diff --git "a/app.py" "b/app.py"
--- "a/app.py"
+++ "b/app.py"
@@ -1,4 +1,4 @@
-# --- START OF FILE app (24).py ---
+
 
 import os
 import hmac
@@ -10,35 +10,37 @@ from flask_caching import Cache
 import logging
 import threading
 import time
-import shutil
 from datetime import datetime
 from huggingface_hub import HfApi, hf_hub_download, utils as hf_utils
 from werkzeug.utils import secure_filename
 import requests
 from io import BytesIO
 import uuid
-from typing import Union, Optional
+from typing import Union, Optional, Tuple, Any, Dict, List # Enhanced typing
 
+# --- Configuration ---
 app = Flask(__name__)
-app.secret_key = os.getenv("FLASK_SECRET_KEY", "supersecretkey_mini_app_unique")
-BOT_TOKEN = os.getenv('TELEGRAM_BOT_TOKEN', '6750208873:AAE2hvPlJ99dBdhGa_Brre0IIpUdOvXxHt4')
+app.secret_key = os.getenv("FLASK_SECRET_KEY", "supersecretkey_mini_app_unique_v2")
+BOT_TOKEN = os.getenv('TELEGRAM_BOT_TOKEN', '6750208873:AAE2hvPlJ99dBdhGa_Brre0IIpUdOvXxHt4') # MUST be set
 DATA_FILE = 'cloudeng_mini_app_data.json'
 DATA_FILE_TMP = DATA_FILE + '.tmp'
-DATA_FILE_BAK = DATA_FILE + '.bak'
+DATA_FILE_DOWNLOAD_TMP = DATA_FILE + '.download'
+DATA_FILE_CORRUPT = DATA_FILE + '.corrupt'
 REPO_ID = "Eluza133/Z1e1u"
 HF_TOKEN_WRITE = os.getenv("HF_TOKEN")
 HF_TOKEN_READ = os.getenv("HF_TOKEN_READ") or HF_TOKEN_WRITE
 UPLOAD_FOLDER = 'uploads_mini_app'
 os.makedirs(UPLOAD_FOLDER, exist_ok=True)
 
+# --- Caching and Logging ---
 cache = Cache(app, config={'CACHE_TYPE': 'simple'})
-logging.basicConfig(level=logging.INFO)
-
-AUTH_DATA_LIFETIME = 3600
+logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')
 
-data_lock = threading.Lock()
+# --- Constants ---
+AUTH_DATA_LIFETIME = 3600 # 1 hour validity for initData
 
-def find_node_by_id(filesystem, node_id):
+# --- Filesystem Utilities ---
+def find_node_by_id(filesystem: Dict[str, Any], node_id: str) -> Tuple[Optional[Dict[str, Any]], Optional[Dict[str, Any]]]:
     if not filesystem or not isinstance(filesystem, dict):
         return None, None
     if filesystem.get('id') == node_id:
@@ -51,70 +53,95 @@ def find_node_by_id(filesystem, node_id):
         current_node, parent = queue.pop(0)
         if current_node.get('type') == 'folder' and 'children' in current_node:
             for child in current_node.get('children', []):
-                 child_id = child.get('id')
-                 if not child_id: continue
+                child_id = child.get('id')
+                if not child_id: continue
 
-                 if child_id == node_id:
+                if child_id == node_id:
                     return child, current_node
-                 if child_id not in visited and child.get('type') == 'folder':
+                if child_id not in visited and isinstance(child, dict) and child.get('type') == 'folder':
                     visited.add(child_id)
                     queue.append((child, current_node))
     return None, None
 
-def add_node(filesystem, parent_id, node_data):
+def add_node(filesystem: Dict[str, Any], parent_id: str, node_data: Dict[str, Any]) -> bool:
     parent_node, _ = find_node_by_id(filesystem, parent_id)
     if parent_node and parent_node.get('type') == 'folder':
-        if 'children' not in parent_node:
+        if 'children' not in parent_node or not isinstance(parent_node['children'], list):
             parent_node['children'] = []
-        existing_ids = {child.get('id') for child in parent_node['children']}
-        if node_data.get('id') not in existing_ids:
+        existing_ids = {child.get('id') for child in parent_node['children'] if isinstance(child, dict)}
+        new_node_id = node_data.get('id')
+        if new_node_id and new_node_id not in existing_ids:
             parent_node['children'].append(node_data)
             return True
     return False
 
-def remove_node(filesystem, node_id):
+def remove_node(filesystem: Dict[str, Any], node_id: str) -> bool:
     node_to_remove, parent_node = find_node_by_id(filesystem, node_id)
-    if node_to_remove and parent_node and 'children' in parent_node:
+    if node_to_remove and parent_node and 'children' in parent_node and isinstance(parent_node['children'], list):
         original_length = len(parent_node['children'])
-        parent_node['children'] = [child for child in parent_node['children'] if child.get('id') != node_id]
+        parent_node['children'] = [child for child in parent_node['children'] if not isinstance(child, dict) or child.get('id') != node_id]
         return len(parent_node['children']) < original_length
     if node_to_remove and node_id == filesystem.get('id'):
         logging.warning("Attempted to remove root node directly.")
         return False
     return False
 
-def get_node_path_list(filesystem, node_id):
+def get_node_path_list(filesystem: Dict[str, Any], node_id: str) -> List[Dict[str, str]]:
     path_list = []
     current_id = node_id
     processed_ids = set()
-    while current_id and current_id not in processed_ids:
+    max_depth = 20 # Prevent infinite loops
+    depth = 0
+
+    while current_id and current_id not in processed_ids and depth < max_depth:
         processed_ids.add(current_id)
+        depth += 1
         node, parent = find_node_by_id(filesystem, current_id)
+
         if not node:
+            logging.warning(f"Node ID {current_id} not found during path generation.")
             break
+
         path_list.append({
             'id': node.get('id'),
             'name': node.get('name', node.get('original_filename', 'Unknown'))
         })
+
         if not parent:
+             if node.get('id') != 'root':
+                 logging.warning(f"Node {current_id} found but has no parent (and isn't root).")
              break
+
         parent_id = parent.get('id')
         if parent_id == current_id:
              logging.error(f"Filesystem loop detected at node {current_id}")
              break
         current_id = parent_id
-    if not any(p['id'] == 'root' for p in path_list):
-        path_list.append({'id': 'root', 'name': 'Root'})
+
+    if not path_list or path_list[-1].get('id') != 'root':
+         # Ensure root is always the first element conceptually (will be reversed)
+         if not any(p['id'] == 'root' for p in path_list):
+              path_list.append({'id': 'root', 'name': 'Root'})
+
+    # Reverse and deduplicate preserving order
     final_path = []
     seen_ids = set()
     for item in reversed(path_list):
-         if item['id'] not in seen_ids:
-              final_path.append(item)
-              seen_ids.add(item['id'])
+        item_id = item.get('id')
+        if item_id and item_id not in seen_ids:
+            final_path.append(item)
+            seen_ids.add(item_id)
+
+    if not final_path or final_path[0].get('id') != 'root':
+         logging.error(f"Path generation failed for {node_id}, missing root. Result: {final_path}")
+         # Fallback to just root if path is broken
+         return [{'id': 'root', 'name': 'Root'}]
+
     return final_path
 
-def initialize_user_filesystem(user_data):
-    if 'filesystem' not in user_data or not isinstance(user_data['filesystem'], dict) or user_data['filesystem'].get('id') != 'root':
+
+def initialize_user_filesystem(user_data: Dict[str, Any]):
+    if 'filesystem' not in user_data or not isinstance(user_data.get('filesystem'), dict) or not user_data['filesystem'].get('id') == 'root':
         user_data['filesystem'] = {
             "type": "folder",
             "id": "root",
@@ -122,112 +149,92 @@ def initialize_user_filesystem(user_data):
             "children": []
         }
 
-@cache.memoize(timeout=120)
-def load_data():
-    with data_lock:
-        logging.info("Attempting to load data...")
-        try:
-            download_db_from_hf()
-        except Exception as e:
-            logging.error(f"Failed to download latest DB from HF, will use local version if available: {e}")
-
-        loaded_data = None
-        files_to_try = [DATA_FILE, DATA_FILE_BAK]
-
-        for file_path in files_to_try:
-            try:
-                with open(file_path, 'r', encoding='utf-8') as file:
-                    data = json.load(file)
-                    if isinstance(data, dict) and 'users' in data:
-                        loaded_data = data
-                        logging.info(f"Successfully loaded data from {file_path}")
-                        if file_path == DATA_FILE_BAK:
-                             logging.warning("Loaded data from backup file. Original might be corrupt.")
-                             # Try to restore from backup immediately
-                             try:
-                                 shutil.copy2(DATA_FILE_BAK, DATA_FILE)
-                                 logging.info(f"Restored {DATA_FILE} from {DATA_FILE_BAK}")
-                             except Exception as copy_err:
-                                 logging.error(f"Failed to restore {DATA_FILE} from backup: {copy_err}")
-                        break
-                    else:
-                        logging.warning(f"Data in {file_path} is not a valid dict or missing 'users' key. Trying next.")
-            except FileNotFoundError:
-                logging.warning(f"{file_path} not found.")
-                continue
-            except json.JSONDecodeError:
-                logging.error(f"Error decoding JSON from {file_path}. Trying next.")
-                continue
-            except Exception as e:
-                logging.error(f"Unexpected error loading data from {file_path}: {e}")
-                continue
-
-        if loaded_data is None:
-            logging.critical(f"Failed to load data from both {DATA_FILE} and {DATA_FILE_BAK}. Initializing empty data structure.")
-            loaded_data = {'users': {}}
-
-        loaded_data.setdefault('users', {})
-        for user_id, user_data in loaded_data['users'].items():
-            initialize_user_filesystem(user_data)
-
-        logging.info("Data loading process complete.")
-        return loaded_data
-
-def save_data(data):
-    with data_lock:
-        logging.info("Attempting to save data...")
-        if not isinstance(data, dict) or 'users' not in data:
-            logging.error("Attempted to save invalid data structure. Aborting save.")
-            raise ValueError("Invalid data structure for saving")
-
-        # 1. Backup current file
-        if os.path.exists(DATA_FILE):
-            try:
-                shutil.copy2(DATA_FILE, DATA_FILE_BAK)
-                logging.info(f"Created backup: {DATA_FILE_BAK}")
-            except Exception as e:
-                logging.error(f"Failed to create backup file {DATA_FILE_BAK}: {e}")
-                # Decide if we should proceed without backup? For now, let's proceed but log error.
-
-        # 2. Write to temporary file
-        try:
-            with open(DATA_FILE_TMP, 'w', encoding='utf-8') as file:
-                json.dump(data, file, ensure_ascii=False, indent=4)
-            logging.info(f"Successfully wrote data to temporary file: {DATA_FILE_TMP}")
-        except Exception as e:
-            logging.error(f"Error writing data to temporary file {DATA_FILE_TMP}: {e}")
-            # Clean up temp file if it exists and failed
-            if os.path.exists(DATA_FILE_TMP):
-                try: os.remove(DATA_FILE_TMP)
-                except OSError: pass
-            raise # Re-raise the exception to prevent inconsistent state
-
-        # 3. Replace original file with temporary file (atomic operation on most systems)
-        try:
-            os.replace(DATA_FILE_TMP, DATA_FILE)
-            logging.info(f"Successfully replaced {DATA_FILE} with {DATA_FILE_TMP}")
-        except Exception as e:
-            logging.error(f"Error replacing {DATA_FILE} with {DATA_FILE_TMP}: {e}")
-            # Temp file still exists, original file (and backup) might be intact.
-            raise # Re-raise the exception
-
-        # 4. Clear cache and trigger HF upload (after successful local save)
+# --- Data Loading/Saving ---
+@cache.memoize(timeout=60) # Reduced timeout for faster reflection of changes
+def load_data() -> Dict[str, Any]:
+    try:
+        logging.info(f"Attempting to load data from {DATA_FILE}")
+        if not os.path.exists(DATA_FILE):
+            logging.warning(f"{DATA_FILE} not found locally. Attempting download/init.")
+            download_db_from_hf() # Try to get it from HF
+            if not os.path.exists(DATA_FILE):
+                 logging.warning(f"Creating new empty local DB file: {DATA_FILE}")
+                 with open(DATA_FILE, 'w', encoding='utf-8') as f:
+                     json.dump({'users': {}}, f, ensure_ascii=False, indent=4)
+
+        with open(DATA_FILE, 'r', encoding='utf-8') as file:
+            data = json.load(file)
+            if not isinstance(data, dict):
+                logging.error(f"Data file {DATA_FILE} is not a dict. Possible corruption.")
+                raise json.JSONDecodeError("Root is not a dictionary", "", 0)
+
+            data.setdefault('users', {})
+            for user_id, user_data in data['users'].items():
+                if isinstance(user_data, dict):
+                    initialize_user_filesystem(user_data)
+                else:
+                    logging.warning(f"User data for {user_id} is not a dict, skipping filesystem init.")
+            logging.info("Data loaded and filesystems checked/initialized.")
+            return data
+    except FileNotFoundError:
+        logging.error(f"CRITICAL: {DATA_FILE} not found even after download/init attempt.")
+        return {'users': {}} # Return empty but log critical error
+    except json.JSONDecodeError as e:
+        logging.critical(f"CRITICAL: Error decoding JSON from {DATA_FILE}. Attempting to move to {DATA_FILE_CORRUPT}. Error: {e}")
         try:
-            cache.clear()
-            logging.info("Cache cleared.")
-            upload_db_to_hf()
-        except Exception as e:
-            logging.error(f"Error clearing cache or initiating HF upload after save: {e}")
-            # Data is saved locally, but log this error.
+            if os.path.exists(DATA_FILE):
+                os.replace(DATA_FILE, DATA_FILE_CORRUPT)
+                logging.info(f"Moved corrupted file to {DATA_FILE_CORRUPT}")
+        except OSError as move_err:
+            logging.error(f"Failed to move corrupted file: {move_err}")
+        return {'users': {}} # Return empty after attempting to preserve corrupt file
+    except Exception as e:
+        logging.error(f"Unexpected error loading data: {e}", exc_info=True)
+        return {'users': {}}
 
-        logging.info("Data saving process completed.")
+def save_data(data: Dict[str, Any]):
+    temp_file_path = DATA_FILE_TMP
+    try:
+        with open(temp_file_path, 'w', encoding='utf-8') as file:
+            json.dump(data, file, ensure_ascii=False, indent=4)
+
+        # Atomic replace
+        os.replace(temp_file_path, DATA_FILE)
+        logging.info(f"Data saved successfully to {DATA_FILE}")
+
+        # Clear cache immediately after successful save
+        cache.delete_memoized(load_data)
+        logging.info("Cache cleared after saving.")
+
+        # Upload to HF (can run in background)
+        upload_db_to_hf()
+
+    except json.JSONDecodeError as e:
+         logging.critical(f"CRITICAL ERROR during JSON serialization for save: {e}. Data NOT saved.", exc_info=True)
+         # Clean up temp file if it exists and might be corrupted
+         if os.path.exists(temp_file_path):
+             try: os.remove(temp_file_path)
+             except OSError: pass
+    except OSError as e:
+        logging.critical(f"CRITICAL OS ERROR during file write/replace: {e}. Data potentially NOT saved.", exc_info=True)
+        # Clean up temp file if it exists
+        if os.path.exists(temp_file_path):
+            try: os.remove(temp_file_path)
+            except OSError: pass
+    except Exception as e:
+        logging.critical(f"CRITICAL UNEXPECTED ERROR during save_data: {e}. Data potentially NOT saved.", exc_info=True)
+         # Clean up temp file if it exists
+        if os.path.exists(temp_file_path):
+             try: os.remove(temp_file_path)
+             except OSError: pass
+    # No finally block needed for temp_file_path removal if os.replace succeeded
 
 def upload_db_to_hf():
     if not HF_TOKEN_WRITE:
         logging.warning("HF_TOKEN_WRITE not set, skipping database upload.")
         return
     if not os.path.exists(DATA_FILE):
-        logging.warning(f"Data file {DATA_FILE} does not exist, skipping HF upload.")
+        logging.error(f"Cannot upload {DATA_FILE} to HF: File does not exist.")
         return
     try:
         api = HfApi()
@@ -240,71 +247,90 @@ def upload_db_to_hf():
             commit_message=f"Backup MiniApp {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}",
             run_as_future=True
         )
-        logging.info("Database upload to Hugging Face scheduled.")
+        logging.info(f"Database upload to Hugging Face scheduled for {DATA_FILE}.")
     except Exception as e:
-        logging.error(f"Error scheduling database upload: {e}")
+        logging.error(f"Error scheduling database upload: {e}", exc_info=True)
 
 def download_db_from_hf():
     if not HF_TOKEN_READ:
         logging.warning("HF_TOKEN_READ not set, skipping database download.")
-        # Do not create an empty file here, load_data handles initialization
-        return
+        return False # Indicate download was skipped
 
