更新了代码问题-----
<?php
require "conn.php";
require "header.php";
if (isset($_GET["id"])) { // all the below code is happening only when $_GET["id"] is defined
$id = mysqli_real_escape_string($conn,$_GET["id"]); //
$myid = $_SESSION["USER"]; //
$image = "<img src='showimage.php?id=".$id." class='img-responsive img-circle margin' style='display:inline' alt='Bird' width='350' height='350'>";
$query = "SELECT * FROM register WHERE id='".$id."'";
$result = mysqli_query($conn,$query);
while ($row = mysqli_fetch_assoc($result)) {
$firstname = $row["firstname"];
$lastname = $row["lastname"];
$status = $row["status"];
$bio = $row["bio"];
}
if ($id == $myid) {
$centertext = "<center><font color='black'> You cannot add yourself as your friend</font></center>"; //echo this variable somewhere you want
} else {
$aquery = "SELECT * FROM friends WHERE user_id='$myid'";
$aresult = mysqli_query($conn,$aquery);
while ($arow = mysqli_fetch_assoc($aresult)) {
$friend_id = $arow["friend_id"];
$user_id = $arow["user_id"];
$db_userid = $arow["id"];
// Making a query for fetch friends data
$bquery = "SELECT * FROM friends WHERE friend_id='$id'"; // make first ' then " then the variable and then " and ' this is for preventing sql-injections
$bresult = mysqli_query($conn,$bquery);
$count = mysqli_num_rows($bresult);
if ($count !== 0) { // =! will not check if $count is not 0 you have to change it to !==
$cquery = "SELECT * FROM friends"; // leave the '' out here, cause otherwise it's handled as a string, now its a int
$cresult = mysqli_query($conn,$cquery);
while ($crow = mysqli_fetch_assoc($cresult)) {
$db_status = $crow["status"];
if ($db_status == 0) {
$statusAlreadySent = "Your friend request has already been sent";
} else {
$statusFriends = "You are friends";
}
}
} else {
$noFriendsYet = "You have to send him friend request";
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<!-- Theme Made By www.w3schools.com - No Copyright -->
<title>Profile</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<link href="https://fonts.googleapis.com/css?family=Montserrat" rel="stylesheet">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<style>
body {
font: 20px Montserrat, sans-serif;
line-height: 1.8;
color: #f5f6f7;
}
p {font-size: 16px;}
.margin {margin-bottom: 45px;}
.bg-1 {
background-color: #1abc9c; /* Green */
color: #ffffff;
}
.bg-2 {
background-color: #474e5d; /* Dark Blue */
color: #ffffff;
}
.bg-3 {
background-color: #ffffff; /* White */
color: #555555;
}
.bg-4 {
background-color: #2f2f2f; /* Black Gray */
color: #fff;
}
</style>
</head>
<body>
<div class="container-fluid bg-1 text-center">
<h3 class="margin"><?php if (isset($firstname)) {echo $firstname;} elseif (isset($lastname)) {echo $lastname;} ?></h3>
<?php
if (isset($image)) {echo $image;} // maybe you have to change this to if (isset($image)) {$image;}
?>
<h3 class="margin">Status: <?php echo "$status"; ?></h3>
<br>
</div>
<!--here comes the $centertext from above-->
<?php
if (isset($centertext)) {
echo "$centertext";
}
if (isset($statusFriends)) {
echo "$statusFriends";
}
if (isset($statusAlreadySent)) {
echo "$statusAlreadySent";
}
if (isset($noFriendsYet)) {
echo "<center>
<form method='post' action='profile.php?id=$id'>
<input type='submit' value='Add $firstname as friend' class='btn btn-warning' name='addfriend'/>
</form>
</center>
";
}
if (isset($_POST["addfriend"])) {
$dquery = "INSERT INTO friends (user_id,friend_id,status) VALUES ('$myid','$id','0')";
$dresult = mysqli_query($conn,$dquery);
echo "Friend Request has sent";
}
?>
<!-- Second Container -->
<div class="container-fluid bg-2 text-center">
<h3 class="margin">About <?php if (isset($firstname)) {echo $firstname;} ?></h3>
<p><?php if (isset($bio)) {echo $bio;}; ?></p>
