 Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/gositeme/domains/soundstudiopro.com/private_html/ |
<?php
session_start();
require_once 'config/database.php';
require_once 'includes/event_permissions.php';
header('Content-Type: application/json');
$pdo = getDBConnection();
$user_id = $_SESSION['user_id'] ?? null;
if (!$user_id) {
echo json_encode(['success' => false, 'error' => 'Not authenticated']);
exit;
}
ensureEventManagersTable($pdo);
$ticket_code = $_POST['ticket_code'] ?? $_GET['code'] ?? null;
if (!$ticket_code) {
echo json_encode(['success' => false, 'error' => 'Ticket code required']);
exit;
}
try {
// Get ticket with event info
$stmt = $pdo->prepare("
SELECT
et.*,
e.id as event_id,
e.title as event_title,
e.creator_id,
u.name as attendee_name,
u.email as attendee_email
FROM event_tickets et
JOIN events e ON et.event_id = e.id
JOIN users u ON et.user_id = u.id
WHERE et.ticket_code = ?
");
$stmt->execute([$ticket_code]);
$ticket = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$ticket) {
echo json_encode([
'success' => false,
'error' => 'Ticket not found',
'valid' => false
]);
exit;
}
$can_manage = userCanManageEvent($pdo, $user_id, (int)$ticket['event_id']);
if (!$can_manage) {
echo json_encode([
'success' => false,
'error' => 'You do not have permission to verify tickets for this event',
'valid' => false
]);
exit;
}
// Check ticket status
if ($ticket['status'] === 'used') {
echo json_encode([
'success' => true,
'valid' => false,
'error' => 'Ticket already used',
'ticket' => [
'code' => $ticket['ticket_code'],
'attendee' => $ticket['attendee_name'],
'used_at' => $ticket['checked_in_at']
]
]);
exit;
}
if ($ticket['status'] === 'cancelled') {
echo json_encode([
'success' => true,
'valid' => false,
'error' => 'Ticket has been cancelled',
'ticket' => [
'code' => $ticket['ticket_code'],
'attendee' => $ticket['attendee_name']
]
]);
exit;
}
// Verify ticket - mark as used
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['verify'])) {
$stmt = $pdo->prepare("
UPDATE event_tickets
SET status = 'used',
checked_in_at = NOW(),
checked_in_by = ?
WHERE ticket_code = ? AND status = 'confirmed'
");
$stmt->execute([$user_id, $ticket_code]);
echo json_encode([
'success' => true,
'valid' => true,
'verified' => true,
'ticket' => [
'code' => $ticket['ticket_code'],
'attendee' => $ticket['attendee_name'],
'event' => $ticket['event_title'],
'verified_at' => date('Y-m-d H:i:s')
]
]);
} else {
// Just check ticket validity
echo json_encode([
'success' => true,
'valid' => true,
'ticket' => [
'code' => $ticket['ticket_code'],
'attendee' => $ticket['attendee_name'],
'event' => $ticket['event_title'],
'status' => $ticket['status']
]
]);
}
} catch (Exception $e) {
error_log("Ticket Verification Error: " . $e->getMessage());
echo json_encode([
'success' => false,
'error' => 'Verification failed: ' . $e->getMessage()
]);
}
?>