/
event_invite.php
72 lines (56 loc) · 1.61 KB
/
event_invite.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<?php
include('header.php');
include("getInputSafe.php");
if(!checkLogged())
{
header("Location: main.php");//?errorMsg=".urlencode("Illegal Access to Upload Event page!"));
return '';
}
$valid_user = validate_user();
$id = $_GET['id'];
if(!validateInput($number_match,$id))
{
header("Location: main.php?errorMsg=".urlencode("Illegal DATA in GET to Access an Event!"));
return '';
}
//get userlist
$stmt = $dbh->prepare("SELECT * from users");
$stmt->execute(array());
$users = $stmt->fetchAll();
//get event
$stmt = $dbh->prepare("SELECT * from events
INNER JOIN users
ON users.id=events.owner
INNER JOIN eventTypes
ON eventTypes.id=events.eventtype
WHERE events.id_event= ?");
$stmt->execute(array($id));
$event_info = $stmt->fetchAll();
if($_SESSION['login_user']!=$event_info[0]['owner']) {
header("Location: main.php?");
return '';
}
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Invite to <?=$event_info[0]['title']?></title>
<meta charset="utf-8">
<link rel="stylesheet" href="css/myStyle.css">
</head>
<body>
<header>
<?php login_header(); ?>
<h1>Invite to '<?=$event_info[0]['title']?>'</h1>
</header>
<div id="user_list">
<form action="send_invites.php" method="post" enctype="multipart/form-data">
<?php foreach($users as $row){?>
<input value="<?=$row['id']?>" name="invite[]" type="checkbox"/> <?=$row['username']?> <br>
<?php } ?>
<input type="hidden" name="id" value="<?=$event_info[0]['id_event']?>" />
<br> <input type="submit" value="Invite">
</form>
</div>
</body>
</html>