Update app.py

app.py

@@ -45,7 +45,7 @@ BASE_STYLE = '''
     --glass-bg: rgba(30, 30, 30, 0.7); --transition: all 0.3s cubic-bezier(0.25, 0.8, 0.25, 1);
     --delete-color: #ff4444; --folder-color: #ffc107; --selection-color: rgba(139, 92, 246, 0.3);
     --note-color: #6a5acd; --share-color: #4caf50; --archive-color: #78909c;
-    --todolist-color: #29b6f6; --shoppinglist-color: #ffa726;
+    --todolist-color: #29b6f6; --shoppinglist-color: #ffa726; --business-color: #fca5a5;
 }
 @keyframes spin { 0% { transform: rotate(0deg); } 100% { transform: rotate(360deg); } }
 * { margin: 0; padding: 0; box-sizing: border-box; }
@@ -55,14 +55,15 @@ body { font-family: 'Inter', -apple-system, BlinkMacSystemFont, "Segoe UI", Robo
 .app-header { position: fixed; top: 0; left: 0; right: 0; background: var(--glass-bg); backdrop-filter: blur(10px); -webkit-backdrop-filter: blur(10px); border-bottom: 1px solid rgba(255,255,255,0.1); z-index: 1000; padding: 10px 20px; display: flex; justify-content: space-between; align-items: center; }
 .user-info { font-weight: 600; }
 .view-toggle { display: flex; align-items: center; gap: 5px; }
-.view-toggle button { background: none; border: none; color: var(--text-muted); font-size: 1.2em; padding: 5px; cursor: pointer; transition: var(--transition); }
-.view-toggle button:hover, .view-toggle button.active { color: var(--primary); }
+.view-toggle button, .view-toggle a { background: none; border: none; color: var(--text-muted); font-size: 1.2em; padding: 5px; cursor: pointer; transition: var(--transition); text-decoration: none;}
+.view-toggle button:hover, .view-toggle button.active, .view-toggle a:hover { color: var(--primary); }
 h2, h3, h4, h5 { color: var(--text-dark); }
 h2 { font-size: 1.3em; margin-bottom: 15px; margin-top: 15px; }
 .breadcrumbs { font-size: 1em; margin-bottom: 20px; white-space: nowrap; overflow-x: auto; -webkit-overflow-scrolling: touch; }
 .breadcrumbs a { color: var(--accent); text-decoration: none; }
 .breadcrumbs span { margin: 0 5px; color: var(--text-muted); }
 input, select, textarea { width: 100%; padding: 14px; margin: 8px 0; border: 1px solid #333; border-radius: 12px; background: #2a2a2a; color: var(--text-dark); font-size: 1em; }
+label { display: block; margin-top: 10px; font-weight: 500; font-size: 0.9em;}
 .btn { padding: 12px 24px; background: var(--primary); color: white; border: none; border-radius: 12px; cursor: pointer; font-size: 1em; font-weight: 600; transition: var(--transition); text-decoration: none; display: inline-block; text-align: center; }
 .btn:hover { filter: brightness(1.2); }
 .btn:active { transform: scale(0.98); }
@@ -121,6 +122,7 @@ input, select, textarea { width: 100%; padding: 14px; margin: 8px 0; border: 1px
 #fab-option-folder i { color: var(--folder-color); }
 #fab-option-todolist i { color: var(--todolist-color); }
 #fab-option-shoppinglist i { color: var(--shoppinglist-color); }
+#fab-option-business i { color: var(--business-color); }
 #create-folder-form { display: none; margin-top: 15px; }
 .shared-link-item { display: flex; justify-content: space-between; align-items: center; padding: 8px; border-bottom: 1px solid #333; }
 .shared-link-item:last-child { border-bottom: none; }
@@ -142,6 +144,14 @@ input, select, textarea { width: 100%; padding: 14px; margin: 8px 0; border: 1px
 .public-list-item label { flex-grow: 1; cursor: pointer; }
 .public-list-item.purchased label { text-decoration: line-through; color: var(--text-muted); }
 .public-list-item .quantity { font-weight: bold; color: var(--secondary); background: #2a2a2a; padding: 2px 8px; border-radius: 6px; }
+.form-group { margin-bottom: 15px; }
+.form-group label { margin-bottom: 5px; }
+.form-group small { color: var(--text-muted); font-size: 0.8em; }
+.page-card { background: var(--card-bg-dark); border-radius: 16px; padding: 15px; margin-bottom: 15px; display: flex; justify-content: space-between; align-items: center; gap: 10px; }
+.page-card-info { flex-grow: 1; }
+.page-card-info h4 { margin: 0 0 5px 0; }
+.page-card-info a { color: var(--accent); text-decoration: none; font-size: 0.9em; }
+.page-card-actions { display: flex; gap: 8px; }
 '''
 
 PUBLIC_SHARE_PAGE_HTML = '''
@@ -292,6 +302,13 @@ body { padding-bottom: 30px; }
 </body></html>
 '''
 
+def hf_file_url(path, download=False):
+    if not path: return ""
+    base_url = f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{quote(path)}"
+    if download:
+        return f"{base_url}?download=true"
+    return base_url
+
 def find_node_by_id(filesystem, node_id):
     if not filesystem: return None, None
     if filesystem.get('id') == node_id:
@@ -392,24 +409,24 @@ def initialize_user_filesystem_tma(user_data, tma_user_id_str):
              }
              add_node(user_data['filesystem'], 'root', file_node)
         del user_data['files']
-    if 'business_profiles' not in user_data:
-        user_data['business_profiles'] = []
 
 @cache.memoize(timeout=300)
 def load_data():
     try:
         download_db_from_hf()
         with open(DATA_FILE, 'r', encoding='utf-8') as file: data = json.load(file)
-        if not isinstance(data, dict): data = {'users': {}, 'shared_links': {}}
+        if not isinstance(data, dict): data = {'users': {}, 'shared_links': {}, 'business_pages': {}}
         data.setdefault('users', {})
         data.setdefault('shared_links', {})
+        data.setdefault('business_pages', {})
         for tma_user_id_str, user_data_item in data['users'].items():
             initialize_user_filesystem_tma(user_data_item, tma_user_id_str)
             user_data_item.setdefault('reminders', [])
+            user_data_item.setdefault('business_pages', [])
         return data
     except Exception as e:
         logging.error(f"Error loading data: {e}")
-        return {'users': {}, 'shared_links': {}}
+        return {'users': {}, 'shared_links': {}, 'business_pages': {}}
 
 def save_data(data):
     with save_data_lock:
@@ -433,17 +450,17 @@ def upload_db_to_hf():
 def download_db_from_hf():
     if not HF_TOKEN_READ:
         if not os.path.exists(DATA_FILE):
-             with open(DATA_FILE, 'w', encoding='utf-8') as f: json.dump({'users': {}, 'shared_links': {}}, f)
+             with open(DATA_FILE, 'w', encoding='utf-8') as f: json.dump({'users': {}, 'shared_links': {}, 'business_pages': {}}, f)
         return
     try:
         hf_hub_download(repo_id=REPO_ID, filename=DATA_FILE, repo_type="dataset", token=HF_TOKEN_READ, local_dir=".", local_dir_use_symlinks=False)
     except (hf_utils.RepositoryNotFoundError, hf_utils.EntryNotFoundError):
         if not os.path.exists(DATA_FILE):
-            with open(DATA_FILE, 'w', encoding='utf-8') as f: json.dump({'users': {}, 'shared_links': {}}, f)
+            with open(DATA_FILE, 'w', encoding='utf-8') as f: json.dump({'users': {}, 'shared_links': {}, 'business_pages': {}}, f)
     except Exception as e:
         logging.error(f"Error downloading database: {e}")
         if not os.path.exists(DATA_FILE):
-            with open(DATA_FILE, 'w', encoding='utf-8') as f: json.dump({'users': {}, 'shared_links': {}}, f)
+            with open(DATA_FILE, 'w', encoding='utf-8') as f: json.dump({'users': {}, 'shared_links': {}, 'business_pages': {}}, f)
 
 def periodic_backup():
     while True:
@@ -510,6 +527,15 @@ def admin_browser_login_required(f):
         return f(*args, **kwargs)
     return decorated_function
 
