How to stop a Duplicate friend

[Smee]

Hey All

 

Wondering if someone could give me some advice on what im doing wrong with my coding.

 

session_start(); // Start Session

 

$username = $_SESSION["user"];

$username = $_GET['username'];

 

$conn=mysql_connect("","","");

mysql_select_db("");

 

$result = mysql_query ("SELECT * FROM friends WHERE ('$_SESSION[user]', '$_GET[username]')");

 

if (mysql_query($result) == 1)

 

{

echo " You are already friends ";

}

 

else

 

mysql_query ("INSERT INTO friends (me, friend) VALUES ('$_SESSION[user]', '$_GET[username]')");

 

?>

 

Later on in the page i have this to show the information.

 

<?php

 

echo " Friend <b>$_GET[username]</b> Added <br />";

echo " <br />";

echo " <a href='mainpage.php'> Back </a> ";

 

mysql_close()

 

?>

 

I am trying to get a message to show when friends already appear in the me/friend table, if not then insert into the table.

 

I am passing my logged in username through $_SESSION[user] and the friend username through hyper link on the pervious page named hence the $_GET[username].

 

I'm sure this is really simple for most people but i've just started and keep going round in circles. Am i even close

 

Thanks for Any help

 

Smee

 

[peddel]

Ok from looking at ur code ur really at everything that is basic.

First off all this should be placed under the MySQL forum, but i will make effort to make answer for u.

 

First of all i wanna know if this is a page asigned in the action="" attribute of ur HTML form ? SO that i know for sure there is a field somewhere on the form that has a input with name = username.

 

I will make an example that come close to what u need, ill add in comments to be helpfull.

 

Make sure ur form is like this

<form id="formUsername" method="post" action="connection.php">
  <input type="text" size="35" />
  <input type="submit" name="submit" value="check the form !" /> 
</form>

 

The code of connection.php should look like this :

<?php
//no session needs to be started, just make ur form use the POST type so that we can get the value on the next page.
//lets first get the value
$username = $_POST['username']

//make connection to database
mysql_connect('localhost','admin','admin');
mysql_select_db('database');

//check if ur friend is in
$sql = "SELECT * FROM friends WHERE friends.username = '$username'";
$result = mysql_query($sql);

//check if rows are found
$value = mysql_num_rows($result);

//now echo the right respons
if($value == 0){
echo 'You are already friends';
}else{
$sql = "INSERT INTO friends (id,username) VALUES ('?','$username')";
$result = mysql_query($sql);
}
?>

 

Hope this helps getting u to understand it !