</div>
<!-- Third Container (Grid) -->
<div class="container-fluid bg-3 text-center">
<h3 class="margin"> <?php if (isset($firstname)) {echo $firstname . " Friends";} ?></h3><br>
<div class="row">
<div class="col-sm-4">
<p></p>
<img src="birds1.jpg" class="img-responsive margin" style="width:100%" alt="Image">
</div>
</div>
</div>
<!-- Footer -->
<footer class="container-fluid bg-4 text-center">
<p>FriendsLogin</p>
</footer>
</body>
</html>
<?php
require "conn.php";
require "header.php";
if (isset($_GET["id"])) {
$id = mysqli_real_escape_string($conn,$_GET["id"]);
$myid = $_SESSION["USER"];
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<!-- Theme Made By www.w3schools.com - No Copyright -->
<title>Profile</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<link href="https://fonts.googleapis.com/css?family=Montserrat" rel="stylesheet">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<style>
body {
font: 20px Montserrat, sans-serif;
line-height: 1.8;
color: #f5f6f7;
}
p {font-size: 16px;}
.margin {margin-bottom: 45px;}
.bg-1 {
background-color: #1abc9c; /* Green */
color: #ffffff;
}
.bg-2 {
background-color: #474e5d; /* Dark Blue */
color: #ffffff;
}
.bg-3 {
background-color: #ffffff; /* White */
color: #555555;
}
.bg-4 {
background-color: #2f2f2f; /* Black Gray */
color: #fff;
}
</style>
</head>
<body>
<?php
$query = "SELECT * FROM register WHERE id=$id";
$result = mysqli_query($conn,$query);
while ($row = mysqli_fetch_assoc($result)) {
$firstname = $row["firstname"];
$lastname = $row["lastname"];
$status = $row["status"];
$bio = $row["bio"];
}
?>
<div class="container-fluid bg-1 text-center">
<h3 class="margin"><?php echo "$firstname $lastname"; ?></h3>
<img src="showimage.php?id=<?php echo "$id"; ?>" class="img-responsive img-circle margin" style="display:inline" alt="Bird" width="350" height="350">
<h3 class="margin">Status: <?php echo "$status"; ?></h3> <br>
</div>
<?php
if ($id == $myid) {
echo "<center><font color='black'> You cannot add yourself as your friend</font></center>";
} else {
$aquery = "SELECT * FROM friends WHERE user_id='$myid'";
$aresult = mysqli_query($conn,$aquery);
while ($arow = mysqli_fetch_assoc($aresult)) {
$friend_id = $arow["friend_id"];
$user_id = $arow["user_id"];
$db_userid = $arow["id"];
// Making a query for fetch friends data
$bquery = "SELECT * FROM friends WHERE friend_id='$id'";
$bresult = mysqli_query($conn,$bquery);
$count = mysqli_num_rows($bresult);
if ($count =! 0) {
$cquery = "SELECT * FROM friends WHERE status='1'";
$cresult = mysqli_query($conn,$cquery);
while ($crow = mysqli_fetch_assoc($cresult)) {
$status = $crow["status"];
if ($status == 0) {
echo "Your friend request has already been sent";
} else {
echo "You are friends";
}
}
} else {
echo "You have to send him friend request";
}
}
}
?>
<!-- Second Container -->
<div class="container-fluid bg-2 text-center">
<h3 class="margin">About <?php echo "$firstname"; ?></h3>
<p><?php echo "$bio"; ?></p>
</div>
<!-- Third Container (Grid) -->
<div class="container-fluid bg-3 text-center">
<h3 class="margin"> <?php echo "$firstname friends"; ?></h3><br>
<div class="row">
<div class="col-sm-4">
<p></p>
<img src="birds1.jpg" class="img-responsive margin" style="width:100%" alt="Image">
</div>
</div>
</div>
<!-- Footer -->
<footer class="container-fluid bg-4 text-center">
<p>FriendsLogin</p>
</footer>
</body>
</html>
请帮帮我这段代码有什么问题?我正在运行它我的localhost,它无法正常工作。 所以这是我发送朋友请求和朋友请求的用户个人资料页面。
答案 0 :(得分:0)
现在它应该使用此代码。我在评论中解释了错误的部分:
<?php
require "conn.php";
require "header.php";
if (isset($_GET["id"])) { // all the below code is happening only when $_GET["id"] is defined
$id = mysqli_real_escape_string($conn,$_GET["id"]); //this won't protect you from sql injections...
