Add admin location editing

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

db/queries.sql

@@ -15,6 +15,9 @@ UPDATE events SET description = ? WHERE id = ?;
 -- name: UpdateEvent :exec
 UPDATE events SET title = ?, date = ?, time = ?, location = ? WHERE id = ?;
 
+-- name: UpdateEventLocation :exec
+UPDATE events SET location = ? WHERE id = ?;
+
 -- name: DeleteEvent :exec
 DELETE FROM events WHERE id = ?;
 

db/queries.sql.go

@@ -719,6 +719,20 @@ func (q *Queries) UpdateEventDescription(ctx context.Context, arg UpdateEventDes
 	return err
 }
 
+const updateEventLocation = `-- name: UpdateEventLocation :exec
+UPDATE events SET location = ? WHERE id = ?
+`
+
+type UpdateEventLocationParams struct {
+	Location string
+	ID       int64
+}
+
+func (q *Queries) UpdateEventLocation(ctx context.Context, arg UpdateEventLocationParams) error {
+	_, err := q.db.ExecContext(ctx, updateEventLocation, arg.Location, arg.ID)
+	return err
+}
+
 const updateRsvp = `-- name: UpdateRsvp :exec
 UPDATE rsvps SET name = ?, note = ?, plus_one = ? WHERE id = ?
 `

handlers.go

@@ -578,6 +578,24 @@ func (s *Server) handleUpdateDescription(w http.ResponseWriter, r *http.Request)
 	http.Redirect(w, r, fmt.Sprintf("/e/%s/admin/%s", event.Slug, event.AdminToken), http.StatusSeeOther)
 }
 
+func (s *Server) handleUpdateLocation(w http.ResponseWriter, r *http.Request) {
+	event := s.authorizeAdmin(w, r, false)
+	if event == nil {
+		return
+	}
+
+	r.Body = http.MaxBytesReader(w, r.Body, 8*1024)
+	r.ParseForm()
+	location := sanitize(r.FormValue("location"), maxFieldLen)
+
+	s.q.UpdateEventLocation(r.Context(), db.UpdateEventLocationParams{
+		Location: location,
+		ID:       event.ID,
+	})
+
+	http.Redirect(w, r, fmt.Sprintf("/e/%s/admin/%s", event.Slug, event.AdminToken), http.StatusSeeOther)
+}
+
 func (s *Server) handleCreateSlot(w http.ResponseWriter, r *http.Request) {
 	event := s.authorizeAdmin(w, r, false)
 	if event == nil {

main.go

@@ -194,6 +194,7 @@ func main() {
 	// Admin
 	r.Get("/e/{slug}/admin/{token}", srv.handleAdmin)
 	r.Post("/e/{slug}/admin/{token}/description", srv.handleUpdateDescription)
+	r.Post("/e/{slug}/admin/{token}/location", srv.handleUpdateLocation)
 	r.Post("/e/{slug}/admin/{token}/slot", srv.handleCreateSlot)
 	r.Delete("/e/{slug}/admin/{token}/slot/{slotID}", srv.handleDeleteSlot)
 

templates/event.html

@@ -75,6 +75,17 @@
 </div>
 
 {{if .IsAdmin}}
+<div class="section-label" style="margin-top:40px">Admin: Location</div>
+<div class="claim-form-wrapper">
+  <form method="POST" action="/e/{{.Event.Slug}}/admin/{{.Event.AdminToken}}/location">
+    <div class="form-row">
+      <label>Location</label>
+      <input type="text" name="location" value="{{.Event.Location}}" placeholder="e.g. Central Park">
+    </div>
+    <button class="btn-submit" type="submit">Save location</button>
+  </form>
+</div>
+
 <div class="section-label" style="margin-top:40px">Admin: Description</div>
 <div class="claim-form-wrapper">
   <form method="POST" action="/e/{{.Event.Slug}}/admin/{{.Event.AdminToken}}/description">