<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset($_SESSION ["name"]))
echo "Sie müssen angemeldet sein<br>\n";
else {
include ('/home/david/mysqldata.php');
$handle = mysql_connect ($server, $MYSQL_NAME, $MYSQL_PASSWORD);
mysql_query ("USE ".$databasename);
$myname = htmlentities (mysql_real_escape_string ($_SESSION ["name"], $handle));
$str = $_GET ["freundschaftsanfrage"];
for ($i = 0; $i < sizeof ($str); $i++) {
$str1 = htmlentities (mysql_real_escape_string($str [$i], $handle));
$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamevon=\"" . $str1 . "\"", $handle);
if (mysql_num_rows ($result) == 0)
echo $str1 . " hat ihnen keine Freundschaftanfrage gesendet<br>\n";
else {
$result = mysql_query ("SELECT * FROM freunde WHERE freund1=\"" . $str1 . "\" AND freund2=\"" . $myname ."\" OR freund2=\"" . $str1 . "\" AND freund1=\"" . $myname ."\"", $handle);
if (mysql_num_rows ($result) != 0)
echo "Ihr seid bereits Freunde<br>\n";
else
mysql_query ("INSERT INTO freunde VALUES (\"". $myname ."\",\"" . $str1 . "\")", $handle);
}
}
mysql_close ($handle);
}
?>
