require_once INCLUDES_PATH . "/events.php"; require_once DATABASE_PATH . "/events.php"; try { if (!isset($_POST["id"])) { http_response_code(400); echo 'Missing event ID.'; } else { if (!isUserLoggedIn()) { http_response_code(403); echo 'You need to login to unregister this event.'; } else { if (!validateCSRFToken($_POST["csrf_token"])) { http_response_code(403); echo 'Invalid CSRF token.'; } else { $event_id = $_POST["id"]; if (!canSeeEvent(getUserID(), $event_id)) { http_response_code(403); echo 'You do not have access to edit this event.'; } else { unregisterFromEvent(getUserID(), $idEvent); } } } } } catch (InvalidArgumentException $e) { http_response_code(400); echo $e->getMessage(); } catch (Exception $e) { http_response_code(500); }
http_response_code(403); echo 'You need to login to edit this event.'; } else { if (!validateCSRFToken(rawurldecode($_GET["csrf_token"]))) { http_response_code(403); echo 'Invalid CSRF token.'; } else { $event_id = $_GET["idEvent"]; $user_id = getUserID(); $register = $_GET["action"]; if (!canSeeEvent($user_id, $event_id)) { http_response_code(403); echo 'You do not have access to this event.'; } else { if ($register) { registerInEvent($user_id, $event_id); } else { unregisterFromEvent($user_id, $event_id); } header("Location: view_event.php?id=" . $event_id); } } } } } } catch (InvalidArgumentException $e) { http_response_code(400); echo $e->getMessage(); } catch (Exception $e) { http_response_code(500); }