SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Enthusiast britton's Avatar
    Join Date
    Jul 2005
    Location
    Tennessee
    Posts
    83
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Exclamation A Couple of Easy (For You) MySQL Questions

    I'm not very good at PHP/MySQL but I am trying to create a friends list feature for some sites I own. The code I'm using to add friends is:

    Code:
    if ($u != "") {mysql_query("INSERT INTO friendtable (name,friend,status) VALUES('$cookieuser','$u','new')") or die(mysql_error());
    So, if a username ($u) is passed, then insert this stuff into the friendtable. I do not believe this is the best way to do it for the following reasons:

    1. It oftens adds a friend to no account and I'm not sure why it doesn't see the cookieuser. The cookie must be set and the person must be logged in to view the page.
    2. I don't know how to make it check to see if the person is already a friend.
    3. I don't know how to limit it to only allow the user to be the same user's friend one time. I suspect LIMIT 1 should go somewhere?

    I appreciate any help!

  2. #2
    SitePoint Guru
    Join Date
    Dec 2005
    Posts
    982
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm gonna ask these questions just to save time:
    Please post more of your code. What is cookieuser?
    Please post your table structure.

  3. #3
    SitePoint Enthusiast britton's Avatar
    Join Date
    Jul 2005
    Location
    Tennessee
    Posts
    83
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The table structure is very simple for the friends table. It is three fields, name (username), friend (friend's username), and status (new or accepted). Cookieuser is the username of the person viewing the page. The only code directly relating to adding friends is listed above. However, here is more of the code on the page.

    Code:
    <?
    if (!isset($lastnumber)) $lastnumber  = 5;  // number of new members to offer as friends
    if (!isset($listunique)) $listunique = "yes";
    
    require ("config.php");
    langindex();
    $cookieinfo = $HTTP_COOKIE_VARS[logged];
    mysql_connect($host,$user,$pass);
    @mysql_select_db($database) or die( "Unable to select database");
    
    // Account Type
    if ($cookieinfo != "") {
    $sql = "select * from $GLOBALS[usertable] where ((name='$cookieinfo') && (accounttype='paid'))";
    $query = mysql_query($sql);
    $rows = mysql_num_rows($query);
    if ($rows > 0) $test = 'paid';
    }
    
    $originalc=$c;
    // $u (user)  $c (category)  $f (function) $id (img id #)  $n (start from)
    if(!$c) $c = "all";
    if (!$n) $n = "0";
    $n1=$n-$lastnumber;
    $n2=$n+$lastnumber;
    
    $lastpicture="";
    if ($go == "loginphp")
    {
    	$bypass = false;
    	include ("./${$go}");
    }
    
    $cookieuser = $HTTP_COOKIE_VARS[logged];
    $cookiepass = $HTTP_COOKIE_VARS[lastvisit];
    
    
    unset($logged);
    
    // Validation routine
    $sql = "select * from $usertable where lower(name)='$cookieuser'";
    $query = mysql_query($sql);
    $rows = mysql_num_rows($query);
    
    if ($rows > 0) {
    	$pw=mysql_result($query,0,"password");
    	$test=mysql_result($query,0,"accounttype");
    	if (md5($pw) == $cookiepass) $logged = 1;
    	else unset($logged);
    }
    
    // ADD FRIEND CODE
    if ($u != "") {mysql_query("INSERT INTO friendtable (name,friend,status) VALUES('$cookieuser','$u','new')") or die(mysql_error());
    }

  4. #4
    SitePoint Enthusiast britton's Avatar
    Join Date
    Jul 2005
    Location
    Tennessee
    Posts
    83
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Oh, and the $u is passed in the URL.

    addfriend.php?u=friendusername

    Which, without some sort of check, would allow crummy people to type whatever they want and send friend requests to users that don't exist. . .

  5. #5
    reads the ********* Crier silver trophybronze trophy longneck's Avatar
    Join Date
    Feb 2004
    Location
    Tampa, FL (US)
    Posts
    9,854
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    i think this belongs in the PHP forum...

  6. #6
    SitePoint Enthusiast britton's Avatar
    Join Date
    Jul 2005
    Location
    Tennessee
    Posts
    83
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think the PHP forum sticky told me to place it here.

    However, it doesn't matter. I fixed it myself. Have a nice day, thread can be closed.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •