Example #1
0
    showError('You need to login to create an event.');
} else {
    if (isset($_POST['submit'])) {
        if (isset($_POST['type']) && isset($_POST['name']) && isset($_POST['description']) && isset($_POST['date']) && isset($_FILES["image"]) && isset($_POST["csrf_token"])) {
            if (validateCSRFToken($_POST["csrf_token"])) {
                $extension = pathinfo($_FILES["image"]["name"], PATHINFO_EXTENSION);
                if (isset($extension)) {
                    if (test_date($_POST['date'])) {
                        $idEvent = createEvent($_POST['type'], $_POST['name'], $_POST['description'], $_POST['date'], isset($_POST['public']), $_SESSION['userid']);
                        if ($idEvent != -1) {
                            try {
                                if (file_exists($_FILES['image']['tmp_name']) && is_uploaded_file($_FILES['image']['tmp_name'])) {
                                    // Check if an image was been uploaded
                                    $target_dir = "images/events/";
                                    $target_file = $target_dir . $idEvent . '.' . $extension;
                                    if (!updateEventImage($idEvent, $target_file)) {
                                        throw new RuntimeException("Could not set event image.");
                                    }
                                    uploadImage($_FILES["image"], $target_file);
                                }
                                showSuccess("Event created.");
                            } catch (RuntimeException $e) {
                                showError($e->getMessage());
                            }
                        } else {
                            showError("Could not create the event.");
                        }
                    } else {
                        showError("Invalid event date. Date must have format YYYY-MM-DD HH:MM(:SS)");
                    }
                } else {
Example #2
0
if (!isUserLoggedIn()) {
    http_response_code(403);
    showError('You need to login to view an event.');
} else {
    if (isset($_POST['edit_event_image'])) {
        if (isset($_FILES['file'])) {
            $eventID = $_POST['edit_event_image'];
            $event = getEvent($eventID);
            $canEdit = isUserLoggedIn() && $event["owner"] === getUserID();
            if ($canEdit) {
                try {
                    if (file_exists($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name'])) {
                        $target_dir = "images/events/";
                        $extension = pathinfo($_FILES["file"]["name"], PATHINFO_EXTENSION);
                        $target_file = $target_dir . $eventID . '.' . $extension;
                        if (!updateEventImage($eventID, $target_file)) {
                            throw new RuntimeException("Could not set event image.");
                        }
                        uploadImage($_FILES["file"], $target_file);
                        showSuccess("Image successfully changed");
                    }
                } catch (RuntimeException $e) {
                    showError($e->getMessage());
                }
            } else {
                showError("You cannot edit this event");
            }
        } else {
            showError("Missing file");
        }
    }