diff --git a/var/www/findFriend.php b/var/www/findFriend.php index 8b30ad3..31e8964 100644 --- a/var/www/findFriend.php +++ b/var/www/findFriend.php @@ -23,7 +23,8 @@ $sql_from = "FROM contacts"; $sql_where = "WHERE username = '".$_POST['friend']."'"; $sql_statement = $sql_select." ".$sql_from." ".$sql_where.""; - $result = $db_connection->query($sql_statement); + $result2 = $db_connection->query($sql_statement); + $result = $result2->fetchAll(); if(mysqli_num_rows($result) == 0) echo "username doesn't exist"; else @@ -32,7 +33,8 @@ $sql_from = "FROM friendList"; $sql_where = "WHERE username = '".$_SESSION["loggedInUser"]."' and friend = '".$_POST['friend']."'"; $sql_statement = $sql_select." ".$sql_from." ".$sql_where.""; - $result = $db_connection->query($sql_statement); + $result2 = $db_connection->query($sql_statement); + $result = $result2->fetchAll(); if(mysqli_num_rows($result) == 1) echo "you already sent a request"; else @@ -41,7 +43,8 @@ $sql_from = "FROM friendList"; $sql_where = "WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'"; $sql_statement = $sql_select." ".$sql_from." ".$sql_where.""; - $result = $db_connection->query($sql_statement); + $result2 = $db_connection->query($sql_statement); + $result = $result2->fetchAll(); if(mysqli_num_rows($result) == 1) { $sql_statement = "UPDATE friendList SET confirm = 'true' WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";