William/WMU-CS4430-Project
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update findFriend.php

Browse Source
This commit is contained in:
Logan McInnis
2019-12-04 18:20:49 -05:00
parent dbcc3761ef
commit 44a50b12e8
1 changed files with 26 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
var/www/findFriend.php
View File

@@ -17,40 +17,43 @@
try{
echo '<pre>';
echo "Find Friends:\n\n";
$sql_select = "SELECT username";
$sql_from = "FROM contacts";
$sql_where = "WHERE username = '".$_POST['friend']."'";
$sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
$result = $db_connection->query($sql_statement);
if(mysqli_num_rows($result) == 0)
echo "username doesn't exist";
else
if($_POST['friend'] != '')
{
$sql_select = "SELECT friend";
$sql_from = "FROM friendList";
$sql_where = "WHERE username = '".$_SESSION["loggedInUser"]."' and friend = '".$_POST['friend']."'";
$sql_select = "SELECT username";
$sql_from = "FROM contacts";
$sql_where = "WHERE username = '".$_POST['friend']."'";
$sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
$result = $db_connection->query($sql_statement);
if(mysqli_num_rows($result) == 1)
echo "you already sent a request";
if(mysqli_num_rows($result) == 0)
echo "username doesn't exist";
else
{
$sql_select = "SELECT username";
$sql_select = "SELECT friend";
$sql_from = "FROM friendList";
$sql_where = "WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
$sql_where = "WHERE username = '".$_SESSION["loggedInUser"]."' and friend = '".$_POST['friend']."'";
$sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
$result = $db_connection->query($sql_statement);
if(mysqli_num_rows($result) == 1)
{
$sql_statement = "UPDATE friendList SET confirm = 'true' WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
$db_connection->query($sql_statement);
$sql_statement = "INSERT INTO friendList VALUES ('".$_SESSION["loggedInUser"]."', '".$_POST['friend']."', 'true')";
$db_connection->query($sql_statement);
}
echo "you already sent a request";
else
{
$sql_statement = "INSERT INTO friendList VALUES ('".$_SESSION["loggedInUser"]."', '".$_POST['friend']."', 'false')";
$db_connection->query($sql_statement);
$sql_select = "SELECT username";
$sql_from = "FROM friendList";
$sql_where = "WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
$sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
$result = $db_connection->query($sql_statement);
if(mysqli_num_rows($result) == 1)
{
$sql_statement = "UPDATE friendList SET confirm = 'true' WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
$db_connection->query($sql_statement);
$sql_statement = "INSERT INTO friendList VALUES ('".$_SESSION["loggedInUser"]."', '".$_POST['friend']."', 'true')";
$db_connection->query($sql_statement);
}
else
{
$sql_statement = "INSERT INTO friendList VALUES ('".$_SESSION["loggedInUser"]."', '".$_POST['friend']."', 'false')";
$db_connection->query($sql_statement);
}
}
}
}