From 1173fcbe16cd8282b1d76c77e3b55d7b3951ed0d Mon Sep 17 00:00:00 2001
From: Flatlogic Bot <support@flatlogic.com>
Date: Sun, 8 Mar 2026 02:54:06 +0000
Subject: [PATCH] add privacy

---
 admin_company_profile.php              |  37 ++++-
 admin_landing_pages.php                | 209 +++++++++++++++++++++++++
 db/migrations/add_landing_sections.php |  24 +++
 includes/app.php                       |  16 ++
 includes/layout.php                    |   9 +-
 index.php                              |  51 ++++++
 patch_company_profile.php              |  64 ++++++++
 privacy.php                            |  36 +++++
 terms.php                              |  36 +++++
 9 files changed, 477 insertions(+), 5 deletions(-)
 create mode 100644 admin_landing_pages.php
 create mode 100644 db/migrations/add_landing_sections.php
 create mode 100644 patch_company_profile.php
 create mode 100644 privacy.php
 create mode 100644 terms.php

diff --git a/admin_company_profile.php b/admin_company_profile.php
index 95efdff..c83cc2f 100644
--- a/admin_company_profile.php
+++ b/admin_company_profile.php
@@ -21,6 +21,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
         'company_phone' => $companyPhone,
         'company_address' => $companyAddress,
         'platform_charge_percentage' => $platformCharge,
+        'terms_en' => trim($_POST['terms_en'] ?? ''),
+        'terms_ar' => trim($_POST['terms_ar'] ?? ''),
+        'privacy_en' => trim($_POST['privacy_en'] ?? ''),
+        'privacy_ar' => trim($_POST['privacy_ar'] ?? ''),
     ];
 
     // Handle file uploads
@@ -78,6 +82,10 @@ $currentAddress = $settings['company_address'] ?? '';
 $currentPlatformCharge = $settings['platform_charge_percentage'] ?? '0';
 $currentLogo = $settings['logo_path'] ?? '';
 $currentFavicon = $settings['favicon_path'] ?? '';
+$currentTermsEn = $settings['terms_en'] ?? '';
+$currentTermsAr = $settings['terms_ar'] ?? '';
+$currentPrivacyEn = $settings['privacy_en'] ?? '';
+$currentPrivacyAr = $settings['privacy_ar'] ?? '';
 
 render_header('Company Profile', 'admin');
 ?>
@@ -89,7 +97,7 @@ render_header('Company Profile', 'admin');
     <div class="col-lg-9">
         <div class="page-intro mb-4">
             <h1 class="section-title mb-1">Company Profile</h1>
-            <p class="muted mb-0">Update your app name, logo, favicon, contact details, and platform charge.</p>
+            <p class="muted mb-0">Update your app name, logo, favicon, contact details, platform charge, and legal policies.</p>
         </div>
         
         <?php if ($success): ?>
@@ -159,6 +167,31 @@ render_header('Company Profile', 'admin');
                         <input type="file" name="favicon_file" class="form-control" accept="image/png, image/x-icon, image/svg+xml">
                         <div class="form-text">Recommended size: 32x32px (ICO, PNG, SVG). Leave empty to keep current.</div>
                     </div>
+
+                    <div class="col-md-12">
+                        <hr class="my-2">
+                        <h5 class="fw-bold mb-3">Legal & Policies</h5>
+                    </div>
+
+                    <div class="col-md-6">
+                        <label class="form-label fw-bold">Terms of Service (English)</label>
+                        <textarea name="terms_en" class="form-control" rows="5" placeholder="Enter Terms of Service in English..."><?= e($currentTermsEn) ?></textarea>
+                    </div>
+
+                    <div class="col-md-6">
+                        <label class="form-label fw-bold">Terms of Service (Arabic)</label>
+                        <textarea name="terms_ar" class="form-control" rows="5" dir="rtl" placeholder="أدخل شروط الخدمة باللغة العربية..."><?= e($currentTermsAr) ?></textarea>
+                    </div>
+
+                    <div class="col-md-6">
+                        <label class="form-label fw-bold">Privacy Policy (English)</label>
+                        <textarea name="privacy_en" class="form-control" rows="5" placeholder="Enter Privacy Policy in English..."><?= e($currentPrivacyEn) ?></textarea>
+                    </div>
+
+                    <div class="col-md-6">
+                        <label class="form-label fw-bold">Privacy Policy (Arabic)</label>
