Task #2


<!-- All of the content stays in the index -->

<!DOCTYPE html>

<html lang="en">

<head>

    <meta charset="UTF-8">

    <meta name="viewport" content="width=device-width, initial-scale=1.0">

    <title>Home Page</title>

</head>

<body>

    <nav>

        <div>

            <!-- this should get replaced with DB GET, not a page -->

            <a href="index.php?page=welcome">

                Welcome</a>

        </div>

        <div>

            <a href="index.php?page=contact">

                Contact</a>

        </div>

    </nav>

    

    <div id="main">



        

        <?php

                $LINK = mysqli_connect('127.0.0.1','pisjo950','vjPRjFTxDVIoG7)t','pisjo950');



                if(isset($_GET['page']))

                {

                    // get content of the paramter

                    $page = $_GET['page'];



                    // sanitize

                    $page = str_replace('..','',$page);

                    $page = str_replace('/','',$page);

                    $page = str_replace('\\','',$page);



                    $query="SELECT *

                            FROM pages

                            WHERE pagename='$page'";

                    

                    

                    //echo $query;

                    $result=mysqli_query($LINK,$query);

                    if(!$result)echo mysqli_error($LINK);



                    for( $i=0 ; $i<mysqli_num_rows($result);$i++)

                    {

                        $row=mysqli_fetch_assoc($result);



                        echo '<br>';

                        echo $row['content'];

                    }



                    if (isset($_GET['page']) && $_GET['page'] === 'cms') {

                        // Redirige vers la page cms.php si nécessaire

                        header("Location: cms.php");

                        exit();

                    }

                }

            ?>

    </div>



</body>

</html>