<?php$which=$_POST['which'];$applicant=$_POST['applicant'];session_start();r

1. <?php
2. $which=$_POST['which'];
3. $applicant=$_POST['applicant'];
4. session_start();
5. require_once 'functions.php';
6. if(!isset($_SESSION['name'])){
7. session_destroy();
8. header('Location:register.php');
9. }
10. try{
11. $pdo=connect();
12. if($which='y'){
13. $sql="SELECT * from friend_table where friend1=? and friend2=?";
14. $stmt=$pdo->prepare($sql);
15. $stmt->execute(array($_SESSION['name'],$applicant));
16. $result=$stmt->fetch(PDO::FETCH_ASSOC);
17. if($result==NULL){
18. $sql="INSERT into friend_table(friend1,friend2) values(?,?)";
19. $stmt=$pdo->prepare($sql);
20. $stmt->execute(array($_SESSION['name'],$applicant));
21. $sql="INSERT into friend_table(friend1,friend2) values(?,?)";
22. $stmt=$pdo->prepare($sql);
23. $stmt->execute(array($applicant,$_SESSION['name']));
24. $sql="DELETE from friend_apply_table where applicant=? and receiver=?";
25. $stmt=$pdo->prepare($sql);
26. $stmt->execute(array($applicant,$_SESSION['name']));
27. $sql="DELETE from friend_apply_table where applicant=? and receiver=?";
28. $stmt=$pdo->prepare($sql);
29. $stmt->execute(array($_SESSION['name'],$applicant));
30. }
31. }else if($which='n'){
32. $sql="DELETE from friend_apply_table where applicant=? and receiver=?";
33. $stmt=$pdo->prepare($sql);
34. $stmt->execute(array($applicant,$_SESSION['name']));
35. }
36. header('Location:friend_receive.php');
37. }catch (PDOException $e){
38. echo $e->getMessage();
39. exit;
40. }
41.  
42. ?>