-    logging.info(f"Attempting download of {DATA_FILE} from {REPO_ID}")
-    local_path = "." # Download directly to current dir
+    download_path = DATA_FILE_DOWNLOAD_TMP
     try:
-        downloaded_path = hf_hub_download(
+        # Download to temp location first
+        hf_hub_download(
             repo_id=REPO_ID,
             filename=DATA_FILE,
             repo_type="dataset",
             token=HF_TOKEN_READ,
-            local_dir=local_path,
-            local_dir_use_symlinks=False, # Safer for overwriting
-            force_download=True, # Always get the latest
-            etag_timeout=10
+            local_dir=".",
+            local_dir_use_symlinks=False,
+            force_download=True, # Get the latest version
+            etag_timeout=10,
+            local_path_and_repo_id_exists=False, # Avoid potential symlink issues
+            cache_dir=None, # Don't use HF cache, manage directly
+            local_path=download_path # Specify exact download path
         )
-        logging.info(f"Database downloaded from Hugging Face to {downloaded_path}")
-        # Ensure the downloaded file is named correctly if local_dir='.' causes issues
-        expected_path = os.path.join(local_path, DATA_FILE)
-        if downloaded_path != expected_path and os.path.exists(downloaded_path):
-             logging.warning(f"Downloaded file path {downloaded_path} differs from expected {expected_path}. Renaming.")
-             try:
-                 os.replace(downloaded_path, expected_path)
-                 logging.info(f"Renamed downloaded file to {expected_path}")
-             except Exception as rename_err:
-                 logging.error(f"Failed to rename downloaded file: {rename_err}")
-                 # Raise the error so load_data knows download wasn't fully successful
-                 raise rename_err
-        elif not os.path.exists(expected_path):
-             logging.error(f"hf_hub_download reported success but expected file {expected_path} not found.")
-             raise FileNotFoundError(f"Downloaded file {expected_path} missing after reported success.")
+        logging.info(f"Database downloaded from Hugging Face to {download_path}")
+
+        # Basic validation: Check if it's valid JSON before replacing
+        try:
+            with open(download_path, 'r', encoding='utf-8') as f:
+                json.load(f)
+            # If JSON is valid, replace the main file
+            os.replace(download_path, DATA_FILE)
+            logging.info(f"Successfully validated and replaced {DATA_FILE} with downloaded version.")
+            cache.delete_memoized(load_data) # Clear cache as data changed
+            return True
+        except (json.JSONDecodeError, UnicodeDecodeError) as e:
+            logging.error(f"Downloaded DB file {download_path} is corrupted or not valid JSON: {e}. Keeping existing local file.")
+            try: os.remove(download_path) # Clean up invalid download
+            except OSError: pass
+            return False
+        except OSError as e:
+            logging.error(f"OS Error replacing {DATA_FILE} with {download_path}: {e}. Keeping existing local file.")
+            try: os.remove(download_path) # Clean up download
+            except OSError: pass
+            return False
 
     except hf_utils.RepositoryNotFoundError:
          logging.error(f"Repository {REPO_ID} not found on Hugging Face.")
-         raise # Re-raise to indicate download failure
+         return False
     except hf_utils.EntryNotFoundError:
-        logging.warning(f"{DATA_FILE} not found in repo {REPO_ID}. Will use local version if available.")
-        # Don't raise, allow load_data to proceed with local/backup
+        logging.warning(f"{DATA_FILE} not found in repo {REPO_ID}. No file downloaded.")
+        # Do not create an empty file here, let load_data handle initial creation if needed
+        return False
     except requests.exceptions.RequestException as e:
-         logging.error(f"Connection error downloading DB from HF: {e}. Will use local version if available.")
-         raise # Re-raise to indicate download failure
+         logging.error(f"Connection error downloading DB from HF: {e}. Using local version if available.")
+         return False
     except Exception as e:
-        logging.error(f"Generic error downloading database from HF: {e}")
-        raise # Re-raise to indicate download failure
+        logging.error(f"Unexpected error downloading database: {e}", exc_info=True)
+        return False
+    finally:
+        # Ensure temp download file is removed if it still exists (e.g., download interrupted)
+        if os.path.exists(download_path):
+            try:
+                os.remove(download_path)
+            except OSError as e:
+                logging.warning(f"Could not remove temporary download file {download_path}: {e}")
 
 
-def get_file_type(filename):
+# --- File Type Helper ---
+def get_file_type(filename: str) -> str:
     if not filename or '.' not in filename: return 'other'
     ext = filename.lower().split('.')[-1]
-    if ext in ['mp4', 'mov', 'avi', 'webm', 'mkv']: return 'video'
-    if ext in ['jpg', 'jpeg', 'png', 'gif', 'bmp', 'webp', 'svg']: return 'image'
+    if ext in ['mp4', 'mov', 'avi', 'webm', 'mkv', 'wmv', 'flv', 'ogg', 'ogv']: return 'video'
+    if ext in ['jpg', 'jpeg', 'png', 'gif', 'bmp', 'webp', 'svg', 'ico', 'tif', 'tiff']: return 'image'
     if ext == 'pdf': return 'pdf'
-    if ext in ['txt', 'log', 'csv', 'json', 'xml', 'html', 'css', 'js', 'py', 'md']: return 'text'
-    if ext in ['mp3', 'wav', 'ogg', 'aac', 'flac']: return 'audio'
-    if ext in ['zip', 'rar', '7z', 'tar', 'gz']: return 'archive'
+    if ext in ['txt', 'log', 'md', 'py', 'js', 'css', 'html', 'json', 'xml', 'csv', 'tsv', 'yaml', 'yml']: return 'text'
+    if ext in ['mp3', 'wav', 'aac', 'flac', 'ogg', 'oga', 'm4a']: return 'audio'
+    if ext in ['zip', 'rar', '7z', 'tar', 'gz', 'bz2']: return 'archive'
+    if ext in ['doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'odp', 'ods']: return 'document'
     return 'other'
 
-def check_telegram_authorization(auth_data: str, bot_token: str) -> Optional[dict]:
+# --- Telegram Validation ---
+def check_telegram_authorization(auth_data: str, bot_token: str) -> Optional[Dict[str, Any]]:
     if not auth_data or not bot_token or bot_token == 'YOUR_BOT_TOKEN':
         logging.warning("Validation skipped: Missing auth_data or valid BOT_TOKEN.")
         return None
@@ -334,6 +360,8 @@ def check_telegram_authorization(auth_data: str, bot_token: str) -> Optional[dic
                     if 'id' not in user_info:
                          logging.error("Validated user data missing 'id'")
                          return None
+                    # Ensure ID is string for consistency
+                    user_info['id'] = str(user_info['id'])
                     return user_info
                 except json.JSONDecodeError:
                     logging.error("Failed to decode user JSON from auth data")
@@ -345,19 +373,20 @@ def check_telegram_authorization(auth_data: str, bot_token: str) -> Optional[dic
             logging.warning("Hash mismatch during validation")
             return None
     except Exception as e:
-        logging.error(f"Exception during validation: {e}")
+        logging.error(f"Exception during validation: {e}", exc_info=True)
         return None
 
 
+# --- HTML, CSS, JS Template ---
 HTML_TEMPLATE = """
 <!DOCTYPE html>
 <html lang="ru">
 <head>
     <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no, viewport-fit=cover">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
     <title>Zeus Cloud</title>
     <script src="https://telegram.org/js/telegram-web-app.js"></script>
-    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
+    <link href="https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap" rel="stylesheet">
     <style>
         :root {
             --tg-theme-bg-color: var(--tg-bg-color, #ffffff);
@@ -367,22 +396,26 @@ HTML_TEMPLATE = """
             --tg-theme-button-color: var(--tg-button-color, #5288c1);
             --tg-theme-button-text-color: var(--tg-button-text-color, #ffffff);
             --tg-theme-secondary-bg-color: var(--tg-secondary-bg-color, #f1f1f1);
+            --tg-theme-header-bg-color: var(--tg-header-bg-color, var(--tg-theme-secondary-bg-color));
             --tg-viewport-height: var(--tg-viewport-stable-height, 100vh);
-            --border-color: rgba(128, 128, 128, 0.2); /* Softer border */
-            --delete-color: #ff3b30; /* iOS destructive red */
-            --folder-color: #ffcc00; /* iOS yellow */
-            --file-icon-color: var(--tg-theme-link-color);
-            --transition-fast: all 0.15s ease-out;
+
+            --border-radius: 12px;
+            --padding-base: 15px;
+            --padding-small: 10px;
+            --shadow-light: 0 2px 8px rgba(0, 0, 0, 0.08);
+            --transition: all 0.2s ease-in-out;
+            --destructive-color: #ff3b30;
+            --folder-color-icon: #ff9500; /* Using a typical folder color */
         }
         html { box-sizing: border-box; }
         *, *:before, *:after { box-sizing: inherit; }
         body {
-            font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;
+            font-family: 'Roboto', sans-serif;
             background: var(--tg-theme-bg-color);
             color: var(--tg-theme-text-color);
             line-height: 1.4;
             margin: 0;
-            padding: 0 15px 15px 15px;
+            padding: var(--padding-base);
             min-height: var(--tg-viewport-height);
             display: flex; flex-direction: column;
             -webkit-font-smoothing: antialiased;
@@ -390,143 +423,227 @@ HTML_TEMPLATE = """
         }
         .container {
              width: 100%;
+             max-width: 800px;
              margin: 0 auto;
              flex-grow: 1;
              display: flex;
              flex-direction: column;
         }
-        #loading, #error-view { padding: 40px 15px; text-align: center; font-size: 16px; color: var(--tg-theme-hint-color); }
-        #error-view button { margin-top: 20px; }
+        #loading, #error-view {
+            padding: 30px;
+            text-align: center;
+            font-size: 1.1em;
+            color: var(--tg-theme-hint-color);
+            flex-grow: 1; display: flex; flex-direction: column; justify-content: center; align-items: center;
+        }
+        #error-view p { color: var(--tg-theme-text-color); }
         #app-content { display: none; flex-grow: 1; flex-direction: column; }
 
-        h1 { font-size: 28px; font-weight: 700; text-align: center; margin: 15px 0 20px 0; color: var(--tg-theme-text-color); }
-        h2 { font-size: 20px; font-weight: 600; margin-top: 25px; margin-bottom: 10px; color: var(--tg-theme-text-color); padding-bottom: 8px; border-bottom: 1px solid var(--border-color); }
-        p { margin-bottom: 10px; font-size: 15px;}
+        h1 {
+            font-size: 1.6em; font-weight: 700; text-align: center;
+            margin-bottom: var(--padding-base); color: var(--tg-theme-text-color);
+        }
+        h2 {
+            font-size: 1.1em; margin-top: calc(var(--padding-base) * 1.5); margin-bottom: var(--padding-small);
+            color: var(--tg-theme-text-color); font-weight: 500; padding-bottom: 5px;
+            border-bottom: 1px solid var(--tg-theme-secondary-bg-color);
+        }
+        p { margin-bottom: var(--padding-small); }
+
+        input[type=text], input[type=file], .btn { font-family: inherit; font-size: 1rem; }
+
+        input[type=text] {
+             width: 100%; padding: var(--padding-small) var(--padding-base); margin-bottom: var(--padding-small);
+             border: 1px solid var(--tg-theme-hint-color); border-radius: var(--border-radius);
+             background: var(--tg-theme-bg-color); color: var(--tg-theme-text-color);
+             transition: var(--transition);
+        }
+        input[type=text]:focus {
+             outline: none; border-color: var(--tg-theme-button-color);
+             box-shadow: 0 0 0 2px rgba(var(--tg-theme-button-color), 0.3);
+        }
+        input[type=file] {
+            border: none; padding: var(--padding-small) 0; width: 100%;
+            color: var(--tg-theme-text-color);
+        }
+        /* Style file input button */
+        input[type="file"]::file-selector-button {
+            padding: 8px 16px; background: var(--tg-theme-secondary-bg-color); color: var(--tg-theme-text-color);
+            border: none; border-radius: var(--border-radius); cursor: pointer; transition: var(--transition);
+            margin-right: var(--padding-base); font-weight: 500;
+        }
+        input[type="file"]::file-selector-button:hover { opacity: 0.8; }
+
+        .btn {
+            padding: 10px 20px; background: var(--tg-theme-button-color); color: var(--tg-theme-button-text-color);
+            border: none; border-radius: var(--border-radius); cursor: pointer; font-weight: 500;
+            transition: var(--transition); box-shadow: var(--shadow-light);
+            display: inline-block; text-decoration: none; margin: 5px 5px 5px 0; text-align: center;
+            line-height: 1.4; vertical-align: middle;
+        }
+        .btn:hover { opacity: 0.85; box-shadow: 0 4px 10px rgba(0, 0, 0, 0.1); }
+        .btn:active { transform: scale(0.98); opacity: 0.9; }
+        .btn[disabled] { background-color: var(--tg-theme-hint-color); cursor: not-allowed; opacity: 0.6; box-shadow: none; }
+
+        .btn-secondary { background: var(--tg-theme-secondary-bg-color); color: var(--tg-theme-link-color); box-shadow: none; border: 1px solid var(--tg-theme-hint-color);}
+        .btn-secondary:hover { background: rgba(var(--tg-hint-color), 0.1); }
+        .btn-destructive { background: var(--destructive-color); color: white; }
+        .btn-destructive:hover { background: #e00000; }
+
+        .flash {
+            color: var(--tg-theme-button-text-color); text-align: center; margin-bottom: var(--padding-base);
+            padding: var(--padding-small) var(--padding-base); border-radius: var(--border-radius); font-weight: 500;
+            box-shadow: var(--shadow-light);
+        }
+        .flash.success { background: #4cd964; } /* Green success */
+        .flash.error { background: var(--destructive-color); } /* Red error */
+
+        .file-grid {
+            display: grid; grid-template-columns: repeat(auto-fill, minmax(120px, 1fr));
+            gap: var(--padding-base); margin-top: var(--padding-base); padding-bottom: 20px;
+        }
 
-        input[type=text], input[type=file] {
-             width: 100%; padding: 12px 15px; margin: 8px 0; border: 1px solid var(--border-color); border-radius: 10px; background: var(--tg-theme-secondary-bg-color); color: var(--tg-theme-text-color); font-size: 16px;
-             appearance: none; -webkit-appearance: none;
-             transition: border-color var(--transition-fast);
+        .item {
+            background: var(--tg-theme-secondary-bg-color); padding: var(--padding-small); border-radius: var(--border-radius);
+            box-shadow: var(--shadow-light); text-align: center; transition: var(--transition);
+            display: flex; flex-direction: column; justify-content: space-between;
+            border: 1px solid transparent; /* For hover effect */
+        }
+        .item:hover {
+            transform: translateY(-2px); box-shadow: 0 4px 12px rgba(0, 0, 0, 0.1);
+            /* border-color: var(--tg-theme-hint-color); */ /* Optional: border on hover */
+        }
+        .item-preview {
+            width: 100%; height: 80px; object-fit: cover; border-radius: calc(var(--border-radius) - 4px);
+            margin-bottom: 8px; cursor: pointer; display: flex; justify-content: center; align-items: center;
+            background-color: rgba(0,0,0, 0.05); font-size: 3em; color: var(--tg-theme-hint-color);
+        }
+        .item.folder .item-preview { color: var(--folder-color-icon); }
+        .item.image .item-preview { padding: 0; background-color: transparent; } /* Remove padding for images */
+        .item.image .item-preview img { display: block; width: 100%; height: 100%; object-fit: cover; }
+        .item.video .item-preview { color: var(--tg-theme-link-color); }
+        .item.pdf .item-preview { color: var(--destructive-color); }
+        .item.text .item-preview { color: var(--tg-theme-text-color); }
+        .item.audio .item-preview { color: var(--tg-theme-button-color); }
+        .item.archive .item-preview { color: #8e8e93; }
+        .item.document .item-preview { color: #5856d6; } /* Purple for documents */
+
+        .item p { font-size: 0.8rem; margin: 4px 0; word-break: break-word; line-height: 1.3; }
+        .item p.filename { font-weight: 500; color: var(--tg-theme-text-color); min-height: 2.6em; display: -webkit-box; -webkit-line-clamp: 2; -webkit-box-orient: vertical; overflow: hidden; text-overflow: ellipsis; }
+        .item p.details { font-size: 0.7rem; color: var(--tg-theme-hint-color); height: auto; }
+        .item a { color: var(--tg-theme-link-color); text-decoration: none; }
+        .item a:hover { text-decoration: underline; }
+        .item-actions { margin-top: 8px; display: flex; flex-wrap: wrap; gap: 5px; justify-content: center; }
+        .item-actions .btn { font-size: 0.75rem; padding: 5px 10px; }
+
+        .modal {
+            display: none; position: fixed; top: 0; left: 0; width: 100%; height: 100%;
+            background: rgba(0, 0, 0, 0.7); backdrop-filter: blur(5px); -webkit-backdrop-filter: blur(5px);
+            z-index: 2000; justify-content: center; align-items: center; padding: 10px;
+        }
+        .modal-content {
+            width: 100%; height: 100%; max-width: 95vw; max-height: 90vh;
+            background: var(--tg-theme-bg-color); padding: 10px; border-radius: var(--border-radius);
+            overflow: hidden; position: relative; display: flex; flex-direction: column;
+            box-shadow: 0 10px 30px rgba(0,0,0,0.2);
         }
-        input[type=text]:focus { outline: none; border-color: var(--tg-theme-button-color); }
-        input[type=file] { padding: 10px 15px; line-height: 1.5; }
-        input::placeholder { color: var(--tg-theme-hint-color); opacity: 0.8; }
-
-        .btn { display: block; width: 100%; padding: 14px 20px; background: var(--tg-theme-button-color); color: var(--tg-theme-button-text-color); border: none; border-radius: 12px; cursor: pointer; font-size: 17px; font-weight: 600; transition: var(--transition-fast); text-align: center; margin-top: 10px; text-decoration: none; }
-        .btn:hover { opacity: 0.85; }
-        .btn:active { opacity: 0.7; }
-        .btn[disabled] { background-color: var(--tg-theme-hint-color); cursor: not-allowed; opacity: 0.7; }
-        .btn.secondary { background-color: var(--tg-theme-secondary-bg-color); color: var(--tg-theme-link-color); }
-        .btn.destructive { background-color: var(--delete-color); }
-        .btn.inline { display: inline-block; width: auto; padding: 8px 16px; font-size: 15px; margin-right: 8px; }
-
-        .flash { color: var(--tg-theme-button-text-color); text-align: center; margin-bottom: 15px; padding: 12px; border-radius: 10px; font-weight: 500; font-size: 15px; }
-        .flash.success { background: #34c759; } /* iOS green */
-        .flash.error { background: var(--delete-color); }
-
-        .item-list { margin-top: 15px; padding-bottom: 20px; display: flex; flex-direction: column; gap: 5px; }
-        .item { background: var(--tg-theme-secondary-bg-color); padding: 12px 15px; border-radius: 10px; display: flex; align-items: center; gap: 12px; transition: background-color var(--transition-fast); position: relative; }
-        .item:active { background-color: rgba(128, 128, 128, 0.1); }
-        .item-icon { font-size: 24px; width: 30px; text-align: center; flex-shrink: 0; color: var(--file-icon-color); }
-        .item-icon.folder { color: var(--folder-color); }
-        .item-icon img { width: 30px; height: 30px; object-fit: cover; border-radius: 6px; display: block; }
-        .item-info { flex-grow: 1; overflow: hidden; }
-        .item-info .name { font-size: 16px; font-weight: 500; color: var(--tg-theme-text-color); white-space: nowrap; overflow: hidden; text-overflow: ellipsis; display: block; margin-bottom: 2px; }
-        .item-info .details { font-size: 13px; color: var(--tg-theme-hint-color); white-space: nowrap; overflow: hidden; text-overflow: ellipsis; }
-        .item-actions-trigger { font-size: 20px; color: var(--tg-theme-hint-color); cursor: pointer; padding: 5px; flex-shrink: 0; }
-
-        .context-menu { display: none; position: absolute; background-color: var(--tg-theme-secondary-bg-color); border-radius: 10px; box-shadow: 0 4px 15px rgba(0,0,0,0.1); z-index: 100; padding: 5px 0; min-width: 150px; right: 10px; top: 45px; }
-        .context-menu button { display: block; width: 100%; padding: 10px 15px; background: none; border: none; color: var(--tg-theme-link-color); text-align: left; font-size: 16px; cursor: pointer; }
-        .context-menu button:hover { background-color: rgba(128, 128, 128, 0.1); }
-        .context-menu button.delete { color: var(--delete-color); }
-
-        .modal { display: none; position: fixed; inset: 0; background: rgba(0, 0, 0, 0.7); z-index: 2000; justify-content: center; align-items: center; padding: 10px; }
-        .modal-content { width: 100%; height: 100%; background: var(--tg-theme-bg-color); padding: 10px; border-radius: 14px; overflow: hidden; position: relative; display: flex; flex-direction: column; max-width: 800px; max-height: 90vh; }
         .modal-body { flex-grow: 1; overflow: auto; display: flex; justify-content: center; align-items: center; }
-        .modal img, .modal video, .modal iframe, .modal pre { max-width: 100%; max-height: 100%; display: block; margin: auto; border-radius: 10px; }
-        .modal iframe { width: 100%; height: 100%; border: none; }
-        .modal pre { background: var(--tg-theme-secondary-bg-color); color: var(--tg-theme-text-color); padding: 15px; border-radius: 8px; white-space: pre-wrap; word-wrap: break-word; text-align: left; max-height: 100%; overflow-y: auto; width: 100%; font-size: 14px; font-family: monospace;}
-        .modal-close-btn { position: absolute; top: 12px; right: 12px; font-size: 26px; color: var(--tg-theme-hint-color); cursor: pointer; background: rgba(128,128,128,0.2); border-radius: 50%; width: 30px; height: 30px; line-height: 30px; text-align: center; z-index: 2001;}
+        .modal img, .modal video, .modal iframe, .modal pre { max-width: 100%; max-height: 95%; display: block; margin: auto; border-radius: calc(var(--border-radius) - 4px); }
+        .modal iframe { width: 100%; height: 100%; border: none; background: white; } /* Set background for iframe */
+        .modal pre { background: var(--tg-theme-secondary-bg-color); color: var(--tg-theme-text-color); padding: var(--padding-base); border-radius: calc(var(--border-radius) - 4px); white-space: pre-wrap; word-wrap: break-word; text-align: left; max-height: 95%; overflow-y: auto; width: 100%;}
+        .modal-close-btn {
+            position: absolute; top: 8px; right: 8px; font-size: 28px; color: var(--tg-theme-hint-color);
+            cursor: pointer; background: rgba(128,128,128,0.2); border-radius: 50%; width: 32px; height: 32px;
+            line-height: 32px; text-align: center; z-index: 2001; font-weight: 300;
+        }
+        .modal-close-btn:hover { background: rgba(128,128,128,0.4); color: var(--tg-theme-text-color); }
 
