William/WMU-CS4430-Project
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

made error correction

Browse Source
This commit is contained in:
Logan McInnis
2019-12-04 18:13:48 -05:00
parent 11a4d63b81
commit d2a12a3bd3
1 changed files with 25 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
var/www/findFriend.php
View File

@@ -17,19 +17,30 @@
try{ try{
echo '<pre>'; echo '<pre>';
echo "Find Friends:\n\n"; echo "Find Friends:\n\n";
$sql_select = "SELECT count(username)"; $sql_select = "SELECT username";
$sql_from = "FROM contacts"; $sql_from = "FROM contacts";
$sql_where = "WHERE username = '".$_POST['friend']."'"; $sql_where = "WHERE username = '".$_POST['friend']."'";
$sql_statement = $sql_select." ".$sql_from." ".$sql_where.""; $sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
if(($db_connection->query($sql_statement)) == 0) $result = $db_connection->query($sql_statement);
if(mysqli_num_rows($result) == 0)
echo "username doesn't exist"; echo "username doesn't exist";
else else
{ {
$sql_select = "SELECT count(username)"; $sql_select = "SELECT friend";
$sql_from = "FROM friendList";
$sql_where = "WHERE username = '".$_SESSION["loggedInUser"]."' and friend = '".$_POST['friend']."'";
$sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
$result = $db_connection->query($sql_statement);
if(mysqli_num_rows($result) == 1)
echo "you already sent a request";
else
{
$sql_select = "SELECT username";
$sql_from = "FROM friendList"; $sql_from = "FROM friendList";
$sql_where = "WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'"; $sql_where = "WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
$sql_statement = $sql_select." ".$sql_from." ".$sql_where.""; $sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
if(($db_connection->query($sql_statement)) == 0) $result = $db_connection->query($sql_statement);
if(mysqli_num_rows($result) == 1)
{ {
$sql_statement = "UPDATE friendList SET confirm = 'true' WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'"; $sql_statement = "UPDATE friendList SET confirm = 'true' WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
$db_connection->query($sql_statement); $db_connection->query($sql_statement);
@@ -42,6 +53,7 @@
$db_connection->query($sql_statement); $db_connection->query($sql_statement);
} }
} }
}
echo '</pre>'; echo '</pre>';
}catch(PDOException $e){ }catch(PDOException $e){