playMedia(currentIndex + 1);
-            }
-        });
-
-        uploadBtn.addEventListener('click', uploadMedia);
-        createDirBtn.addEventListener('click', createDirectory);
-
-        // 密码模态框事件
-        confirmBtn.addEventListener('click', () => {
-            const password = modalPassword.value.trim();
-            if (!password) {
-                modalMessage.textContent = '请输入密码';
-                modalMessage.className = 'error';
-                return;
-            }
-            verifyDirectoryPassword(password);
-        });
-
-        cancelBtn.addEventListener('click', hidePasswordModal);
-
-        // ESC键关闭模态框
-        document.addEventListener('keydown', (e) => {
-            if (e.key === 'Escape') {
-                hidePasswordModal();
-            }
-        });
-
-        // 点击模态框外部关闭
-        passwordModal.addEventListener('click', (e) => {
-            if (e.target === passwordModal) {
-                hidePasswordModal();
-            }
-        });
-
-        // 媒体播放结束自动播放下一个
-        videoPlayer.addEventListener('ended', () => {
-            if (currentIndex < mediaList.length - 1) {
-                playMedia(currentIndex + 1);
-            }
-        });
-
-        audioPlayer.addEventListener('ended', () => {
-            if (currentIndex < mediaList.length - 1) {
-                playMedia(currentIndex + 1);
-            }
-        });
-
-        // 初始化应用
-        document.addEventListener('DOMContentLoaded', initApp);
-    </script>
+init();
+</script>
 </body>
 </html>
-
diff --git a/nas-media-player.py b/nas-media-player.py
index ab089bb..691f6fa 100644
--- a/nas-media-player.py
+++ b/nas-media-player.py
@@ -11,15 +11,16 @@ import urllib.parse
 from pathlib import Path
 from datetime import datetime
 from typing import Optional, List, Dict
-import unicodedata
 import socket
+import tempfile
+import shutil
 
 VIDEO_DIR = os.getenv("NAS_MEDIA_VIDEO_DIR", "/mnt")
 PORT = int(os.getenv("NAS_MEDIA_PORT", 8800))
 APP_DIR = os.getenv("NAS_MEDIA_APP_DIR", "/opt/nas-media-player")
 LOG_FILE = os.getenv("NAS_MEDIA_LOG_FILE", os.path.join(APP_DIR, "nas-media-player.log"))
 
-
+# 确保日志目录存在
 log_dir = os.path.dirname(LOG_FILE)
 os.makedirs(log_dir, exist_ok=True)
 logging.basicConfig(
@@ -103,8 +104,13 @@ SUPPORTED_AUDIO_FORMATS = {
 SUPPORTED_FORMATS = {**SUPPORTED_VIDEO_FORMATS, **SUPPORTED_IMAGE_FORMATS, **SUPPORTED_AUDIO_FORMATS}
 SUPPORTED_EXTENSIONS = list(SUPPORTED_FORMATS.keys())
 
-# 挂载静态文件
-app.mount("/static", StaticFiles(directory=Path(APP_DIR) / "static"), name="static")
+# 挂载静态文件（延迟到目录确实存在时）
+static_dir = Path(APP_DIR) / "static"
+if static_dir.exists():
+    app.mount("/static", StaticFiles(directory=str(static_dir)), name="static")
+else:
+    logger.warning(f"静态文件目录不存在，跳过挂载: {static_dir}")
+
 
 def get_safe_cookie_key(dir_path: str) -> str:
     """将目录路径转换为MD5哈希值，避免Cookie键名包含非法字符"""
@@ -112,184 +118,237 @@ def get_safe_cookie_key(dir_path: str) -> str:
     md5_hash = hashlib.md5(encoded_path).hexdigest()
     return f"auth_{md5_hash}"
 
-# 密码管理功能
+
+# ── 密码管理功能 ────────────────────────────────────────────────────────────────
+
 def init_password_file():
-    """初始化密码文件（修复目录创建+合法JSON写入）"""
+    """初始化密码文件"""
     app_dir = Path(APP_DIR)
     app_dir.mkdir(parents=True, exist_ok=True)
 
     if not PASSWORD_FILE.exists():
-        with open(PASSWORD_FILE, 'w', encoding='utf-8') as f:
-            json.dump({}, f)
+        PASSWORD_FILE.write_text("{}", encoding="utf-8")
     else:
         try:
-            with open(PASSWORD_FILE, 'r', encoding='utf-8') as f:
-                json.load(f)
-        except json.JSONDecodeError:
-            with open(PASSWORD_FILE, 'w', encoding='utf-8') as f:
-                json.dump({}, f)
+            json.loads(PASSWORD_FILE.read_text(encoding="utf-8"))
+        except (json.JSONDecodeError, OSError):
+            PASSWORD_FILE.write_text("{}", encoding="utf-8")
+
 
 def hash_password(password: str) -> str:
     """密码哈希"""
     return hashlib.sha256(password.encode()).hexdigest()
 
-def save_directory_password(dir_path: str, password: str):
-    """保存目录密码"""
+
+def _read_password_data() -> dict:
+    """读取密码文件数据（内部辅助函数）"""
     init_password_file()
-    with open(PASSWORD_FILE, 'r+') as f:
-        data = json.load(f)
-        data[dir_path] = {
-            "password_hash": hash_password(password),
-            "created_at": datetime.now().isoformat()
-        }
-        f.seek(0)
-        json.dump(data, f, indent=2)
-        f.truncate()
+    try:
+        return json.loads(PASSWORD_FILE.read_text(encoding="utf-8"))
+    except (json.JSONDecodeError, OSError):
+        return {}
+
+
+def save_directory_password(dir_path: str, password: str):
+    """保存目录密码（原子写入，防止并发破坏）"""
+    data = _read_password_data()
+    data[dir_path] = {
+        "password_hash": hash_password(password),
+        "created_at": datetime.now().isoformat()
+    }
+    # 原子写：先写临时文件再替换
+    tmp_path = PASSWORD_FILE.with_suffix(".tmp")
+    try:
+        tmp_path.write_text(json.dumps(data, indent=2, ensure_ascii=False), encoding="utf-8")
+        shutil.move(str(tmp_path), str(PASSWORD_FILE))
+    except Exception as e:
+        if tmp_path.exists():
+            tmp_path.unlink(missing_ok=True)
+        raise e
+
 
 def get_directory_password(dir_path: str) -> Optional[str]:
     """获取目录密码哈希"""
-    init_password_file()
-    if not PASSWORD_FILE.exists():
-        return None
-    with open(PASSWORD_FILE, 'r') as f:
-        data = json.load(f)
-        return data.get(dir_path, {}).get("password_hash")
+    return _read_password_data().get(dir_path, {}).get("password_hash")
+
 
 def check_directory_password(dir_path: str, password: str) -> bool:
     """验证目录密码"""
     stored_hash = get_directory_password(dir_path)
     if not stored_hash:
-        return True
+        return True  # 未设置密码，视为通过
     return stored_hash == hash_password(password)
 