+def tma_login_required(f):
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if 'telegram_user_id' not in session:
+            flash('Пожалуйста, авторизуйтесь через Telegram.', 'error')
+            return redirect(url_for('tma_entry_page'))
+        return f(*args, **kwargs)
+    return decorated_function
+
 TMA_ENTRY_HTML = '''
 <!DOCTYPE html><html lang="ru"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0">
 <title>Zeus Cloud TMA</title><script src="https://telegram.org/js/telegram-web-app.js"></script>
@@ -564,13 +590,11 @@ def auth_via_telegram():
             user_info['created_at'] = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
             user_info['filesystem'] = {"type": "folder", "id": "root", "name": "root", "children": []}
             user_info['reminders'] = []
-            user_info['business_profiles'] = []
+            user_info['business_pages'] = []
             data['users'][tma_user_id_str] = user_info
             initialize_user_filesystem_tma(data['users'][tma_user_id_str], tma_user_id_str)
         else:
             data['users'][tma_user_id_str].update(user_info)
-            if 'business_profiles' not in data['users'][tma_user_id_str]:
-                data['users'][tma_user_id_str]['business_profiles'] = []
 
         try: save_data(data)
         except Exception as e:
@@ -592,9 +616,7 @@ TMA_DASHBOARD_HTML_TEMPLATE = '''
 <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;800&display=swap" rel="stylesheet">
 <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
 <script src="https://telegram.org/js/telegram-web-app.js"></script>
-<style>''' + BASE_STYLE + '''
-#fab-option-business i { color: #4caf50; }
-</style></head><body>
+<style>''' + BASE_STYLE + '''</style></head><body>
 <div class="app-header">
     <div class="user-info">{{ display_name }}</div>
     <div class="view-toggle">
@@ -692,7 +714,7 @@ TMA_DASHBOARD_HTML_TEMPLATE = '''
         <div class="fab-option" id="fab-option-folder"><i class="fa-solid fa-folder-plus"></i><span>Папку</span></div>
         <div class="fab-option" id="fab-option-todolist" onclick="openListEditorModal(null, 'todolist')"><i class="fa-solid fa-list-check"></i><span>Список дел</span></div>
         <div class="fab-option" id="fab-option-shoppinglist" onclick="openListEditorModal(null, 'shoppinglist')"><i class="fa-solid fa-cart-shopping"></i><span>Покупки</span></div>
-        <a href="{{ url_for('tma_business_profiles') }}" class="fab-option" id="fab-option-business"><i class="fa-solid fa-briefcase"></i><span>Бизнес</span></a>
+        <div class="fab-option" id="fab-option-business" onclick="window.location.href='{{ url_for('my_business_pages') }}'"><i class="fa-solid fa-store"></i><span>Бизнес</span></div>
     </div>
     <form id="upload-form" method="POST" enctype="multipart/form-data" action="{{ url_for('tma_dashboard') }}" style="display:none;">
         <input type="hidden" name="current_folder_id" value="{{ current_folder_id }}">
@@ -1300,10 +1322,8 @@ ARCHIVED_LISTS_HTML = '''
 '''
 
 @app.route('/tma_dashboard', methods=['GET', 'POST'])
+@tma_login_required
 def tma_dashboard():
-    if 'telegram_user_id' not in session:
-        flash('Пожалуйста, авторизуйтесь через Telegram.', 'error')
-        return redirect(url_for('tma_entry_page'))
     tma_user_id = session['telegram_user_id']
     display_name = session.get('telegram_display_name', 'Пользователь')
     data = load_data()
@@ -1376,11 +1396,11 @@ def tma_dashboard():
 
     all_folders_for_move = get_all_folders(user_data['filesystem'])
 
-    return render_template_string(TMA_DASHBOARD_HTML_TEMPLATE, display_name=display_name, items=items_in_folder, current_folder_id=current_folder_id, current_folder=current_folder, parent_folder_id=parent_folder_id, breadcrumbs=breadcrumbs, hf_file_url_jinja=lambda path, download=False: f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{quote(path)}{'?download=true' if download else ''}", is_tma_user_admin_flag=is_admin_tma(), all_folders_for_move=all_folders_for_move)
+    return render_template_string(TMA_DASHBOARD_HTML_TEMPLATE, display_name=display_name, items=items_in_folder, current_folder_id=current_folder_id, current_folder=current_folder, parent_folder_id=parent_folder_id, breadcrumbs=breadcrumbs, hf_file_url_jinja=hf_file_url, is_tma_user_admin_flag=is_admin_tma(), all_folders_for_move=all_folders_for_move)
 
 @app.route('/tma_archive')
+@tma_login_required
 def tma_archive_view():
-    if 'telegram_user_id' not in session: return redirect(url_for('tma_entry_page'))
     tma_user_id = session['telegram_user_id']
     display_name = session.get('telegram_display_name', 'Пользователь')
     data = load_data()
@@ -1393,8 +1413,8 @@ def tma_archive_view():
     return render_template_string(ARCHIVED_LISTS_HTML, display_name=display_name, items=sorted_items)
 
 @app.route('/create_folder_tma', methods=['POST'])
+@tma_login_required
 def create_folder_tma():
-    if 'telegram_user_id' not in session: return redirect(url_for('tma_entry_page'))
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1462,12 +1482,12 @@ def public_download(token):
         return Response("Ошибка: Путь к файлу не найден.", status=500)
 
     try:
-        hf_url = f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{quote(hf_path)}"
+        hf_url_stream = hf_file_url(hf_path)
         headers = {}
         if HF_TOKEN_READ:
             headers["Authorization"] = f"Bearer {HF_TOKEN_READ}"
         
-        req = requests.get(hf_url, headers=headers, stream=True, allow_redirects=True)
+        req = requests.get(hf_url_stream, headers=headers, stream=True, allow_redirects=True)
         req.raise_for_status()
 
         encoded_filename = quote(original_filename)
@@ -1492,8 +1512,8 @@ def public_download(token):
         return Response(f'Ошибка скачивания файла: {e}', status=502)
 
 @app.route('/batch_download_tma')
+@tma_login_required
 def batch_download_tma():
-    if 'telegram_user_id' not in session: return Response("Unauthorized", 401)
     file_ids_str = request.args.get('file_ids')
     if not file_ids_str: return Response("No file IDs provided", 400)
     file_ids = file_ids_str.split(',')
@@ -1523,8 +1543,8 @@ def batch_download_tma():
             os.unlink(temp_zip_file.name)
 
 @app.route('/batch_delete_tma', methods=['POST'])
+@tma_login_required
 def batch_delete_tma():
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Не авторизован.'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1562,8 +1582,8 @@ def batch_delete_tma():
     return jsonify({'status': 'success', 'message': f'Удалено {success_count} элемент(ов).'})
 
 @app.route('/batch_move_tma', methods=['POST'])
+@tma_login_required
 def batch_move_tma():
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Не авторизован.'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1602,8 +1622,8 @@ def batch_move_tma():
     return jsonify({'status': 'success', 'message': f'Перемещено {moved_count} элемент(ов).'})
 
 @app.route('/batch_archive_tma', methods=['POST'])
+@tma_login_required
 def batch_archive_tma():
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Не авторизован.'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1627,8 +1647,8 @@ def batch_archive_tma():
     return jsonify({'status': 'error', 'message': 'Не найдено списков для архивации.'})
 
