I am trying to create a "views" system on my books website.
I have the following tables with the following columns:
Books
-bookid
-bookname
-authorid
-views
my webpage is set up to display a book based on the $_GET['bookid']
variable and I want to add 1 (increment the views
column by one for that particular book)
I tried using the following code but it didn't update my table:
<?php $sql = "UPDATE `books` \n" . "SET views = views+1 WHERE" . $_GET['bookid'] .= "bookid"; ?>
ALSO: I used dreamweaver to run the recordset query) so maybe something is different.
Please Help!
Sidenote: Can you please recommend a good book/video or written tutorial to learn php and mysql for absolute beginners like my self!
This is important: don't include $_GET paramaters directly in your SQL query.
This makes your website vulnerable to an SQL Injection attack. Sanatise your inputs by using:
$book_id = mysql_real_escape_string($_GET['book_id']); // If it is a string
$book_id = intval($_GET['book_id']); // It it is an integer
// Assuming it is an integer
$sql = "UPDATE books SET views = views+1 WHERE bookid = $book_id";
You obviously need to execute that query, are you doing that?
$user="username";
$password="password";
$database="database";
mysql_connect(localhost,$user,$password);
mysql_select_db($database) or die( "Unable to select database");
mysql_query($sql);
mysql_close();
EDIT: Also, just a tip, since you're using $_GET
you should be executing something like yourscript.php?book_id=12345
, is that what you're doing?
you've already found some of the best ways to learn PHP: writing code and coming here when you don't know further :) (don't have a real good tutorial on my hands beyond that ;) As for your question:
$_GET['bookid']
$sql
oh wait. you're not actually executing the sql in your code, just generating a string with the query. you need to open a connection etc, or are you doing that and leaving it out here?
Your query looks slightly off. Try this: $sql = 'UPDATE books SET views = views+1 WHERE bookid = ' . intval($_GET['book_id']);
$sql = 'UPDATE books SET views = views+1 WHERE bookid = ' . intval($_GET['book_id']);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.