I dont know how to fix this type of error I am facing this syntax error first time. any clue what is going wrong?I am creating a download counter with unique Ip address.
error: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘223.185.43.151’)’ at line 1
<?php
include "connect.php"; /* Database connection */
$c_id= $_GET['cource_id'];
$date=date("Y-m-d"); /* returns current date in yyy-mm-dd */
$userip=$_SERVER['REMOTE_ADDR']; /* store ip*/
$webpage=htmlspecialchars($_SERVER["REQUEST_URI"]);
$lastword = substr($webpage, strrpos($webpage, '/') + 1);
$query="select * from `unique_download` where `webpage`='$lastword'";
$result=mysqli_query($db,$query);
if($result->num_rows==0) /* block will execute when there is no record of current date in the database table */
{
$insertquery="insert into `unique_download`(`c_id`,`date`,`webpage`,`ip`) values ('$c_id','$date','$lastword,'$userip')";
mysqli_query($db,$insertquery) or die(mysqli_error($db));
}
else
{
$row=mysqli_fetch_array($result); /* Extracts result row From result object */
if(!preg_match('/'.$userip.'/i',$row['ip'])) /* Execute when current ip is not in database*/
{
$newip="$row[ip]$userip"; /* Combines previous and current user ip with separator */
$updatequery="update `unique_download` set `ip`='$newip', `downloads`=`downloads`+1 where `webpage`='$lastword'";
mysqli_query($db,$updatequery) or die(mysqli_error($db));
}
}
$url= $_GET['url'];
header('location:downloader.php?url='.$url);
?>
A couple things. First off you need to use prepared statements. That would fix the error you’re getting. Second you only need one query. Set a unique constraint to the column and then use INSERT IGNORE
<?php
// LINES TO BE ADDED
ini_set('html_errors', 'true');
ini_set('display_errors', 'true');
ini_set('display_startup_errors', 'true');
error_reporting(-1);
include "connect.php"; /* Database connection */
Edit:
Also learn how to echo $variables and stop the script before the actual error occurs. once satisfied the $variable is correct then move the line furher down to the next problem.
I know it is tedious but that is programming unfortunately
<?php
...
...
...
$query = "select * from `unique_download` where `webpage`='$lastword'";
echo '<br>$query ==> ' .$query .'<br>'; die;
$result=mysqli_query($db,$query);
if($result->num_rows==0) /* block will execute when there is no record of current date in the database table */
{
$insertquery="insert into `unique_download`(`c_id`,`date`,`webpage`,`ip`) values ('$c_id','$date','$lastword,'$userip')";
mysqli_query($db,$insertquery) or die(mysqli_error($db));
Try remming out sections of script to eliminate the errors because it is best to start with something that works then add script until an error occurrs:
Edit:
Notice how I have changed the /*block comments*/ to single line //comments
<?php
// LINES TO BE ADDED
ini_set('html_errors', 'true');
ini_set('display_errors', 'true');
ini_set('display_startup_errors', 'true');
error_reporting(-1);
echo __LINE__; die;
/* // THIS LINE TO BE MOVED DOWN ONCE __LINE__ IS SHOWING
// Database connection
include "connect.php";
$c_id= $_GET['cource_id'];
// returns current date in yyy-mm-dd
$date=date("Y-m-d");
// store ip
$userip=$_SERVER['REMOTE_ADDR'];
$webpage=htmlspecialchars($_SERVER["REQUEST_URI"]);
$lastword = substr($webpage, strrpos($webpage, '/') + 1);
$query="select * from `unique_download` where `webpage`='$lastword'";
$result=mysqli_query($db,$query);
// block will execute when there is no record of current date in the database table
if($result->num_rows==0)
{
$insertquery="INSERT INTO `unique_download`
(
`c_id`,`date`,`webpage`,`ip`
)
VALUES
(
'$c_id','$date','$lastword,'$userip'
)";
mysqli_query($db,$insertquery) or die(mysqli_error($db));
}else{
// Extracts result row From result object
$row=mysqli_fetch_array($result);
// Execute when current ip is not in database
if(!preg_match('/'.$userip.'/i',$row['ip']))
{
// Combines previous and current user ip with separator
$newip="$row[ip]$userip";
$updatequery="update `unique_download` set `ip`='$newip', `downloads`=`downloads`+1 where `webpage`='$lastword'";
mysqli_query($db,$updatequery) or die(mysqli_error($db));
} // pregmatch
}
$url= $_GET['url'];
header('location:downloader.php?url='.$url);
*/ // CLOSING REM STATEMENT TO BE REMOVED ONCE ALL ERRORS HAVE BEEN FIXED
// ? > NOT REQUIRED and possible to cause errors
ohky I got it. now still this error is back
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘106.204.62.208’ )’ at line 7