xamxam/public/admin/pages-edit.php

<?php
require_once __DIR__ . "/../../config/bootstrap.php";
require_once __DIR__ . '/../../src/AdminAuth.php';
AdminAuth::requireLogin();

if (empty($_SESSION['csrf_token'])) {
    $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}

require_once __DIR__ . '/../../src/Database.php';

$allowedSlugs = ['about', 'licenses', 'charte', 'contact'];
$slug = $_GET['slug'] ?? '';

if (!in_array($slug, $allowedSlugs)) {
    header('Location: /admin/pages.php');
    exit;
}

try {
    $db = new Database();
    $page = $db->getPage($slug);
    if (!$page) {
        die("Page introuvable.");
    }
} catch (Exception $e) {
    die("Erreur: " . htmlspecialchars($e->getMessage()));
}

$pageTitle = "Éditer : " . htmlspecialchars($page['title']);
?>
<?php require_once APP_ROOT . '/templates/admin/head.php'; ?>

<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/easymde/dist/easymde.min.css">

<main class="admin-main">
    <h1 class="admin-page-title">Éditer : <?= htmlspecialchars($page['title']) ?></h1>

    <form action="/admin/actions/page.php" method="post" class="admin-form">
        <input type="hidden" name="csrf_token" value="<?= htmlspecialchars($_SESSION['csrf_token']) ?>">
        <input type="hidden" name="slug" value="<?= htmlspecialchars($slug) ?>">

        <div class="admin-form-row" style="align-items:start;">
            <label class="admin-label" for="content">Contenu (Markdown) :</label>
            <textarea class="admin-textarea" id="content" name="content"
                      rows="20"><?= htmlspecialchars($page['content'] ?? '') ?></textarea>
        </div>

        <div class="admin-submit-wrap">
            <button type="submit" class="admin-btn">Enregistrer</button>
            <a href="/admin/pages.php" class="admin-btn-secondary" style="margin-left:.75rem;">Annuler</a>
        </div>
    </form>
</main>

<script src="https://cdn.jsdelivr.net/npm/easymde/dist/easymde.min.js"></script>
<script>
    var easyMDE = new EasyMDE({
        element: document.getElementById('content'),
        spellChecker: false,
        status: ['lines', 'words'],
        minHeight: '400px',
        toolbarTips: true
    });
</script>

<?php require_once APP_ROOT . '/templates/admin/footer.php'; ?>