 @app.route('/batch_unarchive_tma', methods=['POST'])
+@tma_login_required
 def batch_unarchive_tma():
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Не авторизован.'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1657,11 +1677,11 @@ def get_text_content_tma(file_id):
     if not file_node or file_node.get('file_type') != 'text': return Response("Текстовый файл не найден", 404)
     hf_path = file_node.get('path')
     if not hf_path: return Response("Ошибка: путь к файлу отсутствует", 500)
-    file_url = f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{quote(hf_path)}?download=true"
+    file_url_path = hf_file_url(hf_path, download=True)
     try:
         req_headers = {};
         if HF_TOKEN_READ: req_headers["authorization"] = f"Bearer {HF_TOKEN_READ}"
-        response = requests.get(file_url, headers=req_headers)
+        response = requests.get(file_url_path, headers=req_headers)
         response.raise_for_status()
         if len(response.content) > 1 * 1024 * 1024: return Response("Файл слишком большой для предпросмотра.", 413)
         try: text_content = response.content.decode('utf-8')
@@ -1670,16 +1690,16 @@ def get_text_content_tma(file_id):
     except Exception as e: return Response(f"Ошибка загрузки: {e}", 502)
 
 @app.route('/get_note_tma/<note_id>')
+@tma_login_required
 def get_note_tma(note_id):
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Unauthorized'}), 401
     note_node = get_item_node_for_user(note_id)
     if not note_node or note_node.get('type') != 'note':
         return jsonify({'status': 'error', 'message': 'Note not found'}), 404
     return jsonify({'status': 'success', 'note': note_node})
 
 @app.route('/create_or_update_note_tma', methods=['POST'])
+@tma_login_required
 def create_or_update_note_tma():
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Unauthorized'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1717,16 +1737,16 @@ def create_or_update_note_tma():
         return jsonify({'status': 'error', 'message': f'Failed to save data: {e}'}), 500
 
 @app.route('/get_list_tma/<list_id>')
+@tma_login_required
 def get_list_tma(list_id):
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Unauthorized'}), 401
     list_node = get_item_node_for_user(list_id)
     if not list_node or list_node.get('type') not in ['todolist', 'shoppinglist']:
         return jsonify({'status': 'error', 'message': 'List not found'}), 404
     return jsonify({'status': 'success', 'list': list_node})
 
 @app.route('/create_or_update_list_tma', methods=['POST'])
+@tma_login_required
 def create_or_update_list_tma():
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Unauthorized'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1768,8 +1788,8 @@ def create_or_update_list_tma():
         return jsonify({'status': 'error', 'message': f'Failed to save data: {e}'}), 500
 
 @app.route('/get_reminders_tma')
+@tma_login_required
 def get_reminders_tma():
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Unauthorized'}), 401
     user_data = load_data()['users'].get(session['telegram_user_id'])
     if not user_data: return jsonify({'status': 'error', 'message': 'User not found'}), 404
     
@@ -1777,8 +1797,8 @@ def get_reminders_tma():
     return jsonify({'status': 'success', 'reminders': reminders})
 
 @app.route('/create_reminder_tma', methods=['POST'])
+@tma_login_required
 def create_reminder_tma():
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Unauthorized'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1814,8 +1834,8 @@ def create_reminder_tma():
         return jsonify({'status': 'error', 'message': f'Failed to save: {e}'}), 500
 
 @app.route('/delete_reminder_tma/<reminder_id>', methods=['POST'])
+@tma_login_required
 def delete_reminder_tma(reminder_id):
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Unauthorized'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1837,8 +1857,8 @@ def tma_logout():
     return redirect(url_for('tma_entry_page'))
 
 @app.route('/create_public_link', methods=['POST'])
+@tma_login_required
 def create_public_link():
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Не авторизован.'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1878,8 +1898,8 @@ def create_public_link():
         return jsonify({'status': 'error', 'message': f'Ошибка сохранения: {e}'}), 500
 
 @app.route('/delete_public_link', methods=['POST'])
+@tma_login_required
 def delete_public_link():
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Не авторизован.'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     
@@ -1905,8 +1925,8 @@ def delete_public_link():
         return jsonify({'status': 'error', 'message': f'Ошибка сохранения: {e}'}), 500
 
 @app.route('/get_public_links/<item_id>')
+@tma_login_required
 def get_public_links(item_id):
-    if 'telegram_user_id' not in session: return jsonify({'status': 'error', 'message': 'Не авторизован.'}), 401
     tma_user_id = session['telegram_user_id']
     data = load_data()
     user_data = data['users'].get(tma_user_id)
@@ -1978,7 +1998,7 @@ def shared_folder_view(link_id, subfolder_id=None):
         
     items_in_folder = sorted(folder_node.get('children', []), key=lambda x: (x['type'] != 'folder', x.get('name', x.get('original_filename', x.get('title', ''))).lower()))
 
-    return render_template_string(PUBLIC_SHARE_PAGE_HTML, folder=folder_node, items=items_in_folder, user=user_data, link=link_data, hf_file_url_jinja=lambda path, download=False: f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{quote(path)}{'?download=true' if download else ''}")
+    return render_template_string(PUBLIC_SHARE_PAGE_HTML, folder=folder_node, items=items_in_folder, user=user_data, link=link_data, hf_file_url_jinja=hf_file_url)
 
 @app.route('/public_download/<link_id>/<item_id>')
 def public_download_via_link(link_id, item_id):
@@ -2051,6 +2071,266 @@ def public_toggle_item(link_id, item_id):
     else:
         return jsonify({'status': 'error', 'message': 'Элемент в списке не найден.'}), 404
 
