PageRenderTime 49ms CodeModel.GetById 22ms RepoModel.GetById 0ms app.codeStats 1ms

/root/request_as_friend.php

https://gitlab.com/JLHasson/Wordflow
PHP | 190 lines | 102 code | 56 blank | 32 comment | 33 complexity | 3001e0537f84b279a132f6b74d25e49b MD5 | raw file
    

  1. <?php 
    2. 

  2. session_start();
    3. 

  3. 

  4. include_once "mysql_server/connect_to_mysql.php"; // <<---- Connect to database here
    5. 

  5. 

  6. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    7. 

  7. ////////////                                                                    PART 1                                                               //////////////
    8. 

  8. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    9. 

  9. if ($_POST["request"] == "requestFriendship") {
    10. 

  10. 	
    11. 

  11.     $mem1 = preg_replace('#[^0-9]#i', '', $_POST['mem1']); 
    12. 

  12.     $mem2 = preg_replace('#[^0-9]#i', '', $_POST['mem2']); 
    13. 

  13. 	//
    14. 

  14. 	if (!$mem1 || !$mem2) {
    15. 

  15. 		echo  'Error: Missing data';
    16. 

  16.     	exit(); 
    17. 

  17. 	}
    18. 

  18. 	//
    19. 

  19. 	if ($mem1 == $mem2) {
    20. 

  20.     	echo  'Error: You cannot add yourself as a friend';
    21. 

  21.     	exit(); 
    22. 

  22. 	} 
    23. 

  23. 	
    24. 

  24. 	$sql_frnd_arry_mem1 = mysql_query("SELECT friend_array FROM myMembers WHERE id='$mem1' LIMIT 1");
    25. 

  25. 	 
    26. 

  26. 	while($row=mysql_fetch_array($sql_frnd_arry_mem1)) { $frnd_arry_mem1 = $row["friend_array"]; }
    27. 

  27. 	
    28. 

  28. 	$frndArryMem1 = explode(",", $frnd_arry_mem1);
    29. 

  29. 	
    30. 

  30.     if (in_array($mem2, $frndArryMem1)) { echo  'This member is already your Friend'; exit(); }
    31. 

  31. 

  32. 	$sql = mysql_query("SELECT id FROM friends_requests WHERE mem1='$mem1' AND mem2='$mem2' Limit 1");
    33. 

  33. 	
    34. 

  34. 	$numRows = mysql_num_rows($sql);
    35. 

  35. 	
    36. 

  36. 	if ($numRows > 0) {
    37. 

  37. 		echo '<img src="images/error.png" width="20" height="20" alt="Error" /> You have a Friend request pending for this member. Please be patient.';
    38. 

  38.         exit(); 
    39. 

  39. 	}
    40. 

  40. 	
    41. 

  41. 	$sql = mysql_query("SELECT id FROM friends_requests WHERE mem1='$mem2' AND mem2='$mem1' Limit 1");
    42. 

  42. 	
    43. 

  43. 	$numRows = mysql_num_rows($sql);
    44. 

  44. 	
    45. 

  45. 	if ($numRows > 0) {
    46. 

  46. 		echo '<img src="images/error.png" width="20" height="20" alt="Error" /> This user has requested you as a Friend already! Check your Requests on your profile.';
    47. 

  47.         exit(); 
    48. 

  48. 	}
    49. 

  49. 	
    50. 

  50. 	$sql = mysql_query("INSERT INTO friends_requests (mem1, mem2, timedate) VALUES('$mem1','$mem2',now())") or die (mysql_error("Friend Request Insertion Error"));
    51. 

  51. 						
    52. 

  52. 	//$sql = mysql_query("INSERT INTO pms (to, from, time, sub, msg) VALUES('$mem2','XXXXX',now(),'New Friend Request','You have a new Friend Request waiting for approval.<br /><br />Navigate to your profile and check your friend requests. <br /><br />Thank you.')") or die (mysql_error("Friend Request PM Insertion Error"));
    53. 

  53.     //$id = mysql_insert_id();
    54. 

  54.     
    55. 

  55. 	echo '<img src="images/success.png" width="20" height="20" alt="Success" /> Friend request sent successfully. This member must approve the request.';
    56. 

  56.     exit(); 
    57. 

  57. }
    58. 

  58. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    59. 

  59. ////////////                                                                    PART 2                                                               //////////////
    60. 

