include_once 'include/allQueries.php'; if (!$_SESSION['login']) { header('Location:login.php'); } else { $completed = checkComplete(); if ($completed == false) { header('Location:completeAccount.php'); } } if (isset($_GET['q'])) { logout(); header("location:login.php"); } if (isset($_GET['RemoveId'])) { $frienId = $_GET['RemoveId']; $result = removeFriend($frienId); if ($result) { header('Location:Friends.php'); } else { echo "Error"; } } if (isset($_GET['AddId'])) { $frienId = $_GET['AddId']; $result = confirmFriend($frienId); if ($result) { header('Location:Friends.php'); } else { echo "Error"; } }
if (isset($_REQUEST['friends'])) { $friends = $_REQUEST['friends']; } if (isset($_REQUEST['action'])) { switch ($_REQUEST['action']) { case 'createuser': createUser($apikeyvalue, $username, $password, $displayname, $avatarfile, $avatarlink, $profilelink); break; case 'updateuser': updateuser($apikeyvalue, $userid, $username, $password, $newpassword, $displayname, $avatarfile, $avatarlink, $profilelink); break; case 'addfriend': addFriend($apikeyvalue, $userid, $friends); break; case 'removefriend': removeFriend($apikeyvalue, $userid, $friends); break; case 'getfriend': getfriend($apikeyvalue, $userid); break; case 'checkAPIKEY': checkAPIKEY($apikeyvalue); break; case 'checkpassword': checkpassword($apikeyvalue, $password); break; case 'authenticateUser': authenticateUser($apikeyvalue, $username, $password); break; case 'removeuser': removeuser($apikeyvalue, $userid);
require AT_INCLUDE_PATH . 'header.inc.php'; $info = array('INVALID_USER', $_SESSION['course_id']); $msg->printInfos($info); require AT_INCLUDE_PATH . 'footer.inc.php'; exit; } //Handles search queries from side menu if (isset($_GET['searchFriends']) && $_GET['friendsName'] != '') { $wanted = $addslashes($_GET['friendsName']); $friends = searchFriends($wanted, true); } //Handles remove request if (isset($_GET['remove'])) { $id = intval($_GET['id']); // if (isset($_GET['confirm_remove'])){ removeFriend($id); header('Location: ' . url_rewrite(AT_SOCIAL_BASENAME . AT_SOCIAL_INDEX, AT_PRETTY_URL_IS_HEADER)); exit; // } // $msg->addConfirm("are_you_sure?"); // header('Location: '.url_rewrite(AT_SOCIAL_BASENAME.'index.php?remove=yes'.SEP.'id='.$id.SEP.'confirm_remove=yes')); } //Handles request approval, and rejection if (isset($_GET['approval'])) { $id = intval($_GET['id']); if ($_GET['approval'] == 'y') { approveFriendRequest($id); $sql_notify = "SELECT first_name, last_name, email FROM " . TABLE_PREFIX . "members WHERE member_id={$id}"; $result_notify = mysql_query($sql_notify, $db); $row_notify = mysql_fetch_assoc($result_notify); if ($row_notify['email'] != '') {
$results = addFriend($db, $_SESSION['id'], $_POST['addfriendid'], $_SESSION['token']); switch ($results[SP::ERROR]) { case ERR::OK: echo "<p>Friend added! <a href='friendslist.php'>See friends</a></p>"; break; case ERR::TOKEN_EXPIRED: case ERR::TOKEN_FAIL: case ERR::USER_NO_TOKEN: header("Location: logout.php?error=" . $results[SP::ERROR]); break; default: echo "<p>Could not add friend. Error: " . $ERRORS[$results[SP::ERROR]] . "</p>"; break; } } elseif ($_POST['deletefriendid']) { $results = removeFriend($db, $_SESSION['id'], $_POST['deletefriendid'], $_SESSION['token']); switch ($results[SP::ERROR]) { case ERR::OK: echo "<p>Friend removed! <a href='friendslist.php'>See friends</a></p>"; break; case ERR::TOKEN_EXPIRED: case ERR::TOKEN_FAIL: case ERR::USER_NO_TOKEN: header("Location: logout.php?error=" . $results[SP::ERROR]); break; default: echo "<p>Could not remove friend. Error: " . $ERRORS[$results[SP::ERROR]] . "</p>"; break; } } else { $results = getFriends($db, $_SESSION['id'], $_SESSION['token']);