Struggling With 'Social Network' Script

PHP
1

Hi,

I am trying to create a script for a ‘social network’ system. The idea is that USER1 (follow_user_id) can follow USER 2 (user_id)

The table is ‘follow’ but I cant seem to get it to work. Does anyone have any suggestions on what I can try. All I can currently do is echo the ID of the person who is logged in from the first line of code.

<?php
$id = $_SESSION['userID'];
if (($_GET['do'] == 'follow') && !empty($_GET['id'])) {
         // check if user is logged in
         if (($_SESSION['auth']) && !empty($_SESSION['current_user_id'])) { // whatever your $_SESSION variable is for logged in users
                         if ($_SESSION['current_user_id'] == $_GET['current_user_id']) {
                                         // other checks here to determine various ID's are numeric, etc.
                                         $sql = "INSERT INTO `follow` (`user_id`, `follow_user_id`) VALUES (". (int)$_SESSION['current_user_id'] .", ". (int)$_GET['id'] .")";
                                         if (!mysql_query($sql)) {
                                                         if (mysql_errno($link_identifier) == 1062) { //$link_identifier is necessary to avoid conflicting
error notices due to multiple openning/closing SQL connections
                                                                         // duplicate attempt to follow
                                                                         // handle accordingly
                                                         }
                                         }
                         }
         }
}
?>
</div>
<div class="forminputcell">
         <div class="datainput">
                         <div class="forminputleft">
                                         Follow:
                         </div>
                         <div class="followbutton">
                                         <a href="<?php echo $_SERVER['PHP_SELF']; ?>?do=follow&id=354"><img src="/images/follow.png" class="submit-button"/></a>
                         </div>
         </div>
</div>
</div>
<?php echo $id; ?> <br>
<?php echo $current_user_id; ?> <br>


</div>
2

I can tell you that nested if statements are a very quick and easy way to make your code unreadable and guarantee the long term failiure of your project.

3

Thanks,

So what is the alternative method to using if statements?

4

So what is the alternative method to using if statements?

Rather than nest the ifs, test for failure and send away (use header(“Location:”))


if (($_GET['do'] !== 'follow') || (int)$_GET['id']===0 ) {
// just send away
}

// from now on id is an integer at least, and the action is follow

// now get on with logic.

Also, consider creating a function or class to handle all that session stuff. e.g.


if(!isValidUser($_GET['current_user_id']) ){
  // just send away
}

// from now on the user can be taken as being valid

Now, var_dump() the variables you are testing for prior to making a conditional check, this usually turns up where you are going wrong.

5

Well, I’d recommend using objects and taking advantage of polymorphism as a general guide to getting rid of nasty if statements.

Edit: here’s a google clean code talk about this very thing (replacing messy if statements with much cleaner polymorphism, as well as testing too):

6

Im struggling to understand how I can seperate out the two different id numbers.

If I click on the profile of 350 I have the ID 350. But how do I seperate that from ID 355? Whatever I do have the ID showing as 355 if I am logged is as 355.

7

Hi,

I have made some progress with this. I can now echo all the rows I need and it no longer runs when the page is reloaded however the code no longer works when the button is pressed.

I have tried printing some values but these dont seem to help. Does anyone have any suggestions please on what I can try to get it to work?

<?php

	

 $followerid = intval($_SESSION['userID']);
        $profileid  = intval($row['id']);
		

	print_r ($followerid);
	print_r ($profileid);
echo '<pre>' . print_r($_SESSION, true) . '</pre>';
	echo print_r ($followbutton);
		echo '<pre>' . print_r($_POST, true) . '</pre>';

	
if(isset($_POST['followbutton']) && $_POST['followbutton'] == 'true'){

print_r ($followerid);
	print_r ($profileid);
	print_r ($_POST['followbutton']);

	echo print_r ($followbutton);
		echo '<pre>' . print_r($_POST, true) . '</pre>';
		
		echo '<pre>' . print_r($_SESSION, true) . '</pre>';
		

	if($profileid =  $followerid) {
        $errors['profileid'] = "This is a test error.";
    }



if(!$errors){
        //Validation of input vars passed, attempt to run query
        //Force vars to be ints to be safe for query statement

		
		    $followerid = intval($_SESSION['userID']);
        $profileid  = intval($row['id']);

        $query = "INSERT INTO `follow` (`user_id`, `follow_user_id`) VALUES ('{$profileid}', '{$followerid}')";
        $result = mysql_query($query);

		
		
        if (!$result)
        {
                $errors[] = "Query: {$query}<br>Error: " . mysql_error();

        }
	}	
	}
	

	
?>


<?php
		print_r ($followerid);
	print_r ($profileid);
	print_r ($followbutton);
	echo print_r ($_POST['followbutton']);
	

		
		
			echo '<pre>' . print_r($_POST, true) . '</pre>';
		
	echo print_r ($followbutton);
	
	?>

       <?php if($errors['profileid']) print '<div class="invalid">' . $errors['profileid'] . ''; ?>



</div>
<div class="followbuttonbox">

<a href="<?php echo $_SERVER['PHP_SELF']; ?>?ID=<?php echo $profileid; ?>"><img src="/images/follow.png" id="followbutton"   /></a>
<input type="hidden"  id="followbutton" value="true" />
</div>
8 
if(isset($_POST['followbutton']) && $_POST['followbutton'] == 'true'){

That conditional check looks a bit weak.

Try adding this line before that condition to see what you are actually getting.


var_dump($_POST['followbutton']);

If it is not the 4 char string ‘true’ then that condition will be passed over and the code will not be run.

9

Thanks mate. It echoes “NULL”.

