1

I am trying to make a follow system - a bit like what Twitter has. For some reason, nothing is added to the database when I click the 'follow' button. How can I fix this?

The code I have is:

$my_id = $_SESSION['user_id'];
$u_id1 = $_GET['id'];
$check = mysqli_query($con,"SELECT id FROM follow WHERE user_one='$my_id' AND user_two='$u_id1'");    
if(mysqli_num_rows($check) == 1) {
        echo "<a href='follow_action.php?do=unfollow&user_id=$u_id1'>Unfollow</a> ";
        }   
        else {
        echo "<strong><a href='follow_action.php?do=follow&user_id=$u_id1'>Follow</a></strong>";
        } 

In the follow_action.php document, I have this code:

$my_id = $_SESSION['user_id'];
$user_id = $_GET['user_id'];
$followAction = "INSERT INTO follow VALUES ('', '$my_id', '$user_id')";
$unfollowAction = "DELETE FROM 'follow' WHERE 'user_one'='$my_id' AND 'user_two'='$user_id'";
$u_id1 = $_GET['user_id'];
if( $do == ['follow'] ) {
    mysqli_query( $con, $followAction );
}
if( $do == ['unfollow'] ) {
    mysqli_query( $con, $unfollowAction );
}
$user_id3 = $_GET['user_id'];
header('Location:users.php?id='.$user_id3);

The follow table in the database has these rows: id, user_one and user_two - with user_one being the logged in user and user_two the user who is wanted to be followed.

fraser_28
  • 49
  • 4
  • in follow_action where do you set `$do`?You probably meant `$u_id1` in the if conditions. – Mihai Feb 07 '16 at 12:08
  • **Danger**: You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that you need to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Feb 07 '16 at 12:30

1 Answers1

0

You Change in follow_action.php file like this

$my_id = $_SESSION['user_id'];
$user_id = $_GET['user_id'];
$do = $_GET['do'];
$followAction = "INSERT INTO follow VALUES ('', '$my_id', '$user_id')";
$unfollowAction = "DELETE FROM 'follow' WHERE 'user_one'='$my_id' AND 'user_two'='$user_id'";
$u_id1 = $_GET['user_id'];
if( $do == 'follow' ) {
mysqli_query( $con, $followAction );
}
if( $do == 'unfollow' ) {
mysqli_query( $con, $unfollowAction );
}
$user_id3 = $_GET['user_id'];
header('Location:users.php?id='.$user_id3);

You not get do value .do value is follow or unfollow

you Try die(mysql_error()) near it show error in your sql query

mysqli_query( $con, $followAction ) or die(mysqli_error());
Vadivel S
  • 660
  • 8
  • 15