  60. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    61. 

  61. if ($_POST["request"] == "acceptFriend") {
    62. 

  62. 	
    63. 

  63.     $reqID = preg_replace('#[^0-9]#i', '', $_POST['reqID']);
    64. 

  64.     
    65. 

  65. 	$sql = "SELECT * FROM friends_requests WHERE id='$reqID' LIMIT 1";
    66. 

  66. 	
    67. 

  67. 	$query = mysql_query($sql) or die ("Sorry we had a mysql error!");
    68. 

  68. 	
    69. 

  69. 	$num_rows = mysql_num_rows($query); 
    70. 

  70. 	
    71. 

  71. 	if ($num_rows < 1) {
    72. 

  72. 		echo 'An error occured';
    73. 

  73. 		exit();
    74. 

  74. 	}
    75. 

  75. 	
    76. 

  76.     while ($row = mysql_fetch_array($query)) { 
    77. 

  77. 		$mem1 = $row["mem1"];
    78. 

  78. 		$mem2 = $row["mem2"];
    79. 

  79.     }
    80. 

  80.     
    81. 

  81. 	$sql_frnd_arry_mem1 = mysql_query("SELECT friend_array FROM myMembers WHERE id='$mem1' LIMIT 1"); 
    82. 

  82. 	
    83. 

  83. 	$sql_frnd_arry_mem2 = mysql_query("SELECT friend_array FROM myMembers WHERE id='$mem2' LIMIT 1"); 
    84. 

  84. 	
    85. 

  85. 	while($row=mysql_fetch_array($sql_frnd_arry_mem1)) { $frnd_arry_mem1 = $row["friend_array"]; }
    86. 

  86. 	
    87. 

  87. 	while($row=mysql_fetch_array($sql_frnd_arry_mem2)) { $frnd_arry_mem2 = $row["friend_array"]; }
    88. 

  88. 	
    89. 

  89. 	$frndArryMem1 = explode(",", $frnd_arry_mem1);
    90. 

  90. 	
    91. 

  91. 	$frndArryMem2 = explode(",", $frnd_arry_mem2);
    92. 

  92. 	
    93. 

  93.     if (in_array($mem2, $frndArryMem1)) { echo  'This member is already your Friend'; exit(); }
    94. 

  94.     
    95. 

  95. 	if (in_array($mem1, $frndArryMem2)) { echo  'This member is already your Friend'; exit(); }
    96. 

  96. 	
    97. 

  97. 	if ($frnd_arry_mem1 != "") { $frnd_arry_mem1 = "$frnd_arry_mem1,$mem2"; } else { $frnd_arry_mem1 = "$mem2"; }
    98. 

  98. 	
    99. 

  99. 	if ($frnd_arry_mem2 != "") { $frnd_arry_mem2 = "$frnd_arry_mem2,$mem1"; } else { $frnd_arry_mem2 = "$mem1"; }
    100. 

  100. 	
    101. 

  101.     $UpdateArrayMem1 = mysql_query("UPDATE myMembers SET friend_array='$frnd_arry_mem1' WHERE id='$mem1'") or die (mysql_error());
    102. 

  102.     
    103. 

  103.     $UpdateArrayMem2 = mysql_query("UPDATE myMembers SET friend_array='$frnd_arry_mem2' WHERE id='$mem2'") or die (mysql_error());
    104. 

  104.     
    105. 

  105. 	$deleteThisPendingRequest = mysql_query("DELETE FROM friends_requests WHERE id='$reqID' LIMIT 1"); 
    106. 

  106. 	
    107. 

  107.     echo "You are now friends with this member!";
    108. 

  108.     
    109. 

  109. 	exit();
    110. 

  110. }
    111. 

  111. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    112. 

  112. ////////////                                                                    PART 3                                                               //////////////
    113. 

  113. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    114. 

  114. if ($_POST["request"] == "denyFriend") {
    115. 

  115. 

  116. 	$reqID = preg_replace('#[^0-9]#i', '', $_POST['reqID']);
    117. 

  117. 	
    118. 

  118. 	$deleteThisPendingRequest = mysql_query("DELETE FROM friends_requests WHERE id='$reqID' LIMIT 1");
    119. 

  119. 	 
    120. 

  120.     echo "Request Denied";
    121. 

  121. 	exit();
    122. 

  122. }
    123. 

  123. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    124. 

