From 05bc90753f2e34882dae08d20d6c7115c4952232 Mon Sep 17 00:00:00 2001
From: Logan McInnis <logan.j.mcinnis@wmich.edu>
Date: Wed, 4 Dec 2019 20:56:23 -0500
Subject: [PATCH] final

---
 var/www/findFriend.php | 27 +++++++++++++++------------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/var/www/findFriend.php b/var/www/findFriend.php
index bcfe50c..37672b3 100644
--- a/var/www/findFriend.php
+++ b/var/www/findFriend.php
@@ -23,9 +23,10 @@
                     $sql_from = "FROM contacts";
                     $sql_where = "WHERE username = '".$_POST['friend']."'";
                     $sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
-                    $result2 = $db_connection->query($sql_statement);
-                    $result = $result2->fetchAll();
-                    if(mysqli_num_rows($result) == 0)
+                    $num = 0;
+                    foreach($db_connection->query($sql_statement) as $row)
+                        $num = 1;
+                    if($num == 0)
                        echo "username doesn't exist";
                     else
                     {
@@ -33,9 +34,10 @@
                         $sql_from = "FROM friendList";
                         $sql_where = "WHERE username = '".$_SESSION["loggedInUser"]."' and friend = '".$_POST['friend']."'";
                         $sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
-                        $result2 = $db_connection->query($sql_statement);
-                        $result = $result2->fetchAll();
-                        if(mysqli_num_rows($result) == 1)
+                        $num = 0;
+                        foreach($db_connection->query($sql_statement) as $row)
+                            $num = 1;
+                        if($num == 1)
                             echo "you already sent a request";
                         else
                         {
@@ -43,18 +45,19 @@
                             $sql_from = "FROM friendList";
                             $sql_where = "WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
                             $sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
-                            $result2 = $db_connection->query($sql_statement);
-                            $result = $result2->fetchAll();
-                            if(mysqli_num_rows($result) == 1)
+                            $num = 0;
+                            foreach($db_connection->query($sql_statement) as $row)
+                                $num = 1;
+                            if($num == 1)
                             {
-                                $sql_statement = "UPDATE friendList SET confirm = 'true' WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
+                                $sql_statement = "UPDATE friendList SET confirm = true WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
                                 $db_connection->query($sql_statement);
-                                $sql_statement = "INSERT INTO friendList VALUES ('".$_SESSION["loggedInUser"]."', '".$_POST['friend']."', 'true')";
+                                $sql_statement = "INSERT INTO friendList VALUES ('".$_SESSION["loggedInUser"]."', '".$_POST['friend']."', true)";
                                 $db_connection->query($sql_statement);
                             }
                             else
                             {
-                                $sql_statement = "INSERT INTO friendList VALUES ('".$_SESSION["loggedInUser"]."', '".$_POST['friend']."', 'false')";
+                                $sql_statement = "INSERT INTO friendList VALUES ('".$_SESSION["loggedInUser"]."', '".$_POST['friend']."', false)";
                                 $db_connection->query($sql_statement);
                             }
                         }