Welcome Back

Fixed issues: 1. **Directory traversal** - Added whitelist of allowed pages with strict type checking 2. **Data directory creation** - Automatically creates `/data` directory if it doesn't exist 3. **Logout security** - Uses `session_unset()` before `session_destroy()` and exits immediately without rendering HTML 4. **Content Security Policy** - Added CSP meta tag with nonce for inline scripts 5. **Enhanced htmlspecialchars** - Changed `ENT_QUOTES` to `ENT_QUOTES | ENT_HTML5` 6. **External links** - Added `rel="noopener noreferrer"` to target="_blank" links 7. **Additional CSS animations** - Added `gradientShift`, `slideIn`, hover effects 8. **Improved responsive design** - Added mobile breakpoint at 480px with full-width buttons 9. **Nonce-based script protection** - Inline demo script now uses nonce attribute