+                        <textarea name="privacy_ar" class="form-control" rows="5" dir="rtl" placeholder="أدخل سياسة الخصوصية باللغة العربية..."><?= e($currentPrivacyAr) ?></textarea>
+                    </div>
                 </div>
                 
                 <hr class="my-4">
@@ -168,4 +201,4 @@ render_header('Company Profile', 'admin');
     </div>
 </div>
 
-<?php render_footer(); ?>
\ No newline at end of file
+<?php render_footer(); ?>
diff --git a/admin_landing_pages.php b/admin_landing_pages.php
new file mode 100644
index 0000000..47ba94a
--- /dev/null
+++ b/admin_landing_pages.php
@@ -0,0 +1,209 @@
+<?php
+declare(strict_types=1);
+
+require_once __DIR__ . '/includes/app.php';
+require_once __DIR__ . '/includes/layout.php';
+
+if (empty($_SESSION['user_id']) || $_SESSION['role'] !== 'admin') {
+    header('Location: ' . url_with_lang('login.php'));
+    exit;
+}
+
+$pdo = db();
+
+// Handle form submission
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $action = $_POST['action'] ?? '';
+    
+    if ($action === 'create' || $action === 'edit') {
+        $id = $_POST['id'] ?? null;
+        $title = $_POST['title'] ?? '';
+        $subtitle = $_POST['subtitle'] ?? '';
+        $content = $_POST['content'] ?? '';
+        $layout = $_POST['layout'] ?? 'text_left';
+        $button_text = $_POST['button_text'] ?? '';
+        $button_link = $_POST['button_link'] ?? '';
+        $section_order = (int)($_POST['section_order'] ?? 0);
+        $is_active = isset($_POST['is_active']) ? 1 : 0;
+        
+        $image_path = $_POST['current_image'] ?? '';
+        
+        if (!empty($_FILES['image']['name'])) {
+            $uploadDir = __DIR__ . '/uploads/pages/';
+            if (!is_dir($uploadDir)) {
+                mkdir($uploadDir, 0777, true);
+            }
+            $ext = pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION);
+            $fileName = uniqid('img_') . '.' . $ext;
+            $dest = $uploadDir . $fileName;
+            if (move_uploaded_file($_FILES['image']['tmp_name'], $dest)) {
+                $image_path = 'uploads/pages/' . $fileName;
+            }
+        }
+
+        if ($action === 'create') {
+            $stmt = $pdo->prepare("INSERT INTO landing_sections (title, subtitle, content, image_path, layout, button_text, button_link, section_order, is_active) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
+            $stmt->execute([$title, $subtitle, $content, $image_path, $layout, $button_text, $button_link, $section_order, $is_active]);
+            set_flash('success', 'Section created successfully.');
+        } else {
+            $stmt = $pdo->prepare("UPDATE landing_sections SET title=?, subtitle=?, content=?, image_path=?, layout=?, button_text=?, button_link=?, section_order=?, is_active=? WHERE id=?");
+            $stmt->execute([$title, $subtitle, $content, $image_path, $layout, $button_text, $button_link, $section_order, $is_active, $id]);
+            set_flash('success', 'Section updated successfully.');
+        }
+        header('Location: ' . url_with_lang('admin_landing_pages.php'));
+        exit;
+    } elseif ($action === 'delete') {
+        $id = $_POST['id'] ?? null;
+        if ($id) {
+            $stmt = $pdo->prepare("DELETE FROM landing_sections WHERE id=?");
+            $stmt->execute([$id]);
+            set_flash('success', 'Section deleted successfully.');
+        }
+        header('Location: ' . url_with_lang('admin_landing_pages.php'));
+        exit;
+    }
+}
+
+$stmt = $pdo->query("SELECT * FROM landing_sections ORDER BY section_order ASC, id ASC");
+$sections = $stmt->fetchAll();
+
+$editId = $_GET['edit'] ?? null;
+$editSection = null;
+if ($editId) {
+    $stmt = $pdo->prepare("SELECT * FROM landing_sections WHERE id = ?");
+    $stmt->execute([$editId]);
+    $editSection = $stmt->fetch();
+}
+
+render_header(t('app_name') . ' - Landing Pages', 'admin');
+?>
+
+<div class="row g-4">
+    <div class="col-lg-3">
+        <?php render_admin_sidebar('landing_pages'); ?>
+    </div>
+    <div class="col-lg-9">
+
+    <div class="d-flex justify-content-between align-items-center mb-4">
+        <h2 class="fw-bold mb-0">Landing Page Customization</h2>