Also the var_dump and the print below “if(isset($_POST[‘followbutton’]) && $_POST[‘followbutton’] == ‘true’){” dont display or appear to do anything. Should they be echoing on the page?

	print_r ($followerid);
	print_r ($profileid);
echo '<pre>' . print_r($_SESSION, true) . '</pre>';
	echo print_r ($followbutton);
		echo '<pre>' . print_r($_POST, true) . '</pre>';

	var_dump($_POST['followbutton']);
	
if(isset($_POST['followbutton']) && $_POST['followbutton'] == 'true'){

var_dump($_POST['followbutton']);

print_r ($followerid);
	print_r ($profileid);
	print_r ($_POST['followbutton']);
10

It echoes NULL:

When followbutton is activated or not activated?

11

Both, when I view the page or press the button it only displays NULL.

12

No wonder the code never runs then!

This is why when debugging forms, your PHP form handler should start with the lines:


<?php
// temp debug code you use only on your development server
var_dump($_POST);  // or GET
echo '<hr / '; // just to separate it visually.
?>

/// now get on with your logic ...

My guess is that will turn up your error …

Otherwise you will have to show us the code for the form.

Generate the form in html and then show us the resulting HTML, it sounds as though you have either made an invalid html form, or you have incorrectly typed the variable names.

13

This is what it displays

array(0) { }

14

This is the code I have…

&lt;?php
// temp debug code you use only on your development server
var_dump($_POST);  // or GET
echo '&lt;hr / '; // just to separate it visually.
?&gt;


&lt;?php

	

 $followerid = intval($_SESSION['userID']);
        $profileid  = intval($row['id']);
		

	print_r ($followerid);
	print_r ($profileid);
echo '&lt;pre&gt;' . print_r($_SESSION, true) . '&lt;/pre&gt;';
	echo print_r ($followbutton);
		echo '&lt;pre&gt;' . print_r($_POST, true) . '&lt;/pre&gt;';

	var_dump($_POST['followbutton']);
	
if(isset($_POST['followbutton']) && $_POST['followbutton'] == 'true'){

var_dump($_POST['followbutton']);

print_r ($followerid);
	print_r ($profileid);
	print_r ($_POST['followbutton']);

	echo print_r ($followbutton);
		echo '&lt;pre&gt;' . print_r($_POST, true) . '&lt;/pre&gt;';
		
		echo '&lt;pre&gt;' . print_r($_SESSION, true) . '&lt;/pre&gt;';
		

	if($profileid =  $followerid) {
        $errors['profileid'] = "This is a test error.";
    }



if(!$errors){
        //Validation of input vars passed, attempt to run query
        //Force vars to be ints to be safe for query statement

		
		    $followerid = intval($_SESSION['userID']);
        $profileid  = intval($row['id']);

        $query = "INSERT INTO `follow` (`user_id`, `follow_user_id`) VALUES ('{$profileid}', '{$followerid}')";
        $result = mysql_query($query);

		
		
        if (!$result)
        {
                $errors[] = "Query: {$query}&lt;br&gt;Error: " . mysql_error();

        }
	}	
	}
	

	
?&gt;


&lt;?php
		print_r ($followerid);
	print_r ($profileid);
	print_r ($followbutton);
	echo print_r ($_POST['followbutton']);
	

		
		
			echo '&lt;pre&gt;' . print_r($_POST, true) . '&lt;/pre&gt;';
		
	echo print_r ($followbutton);
	
	?&gt;

       &lt;?php if($errors['profileid']) print '&lt;div class="invalid"&gt;' . $errors['profileid'] . ''; ?&gt;



&lt;/div&gt;
&lt;div class="followbuttonbox"&gt;

&lt;a href="&lt;?php echo $_SERVER['PHP_SELF']; ?&gt;?ID=&lt;?php echo $profileid; ?&gt;"&gt;&lt;img src="/images/follow.png" id="followbutton"   /&gt;&lt;/a&gt;
&lt;input type="hidden"  id="followbutton" value="true" /&gt;
&lt;/div&gt;
15

So this is your form?


<div class="followbuttonbox"> 
<a href="<?php echo $_SERVER['PHP_SELF']; ?>?ID=<?php echo $profileid; ?>"><img src="/images/follow.png" id="followbutton"   /></a>
<input type="hidden"  id="followbutton" value="true" /> 
</div>

Either create a proper form and use the post method, or if you are using the GET method by creating a URL – as you seem to be doing then this changes things a little.


<div class="followbuttonbox"> 
<a href="<?php echo $_SERVER['PHP_SELF']; ?>?followbutton=true&ID=<?php echo $profileid; ?>">
<img src="/images/follow.png" id="followbutton"   /></a>
</div>

In your PHP postback form handler can now access these variables using GET rather than post.


<?php
// temp debug code you use only on your development server
var_dump($_GET);  
echo '<hr / '; // just to separate it visually.


if( $_GET['followbutton'] === 'true' ){ 
echo ' do your stuff ' ;
}

?>
16

Hi,

I did have the code working however the code would work whenever I viewed the page. I am now trying to make it so that it only runs when I press the button.

What would you advise I do for this?

This is my link profileinserttest.php?ID=355

I am also running a query on the page as I am displaying the ID also.

Im not sure what you mean by a proper form as I dont want a form to appear on the page. Just the button. What do you think is the best option to follow?

17

As I am using the form on a page with multiple code on should I use a form? The thing I dont know how it should work.

18

Its up to you as far as I can see.

If your button is an image inside a url string then that is fine, but you have to add to the string the variables you want.

Else, create a small but correctly formed POST form with the hidden element - but in my experience these mini forms never behave the same on all browsers.

19

Thanks, so how do I add the string to the variables.

I thought thats what I was doing with the POST = true.

Is there a proper technique I should use?

20

I showed you how to add it in post #15