php if isset _SERVER HTTP_X_REQUESTED_WIT empty _SERVER HTTP_X_REQUEST

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
<?php
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest' && isset($_POST['fraccept'])) {
if (!$_POST['id']) exit();
else $id = intval($_POST['id']);
if ($_POST['accept'] == 'accept') $accept = true;
else $accept = false;
$id1 = $core->user['id'];
$id2 = $id;
if (mysql_num_rows($core->make("SELECT `id` FROM `friend` WHERE ((`user` = '$id1' AND `friend` = '$id2') OR (`user` = '$id2' AND `friend` = '$id1')) AND `accepted` = '0'")) == 0) exti();
if ($accept) $core->make("UPDATE `friend` SET `accepted` = '1' WHERE (`user` = '$id1' AND `friend` = '$id2') OR (`user` = '$id2' AND `friend` = '$id1')");
else $core->make("DELETE FROM `friend` WHERE ((`user` = '$id1' AND `friend` = '$id2') OR (`user` = '$id2' AND `friend` = '$id1'))");
if (!$core->isFollower($id2, $id1)) $core->make("INSERT INTO `followers` (`user`, `follower`) values ('$id2', '$id1')");
$core->make("INSERT INTO `answers` (`user`, `time`, `text`, `link`, `answers`) values ('$id2', '" . time() . "', 'Пользователь " . $core->user['name'] . " теперь ваш друг!', '/friends/', '1')");
exit("good");
}
?>