diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php
index 1f3c85fcd..11490dcb8 100644
--- a/app/Controller/EventsController.php
+++ b/app/Controller/EventsController.php
@@ -5188,8 +5188,17 @@ class EventsController extends AppController
 
     public function handleModuleResults($eventId)
     {
-        debug($eventId);
-        debug($this->request->event);
+        if (!$this->userRole['perm_add']) {
+            throw new MethodNotAllowedException(__('Event not found or you don\'t have permissions to create attributes'));
+        }
+        if ($this->request->is('post')) {
+            if (!$this->Event->checkIfAuthorised($this->Auth->user(), $id)) {
+                throw new MethodNotAllowedException(__('Invalid event.'));
+            }
+            $this->redirect(array('controller' => 'events', 'action' => 'view', $id));
+        } else {
+            throw new MethodNotAllowedException('This endpoint requires a POST request.');
+        }
     }
 
     public function importModule($module, $eventId)