34915-vm/competition_details.php

<?php
session_start();
require_once 'includes/header.php';
require_once 'db/config.php';

$competition_id = $_GET['id'] ?? null;
if (!$competition_id) {
    echo "<div class='alert alert-danger'>Competition ID is missing.</div>";
    require_once 'includes/footer.php';
    exit;
}

$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM competitions WHERE id = ?");
$stmt->execute([$competition_id]);
$competition = $stmt->fetch();

if (!$competition) {
    echo "<div class='alert alert-danger'>Competition not found.</div>";
    require_once 'includes/footer.php';
    exit;
}

if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['submission_file'])) {
    if (!isset($_SESSION['user_id'])) {
        echo "<div class='alert alert-danger'>You must be logged in to make a submission.</div>";
    } else {
        $user_id = $_SESSION['user_id'];
        $file = $_FILES['submission_file'];

        // File validation
        if ($file['error'] === UPLOAD_ERR_OK) {
            $upload_dir = 'uploads/';
            $file_name = uniqid() . '-' . basename($file['name']);
            $target_path = $upload_dir . $file_name;

            if (move_uploaded_file($file['tmp_name'], $target_path)) {
                $stmt = $pdo->prepare("INSERT INTO submissions (competition_id, user_id, file_path) VALUES (?, ?, ?)");
                if ($stmt->execute([$competition_id, $user_id, $target_path])) {
                    echo "<div class='alert alert-success'>Submission uploaded successfully.</div>";
                } else {
                    echo "<div class='alert alert-danger'>Failed to save submission to the database.</div>";
                }
            } else {
                echo "<div class='alert alert-danger'>Failed to move uploaded file.</div>";
            }
        } else {
            echo "<div class='alert alert-danger'>Error uploading file.</div>";
        }
    }
}

?>

<div class="container">
    <h1 class="mt-5"><?php echo htmlspecialchars($competition['title']); ?></h1>
    <p class="lead">
        <strong>Start Date:</strong> <?php echo date("F j, Y, g:i a", strtotime($competition['start_date'])); ?><br>
        <strong>End Date:</strong> <?php echo date("F j, Y, g:i a", strtotime($competition['end_date'])); ?>
    </p>
    <p><?php echo nl2br(htmlspecialchars($competition['description'])); ?></p>

    <hr>

    <?php if (isset($_SESSION['user_id'])): ?>
        <div class="card">
            <div class="card-header">
                <h3>Submit Your Entry</h3>
            </div>
            <div class="card-body">
                <form action="competition_details.php?id=<?php echo $competition_id; ?>" method="post" enctype="multipart/form-data">
                    <div class="form-group">
                        <label for="submission_file">Select file to upload:</label>
                        <input type="file" class="form-control-file" id="submission_file" name="submission_file" required>
                    </div>
                    <button type="submit" class="btn btn-primary mt-3">Upload Submission</button>
                </form>
            </div>
        </div>
    <?php else: ?>
        <div class="alert alert-info">
            Please <a href="login.php?return_url=<?php echo urlencode($_SERVER['REQUEST_URI']); ?>">login</a> to submit your entry for this competition.
        </div>
    <?php endif; ?>
</div>

<?php require_once 'includes/footer.php'; ?>