PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
<?php
session_start();
if (!isset($_SESSION['user']))
{
die ("Access Denied");
}
?>
<?php
include '../login/dbc.php';
//first open connection to your database
$id = mysql_real_escape_string($_GET['id']); //catch the id number from url, store it and escape slashes from possible attack.
$takeuser = mysql_query("SELECT * FROM users WHERE id='$id' LIMIT 1"); //Right now script check id number from url against the database
if (mysql_num_rows($takeuser) < 1) { //checks if we have that id number in our database
echo "User doesn't exist!"; //inform the user that we found 0 result
} else { //or if we found some
while ($row=mysql_fetch_array($takeuser)) { //Taking the result set
$sql="INSERT INTO friends (username, friendname)
VALUES
('$_SESSION[user]',' . $row['id'] . '";
} //closing the loop
} //closing the "if" statement
mysql_close($link); //and then we close connection
?>
the problem i'm having is the insert part. i'm trying to put it in the friends table. as you can see it takes the id from the url and puts it to the database. then i have it write to the database the the friendname and your name for later recovery.
<?php
session_start();
if (!isset($_SESSION['user']))
{
die ("Access Denied");
}
?>
<?php
include '../login/dbc.php';
//first open connection to your database
$id = mysql_real_escape_string($_GET['id']); //catch the id number from url, store it and escape slashes from possible attack.
$takeuser = mysql_query("SELECT * FROM users WHERE id='$id' LIMIT 1"); //Right now script check id number from url against the database
if (mysql_num_rows($takeuser) < 1) { //checks if we have that id number in our database
echo "User doesn't exist!"; //inform the user that we found 0 result
} else { //or if we found some
while ($row=mysql_fetch_array($takeuser)) { //Taking the result set
$sql="INSERT INTO `friends` (`username`, `friendname`) VALUES ('{$_SESSION[user]}','{$row['id']}'";
mysql_query($sql);
} //closing the loop
} //closing the "if" statement
mysql_close($link); //and then we close connection
?>
cause that doesn't work, if that wasn't what you were thinking then what were you
Last edited by Benjamin on Fri May 08, 2009 9:30 pm, edited 1 time in total.
Reason:Changed code type from text to php.