 Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/gositeme/domains/soundstudiopro.com/public_html/ |
<?php
session_start();
require_once 'config/database.php';
require_once 'includes/translations.php';
$eventId = isset($_GET['id']) ? (int)$_GET['id'] : 0;
$passwordError = false;
$passwordSubmitted = false;
$isBlocked = false;
$failedAttempts = 0;
if ($eventId <= 0) {
header('Location: /events.php');
exit;
}
$pdo = getDBConnection();
// Handle "Don't block me" request
if (isset($_POST['unblock_request']) && $_POST['unblock_request'] === '1') {
$_SESSION['party_unblock_' . $eventId] = true;
$_SESSION['party_unblock_time_' . $eventId] = time();
// Reset failed attempts when unblocked
unset($_SESSION['party_failed_attempts_' . $eventId]);
unset($_SESSION['party_failed_time_' . $eventId]);
header('Location: /party_gate.php?id=' . $eventId);
exit;
}
// Check if user is unblocked (1 hour grace period)
$isUnblocked = false;
if (isset($_SESSION['party_unblock_' . $eventId]) && $_SESSION['party_unblock_' . $eventId] === true) {
if (isset($_SESSION['party_unblock_time_' . $eventId])) {
$unblockAge = time() - (int)$_SESSION['party_unblock_time_' . $eventId];
if ($unblockAge < 3600) { // 1 hour
$isUnblocked = true;
} else {
// Unblock period expired
unset($_SESSION['party_unblock_' . $eventId]);
unset($_SESSION['party_unblock_time_' . $eventId]);
}
}
}
// Check failed attempts (only if not unblocked)
if (!$isUnblocked) {
if (isset($_SESSION['party_failed_attempts_' . $eventId])) {
$failedAttempts = (int)$_SESSION['party_failed_attempts_' . $eventId];
}
// Check if attempts are too old (reset after 1 hour)
if (isset($_SESSION['party_failed_time_' . $eventId])) {
$attemptAge = time() - (int)$_SESSION['party_failed_time_' . $eventId];
if ($attemptAge > 3600) { // 1 hour
// Reset attempts
$failedAttempts = 0;
unset($_SESSION['party_failed_attempts_' . $eventId]);
unset($_SESSION['party_failed_time_' . $eventId]);
}
}
// Check if blocked (10 or more failed attempts)
if ($failedAttempts >= 10) {
$isBlocked = true;
}
}
// Check if password was submitted
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['party_password'])) {
// Check if user is blocked (unless unblocked)
if (!$isUnblocked && isset($_SESSION['party_failed_attempts_' . $eventId])) {
$checkFailedAttempts = (int)$_SESSION['party_failed_attempts_' . $eventId];
if ($checkFailedAttempts >= 10) {
// User is blocked, don't process password
$isBlocked = true;
$passwordError = false;
} else {
$passwordSubmitted = true;
$submittedPassword = $_POST['party_password'] ?? '';
}
} else {
$passwordSubmitted = true;
$submittedPassword = $_POST['party_password'] ?? '';
}
if ($passwordSubmitted) {
// Get event with password
$stmt = $pdo->prepare("
SELECT
e.*,
u.name AS creator_name,
u.id AS creator_id
FROM events e
JOIN users u ON e.creator_id = u.id
WHERE e.id = ? AND e.status = 'published' AND e.is_private_party = 1
LIMIT 1
");
$stmt->execute([$eventId]);
$event = $stmt->fetch(PDO::FETCH_ASSOC);
if ($event && !empty($event['party_password'])) {
// Verify password (supports both hashed and plain text for backward compatibility)
$password_valid = false;
if (password_verify($submittedPassword, $event['party_password'])) {
// Password is hashed and matches
$password_valid = true;
} elseif ($submittedPassword === $event['party_password']) {
// Plain text password (backward compatibility) - upgrade to hash
$password_valid = true;
$hashed_password = password_hash($submittedPassword, PASSWORD_DEFAULT);
$upgrade_stmt = $pdo->prepare("UPDATE events SET party_password = ? WHERE id = ?");
$upgrade_stmt->execute([$hashed_password, $eventId]);
}
if ($password_valid) {
// Password correct - set session
if (session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
$_SESSION['party_access_' . $eventId] = true;
$_SESSION['party_access_time_' . $eventId] = time();
// Reset failed attempts on successful password
unset($_SESSION['party_failed_attempts_' . $eventId]);
unset($_SESSION['party_failed_time_' . $eventId]);
// Redirect back to events page so the event appears in the list
header('Location: /events.php?event=' . $eventId);
exit;
} else {
// Password incorrect - increment failed attempts
if (session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
$failedAttempts = isset($_SESSION['party_failed_attempts_' . $eventId])
? (int)$_SESSION['party_failed_attempts_' . $eventId]
: 0;
$failedAttempts++;
$_SESSION['party_failed_attempts_' . $eventId] = $failedAttempts;
$_SESSION['party_failed_time_' . $eventId] = time();
$passwordError = true;
// Check if blocked after this attempt
if ($failedAttempts >= 10) {
$isBlocked = true;
}
}
}
}
}
// Get event details
$stmt = $pdo->prepare("
SELECT
e.*,
u.name AS creator_name,
u.id AS creator_id
FROM events e
JOIN users u ON e.creator_id = u.id
WHERE e.id = ? AND e.status = 'published' AND e.is_private_party = 1
LIMIT 1
");
$stmt->execute([$eventId]);
$event = $stmt->fetch(PDO::FETCH_ASSOC);
// If event doesn't exist or isn't private, redirect
if (!$event) {
// Event might not be private or doesn't exist - redirect to event details
// If it's actually private but query failed, event_details.php will handle it
header('Location: /event_details.php?id=' . $eventId);
exit;
}
// Check if user already has access
if (isset($_SESSION['party_access_' . $eventId]) &&
isset($_SESSION['party_access_time_' . $eventId])) {
$access_age = time() - (int)$_SESSION['party_access_time_' . $eventId];
if ($access_age < 3600) { // 1 hour access
header('Location: /event_details.php?id=' . $eventId);
exit;
} else {
// Access expired, clear session and show gate
unset($_SESSION['party_access_' . $eventId]);
unset($_SESSION['party_access_time_' . $eventId]);
}
}
$host = $_SERVER['HTTP_HOST'] ?? 'soundstudiopro.com';
$scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
$baseUrl = $scheme . $host;
$title = $event['title'] ?? 'Private Party';
$coverImage = $event['cover_image'] ?? '';
if ($coverImage && $coverImage[0] !== '/') {
$coverImage = '/' . $coverImage;
}
$coverImageUrl = $coverImage ? $baseUrl . $coverImage : $baseUrl . '/assets/images/og-image.png';
$page_title = 'Private Party Access - ' . htmlspecialchars($title) . ' - SoundStudioPro';
include 'includes/header.php';
?>
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, sans-serif;
overflow: hidden;
height: 100vh;
}
.party-gate-container {
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background: linear-gradient(135deg, #667eea 0%, #764ba2 50%, #f093fb 100%);
background-size: 400% 400%;
animation: gradientShift 15s ease infinite;
display: flex;
align-items: center;
justify-content: center;
padding: 2rem;
z-index: 9999;
}
@keyframes gradientShift {
0% { background-position: 0% 50%; }
50% { background-position: 100% 50%; }
100% { background-position: 0% 50%; }
}
.party-gate-content {
position: relative;
max-width: 500px;
width: 100%;
background: rgba(15, 23, 42, 0.95);
backdrop-filter: blur(20px);
border-radius: 32px;
padding: 3rem;
box-shadow: 0 30px 60px rgba(0, 0, 0, 0.5),
0 0 0 1px rgba(255, 255, 255, 0.1),
inset 0 1px 0 rgba(255, 255, 255, 0.1);
text-align: center;
animation: gateEntrance 0.6s cubic-bezier(0.34, 1.56, 0.64, 1);
}
@keyframes gateEntrance {
0% {
opacity: 0;
transform: scale(0.8) translateY(20px);
}
100% {
opacity: 1;
transform: scale(1) translateY(0);
}
}
.party-gate-icon {
font-size: 4rem;
margin-bottom: 1.5rem;
background: linear-gradient(135deg, #f093fb 0%, #4facfe 100%);
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
background-clip: text;
animation: iconPulse 2s ease-in-out infinite;
}
@keyframes iconPulse {
0%, 100% { transform: scale(1); }
50% { transform: scale(1.1); }
}
.party-gate-title {
font-size: 2rem;
font-weight: 800;
color: #fff;
margin-bottom: 0.5rem;
background: linear-gradient(135deg, #f093fb 0%, #4facfe 100%);
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
background-clip: text;
}
.party-gate-subtitle {
font-size: 1rem;
color: rgba(255, 255, 255, 0.7);
margin-bottom: 2rem;
line-height: 1.6;
}
.party-gate-form {
margin-top: 2rem;
}
.party-gate-input-wrapper {
position: relative;
margin-bottom: 1.5rem;
}
