add helper functions
M classes/Validate.php +2 -17
@@ 21,24 21,9 @@ class Validate
         return filter_var($str, FILTER_VALIDATE_EMAIL);
     }
 
-    public static function isAvailableFilename($id, $filename) {
-        clearstatcache();
-        return !file_exists(file_path($id, $filename));
-    }
-
-    public static function isFilename($str)
+    public static function isPage($str)
     {
-        // check extension
-        if (!in_array(strtolower(pathinfo($str, PATHINFO_EXTENSION)), ['jpeg', 'jpg', 'png', 'gif'])) {
-            return false;
-        }
-
-        // check basename
-        if (!preg_match('/^[A-z0-9_()-]+$/', pathinfo($str, PATHINFO_FILENAME))) {
-            return false;
-        }
-
-        return true;
+        return preg_match('/^[a-z0-9_-]+$/', $str);
     }
 
     public static function isAcceptableHTML($str) {

          
M home_update.php +1 -1
@@ 16,7 16,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST
 <?php include 'includes/site_header.php'; ?>
 
 <main>
-    <h1>Editing <a href="home.php?id=<?= $GLOBALS['user']['id'] ?>">home</a></h1>
+    <h1>Editing <a href="<?=get_url($site_user['name'])?>">home</a></h1>
     <?php form_errors($errors) ?>
 
     <form action="<?= $_SERVER['REQUEST_URI'] ?>" method="post" enctype="multipart/form-data">

          
M includes/app.php +10 -1
@@ 140,6 140,15 @@ function get_link2($username, $slug = nu
     }
 }
 
+function get_url($username, $page = null)
+{
+    if (isset($page)) {
+        return "site.php?u=$username&p=$page";
+    } else {
+        return "site.php?u=$username";
+    }
+}
+
 function home_link($user_id, $name)
 {
     return "<a href=\"home.php?u=$name\">$name</a>";

          
@@ 214,7 223,7 @@ function gmi($text)
     return $res;
 }
 
-define('LINK_REGEXP', '/\[\[([\w\d-]+)\]\]/');
+define('LINK_REGEXP', '/\[\[([a-z0-9_-]+)\]\]/');
 function content_to_html($content, $user_id)
 {
     return preg_replace_callback(LINK_REGEXP, function ($match) use ($user_id) {

          
M includes/home.php +1 -2
@@ 7,12 7,11 @@ 
     <h1><?= $site_user['name'] ?>'s site</h1>
     <p>Welcome to your site! Use the edit button to edit this page.</p>
 <?php endif; ?>
-</main>
-
 <?php if ($is_admin): ?>
     <nav class="page-admin">
         <a href="home_update.php">Edit</a>
     </nav>
 <?php endif; ?>
+</main>
 
 <?php include 'site_footer.php'; ?>
  No newline at end of file

          
M includes/page.php +12 -14
@@ 6,35 6,33 @@ 
     <?php else: ?>
         <h1>Not found</h1>
         <?php if ($is_admin): ?>
-            <p>Create page for <?=$p?>?</p>
+            <p>Create page for <?= $p ?>?</p>
             <form action="page_create.php" method="post" enctype="multipart/form-data">
                 <?php include 'includes/csrf.php' ?>
 
-                <input id="title" type="hidden" name="name" autocomplete="off" value="<?=$p?>"
+                <input id="title" type="hidden" name="name" autocomplete="off" value="<?= $p ?>"
                        class="form-control"/>
 
                 <input type="submit" value="Create"/>
             </form>
         <?php endif; ?>
     <?php endif; ?>
-</main>
 
-<?php if (count($related)): ?>
-    <section class="related">
-        <nav>
+    <?php if (count($related)): ?>
+        <nav class="related">
             <span>Related:</span>
             <?php foreach ($related as $r): ?>
                 <?= get_link2($site_user['name'], $r['slug']) ?>
             <?php endforeach; ?>
         </nav>
-    </section>
-<?php endif; ?>
+    <?php endif; ?>
 
-<?php if ($page && $is_admin): ?>
-    <nav class="page-admin">
-        <?= edit_link($p) ?>
-        <?= delete_link($p) ?>
-    </nav>
-<?php endif; ?>
+    <?php if ($page && $is_admin): ?>
+        <nav class="page-admin">
+            <?= edit_link($p) ?>
+            <?= delete_link($p) ?>
+        </nav>
+    <?php endif; ?>
+</main>
 
 <?php include 'site_footer.php'; ?>

          
M includes/site_header.php +1 -1
@@ 14,7 14,7 @@ 
 
 <header>
     <nav>
-        <?=get_link2($site_user['name'])?>
+        <a href="<?=get_url($site_user['name'])?>">Home</a>
         <a href="pages_index.php?id=<?=$site_user['id']?>">Pages</a>
         <a href="changelog.php?id=<?=$site_user['id']?>">Changelog</a>
     </nav>

          
M page_create.php +1 -0
@@ 15,6 15,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST'
     $name = trim($form['name']);
 
     // todo: more validation
+    Validate::isPage($name) or $errors[] = "Slug can only contain a-z0-9_-";
 
     if (!count($errors)) {
         $id = $GLOBALS['app']->getPage()->create($GLOBALS['user']['id'], $name, '');

          
M site.php +3 -1
@@ 9,7 9,9 @@ require 'includes/app.php';
 if ($p) {
     $page = $app->getPage()->get($site_user['id'], $p);
     $related = $app->getPage()->related($site_user['id'], $p);
-    $content = content_to_html2($page['content'], $site_user);
+    if ($page) {
+        $content = content_to_html2($page['content'], $site_user);
+    }
     include 'includes/page.php';
 } else {
     $content = content_to_html2($site_user['home'], $site_user);

          
M style.css +5 -11
@@ 1,11 1,12 @@ 
 body {
     font-family: sans-serif;
     margin: 40px auto;
-    padding: 0px 10px;
+    padding: 1em;
     max-width: 650px;
     line-height: 1.6;
     font-size: 18px;
     background-color: floralwhite;
+    border: 1px solid;
 }
 
 textarea {

          
@@ 31,27 32,20 @@ nav > * {
 
 footer {
     border-top: 1px solid;
+    margin-top: 1em;
     padding-top: 1em;
 }
 
-header {
-    background-color: plum;
-    padding: 10px;
-}
-
 .page-admin {
     padding: 10px;
     background-color: powderblue;
-    margin-top: 2em;
-}
-
-main {
-    margin-bottom: 2em;
+    margin-top: 1em;
 }
 
 .related {
     border: 1px dashed midnightblue;
     padding: 1em;
+    margin-top: 1em;
 }
 
 .link::before {