+# --- BUSINESS PAGES START ---
+
+USER_BUSINESS_PAGES_LIST_HTML = '''
+<!DOCTYPE html><html lang="ru"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no">
+<title>Мои бизнес-страницы</title>
+<link rel="preconnect" href="https://fonts.googleapis.com"><link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;800&display=swap" rel="stylesheet">
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
+<script src="https://telegram.org/js/telegram-web-app.js"></script>
+<style>''' + BASE_STYLE + '''</style></head><body>
+<div class="app-header">
+    <div class="user-info">{{ display_name }}</div>
+    <div class="view-toggle"><a href="{{ url_for('tma_dashboard') }}"><i class="fa-solid fa-arrow-left"></i></a></div>
+</div>
+<div class="container">
+    <div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 20px;">
+        <h2>Мои бизнес-страницы</h2>
+        <a href="{{ url_for('create_business_page') }}" class="btn" style="background:var(--accent);"><i class="fa-solid fa-plus"></i> Создать</a>
+    </div>
+    {% with messages = get_flashed_messages(with_categories=true) %}{% if messages %}
+        {% for category, message in messages %}<div class="flash {{ category }}">{{ message }}</div>{% endfor %}
+    {% endif %}{% endwith %}
+
+    {% for page in pages %}
+    <div class="page-card">
+        <div class="page-card-info">
+            <h4>{{ page.org_name }}</h4>
+            <a href="{{ url_for('public_business_page', login=page.login, _external=True) }}" target="_blank">/b/{{ page.login }}</a>
+        </div>
+        <div class="page-card-actions">
+            <a href="{{ url_for('manage_business_page', login=page.login) }}" class="btn" title="Управлять"><i class="fa-solid fa-store"></i></a>
+            <a href="{{ url_for('edit_business_page', login=page.login) }}" class="btn folder-btn" title="Настройки"><i class="fa-solid fa-gear"></i></a>
+        </div>
+    </div>
+    {% else %}
+    <p>У вас еще нет бизнес-страниц. Нажмите "Создать", чтобы начать.</p>
+    {% endfor %}
+</div>
+<script>
+    window.Telegram.WebApp.ready();
+    window.Telegram.WebApp.expand();
+    let backButton = window.Telegram.WebApp.BackButton;
+    backButton.show();
+    backButton.onClick(() => { window.location.href = `{{ url_for('tma_dashboard') }}`; });
+</script>
+</body></html>
+'''
+
+CREATE_EDIT_BUSINESS_PAGE_HTML = '''
+<!DOCTYPE html><html lang="ru"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no">
+<title>{{ 'Редактирова��ь' if page else 'Создать' }} бизнес-страницу</title>
+<link rel="preconnect" href="https://fonts.googleapis.com"><link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;800&display=swap" rel="stylesheet">
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
+<script src="https://telegram.org/js/telegram-web-app.js"></script>
+<style>''' + BASE_STYLE + '''</style></head><body>
+<div class="app-header">
+    <div class="user-info">{{ display_name }}</div>
+    <div class="view-toggle"><a href="{{ url_for('my_business_pages') }}"><i class="fa-solid fa-arrow-left"></i></a></div>
+</div>
+<div class="container">
+    <h2>{{ 'Редактировать' if page else 'Создать' }} бизнес-страницу</h2>
+    {% with messages = get_flashed_messages(with_categories=true) %}{% if messages %}
+        {% for category, message in messages %}<div class="flash {{ category }}">{{ message }}</div>{% endfor %}
+    {% endif %}{% endwith %}
+    
+    <form method="POST" enctype="multipart/form-data">
+        <div class="form-group">
+            <label for="org_name">Название организации</label>
+            <input type="text" id="org_name" name="org_name" value="{{ page.org_name or '' }}" required>
+        </div>
+        <div class="form-group">
+            <label for="login">Логин (URL)</label>
+            <input type="text" id="login" name="login" value="{{ page.login or '' }}" pattern="[a-zA-Z0-9_\\-]+" {{ 'readonly' if page }} required>
+            <small>Только латинские буквы, цифры, дефис и подчеркивание. Это будет часть URL вашей страницы. Изменить будет нельзя.</small>
+        </div>
+        <div class="form-group">
+            <label for="avatar">Аватар (необязательно)</label>
+            <input type="file" id="avatar" name="avatar" accept="image/*">
+            {% if page and page.avatar_path %}
+            <small>Текущий аватар:</small>
+            <img src="{{ hf_file_url_jinja(page.avatar_path) }}" style="width: 80px; height: 80px; border-radius: 50%; margin-top: 10px;">
+            {% endif %}
+        </div>
+        <div class="form-group">
+            <label for="currency">Валюта</label>
+            <select id="currency" name="currency" required>
+                <option value="KZT" {% if page and page.currency == 'KZT' %}selected{% endif %}>Тенге (KZT)</option>
+                <option value="RUB" {% if page and page.currency == 'RUB' %}selected{% endif %}>Рубль (RUB)</option>
+                <option value="KGS" {% if page and page.currency == 'KGS' %}selected{% endif %}>Кыргызский сом (KGS)</option>
+                <option value="UZS" {% if page and page.currency == 'UZS' %}selected{% endif %}>Узбекский сум (UZS)</option>
+                <option value="UAH" {% if page and page.currency == 'UAH' %}selected{% endif %}>Украинская гривна (UAH)</option>
+            </select>
+        </div>
+        <div class="form-group">
+            <label>Указывать цены?</label>
+            <input type="checkbox" id="show_prices" name="show_prices" value="true" {% if page and page.show_prices %}checked{% endif %} style="width:auto;height:auto;">
+        </div>
+        <div class="form-group">
+            <label for="order_destination">Куда будут приходить заказы?</label>
+            <select id="order_destination" name="order_destination" required>
+                <option value="whatsapp" {% if page and page.order_destination == 'whatsapp' %}selected{% endif %}>WhatsApp</option>
+                <option value="telegram" {% if page and page.order_destination == 'telegram' %}selected{% endif %}>Telegram</option>
+            </select>
+        </div>
+        <div class="form-group">
+            <label for="contact_phone">Номер телефона или username</label>
+            <input type="text" id="contact_phone" name="contact_phone" value="{{ page.contact_phone or '' }}" required>
+            <small>Для WhatsApp укажите полный номер с кодом страны (например, 77001234567). Для Telegram - username без @.</small>
+        </div>
+        <button type="submit" class="btn" style="width: 100%; margin-top: 15px;">{{ 'Сохранить' if page else 'Создать' }}</button>
+    </form>
+    {% if page %}
+    <form action="{{ url_for('delete_business_page', login=page.login) }}" method="POST" onsubmit="return confirm('Вы уверены, что хотите удалить эту страницу? Это действие необратимо.');">
+         <button type="submit" class="btn delete-btn" style="width: 100%; margin-top: 10px;">Удалить страницу</button>
+    </form>
+    {% endif %}
+</div>
+<script>
+    window.Telegram.WebApp.ready();
+    window.Telegram.WebApp.expand();
+    let backButton = window.Telegram.WebApp.BackButton;
+    backButton.show();
+    backButton.onClick(() => { window.location.href = `{{ url_for('my_business_pages') }}`; });
+</script>
+</body></html>
+'''
+
+MANAGE_PRODUCTS_HTML = '''
+<!DOCTYPE html><html lang="ru"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no">
+<title>Управление: {{ page.org_name }}</title>
+<link rel="preconnect" href="https://fonts.googleapis.com"><link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;800&display=swap" rel="stylesheet">
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
+<script src="https://telegram.org/js/telegram-web-app.js"></script>
+<style>''' + BASE_STYLE + '''
+.product-card {
+    display: flex; gap: 15px; background: var(--card-bg-dark); padding: 10px; border-radius: 12px; margin-bottom: 10px; align-items: center;
+}
+.product-img { width: 80px; height: 80px; object-fit: cover; border-radius: 8px; flex-shrink: 0;}
+.product-info { flex-grow: 1; }
+.product-info h5 { margin: 0; }
+.product-price { font-weight: bold; color: var(--secondary); }
+.add-product-form { background: var(--card-bg-dark); padding: 20px; border-radius: 16px; margin-top: 25px; }
+</style></head><body>
+<div class="app-header">
+    <div class="user-info">{{ page.org_name }}</div>
+    <div class="view-toggle"><a href="{{ url_for('my_business_pages') }}"><i class="fa-solid fa-arrow-left"></i></a></div>
+</div>
+<div class="container">
+    <h2>Товары</h2>
+    {% with messages = get_flashed_messages(with_categories=true) %}{% if messages %}
+        {% for category, message in messages %}<div class="flash {{ category }}">{{ message }}</div>{% endfor %}
+    {% endif %}
+    
+    <div>
+    {% for product in page.products %}
+        <div class="product-card">
+            <img src="{{ hf_file_url_jinja(product.photo_path) }}" class="product-img">
+            <div class="product-info">
+                <h5>{{ product.name }}</h5>
+                <p style="font-size:0.8em; color:var(--text-muted);">{{ product.description | truncate(80) }}</p>
+                {% if page.show_prices %}<span class="product-price">{{ product.price }} {{ page.currency }}</span>{% endif %}
+            </div>
+            <form action="{{ url_for('delete_product', login=page.login, product_id=product.id) }}" method="POST" onsubmit="return confirm('Удалить товар?');">
+                <button type="submit" class="btn delete-btn" style="padding: 8px 12px;"><i class="fa fa-trash"></i></button>
+            </form>
+        </div>
+    {% else %}
+        <p>У вас еще нет товаров.</p>
+    {% endfor %}
+    </div>
+
+    <div class="add-product-form">
+        <h4>Добавить новый товар</h4>
+        <form method="POST" action="{{ url_for('add_product', login=page.login) }}" enctype="multipart/form-data">
+            <div class="form-group">
+                <label for="name">Название товара</label>
+                <input type="text" name="name" required>
+            </div>
+             <div class="form-group">
+                <label for="description">Описание</label>
+                <textarea name="description" rows="3"></textarea>
+            </div>
+            {% if page.show_prices %}
+            <div class="form-group">
+                <label for="price">Цена</label>
+                <input type="number" step="any" name="price" required>
+            </div>
+            {% endif %}
+            <div class="form-group">
+                <label for="photo">Фото товара</label>
+                <input type="file" name="photo" accept="image/*" required>
+            </div>
+            <button type="submit" class="btn" style="width:100%;">Добавить</button>
+        </form>
+    </div>
+</div>
+<script>
+    window.Telegram.WebApp.ready();
+    window.Telegram.WebApp.expand();
+    let backButton = window.Telegram.WebApp.BackButton;
+    backButton.show();
+    backButton.onClick(() => { window.location.href = `{{ url_for('my_business_pages') }}`; });
+</script>
+</body></html>
+'''
+
+PUBLIC_BUSINESS_PAGE_HTML = '''
+<!DOCTYPE html><html lang="ru"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>{{ page.org_name }}</title>
+<link rel="preconnect" href="https://fonts.googleapis.com"><link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;800&display=swap" rel="stylesheet">
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
+<style>''' + BASE_STYLE + '''
+body { padding-bottom: 90px; }
+.page-header { text-align: center; padding: 20px; }
+.page-avatar { width: 100px; height: 100px; border-radius: 50%; object-fit: cover; margin: 0 auto 15px auto; border: 3px solid var(--card-bg-dark); }
+.product-grid { display: grid; grid-template-columns: repeat(auto-fill, minmax(250px, 1fr)); gap: 20px; }
+.product-item { background: var(--card-bg-dark); border-radius: 16px; overflow: hidden; text-align: left; }
+.product-item-img { width: 100%; height: 200px; object-fit: cover; }
+.product-item-content { padding: 15px; }
+.product-item-content h3 { margin: 0 0 5px 0; font-size: 1.1em; }
+.product-item-content p { font-size: 0.9em; color: var(--text-muted); margin-bottom: 10px; }
+.product-item-price { font-weight: 600; font-size: 1.2em; color: var(--secondary); }
+.contact-fab { position: fixed; bottom: 20px; right: 20px; z-index: 1000; }
+.contact-fab .btn { background: #25D366; width: 60px; height: 60px; border-radius: 50%; font-size: 1.8em; padding: 0; display: flex; align-items: center; justify-content: center;}
+.contact-fab .btn.telegram { background: #0088cc; }
+</style></head><body>
+<div class="page-header">
+    {% if page.avatar_path %}
+    <img src="{{ hf_file_url_jinja(page.avatar_path) }}" class="page-avatar">
+    {% endif %}
+    <h1>{{ page.org_name }}</h1>
+</div>
+<div class="container" style="padding-top: 0;">
+    <div class="product-grid">
+    {% for product in page.products %}
+        <div class="product-item">
+            <img src="{{ hf_file_url_jinja(product.photo_path) }}" class="product-item-img">
+            <div class="product-item-content">
+                <h3>{{ product.name }}</h3>
+                <p>{{ product.description }}</p>
+                {% if page.show_prices %}
+                <div class="product-item-price">{{ product.price }} {{ page.currency }}</div>
+                {% endif %}
+            </div>
+        </div>
+    {% else %}
+        <p>Товары скоро появятся.</p>
+    {% endfor %}
+    </div>
+</div>
+<div class="contact-fab">
+    <a href="{{ contact_url }}" class="btn {{ 'telegram' if page.order_destination == 'telegram' else '' }}" target="_blank">
+        <i class="fab {{ 'fa-telegram' if page.order_destination == 'telegram' else 'fa-whatsapp' }}"></i>
+    </a>
+</div>
+</body></html>
+'''
 
