<?php
echo '<div class="content_left">
<div id="breadcrumb">
<ul class="crumbs">
<li class="first"><a href="index.php" style="z-index:9;"><span></span>' . $lang['index'] . '</a></li>
<li><a href="friends.php" style="z-index:8;">' . $lang['my_friends'] . '</a></li>
</ul>
</div>
</div>
<div class="content_right">';
include('modules/search.inc.php');
echo '</div>
<div class="clear_long"></div>';
$ret = 1;
echo '<div class="main_menu">';
$ret = include 'framework/templates/'.$main_content['menu'];
echo '<div id="line"></div>';
$ret = include 'framework/templates/'.$main_content['infos'];
echo '</div>';
echo '<div class="main_content">';
echo '<h1 class="p_space">' . $lang['my_friends'] . '</h1>';
if(isset($_GET['add'])) {
$query = mysql_query("SELECT id FROM members WHERE id = '" . $_GET['add'] . "'");
if(mysql_num_rows($query) > 0) {
$_query = mysql_query("SELECT * FROM requests WHERE sender = '" . (int)$_SESSION['id'] . "' AND recipient = '" . $_GET['add'] . "'");
if(mysql_num_rows($_query) == 0) {
mysql_query("INSERT INTO requests SET sender = '" . (int)$_SESSION['id'] . "', recipient = '" . $_GET['add'] . "'");
}
}
}
if(isset($_GET['accept'])) {
$query = mysql_query("SELECT * FROM requests WHERE sender = '" . $_GET['accept'] . "' AND recipient = '" . (int)$_SESSION['id'] . "'");
if(mysql_num_rows($query) > 0) {
$_query = mysql_query("SELECT * FROM members WHERE id = '" . $_GET['accept'] . "'");
$_row = mysql_fetch_assoc($_query);
$friends = unserialize($_row['friends']);
$friends[] = (int)$_SESSION['id'];
mysql_query("UPDATE members SET friends = '" . serialize($friends) . "' WHERE id = '" . $_GET['accept'] . "'");
$_query = mysql_query("SELECT * FROM members WHERE id = '" . (int)$_SESSION['id'] . "'");
$_row = mysql_fetch_assoc($_query);
$friends = unserialize($_row['friends']);
$friends[] = $_GET['accept'];
mysql_query("UPDATE members SET friends = '" . serialize($friends) . "' WHERE id = '" . (int)$_SESSION['id'] . "'");
}
mysql_query("DELETE FROM requests WHERE sender = '" . $_GET['accept'] . "' AND recipient = '" . (int)$_SESSION['id'] . "'");
}
$query = mysql_query("SELECT * FROM requests WHERE recipient = '" . (int)$_SESSION['id'] . "'");
if(mysql_num_rows($query) > 0) {
while($row = mysql_fetch_assoc($query)) {
$_query = mysql_query("SELECT * FROM members WHERE id = '" . $row['sender'] . "'");
while($_row = mysql_fetch_assoc($_query)) {
echo '<p class="success">' . htmlentities($_row['name'], ENT_QUOTES) . ' ' . $lang['wants_be_friend'] . ' - <a href="' . $_SERVER['PHP_SELF'] . '?accept=' . (int)$_row['id'] . '" class="success_link">' . $lang['accept'] . '?</a></p>';
}
}
}
echo '<h2>' . $lang['member_list'] . '</h2>';
$query = mysql_query("SELECT * FROM members WHERE id != '" . (int)$_SESSION['id'] . "'");
while($row = mysql_fetch_assoc($query)) {
$alreadyFriend = FALSE;
$friends = unserialize($row['friends']);
if(isset($friends[0])) {
foreach($friends as $friend) {
if($friend == (int)$_SESSION['id']) $alreadyFriend = TRUE;
}
}
echo '<span class="blue_span">' . htmlentities($row['name'], ENT_QUOTES) . '</span>';
$_query = mysql_query("SELECT * FROM requests WHERE sender = '" . (int)$_SESSION['id'] . "' AND recipient = '" . (int)$row['id'] . "'");
if(mysql_num_rows($_query) > 0) {
echo ' - <em>' . $lang['friendship_requested'] . '</em>';
}elseif($alreadyFriend == FALSE) {
echo ' - <a href="' . $_SERVER['PHP_SELF'] . '?add=' . (int)$row['id'] . '">' . $lang['add_as_friend'] . '</a>';
}else{
echo ' - ' . $lang['already_friends'] . '';
}
echo '';
}
echo '<h3>' . $lang['friend_list'] . '</h3>';
$query = mysql_query("SELECT friends FROM members WHERE id = '" . (int)$_SESSION['id'] . "'");
while($row = mysql_fetch_assoc($query)) {
$friends = unserialize($row['friends']);
if(isset($friends[0])) {
foreach($friends as $friend) {
$_query = mysql_query("SELECT name FROM members WHERE id = '" . $friend . "'");
$_row = mysql_fetch_assoc($_query);
echo htmlentities($_row['name'], ENT_QUOTES) . '';
}
}
}
?>