I have this code which is stored on a view_profile.php page. It has a form called Add as a friend. There are no syntax errors. But when I submit the form nothing happens when it should refresh and send me to the outbox page? Also, it should send a message to the requested users inbox. Any ideas?
PS: I'm new to PHP/MySQL so sorry if the code is not 100%. I am going to convert this piece to PDO in the future, just don't want to yet as it is practice to get to grips with queries etc.
<?php
session_start();
include "db.php";
$sqlCommand = "SELECT userid, username FROM users WHERE username='" . $_SESSION['username'] . "'";
$query = mysql_query($sqlCommand, $connection) or die (mysql_error());
while ($row = mysql_fetch_array($query)) {
$pid = $row["userid"];
$from_username = $_SESSION['username'];
}
mysql_free_result($query);
$to_userid = $_POST['to_userid'];
$sqlCommand = "SELECT userid, username FROM users WHERE userid='$to_userid' LIMIT 1";
$query = mysql_query($sqlCommand, $connection) or die (mysql_error());
while ($row = mysql_fetch_array($query)) {
$TOid = $_SESSION['username'];
}
mysql_free_result($query);
?>
<input name="to_username" type="hidden" id="to_username" value="<?php print $username;?>"/>
<input name="title" type="hidden" id="title" value="<?php print $from_username ?> wants to add you as a friend!"/>
<input name="content" type="hidden" id="content" value="<?php print $from_username; ?> wants to add you as a friend!"/>
<input name="to_userid" type="hidden" id="to_userid" value="<?php print $TOid; ?>"/>
<input name="from_username" type="hidden" id="from_username" value="<?php print $from_username ?>"/>
<input name="userid" type="hidden" id="from_username" value="<?php print $_SESSION['userid'] ?>"/>
<input name="senddate" type="hidden" id="senddate" value="<?php echo date("l, jS F Y, g:i:s a"); ?>"/>
<input type="submit" name="addFriend" id="addFriend" value="Add <?php print $username ?> as a friend!" />
<?php
if($_POST['addFriend']){
$to_username = $_POST['to_username'];
$title = $_POST['title'];
$content = $_POST['content'];
$to_userid = $_POST['to_userid'];
$userid = $_POST['userid'];
$from_username = $_POST['from_username'];
$senddate = $_POST['senddate'];
require_once "db.php";
$query = mysql_query("INSERT INTO pm_outbox (userid, username, to_userid, to_username, title, content, senddate)VALUES('$userid', '$from_username', '$to_userid', '$to_username', '$title', '$content', '$senddate')",$connection) or die (mysql_error($connection));
$query = mysql_query( "INSERT INTO pm_inbox (userid,username,from_id, from_username, title,content,recieve_date)VALUES('$to_userid', '$to_username','$userid','$from_username', '$title', '$content','$senddate')",$connection) or die (mysql_error($connection));
echo "<meta http-equiv=\"refresh\" content=\"0; URL=pm_outbox.php\">";
exit();
}
?>