+
 def get_protected_directories() -> List[str]:
     """获取所有受保护的目录"""
-    init_password_file()
-    with open(PASSWORD_FILE, 'r') as f:
-        data = json.load(f)
-        return list(data.keys())
+    return list(_read_password_data().keys())
+
 
 def is_protected_directory(dir_path: str) -> bool:
-    """检查目录是否受保护（修复路径匹配逻辑）"""
+    """检查目录（或其祖先）是否受保护"""
     if not dir_path:
         return False
     protected_dirs = get_protected_directories()
-    dir_path_normalized = dir_path.replace(os.sep, '/').rstrip('/')
-    protected_dirs_normalized = [pdir.replace(os.sep, '/').rstrip('/') for pdir in protected_dirs]
-    
-    for pdir in protected_dirs_normalized:
-        if dir_path_normalized == pdir or dir_path_normalized.startswith(f"{pdir}/"):
+    norm = dir_path.replace(os.sep, '/').rstrip('/')
+    for pdir in protected_dirs:
+        pnorm = pdir.replace(os.sep, '/').rstrip('/')
+        if norm == pnorm or norm.startswith(f"{pnorm}/"):
             return True
     return False
 
+
 def get_top_protected_directory(dir_path: str) -> Optional[str]:
-    """获取目录所属的顶级受保护目录（兼容Python 3.8-）"""
+    """获取目录所属的顶级受保护祖先目录"""
     if not dir_path or not is_protected_directory(dir_path):
         return None
-    
-    # 统一路径分隔符为/，便于匹配
-    dir_path_normalized = dir_path.replace(os.sep, '/').rstrip('/')
+
+    norm = dir_path.replace(os.sep, '/').rstrip('/')
     protected_dirs = get_protected_directories()
-    protected_dirs_normalized = [pdir.replace(os.sep, '/').rstrip('/') for pdir in protected_dirs]
-    
     top_dir = None
-    max_depth = -1
-    
-    for pdir, pdir_original in zip(protected_dirs_normalized, protected_dirs):
-        if dir_path_normalized == pdir or dir_path_normalized.startswith(f"{pdir}/"):
-            depth = pdir.count('/')
-            if top_dir is None or depth < max_depth:
-                max_depth = depth
-                top_dir = pdir_original
-    
+    min_depth = float('inf')
+
+    for pdir in protected_dirs:
+        pnorm = pdir.replace(os.sep, '/').rstrip('/')
+        if norm == pnorm or norm.startswith(f"{pnorm}/"):
+            depth = pnorm.count('/')
+            if depth < min_depth:
+                min_depth = depth
+                top_dir = pdir
+
     return top_dir
 
-async def verify_dir_access(request: Request, dir_path: str) -> bool:
-    """验证目录访问权限（简化逻辑，避免误拦截）"""
-    if not dir_path or not is_protected_directory(dir_path):
-        return True
-    
-    top_protected_dir = get_top_protected_directory(dir_path)
-    if not top_protected_dir:
-        return True
-    
-    # 使用安全的Cookie键名
+
+def _verify_cookie(request: Request, top_protected_dir: str) -> bool:
+    """检查 Cookie 是否匹配受保护目录的密码哈希"""
     cookie_key = get_safe_cookie_key(top_protected_dir)
     cookie_value = request.cookies.get(cookie_key)
     stored_hash = get_directory_password(top_protected_dir)
-    
-    # 兼容Cookie不存在的情况
-    if cookie_value and stored_hash and cookie_value == stored_hash:
-        logger.info(f"目录访问验证通过: {dir_path} (Cookie认证)")
+    return bool(cookie_value and stored_hash and cookie_value == stored_hash)
+
+
+async def check_dir_access(dir_path: str, request: Request) -> bool:
+    """检查目录访问权限（统一入口）"""
+    if not dir_path:
         return True
-    
-    logger.warning(f"目录访问验证失败: {dir_path} (缺少有效Cookie)")
-    return False
+    top_protected_dir = get_top_protected_directory(dir_path)
+    if not top_protected_dir:
+        return True
+    result = _verify_cookie(request, top_protected_dir)
+    if result:
+        logger.info(f"目录访问验证通过: {dir_path}")
+    else:
+        logger.warning(f"目录访问验证失败: {dir_path}")
+    return result
 
-# 根路径返回前端页面
-@app.get("/", response_class=HTMLResponse)
-async def read_root():
-    return FileResponse(str(Path(APP_DIR) / "static" / "index.html"))
 
-# 安全检查路径（兼容Python 3.8及以下版本）
+# ── 路径安全辅助 ────────────────────────────────────────────────────────────────
+
 def safe_join(base: Path, *paths) -> Path:
+    """安全拼接路径，防止路径穿越攻击"""
     try:
-        decoded_paths = [urllib.parse.unquote(path) for path in paths]
-        joined_path = base.joinpath(*decoded_paths).resolve()
-        joined_path.relative_to(base)
-        return joined_path
+        decoded_paths = [urllib.parse.unquote(p) for p in paths]
+        joined = base.joinpath(*decoded_paths).resolve()
+        joined.relative_to(base)  # 若越界则抛 ValueError
+        return joined
     except ValueError:
-        logger.error(f"路径越权：{joined_path} 不在 {base} 范围内")
         raise HTTPException(status_code=403, detail="无效路径（越权访问）")
     except Exception as e:
-        logger.error(f"Path security check failed: {e}")
+        logger.error(f"路径安全检查失败: {e}")
         raise HTTPException(status_code=403, detail="Invalid path")
 