-        #progress-container { width: calc(100% + 30px); margin: 15px -15px 10px -15px; background: var(--tg-theme-secondary-bg-color); display: none; position: relative; height: 4px; overflow: hidden; }
-        #progress-bar { width: 0%; height: 100%; background: var(--tg-theme-button-color); transition: width 0.3s ease; }
-        #progress-text { display: none; } /* Hide percentage text for cleaner look */
+        #progress-container {
+            width: 100%; background: var(--tg-theme-secondary-bg-color); border-radius: var(--border-radius);
+            margin: var(--padding-base) 0; display: none; position: relative; height: 10px; overflow: hidden;
+        }
+        #progress-bar {
+            width: 0%; height: 100%; background: var(--tg-theme-button-color); border-radius: var(--border-radius);
+            transition: width 0.3s ease;
+        }
+        #progress-text {
+            position: absolute; width: 100%; text-align: center; line-height: 10px; color: var(--tg-theme-text-color);
+            font-size: 0.7em; font-weight: bold; top: 0; left: 0;
+            mix-blend-mode: difference; filter: invert(1) grayscale(1) contrast(100); /* Try to make text visible */
+        }
 
-        .breadcrumbs { margin-bottom: 15px; font-size: 15px; background: var(--tg-theme-secondary-bg-color); padding: 10px 15px; border-radius: 10px; white-space: nowrap; overflow-x: auto; }
+        .breadcrumbs {
+            margin-bottom: var(--padding-base); font-size: 0.9em; background: var(--tg-theme-secondary-bg-color);
+            padding: 8px var(--padding-base); border-radius: var(--border-radius); overflow-x: auto; white-space: nowrap;
+        }
         .breadcrumbs a { color: var(--tg-theme-link-color); text-decoration: none; font-weight: 500; }
         .breadcrumbs a:hover { text-decoration: underline; }
         .breadcrumbs span { margin: 0 5px; color: var(--tg-theme-hint-color); }
-        .breadcrumbs span.current-folder { font-weight: 600; color: var(--tg-theme-text-color);}
-
-        .action-section { margin-top: 15px; margin-bottom: 20px; display: flex; flex-direction: column; gap: 10px; }
-        .input-group { display: flex; gap: 10px; }
-        .input-group input[type=text] { flex-grow: 1; margin: 0; }
-        .input-group .btn { width: auto; flex-shrink: 0; margin: 0; padding: 12px 18px; }
+        .breadcrumbs span.current-folder { font-weight: 700; color: var(--tg-theme-text-color);}
 
-        #user-info-header { text-align: center; margin: 5px 0 15px 0; font-size: 13px; color: var(--tg-theme-hint-color); }
+        .folder-actions {
+            margin-top: var(--padding-small); margin-bottom: var(--padding-base); display: flex; gap: var(--padding-small);
+            align-items: center; flex-wrap: wrap;
+        }
+        .folder-actions input[type=text] { flex-grow: 1; margin: 0; min-width: 150px; }
+        .folder-actions .btn { margin: 0; flex-shrink: 0;}
 
-        @media (max-width: 480px) {
-             body { padding: 0 10px 10px 10px; }
-             h1 { font-size: 24px; }
-             h2 { font-size: 18px; }
-             input[type=text], input[type=file], .btn { font-size: 16px; }
-             .btn { padding: 12px 18px; }
-             .item { padding: 10px 12px; gap: 10px; }
-             .item-icon { font-size: 22px; width: 25px; }
-             .item-icon img { width: 25px; height: 25px; }
-             .item-info .name { font-size: 15px; }
-             .item-info .details { font-size: 12px; }
-             .breadcrumbs { padding: 8px 12px; font-size: 14px; }
-             .input-group .btn { padding: 11px 15px; }
+        #user-info-header {
+            text-align: center; margin-bottom: var(--padding-base); font-size: 0.8em; color: var(--tg-theme-hint-color);
+            background: var(--tg-theme-secondary-bg-color); padding: 5px; border-radius: var(--border-radius);
         }
 
-        .placeholder {
-            text-align: center;
-            padding: 40px 20px;
-            color: var(--tg-theme-hint-color);
-            font-size: 16px;
+        @media (max-width: 480px) {
+            body { padding: var(--padding-small); }
+            .file-grid { grid-template-columns: repeat(auto-fill, minmax(100px, 1fr)); gap: var(--padding-small);}
+            .item-preview { height: 70px; font-size: 2.5em; }
+            h1 { font-size: 1.4em; }
+            .btn { padding: 8px 16px; font-size: 0.9rem;}
+            .item-actions .btn { padding: 4px 8px; font-size: 0.7rem; }
+            .breadcrumbs { font-size: 0.85em; padding: 6px var(--padding-small); }
+            input[type=text] { padding: 10px 12px; }
+            .folder-actions { gap: 8px; }
         }
     </style>
 </head>
 <body>
-    <div id="loading">Loading...</div>
+    <div id="loading">Загрузка...</div>
     <div id="error-view" style="display: none;"></div>
+
     <div id="app-content" class="container">
         <h1>Zeus Cloud</h1>
         <div id="user-info-header"></div>
         <div id="flash-container"></div>
 
-        <div class="breadcrumbs" id="breadcrumbs-container"></div>
+        <div class="breadcrumbs" id="breadcrumbs-container">Загрузка пути...</div>
 
-        <div class="action-section">
-             <form id="upload-form">
-                 <input type="file" name="files" id="file-input" multiple required>
-                 <button type="submit" class="btn" id="upload-btn">Upload Files</button>
-                 <div id="progress-container"><div id="progress-bar"></div><div id="progress-text"></div></div>
-             </form>
+        <div class="folder-actions">
+            <input type="text" id="new-folder-name" placeholder="Имя новой папки" required>
+            <button id="create-folder-btn" class="btn btn-secondary">Создать папку</button>
+        </div>
 
-            <div class="input-group">
-                <input type="text" id="new-folder-name" placeholder="New Folder Name" required>
-                <button id="create-folder-btn" class="btn secondary">Create Folder</button>
-            </div>
+        <form id="upload-form">
+            <input type="file" name="files" id="file-input" multiple required>
+            <button type="submit" class="btn" id="upload-btn">Загрузить файлы сюда</button>
+        </form>
+        <div id="progress-container">
+            <div id="progress-bar"></div>
+            <div id="progress-text">0%</div>
         </div>
 
-        <h2 id="current-folder-title">Folder Contents</h2>
-        <div class="item-list" id="item-list-container">
+        <h2 id="current-folder-title">Содержимое папки</h2>
+        <div class="file-grid" id="file-grid-container">
+            <p style="color: var(--tg-theme-hint-color);">Загрузка содержимого...</p>
         </div>
-        <div id="placeholder-empty" class="placeholder" style="display: none;">This folder is empty.</div>
     </div>
 
-    <div class="modal" id="mediaModal" onclick="closeModalOnClickOutside(event)">
+    <div class="modal" id="mediaModal" onclick="closeModal(event)">
         <div class="modal-content">
-             <span onclick="closeModal()" class="modal-close-btn">×</span>
+             <span onclick="closeModalManual()" class="modal-close-btn" title="Закрыть">×</span>
              <div class="modal-body" id="modalContent"></div>
         </div>
     </div>
 
-    <div id="item-context-menu" class="context-menu"></div>
-
-
     <script>
         const tg = window.Telegram.WebApp;
         const loadingEl = document.getElementById('loading');
@@ -535,7 +652,7 @@ HTML_TEMPLATE = """
         const userInfoHeaderEl = document.getElementById('user-info-header');
         const flashContainerEl = document.getElementById('flash-container');
         const breadcrumbsContainerEl = document.getElementById('breadcrumbs-container');
-        const itemListContainerEl = document.getElementById('item-list-container');
+        const fileGridContainerEl = document.getElementById('file-grid-container');
         const currentFolderTitleEl = document.getElementById('current-folder-title');
         const uploadForm = document.getElementById('upload-form');
         const fileInput = document.getElementById('file-input');
@@ -545,18 +662,19 @@ HTML_TEMPLATE = """
         const progressText = document.getElementById('progress-text');
         const newFolderInput = document.getElementById('new-folder-name');
         const createFolderBtn = document.getElementById('create-folder-btn');
-        const placeholderEmptyEl = document.getElementById('placeholder-empty');
-        const contextMenuEl = document.getElementById('item-context-menu');
+        const mediaModal = document.getElementById('mediaModal');
+        const modalContent = document.getElementById('modalContent');
 
         let currentFolderId = 'root';
         let validatedInitData = null;
         let currentUser = null;
         let currentItems = [];
-        let activeContextMenu = null;
+        let isLoading = false; // Flag to prevent multiple simultaneous loads
+
 
         async function apiCall(endpoint, method = 'POST', body = {}) {
             if (!validatedInitData) {
-                showError("Error: Authentication data is missing.");
+                showError("Ошибка: Данные авторизации отсутствуют. Перезапустите приложение.");
                 throw new Error("Not authenticated");
             }
             body.initData = validatedInitData;
@@ -567,32 +685,30 @@ HTML_TEMPLATE = """
                     headers: { 'Content-Type': 'application/json' },
                     body: JSON.stringify(body)
                 });
+                const responseData = await response.json();
                 if (!response.ok) {
-                    let errorMsg = `HTTP error ${response.status}`;
-                    try {
-                        const errData = await response.json();
-                        errorMsg = errData.message || errorMsg;
-                    } catch (e) { /* Ignore */ }
+                    let errorMsg = responseData.message || `HTTP error ${response.status}`;
                     throw new Error(errorMsg);
                 }
-                return await response.json();
+                return responseData;
             } catch (error) {
                 console.error(`API call to ${endpoint} failed:`, error);
-                showFlash(`Network or server error: ${error.message}`, 'error');
-                throw error;
+                showFlash(`Ошибка сети или сервера: ${error.message}`, 'error');
+                throw error; // Re-throw for calling function to handle
             }
         }
 
+
         function showLoadingScreen() {
-            loadingEl.style.display = 'block';
+            loadingEl.style.display = 'flex';
             errorViewEl.style.display = 'none';
             appContentEl.style.display = 'none';
         }
 
         function showError(message) {
             loadingEl.style.display = 'none';
-            errorViewEl.innerHTML = `<h2>Error</h2><p>${message}</p><button class='btn' onclick='window.location.reload()'>Reload</button>`;
-            errorViewEl.style.display = 'block';
+            errorViewEl.innerHTML = `<h2>Ошибка</h2><p>${message}</p><button class='btn' onclick='window.location.reload()'>Перезагрузить</button>`;
+            errorViewEl.style.display = 'flex';
             appContentEl.style.display = 'none';
             if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred('error');
         }
@@ -604,314 +720,249 @@ HTML_TEMPLATE = """
         }
 
         function showFlash(message, type = 'success') {
+             if (!flashContainerEl) return;
+             const flashId = `flash-${Date.now()}`;
              const flashDiv = document.createElement('div');
              flashDiv.className = `flash ${type}`;
+             flashDiv.id = flashId;
              flashDiv.textContent = message;
-             flashContainerEl.innerHTML = '';
-             flashContainerEl.appendChild(flashDiv);
-             flashDiv.scrollIntoView({ behavior: 'smooth', block: 'center' });
+
+             flashContainerEl.insertBefore(flashDiv, flashContainerEl.firstChild); // Add to top
+
              setTimeout(() => {
-                 if (flashDiv.parentNode === flashContainerEl) {
-                      flashContainerEl.removeChild(flashDiv);
+                 const currentFlash = document.getElementById(flashId);
+                 if (currentFlash) {
+                     currentFlash.style.opacity = '0';
+                     currentFlash.style.transition = 'opacity 0.5s ease';
+                     setTimeout(() => {
+                        if (currentFlash.parentNode === flashContainerEl) {
+                             flashContainerEl.removeChild(currentFlash);
+                        }
+                     }, 500);
                  }
-             }, 4000);
-             if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred(type);
+             }, 5000); // Start fade out after 5 seconds
+
+             if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred(type === 'success' ? 'success' : 'error');
         }
 
         function renderBreadcrumbs(breadcrumbs) {
             breadcrumbsContainerEl.innerHTML = '';
+            if (!breadcrumbs || breadcrumbs.length === 0) {
+                breadcrumbsContainerEl.innerHTML = '<span class="current-folder">Root</span>';
+                currentFolderTitleEl.textContent = `Содержимое: Root`;
+                return;
+            }
             breadcrumbs.forEach((crumb, index) => {
                 if (index > 0) {
                     const separator = document.createElement('span');
-                    separator.textContent = '/';
+                    separator.textContent = ' / ';
                     breadcrumbsContainerEl.appendChild(separator);
                 }
                 if (index === breadcrumbs.length - 1) {
                      const span = document.createElement('span');
                      span.className = 'current-folder';
-                     span.textContent = crumb.name;
+                     span.textContent = crumb.name || 'Unnamed';
                      breadcrumbsContainerEl.appendChild(span);
-                     currentFolderTitleEl.textContent = crumb.name;
+                     currentFolderTitleEl.textContent = `Содержимое: ${crumb.name || 'Unnamed'}`;
                 } else {
                     const link = document.createElement('a');
                     link.href = '#';
-                    link.textContent = crumb.name;
+                    link.textContent = crumb.name || 'Unnamed';
                     link.onclick = (e) => { e.preventDefault(); loadFolderContent(crumb.id); };
                     breadcrumbsContainerEl.appendChild(link);
                 }
             });
-            // Scroll to the end if breadcrumbs overflow
-            breadcrumbsContainerEl.scrollLeft = breadcrumbsContainerEl.scrollWidth;
         }
 