 ADMIN_LOGIN_HTML = '''
 <!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><title>Admin Login</title>
@@ -2114,6 +2394,7 @@ ADMIN_PANEL_HTML = '''
                 <span class="id">Created: {{ user.get('created_at', 'N/A') }}</span>
                 <span class="id">Items: <strong>{{ user.get('item_count', 0) }}</strong></span>
                 <span class="id">Reminders: <strong>{{ user.get('reminders', [])|length }}</strong></span>
+                 <span class="id">Business Pages: <strong>{{ user.get('business_pages', [])|length }}</strong></span>
             </div>
         </div>
         <div class="user-actions">
@@ -2430,7 +2711,7 @@ def admin_user_files(tma_user_id_str):
                                   current_folder_id=current_folder_id,
                                   current_folder=current_folder,
                                   breadcrumbs=breadcrumbs,
-                                  hf_file_url_jinja=lambda path, download=False: f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{quote(path)}{'?download=true' if download else ''}")
+                                  hf_file_url_jinja=hf_file_url)
 
 @app.route('/admhosto/user/<tma_user_id_str>/reminders')
 @admin_browser_login_required
@@ -2465,11 +2746,11 @@ def admin_get_text_content(tma_user_id_str, file_id):
     hf_path = file_node.get('path')
     if not hf_path:
         return Response("Error: file path is missing", 500)
-    file_url = f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{quote(hf_path)}?download=true"
+    file_url_path = hf_file_url(hf_path, download=True)
     try:
         req_headers = {}
         if HF_TOKEN_READ: req_headers["authorization"] = f"Bearer {HF_TOKEN_READ}"
-        response = requests.get(file_url, headers=req_headers)
+        response = requests.get(file_url_path, headers=req_headers)
         response.raise_for_status()
         if len(response.content) > 1 * 1024 * 1024:
             return Response("File too large for preview.", 413)
@@ -2554,274 +2835,207 @@ def admin_delete_reminder(tma_user_id_str, reminder_id):
         flash('Reminder not found.', 'error')
     return redirect(url_for('admin_user_reminders', tma_user_id_str=tma_user_id_str))
 
-def find_business_profile_by_login(login):
-    data = load_data()
-    for user_id, user_data in data.get('users', {}).items():
-        for profile in user_data.get('business_profiles', []):
-            if profile.get('login') == login:
-                return profile, user_data
-    return None, None
 
