upskill-event-manager/templates/page-edit-event.php
ben 22194dc360 fix: implement AJAX nonce distribution for master trainer templates
- Add proper AJAX nonce distribution to page-master-trainers.php
- Implement security authentication for both dashboard and trainers pages
- Fix template-level nonce initialization for HVAC AJAX system
- Maintain WordPress security best practices throughout implementation

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-24 13:52:22 -03:00

162 lines
No EOL
5.6 KiB
PHP

<?php
/**
* Template Name: Edit Event
* Description: Template for editing existing events with REST API (100% field control)
*/
// Define constant to indicate we are in a page template
define('HVAC_IN_PAGE_TEMPLATE', true);
// Force output early to ensure template is working
echo '<!-- HVAC EDIT EVENT TEMPLATE LOADED -->';
get_header();
// Get event ID from URL
$event_id = isset($_GET['event_id']) ? intval($_GET['event_id']) : 0;
?>
<style>
.hvac-edit-event-wrapper {
max-width: 1200px;
margin: 0 auto;
padding: 20px;
}
.hvac-edit-event-wrapper h1 {
color: #1a1a1a;
font-size: 28px;
margin-bottom: 20px;
}
.hvac-form-notice {
background: #f0f7ff;
border: 1px solid #0073aa;
border-radius: 4px;
padding: 12px;
margin-bottom: 20px;
}
.hvac-form-notice p {
margin: 0;
color: #0073aa;
}
.hvac-error-notice {
background: #fff5f5;
border: 1px solid #dc3232;
border-radius: 4px;
padding: 12px;
margin-bottom: 20px;
}
.hvac-error-notice p {
margin: 0;
color: #dc3232;
}
</style>
<div class="hvac-edit-event-wrapper">
<?php
// Display trainer navigation menu and breadcrumbs
if (class_exists('HVAC_Menu_System')) {
echo '<div class="hvac-navigation-wrapper">';
HVAC_Menu_System::instance()->render_trainer_menu();
echo '</div>';
}
// Display breadcrumbs
if (class_exists('HVAC_Breadcrumbs')) {
echo '<div class="hvac-breadcrumbs-wrapper">';
HVAC_Breadcrumbs::instance()->render();
echo '</div>';
}
?>
<h1>Edit Event</h1>
<?php
// Debug output removed for security - no unescaped user input in HTML comments
if (defined('WP_DEBUG') && WP_DEBUG && current_user_can('manage_options')) {
echo '<!-- DEBUG: event_id = ' . absint($event_id) . ' -->';
}
?>
<?php if ($event_id > 0) : ?>
<div class="hvac-form-notice">
<p>Editing Event ID: <?php echo esc_html($event_id); ?> - Full control over all fields including excerpt.</p>
</div>
<div class="hvac-page-content">
<?php
// Debug TEC shortcode
echo '<!-- DEBUG: About to render TEC shortcode -->';
// Check if TEC Community Events is active
if (function_exists('tribe_community_events_init')) {
echo '<!-- DEBUG: TEC Community Events function exists -->';
// Render the TEC edit form with the event ID
$shortcode_output = do_shortcode('[tribe_community_events view="edit_event" id="' . $event_id . '"]');
echo '<!-- DEBUG: Shortcode output length: ' . strlen($shortcode_output) . ' -->';
echo $shortcode_output;
} else {
echo '<!-- DEBUG: TEC Community Events function NOT found -->';
echo '<div class="hvac-error-notice"><p>The Events Calendar Community Events plugin is required but not active.</p></div>';
}
?>
</div>
<script>
// Inline script to ensure REST API enhancement loads for editing
jQuery(document).ready(function($) {
console.log('[Edit Event Page] Initializing REST API enhancement for event <?php echo $event_id; ?>...');
// Store event ID for REST API to use
window.hvacEditEventId = <?php echo $event_id; ?>;
console.log('[Edit Event Page] Set window.hvacEditEventId =', window.hvacEditEventId);
// DISABLED: REST API form override disabled to allow TEC native form handling
// This was causing 500 "Security check failed" errors by intercepting form submission
// and bypassing WordPress/TEC security token validation
/*
// Wait a bit for the page to fully load before checking for REST API
setTimeout(function() {
// Check if REST API script is loaded
if (typeof HVACRestEventSubmission !== 'undefined') {
console.log('[Edit Event Page] REST API script already loaded');
// Re-initialize for edit mode
HVACRestEventSubmission.init();
} else {
console.log('[Edit Event Page] Loading REST API script...');
// Dynamically load the REST API script if not already loaded
$.getScript('<?php echo HVAC_PLUGIN_URL; ?>assets/js/hvac-rest-api-event-submission.js')
.done(function() {
console.log('[Edit Event Page] REST API script loaded successfully');
if (typeof HVACRestEventSubmission !== 'undefined') {
HVACRestEventSubmission.init();
console.log('[Edit Event Page] REST API initialized for edit mode');
}
})
.fail(function() {
console.error('[Edit Event Page] Failed to load REST API script');
});
}
}, 1000);
*/
console.log('[Edit Event Page] Using TEC native form handling - REST API override disabled');
});
</script>
<?php else : ?>
<div class="hvac-error-notice">
<p>No event specified. Please select an event to edit.</p>
</div>
<div class="hvac-page-content">
<p><a href="<?php echo esc_url(home_url('/trainer/event/manage/')); ?>" class="button">Back to Event Management</a></p>
</div>
<?php endif; ?>
</div>
<?php
get_footer();
?>