<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset ($_SESSION ["name"]))
echo "Sie müssen angemeldet sein<br>";
else {
$handle = mysql_connect ($server, $MYSQL_NAME, $MYSQL_PASSWORD);
$myname = htmlentities (mysql_real_escape_string($_SESSION ["name"], $handle));
mysql_query ("USE " . $databasename, $handle);
$str = $_GET ["friends"];
for ($i = 0; $i < sizeof ($str); $i++) {
$str1 = htmlentities(mysql_real_escape_string ($str [$i], $handle));
//$result = mysql_query ("SELECT * FROM users WHERE nickname=\"". $str1 ."\"", $handle);
if (mysql_num_rows(mysql_query ("SELECT * FROM users WHERE nickname=\"". $str1 ."\"", $handle)) == 0)
echo "Benutzer \"" . $str1 . "\" existiert nicht<br>\n";
else {
if (mysql_num_rows (mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu=\"". $str1 . "\" AND nicknamevon=\"" . $myname . "\" OR nicknamevon=\"". $str1 . "\" AND nicknamezu=\"" . $myname . "\"", $handle)) != 0)
echo "Sie haben bereits eine Freundschaftsanfrage an " . $str1 . " gesendet <br>\n";
else {
mysql_query ("INSERT INTO freundschaftsanfrage VALUES (\"" . $myname . "\",\"" . $str1 . "\")", $handle);
}
}
}
mysql_close ($handle);
}
?>
