<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
$LINK = mysqli_connect("127.0.0.1", "janya763", "vOOxhXUhWhgCPWFC", "janya763");
if (!isset($_GET["page"]))
$_GET["page"] = "welcome";
if ($_GET["page"] != "cms") {
$query = "SELECT * FROM pages WHERE title LIKE'" . mysqli_real_escape_string($LINK, $_GET["page"]) . "'ORDER BY title";
$result = mysqli_query($LINK, $query);
if (!$result)
echo mysqli_error($LINK);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="Styles/style.css">
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link
href="https://fonts.googleapis.com/css2?family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000&display=swap"
rel="stylesheet">
<title>CMS - SYSTEM</title>
</head>
<body>
<div class="navigation">
<nav>
<h1>Simple Page</h1>
<ul>
<?php
$secondQuery = "SELECT title FROM pages ORDER BY title ASC";
$result2 = mysqli_query($LINK, $secondQuery);
for ($i = 0; $i < mysqli_num_rows($result2); $i++) {
$row = mysqli_fetch_array($result2);
echo "<li><a href='index.php?page=" . strtolower($row["title"]) . "'>" . $row["title"] . "</a></li>";
}
?>
<!--<li><a href="login.php">Login</a></li>-->
</ul>
</nav>
<?php
$page = isset($_GET["page"]) ? $_GET["page"] : "welcome";
$allowed = ["cms", "welcome", "contact", "about"];
if (in_array($page, $allowed) && $page != "cms" && $result != null):
$row = mysqli_fetch_assoc($result);
?>
</div>
<div class="content">
<h1><?= $row["title"] ?></h1>
<p><?= $row["content"] ?></p>
</div>
<?php
elseif ($page == "cms"):
?></div><div class="content"><?php
include "$page.php";
?></div><?php
else:
?></div><?php
echo "<h2>Page not found</h2>";
endif;
?>
</body>
</html>