requests.php

<?php  
require_once("includes/header.php");

?>

<div class="main_column column" id="main_column"> 
	
	<h4>Friend requests</h4>

	<?php  

	$query = mysqli_query($con, "SELECT * FROM FRIEND_REQUESTS WHERE USER_TO='$userLoggedIn'");
	if(mysqli_num_rows($query) == 0)
		echo "You have no friend requests at this time!";
	else {

		while ($row = mysqli_fetch_array($query)) {
			$user_from = $row['USER_FROM'];
			$user_from_obj = new User($con, $user_from);

			echo $user_from_obj->getName(). " sent you a friend request!";

			$user_from_friend_array = $user_from_obj->getFriendArray();

			if (isset($_POST['accept_request'. $user_from])) {
				$add_friend_query = mysqli_query($con, "UPDATE USER SET FRIEND_ARRAY=CONCAT(FRIEND_ARRAY, '$user_from,') WHERE USERNAME='$userLoggedIn'");

				$add_friend_query = mysqli_query($con, "UPDATE USER SET FRIEND_ARRAY=CONCAT(FRIEND_ARRAY, '$userLoggedIn,') WHERE USERNAME='$user_from'");

				$delete_query = mysqli_query($con, "DELETE FROM FRIEND_REQUESTS WHERE USER_TO='$userLoggedIn' AND USER_FROM='$user_from'");
				echo "You are now friends!";
				header("Location: requests.php");
			}

			if (isset($_POST['ignore_request'. $user_from])) {
				$delete_query = mysqli_query($con, "DELETE FROM FRIEND_REQUESTS WHERE USER_TO='$userLoggedIn' AND USER_FROM='$user_from'");
				echo "Request ignored!";
				header("Location: requests.php");
			}

			?>
			<form action="requests.php" method="POST">
				<input type="submit" name="accept_request<?php echo $user_from; ?>" id="accept_button" value="Accept">
				<input type="submit" name="ignore_request<?php echo $user_from; ?>" id="ignore_button" value="Ignore">
			</form>
			<?php
		}

	}

	?>


</div>