1

I am currently trying to use PHP as a backend and MYSQL as my database to setup a simple PHP script that will send a friend request.

There are two parameters for a friend request in my MYSQL data base, From, Too. The Database name is send_friendreq and the table in that database is pending_req.

I have tried multiple ways of sending a post, including PostMan and a different addon but everytime I send the post, I get an error from my PHP code which is "Failed". From my understanding this means that it is connecting to the database fine, but it's not actually sending the data too the Database.

I'm not sure if I have the database set up wrong, or if my PHP is wrong but any help would be extrememly appreciated.

Here is my code for the PHP backend

//Check connection
if (mysqli_connect_errno())
{
    echo "Failed to connect to MySQL: " . mysqli_connect_errno();
}

if (isset($_POST['Username']) && isset($_POST['FriendReq']))
{
    $username = $_POST['Username'];
    $usernamebeingreq = $_POST['FriendReq'];
    //$sqlCheck = "SELECT Username FROM Users WHERE Username = '" . $usernamebeingreq . "'";
    //$resultCheck = mysqli_query($con, $sqlCheck);

    //if(!$resultCheck)
    //{
        //echo "Invalid Username";
    //}
    //else
    //{
        $sql="INSERT INTO pending_req (To, From) VALUES ('$usernamebeingreq', '$username')";
        $result = mysqli_query($con, $sql);
        if(!$result)
    {
        echo 'Failed';  

    } 
    else
    {
        echo 'Friend added!';
    }
    //}
}
else
{
    echo 'Missing Parameters';
}
?>

If you are in need of my database information, I can reveal that!

Lohardt
  • 1,057
  • 1
  • 12
  • 26
PurpSchurp
  • 581
  • 5
  • 14

1 Answers1

3

from and to are reserved words in SQL you have to add backticks arrond:

 $sql="INSERT INTO pending_req (`To`, `From`) VALUES ('$usernamebeingreq', '$username')";

or better rename the column.

Hint: use prepared statement. it is much more safty.

Jens
  • 67,715
  • 15
  • 98
  • 113