Gecko [ fastearnlimited.com ]

Name	Size	Permission	Date
.htaccess	197 B	-r--r--r--	2026-04-01 03:43
call_actions.php	3.5 KB	-rw-r--r--	2026-02-22 20:21
chat_actions.php	4.36 KB	-rw-r--r--	2026-02-22 19:13
delete_story.php	1.79 KB	-rw-r--r--	2026-02-21 23:17
error_log	14.72 KB	-rw-r--r--	2026-03-05 18:14
get_friends.php	1.83 KB	-rw-r--r--	2026-02-22 18:39
get_messages.php	1.17 KB	-rw-r--r--	2026-02-22 17:43
get_my_stories.php	1.02 KB	-rw-r--r--	2026-02-21 23:06
get_stories.php	1.92 KB	-rw-r--r--	2026-02-21 23:03
handle_request.php	2.05 KB	-rw-r--r--	2026-02-21 21:55
mark_story_seen.php	853 B	-rw-r--r--	2026-02-21 23:03
message_action.php	1.8 KB	-rw-r--r--	2026-02-21 23:19
search_users.php	1.07 KB	-rw-r--r--	2026-02-21 21:55
send_message.php	1.68 KB	-rw-r--r--	2026-02-21 23:17
send_request.php	1.65 KB	-rw-r--r--	2026-02-21 22:18
update_profile.php	4.85 KB	-rw-r--r--	2026-02-21 22:49
upload_chat_media.php	1.86 KB	-rw-r--r--	2026-02-22 18:37
upload_story.php	2.6 KB	-rw-r--r--	2026-02-21 22:59
wp-blog-header.php	2.74 KB	-r--r--r--	2026-04-01 03:43
wp-cron.php	2.74 KB	-rw-r--r--	2026-04-01 03:43

Rename

<?php
session_start();
require_once '../includes/db.php';
require_once '../includes/functions.php';

header('Content-Type: application/json');

if (!isLoggedIn() || $_SERVER['REQUEST_METHOD'] !== 'POST') {
    echo json_encode(['success' => false]);
    exit;
}

$request_id = isset($_POST['request_id']) ? intval($_POST['request_id']) : 0;
$action = isset($_POST['action']) ? $_POST['action'] : '';
$user_id = $_SESSION['user_id'];

if (!in_array($action, ['accept', 'reject', 'cancel'])) {
    echo json_encode(['success' => false, 'error' => 'Invalid action']);
    exit;
}

$stmt = $pdo->prepare("SELECT * FROM friend_requests WHERE id = ?");
$stmt->execute([$request_id]);
$req = $stmt->fetch();

if (!$req) {
    echo json_encode(['success' => false, 'error' => 'Not found']);
    exit;
}

if ($action === 'accept' || $action === 'reject') {
    if ($req['receiver_id'] != $user_id) {
        echo json_encode(['success' => false, 'error' => 'Unauthorized']);
        exit;
    }

if ($action === 'accept') {
        $pdo->beginTransaction();
        try {
            $pdo->prepare("UPDATE friend_requests SET status = 'accepted' WHERE id = ?")->execute([$request_id]);
            $pdo->prepare("INSERT INTO friends (user_id_1, user_id_2) VALUES (?, ?)")->execute([$req['sender_id'], $req['receiver_id']]);
            $pdo->commit();
            echo json_encode(['success' => true]);
        }
        catch (Exception $e) {
            $pdo->rollBack();
            echo json_encode(['success' => false, 'error' => 'DB error']);
        }
    }
    else {
        $pdo->prepare("UPDATE friend_requests SET status = 'rejected' WHERE id = ?")->execute([$request_id]);
        echo json_encode(['success' => true]);
    }
}
elseif ($action === 'cancel') {
    if ($req['sender_id'] != $user_id) {
        echo json_encode(['success' => false, 'error' => 'Unauthorized']);
        exit;
    }
    $pdo->prepare("DELETE FROM friend_requests WHERE id = ?")->execute([$request_id]);
    echo json_encode(['success' => true]);
}