jacky-htg · muhammadrizki1324 · Jun 2, 2023 · Jun 2, 2023 · Jun 2, 2023 · Jun 2, 2023
diff --git a/.env.example b/.env.example
@@ -0,0 +1,12 @@
+DB_HOST=localhost
+DB_USER=root
+DB_PASS=
+DB_NAME=events
+
+APP_NAME=Sistem Pengelolaan Event HIMATIKA UNSIA
+
+SENDGRID_FROM=
+SENDGRID_REGISTRATION_TEMPLATE=
+SENDGRID_CS_EMAIL=
+SENDGRID_CS_PHONE=
+SENDGRID_APIKEY=
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+.env
diff --git a/LICENSE b/LICENSE
diff --git a/adm/events/add.php b/adm/events/add.php
@@ -0,0 +1,62 @@
+<?php
+session_start();
+
+if ($_SESSION['role'] != 'A') {
+  header('Location: /'); 
+  exit();
+}
+
+require_once('../../../helpers/config.php');
+require_once('../../../helpers/connection.php');
+require_once('../../../helpers/utils.php');
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+  try {
+    if ($_POST['token'] != $_SESSION['addevent']) {
+      unset($_SESSION['addevent']);
+      header('Location: ./index.php?error=Invalid Token'); 
+      exit();
+    } 
+
+    if (empty($_POST['title'])) {
+      $_GET['error'] = "Title can not be empty";
+    } else if (empty($_POST['date'])) {
+      $_GET['error'] = "Date can not be empty";
+    } else if (empty($_POST['speaker'])) {
+      $_GET['error'] = "Speaker can not be empty";
+    } else if (empty($_POST['number_of_participant'])) {
+      $_GET['error'] = "Number of Participant can not be empty";
+    } else if (!preg_match("/^[-:a-zA-Z-' ]*$/",$_POST['title'])) {
+      $_GET['error'] = "Title only letters and white space allowed";
+    } else if (!validateDate($_POST['date'].' '.$_POST['time'].':00', 'Y-m-d H:i:s')) {
+      $_GET['error'] = "Please supply valid date";
+    } else if (!preg_match("/^[a-zA-Z-' ]*$/",$_POST['speaker'])) {
+      $_GET['error'] = "Speaker only letters and white space allowed";
+    } else if (!is_numeric($_POST['number_of_participant'])) {
+      $_GET['error'] = "Number of participant must be numeric";
+    } else {
+      $certificateTemplateId = 1;
+      $query = "INSERT INTO events (title, description, date, speaker, number_of_participant, certificate_template_id, created_by, updated_by) VALUES(?, ?, ?, ?, ?, ?, ?, ?)";
+      $stmt = $db->prepare($query);
+      $datetime = $_POST['date'].' '.$_POST['time'].':00';
+      $stmt->bind_param('ssssdddd', $_POST['title'], $_POST['description'], $datetime, $_POST['speaker'], $_POST['number_of_participant'], $certificateTemplateId, $_SESSION['userid'], $_SESSION['userid']);
+      $stmt->execute();
+      $stmt->close();
+      $db -> close();
+
+      unset($_SESSION['addevent']);
+      header('Location: ./index.php?message=Event berhasil ditambahkan');
+      exit();
+    }
+
+  } catch(Exception $e) {
+    unset($_SESSION['addevent']);
+    header('Location: ./index.php?error=event gagal ditambahkan: ' . $e->getMessage()); 
+    exit();
+  }
+} 
+
+$datetime = new DateTime();
+$_SESSION['addevent'] = $datetime->getTimestamp();
+
+include('add_view.php');
diff --git a/adm/events/add_view.php b/adm/events/add_view.php
@@ -0,0 +1,44 @@
+<html>
+<head>
+    <link rel="stylesheet" href="../../style.css"/>
+  </head>
+
+  <body>
+    <?php require_once('../../../templates/header.php');?>
+    <?php require_once('../../../templates/menu.php');?>
+
+    <section>
+      <?php require_once('../../../templates/toast.php');?>
+
+      <a href="./">Kembali ke halaman list events</a>
+      <h2>Tambah Event Baru</h2>
+      <form action="./add.php" method="POST" class="form">
+      <div>
+        <label>Title</label>
+        <input name="title" pattern="[-:a-zA-Z ]+" required value="<?php echo isset($_POST['title'])?$_POST['title']:'';?>"/>
+      </div>  
