Gazelle/sections/friends/add.php

24 lines
404 B
PHP
Raw Normal View History

2013-07-10 00:08:53 +00:00
<?php
2011-03-28 14:21:28 +00:00
authorize();
2013-06-11 08:01:24 +00:00
if (!is_number($_GET['friendid'])) {
error(404);
}
2011-03-28 14:21:28 +00:00
$FriendID = db_string($_GET['friendid']);
2013-06-11 08:01:24 +00:00
// Check if the user $FriendID exists
2013-07-10 00:08:53 +00:00
$DB->query("
SELECT 1
FROM users_main
WHERE ID = '$FriendID'");
if (!$DB->has_results()) {
2013-06-11 08:01:24 +00:00
error(404);
}
2013-04-19 08:00:55 +00:00
$DB->query("
INSERT IGNORE INTO friends
(UserID, FriendID)
2013-07-10 00:08:53 +00:00
VALUES
('$LoggedUser[ID]', '$FriendID')");
2013-04-19 08:00:55 +00:00
2011-03-28 14:21:28 +00:00
header('Location: friends.php');