$myid = $_SESSION["USER"]; //
$image = "<img src='showimage.php?id=".$id." class='img-responsive img-circle margin' style='display:inline' alt='Bird' width='350' height='350'>";
$query = "SELECT * FROM register WHERE id='".$id."'";
$result = mysqli_query($conn,$query);
while ($row = mysqli_fetch_assoc($result)) {
$firstname = $row["firstname"];
$lastname = $row["lastname"];
$status = $row["status"];
$bio = $row["bio"];
}
if ($id == $myid) {
$centertext = "<center><font color='black'> You cannot add yourself as your friend</font></center>"; //echo this variable somewhere you want
} else {
$aquery = "SELECT * FROM friends WHERE user_id='".$myid."'";
$aresult = mysqli_query($conn,$aquery);
while ($arow = mysqli_fetch_assoc($aresult)) {
$friend_id = $arow["friend_id"];
$user_id = $arow["user_id"];
$db_userid = $arow["id"];
// Making a query for fetch friends data
$bquery = "SELECT * FROM friends WHERE friend_id='".$id."'"; // make first ' then " then the variable and then " and ' this is for preventing sql-injections
$bresult = mysqli_query($conn,$bquery);
$count = mysqli_num_rows($bresult);
if ($count !== 0) { // =! will not check if $count is not 0 you have to change it to !==
$cquery = "SELECT * FROM friends WHERE status=1"; // leave the '' out here, cause otherwise it's handled as a string, now its a int
$cresult = mysqli_query($conn,$cquery);
while ($crow = mysqli_fetch_assoc($cresult)) {
$status = $crow["status"];
if ($status == 0) {
$statusAlreadySent = "Your friend request has already been sent";
} else {
$statusFriends = "You are friends";
}
}
} else {
$noFriendsYet = "You have to send him friend request";
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<!-- Theme Made By www.w3schools.com - No Copyright -->
<title>Profile</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<link href="https://fonts.googleapis.com/css?family=Montserrat" rel="stylesheet">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<style>
body {
font: 20px Montserrat, sans-serif;
line-height: 1.8;
color: #f5f6f7;
}
p {font-size: 16px;}
.margin {margin-bottom: 45px;}
.bg-1 {
background-color: #1abc9c; /* Green */
color: #ffffff;
}
.bg-2 {
background-color: #474e5d; /* Dark Blue */
color: #ffffff;
}
.bg-3 {
background-color: #ffffff; /* White */
color: #555555;
}
.bg-4 {
background-color: #2f2f2f; /* Black Gray */
color: #fff;
}
</style>
</head>
<body>
<div class="container-fluid bg-1 text-center">
<h3 class="margin"><?php if (isset($firstname)) {echo $firstname;} elseif (isset($lastname)) {echo $lastname;} ?></h3>
<?php
if (isset($image)) {echo $image;} // maybe you have to change this to if (isset($image)) {$image;}
?>
<h3 class="margin">Status: <?php if (isset($statusAlreadySent)) {echo $statusAlreadySent;} elseif (isset($statusFriends)) {echo $statusFriends;} elseif (isset($noFriendsYet)) {echo $noFriendsYet;} else {echo "No status"; }?></h3>
<br>
</div>
<!--here comes the $centertext from above-->
<?php
if (isset($centertext)) {echo $centertext;};
?>
<!-- Second Container -->
<div class="container-fluid bg-2 text-center">
<h3 class="margin">About <?php if (isset($firstname)) {echo $firstname;} ?></h3>
<p><?php if (isset($bio)) {echo $bio;}; ?></p>
</div>
<!-- Third Container (Grid) -->
<div class="container-fluid bg-3 text-center">
<h3 class="margin"> <?php if (isset($firstname)) {echo $firstname . "friends";} ?></h3><br>
<div class="row">
<div class="col-sm-4">
<p></p>
<img src="birds1.jpg" class="img-responsive margin" style="width:100%" alt="Image">
</div>
</div>
</div>
<!-- Footer -->
<footer class="container-fluid bg-4 text-center">
<p>FriendsLogin</p>
</footer>
</body>
</html>