 Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/gositeme/.cursor-server/data/User/History/-3489c6/ |
<?php
session_start();
require_once 'config/database.php';
header('Content-Type: application/json');
$pdo = getDBConnection();
$user_id = $_SESSION['user_id'] ?? null;
$is_admin = $_SESSION['is_admin'] ?? false;
if (!$user_id) {
echo json_encode(['success' => false, 'message' => 'User not logged in']);
exit;
}
$input = json_decode(file_get_contents('php://input'), true);
$action = $input['action'] ?? '';
try {
switch ($action) {
case 'create':
createEvent($pdo, $user_id, $input);
break;
case 'rsvp':
rsvpEvent($pdo, $user_id, $input);
break;
case 'like':
likeEvent($pdo, $user_id, $input);
break;
case 'comment':
commentEvent($pdo, $user_id, $input);
break;
case 'update':
updateEvent($pdo, $user_id, $input, $is_admin);
break;
case 'share':
shareEvent($pdo, $user_id, $input);
break;
default:
echo json_encode(['success' => false, 'message' => 'Invalid action']);
}
} catch (Exception $e) {
error_log("Events API Error: " . $e->getMessage());
echo json_encode(['success' => false, 'message' => 'Server error: ' . $e->getMessage()]);
}
function createEvent($pdo, $user_id, $data) {
$required_fields = ['title', 'event_type', 'description', 'start_date', 'end_date'];
foreach ($required_fields as $field) {
if (empty($data[$field])) {
echo json_encode(['success' => false, 'message' => "Missing required field: $field"]);
return;
}
}
$stmt = $pdo->prepare("
INSERT INTO events (
creator_id, title, description, event_type, location, venue_name,
address, start_date, end_date, max_attendees, ticket_price, is_free, status
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
");
// Handle ticket price and is_free logic
$ticket_price = isset($data['ticket_price']) && $data['ticket_price'] !== '' ? (float)$data['ticket_price'] : 0.00;
$is_free = $ticket_price == 0;
// Handle max attendees
$max_attendees = isset($data['max_attendees']) && $data['max_attendees'] !== '' ? (int)$data['max_attendees'] : null;
// Log the values being inserted for debugging
error_log("Creating event with values: ticket_price=$ticket_price, is_free=" . ($is_free ? 'true' : 'false') . ", max_attendees=" . ($max_attendees ?? 'null'));
$stmt->execute([
$user_id,
$data['title'],
$data['description'],
$data['event_type'],
$data['location'] ?? '',
$data['venue_name'] ?? '',
$data['address'] ?? '',
$data['start_date'],
$data['end_date'],
$max_attendees,
$ticket_price,
$is_free ? 1 : 0, // Convert boolean to integer for MySQL
'published' // Set status to published so it shows up immediately
]);
$event_id = $pdo->lastInsertId();
echo json_encode([
'success' => true,
'message' => 'Event created successfully',
'event_id' => $event_id
]);
}
function rsvpEvent($pdo, $user_id, $data) {
if (empty($data['event_id']) || empty($data['status'])) {
echo json_encode(['success' => false, 'message' => 'Missing event_id or status']);
return;
}
$event_id = $data['event_id'];
$status = $data['status'];
// Check if event exists
$stmt = $pdo->prepare("SELECT id FROM events WHERE id = ?");
$stmt->execute([$event_id]);
if (!$stmt->fetch()) {
echo json_encode(['success' => false, 'message' => 'Event not found']);
return;
}
// Check if RSVP already exists
$stmt = $pdo->prepare("SELECT id FROM event_attendees WHERE event_id = ? AND user_id = ?");
$stmt->execute([$event_id, $user_id]);
if ($stmt->fetch()) {
// Update existing RSVP
$stmt = $pdo->prepare("UPDATE event_attendees SET status = ?, rsvp_date = NOW() WHERE event_id = ? AND user_id = ?");
$stmt->execute([$status, $event_id, $user_id]);
} else {
// Create new RSVP
$stmt = $pdo->prepare("INSERT INTO event_attendees (event_id, user_id, status) VALUES (?, ?, ?)");
$stmt->execute([$event_id, $user_id, $status]);
}
// Update event attendee count
$stmt = $pdo->prepare("
UPDATE events
SET current_attendees = (
SELECT COUNT(*)
FROM event_attendees
WHERE event_id = ? AND status = 'attending'
)
WHERE id = ?
