<?php
declare(strict_types=1);

require_once __DIR__ . '/../../auth.php';

// RSVP endpoint (HTML/redirect-friendly): upsert a user's RSVP for a dinner date.

if (!isLoggedIn()) {
    http_response_code(401);
    echo 'Sign in required.';
    return;
}

$currentUserId = currentUserId();
if ($currentUserId === null) {
    http_response_code(401);
    echo 'Sign in required.';
    return;
}

// Accept YYYY-MM-DD, defaulting to today if omitted.
$dateStr = (string)($_POST['dinner_date'] ?? $_GET['dinner_date'] ?? '');
$dinnerDate = $dateStr !== '' ? DateTimeImmutable::createFromFormat('Y-m-d', $dateStr) : null;
if ($dinnerDate === false || $dinnerDate === null) {
    $dinnerDate = new DateTimeImmutable('today');
}

$normalizedDate = $dinnerDate->format('Y-m-d');

$nowStr = (new DateTimeImmutable('now'))->format('Y-m-d H:i:s');

$stmt = $db->prepare('
    INSERT INTO rsvps (user_id, dinner_date, created_at)
    VALUES (?, ?, ?)
    ON DUPLICATE KEY UPDATE created_at = VALUES(created_at)
');
$stmt->bind_param('iss', $currentUserId, $normalizedDate, $nowStr);
$stmt->execute();

header('Content-Type: application/json; charset=utf-8');
echo json_encode([
    'ok' => true,
    'dinner_date' => $normalizedDate,
]);