0

I have created a search using php so that when a user is logged in they can search for other users and add them as a friend. When the user clicks the add as friend button I would like to post the username of the user that is logged in and the username of the user in the search result to a database table called friend_request.

Here is my code

<?php
if(isset($_POST['search'])) {
    $search = $_POST['search'];
    $search = preg_replace("#[^0-9a-z]i#","", $search);
   
$search = "%$search%";

if ($stmt = $db->prepare("SELECT username, name, location, gender, date_of_birth, url FROM Users WHERE name LIKE ?")){
    $stmt->bind_param("s", $search);
    $stmt->execute();
    $stmt->bind_result($username, $name, $location, $gender, $date_of_birth, $picture);
    $stmt->store_result();
    $count = $stmt->num_rows;

   if ($count == 0) {
       $output = "There was no search results!";
   } else {
  

       while ($stmt->fetch()) { 

             
            $output .='<form action="#" method="post"><div class="row"><div class="col-sm-3">'.$name.'<br>'.$location.'<br>'.$gender.'<br>'.$date_of_birth.'</div>';

            $output2 = '<div class="col-sm-3"><img src="upload/'.$picture.'"width="180" height="144" /></div>';

            $output3 = '<input type="submit" name="addfriend" value="Submit" /></div></form>';
            

         }
    }
}
}


  if(isset($_POST['addfriend'])) {
 

    $user_from = $_SESSION['username'];
    $user_to = $_POST['username'];


if ($stmt = $db->prepare("INSERT INTO `friends_request`(`user_to`, `user_from`) VALUES (?,?)")){
    $stmt->bind_param("ss", $user_to, $user_from);
    $stmt->execute();


}
}

?>

When I run my code I get the following message

Notice: Undefined index: username in /Applications/MAMP/htdocs/student_connect/header.php on line 51

Rebekah
  • 21
  • 4

2 Answers2

0

It is simple. It says $_SESSION['username']; hasn't been set, so look for the line of code where you expect you'd set it. I guess it might be in some other file (maybe to be executed after a login-form filling..?)

J. Brown
  • 124
  • 7
  • it's actually this line that it doesn't like $user_to = $_POST['username']; – Rebekah Sep 02 '17 at 15:55
  • Sorry! It's the same, though: according to the code you put, $_POST['username'] might be under. That means that the form the user submit to get to the page might not have a "username" field, so you have to write it, inside te form. If I got your code right (not sure), you need this at the beginning of $output3: '', otherwhise submitting add friends won't pass that $username to the page – J. Brown Sep 02 '17 at 16:04
  • I don't want the username to be entered – Rebekah Sep 02 '17 at 16:18
  • Sorry I forgot: – J. Brown Sep 02 '17 at 16:30
0

You need to start Debugging your code.....

Try adding this line after "$user_from = $_SESSION['username'];"

if(!$user_from)
{
    echo "<pre>";
    var_dump($_SESSION);
    echo "<pre>";
}

Run your code and paste the results here - we can then start to determine what information is held in SESSION.

This is something you have to do when code doesn't do what expected, check your variables and see whats missing before heading to Stack. We are here to help, but need all info possible.

Nick
  • 908
  • 12
  • 29
  • just seen your comment re $_POST['username'].. change var_dump($_SESSION); in my answer to var_dump($_POST); – Nick Sep 02 '17 at 16:00
  • this is what it displays array(1) { ["addfriend"]=> string(6) "Submit" } – Rebekah Sep 02 '17 at 16:04
  • then you do not have username defined in your POST vars from your form. You need to look at the HTML that defines the form that send the info to this submission script. – Nick Sep 02 '17 at 18:00