<?php
require "db.php";$action=$_GET['action']??'';$b=body();
if($action==="join"){
  $sid=(int)($b["session_id"]??0);$uid=(int)($b["user_id"]??0);$role=$b["role"]??"Player";if(!in_array($role,["DM","Player"]))$role="Player";
  $st=db()->prepare("INSERT INTO participants (session_id,user_id,role) VALUES (?,?,?)");$st->execute([$sid,$uid,$role]);
  out(true,"joined",[],201);
}
if($action==="list"){ $sid=(int)($_GET["session_id"]??0);
  $st=db()->prepare("SELECT p.user_id,u.username,p.role FROM participants p JOIN users u ON u.user_id=p.user_id WHERE p.session_id=?");$st->execute([$sid]);
  out(true,"ok",["items"=>$st->fetchAll()]);
}
if($action==="leave"){ $sid=(int)($_GET["session_id"]??0);$uid=(int)($_GET["user_id"]??0);
  $st=db()->prepare("DELETE FROM participants WHERE session_id=? AND user_id=?");$st->execute([$sid,$uid]);
  out(true,"left",["count"=>$st->rowCount()]);}
out(false,"unknown action",[],404);