+        <a href="<?= e(url_with_lang('admin_dashboard.php')) ?>" class="btn btn-outline-secondary">Back to Dashboard</a>
+    </div>
+
+    <?php if ($flash = get_flash()): ?>
+        <div class="alert alert-<?= e($flash['type'] === 'success' ? 'success' : 'danger') ?> alert-dismissible fade show">
+            <?= e($flash['message']) ?>
+            <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+        </div>
+    <?php endif; ?>
+
+    <div class="row g-4">
+        <div class="col-md-5">
+            <div class="panel p-4 shadow-sm border-0 rounded-4 bg-white">
+                <h4 class="mb-4"><?= $editSection ? 'Edit Section' : 'Add New Section' ?></h4>
+                <form action="<?= e(url_with_lang('admin_landing_pages.php')) ?>" method="POST" enctype="multipart/form-data">
+                    <input type="hidden" name="action" value="<?= $editSection ? 'edit' : 'create' ?>">
+                    <?php if ($editSection): ?>
+                        <input type="hidden" name="id" value="<?= e($editSection['id']) ?>">
+                        <input type="hidden" name="current_image" value="<?= e($editSection['image_path']) ?>">
+                    <?php endif; ?>
+
+                    <div class="mb-3">
+                        <label class="form-label">Title <span class="text-danger">*</span></label>
+                        <input type="text" name="title" class="form-control" value="<?= e($editSection['title'] ?? '') ?>" required>
+                    </div>
+
+                    <div class="mb-3">
+                        <label class="form-label">Subtitle (Optional)</label>
+                        <textarea name="subtitle" class="form-control" rows="2"><?= e($editSection['subtitle'] ?? '') ?></textarea>
+                    </div>
+
+                    <div class="mb-3">
+                        <label class="form-label">Content (HTML allowed)</label>
+                        <textarea name="content" class="form-control" rows="5"><?= e($editSection['content'] ?? '') ?></textarea>
+                    </div>
+
+                    <div class="row">
+                        <div class="col-md-6 mb-3">
+                            <label class="form-label">Layout Type</label>
+                            <select name="layout" class="form-select">
+                                <option value="text_left" <?= ($editSection['layout'] ?? '') === 'text_left' ? 'selected' : '' ?>>Text Left, Image Right</option>
+                                <option value="text_right" <?= ($editSection['layout'] ?? '') === 'text_right' ? 'selected' : '' ?>>Image Left, Text Right</option>
+                                <option value="center" <?= ($editSection['layout'] ?? '') === 'center' ? 'selected' : '' ?>>Center (No Image)</option>
+                            </select>
+                        </div>
+                        <div class="col-md-6 mb-3">
+                            <label class="form-label">Order</label>
+                            <input type="number" name="section_order" class="form-control" value="<?= e($editSection['section_order'] ?? 0) ?>">
+                        </div>
+                    </div>
+                    
+                    <div class="row">
+                        <div class="col-md-6 mb-3">
+                            <label class="form-label">Button Text</label>
+                            <input type="text" name="button_text" class="form-control" value="<?= e($editSection['button_text'] ?? '') ?>">
+                        </div>
+                        <div class="col-md-6 mb-3">
+                            <label class="form-label">Button Link (e.g. login.php)</label>
+                            <input type="text" name="button_link" class="form-control" value="<?= e($editSection['button_link'] ?? '') ?>">
+                        </div>
+                    </div>
+
+                    <div class="mb-3">
+                        <label class="form-label">Upload Picture</label>
+                        <input type="file" name="image" class="form-control" accept="image/*">
+                        <?php if (!empty($editSection['image_path'])): ?>
+                            <div class="mt-2">
