-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.php
60 lines (49 loc) · 1.75 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
session_start();
ini_set('display_errors', 0);
error_reporting(E_ALL);
require __DIR__ . '/vendor/autoload.php';
$loader = new \Twig\Loader\FilesystemLoader('html');
$twig = new \Twig\Environment($loader);
include("config.inc.php");
if (isset($config) && is_array($config)) {
try {
$dbh = new PDO('mysql:host=' . $config['db_host'] . ';dbname=' . $config['db_name'] . ';charset=utf8mb4', $config['db_user'], $config['db_password']);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
print "Nie mozna polaczyc sie z baza danych: " . $e->getMessage();
exit();
}
} else {
exit("Nie znaleziono konfiguracji bazy danych.");
}
$allowed_pages = ['main', 'announcements', 'donate', 'login', 'register', 'reservations', 'seatsReservation'];
$protected_pages = ['admin', 'admin_announcements', 'admin_reservations', 'add_article', 'add_reservation', 'edit_article'];
if( isset($_GET['page']) && in_array($_GET['page'], $allowed_pages) ){
$page = $_GET['page'];
if(file_exists($page . '.php')){
include($page . '.php');
} else {
print 'Dany plik nie istnieje!';
}
} else if(isset($_GET['page']) && in_array($_GET['page'], $protected_pages)){
if( isset($_SESSION['permissions']) && $_SESSION['permissions'] > 0){
$page = $_GET['page'];
if(file_exists($page . '.php')){
include($page . '.php');
} else {
print 'Dany plik nie istnieje!';
}
} else {
print 'permission denied';
}
} else{
include('main.php');
}
if (isset($_POST['logoutSubmit'])) {
unset($_SESSION['id']);
unset($_SESSION['email']);
unset($_SESSION['username']);
unset($_SESSION['permissions']);
exit;
}