<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
date_default_timezone_set('Europe/Luxembourg');
session_start();
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
require_once 'Functions/db_credentials.php';
require_once 'Functions/db_connection.php';
include_once "Functions/errorHandler.php";
// check if $dbc is set
if (!isset($dbc) || !$dbc) {
die("Database connection failed.");
}
// ***************** HANDLE LOGIN *****************
if (isset($_POST["BUTTON_send"])) {
if (empty($_POST["DATA_email"]) || empty($_POST["DATA_password"])) {
setError("Please enter both email and password.");
} else {
$email = $_POST["DATA_email"];
$password = $_POST["DATA_password"];
// ***************** SECURE THE CONNECTION *****************
$query = "SELECT passwordHash, email FROM pierreNimax_user WHERE email = ?";
$stmt = mysqli_prepare($dbc, $query);
if ($stmt) {
mysqli_stmt_bind_param($stmt, "s", $email);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$user = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
// ***************** VERIFY PASSWORD *****************
if (!$user || !password_verify($password, $user["passwordHash"])) {
setError("Invalid email or password.");
} else {
$_SESSION["email"] = $user["email"];
}
} else {
setError("Database error. Please try again later.");
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- SEO Meta Tags -->
<meta name="description" content="Discover the life and achievements of Pierre Nimax, a historical figure known for his contributions to music and culture.">
<meta name="keywords" content="Pierre Nimax, musician, history, biography, Luxembourg, classical music">
<meta name="author" content="Besic Omar">
<!-- Classic piano icon -->
<link rel="icon" type="image/svg" href="Images/classic_piano.svg">
<!-- Inter Light Google Font -->
<link href="https://fonts.googleapis.com/css?family=Inter:300,400,700&display=swap" rel="stylesheet">
<!-- Styles -->
<link rel="stylesheet" href="Styles/styles.css">
<title>Pierre Nimax</title>
</head>
<body>
<?php
include_once "Pages/nav.php";
?>
<main class="cms">
<?php
$page = "timeline"; // default page
if (isset($_GET['page'])) {
$page = $_GET['page'];
}
$filePath = "Pages/" . $page . ".php";
if ($page === "cms") {
include_once "cms.php"; // cms.php is not in Pages folder and has to be checked seperately
} elseif (file_exists($filePath)) {
include_once $filePath;
} else {
http_response_code(404);
include_once "Pages/page_not_found.php";
}
// close the database connection only if it's valid
if (isset($dbc) && $dbc) {
mysqli_close($dbc);
}
?>
<?php include_once "Functions/errorDisplay.php"; ?>
<script type="module" src="Scripts/timeline.js"></script>
</main>
</body>
</html>