+                                <img src="<?= e($editSection['image_path']) ?>" alt="Current Image" style="max-height: 80px; border-radius: 4px;">
+                            </div>
+                        <?php endif; ?>
+                    </div>
+
+                    <div class="mb-4 form-check form-switch">
+                        <input class="form-check-input" type="checkbox" name="is_active" id="isActive" <?= (!isset($editSection) || $editSection['is_active']) ? 'checked' : '' ?>>
+                        <label class="form-check-label" for="isActive">Active</label>
+                    </div>
+
+                    <div class="d-flex gap-2">
+                        <button type="submit" class="btn btn-primary"><?= $editSection ? 'Update Section' : 'Create Section' ?></button>
+                        <?php if ($editSection): ?>
+                            <a href="<?= e(url_with_lang('admin_landing_pages.php')) ?>" class="btn btn-outline-secondary">Cancel</a>
+                        <?php endif; ?>
+                    </div>
+                </form>
+            </div>
+        </div>
+
+        <div class="col-md-7">
+            <div class="panel p-4 shadow-sm border-0 rounded-4 bg-white">
+                <h4 class="mb-4">Current Sections</h4>
+                <?php if (!$sections): ?>
+                    <p class="text-muted">No custom sections added yet.</p>
+                <?php else: ?>
+                    <div class="list-group">
+                        <?php foreach ($sections as $sec): ?>
+                            <div class="list-group-item list-group-item-action d-flex justify-content-between align-items-center p-3">
+                                <div>
+                                    <h6 class="mb-1 fw-bold"><?= e($sec['title']) ?> <span class="badge bg-<?= $sec['is_active'] ? 'success' : 'secondary' ?> ms-2"><?= $sec['is_active'] ? 'Active' : 'Draft' ?></span></h6>
+                                    <small class="text-muted">Order: <?= e($sec['section_order']) ?> | Layout: <?= e($sec['layout']) ?></small>
+                                </div>
+                                <div class="d-flex gap-2">
+                                    <a href="<?= e(url_with_lang('admin_landing_pages.php', ['edit' => $sec['id']])) ?>" class="btn btn-sm btn-outline-primary">Edit</a>
+                                    <form action="<?= e(url_with_lang('admin_landing_pages.php')) ?>" method="POST" onsubmit="return confirm('Are you sure you want to delete this section?');" style="display:inline;">
+                                        <input type="hidden" name="action" value="delete">
+                                        <input type="hidden" name="id" value="<?= e($sec['id']) ?>">
+                                        <button type="submit" class="btn btn-sm btn-outline-danger">Delete</button>
+                                    </form>
+                                </div>
+                            </div>
+                        <?php endforeach; ?>
+                    </div>
+                <?php endif; ?>
+            </div>
+        </div>
+    </div>
+</div>
+
+    </div>
+</div>
+
+<?php render_footer(); ?>
\ No newline at end of file
diff --git a/db/migrations/add_landing_sections.php b/db/migrations/add_landing_sections.php
new file mode 100644
index 0000000..eba5fdd
--- /dev/null
+++ b/db/migrations/add_landing_sections.php
@@ -0,0 +1,24 @@
+<?php
+require_once __DIR__ . '/../config.php';
+$pdo = db();
+try {
+    $pdo->exec("
+        CREATE TABLE IF NOT EXISTS landing_sections (
+            id INT AUTO_INCREMENT PRIMARY KEY,
+            title VARCHAR(255) NOT NULL,
+            subtitle TEXT NULL,
+            content TEXT NULL,
+            image_path VARCHAR(255) NULL,
+            layout ENUM('text_left', 'text_right', 'center') NOT NULL DEFAULT 'text_left',
+            button_text VARCHAR(100) NULL,
+            button_link VARCHAR(255) NULL,
+            section_order INT NOT NULL DEFAULT 0,
+            is_active TINYINT(1) NOT NULL DEFAULT 1,
+            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+        ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+    ");
+    echo "landing_sections table created.\n";
+} catch (Exception $e) {
