[How to] Checking to see if two variables are in a row.

[gtrufitt]

Hi,

 

I am trying to build a friends list. I have the tables:

 

user with the columns: userid, f_name.

friends with the columns: id, friendid.

 

So far I am using the query:

 

$friendid = $_GET['friendid'];

$getfriend = "SELECT id, friendid FROM friends WHERE friendid = '$friendid'";

$fr = mysql_query($getfriend) or die(mysql_error()."<Br /><br /.".$login); // don't use your SQL statement in your error. It will let malicious users know your table structure and open it up to sql injection.

$countfr = mysql_num_rows($fr);

$row = mysql_fetch_array($fr);
$id = $sesid;
$friendid = $row['friendid'];

 

Where $friendid is using GET to pass the variable from a previous page.

and $sesid is saved as the logged in user's ID as a session variable.

 

How do I check to see if the users are already friends, by checking to see if both $friendid and $id are in a row?

 

Thanks

[mainewoods]

use the sql logical 'AND' operator

$getfriend = "SELECT id, friendid FROM friends WHERE id = '$sesid' AND friendid = '$friendid'";

--one note: if id and friendid are defined as numeric type fields in your db, like integers, leave off the single quotes around the use of them in your sql statement.

[BlueSkyIS]

i suggest always quoting values so you don't have to worry about data types. MySQL doesn't care either way.

[Barand]

i suggest always quoting values so you don't have to worry about data types. MySQL doesn't care either way.

 

It does care if you don't quote string variables.

[gtrufitt]

Thank you