-# 获取目录结构
+
+# ── 自然排序辅助 ────────────────────────────────────────────────────────────────
+
+import re
+
+def _natural_sort_key(s: str):
+    """将字符串拆分为文本/数字段，用于自然排序（1, 2, 10 而不是 1, 10, 2）"""
+    parts = re.split(r'(\d+)', s.lower())
+    return [int(p) if p.isdigit() else p for p in parts]
+
+
+# ── API 路由 ────────────────────────────────────────────────────────────────────
+
+@app.get("/", response_class=HTMLResponse)
+async def read_root():
+    index_path = Path(APP_DIR) / "static" / "index.html"
+    if not index_path.exists():
+        raise HTTPException(status_code=404, detail="前端页面未找到")
+    return FileResponse(str(index_path))
+
+
 @app.get("/api/directories")
 async def get_directories():
-    dirs = []
-    protected_dirs = get_protected_directories()
-    
-    def traverse_recursive_dirs(path: Path, rel_path: str = "") -> List[Dict]:
+    def traverse(path: Path, rel_path: str = "") -> List[Dict]:
         items = []
         try:
-            for dir in path.iterdir():
-                if dir.is_dir() and not dir.name.startswith('.'):
-                    sub_rel = f"{rel_path}/{dir.name}" if rel_path else dir.name
-                    is_protected = is_protected_directory(sub_rel)
+            for d in sorted(path.iterdir(), key=lambda x: _natural_sort_key(x.name)):
+                if d.is_dir() and not d.name.startswith('.'):
+                    sub_rel = f"{rel_path}/{d.name}" if rel_path else d.name
                     items.append({
-                        "name": dir.name,
+                        "name": d.name,
                         "path": sub_rel,
                         "type": "directory",
-                        "protected": is_protected,
-                        "children": traverse_recursive_dirs(dir, sub_rel)
+                        "protected": is_protected_directory(sub_rel),
+                        "children": traverse(d, sub_rel)
                     })
+        except PermissionError:
+            logger.warning(f"目录无读取权限: {path}")
         except Exception as e:
-            logger.error(f"Directory traversal error: {e}")
+            logger.error(f"目录遍历错误: {e}")
         return items
-    
-    if VIDEO_ROOT.exists():
-        dirs = traverse_recursive_dirs(VIDEO_ROOT)
+
+    dirs = traverse(VIDEO_ROOT) if VIDEO_ROOT.exists() else []
     return {"directories": dirs}
 
 
+@app.get("/api/all-directories")
+async def get_all_directories():
+    all_dirs = []
+
+    def traverse(path: Path, rel_path: str = ""):
+        all_dirs.append({
+            "name": rel_path if rel_path else "主目录",
+            "path": rel_path,
+            "protected": is_protected_directory(rel_path)
+        })
+        try:
+            for d in sorted(path.iterdir(), key=lambda x: _natural_sort_key(x.name)):
+                if d.is_dir() and not d.name.startswith('.'):
+                    sub_rel = f"{rel_path}/{d.name}" if rel_path else d.name
+                    traverse(d, sub_rel)
+        except PermissionError:
+            logger.warning(f"目录无读取权限: {path}")
+        except Exception as e:
+            logger.error(f"目录遍历错误: {e}")
+
+    if VIDEO_ROOT.exists():
+        traverse(VIDEO_ROOT)
+    return {"directories": all_dirs}
+
+
+@app.get("/api/protected-directories")
+async def get_protected_dirs():
+    return {"protected_dirs": get_protected_directories()}
+
+
 @app.post("/api/verify-dir-password")
 async def verify_dir_password(dir_path: str = Form(...), password: str = Form(...)):
     try:
         top_protected_dir = get_top_protected_directory(dir_path)
         if not top_protected_dir:
             return {"success": True, "message": "目录不受保护"}
-        
+
         if check_directory_password(top_protected_dir, password):
             cookie_key = get_safe_cookie_key(top_protected_dir)
             response = JSONResponse({"success": True, "message": "密码正确"})
             response.set_cookie(
                 key=cookie_key,
                 value=hash_password(password),
-                max_age=3600,
+                max_age=3600 * 8,   # 8小时（原来1小时，延长减少重复验证）
                 httponly=True,
-                secure=False,
+                secure=False,       # LAN 部署通常无 HTTPS
                 samesite="lax"
             )
             logger.info(f"目录密码验证成功: {top_protected_dir}")
@@ -298,48 +357,43 @@ async def verify_dir_password(dir_path: str = Form(...), password: str = Form(..
             logger.warning(f"目录密码验证失败: {top_protected_dir}")
             return {"success": False, "message": "密码错误"}
     except Exception as e:
-        logger.error(f"Password verification error: {e}")
+        logger.error(f"密码验证异常: {e}")
         return {"success": False, "message": f"验证失败: {str(e)}"}
 
-async def check_dir_access(dir_path: str, request: Request) -> bool:
-    """检查目录访问权限"""
-    if not dir_path:
-        return True
-    
-    top_protected_dir = get_top_protected_directory(dir_path)
-    if not top_protected_dir:
-        return True
-    
-    cookie_key = get_safe_cookie_key(top_protected_dir)
-    cookie_value = request.cookies.get(cookie_key)
-    stored_hash = get_directory_password(top_protected_dir)
-    
-    if cookie_value and cookie_value == stored_hash:
-        return True
-    
-    return False
+
+@app.post("/api/clear-dir-auth")
+async def clear_dir_auth(dir_path: str = Form(...)):
+    try:
+        top_protected_dir = get_top_protected_directory(dir_path)
+        if not top_protected_dir:
+            return {"success": True, "message": "目录不受保护"}
+
+        cookie_key = get_safe_cookie_key(top_protected_dir)
+        response = JSONResponse({"success": True, "message": "已清除访问权限"})
+        response.delete_cookie(cookie_key)
+        return response
+    except Exception as e:
+        logger.error(f"清除认证失败: {e}")
+        return {"success": False, "message": f"清除失败: {str(e)}"}
+
 