  124. ////////////                                                                    PART 4                                                               //////////////
    125. 

  125. ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    126. 

  126. if ($_POST["request"] == "removeFriendship") {
    127. 

  127. 	
    128. 

  128. 	$mem1 = preg_replace('#[^0-9]#i', '', $_POST['mem1']); // Person doing the friendship remove
    129. 

  129. 	
    130. 

  130.     $mem2 = preg_replace('#[^0-9]#i', '', $_POST['mem2']);  // Person being removed
    131. 

  131. 	//
    132. 

  132. 	if (!$mem1 || !$mem2) {
    133. 

  133. 		echo  'Error: Missing data';
    134. 

  134.     	exit(); 
    135. 

  135. 	}
    136. 

  136. 	//
    137. 

  137. 	/*$decryptedID = base64_decode($_SESSION['id']);
    138. 

  138. 	$id_array = explode("p3h9xfn8sq03hs2234", $decryptedID);
    139. 

  139. 	$mem1SessID = $id_array[1];
    140. 

  140. 	if ($mem1SessID != $mem1) {
    141. 

  141.     	echo("Your session is not equal to the post of mem1");
    142. 

  142.     	exit();
    143. 

  143. 	}
    144. 

  144. 	I don't understand why the session variable isn't working correctly
    145. 

  145. 	*/
    146. 

  146.     
    147. 

  147.     // Query mem1 and mem2 friend_array out of DB
    148. 

  148. 	$sql_frnd_arry_mem1 = mysql_query("SELECT friend_array FROM myMembers WHERE id='$mem1' LIMIT 1"); 
    149. 

  149. 	
    150. 

  150. 	$sql_frnd_arry_mem2 = mysql_query("SELECT friend_array FROM myMembers WHERE id='$mem2' LIMIT 1"); 
    151. 

  151. 	
    152. 

  152. 	while($row=mysql_fetch_array($sql_frnd_arry_mem1)) { $frnd_arry_mem1 = $row["friend_array"]; }
    153. 

  153. 	
    154. 

  154. 	while($row=mysql_fetch_array($sql_frnd_arry_mem2)) { $frnd_arry_mem2 = $row["friend_array"]; }
    155. 

  155. 	
    156. 

  156. 	// Check to see they are in fact each other's friends
    157. 

  157. 	
    158. 

  158. 	$frndArryMem1 = explode(",", $frnd_arry_mem1);
    159. 

  159. 	
    160. 

  160. 	$frndArryMem2 = explode(",", $frnd_arry_mem2);
    161. 

  161. 	
    162. 

  162.     if (!in_array($mem2, $frndArryMem1)) { echo  'This member is not in your list'; exit(); }
    163. 

  163.     
    164. 

  164. 	if (!in_array($mem1, $frndArryMem2)) { echo  'This member is not in your list'; exit(); }
    165. 

  165. 	
    166. 

  166. 	// Here we remove them from each other's arrays using "unset" on the key where the value is found
    167. 

  167. 	foreach ($frndArryMem1 as $key => $value) {
    168. 

  168. 			  if ($value == $mem2) {
    169. 

  169. 			      unset($frndArryMem1[$key]);
    170. 

  170. 			  } 
    171. 

  171.     }
    172. 

  172. 	foreach ($frndArryMem2 as $key => $value) {
    173. 

  173. 			  if ($value == $mem1) {
    174. 

  174. 			      unset($frndArryMem2[$key]);
    175. 

  175. 			  } 
    176. 

  176.     } 
    177. 

  177. 	// Now implode the adjusted arrays to make them strings again before going into the database
    178. 

  178. 	$newStringForMem1 = implode(",", $frndArryMem1);
    179. 

  179. 	
    180. 

  180.     $newStringForMem2 =  implode(",", $frndArryMem2);
    181. 

  181.     
    182. 

  182. 	// And now update their database fields
    183. 

  183. 	$sql = mysql_query("UPDATE myMembers SET friend_array='$newStringForMem1' WHERE id='$mem1'");
    184. 

  184. 	
    185. 

  185. 	$sql = mysql_query("UPDATE myMembers SET friend_array='$newStringForMem2' WHERE id='$mem2'");
    186. 

  186. 	
    187. 

  187. 	echo 'You are no longer friends with this member.';
    188. 

  188.     exit(); 
    189. 

  189. }
    190. 

  190. ?>
    191.