Gazelle/sections/friends/add.php

<?php
authorize();
if (!is_number($_GET['friendid'])) {
	error(404);
}
$FriendID = db_string($_GET['friendid']);

// Check if the user $FriendID exists
$DB->query("
	SELECT 1
	FROM users_main
	WHERE ID = '$FriendID'");
if (!$DB->has_results()) {
	error(404);
}

$DB->query("
	INSERT IGNORE INTO friends
		(UserID, FriendID)
	VALUES
		('$LoggedUser[ID]', '$FriendID')");

header('Location: friends.php');
Empty commit 2013-07-10 00:08:53 +00:00			`<?php`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`authorize();`
Empty commit 2013-06-11 08:01:24 +00:00			`if (!is_number($_GET['friendid'])) {`
			`error(404);`
			`}`
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`$FriendID = db_string($_GET['friendid']);`
Empty commit 2013-06-11 08:01:24 +00:00
			`// Check if the user $FriendID exists`
Empty commit 2013-07-10 00:08:53 +00:00			`$DB->query("`
			`SELECT 1`
			`FROM users_main`
			`WHERE ID = '$FriendID'");`
			`if (!$DB->has_results()) {`
Empty commit 2013-06-11 08:01:24 +00:00			`error(404);`
			`}`

Empty commit 2013-04-19 08:00:55 +00:00			`$DB->query("`
			`INSERT IGNORE INTO friends`
			`(UserID, FriendID)`
Empty commit 2013-07-10 00:08:53 +00:00			`VALUES`
			`('$LoggedUser[ID]', '$FriendID')");`
Empty commit 2013-04-19 08:00:55 +00:00
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`header('Location: friends.php');`