         function getItemIcon(item) {
-             if (item.type === 'folder') return '📁';
-             switch (item.file_type) {
-                 case 'image': return '🖼️';
-                 case 'video': return '🎬';
-                 case 'audio': return '🎵';
-                 case 'pdf':   return '📄';
-                 case 'text':  return '📝';
-                 case 'archive': return '📦';
-                 default:      return '📎';
-             }
+            switch (item.file_type || item.type) {
+                case 'folder': return '📁';
+                case 'image': return '🖼️';
+                case 'video': return '🎬';
+                case 'audio': return '🎵';
+                case 'pdf': return '📄';
+                case 'text': return '📝';
+                case 'archive': return '📦';
+                case 'document': return '💼';
+                default: return '❓';
+            }
         }
 
         function renderItems(items) {
-            itemListContainerEl.innerHTML = '';
+            fileGridContainerEl.innerHTML = '';
             if (!items || items.length === 0) {
-                 placeholderEmptyEl.style.display = 'block';
+                 fileGridContainerEl.innerHTML = '<p style="color: var(--tg-theme-hint-color); grid-column: 1 / -1; text-align: center;">Эта папка пуста.</p>';
                  return;
             }
-            placeholderEmptyEl.style.display = 'none';
-
             items.forEach(item => {
                 const itemDiv = document.createElement('div');
-                itemDiv.className = `item ${item.type}`;
-                itemDiv.dataset.itemId = item.id;
-
-                const iconSpan = document.createElement('span');
-                iconSpan.className = `item-icon ${item.type}`;
-                if (item.type === 'file' && item.file_type === 'image') {
-                    iconSpan.innerHTML = `<img src="/preview_thumb/${item.id}" alt="preview" loading="lazy" onerror="this.parentNode.innerHTML = getItemIcon(item); this.remove();">`;
+                const itemTypeClass = item.type === 'folder' ? 'folder' : item.file_type || 'other';
+                itemDiv.className = `item ${itemTypeClass}`;
+                let previewHtml = '';
+                let actionsHtml = '';
+                let filenameDisplay = item.original_filename || item.name || 'Unnamed';
+                const isFolder = item.type === 'folder';
+
+                const icon = getItemIcon(item);
+                let previewContent = `<div class="item-preview" title="${isFolder ? `Перейти в папку ${item.name}` : `Предпросмотр ${filenameDisplay}`}">`;
+
+                if (itemTypeClass === 'image') {
+                    previewContent += `<img src="/preview_thumb/${item.id}" alt="${filenameDisplay}" loading="lazy" onerror="this.parentElement.innerHTML = '${icon}'; this.style.display='none';">`;
                 } else {
-                    iconSpan.textContent = getItemIcon(item);
+                    previewContent += icon;
                 }
+                previewContent += `</div>`;
+
+                if (isFolder) {
+                    itemDiv.onclick = () => loadFolderContent(item.id);
+                    previewHtml = previewContent; // Click handled by itemDiv
+                    actionsHtml = `
+                        <button class="btn btn-secondary" onclick="event.stopPropagation(); loadFolderContent('${item.id}')">Открыть</button>
+                        <button class="btn btn-destructive" onclick="event.stopPropagation(); deleteFolder('${item.id}', '${item.name}')">Удалить</button>
+                    `;
+                    filenameDisplay = item.name; // Use folder name
+                } else if (item.type === 'file') {
+                    const previewable = ['image', 'video', 'pdf', 'text'].includes(item.file_type);
+                    const dlUrl = `/download/${item.id}`;
+                    let viewFuncCall = null;
+                    let modalType = item.file_type;
+                    let modalSrc = dlUrl;
+
+                    if (item.file_type === 'text') {
+                        modalSrc = `/get_text_content/${item.id}`;
+                    }
 
-                const infoDiv = document.createElement('div');
-                infoDiv.className = 'item-info';
-                const nameP = document.createElement('p');
-                nameP.className = 'name';
-                nameP.textContent = item.name || item.original_filename || 'Unnamed';
-                nameP.title = item.name || item.original_filename || 'Unnamed';
-                infoDiv.appendChild(nameP);
-
-                if (item.upload_date) {
-                    const detailsP = document.createElement('p');
-                    detailsP.className = 'details';
-                    detailsP.textContent = `Added: ${item.upload_date.split(' ')[0]}`;
-                    infoDiv.appendChild(detailsP);
-                }
-
-                const actionsTrigger = document.createElement('span');
-                actionsTrigger.className = 'item-actions-trigger';
-                actionsTrigger.innerHTML = '⋮'; // Vertical ellipsis
-                actionsTrigger.onclick = (e) => {
-                    e.stopPropagation();
-                    toggleContextMenu(item, e.currentTarget);
-                };
-
-                itemDiv.appendChild(iconSpan);
-                itemDiv.appendChild(infoDiv);
-                itemDiv.appendChild(actionsTrigger);
+                    if (previewable) {
+                        viewFuncCall = `openModal('${modalSrc}', '${modalType}', '${item.id}')`;
+                        itemDiv.onclick = () => openModal(modalSrc, modalType, item.id);
+                        previewHtml = previewContent; // Click handled by itemDiv
+                    } else {
+                         previewHtml = previewContent; // Just show icon, no item click
+                         itemDiv.style.cursor = 'default';
+                    }
 
-                // Main item click action
-                itemDiv.onclick = () => handleItemClick(item);
+                    actionsHtml = `<a href="${dlUrl}" class="btn btn-secondary" target="_blank" rel="noopener noreferrer" onclick="event.stopPropagation();">Скачать</a>`;
+                    if (previewable && viewFuncCall) {
+                        actionsHtml += `<button class="btn btn-secondary" onclick="event.stopPropagation(); ${viewFuncCall}">Просмотр</button>`;
+                    }
+                    actionsHtml += `<button class="btn btn-destructive" onclick="event.stopPropagation(); deleteFile('${item.id}', '${filenameDisplay}')">Удалить</button>`;
+                }
 
-                itemListContainerEl.appendChild(itemDiv);
+                itemDiv.innerHTML = `
+                    ${previewHtml}
+                    <p class="filename" title="${filenameDisplay}">${filenameDisplay}</p>
+                    ${item.upload_date ? `<p class="details">${item.upload_date.split(' ')[0]}</p>` : ''}
+                    <div class="item-actions">${actionsHtml}</div>
+                `;
+                fileGridContainerEl.appendChild(itemDiv);
             });
         }
 
-        function handleItemClick(item) {
-             closeContextMenu();
-             if (item.type === 'folder') {
-                 loadFolderContent(item.id);
-             } else if (item.type === 'file') {
-                 const previewable = ['image', 'video', 'pdf', 'text'].includes(item.file_type);
-                 if (previewable) {
-                     let srcOrUrl = `/download/${item.id}`;
-                     let modalType = item.file_type;
-                     if(item.file_type === 'text') {
-                         srcOrUrl = `/get_text_content/${item.id}`;
-                     }
-                     openModal(srcOrUrl, modalType, item.id);
-                 } else {
-                     // Offer download directly for non-previewable types
-                      window.open(`/download/${item.id}`, '_blank');
-                      // Alternatively show a message
-                      // showFlash(`Preview not available for this file type. Use the menu to download.`);
-                 }
-             }
-        }
-
-        function toggleContextMenu(item, triggerElement) {
-             if (activeContextMenu && activeContextMenu.itemId === item.id) {
-                 closeContextMenu();
-                 return;
-             }
-             closeContextMenu(); // Close any other open menu
-
-             contextMenuEl.innerHTML = ''; // Clear previous options
-             activeContextMenu = { itemId: item.id, element: contextMenuEl };
-
-             if (item.type === 'folder') {
-                 addContextMenuButton('Open', () => loadFolderContent(item.id));
-                 addContextMenuButton('Delete', () => deleteFolder(item.id, item.name), true);
-             } else { // File
-                 const previewable = ['image', 'video', 'pdf', 'text'].includes(item.file_type);
-                 if (previewable) {
-                      let srcOrUrl = `/download/${item.id}`;
-                      let modalType = item.file_type;
-                      if(item.file_type === 'text') {
-                          srcOrUrl = `/get_text_content/${item.id}`;
-                      }
-                      addContextMenuButton('View', () => openModal(srcOrUrl, modalType, item.id));
-                 }
-                 addContextMenuButton('Download', () => window.open(`/download/${item.id}`, '_blank'));
-                 addContextMenuButton('Delete', () => deleteFile(item.id, item.original_filename || item.name), true);
-             }
-
-             // Position and show the menu
-             const rect = triggerElement.getBoundingClientRect();
-             contextMenuEl.style.display = 'block';
-             // Adjust position if it overflows viewport (basic implementation)
-             const menuHeight = contextMenuEl.offsetHeight;
-             const menuWidth = contextMenuEl.offsetWidth;
-             let top = rect.bottom + 5;
-             let left = rect.right - menuWidth;
-
-             if (top + menuHeight > window.innerHeight) {
-                 top = rect.top - menuHeight - 5;
-             }
-             if (left < 0) {
-                 left = rect.left;
-             }
-             contextMenuEl.style.top = `${top}px`;
-             contextMenuEl.style.left = `${left}px`;
-
 
-             // Add listener to close menu on outside click
-             setTimeout(() => document.addEventListener('click', closeContextMenuOnClickOutside), 0);
-        }
+        async function openModal(srcOrUrl, type, itemId) {
+            modalContent.innerHTML = '<p style="color: var(--tg-theme-hint-color);">Загрузка...</p>';
+            mediaModal.style.display = 'flex';
 
-        function addContextMenuButton(text, action, isDelete = false) {
-            const button = document.createElement('button');
-            button.textContent = text;
-            button.onclick = (e) => {
-                e.stopPropagation();
-                closeContextMenu();
-                action();
-            };
-            if (isDelete) {
-                button.classList.add('delete');
-            }
-            contextMenuEl.appendChild(button);
-        }
+            try {
+                let contentHtml = '';
+                if (type === 'pdf') {
+                    contentHtml = `<iframe src="https://docs.google.com/gview?url=${encodeURIComponent(window.location.origin + srcOrUrl)}&embedded=true" title="Просмотр PDF"></iframe>`;
+                } else if (type === 'image') {
+                    contentHtml = `<img src="${srcOrUrl}" alt="Просмотр изображения" style="object-fit: contain;">`;
+                } else if (type === 'video') {
+                    contentHtml = `<video controls autoplay style='max-width: 100%; max-height: 100%;'><source src="${srcOrUrl}">Ваш браузер не поддерживает видео.</video>`;
+                } else if (type === 'text') {
+                    const response = await fetch(srcOrUrl);
+                    if (!response.ok) throw new Error(`Ошибка загрузки текста: ${response.statusText}`);
+                    const text = await response.text();
+                    const escapedText = text.replace(/</g, "&lt;").replace(/>/g, "&gt;");
+                    contentHtml = `<pre>${escapedText}</pre>`;
+                } else {
+                    contentHtml = '<p>Предпросмотр для этого типа файла не поддерживается.</p>';
+                }
+                modalContent.innerHTML = contentHtml;
 
-        function closeContextMenu() {
-            if (activeContextMenu) {
-                activeContextMenu.element.style.display = 'none';
-                activeContextMenu = null;
-                document.removeEventListener('click', closeContextMenuOnClickOutside);
+            } catch (error) {
+                console.error("Error loading modal content:", error);
+                modalContent.innerHTML = `<p style="color: var(--destructive-color);">Не удалось загрузить содержимое для предпросмотра. ${error.message}</p>`;
+                 if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred('error');
             }
         }
 
-        function closeContextMenuOnClickOutside(event) {
-            if (activeContextMenu && !activeContextMenu.element.contains(event.target)) {
-                // Check if the click was on a trigger element itself to prevent immediate reopening
-                const triggerClicked = event.target.closest('.item-actions-trigger');
-                if (!triggerClicked) {
-                    closeContextMenu();
-                }
+        function closeModal(event) {
+            if (event.target === mediaModal) {
+                closeModalManual();
             }
         }
 
-        async function openModal(srcOrUrl, type, itemId) {
-            const modal = document.getElementById('mediaModal');
-            const modalContent = document.getElementById('modalContent');
-            modalContent.innerHTML = '<p>Loading...</p>'; // Simple loading text
-            modal.style.display = 'flex';
-
-            try {
-                 if (type === 'pdf') {
-                     if (tg.platform === "ios" || tg.platform === "android") {
-                         // On mobile, offer to open externally as iframe support can be spotty
-                         modalContent.innerHTML = `<p>PDF preview might not work well here.</p><button class="btn inline" onclick="window.open('${srcOrUrl}', '_blank'); closeModal();">Open PDF Externally</button>`;
-                     } else {
-                         // Use Google Docs viewer or similar for desktop
-                         modalContent.innerHTML = `<iframe src="https://docs.google.com/gview?url=${encodeURIComponent(window.location.origin + srcOrUrl)}&embedded=true" title="PDF Viewer"></iframe>`;
-                     }
-                 } else if (type === 'image') {
-                     modalContent.innerHTML = `<img src="${srcOrUrl}" alt="Image Preview">`;
-                 } else if (type === 'video') {
-                     modalContent.innerHTML = `<video controls autoplay style='max-width: 100%; max-height: 100%; background: #000;'><source src="${srcOrUrl}">Your browser does not support the video tag.</video>`;
-                 } else if (type === 'text') {
-                     const response = await fetch(srcOrUrl);
-                     if (!response.ok) throw new Error(`Failed to load text: ${response.statusText}`);
-                     const text = await response.text();
-                     // Basic escaping for display in <pre>
-                     const escapedText = text.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">");
-                     modalContent.innerHTML = `<pre>${escapedText}</pre>`;
-                 } else {
-                     modalContent.innerHTML = '<p>Preview not supported for this file type.</p>';
-                 }
-             } catch (error) {
-                 console.error("Error loading modal content:", error);
-                 modalContent.innerHTML = `<p>Could not load preview content. ${error.message}</p>`;
-                 if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred('error');
-             }
-        }
-
-        function closeModal() {
-            const modal = document.getElementById('mediaModal');
-            modal.style.display = 'none';
-            const video = modal.querySelector('video');
-            if (video) { video.pause(); video.src = ''; }
-            const iframe = modal.querySelector('iframe');
+        function closeModalManual() {
+            mediaModal.style.display = 'none';
+            const video = mediaModal.querySelector('video');
+            if (video) { video.pause(); video.src = ''; video.removeAttribute('src'); video.load(); }
+            const iframe = mediaModal.querySelector('iframe');
             if (iframe) iframe.src = 'about:blank';
-            document.getElementById('modalContent').innerHTML = '';
+            modalContent.innerHTML = ''; // Clear content
         }
 
-        function closeModalOnClickOutside(event) {
-            const modal = document.getElementById('mediaModal');
-            if (event.target === modal) {
-                closeModal();
-            }
-        }
 
         async function loadFolderContent(folderId) {
-            closeContextMenu();
-            currentFolderId = folderId;
+            if (isLoading) {
+                console.log("Already loading folder content, skipping request for:", folderId);
+                return;
+            }
+            isLoading = true;
             console.log(`Loading folder: ${folderId}`);
-            showFlash('Loading folder...', 'info'); // Show loading indicator
+            // Show subtle loading indicator? Maybe change title?
+            currentFolderTitleEl.textContent = `Загрузка: ${folderId === 'root' ? 'Root' : '...'}`;
+            fileGridContainerEl.innerHTML = '<p style="color: var(--tg-theme-hint-color); grid-column: 1 / -1; text-align: center;">Загрузка...</p>';
+
 
             try {
                 const data = await apiCall('/get_dashboard_data', 'POST', { folder_id: folderId });
-                flashContainerEl.innerHTML = ''; // Clear loading flash
                 if (data.status === 'ok') {
+                     currentFolderId = folderId; // Update current folder ID *only* on success
                      currentItems = data.items || [];
                      renderBreadcrumbs(data.breadcrumbs || [{'id': 'root', 'name': 'Root'}]);
-                     renderItems(currentItems.sort((a, b) => {
-                         const typeSort = (a.type === 'folder' ? -1 : 1) - (b.type === 'folder' ? -1 : 1);
-                         if (typeSort !== 0) return typeSort;
-                         const nameA = a.name || a.original_filename || '';
-                         const nameB = b.name || b.original_filename || '';
-                         return nameA.localeCompare(nameB, undefined, { numeric: true, sensitivity: 'base' });
-                     }));
-                     tg.BackButton.isVisible = folderId !== 'root';
+                     renderItems(currentItems.sort((a, b) => (a.type !== 'folder') - (b.type !== 'folder') || (a.name || a.original_filename || '').localeCompare(b.name || b.original_filename || '')));
+                     // Update title based on final breadcrumb
+                     if (data.breadcrumbs && data.breadcrumbs.length > 0) {
+                         currentFolderTitleEl.textContent = `Содержимое: ${data.breadcrumbs[data.breadcrumbs.length - 1].name}`;
+                     } else {
+                          currentFolderTitleEl.textContent = `Содержимое: Root`;
+                     }
                 } else {
-                    showFlash(data.message || 'Failed to load folder content.', 'error');
+                    showFlash(data.message || 'Не удалось загрузить содержимое папки.', 'error');
+                    // Optionally revert title or show error in grid
+                    currentFolderTitleEl.textContent = `Ошибка загрузки папки`;
+                    fileGridContainerEl.innerHTML = `<p style="color: var(--destructive-color); grid-column: 1 / -1; text-align: center;">${data.message || 'Ошибка загрузки.'}</p>`;
                 }
             } catch (error) {
-                 flashContainerEl.innerHTML = ''; // Clear loading flash on error too
+                 currentFolderTitleEl.textContent = `Ошибка загрузки папки`;
+                 fileGridContainerEl.innerHTML = `<p style="color: var(--destructive-color); grid-column: 1 / -1; text-align: center;">${error.message || 'Ошибка сети.'}</p>`;
+            } finally {
+                isLoading = false;
             }
         }
 
