When you are doing a conditional check like this:
if(mysql_num_rows($query) > 0) {
and your code is not forking as you expect, then var_dump that variable you are checking and take a good look at what it contains vs the condition you are checking against.
I will make some other suggestions about this part of your code too …
$ID = mysql_real_escape_string($_GET['ID']);
$followerid = intval($_SESSION['userID']);
$profileid = $ID;
$query = mysql_query("SELECT * FROM follow WHERE user_id = '". $profileid ."' AND follow_user_id= '". $followerid ."'");
This is what I would have done:
$profileid = (int)$_GET['ID'];
$followerid = $_SESSION['userID'];
$query = mysql_query("SELECT ID FROM follow
WHERE user_id = $profileid
AND follow_user_id = $followerid");
Now here again is your original code with my comments:
// you set a var called ID, then on line 3 you create another var and re-assign it
// this just makes your code hard to follow and is wasteful
$ID = mysql_real_escape_string($_GET['ID']);
// why do real_escape_string if ID is going to be an integer?
// setting it an integer with (int) is better here because if it comes across anything
// other that an integer it sets it to 0 (zero) which will not devastate your db table
// but SESSION vars should contain data which you already set somewhere else
// you should have set it to an integer when you set that session var. You should
// be able to trust your own data, otherwise it suggests you are allowing strings to be set
// as userIDs
$followerid = intval($_SESSION['userID']);
// see the top comment
$profileid = $ID;
// if profileid and followerid are both indeed integers, then there is no need to quote them
// so your sql string should be easier to type, less error prone and far easier to read
$query = mysql_query("SELECT * FROM follow WHERE user_id = '". $profileid ."' AND follow_user_id= '". $followerid ."'");
// stop doing select * when you don't need to access all the data in that row, the id alone would bring back
// what you are looking for, a positive result set (at this stage anyway).
// try and make your SQL stand out from the rest of you code by using new lines and tabs (if you like)
// it'll make your sql code easier to spot, fix and add extra lines
You should also stick to a var naming convention so you confuse yourself and others less.
You have used variously:
userID (caps for id)
followerid (all lowercase)
you might also use other conventions such as camelCase (followerId, or followerID), PascalCase (FollowerId) or use all lower case and join with underscores such as user_id, follower_id.
It matters not to me which one you pick, but pick one and stick with it and you will make far less errors and feel more comfortable. It might only seem a simple thing but will matter a lot to you in the future.
I hope you don’t mind me saying all that, it just hurts to see someone making exactly the same errors that I did when I was starting out.