require_once INCLUDES_PATH . "/events.php";
require_once DATABASE_PATH . "/events.php";
try {
if (!isset($_POST["id"])) {
http_response_code(400);
echo 'Missing event ID.';
} else {
if (!isUserLoggedIn()) {
http_response_code(403);
echo 'You need to login to unregister this event.';
} else {
if (!validateCSRFToken($_POST["csrf_token"])) {
http_response_code(403);
echo 'Invalid CSRF token.';
} else {
$event_id = $_POST["id"];
if (!canSeeEvent(getUserID(), $event_id)) {
http_response_code(403);
echo 'You do not have access to edit this event.';
} else {
unregisterFromEvent(getUserID(), $idEvent);
}
}
}
}
} catch (InvalidArgumentException $e) {
http_response_code(400);
echo $e->getMessage();
} catch (Exception $e) {
http_response_code(500);
}
http_response_code(403);
echo 'You need to login to edit this event.';
} else {
if (!validateCSRFToken(rawurldecode($_GET["csrf_token"]))) {
http_response_code(403);
echo 'Invalid CSRF token.';
} else {
$event_id = $_GET["idEvent"];
$user_id = getUserID();
$register = $_GET["action"];
if (!canSeeEvent($user_id, $event_id)) {
http_response_code(403);
echo 'You do not have access to this event.';
} else {
if ($register) {
registerInEvent($user_id, $event_id);
} else {
unregisterFromEvent($user_id, $event_id);
}
header("Location: view_event.php?id=" . $event_id);
}
}
}
}
}
} catch (InvalidArgumentException $e) {
http_response_code(400);
echo $e->getMessage();
} catch (Exception $e) {
http_response_code(500);
}