 @app.get("/api/media")
 async def get_media(subdir: Optional[str] = None, request: Request = None):
     try:
         if subdir and not await check_dir_access(subdir, request):
             return {
-                "media": [], 
-                "current_dir": subdir or "", 
+                "media": [],
+                "current_dir": subdir or "",
                 "protected": True,
                 "top_protected_dir": get_top_protected_directory(subdir)
             }
-        
-        if subdir and subdir.strip():
-            target_dir = safe_join(VIDEO_ROOT, subdir.strip())
-        else:
-            target_dir = VIDEO_ROOT
-            
+
+        target_dir = safe_join(VIDEO_ROOT, subdir.strip()) if subdir and subdir.strip() else VIDEO_ROOT
+
         if not target_dir.exists() or not target_dir.is_dir():
             return {"media": [], "current_dir": subdir or ""}
-        
-        media = []
 
+        media = []
         for file in target_dir.iterdir():
             if file.is_file():
                 ext = file.suffix.lower()
@@ -350,33 +404,35 @@ async def get_media(subdir: Optional[str] = None, request: Request = None):
                         file_type = "audio"
                     else:
                         file_type = "image"
-                    
+                    stat = file.stat()
                     media.append({
                         "name": file.name,
                         "type": file_type,
                         "extension": ext,
-                        "size": file.stat().st_size,
-                        "modified": file.stat().st_mtime,
+                        "size": stat.st_size,
+                        "modified": stat.st_mtime,
                         "path": str(file)
                     })
-        
-        # 按文件名自然排序
-        media.sort(key=lambda x: (len(x["name"]), x["name"]))
+
+        # 自然排序（1, 2, 10 顺序，而非 1, 10, 2）
+        media.sort(key=lambda x: _natural_sort_key(x["name"]))
         logger.info(f"Found {len(media)} media files in {target_dir}")
-        
+
         return {
             "media": media,
             "current_dir": subdir or "",
             "protected": is_protected_directory(subdir or ""),
             "top_protected_dir": get_top_protected_directory(subdir or "")
         }
+    except HTTPException:
+        raise
     except Exception as e:
-        logger.error(f"Error getting media list: {e}")
+        logger.error(f"获取媒体列表失败: {e}")
         return {"media": [], "current_dir": subdir or "", "error": str(e)}
 