+      <div>
+        <label>Date</label>
+        <input name="date" type="date" required value="<?php echo isset($_POST['date'])?$_POST['date']:'';?>"/>
+        <input name="time" type="time" required value="<?php echo isset($_POST['time'])?$_POST['time']:'';?>"/>
+        <input type="hidden" name="token" value="<?php echo $_SESSION['addevent'];?>"/>
+      </div>
+      <div>
+        <label>Speaker</label>
+        <input name="speaker" pattern="[a-zA-Z ]+" required value="<?php echo isset($_POST['speaker'])?$_POST['speaker']:'';?>"/>
+      </div>  
+      <div>
+        <label>Description</label>
+        <textarea name="description"><?php echo isset($_POST['description'])?$_POST['description']:'';?></textarea>
+      </div>  
+      <div>
+        <label>Number of Participant</label>
+        <input name="number_of_participant" type="number" required value="<?php echo isset($_POST['number_of_participant'])?$_POST['number_of_participant']:'';?>"/>
+      </div>  
+
+      <div><button type="submit">Submit</button></div>
+      </form>
+    </section>
+    <?php require_once('../../../templates/footer.php');?>
+  </body>
+</html>
diff --git a/adm/events/delete.php b/adm/events/delete.php
@@ -0,0 +1,41 @@
+<?php
+session_start();
+
+if ($_SESSION['role'] != 'A') {
+  header('Location: /'); 
+  exit();
+}
+
+require_once('../../../helpers/config.php');
+require_once('../../../helpers/connection.php');
+
+if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+  die('method is not allowed');
+}
+
+if (!isset($_POST['id']) || empty($_POST['id'])) {
+  die('please suplly valid id');
+}
+
+if ($_POST['token'] != $_SESSION['deleteevent']) {
+  unset($_SESSION['deleteevent']);
+  header('Location: ./index.php?error=Invalid Token'); 
+  exit();
+} 
+
+try {
+  $query = 'DELETE FROM events WHERE id=UUID_TO_BIN(?)';
+  $stmt = $db->prepare($query);
+  $stmt->bind_param('s', $_POST['id']);
+  $stmt->execute();
+  $stmt->close();
+  $db -> close();
+  unset($_SESSION['deleteevent']);
+  header('Location: ./index.php?message=Event berhasil dihapus');
+  exit();
+
+} catch(Exception $e) {
+  unset($_SESSION['deleteevent']);
+  header('Location: index.php?error=Event gagal dihapus: ' . $e->getMessage());
+  exit();
+}
diff --git a/adm/events/edit.php b/adm/events/edit.php
@@ -0,0 +1,93 @@
+<?php
+session_start();
+
+if ($_SESSION['role'] != 'A') {
+  header('Location: /'); 
+  exit();
+}
+
+require_once('../../../helpers/config.php');
+require_once('../../../helpers/connection.php');
+require_once('../../../helpers/utils.php');
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+  try {
+    if ($_POST['token'] != $_SESSION['editevent']) {
+      unset($_SESSION['editevent']);
+      header('Location: ./index.php?error=Invalid Token'); 
+      exit();
+    } 
+
+    $datetime = $_POST['date'].' '.$_POST['time'];
+    if (strlen($_POST['time']) == 5) {
+      $datetime = $_POST['date'].' '.$_POST['time'].':00';
+    }
+
+    if (empty($_POST['title'])) {
+      $_GET['error'] = "Title can not be empty";
+    } else if (empty($_POST['date'])) {
+      $_GET['error'] = "Date can not be empty";
+    } else if (empty($_POST['speaker'])) {
+      $_GET['error'] = "Speaker can not be empty";
+    } else if (empty($_POST['number_of_participant'])) {
+      $_GET['error'] = "Number of Participant can not be empty";
+    } else if (!preg_match("/^[-:a-zA-Z-' ]*$/",$_POST['title'])) {
+      $_GET['error'] = "Title only letters and white space allowed";
+    } else if (!validateDate($datetime, 'Y-m-d H:i:s')) {
+      $_GET['error'] = "Please supply valid date";
+    } else if (!preg_match("/^[a-zA-Z-' ]*$/",$_POST['speaker'])) {