-def is_business_login_unique(login, user_id, profile_id=None):
+# --- BUSINESS PAGES ROUTES ---
+
+@app.route('/tma/my_business')
+@tma_login_required
+def my_business_pages():
+    tma_user_id = session['telegram_user_id']
+    display_name = session.get('telegram_display_name', 'Пользователь')
     data = load_data()
-    for uid, udata in data.get('users', {}).items():
-        for profile in udata.get('business_profiles', []):
-            if profile.get('login') == login:
-                if uid == user_id and profile.get('id') == profile_id:
-                    continue
-                return False
-    return True
-    
-BUSINESS_PROFILES_LIST_HTML = '''
-<!DOCTYPE html><html lang="ru"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no">
-<title>Бизнес-страницы</title>
-<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
-<script src="https://telegram.org/js/telegram-web-app.js"></script>
-<style>''' + BASE_STYLE + '''
-.profile-list-item { background: var(--card-bg-dark); border-radius: 12px; margin-bottom: 10px; padding: 15px; display: flex; justify-content: space-between; align-items: center; }
-.profile-details { text-align: left; }
-.profile-details a { color: var(--text-dark); text-decoration: none; font-weight: 600; }
-.profile-details small { color: var(--text-muted); display: block; }
-.profile-actions { display: flex; gap: 10px; }
-</style></head><body>
-<div class="app-header">
-    <div class="user-info">{{ display_name }}</div>
-    <a href="{{ url_for('tma_dashboard') }}" style="color: var(--text-muted); font-size: 1.2em; padding: 5px;"><i class="fa-solid fa-arrow-left"></i></a>
-</div>
-<div class="container">
-    <h2>Мои бизнес-страницы</h2>
-    {% with messages = get_flashed_messages(with_categories=true) %}{% if messages %}
-        {% for category, message in messages %}<div class="flash {{ category }}">{{ message }}</div>{% endfor %}
-    {% endif %}{% endwith %}
-    <a href="{{ url_for('tma_create_business_profile') }}" class="btn" style="width: 100%; margin-bottom: 20px;">Создать новую страницу</a>
-    <div class="profile-list">
-    {% for profile in profiles %}
-        <div class="profile-list-item">
-            <div class="profile-details">
-                <a href="{{ url_for('tma_manage_business_profile', profile_id=profile.id) }}"><strong>{{ profile.org_name }}</strong></a>
-                <small>/biz/{{ profile.login }}</small>
-            </div>
-            <div class="profile-actions">
-                <a href="{{ url_for('tma_manage_business_profile', profile_id=profile.id) }}" class="btn" style="padding: 8px 12px;"><i class="fa-solid fa-store"></i></a>
-            </div>
-        </div>
-    {% else %}
-        <p>У вас еще нет бизнес-страниц.</p>
-    {% endfor %}
-    </div>
-</div>
-<script>
-    window.Telegram.WebApp.ready();
-    window.Telegram.WebApp.BackButton.show();
-    window.Telegram.WebApp.BackButton.onClick(() => { window.location.href = "{{ url_for('tma_dashboard') }}"; });
-</script>
-</body></html>
-'''
+    user_data = data['users'][tma_user_id]
+    user_pages_logins = user_data.get('business_pages', [])
+    user_pages_details = [data['business_pages'][login] for login in user_pages_logins if login in data['business_pages']]
+    return render_template_string(USER_BUSINESS_PAGES_LIST_HTML, display_name=display_name, pages=user_pages_details)
 
-CREATE_EDIT_BUSINESS_PROFILE_HTML = '''
-<!DOCTYPE html><html lang="ru"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no">
-<title>{{ 'Редактировать' if profile else 'Создать' }} бизнес-страницу</title>
-<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
-<script src="https://telegram.org/js/telegram-web-app.js"></script>
-<style>''' + BASE_STYLE + '''</style></head><body>
-<div class="app-header">
-    <div class="user-info">{{ display_name }}</div>
-    <a href="{{ url_for('tma_business_profiles') }}" style="color: var(--text-muted); font-size: 1.2em; padding: 5px;"><i class="fa-solid fa-arrow-left"></i></a>
-</div>
-<div class="container">
-    <h2>{{ 'Редактировать' if profile else 'Создать' }} бизнес-страницу</h2>
-    {% with messages = get_flashed_messages(with_categories=true) %}{% if messages %}
-        {% for category, message in messages %}<div class="flash {{ category }}">{{ message }}</div>{% endfor %}
-    {% endif %}{% endwith %}
-    <form method="post" enctype="multipart/form-data">
-        <label for="org_name">Название организации</label>
-        <input type="text" name="org_name" value="{{ profile.org_name or '' }}" required>
-        
-        <label for="login">Логин (URL)</label>
-        <input type="text" name="login" value="{{ profile.login or '' }}" required pattern="[a-zA-Z0-9_.-]+" title="Только латинские буквы, цифры и символы _, -, .">
-        
-        <label for="avatar">Аватар (необязательно)</label>
-        <input type="file" name="avatar" accept="image/*">
-        
-        <label for="currency">Валюта</label>
-        <select name="currency" required>
-            {% set currencies = {'тенге': 'KZT', 'рубль': 'RUB', 'кыргызский сом': 'KGS', 'узбекский сум': 'UZS', 'украинская гривна': 'UAH'} %}
-            {% for name, code in currencies.items() %}
-            <option value="{{ code }}" {% if profile and profile.currency == code %}selected{% endif %}>{{ name }}</option>
-            {% endfor %}
-        </select>
-        
-        <label>
-            <input type="checkbox" name="show_prices" value="true" {% if profile and profile.show_prices %}checked{% endif %} style="width: auto; margin-right: 10px;">
-            Указывать цены
-        </label>
-        
-        <label for="order_destination">Куда будут приходить заказы?</label>
-        <select name="order_destination" required>
-            <option value="whatsapp" {% if profile and profile.order_destination == 'whatsapp' %}selected{% endif %}>WhatsApp</option>
-            <option value="telegram" {% if profile and profile.order_destination == 'telegram' %}selected{% endif %}>Telegram</option>
-        </select>
-        
-        <label for="contact_info">Номер телефона или username</label>
-        <input type="text" name="contact_info" value="{{ profile.contact_info or '' }}" placeholder="+7 (XXX) XXX-XX-XX или @username" required>
+@app.route('/tma/business/new', methods=['GET', 'POST'])
+@tma_login_required
+def create_business_page():
+    if request.method == 'POST':
+        tma_user_id = session['telegram_user_id']
+        data = load_data()
         
-        <button type="submit" class="btn" style="width: 100%; margin-top: 20px;">Сохранить</button>
-    </form>
-</div>
-<script>
-    window.Telegram.WebApp.ready();
-    window.Telegram.WebApp.BackButton.show();
-    window.Telegram.WebApp.BackButton.onClick(() => { window.location.href = "{{ url_for('tma_business_profiles') }}"; });
-</script>
-</body></html>
-'''
+        login = request.form.get('login', '').lower().strip()
+        if not re.match("^[a-zA-Z0-9_-]+$", login):
+            flash('Логин содержит недопустимые символы.', 'error')
+            return redirect(url_for('create_business_page'))
+        if login in data['business_pages']:
+            flash('Этот логин уже занят.', 'error')
+            return redirect(url_for('create_business_page'))
+
+        page_data = {
+            'owner_id': tma_user_id,
+            'login': login,
+            'org_name': request.form.get('org_name'),
+            'currency': request.form.get('currency'),
+            'show_prices': 'show_prices' in request.form,
+            'order_destination': request.form.get('order_destination'),
+            'contact_phone': request.form.get('contact_phone').strip(),
+            'products': [],
+            'avatar_path': None
+        }
 