-# 编码文件名用于HTTP头
+
 def encode_filename_for_header(filename: str) -> str:
-    """编码文件名以支持中文等特殊字符"""
+    """编码文件名以支持中文等非 ASCII 字符"""
     try:
         filename.encode('ascii')
         return filename
@@ -389,204 +445,139 @@ async def serve_media(path: str, request: Request):
     try:
         decoded_path = urllib.parse.unquote(path)
         full_media_path = safe_join(VIDEO_ROOT, decoded_path)
-        media_dir = path_relative_to(full_media_path.parent, VIDEO_ROOT) if path_is_relative_to(full_media_path.parent, VIDEO_ROOT) else str(full_media_path.parent)
-        
-        if is_protected_directory(media_dir) and not await verify_dir_access(request, media_dir):
+        media_dir = (
+            path_relative_to(full_media_path.parent, VIDEO_ROOT)
+            if path_is_relative_to(full_media_path.parent, VIDEO_ROOT)
+            else str(full_media_path.parent)
+        )
+
+        if is_protected_directory(media_dir) and not await check_dir_access(media_dir, request):
             raise HTTPException(status_code=403, detail="需要密码访问")
-        
+
         if not full_media_path.exists() or not full_media_path.is_file():
-            logger.warning(f"Media file not found: {full_media_path}")
-            return JSONResponse(
-                status_code=404,
-                content={"error": "Media file not found"}
-            )
-        
+            return JSONResponse(status_code=404, content={"error": "Media file not found"})
+
         ext = full_media_path.suffix.lower()
         if ext not in SUPPORTED_EXTENSIONS:
-            return JSONResponse(
-                status_code=400,
-                content={"error": f"Unsupported format: {ext}"}
-            )
-        
+            return JSONResponse(status_code=400, content={"error": f"Unsupported format: {ext}"})
+
         mime_type = SUPPORTED_FORMATS.get(ext, "application/octet-stream")
-        
-        # 处理图片
+        filename = full_media_path.name
+        encoded_filename = encode_filename_for_header(filename)
+        content_disp = f'inline; filename="{encoded_filename}"; filename*=UTF-8\'\'{encoded_filename}'
+
+        # 图片：直接返回
         if ext in SUPPORTED_IMAGE_FORMATS:
             logger.info(f"Serving image: {full_media_path}")
-            
-            # 处理中文文件名的HTTP头
-            filename = full_media_path.name
-            encoded_filename = encode_filename_for_header(filename)
-            
-            headers = {
-                "Cache-Control": "max-age=3600",
-                "Content-Disposition": f"inline; filename=\"{encoded_filename}\"; filename*=UTF-8''{encoded_filename}"
-            }
-            
             return FileResponse(
                 path=str(full_media_path),
                 media_type=mime_type,
-                filename=encoded_filename,
-                headers=headers
+                headers={"Cache-Control": "max-age=3600", "Content-Disposition": content_disp}
             )
-        
-        # 处理音频
-        elif ext in SUPPORTED_AUDIO_FORMATS:
+
+        # 音频：直接返回（浏览器原生断点续传）
+        if ext in SUPPORTED_AUDIO_FORMATS:
             logger.info(f"Serving audio: {full_media_path}")
-            
-            # 处理中文文件名的HTTP头
-            filename = full_media_path.name
-            encoded_filename = encode_filename_for_header(filename)
-            
-            headers = {
-                "Content-Disposition": f"inline; filename=\"{encoded_filename}\"; filename*=UTF-8''{encoded_filename}"
-            }
-            
             return FileResponse(
                 path=str(full_media_path),
                 media_type=mime_type,
-                filename=encoded_filename,
-                headers=headers
+                headers={"Content-Disposition": content_disp, "Accept-Ranges": "bytes"}
             )
-        
-        # 视频处理断点续传
+
+        # 视频：手动处理 Range 断点续传
         file_size = full_media_path.stat().st_size
         range_header = request.headers.get("Range")
-        
+
+        start, end = 0, min(1024 * 1024 * 2, file_size - 1)  # 默认前 2 MB
         if range_header:
             try:
                 range_str = range_header.split("=")[-1]
                 start_str, end_str = range_str.split("-")
                 start = int(start_str) if start_str else 0
                 end = int(end_str) if end_str else file_size - 1
-                end = min(end, file_size - 1)
                 start = max(0, start)
-            except:
-                start = 0
-                end = min(1024*1024*2, file_size - 1)
-        else:
-            start = 0
-            end = min(1024*1024*2, file_size - 1)
-        
-        # 异步分块读取
+                end = min(end, file_size - 1)
+            except (ValueError, IndexError):
+                start, end = 0, min(1024 * 1024 * 2, file_size - 1)
+
         async def iterfile():
             async with aiofiles.open(str(full_media_path), 'rb') as f:
                 await f.seek(start)
                 remaining = end - start + 1
                 while remaining > 0:
-                    chunk_size = min(1024*1024, remaining)
-                    chunk = await f.read(chunk_size)
+                    chunk = await f.read(min(1024 * 1024, remaining))
                     if not chunk:
                         break
                     yield chunk
-                    remaining -= chunk_size
-        
-        # 处理视频文件名
-        filename = full_media_path.name
-        encoded_filename = encode_filename_for_header(filename)
-        
+                    remaining -= len(chunk)
+
         headers = {
             "Content-Range": f"bytes {start}-{end}/{file_size}",
             "Accept-Ranges": "bytes",
             "Content-Length": str(end - start + 1),
             "Content-Type": mime_type,
-            "Content-Disposition": f"inline; filename=\"{encoded_filename}\"; filename*=UTF-8''{encoded_filename}"
+            "Content-Disposition": content_disp,
         }
-        
         logger.info(f"Serving video: {full_media_path} (bytes {start}-{end}/{file_size})")
-        return StreamingResponse(
-            iterfile(),
-            status_code=206,
-            headers=headers,
-            media_type=mime_type
-        )
-        
-    except HTTPException as e:
+        return StreamingResponse(iterfile(), status_code=206, headers=headers, media_type=mime_type)
+
+    except HTTPException:
         raise
     except Exception as e:
-        logger.error(f"Error serving media: {e}")
-        return JSONResponse(
-            status_code=500,
-            content={"error": f"Server error: {str(e)}"}
-        )
-
-# 获取所有目录路径
-@app.get("/api/all-directories")
-async def get_all_directories():
-    all_dirs = []
-    
-    def traverse_all_dirs(path: Path, rel_path: str = ""):
-        try:
-            all_dirs.append({
-                "name": rel_path if rel_path else "主目录",
-                "path": rel_path,
-                "protected": is_protected_directory(rel_path)
-            })
-            for dir in path.iterdir():
-                if dir.is_dir() and not dir.name.startswith('.'):
-                    sub_rel = f"{rel_path}/{dir.name}" if rel_path else dir.name
-                    traverse_all_dirs(dir, sub_rel)
-        except Exception as e:
-            logger.error(f"Error traversing all directories: {e}")
-    
-    if VIDEO_ROOT.exists():
-        traverse_all_dirs(VIDEO_ROOT)
-    return {"directories": all_dirs}
+        logger.error(f"媒体文件服务失败: {e}")
+        return JSONResponse(status_code=500, content={"error": f"Server error: {str(e)}"})
 
 
 @app.post("/api/create-directory")
 async def create_directory(
-    target_path: str = Form(""), 
+    target_path: str = Form(""),
     new_dir: str = Form(...),
     dir_password: Optional[str] = Form(None)
 ):
     try:
-        if not new_dir or new_dir.strip() == "":
+        if not new_dir or not new_dir.strip():
             raise HTTPException(status_code=400, detail="目录名不能为空")
-        
-        # 安全路径拼接
-        if target_path and target_path.strip():
-            parent_dir = safe_join(VIDEO_ROOT, target_path.strip())
-        else:
-            parent_dir = VIDEO_ROOT
-        
-        # 新增：检查父目录是否存在且可写
+
+        new_dir = new_dir.strip()
+
+        invalid_chars = ['/', '\\', ':', '*', '?', '"', '<', '>', '|', '\0']
+        if any(c in new_dir for c in invalid_chars):
+            raise HTTPException(status_code=400, detail="目录名包含非法字符（/\\:*?\"<>|）")
+
+        parent_dir = safe_join(VIDEO_ROOT, target_path.strip()) if target_path and target_path.strip() else VIDEO_ROOT
+
         if not parent_dir.exists():
             raise HTTPException(status_code=404, detail=f"父目录不存在: {parent_dir}")
         if not os.access(parent_dir, os.W_OK):
-            raise HTTPException(status_code=403, detail=f"父目录无写入权限: {parent_dir}")
-        
-        new_dir_path = parent_dir / new_dir.strip()
-        new_dir_rel_path = path_relative_to(new_dir_path, VIDEO_ROOT) if path_is_relative_to(new_dir_path, VIDEO_ROOT) else str(new_dir_path)
-        
-        # 检查目录名合法性
-        invalid_chars = ['/', '\\', ':', '*', '?', '"', '<', '>', '|']
-        if any(char in new_dir for char in invalid_chars):
-            raise HTTPException(status_code=400, detail="目录名包含非法字符（/\:*?\"<>|）")
-        
-        # 新增：检查目录是否已存在
+            raise HTTPException(status_code=403, detail="父目录无写入权限")
+
+        new_dir_path = parent_dir / new_dir
         if new_dir_path.exists():
-            raise HTTPException(status_code=409, detail=f"目录已存在: {new_dir_path.name}")
-        
-        # 创建目录（增强异常捕获）
+            raise HTTPException(status_code=409, detail=f"目录已存在: {new_dir}")
+
         try:
-            new_dir_path.mkdir(parents=True, exist_ok=False)
+            new_dir_path.mkdir(parents=False, exist_ok=False)
         except PermissionError:
-            raise HTTPException(status_code=403, detail=f"创建目录失败：权限不足（{new_dir_path}）")
+            raise HTTPException(status_code=403, detail="创建目录失败：权限不足")
         except Exception as e:
             raise HTTPException(status_code=500, detail=f"创建目录失败：{str(e)}")
-        
-        # 设置密码保护
+
+        new_dir_rel = (
+            path_relative_to(new_dir_path, VIDEO_ROOT)
+            if path_is_relative_to(new_dir_path, VIDEO_ROOT)
+            else str(new_dir_path)
+        )
+
         if dir_password and dir_password.strip():
-            save_directory_password(new_dir_rel_path, dir_password.strip())
+            save_directory_password(new_dir_rel, dir_password.strip())
             logger.info(f"带密码保护的目录创建成功: {new_dir_path}")
         else:
             logger.info(f"目录创建成功: {new_dir_path}")
-        
+
         return {
-            "success": True, 
-            "message": f"目录创建成功: {new_dir_path.name}" + ("（已设置密码保护）" if dir_password else ""),
-            "path": new_dir_rel_path,
+            "success": True,
+            "message": f"目录创建成功: {new_dir}" + ("（已设置密码保护）" if dir_password else ""),
+            "path": new_dir_rel,
             "protected": bool(dir_password)
         }
     except HTTPException:
@@ -595,137 +586,185 @@ async def create_directory(
         logger.error(f"创建目录异常: {e}", exc_info=True)
         return {"success": False, "message": f"创建失败: {str(e)}"}
 
