<?php
require_once "db_credentials.php";
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PW, DB_NAME);
if (!$dbc) {
die("Database connection failed: " . mysqli_connect_error());
}
$selectedFile = "";
$fileContent = "";
$query = "SELECT pageName FROM Pages";
$result = mysqli_query($dbc, $query);
$pages = [];
if ($result) {
while ($row = mysqli_fetch_assoc($result)) {
$pages[] = $row['pageName'];
}
mysqli_free_result($result);
} else {
die("Error fetching pages: " . mysqli_error($dbc));
}
if (!empty($_POST["file"])) {
$selectedFile = mysqli_real_escape_string($dbc, $_POST["file"]);
if (!in_array($selectedFile, $pages)) {
die("Invalid file selection.");
}
$query = "SELECT pageContent FROM Pages WHERE pageName = '$selectedFile'";
$result = mysqli_query($dbc, $query);
if ($result) {
$row = mysqli_fetch_assoc($result);
$fileContent = $row['pageContent'];
mysqli_free_result($result);
}
}
if (isset($_POST["save"]) && !empty($_POST["file"])) {
$selectedFile = mysqli_real_escape_string($dbc, $_POST["file"]);
$fileContent = mysqli_real_escape_string($dbc, $_POST["content"]);
if (!in_array($selectedFile, $pages)) {
die("Invalid file selection.");
}
$query = "UPDATE Pages SET pageContent = '$fileContent' WHERE pageName = '$selectedFile'";
if (mysqli_query($dbc, $query)) {
echo "<p>Page content saved successfully!</p>";
} else {
echo "<p>Error saving content: " . mysqli_error($dbc) . "</p>";
}
}
mysqli_close($dbc);
?>
<!DOCTYPE html>
<html>
<head>
<title>Simple CMS</title>
</head>
<body>
<form method="post">
<label>Choose a page:</label>
<select name="file">
<option value="">-- Select --</option>
<?php foreach ($pages as $page) { ?>
<option value="<?php echo htmlspecialchars($page); ?>" <?php if ($page == $selectedFile) echo "selected"; ?>>
<?php echo htmlspecialchars($page); ?>
</option>
<?php } ?>
</select>
<button type="submit" name="load">Load</button>
</form>
<?php if ($selectedFile) { ?>
<form method="post">
<input type="hidden" name="file" value="<?php echo htmlspecialchars($selectedFile); ?>">
<textarea name="content" rows="20" cols="80"><?php echo htmlspecialchars($fileContent, ENT_QUOTES, 'UTF-8'); ?></textarea><br>
<button type="submit" name="save">Save</button>
</form>
<?php } ?>
</body>
</html>