88 lines
4.0 KiB
PHP
88 lines
4.0 KiB
PHP
<?php
|
|
require 'common.php';
|
|
require 'loginRequired.php';
|
|
?>
|
|
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
|
<head>
|
|
<title>friendbook Find Friend</title>
|
|
<meta http-equiv="content-type" content="text/html; charset=utf-8"/>
|
|
<link rel="stylesheet" type="text/css" href="styling.css">
|
|
</head>
|
|
<body>
|
|
<!--#include virtual="header.html" -->
|
|
<!--#include virtual="topNavBar.html" -->
|
|
<?php
|
|
try{
|
|
echo '<pre>';
|
|
echo "Find Friends:\n\n";
|
|
if($_POST['friend'] != '')
|
|
{
|
|
$sql_select = "SELECT username";
|
|
$sql_from = "FROM contacts";
|
|
$sql_where = "WHERE username = '".$_POST['friend']."'";
|
|
$sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
|
|
$num = 0;
|
|
foreach($db_connection->query($sql_statement) as $row)
|
|
$num = 1;
|
|
if($num == 0)
|
|
echo "username doesn't exist";
|
|
else
|
|
{
|
|
$sql_select = "SELECT friend";
|
|
$sql_from = "FROM friendList";
|
|
$sql_where = "WHERE username = '".$_SESSION["loggedInUser"]."' and friend = '".$_POST['friend']."'";
|
|
$sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
|
|
$num = 0;
|
|
foreach($db_connection->query($sql_statement) as $row)
|
|
$num = 1;
|
|
if($num == 1)
|
|
echo "You have already sent a request or are already friends.";
|
|
else
|
|
{
|
|
$sql_select = "SELECT username";
|
|
$sql_from = "FROM friendList";
|
|
$sql_where = "WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
|
|
$sql_statement = $sql_select." ".$sql_from." ".$sql_where."";
|
|
$num = 0;
|
|
foreach($db_connection->query($sql_statement) as $row)
|
|
$num = 1;
|
|
if($num == 1)
|
|
{
|
|
$sql_statement = "UPDATE friendList SET confirm = true WHERE username = '".$_POST['friend']."' and friend = '".$_SESSION["loggedInUser"]."'";
|
|
$db_connection->query($sql_statement);
|
|
$sql_statement = "INSERT INTO friendList VALUES ('".$_SESSION["loggedInUser"]."', '".$_POST['friend']."', true)";
|
|
$db_connection->query($sql_statement);
|
|
echo "Friend request confirmed! You are both friends with each other now.";
|
|
}
|
|
else
|
|
{
|
|
$sql_statement = "INSERT INTO friendList VALUES ('".$_SESSION["loggedInUser"]."', '".$_POST['friend']."', false)";
|
|
$db_connection->query($sql_statement);
|
|
echo "Friend request sent to ".$_POST['friend'];
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
echo '</pre>';
|
|
}catch(PDOException $e){
|
|
echo "PDOException: ".$e->getMessage().PHP_EOL;
|
|
}catch(Exception $e){
|
|
echo "Exception: ".$e->getMessage().PHP_EOL;
|
|
}
|
|
|
|
?>
|
|
|
|
<form action="" method="post">
|
|
Username: <input type="text" name="friend" placeholder="Friend Username"><br />
|
|
<br />
|
|
<input type="submit" class="button">
|
|
</form>
|
|
</body>
|
|
</html>
|
|
<?php
|
|
$db_connection = null;
|
|
?>
|