-MANAGE_BUSINESS_PROFILE_HTML = '''
-<!DOCTYPE html><html lang="ru"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no">
-<title>Управление: {{ profile.org_name }}</title>
-<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
-<script src="https://telegram.org/js/telegram-web-app.js"></script>
-<style>''' + BASE_STYLE + '''
-.profile-header { text-align: center; margin-bottom: 20px; }
-.profile-avatar { width: 100px; height: 100px; border-radius: 50%; object-fit: cover; margin-bottom: 10px; background: #333; }
-.public-link-bar { background: var(--card-bg-dark); padding: 10px; border-radius: 12px; display: flex; justify-content: space-between; align-items: center; margin-bottom: 20px; }
-.public-link-bar input { background: transparent; border: none; color: var(--text-muted); margin: 0; padding: 0; }
-.product-card { background: var(--card-bg-dark); border-radius: 12px; margin-bottom: 15px; padding: 15px; text-align: left; }
-.product-card img { max-width: 100%; border-radius: 8px; margin-bottom: 10px; }
-.product-actions { display: flex; gap: 10px; margin-top: 15px; }
-.add-product-form { background: var(--card-bg-dark); padding: 20px; border-radius: 12px; margin-top: 25px; }
-</style></head><body>
-<div class="app-header">
-    <div class="user-info">{{ display_name }}</div>
-    <a href="{{ url_for('tma_business_profiles') }}" style="color: var(--text-muted); font-size: 1.2em; padding: 5px;"><i class="fa-solid fa-arrow-left"></i></a>
-</div>
-<div class="container">
-    {% with messages = get_flashed_messages(with_categories=true) %}{% if messages %}
-        {% for category, message in messages %}<div class="flash {{ category }}">{{ message }}</div>{% endfor %}
-    {% endif %}{% endwith %}
-    <div class="profile-header">
-        {% if profile.avatar_path %}
-            <img src="{{ hf_file_url_jinja(profile.avatar_path) }}" class="profile-avatar">
-        {% else %}
-            <div class="profile-avatar" style="display: inline-flex; align-items: center; justify-content: center; font-size: 3em; color: var(--primary);">{{ profile.org_name[0] }}</div>
-        {% endif %}
-        <h2>{{ profile.org_name }}</h2>
-        <a href="{{ url_for('tma_edit_business_profile', profile_id=profile.id) }}" class="btn" style="padding: 8px 15px; font-size: 0.9em;">Редактировать</a>
-    </div>
-    
-    <div class="public-link-bar">
-        <input type="text" value="{{ url_for('public_business_page', login=profile.login, _external=True) }}" readonly>
-        <button class="btn" onclick="copyToClipboard('{{ url_for('public_business_page', login=profile.login, _external=True) }}')" style="padding: 8px 12px;"><i class="fa-solid fa-copy"></i></button>
-    </div>
+        avatar = request.files.get('avatar')
+        if avatar and avatar.filename:
+            if not HF_TOKEN_WRITE:
+                flash('Загрузка аватара невозможна: токен не настроен.', 'error')
+                return redirect(url_for('create_business_page'))
+            try:
+                api = HfApi()
+                filename = secure_filename(avatar.filename)
+                hf_path = f"business_avatars/{login}/{filename}"
+                api.upload_file(path_or_fileobj=avatar.stream, path_in_repo=hf_path, repo_id=REPO_ID, repo_type="dataset", token=HF_TOKEN_WRITE)
+                page_data['avatar_path'] = hf_path
+            except Exception as e:
+                flash(f'Ошибка загрузки аватара: {e}', 'error')
+                return redirect(url_for('create_business_page'))
 
-    <h3>Товары</h3>
-    <div class="products-list">
-    {% for product in profile.products %}
-        <div class="product-card">
-            {% if product.photo_path %}<img src="{{ hf_file_url_jinja(product.photo_path) }}">{% endif %}
-            <h4>{{ product.name }}</h4>
-            {% if profile.show_prices %}<p style="color: var(--secondary); font-weight: 600;">{{ "%.2f"|format(product.price|float) }} {{ profile.currency }}</p>{% endif %}
-            <p style="white-space: pre-wrap; color: var(--text-muted);">{{ product.description }}</p>
-            <div class="product-actions">
-                <form method="post" action="{{ url_for('tma_delete_product', profile_id=profile.id, product_id=product.id) }}" onsubmit="return confirm('Удалить этот товар?');">
-                    <button type="submit" class="btn delete-btn" style="padding: 8px 15px;">Удалить</button>
-                </form>
-            </div>
-        </div>
-    {% else %}
-        <p>Вы еще не добавили ни одного товара.</p>
-    {% endfor %}
-    </div>
+        data['business_pages'][login] = page_data
+        data['users'][tma_user_id].setdefault('business_pages', []).append(login)
+        save_data(data)
+        flash('Бизнес-страница успешно создана!', 'success')
+        return redirect(url_for('my_business_pages'))
 
-    <div class="add-product-form">
-        <h4>Добавить новый товар</h4>
-        <form method="post" action="{{ url_for('tma_add_product', profile_id=profile.id) }}" enctype="multipart/form-data">
-            <label for="product_name">Название товара</label>
-            <input type="text" name="product_name" required>
-            
-            <label for="product_photo">Фото товара</label>
-            <input type="file" name="product_photo" accept="image/*" required>
-            
-            <label for="product_description">Описание</label>
-            <textarea name="product_description" rows="4"></textarea>
+    return render_template_string(CREATE_EDIT_BUSINESS_PAGE_HTML, display_name=session.get('telegram_display_name'), page=None, hf_file_url_jinja=hf_file_url)
 
-            {% if profile.show_prices %}
-            <label for="product_price">Цена ({{ profile.currency }})</label>
-            <input type="number" name="product_price" step="0.01" min="0">
-            {% endif %}
-            
-            <button type="submit" class="btn" style="width: 100%; margin-top: 15px;">Добавить товар</button>
-        </form>
-    </div>
-</div>
-<script>
-    window.Telegram.WebApp.ready();
-    window.Telegram.WebApp.BackButton.show();
-    window.Telegram.WebApp.BackButton.onClick(() => { window.location.href = "{{ url_for('tma_business_profiles') }}"; });
+@app.route('/tma/business/edit/<login>', methods=['GET', 'POST'])
+@tma_login_required
+def edit_business_page(login):
+    tma_user_id = session['telegram_user_id']
+    data = load_data()
+    page = data.get('business_pages', {}).get(login)
+    if not page or page['owner_id'] != tma_user_id:
+        flash('Страница не найдена или у вас нет доступа.', 'error')
+        return redirect(url_for('my_business_pages'))
 