         async function handleCreateFolder() {
-            closeContextMenu();
             const folderName = newFolderInput.value.trim();
             if (!folderName) {
-                showFlash('Please enter a folder name.', 'error');
+                showFlash('Введите имя папки.', 'error');
+                newFolderInput.focus();
                 return;
             }
-             // Relaxed validation: Check for obviously problematic chars like / \
-             if (/[\\/]/.test(folderName)) {
-                 showFlash('Folder name cannot contain slashes.', 'error');
-                 return;
+            // Basic validation: prevent slashes
+             if (folderName.includes('/') || folderName.includes('\\')) {
+                showFlash('Имя папки не может содержать / или \\.', 'error');
+                return;
              }
+            if (folderName === '.' || folderName === '..') {
+                showFlash('Недопустимое имя папки.', 'error');
+                return;
+            }
 
             createFolderBtn.disabled = true;
-            createFolderBtn.textContent = 'Creating...';
+            createFolderBtn.textContent = 'Создание...';
 
             try {
                 const data = await apiCall('/create_folder', 'POST', {
@@ -919,78 +970,78 @@ HTML_TEMPLATE = """
                     folder_name: folderName
                 });
                 if (data.status === 'ok') {
-                    showFlash(`Folder "${folderName}" created.`, 'success');
+                    showFlash(`Папка "${folderName}" создана.`, 'success');
                     newFolderInput.value = '';
                     loadFolderContent(currentFolderId);
                 } else {
-                    showFlash(data.message || 'Failed to create folder.', 'error');
+                    showFlash(data.message || 'Не удалось создать папку.', 'error');
                 }
             } catch (error) {
-                 // Error handled by apiCall
+                 // Error flash shown by apiCall
             } finally {
                  createFolderBtn.disabled = false;
-                 createFolderBtn.textContent = 'Create Folder';
+                 createFolderBtn.textContent = 'Создать папку';
             }
         }
 
         async function deleteFolder(folderId, folderName) {
-            tg.showConfirm(`Delete the folder "${folderName}"? It must be empty to be deleted.`, async (confirmed) => {
+            tg.showConfirm(`Вы уверены, что хотите удалить папку "${folderName}"? Папку можно удалить только если она ПУСТА. Это действие необратимо.`, async (confirmed) => {
                 if (confirmed) {
-                    showFlash(`Deleting folder "${folderName}"...`, 'info');
                     try {
-                         const data = await apiCall(`/delete_folder/${folderId}`, 'POST', { current_folder_id: currentFolderId });
+                         const data = await apiCall(`/delete_folder/${folderId}`, 'POST', {}); // Removed current_folder_id, not needed on backend
                          if (data.status === 'ok') {
-                             showFlash(`Folder "${folderName}" deleted.`, 'success');
+                             showFlash(`Папка "${folderName}" удалена.`, 'success');
                              loadFolderContent(currentFolderId);
                          } else {
-                             showFlash(data.message || 'Failed to delete folder.', 'error');
+                             showFlash(data.message || 'Не удалось удалить папку.', 'error');
                          }
                      } catch (error) {
-                          // Error handled by apiCall
-                          flashContainerEl.innerHTML = ''; // Clear deleting flash
+                          // Error flash shown by apiCall
                      }
                 }
             });
         }
 
          async function deleteFile(fileId, fileName) {
-             tg.showConfirm(`Delete the file "${fileName}"? This cannot be undone.`, async (confirmed) => {
+             tg.showConfirm(`Вы уверены, что хотите удалить файл "${fileName}"? Это действие необратимо.`, async (confirmed) => {
                  if (confirmed) {
-                      showFlash(`Deleting file "${fileName}"...`, 'info');
                      try {
-                         const data = await apiCall(`/delete_file/${fileId}`, 'POST', { current_folder_id: currentFolderId });
+                         const data = await apiCall(`/delete_file/${fileId}`, 'POST', {}); // Removed current_folder_id, not needed on backend
                          if (data.status === 'ok') {
-                             showFlash(`File "${fileName}" deleted.`, 'success');
+                             showFlash(`Файл "${fileName}" удален.`, 'success');
                              loadFolderContent(currentFolderId);
                          } else {
-                             showFlash(data.message || 'Failed to delete file.', 'error');
+                             showFlash(data.message || 'Не удалось удалить файл.', 'error');
                          }
                      } catch (error) {
-                          // Error handled by apiCall
-                           flashContainerEl.innerHTML = ''; // Clear deleting flash
+                           // Error flash shown by apiCall
                      }
                  }
              });
         }
 
+
         function handleFileUpload(event) {
              event.preventDefault();
-             closeContextMenu();
              const files = fileInput.files;
              if (files.length === 0) {
-                 showFlash('Please select files to upload.', 'error');
+                 showFlash('Выберите файлы для загрузки.', 'error');
                  return;
              }
-              if (files.length > 20) {
-                  showFlash('Maximum 20 files per upload.', 'error');
+             if (files.length > 20) {
+                  showFlash('Максимум 20 файлов за раз.', 'error');
                   return;
-              }
+             }
+             // Basic check for total size (optional, browser limits might apply anyway)
+             // const totalSize = Array.from(files).reduce((acc, file) => acc + file.size, 0);
+             // if (totalSize > MAX_TOTAL_UPLOAD_SIZE) { showFlash('Общий размер файлов слишком велик.', 'error'); return; }
 
              progressContainer.style.display = 'block';
              progressBar.style.width = '0%';
-             progressText.textContent = '0%'; // Keep this for potential future use
+             progressText.textContent = '0%';
              uploadBtn.disabled = true;
-             uploadBtn.textContent = 'Uploading...';
+             uploadBtn.textContent = 'Загрузка...';
+             if (tg.HapticFeedback) tg.HapticFeedback.impactOccurred('light');
 
              const formData = new FormData();
              for (let i = 0; i < files.length; i++) {
@@ -1005,156 +1056,181 @@ HTML_TEMPLATE = """
                  if (event.lengthComputable) {
                      const percentComplete = Math.round((event.loaded / event.total) * 100);
                      progressBar.style.width = percentComplete + '%';
-                     // progressText.textContent = percentComplete + '%'; // Optional text display
+                     progressText.textContent = percentComplete + '%';
+                 } else {
+                      progressBar.style.width = '100%'; // Indeterminate
+                      progressText.textContent = 'Загрузка...';
                  }
              });
 
              xhr.addEventListener('load', function() {
                  uploadBtn.disabled = false;
-                 uploadBtn.textContent = 'Upload Files';
-                 progressContainer.style.display = 'none';
-                 fileInput.value = ''; // Clear selection
+                 uploadBtn.textContent = 'Загрузить файлы сюда';
+                 setTimeout(() => { // Hide progress bar after a short delay
+                     progressContainer.style.display = 'none';
+                     progressBar.style.width = '0%';
+                     progressText.textContent = '0%';
+                 }, 500);
+                 fileInput.value = ''; // Clear file input
 
                  if (xhr.status >= 200 && xhr.status < 300) {
                      try {
                          const data = JSON.parse(xhr.responseText);
                          if (data.status === 'ok') {
-                              showFlash(data.message || `${files.length} file(s) uploaded successfully.`, 'success');
-                              loadFolderContent(currentFolderId); // Refresh
+                              showFlash(data.message || `${files.length} файл(ов) загружено.`, 'success');
+                              loadFolderContent(currentFolderId);
+                              if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred('success');
                          } else {
-                              showFlash(data.message || 'Error processing upload on server.', 'error');
+                              showFlash(data.message || 'Ошибка при обработке загрузки на сервере.', 'error');
+                              if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred('error');
                          }
                      } catch (e) {
-                         showFlash('Received an invalid response from server after upload.', 'error');
+                         console.error("Error parsing upload response:", e, xhr.responseText);
+                         showFlash('Некорректный ответ от сервера после загрузки.', 'error');
+                         if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred('error');
                      }
                  } else {
-                      let errorMsg = `Upload error: ${xhr.statusText || xhr.status}`;
+                      let errorMsg = `Ошибка загрузки: ${xhr.statusText || xhr.status}`;
                        try {
                             const errData = JSON.parse(xhr.responseText);
                             errorMsg = errData.message || errorMsg;
-                        } catch(e) { /* ignore */ }
+                       } catch(e) {}
                       showFlash(errorMsg, 'error');
+                      if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred('error');
                  }
              });
 
              xhr.addEventListener('error', function() {
-                 showFlash('A network error occurred during upload.', 'error');
+                 showFlash('Ошибка сети во время загрузки.', 'error');
                  uploadBtn.disabled = false;
-                 uploadBtn.textContent = 'Upload Files';
+                 uploadBtn.textContent = 'Загрузить файлы сюда';
                  progressContainer.style.display = 'none';
+                 if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred('error');
              });
 
              xhr.addEventListener('abort', function() {
-                 showFlash('Upload was cancelled.', 'error');
+                 showFlash('Загрузка отменена.', 'error');
                  uploadBtn.disabled = false;
-                 uploadBtn.textContent = 'Upload Files';
+                 uploadBtn.textContent = 'Загрузить файлы сюда';
                  progressContainer.style.display = 'none';
              });
 
              xhr.open('POST', '/upload', true);
+             // Consider adding headers if needed, e.g., CSRF token if implemented
              xhr.send(formData);
         }
 
-        function handleBackButton() {
-            closeContextMenu();
-            const currentPath = getCurrentBreadcrumbPath();
-            if (currentPath.length > 1) {
-                 const parentFolder = currentPath[currentPath.length - 2];
-                 loadFolderContent(parentFolder.id);
-             }
-        }
-
-        function getCurrentBreadcrumbPath() {
-             const path = [];
-             breadcrumbsContainerEl.querySelectorAll('a, span.current-folder').forEach(el => {
-                 if (el.tagName === 'A') {
-                     const id = el.onclick.toString().match(/loadFolderContent\('([^']+)'\)/)[1];
-                     path.push({ id: id, name: el.textContent });
-                 } else if (el.classList.contains('current-folder')) {
-                     // Find the ID based on the last rendered item list maybe? Or rely on currentFolderId
-                      path.push({ id: currentFolderId, name: el.textContent });
-                 }
-             });
-             // Add root if it's the only element implicitly
-             if (path.length === 1 && path[0].id === 'root') {
-                // Already have root
-             } else if (!path.some(p=>p.id === 'root') && path.length > 0) {
-                // Should have been added by renderBreadcrumbs, but as fallback:
-                // path.unshift({id: 'root', name: 'Root'})
-             }
-             return path;
-        }
 
         function initializeApp() {
+            console.log("Initializing Telegram Mini App");
             tg.ready();
             tg.expand();
-            // Set theme colors
-            document.documentElement.style.setProperty('--tg-bg-color', tg.themeParams.bg_color);
-            document.documentElement.style.setProperty('--tg-text-color', tg.themeParams.text_color);
-            document.documentElement.style.setProperty('--tg-hint-color', tg.themeParams.hint_color);
-            document.documentElement.style.setProperty('--tg-link-color', tg.themeParams.link_color);
-            document.documentElement.style.setProperty('--tg-button-color', tg.themeParams.button_color);
-            document.documentElement.style.setProperty('--tg-button-text-color', tg.themeParams.button_text_color);
-            document.documentElement.style.setProperty('--tg-secondary-bg-color', tg.themeParams.secondary_bg_color);
-            // Header should blend with secondary bg
+
+            // Apply theme colors immediately
+            document.body.style.setProperty('--tg-theme-bg-color', tg.themeParams.bg_color || '#ffffff');
+            document.body.style.setProperty('--tg-theme-text-color', tg.themeParams.text_color || '#000000');
+            document.body.style.setProperty('--tg-theme-hint-color', tg.themeParams.hint_color || '#999999');
+            document.body.style.setProperty('--tg-theme-link-color', tg.themeParams.link_color || '#2481cc');
+            document.body.style.setProperty('--tg-theme-button-color', tg.themeParams.button_color || '#5288c1');
+            document.body.style.setProperty('--tg-theme-button-text-color', tg.themeParams.button_text_color || '#ffffff');
+            document.body.style.setProperty('--tg-theme-secondary-bg-color', tg.themeParams.secondary_bg_color || '#f1f1f1');
+
+            // Set header color
             tg.setHeaderColor(tg.themeParams.secondary_bg_color || '#f1f1f1');
 
+            // Hide loading, show app skeleton (or loading within app)
+            showAppContent(); // Show app structure immediately
+            loadingEl.style.display = 'none'; // Hide initial full page loader
+
+
             if (!tg.initData) {
-                 showError("Fatal Error: Could not get Telegram authorization data (initData). Please restart the Mini App.");
+                 showError("Критическая ошибка: Не удалось получить данные авторизации Telegram (initData). Пожалуйста, перезапустите Mini App из Telegram.");
                  return;
             }
             validatedInitData = tg.initData;
+            console.log("tg.initData received.");
 
+            // Validate initData with the backend
              fetch('/validate_init_data', {
                  method: 'POST',
                  headers: { 'Content-Type': 'application/json' },
                  body: JSON.stringify({ initData: validatedInitData })
              })
-             .then(response => {
-                if (!response.ok) {
-                    // Try to parse error message from server if possible
-                    return response.json().then(errData => {
-                        throw new Error(errData.message || `Server error: ${response.status}`);
-                    }).catch(() => {
-                        // If parsing error fails, throw generic status text
-                        throw new Error(`Server error: ${response.statusText} (${response.status})`);
-                    });
-                }
-                return response.json();
-            })
+             .then(response => response.json())
              .then(data => {
                  if (data.status === 'ok' && data.user) {
                      currentUser = data.user;
-                     const username = currentUser.username ? `@${currentUser.username}` : `ID ${currentUser.id}`;
-                     userInfoHeaderEl.textContent = `User: ${currentUser.first_name || ''} ${currentUser.last_name || ''} (${username})`;
-                     showAppContent();
-                     loadFolderContent('root'); // Load root folder initially
-                     // Back button setup
-                     tg.BackButton.onClick(handleBackButton);
-                     tg.BackButton.show(); // Show it initially, visibility controlled in loadFolderContent
+                     console.log("User validated:", currentUser);
+                     userInfoHeaderEl.textContent = `Пользователь: ${currentUser.first_name || ''} ${currentUser.last_name || ''} (${currentUser.username ? '@' + currentUser.username : currentUser.id})`;
+                     // Successfully validated, load root folder content
+                     loadFolderContent('root');
                  } else {
-                     throw new Error(data.message || 'User verification failed.');
+                     // Validation failed on backend
+                     throw new Error(data.message || 'Не удалось верифицировать пользователя на сервере.');
                  }
              })
              .catch(error => {
-                 console.error("Initialization or Validation failed:", error);
-                 showError(`Authorization Error: ${error.message}. Please try restarting the app.`);
-                 validatedInitData = null; // Invalidate data on error
+                 console.error("Validation or initial load failed:", error);
+                 // Show error within the app container instead of replacing the whole page
+                 showError(`Ошибка инициализации: ${error.message}. Попробуйте перезапустить приложение.`);
+                 validatedInitData = null; // Invalidate data
              });
 
+            // Add event listeners
             uploadForm.addEventListener('submit', handleFileUpload);
             createFolderBtn.addEventListener('click', handleCreateFolder);
-            // Close context menu on scroll
-            document.addEventListener('scroll', closeContextMenu, true);
+            newFolderInput.addEventListener('keypress', (e) => {
+                 if (e.key === 'Enter') {
+                     handleCreateFolder();
+                 }
+            });
+
+            // Back button handling (optional, basic example)
+            // tg.BackButton.onClick(() => {
+            //     console.log("Back button clicked");
+            //     if (currentFolderId !== 'root') {
+            //         // Find parent ID from breadcrumbs (less efficient but simple)
+            //         const links = breadcrumbsContainerEl.querySelectorAll('a');
+            //         if (links.length > 0) {
+            //             const parentLink = links[links.length - 1];
+            //             const parentId = parentLink.onclick.toString().match(/'([^']+)'/)[1];
+            //             if (parentId) {
+            //                  loadFolderContent(parentId);
+            //             } else { loadFolderContent('root'); } // Fallback
+            //         } else {
+            //             loadFolderContent('root'); // Fallback if only root crumb exists
+            //         }
+            //     } else {
+            //         // At root, maybe close the app?
+            //         // tg.close();
+            //     }
+            // });
+
+            // // Show/hide back button (call this within loadFolderContent maybe)
+            // if (currentFolderId !== 'root') {
+            //     tg.BackButton.show();
+            // } else {
+            //     tg.BackButton.hide();
+            // }
         }
 
-        initializeApp();
+
+        // --- Start the App ---
+        try {
+            initializeApp();
+        } catch (e) {
+            console.error("Error during initialization:", e);
+            showError("Произошла критическая ошибка при запуске приложения. " + e.message);
+        }
 
     </script>
 </body>
 </html>
 """
 