+      $_GET['error'] = "Speaker only letters and white space allowed";
+    } else if (!is_numeric($_POST['number_of_participant'])) {
+      $_GET['error'] = "Number of participant must be numeric";
+    } else {
+      $query = 'UPDATE events SET title=?, description=?, date=?, speaker=?, number_of_participant=?, updated_by=?, updated_at=NOW() WHERE id=UUID_TO_BIN(?)';
+      $stmt = $db->prepare($query);
+      $stmt->bind_param("ssssdds", $_POST['title'], $_POST['description'], $datetime, $_POST['speaker'], $_POST['number_of_participant'], $_SESSION['userid'], $_POST['id']);
+      $stmt->execute();
+      $stmt->close();
+      $db -> close();
+      unset($_SESSION['editevent']);
+      header('Location: ./index.php?message=Event berhasil diupdate');
+      exit();
+    }
+
+  } catch(Exception $e) {
+    unset($_SESSION['editevent']);
+    header('Location: ./index.php?error=Event gagal diupdate:' . $e->getMessage());
+    exit();
+  }
+} else {
+  try {
+    $query = 'SELECT BIN_TO_UUID(id) as id, title, date, description, speaker, number_of_participant FROM events WHERE id = UUID_TO_BIN(?)';
+    $stmt = $db->prepare($query);
+    $stmt->bind_param("s", $_GET['id']);
+    $stmt->execute();
+
+    $result = $stmt->get_result();
+    $stmt->close();
+    $data = $result -> fetch_assoc();
+    if (!$data) {
+      unset($_SESSION['editevent']);
+      header('Location: ./index.php?error=Invalid ID event');
+      exit();
+    }
+    $result -> free_result();
+    $db -> close();
+
+    if (!empty($data['date'])) {
+      $dates = explode(' ', $data['date']);
+      $data['date'] = $dates[0];
+      $data['time'] = $dates[1];
+    }
+
+  } catch(Exception $e) {
+    unset($_SESSION['editevent']);
+    header('Location: ./index.php?error=Invalid ID Event'); 
+    exit();
+  }
+}
+
+$datetime = new DateTime();
+$_SESSION['editevent'] = $datetime->getTimestamp();
+
+include('edit_view.php');
diff --git a/adm/events/edit_view.php b/adm/events/edit_view.php
@@ -0,0 +1,42 @@
+<html>
+  <head>
+    <link rel="stylesheet" href="../../style.css"/>
+  </head>
+  <body>
+    <?php require_once('../../../templates/header.php');?>
+    <?php require_once('../../../templates/menu.php');?>
+    <section>
+    <?php require_once('../../../templates/toast.php');?>
+      <a href="./">Kembali ke halaman list event</a>
+      <h2>Edit Event</h2>
+      <form action="./edit.php" method="POST" class="form">
+      <div>
+        <label>Title</label>
+        <input name="title" pattern="[-:a-zA-Z ]+" required value="<?php echo $data['title'];?>"/>
+      </div>  
+      <div>
+        <label>Date</label>
+        <input name="date" type="date" required value="<?php echo $data['date'];?>"/>
+        <input name="time" type="time" required value="<?php echo $data['time'];?>"/>
+        <input name="id" type="hidden" value="<?php echo $data['id'];?>"/>
+        <input type="hidden" name="token" value="<?php echo $_SESSION['editevent'];?>"/>
+      </div>
+      <div>
+        <label>Speaker</label>
+        <input name="speaker" pattern="[a-zA-Z ]+" required value="<?php echo $data['speaker'];?>"/>
+      </div>  
+      <div>
+        <label>Description</label>
+        <textarea name="description"><?php echo $data['description'];?></textarea>
+      </div>  
+      <div>
+        <label>Number of Participant</label>
+        <input name="number_of_participant" type="number" required value="<?php echo $data['number_of_participant'];?>"/>
+      </div>
+
+      <div><button type="submit">Submit</button></div>
+      </form>
+    </section>
+    <?php require_once('../../../templates/footer.php');?>
+  </body>
+</html>