+
 @app.post("/api/upload-media")
 async def upload_media(
     request: Request,
     target_dir: str = Form(""),
     file: UploadFile = File(...)
 ):
+    file_path = None
     try:
-        logger.info(f"开始处理上传请求 - 目标目录: {target_dir}, 文件名: {file.filename}")
-        
-        if is_protected_directory(target_dir) and not await verify_dir_access(request, target_dir):
-            logger.warning(f"加密目录上传权限拒绝: {target_dir}")
+        logger.info(f"上传请求 - 目标目录: {target_dir}, 文件: {file.filename}")
+
+        if is_protected_directory(target_dir) and not await check_dir_access(target_dir, request):
             return {"success": False, "message": "无权访问该目录，请先验证密码"}
-        
+
         if not file or not file.filename:
-            logger.warning("上传失败：未选择文件")
             return {"success": False, "message": "未选择文件"}
-        
+
         filename = file.filename
         file_ext = Path(filename).suffix.lower()
         if file_ext not in SUPPORTED_EXTENSIONS:
-            logger.warning(f"上传失败：不支持的文件格式 {file_ext}")
             return {
-                "success": False, 
+                "success": False,
                 "message": f"不支持的文件格式: {file_ext}，支持的格式: {', '.join(SUPPORTED_EXTENSIONS)}"
             }
-        
-        if target_dir.strip():
-            upload_dir = safe_join(VIDEO_ROOT, target_dir.strip())
-        else:
-            upload_dir = VIDEO_ROOT
-        
+
+        upload_dir = safe_join(VIDEO_ROOT, target_dir.strip()) if target_dir.strip() else VIDEO_ROOT
         os.makedirs(upload_dir, exist_ok=True)
-        logger.info(f"上传目录已确认: {upload_dir}")
-        
+
+        # 文件名去重
         file_path = upload_dir / filename
         counter = 1
         while file_path.exists():
             stem = Path(filename).stem
-            new_filename = f"{stem}_{counter}{file_ext}"
-            file_path = upload_dir / new_filename
+            file_path = upload_dir / f"{stem}_{counter}{file_ext}"
             counter += 1
-        
+
+        # 写入文件（先写临时文件，成功后原子移动）
+        tmp_fd, tmp_name = tempfile.mkstemp(dir=upload_dir)
         try:
-            async with aiofiles.open(str(file_path), 'wb') as f:
-                content_length = 0
-                while chunk := await file.read(1024 * 1024):
+            content_length = 0
+            async with aiofiles.open(tmp_name, 'wb') as f:
+                while True:
+                    chunk = await file.read(1024 * 1024)
+                    if not chunk:
+                        break
                     await f.write(chunk)
                     content_length += len(chunk)
-            
-            if not file_path.exists():
-                raise Exception("文件保存失败：文件不存在")
-            if file_path.stat().st_size != content_length:
-                logger.warning(f"文件大小不一致 - 预期: {content_length}, 实际: {file_path.stat().st_size}")
-            
-            # 确定文件类型
-            if file_ext in SUPPORTED_VIDEO_FORMATS:
-                file_type = "视频"
-            elif file_ext in SUPPORTED_AUDIO_FORMATS:
-                file_type = "音频"
-            else:
-                file_type = "图片"
-            
-            logger.info(f"文件上传成功: {file_path} ({file_type}, {file_path.stat().st_size} bytes)")
-            
-            return {
-                "success": True,
-                "message": f"{file_type}文件 {file_path.name} 上传成功",
-                "filename": file_path.name,
-                "path": target_dir,
-                "size": file_path.stat().st_size
-            }
-            
+
+            os.close(tmp_fd)
+            shutil.move(tmp_name, str(file_path))
         except Exception as e:
-            # 清理不完整文件
-            if file_path.exists() and file_path.stat().st_size == 0:
-                file_path.unlink()
-                logger.warning(f"清理空文件: {file_path}")
+            os.close(tmp_fd)
+            if os.path.exists(tmp_name):
+                os.unlink(tmp_name)
             raise Exception(f"保存文件失败: {str(e)}")
-            
-    except Exception as e:
-        logger.error(f"上传失败: {str(e)}")
+
+        actual_size = file_path.stat().st_size
+        if actual_size != content_length:
+            logger.warning(f"文件大小不一致 - 写入: {content_length}, 磁盘: {actual_size}")
+
+        file_type = "视频" if file_ext in SUPPORTED_VIDEO_FORMATS else ("音频" if file_ext in SUPPORTED_AUDIO_FORMATS else "图片")
+        logger.info(f"上传成功: {file_path} ({file_type}, {actual_size} bytes)")
+
         return {
-            "success": False, 
-            "message": f"上传失败: {str(e)}"
+            "success": True,
+            "message": f"{file_type}文件 {file_path.name} 上传成功",
+            "filename": file_path.name,
+            "path": target_dir,
+            "size": actual_size
         }
+
+    except HTTPException:
+        raise
+    except Exception as e:
+        # 清理可能已创建的残留文件
+        if file_path and isinstance(file_path, Path) and file_path.exists() and file_path.stat().st_size == 0:
+            file_path.unlink(missing_ok=True)
+        logger.error(f"上传失败: {e}")
+        return {"success": False, "message": f"上传失败: {str(e)}"}
     finally:
-        # 确保文件句柄关闭
         try:
             await file.close()
-        except Exception as e:
-            logger.error(f"关闭文件句柄失败: {e}")
+        except Exception:
+            pass
 