+
+# --- Flask Routes ---
+
 @app.route('/')
 def index():
     return Response(HTML_TEMPLATE, mimetype='text/html')
@@ -1169,7 +1245,7 @@ def validate_init_data():
     user_info = check_telegram_authorization(init_data, BOT_TOKEN)
 
     if user_info and 'id' in user_info:
-        tg_user_id = str(user_info['id'])
+        tg_user_id = str(user_info['id']) # Ensure string ID
         try:
             db_data = load_data()
             users = db_data.setdefault('users', {})
@@ -1184,40 +1260,40 @@ def validate_init_data():
                 initialize_user_filesystem(users[tg_user_id])
                 needs_save = True
             else:
-                # Ensure filesystem exists and update user info if necessary
-                 if 'filesystem' not in users[tg_user_id]:
-                     initialize_user_filesystem(users[tg_user_id])
-                     needs_save = True
-                 if users[tg_user_id].get('user_info') != user_info:
+                # Ensure filesystem exists for existing users
+                if 'filesystem' not in users[tg_user_id]:
+                    logging.warning(f"Filesystem missing for existing user {tg_user_id}. Initializing.")
+                    initialize_user_filesystem(users[tg_user_id])
+                    needs_save = True
+                # Optionally update user_info if changed (e.g., username update)
+                if users[tg_user_id].get('user_info') != user_info:
                      users[tg_user_id]['user_info'] = user_info
                      needs_save = True
 
+
             if needs_save:
-                save_data(db_data) # save_data now handles potential errors internally
+                save_data(db_data) # save_data now handles its own exceptions and logging
 
             return jsonify({"status": "ok", "user": user_info})
 
-        except ValueError as ve: # Catch potential save_data validation error
-             logging.error(f"Data validation error during user init/update for {tg_user_id}: {ve}")
-             return jsonify({"status": "error", "message": "Internal data error during user initialization."}), 500
         except Exception as e:
-             logging.error(f"Failed to load/save data for user {tg_user_id} during validation: {e}")
-             # Don't expose detailed error message to client
-             return jsonify({"status": "error", "message": "Server error processing user data."}), 500
+             # This catches errors during load_data or save_data if they bubble up
+             logging.critical(f"Failed to load/save data for user {tg_user_id} during validation: {e}", exc_info=True)
+             return jsonify({"status": "error", "message": "Ошибка сервера при обработке данных пользователя."}), 500
     else:
-        logging.warning(f"Validation failed for initData: {init_data[:100]}...")
-        return jsonify({"status": "error", "message": "Invalid authorization data."}), 403
+        logging.warning(f"Validation failed for initData provided.")
+        return jsonify({"status": "error", "message": "Недействительные данные авторизации Telegram."}), 403
 
 
 @app.route('/get_dashboard_data', methods=['POST'])
 def get_dashboard_data():
     data = request.get_json()
     if not data or 'initData' not in data or 'folder_id' not in data:
-        return jsonify({"status": "error", "message": "Incomplete request"}), 400
+        return jsonify({"status": "error", "message": "Неполный запрос (отсутствует initData или folder_id)"}), 400
 
     user_info = check_telegram_authorization(data['initData'], BOT_TOKEN)
     if not user_info or 'id' not in user_info:
-        return jsonify({"status": "error", "message": "Not authorized"}), 403
+        return jsonify({"status": "error", "message": "Ошибка авторизации"}), 403
 
     tg_user_id = str(user_info['id'])
     folder_id = data['folder_id']
@@ -1228,39 +1304,32 @@ def get_dashboard_data():
 
         if not user_data or 'filesystem' not in user_data:
              logging.error(f"User data or filesystem missing for validated user {tg_user_id}")
-             # Attempt re-initialization (might happen if DB load failed previously)
-             db_data.setdefault('users', {})
-             if tg_user_id not in db_data['users']: db_data['users'][tg_user_id] = {}
-             initialize_user_filesystem(db_data['users'][tg_user_id])
-             user_data = db_data['users'][tg_user_id]
-             try:
-                 save_data(db_data) # Try saving the initialized structure
-             except Exception as save_err:
-                 logging.error(f"Failed to save re-initialized filesystem for {tg_user_id}: {save_err}")
-             # Continue with the (now initialized) empty filesystem if save failed
-             # but log that it happened. Fallback to error if re-init also fails structurally.
-             if not user_data or 'filesystem' not in user_data:
-                  return jsonify({"status": "error", "message": "User data error"}), 500
+             # Attempt to re-initialize if missing, might indicate data inconsistency
+             if tg_user_id in db_data.get('users', {}):
+                  logging.warning(f"Attempting to re-initialize filesystem for {tg_user_id}")
+                  initialize_user_filesystem(db_data['users'][tg_user_id])
+                  save_data(db_data)
+                  user_data = db_data['users'][tg_user_id] # Re-fetch user_data
+                  if not user_data or 'filesystem' not in user_data: # Check again
+                      raise ValueError("Failed to re-initialize filesystem.")
+             else:
+                 raise ValueError("User entry completely missing after validation.")
 
 
         current_folder, _ = find_node_by_id(user_data['filesystem'], folder_id)
 
         if not current_folder or current_folder.get('type') != 'folder':
-            logging.warning(f"Folder {folder_id} not found for user {tg_user_id}. Defaulting to root.")
-            folder_id = 'root'
+            logging.warning(f"Folder '{folder_id}' not found or not a folder for user {tg_user_id}. Defaulting to root.")
+            folder_id = 'root' # Reset to root
             current_folder, _ = find_node_by_id(user_data['filesystem'], folder_id)
             if not current_folder:
-                 logging.critical(f"CRITICAL: Root folder not found for user {tg_user_id}")
-                 # Attempt to fix root
-                 initialize_user_filesystem(user_data)
-                 current_folder, _ = find_node_by_id(user_data['filesystem'], 'root')
-                 if not current_folder: # If still not found after re-init
-                    return jsonify({"status": "error", "message": "Critical error: Root folder missing"}), 500
-                 else:
-                     try: save_data(db_data) # Save the fixed structure
-                     except Exception: pass # Logged in save_data
+                 logging.critical(f"CRITICAL: Root folder node not found for user {tg_user_id} even after defaulting.")
+                 return jsonify({"status": "error", "message": "Критическая ошибка: Корневая папка отсутствует"}), 500
 
         items_in_folder = current_folder.get('children', [])
+        # Ensure items are dicts before sending
+        items_in_folder = [item for item in items_in_folder if isinstance(item, dict)]
+
         breadcrumbs = get_node_path_list(user_data['filesystem'], folder_id)
 
         current_folder_info = {
@@ -1274,9 +1343,13 @@ def get_dashboard_data():
             "breadcrumbs": breadcrumbs,
             "current_folder": current_folder_info
         })
+
+    except ValueError as ve:
+         logging.error(f"Data integrity issue for user {tg_user_id}: {ve}", exc_info=True)
+         return jsonify({"status": "error", "message": f"Ошибка данных пользователя: {ve}"}), 500
     except Exception as e:
-        logging.error(f"Error loading dashboard data for {tg_user_id}, folder {folder_id}: {e}")
-        return jsonify({"status": "error", "message": "Server error loading folder data."}), 500
+         logging.error(f"Error in get_dashboard_data for user {tg_user_id}, folder {folder_id}: {e}", exc_info=True)
+         return jsonify({"status": "error", "message": "Внутренняя ошибка сервера при получении данных."}), 500
 
 
 @app.route('/upload', methods=['POST'])
@@ -1287,39 +1360,31 @@ def upload_files():
 
     user_info = check_telegram_authorization(init_data, BOT_TOKEN)
     if not user_info or 'id' not in user_info:
-        return jsonify({"status": "error", "message": "Not authorized"}), 403
+        return jsonify({"status": "error", "message": "Ошибка авторизации"}), 403
 
     tg_user_id = str(user_info['id'])
 
     if not HF_TOKEN_WRITE:
-        return jsonify({'status': 'error', 'message': 'Upload configuration error on server.'}), 500
+        logging.error("Upload attempt failed: HF_TOKEN_WRITE not configured.")
+        return jsonify({'status': 'error', 'message': 'Загрузка невозможна: Ошибка конфигурации сервера.'}), 503 # Service Unavailable
 
     if not files or all(not f.filename for f in files):
-        return jsonify({'status': 'error', 'message': 'No files selected for upload.'}), 400
+        return jsonify({'status': 'error', 'message': 'Файлы для загрузки не выбраны.'}), 400
 
     if len(files) > 20:
-         return jsonify({'status': 'error', 'message': 'Maximum 20 files per upload.'}), 400
+         return jsonify({'status': 'error', 'message': 'Превышен лимит файлов (максимум 20 за раз).'}), 413 # Payload Too Large
 
     try:
         db_data = load_data()
         user_data = db_data.get('users', {}).get(tg_user_id)
         if not user_data or 'filesystem' not in user_data:
-             # Attempt re-initialization same as in get_dashboard_data
-             db_data.setdefault('users', {})
-             if tg_user_id not in db_data['users']: db_data['users'][tg_user_id] = {}
-             initialize_user_filesystem(db_data['users'][tg_user_id])
-             user_data = db_data['users'][tg_user_id]
-             # No save here, let the successful upload save trigger it
-             if not user_data or 'filesystem' not in user_data:
-                 return jsonify({"status": "error", "message": "User data error"}), 500
+             logging.error(f"User data or filesystem missing during upload for {tg_user_id}")
+             return jsonify({"status": "error", "message": "Ошибка данных пользователя на сервере"}), 500
 
         target_folder_node, _ = find_node_by_id(user_data['filesystem'], current_folder_id)
         if not target_folder_node or target_folder_node.get('type') != 'folder':
-             # Default to root if target not found
-             current_folder_id = 'root'
-             target_folder_node, _ = find_node_by_id(user_data['filesystem'], current_folder_id)
-             if not target_folder_node:
-                  return jsonify({'status': 'error', 'message': 'Target folder not found!'}), 404
+             logging.error(f"Target folder {current_folder_id} not found for upload by {tg_user_id}")
+             return jsonify({'status': 'error', 'message': 'Выбранная папка не найдена или недоступна.'}), 404
 
         api = HfApi()
         uploaded_count = 0
@@ -1329,486 +1394,536 @@ def upload_files():
         for file in files:
             if file and file.filename:
                 original_filename = secure_filename(file.filename)
+                if not original_filename:
+                    logging.warning(f"Skipping file with potentially unsafe name before sanitization: {file.filename}")
+                    errors.append(f"Пропущен файл с недопустимым именем: {file.filename}")
+                    continue
+
                 name_part, ext_part = os.path.splitext(original_filename)
                 unique_suffix = uuid.uuid4().hex[:8]
-                # Ensure unique_filename doesn't accidentally create hidden files if name starts with '.'
-                safe_name_part = name_part.lstrip('.')
-                unique_filename = f"{safe_name_part}_{unique_suffix}{ext_part}" if safe_name_part else f"file_{unique_suffix}{ext_part}"
-
+                # Ensure filename isn't excessively long after adding suffix
+                max_name_len = 200
+                unique_filename = f"{name_part[:max_name_len - len(ext_part) - 9]}_{unique_suffix}{ext_part}" # Truncate if needed
                 file_id = uuid.uuid4().hex
-                # Use file_id in path for uniqueness, less reliance on potentially long/complex filenames
-                hf_path = f"cloud_files/{tg_user_id}/{file_id}{ext_part}" # Simpler HF path
+
+                # Construct path using user ID and a unique file ID prefix for less chance of collision
+                hf_path = f"cloud_files/{tg_user_id}/{file_id[:2]}/{file_id}_{unique_filename}"
                 temp_path = os.path.join(UPLOAD_FOLDER, f"{file_id}_{unique_filename}")
 
                 try:
                     file.save(temp_path)
-                    logging.info(f"Uploading {original_filename} for {tg_user_id} to HF path {hf_path}")
+                    logging.info(f"Uploading {original_filename} ({unique_filename}) to HF path: {hf_path} for user {tg_user_id}")
                     api.upload_file(
                         path_or_fileobj=temp_path, path_in_repo=hf_path,
                         repo_id=REPO_ID, repo_type="dataset", token=HF_TOKEN_WRITE,
-                        commit_message=f"User {tg_user_id} uploaded {original_filename}"
+                        commit_message=f"User {tg_user_id} upload {original_filename}",
+                        # run_as_future=True # Consider running sequentially for easier error handling? Let's keep sequential.
                     )
+                    logging.info(f"Successfully uploaded to HF: {hf_path}")
 
                     file_info = {
                         'type': 'file', 'id': file_id,
-                        'original_filename': original_filename,
-                        'path': hf_path, # Store the simplified path
-                        'file_type': get_file_type(original_filename),
+                        'original_filename': original_filename, 'unique_filename': unique_filename,
+                        'path': hf_path, 'file_type': get_file_type(original_filename),
                         'upload_date': datetime.now().strftime('%Y-%m-%d %H:%M:%S')
+                        # Consider adding file size: 'size': os.path.getsize(temp_path)
                     }
 
                     if add_node(user_data['filesystem'], current_folder_id, file_info):
                         uploaded_count += 1
                         needs_save = True
-                        logging.info(f"Successfully added node for {file_id} ({original_filename})")
+                        logging.info(f"Added node {file_id} to folder {current_folder_id} in DB for user {tg_user_id}")
                     else:
-                        errors.append(f"Error adding metadata for {original_filename}.")
-                        logging.error(f"Failed add_node for {file_id} to {current_folder_id} for {tg_user_id}")
-                        # Attempt to delete the orphaned file from HF
+                        # This should ideally not happen if target_folder_node was found
+                        error_msg = f"Критическая ошибка: Не удалось добавить метаданные для {original_filename} в папку {current_folder_id}."
+                        errors.append(error_msg)
+                        logging.error(f"{error_msg} User: {tg_user_id}")
+                        # Attempt to clean up orphaned HF file
                         try:
-                             logging.warning(f"Attempting delete of orphaned HF file: {hf_path}")
+                             logging.warning(f"Attempting to delete orphaned HF file: {hf_path}")
                              api.delete_file(path_in_repo=hf_path, repo_id=REPO_ID, repo_type="dataset", token=HF_TOKEN_WRITE)
                         except Exception as del_err:
-                             logging.error(f"Failed deleting orphaned HF file {hf_path}: {del_err}")
+                             logging.error(f"Failed deleting orphaned HF file {hf_path} after DB add failure: {del_err}")
 
                 except Exception as e:
-                    logging.exception(f"Upload error for {original_filename} ({tg_user_id}): {e}") # Use exception for traceback
-                    errors.append(f"Upload error for {original_filename}")
+                    error_msg = f"Ошибка загрузки файла {original_filename}: {str(e)[:100]}" # Limit error msg length
+                    logging.error(f"Upload error for {original_filename} (User: {tg_user_id}, Path: {hf_path}): {e}", exc_info=True)
+                    errors.append(error_msg)
+                    # If file exists on HF but failed DB add, or failed upload, try to clean temp
                 finally:
                     if os.path.exists(temp_path):
                         try: os.remove(temp_path)
                         except OSError as e: logging.error(f"Error removing temp file {temp_path}: {e}")
 
         if needs_save:
-            save_data(db_data) # Let save_data handle its internal errors
+            try:
+                save_data(db_data)
+            except Exception as e:
+                 # save_data logs critical errors, just report failure
+                 logging.error(f"Error saving DB after upload for {tg_user_id}: {e}", exc_info=True)
+                 errors.append("Критическая ошибка сохранения метаданных после загрузки.")
+                 # If save fails, the newly added nodes are lost on next load, but HF files remain. Manual cleanup might be needed.
 