.party-gate-input {
width: 100%;
padding: 1rem 1.5rem;
background: rgba(255, 255, 255, 0.05);
border: 2px solid rgba(255, 255, 255, 0.1);
border-radius: 16px;
color: #fff;
font-size: 1.1rem;
transition: all 0.3s ease;
outline: none;
}
.party-gate-input:focus {
border-color: rgba(139, 92, 246, 0.6);
background: rgba(255, 255, 255, 0.08);
box-shadow: 0 0 0 4px rgba(139, 92, 246, 0.2);
}
.party-gate-input::placeholder {
color: rgba(255, 255, 255, 0.4);
}
.party-gate-error {
color: #ff6b6b;
font-size: 0.9rem;
margin-top: 0.5rem;
display: block;
animation: shake 0.5s ease;
}
@keyframes shake {
0%, 100% { transform: translateX(0); }
25% { transform: translateX(-10px); }
75% { transform: translateX(10px); }
}
.party-gate-button {
width: 100%;
padding: 1rem 2rem;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
border: none;
border-radius: 16px;
color: #fff;
font-size: 1.1rem;
font-weight: 600;
cursor: pointer;
transition: all 0.3s ease;
box-shadow: 0 8px 24px rgba(102, 126, 234, 0.4);
position: relative;
overflow: hidden;
}
.party-gate-button::before {
content: '';
position: absolute;
top: 0;
left: -100%;
width: 100%;
height: 100%;
background: linear-gradient(90deg, transparent, rgba(255, 255, 255, 0.2), transparent);
transition: left 0.5s ease;
}
.party-gate-button:hover::before {
left: 100%;
}
.party-gate-button:hover {
transform: translateY(-2px);
box-shadow: 0 12px 32px rgba(102, 126, 234, 0.5);
}
.party-gate-button:active {
transform: translateY(0);
}
.party-gate-event-preview {
margin-top: 2rem;
padding-top: 2rem;
border-top: 1px solid rgba(255, 255, 255, 0.1);
}
.party-gate-event-image {
width: 100%;
height: 200px;
object-fit: cover;
border-radius: 16px;
margin-bottom: 1rem;
border: 2px solid rgba(255, 255, 255, 0.1);
}
.party-gate-event-title {
color: rgba(255, 255, 255, 0.9);
font-size: 1.2rem;
font-weight: 600;
margin-bottom: 0.5rem;
}
.party-gate-event-creator {
color: rgba(255, 255, 255, 0.6);
font-size: 0.9rem;
}
.party-gate-event-creator .creator-link {
color: rgba(79, 172, 254, 0.9);
text-decoration: none;
font-weight: 600;
transition: all 0.3s ease;
}
.party-gate-event-creator .creator-link:hover {
color: #4facfe;
text-decoration: underline;
text-shadow: 0 0 10px rgba(79, 172, 254, 0.5);
}
/* Blocked State Styles */
.party-gate-blocked {
text-align: center;
padding: 2rem 0;
}
.blocked-icon {
font-size: 4rem;
color: #ff6b6b;
margin-bottom: 1.5rem;
animation: pulse 2s ease-in-out infinite;
}
@keyframes pulse {
0%, 100% { transform: scale(1); opacity: 1; }
50% { transform: scale(1.1); opacity: 0.8; }
}
.blocked-title {
font-size: 1.8rem;
font-weight: 800;
color: #fff;
margin-bottom: 1rem;
background: linear-gradient(135deg, #ff6b6b, #ee5a6f);
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
background-clip: text;
}
.blocked-message {
color: rgba(255, 255, 255, 0.8);
font-size: 1rem;
line-height: 1.6;
margin-bottom: 1.5rem;
padding: 0 1rem;
}
.blocked-info {
color: rgba(255, 255, 255, 0.7);
font-size: 0.9rem;
margin-bottom: 2rem;
padding: 1rem;
background: rgba(255, 107, 107, 0.1);
border-radius: 12px;
border: 1px solid rgba(255, 107, 107, 0.3);
}
.blocked-info strong {
color: #ff6b6b;
}
.blocked-info small {
display: block;
margin-top: 0.5rem;
color: rgba(255, 255, 255, 0.5);
font-size: 0.85rem;
}
.unblock-form {
margin: 2rem 0;
}
.unblock-button {
width: 100%;
padding: 1rem 2rem;
background: linear-gradient(135deg, #48bb78, #38a169);
border: none;
border-radius: 16px;
color: #fff;
font-size: 1.1rem;
font-weight: 600;
cursor: pointer;
transition: all 0.3s ease;
box-shadow: 0 8px 24px rgba(72, 187, 120, 0.4);
display: inline-flex;
align-items: center;
justify-content: center;
gap: 0.5rem;
}
.unblock-button:hover {
transform: translateY(-2px);
box-shadow: 0 12px 32px rgba(72, 187, 120, 0.5);
background: linear-gradient(135deg, #38a169, #48bb78);
}
.unblock-button:active {
transform: translateY(0);
}
.unblock-note {
color: rgba(255, 255, 255, 0.6);
font-size: 0.85rem;
margin-top: 1rem;
font-style: italic;
}
.party-particles {
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
