Why won't this add things to the database?

Question

I am trying to make a follow system - a bit like what Twitter has. For some reason, nothing is added to the database when I click the 'follow' button. How can I fix this?

The code I have is:

$my_id = $_SESSION['user_id'];
$u_id1 = $_GET['id'];
$check = mysqli_query($con,"SELECT id FROM follow WHERE user_one='$my_id' AND user_two='$u_id1'");    
if(mysqli_num_rows($check) == 1) {
        echo "<a href='follow_action.php?do=unfollow&user_id=$u_id1'>Unfollow</a> ";
        }   
        else {
        echo "<strong><a href='follow_action.php?do=follow&user_id=$u_id1'>Follow</a></strong>";
        }

In the follow_action.php document, I have this code:

$my_id = $_SESSION['user_id'];
$user_id = $_GET['user_id'];
$followAction = "INSERT INTO follow VALUES ('', '$my_id', '$user_id')";
$unfollowAction = "DELETE FROM 'follow' WHERE 'user_one'='$my_id' AND 'user_two'='$user_id'";
$u_id1 = $_GET['user_id'];
if( $do == ['follow'] ) {
    mysqli_query( $con, $followAction );
}
if( $do == ['unfollow'] ) {
    mysqli_query( $con, $unfollowAction );
}
$user_id3 = $_GET['user_id'];
header('Location:users.php?id='.$user_id3);

The follow table in the database has these rows: id, user_one and user_two - with user_one being the logged in user and user_two the user who is wanted to be followed.

in follow_action where do you set `$do`?You probably meant `$u_id1` in the if conditions. — Mihai, Feb 07 '16 at 12:08
**Danger**: You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that you need to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. — Quentin, Feb 07 '16 at 12:30

Vadivel S · Answer 1 · 2016-02-09T10:17:33.503

0

You Change in follow_action.php file like this

$my_id = $_SESSION['user_id'];
$user_id = $_GET['user_id'];
$do = $_GET['do'];
$followAction = "INSERT INTO follow VALUES ('', '$my_id', '$user_id')";
$unfollowAction = "DELETE FROM 'follow' WHERE 'user_one'='$my_id' AND 'user_two'='$user_id'";
$u_id1 = $_GET['user_id'];
if( $do == 'follow' ) {
mysqli_query( $con, $followAction );
}
if( $do == 'unfollow' ) {
mysqli_query( $con, $unfollowAction );
}
$user_id3 = $_GET['user_id'];
header('Location:users.php?id='.$user_id3);

You not get do value .do value is follow or unfollow

you Try die(mysql_error()) near it show error in your sql query

mysqli_query( $con, $followAction ) or die(mysqli_error());

edited Feb 09 '16 at 10:17

answered Feb 07 '16 at 12:27

Vadivel S

660
8
15

Unfortunately, it still doesn't work. Do you know what else might be wrong? – fraser_28 Feb 07 '16 at 13:35
There is no error. When the link is clicked, nothing happens. – fraser_28 Feb 08 '16 at 21:54
you url like this localhost/projectname/follow_action.php?do=unfollow&user_id=2' format ? – Vadivel S Feb 09 '16 at 04:39
Yes, should I change it to something else? – fraser_28 Feb 09 '16 at 07:31
you use die() function like this mysqli_query( $con, $followAction ) or die(mysqli_error()); – Vadivel S Feb 09 '16 at 10:18
It doesn't give me any error. Is there anything else I could do? – fraser_28 Feb 10 '16 at 20:44

Why won't this add things to the database?

1 Answers1