PHP event system

A simple PHP and MYSQL driven event system that can be used for customizing events based on date, time and year. The backend comes with a neat and easy to understand user interface that includes adding, editing and deleting events as desired. The fronted is included to display events from database in a distinct and orderly fashion. The code and stylesheet can easily be edited according to your own linking. The code is explained here.

Download:

File: event_system.zip
Licence: MIT
Last update: 24.11.2017

Checksum(SHA256):


784e198987df3ccc5e2d21427d2680897eb2648ce58813e8764f8e4d62c84f86

Security aspect to consider

While the script is protected against XSS and SQL injection, it is recommended to protect its backend(addeditdel.php) from public use. As is, anyone can access it with just calling the file and can add, edit and delete events which can result in inappropriate content. So to tighten up things a bit, here are things to consider:

Access restriction

One way to protect against public use is to restrict access of the file to a personal IP address with htaccess. In such case, it is important to note that anyone inside that IP address will be able to access the file so shared IP should be avoided.

Implement authentication

Alternatively, a login system can be implemented to the backend file so anyone accessing it would have to authenticate himself or herself first. You may use one of the login scripts here. But you can use both login system and access restriction for better protection.