get_var("select theme from website"); $theme = $db->get_row("select * from themes where id = '$id_theme'"); $dir = dirname(__FILE__); include($dir.$theme->path.'header.php'); $p="main"; $pages = array('press','contact','implants','casiclinici','testimonials'); if(isset($_GET['cont'])){ $p=$_GET['cont']; if(!in_array($p, $pages)){ echo "invalid input page"; exit; }else{ if($p!=basename($p) || !preg_match("/^[A-Za-z0-9\-_]+$/",$p) || $p=="main" || !file_exists($dir.$theme->path.'html/'.$p.".php")) $p="error"; } } include($dir.$theme->path.'html/'.$p.".php"); include($dir.$theme->path.'footer.php'); ?>