");
$stmt->execute([$event_id, $event_id]);
echo json_encode(['success' => true, 'message' => 'RSVP updated successfully']);
}
function likeEvent($pdo, $user_id, $data) {
if (empty($data['event_id'])) {
echo json_encode(['success' => false, 'message' => 'Missing event_id']);
return;
}
$event_id = $data['event_id'];
// Check if already liked
$stmt = $pdo->prepare("SELECT id FROM event_likes WHERE event_id = ? AND user_id = ?");
$stmt->execute([$event_id, $user_id]);
if ($stmt->fetch()) {
// Unlike
$stmt = $pdo->prepare("DELETE FROM event_likes WHERE event_id = ? AND user_id = ?");
$stmt->execute([$event_id, $user_id]);
echo json_encode(['success' => true, 'message' => 'Event unliked']);
} else {
// Like
$stmt = $pdo->prepare("INSERT INTO event_likes (event_id, user_id) VALUES (?, ?)");
$stmt->execute([$event_id, $user_id]);
echo json_encode(['success' => true, 'message' => 'Event liked']);
}
}
function commentEvent($pdo, $user_id, $data) {
if (empty($data['event_id']) || empty($data['comment'])) {
echo json_encode(['success' => false, 'message' => 'Missing event_id or comment']);
return;
}
$stmt = $pdo->prepare("INSERT INTO event_comments (event_id, user_id, comment) VALUES (?, ?, ?)");
$stmt->execute([$data['event_id'], $user_id, $data['comment']]);
echo json_encode(['success' => true, 'message' => 'Comment added successfully']);
}
function shareEvent($pdo, $user_id, $data) {
if (empty($data['event_id'])) {
echo json_encode(['success' => false, 'message' => 'Missing event_id']);
return;
}
$platform = $data['platform'] ?? 'internal';
$stmt = $pdo->prepare("INSERT INTO event_shares (event_id, user_id, platform) VALUES (?, ?, ?)");
$stmt->execute([$data['event_id'], $user_id, $platform]);
echo json_encode(['success' => true, 'message' => 'Event shared successfully']);
}
function updateEvent($pdo, $user_id, $data, $is_admin = false) {
$required_fields = ['event_id', 'title', 'event_type', 'description', 'start_date', 'end_date'];
foreach ($required_fields as $field) {
if (empty($data[$field]) && $data[$field] !== '0') {
echo json_encode(['success' => false, 'message' => "Missing required field: $field"]);
return;
}
}
$event_id = (int)$data['event_id'];
$stmt = $pdo->prepare("SELECT creator_id FROM events WHERE id = ?");
$stmt->execute([$event_id]);
$event = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$event) {
echo json_encode(['success' => false, 'message' => 'Event not found']);
return;
}
if ($event['creator_id'] != $user_id && !$is_admin) {
echo json_encode(['success' => false, 'message' => 'You do not have permission to edit this event']);
return;
}
$ticket_price = isset($data['ticket_price']) && $data['ticket_price'] !== '' ? (float)$data['ticket_price'] : 0.00;
$is_free = $ticket_price == 0;
$max_attendees = isset($data['max_attendees']) && $data['max_attendees'] !== '' ? (int)$data['max_attendees'] : null;
$stmt = $pdo->prepare("
UPDATE events
SET
title = ?,
description = ?,
event_type = ?,
location = ?,
venue_name = ?,
address = ?,
start_date = ?,
end_date = ?,
max_attendees = ?,
ticket_price = ?,
is_free = ?
WHERE id = ?
");
$stmt->execute([
$data['title'],
$data['description'],
$data['event_type'],
$data['location'] ?? '',
$data['venue_name'] ?? '',
$data['address'] ?? '',
$data['start_date'],
$data['end_date'],
$max_attendees,
$ticket_price,
$is_free ? 1 : 0,
$event_id
]);
echo json_encode(['success' => true, 'message' => 'Event updated successfully', 'event_id' => $event_id]);
}
?>