Location: PHPKode > projects > H-tracker > friends.php
<?
//
//  H-Tracker v0.2
//    http://h-tracker.org
//    Based on TorrentTrader (http://www.torrenttrader.org)
//
//
require_once("backend/functions.php");
dbconn();
loggedinonly();
stdhead();

if (!isset($_GET['user'])) {
      show_error_msg("Error", " ... No friend selected", "1");
	  stdfoot();
	  exit;
	}

$fid = htmlspecialchars($_GET['user'], ENT_QUOTES);

$ress = mysql_query("SELECT username, last_access FROM users WHERE id = '".$fid."' ")  or die (mysql_error());
$arrow = mysql_fetch_assoc($ress);

$fusername = htmlspecialchars($arrow['username'], ENT_QUOTES);

if ((get_row_count("friends", "WHERE userid=".$CURUSER['id']." AND friendid = ".$fid."")) > 0) {
      show_error_msg("Error", "<a href='account-details.php?id=".$fid."'>".$fusername."</a> is already in your friends list.", "1");
	  stdfoot();
	  exit;
} elseif ($CURUSER['id'] == $fid) {
	show_error_msg("Error", "You are trying to add yourself to your friend list, this doesn't make sense!", "1");
	exit;
}

mysql_query("INSERT INTO friends (userid, friendid) VALUES (".$CURUSER['id'].", ".$fid.")") or die (mysql_error());

$friendmsg ="Hi $fusername, $CURUSER[username] just added you to their friends List!";
mysql_query("INSERT INTO messages (poster, sender, receiver, added, msg) VALUES ('0', '0', $fid, NOW(), " . sqlesc($friendmsg) . ")");

begin_frame ("<font color=2fdceb>Succeeded</font>", "center", "200");
echo "Friend Added :<br><br><b><a href='account-details.php?id=".$fid."'>".$fusername."</a></b><br>Last time seen ".$arrow['last_access'];
end_frame();
stdfoot();
?>
PHP Helpdesk script - 100% PHP source code. Try it now!
Return current item: H-tracker