<?php
session_start();
ob_start();
ini_set('display_errors', 1);
error_reporting(E_ALL);

require_once __DIR__ . '/../src/db_config.php';
require_once __DIR__ . '/../src/functions.php';

$dirPages = __DIR__ . '/../src/pages/';
$rawPage = $_GET['page'] ?? 'login';
$page = preg_replace('/[^a-zA-Z0-9_\-]/', '', $rawPage);

$isAdmin = isset($_SESSION['is_admin']) && $_SESSION['is_admin'] == 1;

if (strpos($page, 'admin') !== false && !$isAdmin) {
    header('Location: index.php?page=login');
    exit;
}

$filepath = $dirPages . $page . '.php';

if (file_exists($filepath)) {
    require $filepath;
} else {
    require $dirPages . 'login.php';
}

ob_end_flush();
?>