-    function copyToClipboard(text) {
-        navigator.clipboard.writeText(text).then(() => {
-            window.Telegram.WebApp.HapticFeedback.notificationOccurred('success');
-            window.Telegram.WebApp.showAlert('Ссылка скопирована!');
-        }, () => {
-            window.Telegram.WebApp.HapticFeedback.notificationOccurred('error');
-        });
+    if request.method == 'POST':
+        page['org_name'] = request.form.get('org_name')
+        page['currency'] = request.form.get('currency')
+        page['show_prices'] = 'show_prices' in request.form
+        page['order_destination'] = request.form.get('order_destination')
+        page['contact_phone'] = request.form.get('contact_phone').strip()
+
+        avatar = request.files.get('avatar')
+        if avatar and avatar.filename:
+            if not HF_TOKEN_WRITE:
+                flash('Загрузка аватара невозможна: токен не настроен.', 'error')
+            else:
+                try:
+                    api = HfApi()
+                    filename = secure_filename(avatar.filename)
+                    hf_path = f"business_avatars/{login}/{filename}"
+                    api.upload_file(path_or_fileobj=avatar.stream, path_in_repo=hf_path, repo_id=REPO_ID, repo_type="dataset", token=HF_TOKEN_WRITE)
+                    page['avatar_path'] = hf_path
+                except Exception as e:
+                    flash(f'Ошибка загрузки аватара: {e}', 'error')
+        save_data(data)
+        flash('Настройки страницы обновлены.', 'success')
+        return redirect(url_for('my_business_pages'))
+
+    return render_template_string(CREATE_EDIT_BUSINESS_PAGE_HTML, display_name=session.get('telegram_display_name'), page=page, hf_file_url_jinja=hf_file_url)
+
+@app.route('/tma/business/delete/<login>', methods=['POST'])
+@tma_login_required
+def delete_business_page(login):
+    tma_user_id = session['telegram_user_id']
+    data = load_data()
+    page = data.get('business_pages', {}).get(login)
+    if not page or page['owner_id'] != tma_user_id:
+        flash('Страница не найдена или у вас нет доступа.', 'error')
+        return redirect(url_for('my_business_pages'))
+    
+    del data['business_pages'][login]
+    if login in data['users'][tma_user_id].get('business_pages', []):
+        data['users'][tma_user_id]['business_pages'].remove(login)
+    
+    save_data(data)
+    flash('Страница удалена.', 'success')
+    return redirect(url_for('my_business_pages'))
+
+@app.route('/tma/business/manage/<login>')
+@tma_login_required
+def manage_business_page(login):
+    tma_user_id = session['telegram_user_id']
+    data = load_data()
+    page = data.get('business_pages', {}).get(login)
+    if not page or page['owner_id'] != tma_user_id:
+        flash('Страница не найдена или у вас нет доступа.', 'error')
+        return redirect(url_for('my_business_pages'))
+    
+    return render_template_string(MANAGE_PRODUCTS_HTML, page=page, hf_file_url_jinja=hf_file_url)
+
+@app.route('/tma/business/manage/<login>/add_product', methods=['POST'])
+@tma_login_required
+def add_product(login):
+    tma_user_id = session['telegram_user_id']
+    data = load_data()
+    page = data.get('business_pages', {}).get(login)
+    if not page or page['owner_id'] != tma_user_id:
+        flash('Страница не найдена или у вас нет доступа.', 'error')
+        return redirect(url_for('my_business_pages'))
+    
+    photo = request.files.get('photo')
+    if not photo or not photo.filename:
+        flash('Фото товара обязательно.', 'error')
+        return redirect(url_for('manage_business_page', login=login))
+
+    product_id = uuid.uuid4().hex
+    if not HF_TOKEN_WRITE:
+        flash('Загрузка фото невозможна: токен не настроен.', 'error')
+        return redirect(url_for('manage_business_page', login=login))
+    try:
+        api = HfApi()
+        _, ext = os.path.splitext(secure_filename(photo.filename))
+        hf_path = f"business_products/{login}/{product_id}{ext}"
+        api.upload_file(path_or_fileobj=photo.stream, path_in_repo=hf_path, repo_id=REPO_ID, repo_type="dataset", token=HF_TOKEN_WRITE)
+    except Exception as e:
+        flash(f'Ошибка загрузки фото: {e}', 'error')
+        return redirect(url_for('manage_business_page', login=login))
+
+    new_product = {
+        'id': product_id,
+        'name': request.form.get('name'),
+        'description': request.form.get('description', ''),
+        'price': request.form.get('price', '0'),
+        'photo_path': hf_path
     }
-</script>
-</body></html>
-'''
+    page.setdefault('products', []).append(new_product)
+    save_data(data)
+    flash('Товар добавлен.', 'success')
+    return redirect(url_for('manage_business_page', login=login))
+
+@app.route('/tma/business/manage/<login>/delete_product/<product_id>', methods=['POST'])
+@tma_login_required
+def delete_product(login, product_id):
+    tma_user_id = session['telegram_user_id']
+    data = load_data()
+    page = data.get('business_pages', {}).get(login)
+    if not page or page['owner_id'] != tma_user_id:
+        flash('Страница не найдена или у вас нет доступа.', 'error')
+        return redirect(url_for('my_business_pages'))
+
+    page['products'] = [p for p in page.get('products', []) if p.get('id') != product_id]
+    save_data(data)
+    flash('Товар удален.', 'success')
+    return redirect(url_for('manage_business_page', login=login))
+
+@app.route('/b/<login>')
+def public_business_page(login):
+    data = load_data()
+    page = data.get('business_pages', {}).get(login)
+    if not page:
+        return "Страница не найдена.", 404
 
-PUBLIC_BUSINESS_PAGE_HTML = '''
-<!DOCTYPE html><html lang="ru"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>{{ profile.org_name }}</title>
-<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
-<style>''' + BASE_STYLE + '''
-body { padding-bottom: 80px; }
-.public-header { padding: 20px; text-align: center; }
-.public-avatar { width: 120px; height: 120px; border-radius: 50%; object-fit: cover; margin-bottom: 15px; border: 3px solid var(--card-bg-dark); }
-.product-grid { display: grid; grid-template-columns: repeat(auto-fill, minmax(250px, 1fr)); gap: 20px; }
-.product-public-card { background: var(--card-bg-dark); border-radius: 16px; overflow: hidden; text-align: left; }
-.product-public-card img { width: 100%; height: 200px; object-fit: cover; display: block; }
-.product-public-info { padding: 15px; }
-.product-public-info h4 { font-size: 1.2em; margin-bottom: 5px; }
-.product-public-info .price { font-size: 1.1em; font-weight: 600; color: var(--secondary); margin-bottom: 10px; }
-.product-public-info .desc { color: var(--text-muted); font-size: 0.9em; }
-.order-button-container { position: fixed; bottom: 0; left: 0; right: 0; padding: 15px; background: var(--glass-bg); backdrop-filter: blur(10px); text-align: center; }
-</style></head><body>
-<div class="public-header">
-    {% if profile.avatar_path %}
-        <img src="{{ hf_file_url_jinja(profile.avatar_path) }}" class="public-avatar">
-    {% else %}
-        <div class="public-avatar" style="display: inline-flex; align-items: center; justify-content: center; font-size: 4em; color: var(--primary);">{{ profile.org_name[0] }}</div>
-    {% endif %}
-    <h1>{{ profile.org_name }}</h1>
-</div>
-<div class="container" style="padding-top: 0;">
-    <div class="product-grid">
-    {% for product in profile.products %}
-        <div class="product-public-card">
-            {% if product.photo_path %}<img src="{{ hf_file_url_jinja(product.photo_path) }}">{% endif %}
-            <div class="product-public-info">
-                <h4>{{ product.name }}</h4>
-                {% if profile.show_prices and product.price is not none %}
-                    <p class="price">{{ "%.2f"|format(product.price|float) }} {{ profile.currency }}</p>
-                {% endif %}
-                <p class="desc">{{ product.description }}</p>
-            </div>
-        </div>
-    {% else %}
-        <p style="grid-column: 1 / -1; text-align: center;">Товары скоро появятся.</p>
-    {% endfor %}
-    </div>
-</div>
-<div class="order-button-container">
-    <a href="{{ order_link }}" target="_blank" class="btn" style="width: 100%; max-width: 400px; background: {{ '#25D366' if profile.order_destination == 'whatsapp' else '#0088cc' }};">
-        <i class="fa-brands fa-{{ 'whatsapp' if profile.order_destination == 'whatsapp' else 'telegram' }}"></i>
-        Заказать в {{ profile.order_destination.capitalize() }}
-    </a>
-</div>
-</body></html>
-'''
+    contact_url = '#'
+    if page.get('order_destination') == 'whatsapp':
+        phone = ''.join(filter(str.isdigit, page.get('contact_phone', '')))
+        contact_url = f"https://wa.me/{phone}"
+    elif page.get('order_destination') == 'telegram':
+        username = page.get('contact_phone', '').replace('@', '')
+        contact_url = f"https://t.me/{username}"
+
+    return render_template_string(PUBLIC_BUSINESS_PAGE_HTML, page=page, contact_url=contact_url, hf_file_url_jinja=hf_file_url)
 
 if __name__ == '__main__':
     if not HF_TOKEN_WRITE: logging.warning("HF_TOKEN (write) is not set. Uploads/deletions will fail.")
@@ -2834,7 +3048,7 @@ if __name__ == '__main__':
         download_db_from_hf()
     else:
         if not os.path.exists(DATA_FILE):
-             with open(DATA_FILE, 'w', encoding='utf-8') as f: json.dump({'users': {}, 'shared_links': {}}, f)
+             with open(DATA_FILE, 'w', encoding='utf-8') as f: json.dump({'users': {}, 'shared_links': {}, 'business_pages': {}}, f)
     
     if HF_TOKEN_WRITE:
         threading.Thread(target=periodic_backup, daemon=True).start()
@@ -2842,3 +3056,4 @@ if __name__ == '__main__':
     threading.Thread(target=check_reminders, daemon=True).start()
     
     app.run(debug=False, host='0.0.0.0', port=7860)
+