security: clean repository without media files and sensitive data

- Removed area/ directory with 816MB of media files
- Removed sensitive FTP credentials from Git history
- Implemented .env.upload system for secure deployments
- Added comprehensive .gitignore for future protection

This commit represents a clean slate with all sensitive data removed.

backend/src/Services/JsonStorageService.php

@@ -0,0 +1,23 @@
+<?php
+
+class JsonStorageService {
+    private static function getFilePath(string $type): string {
+        return __DIR__ . '/../../storage/data/' . $type . '.json';
+    }
+
+    public static function read(string $type): array {
+        $file = self::getFilePath($type);
+        if (!file_exists($file)) {
+            return [];
+        }
+        $json = file_get_contents($file);
+        $data = json_decode($json, true);
+        return is_array($data) ? $data : [];
+    }
+
+    public static function write(string $type, array $data): bool {
+        $file = self::getFilePath($type);
+        $json = json_encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
+        return file_put_contents($file, $json) !== false;
+    }
+}