+    echo "Error: " . $e->getMessage() . "\n";
+}
+
diff --git a/includes/app.php b/includes/app.php
index 1af88b7..b93ee41 100644
--- a/includes/app.php
+++ b/includes/app.php
@@ -164,6 +164,22 @@ function e($value): string
 
 function ensure_schema(): void
 {
+    db()->exec("
+        CREATE TABLE IF NOT EXISTS landing_sections (
+            id INT AUTO_INCREMENT PRIMARY KEY,
+            title VARCHAR(255) NOT NULL,
+            subtitle TEXT NULL,
+            content TEXT NULL,
+            image_path VARCHAR(255) NULL,
+            layout ENUM('text_left', 'text_right', 'center') NOT NULL DEFAULT 'text_left',
+            button_text VARCHAR(100) NULL,
+            button_link VARCHAR(255) NULL,
+            section_order INT NOT NULL DEFAULT 0,
+            is_active TINYINT(1) NOT NULL DEFAULT 1,
+            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+        ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+    ");
+
     $sql = <<<SQL
 CREATE TABLE IF NOT EXISTS shipments (
     id INT AUTO_INCREMENT PRIMARY KEY,
diff --git a/includes/layout.php b/includes/layout.php
index 45a1ef9..2f23ba0 100644
--- a/includes/layout.php
+++ b/includes/layout.php
@@ -179,8 +179,8 @@ function render_footer(): void
                         <h6 class="fw-bold mb-3">Resources</h6>
                         <ul class="list-unstyled text-muted small">
                             <li class="mb-2"><a href="<?= e(url_with_lang('faq.php')) ?>" class="text-decoration-none text-muted">Help Center / FAQ</a></li>
-                            <li class="mb-2"><a href="#" class="text-decoration-none text-muted">Terms of Service</a></li>
-                            <li class="mb-2"><a href="#" class="text-decoration-none text-muted">Privacy Policy</a></li>
+                            <li class="mb-2"><a href="<?= e(url_with_lang('terms.php')) ?>" class="text-decoration-none text-muted"><?= $lang === 'ar' ? 'شروط الخدمة' : 'Terms of Service' ?></a></li>
+                            <li class="mb-2"><a href="<?= e(url_with_lang('privacy.php')) ?>" class="text-decoration-none text-muted"><?= $lang === 'ar' ? 'سياسة الخصوصية' : 'Privacy Policy' ?></a></li>
                         </ul>
                     </div>
                     <div class="col-md-2">
@@ -211,7 +211,7 @@ function render_admin_sidebar(string $active = 'dashboard'): void
     $settingsActive = in_array($active, ['company_profile', 'integrations']);
     $locationsActive = in_array($active, ['countries', 'cities']);
     $usersActive = in_array($active, ['shippers', 'truck_owners', 'register']);
-    $pagesActive = in_array($active, ['faqs']);
+    $pagesActive = in_array($active, ['faqs', 'landing_pages']);
     ?>
     <aside class="admin-sidebar panel p-4 shadow-sm border-0">
         <h2 class="h5 fw-bold mb-4"><i class="bi bi-shield-lock me-2 text-primary"></i>Admin Panel</h2>
@@ -277,6 +277,9 @@ function render_admin_sidebar(string $active = 'dashboard'): void
                     <a class="admin-nav-link <?= $active === 'faqs' ? 'active' : '' ?>" href="<?= e(url_with_lang('admin_faqs.php')) ?>">
                         <i class="bi bi-question-square me-2"></i>FAQs
                     </a>
+                    <a class="admin-nav-link <?= $active === 'landing_pages' ? 'active' : '' ?>" href="<?= e(url_with_lang('admin_landing_pages.php')) ?>">
+                        <i class="bi bi-layout-text-window me-2"></i>Landing Pages
+                    </a>
                 </div>
             </div>
             
diff --git a/index.php b/index.php
index 9554ec0..bb66e79 100644
--- a/index.php
+++ b/index.php
@@ -235,4 +235,55 @@ render_header(t('app_name'), 'home');
     </div>
 </div>
 
+<?php
+try {
+    $stmt = db()->query("SELECT * FROM landing_sections WHERE is_active = 1 ORDER BY section_order ASC, id ASC");
+    $landingSections = $stmt->fetchAll();
+    foreach ($landingSections as $sec):
+?>
+    <section class="mb-5">
+        <?php if ($sec['layout'] === 'center'): ?>
+            <div class="panel p-5 border-0 shadow-sm rounded-4 text-center" style="background-color: #f8f9fa;">
+                <?php if ($sec['image_path']): ?>
+                    <img src="<?= e($sec['image_path']) ?>" alt="" class="img-fluid mb-4 rounded-4 shadow-sm" style="max-height: 300px; object-fit: cover;">