-@app.post("/api/clear-dir-auth")
-async def clear_dir_auth(dir_path: str = Form(...)):
+
+@app.delete("/api/delete-file")
+async def delete_file(request: Request, file_path: str):
+    """删除媒体文件"""
     try:
-        top_protected_dir = get_top_protected_directory(dir_path)
-        if not top_protected_dir:
-            return {"success": True, "message": "目录不受保护"}
-        
-        cookie_key = get_safe_cookie_key(top_protected_dir)
-        response = JSONResponse({"success": True, "message": "已清除访问权限"})
-        response.delete_cookie(cookie_key)
-        
-        return response
+        full_path = safe_join(VIDEO_ROOT, urllib.parse.unquote(file_path))
+        media_dir = (
+            path_relative_to(full_path.parent, VIDEO_ROOT)
+            if path_is_relative_to(full_path.parent, VIDEO_ROOT)
+            else str(full_path.parent)
+        )
+
+        if is_protected_directory(media_dir) and not await check_dir_access(media_dir, request):
+            raise HTTPException(status_code=403, detail="需要密码访问")
+
+        if not full_path.exists():
+            raise HTTPException(status_code=404, detail="文件不存在")
+        if not full_path.is_file():
+            raise HTTPException(status_code=400, detail="路径不是文件")
+
+        full_path.unlink()
+        logger.info(f"文件删除成功: {full_path}")
+        return {"success": True, "message": f"文件 {full_path.name} 删除成功"}
+    except HTTPException:
+        raise
     except Exception as e:
-        logger.error(f"Clear auth error: {e}")
-        return {"success": False, "message": f"清除失败: {str(e)}"}
+        logger.error(f"删除文件失败: {e}")
+        return {"success": False, "message": f"删除失败: {str(e)}"}
 
 
-@app.get("/api/protected-directories")
-async def get_protected_dirs():
-    return {"protected_dirs": get_protected_directories()}
+@app.delete("/api/delete-directory")
+async def delete_directory(request: Request, dir_path: str):
+    """删除目录（仅允许删除空目录）"""
+    try:
+        full_path = safe_join(VIDEO_ROOT, urllib.parse.unquote(dir_path))
+        rel_path = (
+            path_relative_to(full_path, VIDEO_ROOT)
+            if path_is_relative_to(full_path, VIDEO_ROOT)
+            else str(full_path)
+        )
+
+        if not full_path.exists():
+            raise HTTPException(status_code=404, detail="目录不存在")
+        if not full_path.is_dir():
+            raise HTTPException(status_code=400, detail="路径不是目录")
+        if full_path == VIDEO_ROOT:
+            raise HTTPException(status_code=403, detail="不允许删除根目录")
+
+        # 检查目录是否为空
+        if any(full_path.iterdir()):
+            raise HTTPException(status_code=409, detail="目录不为空，请先删除其中的文件")
+
+        full_path.rmdir()
+
+        # 同步清理密码记录
+        data = _read_password_data()
+        if rel_path in data:
+            del data[rel_path]
+            PASSWORD_FILE.write_text(json.dumps(data, indent=2, ensure_ascii=False), encoding="utf-8")
+
+        logger.info(f"目录删除成功: {full_path}")
+        return {"success": True, "message": f"目录 {full_path.name} 删除成功"}
+    except HTTPException:
+        raise
+    except Exception as e:
+        logger.error(f"删除目录失败: {e}")
+        return {"success": False, "message": f"删除失败: {str(e)}"}
+
+
+# ── 启动入口 ────────────────────────────────────────────────────────────────────
 
 def create_listen_sockets(port: int) -> list:
     sockets = []
 
-    # ===== IPv4 =====
+    # IPv4
     sock4 = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
     sock4.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-    sock4.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
+    try:
+        sock4.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
+    except (AttributeError, OSError):
+        pass  # SO_REUSEPORT 并非所有平台都支持
     sock4.bind(("0.0.0.0", port))
     sock4.listen(2048)
     sockets.append(sock4)
     logger.info(f"IPv4 监听: 0.0.0.0:{port}")
 
-    # ===== IPv6 =====
+    # IPv6（可选）
     try:
         sock6 = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
         sock6.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-        sock6.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
-        # 关键：必须是 1
+        try:
+            sock6.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
+        except (AttributeError, OSError):
+            pass
         sock6.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, 1)
         sock6.bind(("::", port))
         sock6.listen(2048)
@@ -736,6 +775,7 @@ def create_listen_sockets(port: int) -> list:
 
     return sockets
 
+
 def main():
     init_password_file()
     import uvicorn
@@ -747,10 +787,9 @@ def main():
         access_log=False,
         timeout_keep_alive=30
     )
-
     server = uvicorn.Server(config)
     server.run(sockets=sockets)
 
