diff --git a/app/Views/event/create.php b/app/Views/event/create.php
index 476cc49acfd78c636c3375dea324a3eb342b412c..b486caa397b265e68072d2f4b78ee48646346236 100644
--- a/app/Views/event/create.php
+++ b/app/Views/event/create.php
@@ -1,3 +1,24 @@
+<?php
+    session_start();
+    ob_start();
+    if (!isset($_SESSION["user_id"])) {
+        echo "here";
+        // User is not authenticated; redirect to login page
+        header("Location: /app/Views/login/login.php");
+        ob_end_flush();
+    }
+
+    require_once '../../Controllers/UserController.php';
+    $userController = new UserController();
+    $isAdmin = $userController->getUser($_SESSION['user_id'])['isAdmin'];
+    
+    // Allow only admin to access this page
+    if (!$isAdmin){
+        header("Location: /app/Views/home/home.php");
+        ob_end_flush();
+    }
+?>
+
 <!DOCTYPE html>
 <html lang="en">
 
diff --git a/app/Views/event/update.php b/app/Views/event/update.php
index 60eaff84d79cbae435db05388900d99a4643acdf..3d638008c04ae889ba49048259af52b843fa0c29 100644
--- a/app/Views/event/update.php
+++ b/app/Views/event/update.php
@@ -1,3 +1,24 @@
+<?php
+    session_start();
+    ob_start();
+    if (!isset($_SESSION["user_id"])) {
+        echo "here";
+        // User is not authenticated; redirect to login page
+        header("Location: /app/Views/login/login.php");
+        ob_end_flush();
+    }
+
+    require_once '../../Controllers/UserController.php';
+    $userController = new UserController();
+    $isAdmin = $userController->getUser($_SESSION['user_id'])['isAdmin'];
+    
+    // Allow only admin to access this page
+    if (!$isAdmin){
+        header("Location: /app/Views/home/home.php");
+        ob_end_flush();
+    }
+?>
+
 <!DOCTYPE html>
 <html lang="en">