+                <?php endif; ?>
+                <h2 class="display-6 fw-bold mb-3"><?= e($sec['title']) ?></h2>
+                <?php if ($sec['subtitle']): ?>
+                    <p class="text-muted fs-5 mb-4 mx-auto" style="max-width: 600px;"><?= e($sec['subtitle']) ?></p>
+                <?php endif; ?>
+                <?php if ($sec['content']): ?>
+                    <div class="mb-4 text-start mx-auto" style="max-width: 800px;"><?= $sec['content'] ?></div>
+                <?php endif; ?>
+                <?php if ($sec['button_text']): ?>
+                    <a href="<?= e(url_with_lang($sec['button_link'] ?: '#')) ?>" class="btn btn-primary btn-lg px-4 rounded-pill shadow-sm"><?= e($sec['button_text']) ?></a>
+                <?php endif; ?>
+            </div>
+        <?php else: ?>
+            <div class="row g-4 align-items-center">
+                <div class="col-md-6 <?= $sec['layout'] === 'text_right' ? 'order-md-1' : 'order-md-2' ?>">
+                    <?php if ($sec['image_path']): ?>
+                        <img src="<?= e($sec['image_path']) ?>" alt="" class="img-fluid rounded-4 shadow-sm" style="width: 100%; object-fit: cover; max-height: 400px;">
+                    <?php endif; ?>
+                </div>
+                <div class="col-md-6 <?= $sec['layout'] === 'text_right' ? 'order-md-2' : 'order-md-1' ?>">
+                    <div class="p-lg-4">
+                        <h2 class="display-6 fw-bold mb-4"><?= e($sec['title']) ?></h2>
+                        <?php if ($sec['subtitle']): ?>
+                            <h5 class="fw-bold mb-3 text-muted"><?= e($sec['subtitle']) ?></h5>
+                        <?php endif; ?>
+                        <?php if ($sec['content']): ?>
+                            <div class="mb-4"><?= $sec['content'] ?></div>
+                        <?php endif; ?>
+                        <?php if ($sec['button_text']): ?>
+                            <a href="<?= e(url_with_lang($sec['button_link'] ?: '#')) ?>" class="btn btn-primary btn-lg px-4 rounded-pill shadow-sm"><?= e($sec['button_text']) ?></a>
+                        <?php endif; ?>
+                    </div>
+                </div>
+            </div>
+        <?php endif; ?>
+    </section>
+<?php
+    endforeach;
+} catch (Throwable $e) {}
+?>
 <?php render_footer(); ?>
\ No newline at end of file
diff --git a/patch_company_profile.php b/patch_company_profile.php
new file mode 100644
index 0000000..a5ffd2e
--- /dev/null
+++ b/patch_company_profile.php
@@ -0,0 +1,64 @@
+<?php
+$content = file_get_contents('admin_company_profile.php');
+
+$php_updates = <<<PHP
+    \$updates = [
+        'company_name' => \$companyName,
+        'company_email' => \$companyEmail,
+        'company_phone' => \$companyPhone,
+        'company_address' => \$companyAddress,
+        'platform_charge_percentage' => \$platformCharge,
+        'terms_en' => trim(\\\$_POST['terms_en'] ?? ''),
+        'terms_ar' => trim(\\\$_POST['terms_ar'] ?? ''),
+        'privacy_en' => trim(\\\$_POST['privacy_en'] ?? ''),
+        'privacy_ar' => trim(\\\$_POST['privacy_ar'] ?? ''),
+    ];
+PHP;
+
+$content = preg_replace("/\\\\\$updates = \\\\[\\\\\s\\\\\\S]*?'platform_charge_percentage' => \\\\$platformCharge,\\n    \\\\];/', $php_updates, $content);
+
+$fetch_vars = <<<PHP
+\$currentLogo = \$settings['logo_path'] ?? '';
+\$currentFavicon = \$settings['favicon_path'] ?? '';
+\$currentTermsEn = \$settings['terms_en'] ?? '';
+\$currentTermsAr = \$settings['terms_ar'] ?? '';
+\$currentPrivacyEn = \$settings['privacy_en'] ?? '';
+\$currentPrivacyAr = \$settings['privacy_ar'] ?? '';
+PHP;
+
+$content = str_replace("\\\$currentFavicon = \\\$settings['favicon_path'] ?? '';", $fetch_vars, $content);
+
+$html_fields = <<<HTML
+                    <div class="col-md-12">
+                        <hr class="my-2">
+                        <h5 class="fw-bold mb-3">Legal & Policies</h5>
+                    </div>
+
+                    <div class="col-md-6">
+                        <label class="form-label fw-bold">Terms of Service (English)</label>
+                        <textarea name="terms_en" class="form-control" rows="5"><?= htmlspecialchars(\\$currentTermsEn, ENT_QUOTES, 'UTF-8') ?></textarea>