-        final_message = f"{uploaded_count} file(s) uploaded."
+        final_message = f"{uploaded_count} из {len(files)} файл(ов) загружено."
+        status = "ok"
         if errors:
-            final_message += f" Errors occurred with {len(errors)} file(s)."
+            final_message += " Ошибки: " + "; ".join(errors)
+            status = "error" if uploaded_count == 0 else "partial_success" # Custom status? Let's stick to ok/error for simplicity client side
 
         return jsonify({
-            "status": "ok" if uploaded_count > 0 and not errors else "error", # OK if at least one succeeded without error
+            "status": "ok" if not errors else "error", # Keep it simple for client
             "message": final_message
         })
 
     except Exception as e:
-        logging.exception(f"Unhandled error during file upload process for user {tg_user_id}: {e}")
-        return jsonify({"status": "error", "message": "An unexpected server error occurred during upload."}), 500
+        logging.critical(f"Unexpected critical error during /upload for user {tg_user_id}: {e}", exc_info=True)
+        return jsonify({"status": "error", "message": "Непредвиденная ошибка сервера во время загрузки."}), 500
 
 
 @app.route('/create_folder', methods=['POST'])
 def create_folder():
     data = request.get_json()
     if not data or 'initData' not in data or 'parent_folder_id' not in data or 'folder_name' not in data:
-         return jsonify({"status": "error", "message": "Incomplete request"}), 400
+         return jsonify({"status": "error", "message": "Неполный запрос"}), 400
 
     user_info = check_telegram_authorization(data['initData'], BOT_TOKEN)
     if not user_info or 'id' not in user_info:
-        return jsonify({"status": "error", "message": "Not authorized"}), 403
+        return jsonify({"status": "error", "message": "Ошибка авторизации"}), 403
 
     tg_user_id = str(user_info['id'])
     parent_folder_id = data['parent_folder_id']
     folder_name = data['folder_name'].strip()
 
     if not folder_name:
-        return jsonify({'status': 'error', 'message': 'Folder name cannot be empty.'}), 400
-    if '/' in folder_name or '\\' in folder_name:
-        return jsonify({'status': 'error', 'message': 'Folder name contains invalid characters.'}), 400
-    if len(folder_name) > 100: # Add a length limit
-         return jsonify({'status': 'error', 'message': 'Folder name is too long (max 100 chars).'}), 400
+        return jsonify({'status': 'error', 'message': 'Имя папки не может быть пустым.'}), 400
+    # Basic validation against problematic chars
+    if any(c in folder_name for c in ['/', '\\', ':', '*', '?', '"', '<', '>', '|']):
+         return jsonify({'status': 'error', 'message': 'Имя папки содержит недопустимые символы.'}), 400
+    if folder_name == '.' or folder_name == '..':
+        return jsonify({'status': 'error', 'message': 'Недопустимое имя папки.'}), 400
+    if len(folder_name) > 100: # Limit folder name length
+         return jsonify({'status': 'error', 'message': 'Имя папки слишком длинное (макс. 100 символов).'}), 400
 
     try:
         db_data = load_data()
         user_data = db_data.get('users', {}).get(tg_user_id)
         if not user_data or 'filesystem' not in user_data:
-             # Attempt re-initialization
-             db_data.setdefault('users', {})
-             if tg_user_id not in db_data['users']: db_data['users'][tg_user_id] = {}
-             initialize_user_filesystem(db_data['users'][tg_user_id])
-             user_data = db_data['users'][tg_user_id]
-             if not user_data or 'filesystem' not in user_data:
-                 return jsonify({"status": "error", "message": "User data error"}), 500
+             logging.error(f"User data or filesystem missing during folder creation for {tg_user_id}")
+             return jsonify({"status": "error", "message": "Ошибка данных пользователя на сервере"}), 500
 
         # Check if folder with the same name already exists in the parent
         parent_node, _ = find_node_by_id(user_data['filesystem'], parent_folder_id)
-        if parent_node and parent_node.get('type') == 'folder':
-            existing_names = {child.get('name', '').lower() for child in parent_node.get('children', []) if child.get('type') == 'folder'}
-            if folder_name.lower() in existing_names:
-                return jsonify({'status': 'error', 'message': f'A folder named "{folder_name}" already exists here.'}), 400
-        else:
-             # If parent somehow isn't found or isn't a folder, default to root
-             parent_folder_id = 'root'
-             parent_node, _ = find_node_by_id(user_data['filesystem'], parent_folder_id)
-             if not parent_node: # Should not happen if root init works
-                 return jsonify({'status': 'error', 'message': 'Cannot find target folder.'}), 404
+        if parent_node and parent_node.get('type') == 'folder' and 'children' in parent_node:
+             if any(isinstance(child, dict) and child.get('type') == 'folder' and child.get('name') == folder_name for child in parent_node['children']):
+                 return jsonify({'status': 'error', 'message': f'Папка с именем "{folder_name}" уже существует здесь.'}), 409 # Conflict
 
 
         folder_id = uuid.uuid4().hex
         folder_data = {
             'type': 'folder', 'id': folder_id,
             'name': folder_name, 'children': []
+            # Add creation date? 'created_date': datetime.now().strftime('%Y-%m-%d %H:%M:%S')
         }
 
         if add_node(user_data['filesystem'], parent_folder_id, folder_data):
-            save_data(db_data)
-            return jsonify({'status': 'ok', 'message': f'Folder "{folder_name}" created.'})
+            try:
+                save_data(db_data)
+                logging.info(f"Folder '{folder_name}' ({folder_id}) created for user {tg_user_id} in parent {parent_folder_id}")
+                return jsonify({'status': 'ok', 'message': f'Папка "{folder_name}" создана.'})
+            except Exception as e:
+                # save_data logs critical errors
+                return jsonify({'status': 'error', 'message': 'Ошибка сохранения данных после создания папки.'}), 500
         else:
-            # This case might indicate an issue with find_node_by_id or data structure
-            logging.error(f"add_node failed unexpectedly for folder creation user {tg_user_id}, parent {parent_folder_id}")
-            return jsonify({'status': 'error', 'message': 'Failed to add folder to the directory structure.'}), 500
+            # This implies parent_folder_id wasn't found or wasn't a folder, which should have been caught earlier by find_node_by_id in add_node logic
+            logging.error(f"add_node failed for folder '{folder_name}' in parent {parent_folder_id} for user {tg_user_id}, despite parent supposedly existing.")
+            return jsonify({'status': 'error', 'message': 'Не удалось найти родительскую папку для создания новой.'}), 404 # Or 500? Parent existed check implies 404?
 
     except Exception as e:
-        logging.exception(f"Error creating folder for user {tg_user_id}: {e}")
-        return jsonify({'status': 'error', 'message': 'An unexpected server error occurred.'}), 500
-
+        logging.critical(f"Unexpected critical error during /create_folder for user {tg_user_id}: {e}", exc_info=True)
+        return jsonify({"status": "error", "message": "Непредвиденная ошибка сервера при создании папки."}), 500
+
+
+# --- Public Routes (No User Auth - Use with Caution) ---
+# These routes rely on finding the file ID across *all* users.
+# If privacy is paramount, these should require authentication matching the owner.
+
+def find_file_globally(file_id: str) -> Tuple[Optional[Dict[str, Any]], Optional[str]]:
+    """ Finds a file node by its ID across all users. """
+    db_data = load_data() # Use cached data
+    for user_id, user_data in db_data.get('users', {}).items():
+         if isinstance(user_data, dict) and 'filesystem' in user_data:
+             node, _ = find_node_by_id(user_data['filesystem'], file_id)
+             if node and node.get('type') == 'file':
+                 return node, user_id
+    return None, None
 
 @app.route('/download/<file_id>')
 def download_file_route(file_id):
-    try:
-        db_data = load_data()
-        file_node = None
-        owner_user_id = None
+    file_node, owner_user_id = find_file_globally(file_id)
 
-        for user_id, user_data in db_data.get('users', {}).items():
-             if 'filesystem' in user_data:
-                 node, _ = find_node_by_id(user_data['filesystem'], file_id)
-                 if node and node.get('type') == 'file':
-                     file_node = node
-                     owner_user_id = user_id
-                     break
+    if not file_node:
+         return Response("Файл не найден", status=404)
 
-        if not file_node:
-             return Response("File not found", status=404)
+    hf_path = file_node.get('path')
+    original_filename = file_node.get('original_filename', f'{file_id}_download')
 
-        hf_path = file_node.get('path')
-        original_filename = file_node.get('original_filename', f'{file_id}_download')
-
-        if not hf_path:
-            logging.error(f"Missing HF path for file ID {file_id} (owner: {owner_user_id})")
-            return Response("Error: File path missing", status=500)
+    if not hf_path:
+        logging.error(f"Missing HF path for file ID {file_id} (Owner: {owner_user_id})")
+        return Response("Ошибка: Путь к файлу не найден в метаданных", status=500)
 
-        # Construct the URL without ?download=true initially for potential streaming/preview
-        file_url_base = f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{hf_path}"
-        # Add download=true for direct download trigger
-        file_url_download = file_url_base + "?download=true"
+    file_url = f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{hf_path}?download=true"
+    logging.info(f"Serving download for file ID {file_id} (Owner: {owner_user_id}) from HF path: {hf_path}")
 
+    try:
         headers = {}
         if HF_TOKEN_READ:
             headers["authorization"] = f"Bearer {HF_TOKEN_READ}"
 
-        response = requests.get(file_url_download, headers=headers, stream=True, timeout=60) # Increased timeout
+        # Make a HEAD request first to get Content-Type and check existence/size? Optional optimization.
+        response = requests.get(file_url, headers=headers, stream=True, timeout=30)
         response.raise_for_status()
 
-        # Try to encode filename properly for Content-Disposition
+        content_type = response.headers.get('Content-Type', 'application/octet-stream')
+        # A more robust way to handle filename encoding for Content-Disposition
         try:
-            # Simplest ASCII-safe version
-            encoded_filename_ascii = original_filename.encode('ascii', 'ignore').decode('ascii')
-            disposition = f'attachment; filename="{encoded_filename_ascii}"'
-            # Attempt UTF-8 version (might not be supported by all clients but better for non-ASCII)
-            encoded_filename_utf8 = urlencode({'filename': original_filename}, encoding='utf-8')[9:]
-            disposition += f"; filename*=UTF-8''{encoded_filename_utf8}"
-        except Exception:
-             # Fallback if encoding fails
-             disposition = f'attachment; filename="downloaded_file"'
-             logging.warning(f"Could not properly encode filename {original_filename} for download.")
+            # Try UTF-8 first
+            encoded_filename = original_filename.encode('utf-8').decode('latin-1')
+            disposition = f"attachment; filename=\"{encoded_filename}\"; filename*=UTF-8''{urlencode({'': original_filename})[1:]}"
+        except UnicodeEncodeError:
+            # Fallback for simpler names
+            ascii_filename = ''.join(c for c in original_filename if ord(c) < 128) or "download"
+            disposition = f"attachment; filename=\"{ascii_filename}\""
 
 
         return Response(response.iter_content(chunk_size=65536), # Larger chunk size
-                        mimetype=response.headers.get('Content-Type', 'application/octet-stream'),
+                        mimetype=content_type,
                         headers={"Content-Disposition": disposition})
 
     except requests.exceptions.Timeout:
-         logging.error(f"Timeout downloading file from HF ({hf_path}, owner: {owner_user_id})")
-         return Response("Error downloading file (timeout)", status=504)
+        logging.error(f"Timeout downloading file from HF ({hf_path}, owner: {owner_user_id})")
+        return Response(f"Ошибка: Время ожидания от сервера хранения истекло", status=504) # Gateway Timeout
+    except requests.exceptions.HTTPError as e:
+         status_code = e.response.status_code
+         logging.error(f"HTTP error {status_code} downloading file from HF ({hf_path}, owner: {owner_user_id}): {e}")
+         if status_code == 404:
+             return Response("Ошибка: Файл не найден на сервере хранения.", status=404)
+         else:
+              return Response(f"Ошибка скачивания файла с сервера хранения ({status_code})", status=status_code if status_code >= 500 else 502) # Treat client errors as Bad Gateway upstream
     except requests.exceptions.RequestException as e:
-        status_code = e.response.status_code if e.response is not None else 502
-        logging.error(f"Error downloading file from HF ({hf_path}, owner: {owner_user_id}, status: {status_code}): {e}")
-        return Response(f"Error downloading file ({status_code})", status=status_code)
+        logging.error(f"Network error downloading file from HF ({hf_path}, owner: {owner_user_id}): {e}", exc_info=True)
+        return Response(f"Ошибка сети при скачивании файла", status=502) # Bad Gateway
     except Exception as e:
-        logging.exception(f"Unexpected error during download route ({file_id}): {e}")
-        return Response("Internal server error during download", status=500)
+        logging.error(f"Unexpected error during download ({hf_path}, owner: {owner_user_id}): {e}", exc_info=True)
+        return Response("Внутренняя ошибка сервера при обработке скачивания", status=500)
 
 
 @app.route('/delete_file/<file_id>', methods=['POST'])
 def delete_file_route(file_id):
     data = request.get_json()
-    if not data or 'initData' not in data: # current_folder_id not strictly needed for delete itself
-        return jsonify({"status": "error", "message": "Incomplete request"}), 400
+    if not data or 'initData' not in data:
+        # Allow omitting current_folder_id from request as it's not strictly needed for deletion itself
+        return jsonify({"status": "error", "message": "Неполный запрос (отсутствует initData)"}), 400
 
     user_info = check_telegram_authorization(data['initData'], BOT_TOKEN)
     if not user_info or 'id' not in user_info:
-        return jsonify({"status": "error", "message": "Not authorized"}), 403
+        return jsonify({"status": "error", "message": "Ошибка авторизации"}), 403
 
     tg_user_id = str(user_info['id'])
 
     if not HF_TOKEN_WRITE:
-        return jsonify({'status': 'error', 'message': 'Deletion configuration error on server.'}), 500
+        logging.error("Delete attempt failed: HF_TOKEN_WRITE not configured.")
+        return jsonify({'status': 'error', 'message': 'Удаление невозможно: Ошибка конфигурации сервера.'}), 503
 
     try:
         db_data = load_data()
         user_data = db_data.get('users', {}).get(tg_user_id)
         if not user_data or 'filesystem' not in user_data:
-            return jsonify({"status": "error", "message": "User data error"}), 500
+            logging.error(f"User data or filesystem missing during file delete for {tg_user_id}")
+            return jsonify({"status": "error", "message": "Ошибка данных пользователя на сервере"}), 500
 
         file_node, parent_node = find_node_by_id(user_data['filesystem'], file_id)
 
-        if not file_node or file_node.get('type') != 'file': # Parent isn't strictly needed for deletion logic
-            return jsonify({'status': 'error', 'message': 'File not found.'}), 404
+        if not file_node or file_node.get('type') != 'file':
+            # It might exist for another user, but this user doesn't own it here.
+            logging.warning(f"User {tg_user_id} attempted to delete file {file_id}, but it was not found in their filesystem.")
+            return jsonify({'status': 'error', 'message': 'Файл не найден в вашем хранилище.'}), 404
+
+        if not parent_node:
+            # This case should be rare (maybe root files if allowed?), but handle it.
+             logging.error(f"File node {file_id} found for user {tg_user_id}, but has no parent node. Cannot remove from DB correctly.")
+             # Proceed with HF deletion but report DB issue? Or block? Let's block for safety.
+             return jsonify({'status': 'error', 'message': 'Ошибка структуры данных: не найден родитель файла.'}), 500
+
 
         hf_path = file_node.get('path')
-        original_filename = file_node.get('original_filename', 'file')
+        original_filename = file_node.get('original_filename', 'файл')
         needs_save = False
         hf_delete_error = None
 
         if hf_path:
             try:
                 api = HfApi()
-                logging.info(f"Attempting HF delete for user {tg_user_id}, path {hf_path}")
+                logging.info(f"User {tg_user_id} deleting file {file_id} (Orig: {original_filename}) from HF path: {hf_path}")
                 api.delete_file(
                     path_in_repo=hf_path, repo_id=REPO_ID, repo_type="dataset", token=HF_TOKEN_WRITE,
-                    commit_message=f"User {tg_user_id} deleted {original_filename}"
+                    commit_message=f"User {tg_user_id} delete {original_filename}"
                 )
                 logging.info(f"Deleted file {hf_path} from HF Hub for user {tg_user_id}")
             except hf_utils.EntryNotFoundError:
-                logging.warning(f"File {hf_path} not found on HF Hub for delete attempt ({tg_user_id}). Proceeding with DB removal.")
+                logging.warning(f"File {hf_path} not found on HF Hub for delete attempt by user {tg_user_id}. Assuming already deleted or path mismatch.")
+                # Continue to remove from DB
             except Exception as e:
-                logging.exception(f"Error deleting file from HF Hub ({hf_path}, {tg_user_id}): {e}")
-                hf_delete_error = e # Store error but continue to DB removal
+                logging.error(f"Error deleting file from HF Hub ({hf_path}, User: {tg_user_id}): {e}", exc_info=True)
+                hf_delete_error = str(e)
+                # Decide whether to proceed with DB removal despite HF error.
+                # Let's proceed, but report the error. The file might be stuck on HF.
         else:
-            logging.warning(f"File node {file_id} for user {tg_user_id} has no hf_path. Skipping HF delete.")
+            logging.warning(f"File node {file_id} for user {tg_user_id} has no HF path. Removing from DB only.")
+
 
         if remove_node(user_data['filesystem'], file_id):
             needs_save = True
             logging.info(f"Removed file node {file_id} from DB for user {tg_user_id}")
         else:
-            # This is concerning if the node was found initially but couldn't be removed
-            logging.error(f"Failed to remove file node {file_id} from DB structure for {tg_user_id} after finding it.")
-            # If HF delete failed AND DB remove failed, it's a bigger issue
-            if hf_delete_error:
-                 return jsonify({'status': 'error', 'message': f'Error deleting file from storage and database.'}), 500
-            else:
-                 # If HF delete succeeded (or skipped) but DB failed, still report error
-                 return jsonify({'status': 'error', 'message': f'File deleted from storage, but failed to update database.'}), 500
-
+            # This shouldn't happen if file_node and parent_node were found
+            logging.error(f"Failed to remove file node {file_id} from DB structure for {tg_user_id} even after finding node and parent.")
+            # Return error, as DB state is inconsistent
+            return jsonify({'status': 'error', 'message': 'Ошибка удаления файла из базы данных после подтверждения.'}), 500
 
         if needs_save:
-            save_data(db_data) # Let save_data handle its errors
-            if hf_delete_error:
-                # Report success overall but mention the storage delete issue
-                return jsonify({'status': 'ok', 'message': f'File "{original_filename}" removed from list, but encountered an error during storage cleanup.'})
-            else:
-                return jsonify({'status': 'ok', 'message': f'File "{original_filename}" deleted.'})
+            try:
+                save_data(db_data)
+                if hf_delete_error:
+                     return jsonify({'status': 'ok', 'message': f'Файл "{original_filename}" удален из списка, но произошла ошибка при удалении с сервера хранения: {hf_delete_error}'})
+                else:
+                    return jsonify({'status': 'ok', 'message': f'Файл "{original_filename}" удален.'})
+            except Exception as e:
+                # save_data logs critical errors
+                return jsonify({'status': 'error', 'message': 'Файл удален (или была ошибка на сервере хранения), но произошла критическая ошибка сохранения базы данных.'}), 500
         else:
-             # Should not be reached if remove_node logic above is correct
-             return jsonify({'status': 'error', 'message': 'Failed to remove file from database.'}), 500
+             # Should have been caught by the remove_node check above
+             return jsonify({'status': 'error', 'message': 'Не удалось удалить узел файла из структуры данных.'}), 500
 
     except Exception as e:
-        logging.exception(f"Unhandled error during file deletion for user {tg_user_id}, file {file_id}: {e}")
-        return jsonify({'status': 'error', 'message': 'An unexpected server error occurred during deletion.'}), 500
+        logging.critical(f"Unexpected critical error during /delete_file/{file_id} for user {tg_user_id}: {e}", exc_info=True)
+        return jsonify({"status": "error", "message": "Непредвиденная ошибка сервера при удалении файла."}), 500
 
