<?php
require_once 'db.php';
if (empty($_SESSION['user_id'])) {
header('Location: login.php');
exit;
}
$current_id = (int)$_SESSION['user_id'];
$action = $_POST['action'] ?? '';
$target_id = isset($_POST['target_id']) ? (int)$_POST['target_id'] : 0;
if ($target_id <= 0 || $target_id === $current_id) {
header('Location: browse.php');
exit;
}
function redirect_back($target_id) {
header('Location: user.php?user_id=' . $target_id);
exit;
}
if ($action === 'add') {
// проверяем, нет ли уже записи
$stmt = $mysqli->prepare("
SELECT id, requester_id, addressee_id, status
FROM friendships
WHERE (requester_id = ? AND addressee_id = ?)
OR (requester_id = ? AND addressee_id = ?)
LIMIT 1
");
$stmt->bind_param('iiii', $current_id, $target_id, $target_id, $current_id);
$stmt->execute();
$rel = $stmt->get_result()->fetch_assoc();
$stmt->close();
if ($rel) {
// если раньше было declined – переотправляем
if ($rel['status'] === 'declined') {
$stmt = $mysqli->prepare("
UPDATE friendships
SET requester_id = ?, addressee_id = ?, status = 'pending', requester_notified = 0, created_at = NOW()
WHERE id = ?
");
$stmt->bind_param('iii', $current_id, $target_id, $rel['id']);
$stmt->execute();
$stmt->close();
}
} else {
$stmt = $mysqli->prepare("
INSERT INTO friendships (requester_id, addressee_id, status, requester_notified)
VALUES (?, ?, 'pending', 0)
");
$stmt->bind_param('ii', $current_id, $target_id);
$stmt->execute();
$stmt->close();
}
redirect_back($target_id);
}
if ($action === 'accept') {
// принимаем заявку и оставляем requester_notified = 0,
// чтобы отправителю показалось уведомление
$stmt = $mysqli->prepare("
UPDATE friendships
SET status = 'accepted', requester_notified = 0
WHERE requester_id = ? AND addressee_id = ? AND status = 'pending'
");
$stmt->bind_param('ii', $target_id, $current_id);
$stmt->execute();
$stmt->close();
redirect_back($target_id);
}
if ($action === 'decline') {
$stmt = $mysqli->prepare("
UPDATE friendships
SET status = 'declined', requester_notified = 0
WHERE requester_id = ? AND addressee_id = ? AND status = 'pending'
");
$stmt->bind_param('ii', $target_id, $current_id);
$stmt->execute();
$stmt->close();
redirect_back($target_id);
}
if ($action === 'remove') {
$stmt = $mysqli->prepare("
DELETE FROM friendships
WHERE status = 'accepted'
AND (
(requester_id = ? AND addressee_id = ?)
OR (requester_id = ? AND addressee_id = ?)
)
");
$stmt->bind_param('iiii', $current_id, $target_id, $target_id, $current_id);
$stmt->execute();
$stmt->close();
redirect_back($target_id);
}
// по умолчанию просто назад на профиль
redirect_back($target_id);