<?php
require_once 'includes/session.php';

// 1. Check if user is logged in
if (!isset($_SESSION['user']['id'])) {
    header('Location: login.php');
    exit();
}

// 2. Check for POST request and event_id
if ($_SERVER['REQUEST_METHOD'] !== 'POST' || !isset($_POST['event_id'])) {
    header('Location: index.php');
    exit();
}

require_once 'db/config.php';

$event_id = $_POST['event_id'];
$user_id = $_SESSION['user']['id'];

try {
    $pdo = db();

    // 3. Double-check for existing application
    $stmt = $pdo->prepare("SELECT id FROM applications WHERE event_id = ? AND user_id = ?");
    $stmt->execute([$event_id, $user_id]);
    if ($stmt->fetch()) {
        $_SESSION['flash_message'] = [
            'type' => 'warning',
            'message' => 'You have already applied to this event.'
        ];
        header('Location: index.php#events');
        exit();
    }

    // 4. Insert new application
    $stmt = $pdo->prepare("INSERT INTO applications (event_id, user_id, status) VALUES (?, ?, 'awaiting_proof')");
    $stmt->execute([$event_id, $user_id]);

    $_SESSION['flash_message'] = [
        'type' => 'success',
        'message' => 'You have successfully applied! Please upload your proof in the dashboard.'
    ];

} catch (PDOException $e) {
    // error_log($e->getMessage()); // Log error for debugging
    $_SESSION['flash_message'] = [
        'type' => 'danger',
        'message' => 'A database error occurred. Please try again.'
    ];
}

// 5. Redirect back to the events section
header('Location: index.php#events');
exit();