 
 @app.route('/delete_folder/<folder_id>', methods=['POST'])
 def delete_folder_route(folder_id):
     if folder_id == 'root':
-         return jsonify({'status': 'error', 'message': 'Cannot delete the root folder.'}), 400
+         return jsonify({'status': 'error', 'message': 'Нельзя удалить корневую папку!'}), 400
 
     data = request.get_json()
     if not data or 'initData' not in data:
-         return jsonify({"status": "error", "message": "Incomplete request"}), 400
+         return jsonify({"status": "error", "message": "Неполный запрос (отсутствует initData)"}), 400
 
     user_info = check_telegram_authorization(data['initData'], BOT_TOKEN)
     if not user_info or 'id' not in user_info:
-        return jsonify({"status": "error", "message": "Not authorized"}), 403
+        return jsonify({"status": "error", "message": "Ошибка авторизации"}), 403
 
     tg_user_id = str(user_info['id'])
 
-    # No HF token needed for folder delete as folders don't exist on HF directly
-
     try:
         db_data = load_data()
         user_data = db_data.get('users', {}).get(tg_user_id)
         if not user_data or 'filesystem' not in user_data:
-            return jsonify({"status": "error", "message": "User data error"}), 500
+            logging.error(f"User data or filesystem missing during folder delete for {tg_user_id}")
+            return jsonify({"status": "error", "message": "Ошибка данных пользователя на сервере"}), 500
 
         folder_node, parent_node = find_node_by_id(user_data['filesystem'], folder_id)
 
         if not folder_node or folder_node.get('type') != 'folder':
-            return jsonify({'status': 'error', 'message': 'Folder not found.'}), 404
+            logging.warning(f"User {tg_user_id} attempted to delete folder {folder_id}, but it was not found in their filesystem.")
+            return jsonify({'status': 'error', 'message': 'Папка не найдена в вашем хранилище.'}), 404
+
+        if not parent_node:
+            # Root cannot be deleted (checked earlier), so any folder must have a parent.
+             logging.error(f"Folder node {folder_id} found for user {tg_user_id}, but has no parent node. Data inconsistency.")
+             return jsonify({'status': 'error', 'message': 'Ошибка структуры данных: не найден родитель папки.'}), 500
 
-        folder_name = folder_node.get('name', 'folder')
+
+        folder_name = folder_node.get('name', 'папка')
 
         # Check if folder is empty
         if folder_node.get('children'):
-            return jsonify({'status': 'error', 'message': f'Folder "{folder_name}" is not empty. Cannot delete.'}), 400
+            logging.warning(f"User {tg_user_id} attempted to delete non-empty folder {folder_id} ('{folder_name}')")
+            return jsonify({'status': 'error', 'message': f'Папку "{folder_name}" можно удалить только если она пуста.'}), 400
 
+        # Proceed with deletion from DB
         if remove_node(user_data['filesystem'], folder_id):
-            save_data(db_data)
-            return jsonify({'status': 'ok', 'message': f'Folder "{folder_name}" deleted.'})
+            try:
+                save_data(db_data)
+                logging.info(f"Folder '{folder_name}' ({folder_id}) deleted by user {tg_user_id}")
+                return jsonify({'status': 'ok', 'message': f'Папка "{folder_name}" удалена.'})
+            except Exception as e:
+                # save_data logs critical errors
+                return jsonify({'status': 'error', 'message': 'Ошибка сохранения базы данных после удаления папки.'}), 500
         else:
-            logging.error(f"Failed to remove empty folder node {folder_id} from DB for {tg_user_id}")
-            return jsonify({'status': 'error', 'message': 'Failed to remove folder from database.'}), 500
+            # Should not happen if node and parent were found
+            logging.error(f"Failed to remove empty folder node {folder_id} from DB for {tg_user_id} even after checks.")
+            return jsonify({'status': 'error', 'message': 'Ошибка удаления папки из базы данных.'}), 500
 
     except Exception as e:
-        logging.exception(f"Error deleting folder for user {tg_user_id}, folder {folder_id}: {e}")
-        return jsonify({'status': 'error', 'message': 'An unexpected server error occurred.'}), 500
+        logging.critical(f"Unexpected critical error during /delete_folder/{folder_id} for user {tg_user_id}: {e}", exc_info=True)
+        return jsonify({"status": "error", "message": "Непредвиденная ошибка сервера при удалении папки."}), 500
 
 
 @app.route('/get_text_content/<file_id>')
 def get_text_content_route(file_id):
-    try:
-        db_data = load_data()
-        file_node = None
-        owner_user_id = None
+    file_node, owner_user_id = find_file_globally(file_id)
 
-        for user_id, user_data in db_data.get('users', {}).items():
-             if 'filesystem' in user_data:
-                 node, _ = find_node_by_id(user_data['filesystem'], file_id)
-                 if node and node.get('type') == 'file' and node.get('file_type') == 'text':
-                     file_node = node
-                     owner_user_id = user_id
-                     break
+    if not file_node:
+        return Response("Файл не найден", status=404)
 
-        if not file_node:
-            return Response("Text file not found", status=404)
+    if file_node.get('file_type') != 'text':
+         return Response("Файл не является текстовым", status=415) # Unsupported Media Type
 
-        hf_path = file_node.get('path')
-        if not hf_path:
-            return Response("Error: file path missing", status=500)
+    hf_path = file_node.get('path')
+    if not hf_path:
+        return Response("Ошибка: путь к файлу отсутствует в метаданных", status=500)
 
-        file_url = f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{hf_path}?download=true"
+    file_url = f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{hf_path}?download=true"
+    logging.info(f"Serving text content for file ID {file_id} (Owner: {owner_user_id}) from HF path: {hf_path}")
 
+    try:
         headers = {}
         if HF_TOKEN_READ:
             headers["authorization"] = f"Bearer {HF_TOKEN_READ}"
 
-        response = requests.get(file_url, headers=headers, timeout=20) # Shorter timeout for text files
+        response = requests.get(file_url, headers=headers, timeout=15)
         response.raise_for_status()
 
-        max_preview_size = 1 * 1024 * 1024 # 1 MB limit for text preview
-        if len(response.content) > max_preview_size:
-             # Don't return 413, maybe return truncated? Or just a message.
-             # Return a message for simplicity
-             return Response("File is too large for preview (>1MB). Please download.", status=413, mimetype='text/plain')
+        # Limit preview size
+        max_preview_size = 2 * 1024 * 1024 # 2 MB limit for text preview
+        if 'Content-Length' in response.headers and int(response.headers['Content-Length']) > max_preview_size:
+             logging.warning(f"Text file {file_id} too large for preview ({response.headers['Content-Length']} bytes)")
+             return Response(f"Файл слишком большой для предпросмотра (>{max_preview_size//1024//1024}MB).", status=413) # Payload Too Large
+
+        content_bytes = response.content
+        if len(content_bytes) > max_preview_size:
+             logging.warning(f"Text file {file_id} fetched content is too large ({len(content_bytes)} bytes)")
+             # Check even if Content-Length was missing or wrong
+             return Response(f"Файл слишком большой для предпросмотра (>{max_preview_size//1024//1024}MB).", status=413)
 
 
         text_content = None
-        detected_encoding = None
         # Try common encodings, starting with UTF-8
-        encodings_to_try = ['utf-8', 'cp1251', 'latin-1', 'windows-1252']
+        encodings_to_try = ['utf-8', 'cp1251', 'cp1252', 'latin-1']
         for enc in encodings_to_try:
              try:
-                 text_content = response.content.decode(enc)
-                 detected_encoding = enc
+                 text_content = content_bytes.decode(enc)
                  logging.info(f"Decoded text file {file_id} using {enc}")
                  break
              except UnicodeDecodeError:
                  continue
-             except Exception as decode_err: # Catch other potential errors
-                 logging.warning(f"Error trying to decode {file_id} with {enc}: {decode_err}")
-                 continue
-
 
         if text_content is None:
-             # Try decoding with replacement if all else fails
+             logging.error(f"Could not decode text file {file_id} with common encodings.")
+             # Try decoding with replacement of errors as a last resort
              try:
-                 text_content = response.content.decode('utf-8', errors='replace')
-                 detected_encoding = 'utf-8 (with replacement)'
-                 logging.warning(f"Could not definitively decode {file_id}, used utf-8 with replacement.")
-             except Exception as final_decode_err:
-                 logging.error(f"Failed all decoding attempts for {file_id}: {final_decode_err}")
-                 return Response("Could not determine file encoding.", status=500)
-
-        # Always return as UTF-8
+                 text_content = content_bytes.decode('utf-8', errors='replace')
+                 logging.warning(f"Decoded text file {file_id} using utf-8 with replacement.")
+             except Exception: # Should not happen with 'replace'
+                 return Response("Не удалось определить кодировку файла или файл поврежден.", status=500)
+
+
         return Response(text_content, mimetype='text/plain; charset=utf-8')
 
     except requests.exceptions.Timeout:
-         logging.error(f"Timeout fetching text content from HF ({hf_path}, owner {owner_user_id})")
-         return Response("Error loading content (timeout)", status=504)
+        logging.error(f"Timeout fetching text content from HF ({hf_path}, owner {owner_user_id})")
+        return Response("Ошибка: Время ожидания от сервера хранения истекло", status=504)
+    except requests.exceptions.HTTPError as e:
+        status_code = e.response.status_code
+        logging.error(f"HTTP error {status_code} fetching text content from HF ({hf_path}, owner {owner_user_id}): {e}")
+        return Response(f"Ошибка загрузки содержимого с сервера хранения ({status_code})", status=status_code if status_code >= 500 else 502)
     except requests.exceptions.RequestException as e:
-        status_code = e.response.status_code if e.response is not None else 502
-        logging.error(f"Error fetching text content from HF ({hf_path}, owner {owner_user_id}, status: {status_code}): {e}")
-        return Response(f"Error loading content ({status_code})", status=status_code)
+        logging.error(f"Network error fetching text content from HF ({hf_path}, owner {owner_user_id}): {e}", exc_info=True)
+        return Response("Ошибка сети при загрузке содержимого", status=502)
     except Exception as e:
-        logging.exception(f"Unexpected error fetching text content ({file_id}): {e}")
-        return Response("Internal server error", status=500)
+        logging.error(f"Unexpected error fetching text content ({hf_path}, owner {owner_user_id}): {e}", exc_info=True)
+        return Response("Внутренняя ошибка сервера при получении текста", status=500)
 
 
 @app.route('/preview_thumb/<file_id>')
 def preview_thumb_route(file_id):
-    # No data loading needed if we assume the URL is constructed correctly client-side
-    # Find the file node just to get the hf_path
-    try:
-        db_data = load_data()
-        file_node = None
-        owner_user_id = None
-
-        for user_id, user_data in db_data.get('users', {}).items():
-            if 'filesystem' in user_data:
-                node, _ = find_node_by_id(user_data['filesystem'], file_id)
-                if node and node.get('type') == 'file' and node.get('file_type') == 'image':
-                     file_node = node
-                     owner_user_id = user_id
-                     break
-
-        if not file_node: return Response("Image not found in metadata", status=404)
-        hf_path = file_node.get('path')
-        if not hf_path: return Response("File path missing in metadata", status=500)
+    file_node, owner_user_id = find_file_globally(file_id)
+
+    if not file_node: return Response("Изображение не найдено", status=404)
+    if file_node.get('file_type') != 'image': return Response("Файл не является изображением", status=415)
+
+    hf_path = file_node.get('path')
+    if not hf_path: return Response("Путь к файлу не найден в метаданных", status=500)
 
-        # Construct URL without download=true for potential browser caching / direct embedding
-        file_url = f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{hf_path}"
+    # Use the direct file URL for previews (not download=true)
+    file_url = f"https://huggingface.co/datasets/{REPO_ID}/resolve/main/{hf_path}"
+    logging.info(f"Serving image preview for file ID {file_id} (Owner: {owner_user_id}) from HF path: {hf_path}")
 
+
+    try:
         headers = {}
         if HF_TOKEN_READ: headers["authorization"] = f"Bearer {HF_TOKEN_READ}"
 
-        response = requests.get(file_url, headers=headers, stream=True, timeout=30) # Generous timeout for images
+        # Use stream=True to avoid loading large images entirely into memory server-side
+        response = requests.get(file_url, headers=headers, stream=True, timeout=20)
         response.raise_for_status()
 
-        # Stream the image content directly
-        return Response(response.iter_content(chunk_size=8192), mimetype=response.headers.get('Content-Type', 'image/jpeg'))
+        content_type = response.headers.get('Content-Type', 'application/octet-stream')
+        # Basic check if it looks like an image type
+        if not content_type.startswith('image/'):
+             logging.warning(f"Content-Type for image preview {file_id} is '{content_type}', expected 'image/'.")
+             # Return potentially incorrect type, or maybe a placeholder? Let's proceed for now.
+
+        return Response(response.iter_content(chunk_size=65536), mimetype=content_type)
 
     except requests.exceptions.Timeout:
-        logging.error(f"Timeout fetching preview from HF ({file_id})")
-        # Return a 1x1 pixel transparent gif as fallback? Or just error.
-        return Response("Timeout loading preview", status=504)
+        logging.error(f"Timeout fetching preview from HF ({hf_path}, owner: {owner_user_id})")
+        return Response("Ошибка: Время ожидания от сервера хранения истекло", status=504)
+    except requests.exceptions.HTTPError as e:
+        status_code = e.response.status_code
+        logging.error(f"HTTP error {status_code} fetching preview from HF ({hf_path}, owner: {owner_user_id}): {e}")
+        # Return appropriate status code, maybe a placeholder image for client errors?
+        return Response(f"Ошибка загрузки превью ({status_code})", status=status_code)
     except requests.exceptions.RequestException as e:
-        status_code = e.response.status_code if e.response is not None else 502
-        logging.error(f"Error fetching preview from HF ({file_id}, status: {status_code}): {e}")
-        return Response(f"Error loading preview ({status_code})", status=status_code)
+        logging.error(f"Network error fetching preview from HF ({hf_path}, owner: {owner_user_id}): {e}", exc_info=True)
+        return Response("Ошибка сети при загру��ке превью", status=502)
     except Exception as e:
-        logging.exception(f"Unexpected error during preview route ({file_id}): {e}")
-        return Response("Internal server error loading preview", status=500)
+        logging.error(f"Unexpected error during preview ({hf_path}, owner: {owner_user_id}): {e}", exc_info=True)
+        return Response("Внутренняя ошибка сервера при загрузке превью", status=500)
 
 
+# --- Main Execution ---
 if __name__ == '__main__':
     print("Starting Flask Server...")
     if not BOT_TOKEN or BOT_TOKEN == 'YOUR_BOT_TOKEN' or ':' not in BOT_TOKEN:
-        print("\n" + "*"*60 +
-              "\n CRITICAL: TELEGRAM_BOT_TOKEN is not set correctly." +
-              "\n Telegram authentication WILL FAIL. Set the environment variable." +
-              "\n" + "*"*60)
+        logging.critical("\n" + "*"*60 +
+                         "\n CRITICAL: TELEGRAM_BOT_TOKEN is not set correctly. " +
+                         "\n Telegram authentication WILL FAIL. Set the environment variable." +
+                         "\n Format should be like '123456:ABC-DEF1234ghij567890'." +
+                         "\n" + "*"*60)
     if not HF_TOKEN_WRITE:
-        print("\n" + "*"*60 +
-              "\n WARNING: HF_TOKEN (write access) is not set." +
-              "\n File uploads, deletions will FAIL." +
-              "\n" + "*"*60)
+        logging.warning("HF_TOKEN (write access) is not set. File uploads and deletions will fail.")
     if not HF_TOKEN_READ:
-        print("\n" + "*"*60 +
-              "\n WARNING: HF_TOKEN_READ is not set (or inherited from HF_TOKEN)." +
-              "\n File downloads/previews might fail for private repos if HF_TOKEN is missing." +
-              "\n" + "*"*60)
-
+        logging.warning("HF_TOKEN_READ is not set (or same as write token). File downloads/previews might fail for private repos if write token lacks read.")
 
-    # Perform initial load to check/create files if needed, but don't block startup for long
-    # load_data() is memoized, so the first request will trigger the real load/download
-    print("Server ready. First request will trigger full data load.")
-
-    # Use waitress for a more production-ready server than Flask's default
-    try:
-        from waitress import serve
-        print("Running with Waitress server on http://0.0.0.0:7860")
-        serve(app, host='0.0.0.0', port=7860, threads=8)
-    except ImportError:
-        print("Waitress not found, running with Flask development server (not recommended for production).")
-        app.run(debug=False, host='0.0.0.0', port=7860)
-
-# --- END OF FILE app (24).py ---
\ No newline at end of file
+    logging.info("Performing initial database sync check with Hugging Face...")
+    download_successful = download_db_from_hf()
+    if download_successful:
+         logging.info("Initial DB sync/download from HF completed successfully.")
+    else:
+         logging.warning("Initial DB download/sync from HF failed or file not found. Will use/create local file.")
+         # Ensure local file exists if download failed and it wasn't there before
+         if not os.path.exists(DATA_FILE):
+              try:
+                  with open(DATA_FILE, 'w', encoding='utf-8') as f:
+                      json.dump({'users': {}}, f, ensure_ascii=False, indent=4)
+                  logging.info(f"Created empty local database file: {DATA_FILE}")
+              except Exception as e:
+                   logging.critical(f"CRITICAL: Failed to create initial empty DB file {DATA_FILE}: {e}")
+
+    logging.info("Starting Flask application server on 0.0.0.0:7860...")
+    # Use waitress or gunicorn in production instead of Flask's development server
+    # For development:
+    app.run(debug=False, host='0.0.0.0', port=7860)
+
+# --- END OF FILE ---