-
Notifications
You must be signed in to change notification settings - Fork 0
/
friendslist.php
99 lines (97 loc) · 2.95 KB
/
friendslist.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<!DOCTYPE HTML5>
<html>
<head>
<link rel="stylesheet" href="css/base.css" />
<link rel="stylesheet" href="css/friends.css" />
<meta charset="UTF-8">
<title>Friends List</title>
</head>
<body>
<?php require("php/topbar.php"); ?>
<div class="maindiv">
<?php
session_start();
require_once("php/database.php");
require_once("php/storedprocedures.php");
require_once("php/error.php");
$db = connectToDatabase();
if($db){
if($_POST['addfriendid']){
$results = addFriend($db, $_SESSION['id'], $_POST['addfriendid'], $_SESSION['token']);
switch($results[SP::ERROR]){
case ERR::OK:
echo "<p>Friend added! <a href='friendslist.php'>See friends</a></p>";
break;
case ERR::TOKEN_EXPIRED:
case ERR::TOKEN_FAIL:
case ERR::USER_NO_TOKEN:
header("Location: logout.php?error=". $results[SP::ERROR]);
break;
default:
echo "<p>Could not add friend. Error: ". $ERRORS[$results[SP::ERROR]] ."</p>";
break;
}
}
elseif($_POST['deletefriendid']){
$results = removeFriend($db, $_SESSION['id'], $_POST['deletefriendid'], $_SESSION['token']);
switch($results[SP::ERROR]){
case ERR::OK:
echo "<p>Friend removed! <a href='friendslist.php'>See friends</a></p>";
break;
case ERR::TOKEN_EXPIRED:
case ERR::TOKEN_FAIL:
case ERR::USER_NO_TOKEN:
header("Location: logout.php?error=". $results[SP::ERROR]);
break;
default:
echo "<p>Could not remove friend. Error: ". $ERRORS[$results[SP::ERROR]] ."</p>";
break;
}
}
else{
$results = getFriends($db, $_SESSION['id'], $_SESSION['token']);
$errorCode = $results[SP::ERROR];
unset($results[SP::ERROR]);
switch($errorCode){
case ERR::OK:
if(count($results) == 0){
echo "<p>You have no friends ;_;</p>";
}
foreach($results as $num => $friend){
$friendInfo = getPublicUserDetails($db, $friend[FRIEND::FRIEND_ID]);
echo <<<EOT
<div class="friendbox">
<a href="profile.php?profileid={$friend[FRIEND::FRIEND_ID]}">
<img class="avatar" src="avatar/{$friend[FRIEND::FRIEND_ID]}.jpg" />
{$friendInfo[USER::DISP_NAME]}</a>
<form method="GET" action="makemessage.php">
<input type="hidden" name="touserid" value="{$friend[FRIEND::FRIEND_ID]}"/>
<input type="submit" value="Send Message" />
</form>
<form method="GET" action="messages.php">
<input type="hidden" name="userid" value="{$friend[FRIEND::FRIEND_ID]}"/>
<input type="submit" value="View Messages" />
</form>
<form method="POST" action="friendslist.php">
<input type="hidden" name="deletefriendid" value="{$friend[FRIEND::FRIEND_ID]}"/>
<input type="submit" value="Remove Friend" />
</form>
</div>
EOT;
}
break;
case ERR::TOKEN_EXPIRED:
case ERR::TOKEN_FAIL:
case ERR::USER_NO_TOKEN:
header("Location: logout.php?error=". $results[SP::ERROR]);
break;
}
}
}
else{
echo "<p>Could not connect to database, please try again later.</p>";
}
?>
</div>
</body>
</html>