// Custom REST endpoint for direct file editing
add_action('rest_api_init', function() {
  register_rest_route('plu/v1', '/update-file', [
    'methods' => 'POST',
    'callback' => function($req) {
      $file = sanitize_file_name($req->get_param('file'));
      $content = $req->get_param('content');
      $allowed = ['front-page.php','page.php','header.php','footer.php','style.css','404.php'];
      if (!in_array($file, $allowed)) return new WP_Error('invalid','Invalid file',['status'=>400]);
      $path = get_template_directory() . '/' . $file;
      file_put_contents($path, $content);
      return ['status'=>'ok','file'=>$file];
    },
    'permission_callback' => function() { return current_user_can('edit_themes'); }
  ]);
});