+                    </div>
+
+                    <div class="col-md-6">
+                        <label class="form-label fw-bold">Terms of Service (Arabic)</label>
+                        <textarea name="terms_ar" class="form-control" rows="5" dir="rtl"><?= htmlspecialchars(\\$currentTermsAr, ENT_QUOTES, 'UTF-8') ?></textarea>
+                    </div>
+
+                    <div class="col-md-6">
+                        <label class="form-label fw-bold">Privacy Policy (English)</label>
+                        <textarea name="privacy_en" class="form-control" rows="5"><?= htmlspecialchars(\\$currentPrivacyEn, ENT_QUOTES, 'UTF-8') ?></textarea>
+                    </div>
+
+                    <div class="col-md-6">
+                        <label class="form-label fw-bold">Privacy Policy (Arabic)</label>
+                        <textarea name="privacy_ar" class="form-control" rows="5" dir="rtl"><?= htmlspecialchars(\\$currentPrivacyAr, ENT_QUOTES, 'UTF-8') ?></textarea>
+                    </div>
+                </div>
+HTML;
+
+$content = str_replace("                </div>\n                \n                <hr class=\"my-4\">
+", $html_fields . "\n                \n                <hr class=\"my-4\">
+", $content);
+
+file_put_contents('admin_company_profile.php', $content);
+
diff --git a/privacy.php b/privacy.php
new file mode 100644
index 0000000..caa1d3a
--- /dev/null
+++ b/privacy.php
@@ -0,0 +1,36 @@
+<?php
+declare(strict_types=1);
+
+require_once __DIR__ . '/includes/layout.php';
+
+$settings = get_settings();
+global $lang;
+
+$title = $lang === 'ar' ? 'سياسة الخصوصية' : 'Privacy Policy';
+$content = $lang === 'ar' ? ($settings['privacy_ar'] ?? '') : ($settings['privacy_en'] ?? '');
+
+render_header($title, 'home');
+?>
+
+<div class="container py-5 my-5">
+    <div class="row justify-content-center">
+        <div class="col-lg-10">
+            <h1 class="display-5 fw-bold mb-4 <?= $lang === 'ar' ? 'text-end' : '' ?>"><?= e($title) ?></h1>
+            <div class="card border-0 shadow-sm rounded-4">
+                <div class="card-body p-4 p-md-5 <?= $lang === 'ar' ? 'text-end' : '' ?>" <?= $lang === 'ar' ? 'dir="rtl"' : '' ?>>
+                    <?php if (trim($content) === ''): ?>
+                        <p class="text-muted mb-0">
+                            <?= $lang === 'ar' ? 'لم يتم تقديم سياسة الخصوصية بعد.' : 'Privacy policy has not been provided yet.' ?>
+                        </p>
+                    <?php else: ?>
+                        <div class="policy-content">
+                            <?= nl2br(e($content)) ?>
+                        </div>
+                    <?php endif; ?>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<?php render_footer(); ?>
diff --git a/terms.php b/terms.php
new file mode 100644
index 0000000..2a5155d
--- /dev/null
+++ b/terms.php
@@ -0,0 +1,36 @@
+<?php
+declare(strict_types=1);
+
+require_once __DIR__ . '/includes/layout.php';
+
+$settings = get_settings();
+global $lang;
+
+$title = $lang === 'ar' ? 'شروط الخدمة' : 'Terms of Service';
+$content = $lang === 'ar' ? ($settings['terms_ar'] ?? '') : ($settings['terms_en'] ?? '');
+
+render_header($title, 'home');
+?>
+
+<div class="container py-5 my-5">
+    <div class="row justify-content-center">
+        <div class="col-lg-10">
+            <h1 class="display-5 fw-bold mb-4 <?= $lang === 'ar' ? 'text-end' : '' ?>"><?= e($title) ?></h1>
+            <div class="card border-0 shadow-sm rounded-4">
+                <div class="card-body p-4 p-md-5 <?= $lang === 'ar' ? 'text-end' : '' ?>" <?= $lang === 'ar' ? 'dir="rtl"' : '' ?>>
+                    <?php if (trim($content) === ''): ?>
+                        <p class="text-muted mb-0">
+                            <?= $lang === 'ar' ? 'لم يتم تقديم شروط الخدمة بعد.' : 'Terms of service have not been provided yet.' ?>
+                        </p>
+                    <?php else: ?>
+                        <div class="policy-content">
+                            <?= nl2br(e($content)) ?>
+                        </div>
+                    <?php endif; ?>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<?php render_footer(); ?>