function showEventBrief($idEvent, $showRelationship = true) { if (!isUserLoggedIn()) { throw new RuntimeException("You need to be logged in."); } if (!canSeeEvent($_SESSION["userid"], $idEvent)) { throw new RuntimeException("You do not have access to this event."); } $event = getEvent($idEvent); $canEdit = isUserLoggedIn() && $event["owner"] === getUserID(); echo '<div class="event_brief" id="event' . $idEvent . '">'; echo '<div class="name"><a href="view_event.php?id=' . $idEvent . '">'; echo '<h2>' . htmlspecialchars($event["name"]) . '</h2>'; echo '</a></div>'; if ($showRelationship) { if ($canEdit) { echo '<div class="owner"></div>'; } else { if (isUserRegisteredInEvent(getUserID(), $idEvent)) { echo '<div class="registered"></div>'; } else { echo '<div class="not_registered"></div>'; } } } echo '<img src="database/event_image.php?id=' . $idEvent . '" alt="' . htmlspecialchars($event["name"]) . '" width="64" height="64" />'; echo '<div class="description">'; echo '<p class="description">' . htmlspecialchars($event["description"]) . '</p>'; echo '</div>'; echo '<datetime>' . htmlspecialchars($event["date"]) . '</datetime>'; echo '</div>'; }
function canSeeEvent($idUser, $idEvent) { if (isEventPublic($idEvent)) { return true; } if (isUserRegisteredInEvent($idUser, $idEvent)) { return true; } if (isUserInvitedToEvent($idUser, $idEvent)) { return true; } return false; }
if (isUserRegisteredInEvent(getUserID(), $idEvent)) { echo '<form class="write_comment_form" id="write_comment" action="view_event.php?id=' . $idEvent . '" method="post">'; echo '<input type="hidden" name="idEvent" value="' . $idEvent . '" />'; echo '<textarea name="text" class="text" required placeholder="Comment..." maxlength="500"></textarea>'; echo '<button type="submit" name="submit_comment">Add comment</button>'; echo '</form>'; } echo '<div class="comment_container">'; echo '<h2 class="title">Comments:</h2>'; $comments = getComments($idEvent); if (sizeof($comments) > 0) { foreach ($comments as $comment) { echo '<div class="comment">'; echo '<h3 class="user">' . htmlspecialchars($comment["name"]) . '</h3>'; if ($comment["user_id"] != getUserID()) { if (isUserRegisteredInEvent($comment["user_id"], $idEvent)) { echo '<div class="registered"></div>'; } else { echo '<div class="not_registered"></div>'; } } echo '<p class="text">' . nl2br(htmlspecialchars($comment["text"])) . '</p>'; echo '<h4 class="time">' . $comment["date"] . '</h4>'; echo '<form action="view_event.php?id=' . $idEvent . '" method="post" class="reply_form">'; echo '<input type="text" hidden name="idEvent" value="' . $idEvent . '"/>'; echo '<input type="text" hidden name="idComment" value="' . $comment["id"] . '"></input>'; echo '<input required class="reply_text" type="textarea" wrap="hard" maxlength="500" name="text" value="" placeholder="Write your reply here"/>'; echo '<input name="submit_reply" hidden class="submit" type="submit"/>'; echo '</form>'; echo '</div>'; $replies = getCommentReplies($comment['id']);
function canWriteComment($idUser, $idEvent) { return isUserRegisteredInEvent($idUser, $idEvent); }