pointer-events: none;
overflow: hidden;
}
.particle {
position: absolute;
width: 4px;
height: 4px;
background: rgba(255, 255, 255, 0.6);
border-radius: 50%;
animation: float 15s infinite linear;
}
@keyframes float {
0% {
transform: translateY(100vh) translateX(0) rotate(0deg);
opacity: 0;
}
10% {
opacity: 1;
}
90% {
opacity: 1;
}
100% {
transform: translateY(-100px) translateX(100px) rotate(360deg);
opacity: 0;
}
}
</style>
<div class="party-gate-container">
<div class="party-particles" id="particles"></div>
<div class="party-gate-content">
<div class="party-gate-icon">
<i class="fas fa-lock"></i>
</div>
<h1 class="party-gate-title"><?= t('party.title') ?></h1>
<p class="party-gate-subtitle"><?= t('party.subtitle') ?></p>
<?php if (!empty($event['cover_image'])): ?>
<div class="party-gate-event-preview">
<img src="<?= htmlspecialchars($coverImageUrl) ?>" alt="<?= htmlspecialchars($event['title']) ?>" class="party-gate-event-image">
<div class="party-gate-event-title"><?= htmlspecialchars($event['title']) ?></div>
<div class="party-gate-event-creator"><?= t('party.creator_by') ?> <a href="/artist_profile.php?id=<?= (int)$event['creator_id'] ?>" class="creator-link"><?= htmlspecialchars($event['creator_name']) ?></a></div>
</div>
<?php endif; ?>
<?php if ($isBlocked): ?>
<div class="party-gate-blocked">
<div class="blocked-icon">
<i class="fas fa-shield-alt"></i>
</div>
<h2 class="blocked-title"><?= t('party.blocked_title') ?></h2>
<p class="blocked-message">
<?= t('party.blocked_message') ?>
</p>
<p class="blocked-info">
<strong><?= t('party.failed_attempts_label') ?></strong> <?= $failedAttempts ?><br>
<small><?= t('party.attempts_reset_note') ?></small>
</p>
<form method="POST" class="unblock-form">
<input type="hidden" name="unblock_request" value="1">
<button type="submit" class="unblock-button">
<i class="fas fa-check-circle"></i> <?= t('party.unblock_button') ?>
</button>
</form>
<p class="unblock-note">
<?= t('party.unblock_note') ?>
</p>
</div>
<?php else: ?>
<form method="POST" class="party-gate-form" id="partyGateForm">
<div class="party-gate-input-wrapper">
<input
type="password"
name="party_password"
class="party-gate-input"
placeholder="<?= htmlspecialchars(t('party.password_placeholder')) ?>"
required
autofocus
autocomplete="off"
<?= $isBlocked ? 'disabled' : '' ?>
>
<?php if ($passwordError): ?>
<span class="party-gate-error">
<?= t('party.incorrect_password') ?>
<?php if ($failedAttempts > 0 && $failedAttempts < 10): ?>
<br><small>(<?= t($failedAttempts > 1 ? 'party.failed_attempts_plural' : 'party.failed_attempts', ['count' => $failedAttempts]) ?>. <?= t((10 - $failedAttempts) > 1 ? 'party.attempts_remaining_plural' : 'party.attempts_remaining', ['count' => 10 - $failedAttempts]) ?>)</small>
<?php endif; ?>
</span>
<?php endif; ?>
</div>
<button type="submit" class="party-gate-button" <?= $isBlocked ? 'disabled' : '' ?>>
<i class="fas fa-unlock"></i> <?= t('party.enter_button') ?>
</button>
</form>
<?php endif; ?>
</div>
</div>
<script>
// Create floating particles
function createParticles() {
const container = document.getElementById('particles');
const particleCount = 30;
for (let i = 0; i < particleCount; i++) {
const particle = document.createElement('div');
particle.className = 'particle';
particle.style.left = Math.random() * 100 + '%';
particle.style.animationDelay = Math.random() * 15 + 's';
particle.style.animationDuration = (10 + Math.random() * 10) + 's';
container.appendChild(particle);
}
}
createParticles();
// Auto-focus input on load
document.querySelector('.party-gate-input').focus();
// Handle form submission
document.getElementById('partyGateForm').addEventListener('submit', function(e) {
const button = this.querySelector('.party-gate-button');
const originalText = button.innerHTML;
button.disabled = true;
button.innerHTML = '<i class="fas fa-spinner fa-spin"></i> Checking...';
// Re-enable after 3 seconds in case of error
setTimeout(() => {
button.disabled = false;
button.innerHTML = originalText;
}, 3000);
});
</script>
<?php include 'includes/footer.php'; ?>