+
 if __name__ == "__main__":
     main()
-
diff --git a/nas-media-player.spec b/nas-media-player.spec
new file mode 100644
index 0000000..68991f9
--- /dev/null
+++ b/nas-media-player.spec
@@ -0,0 +1,140 @@
+# nas-media-player.spec
+# 使用方法：pyinstaller nas-media-player.spec
+
+import sys
+from pathlib import Path
+
+block_cipher = None
+
+a = Analysis(
+    ['nas-media-player.py'],
+    pathex=[],
+    binaries=[],
+    datas=[],
+    hiddenimports=[
+        # uvicorn 核心
+        'uvicorn',
+        'uvicorn.main',
+        'uvicorn.config',
+        'uvicorn.server',
+        'uvicorn.loops',
+        'uvicorn.loops.auto',
+        'uvicorn.loops.asyncio',
+        'uvicorn.protocols',
+        'uvicorn.protocols.http',
+        'uvicorn.protocols.http.auto',
+        'uvicorn.protocols.http.h11_impl',
+        'uvicorn.protocols.http.httptools_impl',
+        'uvicorn.protocols.websockets',
+        'uvicorn.protocols.websockets.auto',
+        'uvicorn.protocols.websockets.websockets_impl',
+        'uvicorn.protocols.websockets.wsproto_impl',
+        'uvicorn.lifespan',
+        'uvicorn.lifespan.off',
+        'uvicorn.lifespan.on',
+        'uvicorn.logging',
+        'uvicorn.middleware',
+        'uvicorn.middleware.asgi2',
+        'uvicorn.middleware.message_logger',
+        'uvicorn.middleware.proxy_headers',
+
+        # fastapi / starlette
+        'fastapi',
+        'fastapi.routing',
+        'fastapi.middleware',
+        'fastapi.middleware.cors',
+        'fastapi.staticfiles',
+        'fastapi.responses',
+        'starlette',
+        'starlette.routing',
+        'starlette.middleware',
+        'starlette.middleware.cors',
+        'starlette.staticfiles',
+        'starlette.responses',
+        'starlette.background',
+        'starlette.concurrency',
+        'starlette.datastructures',
+        'starlette.exceptions',
+        'starlette.formparsers',
+        'starlette.requests',
+        'starlette.types',
+        'starlette.websockets',
+
+        # HTTP 解析库（uvicorn 可选依赖，打包时都带上）
+        'h11',
+        'httptools',
+        'anyio',
+        'anyio._backends._asyncio',
+        'anyio._backends._trio',
+        'sniffio',
+
+        # aiofiles
+        'aiofiles',
+        'aiofiles.os',
+        'aiofiles.threadpool',
+
+        # pydantic（fastapi 依赖）
+        'pydantic',
+        'pydantic.v1',
+        'pydantic_core',
+
+        # 标准库补充
+        'multipart',
+        'python_multipart',
+        'email.mime.multipart',
+        'email.mime.text',
+
+        # 编码/哈希
+        'hashlib',
+        'hmac',
+
+        # 其他
+        'click',
+        'typing_extensions',
+    ],
+    hookspath=[],
+    hooksconfig={},
+    runtime_hooks=[],
+    excludes=[
+        # 排除不需要的大型库，减小体积
+        'tkinter',
+        'matplotlib',
+        'numpy',
+        'pandas',
+        'PIL',
+        'scipy',
+        'IPython',
+        'jupyter',
+        'notebook',
+        'test',
+        'unittest',
+    ],
+    win_no_prefer_redirects=False,
+    win_private_assemblies=False,
+    cipher=block_cipher,
+    noarchive=False,
+)
+
+pyz = PYZ(a.pure, a.zipped_data, cipher=block_cipher)
+
+exe = EXE(
+    pyz,
+    a.scripts,
+    a.binaries,
+    a.zipfiles,
+    a.datas,
+    [],
+    name='nas-media-player',  # 输出的二进制名
+    debug=False,
+    bootloader_ignore_signals=False,
+    strip=True,               # strip 调试符号，减小体积
+    upx=True,                 # 若系统有 upx 则进一步压缩
+    upx_exclude=[],
+    runtime_tmpdir=None,
+    console=True,
+    disable_windowed_traceback=False,
+    argv_emulation=False,
+    target_arch=None,
+    codesign_identity=None,
+    entitlements_file=None,
+)
diff --git a/releases/README.md b/releases/README.md
deleted file mode 100644
index 57ca204..0000000
--- a/releases/README.md
+++ /dev/null
@@ -1,25 +0,0 @@
-## 打包二进制制作方法
-
-```
-apt update && apt install -y python3 python3-pip python3-dev gcc g++ make libffi-dev libssl-dev patchelf
-pip_select.sh
-pip3 install fastapi uvicorn aiofiles python-multipart pyinstaller
-
-```
-
-```
-pyinstaller --onefile --name=nas-media-player-armhf --distpath=dist --workpath=tmp --clean --exclude-module=tkinter --exclude-module=unittest --exclude-module=sqlite3 nas-media-player.py
-pyinstaller --onefile --name=nas-media-player-arm64 --distpath=dist --workpath=tmp --clean --exclude-module=tkinter --exclude-module=unittest --exclude-module=sqlite3 nas-media-player.py
-pyinstaller --onefile --name=nas-media-player-x86_64 --distpath=dist --workpath=tmp --clean --exclude-module=tkinter --exclude-module=unittest --exclude-module=sqlite3 nas-media-player.py
-
-~/.local/bin/pyinstaller --onefile --name=nas-media-player-x86_64 --distpath=dist --workpath=tmp --clean --exclude-module=tkinter --exclude-module=unittest --exclude-module=sqlite3 nas-media-player.py
-
-```    
-    
-```
-chmod +x dist/nas-media-player-x86_64
-
-./dist/nas-media-player-x86_64
-```
-
-
diff --git a/releases/nas-media-player-arm64 b/releases/nas-media-player-arm64
deleted file mode 100755
index 11cce91..0000000
Binary files a/releases/nas-media-player-arm64 and /dev/null differ
diff --git a/releases/nas-media-player-armhf b/releases/nas-media-player-armhf
deleted file mode 100755
index eabf4fd..0000000
Binary files a/releases/nas-media-player-armhf and /dev/null differ
diff --git a/releases/nas-media-player-x86_64 b/releases/nas-media-player-x86_64
deleted file mode 100755
index 318d380..0000000
Binary files a/releases/nas-media-player-x86_64 and /dev/null differ