Check in mysql if entry exists and not insert with php

Question

I have got a problem with testing out if a string exists in my database!

This is what I've got so far:

$db = mysqli_connect("localhost", "database", "secret", "user");
if(!$db)
{
exit("Error: ".mysqli_connect_error());
}
$search = 'SELECT * FROM table WHERE ip = $client_ip';
$result = mysqli_query($db, $search);



while($row = mysqli_fetch_object($result)) {
        if (isset($row->blocked)) {
            echo 'You are blocked!';
        } else {
            echo 'You are not blocked!';
        }

But this won't work for me. $client_ip is defined correctly before.

The client IP address is notoriously unreliable. Be aware that you're likely to catch people you don't intend to and fail to catch some that you do. — user1864610
– user1864610, Commented Nov 5, 2014 at 2:15
you also need to check the mysqli_num_rows($result) to see number of return result before going ahead — Saqueib
– Saqueib, Commented Nov 5, 2014 at 2:18
@Saqueib before checking rows, we should check whether $result is false, as a failed query will return false by mysqli_query() — Raptor
– Raptor, Commented Nov 5, 2014 at 2:33

John Conde · Accepted Answer · 2014-11-05 02:12:33Z

3

You need to wrap $client_ip in quotes as it is a string:

$search = "SELECT * FROM table WHERE ip = '$client_ip'";

answered Nov 5, 2014 at 2:12

John Conde

220k100 gold badges464 silver badges504 bronze badges

Sign up to request clarification or add additional context in comments.

5 Comments

John Conde Over a year ago

You need to call mysqli_error() to see what error mysql is reporting as that is correct syntax.

Raptor Over a year ago

You can echo $search to find out the resultant SQL .

Neverwork2123 Over a year ago

not a php dev, but i belive it needs to be: $search = "SELECT * FROM table WHERE ip = '" + $client_ip + "'";

CodeSlayer Over a year ago

@JordanFryar + is invalid character of concatination in php, use dot(.)

Edrich Over a year ago

@JordanFryar $search = "SELECT * FROM table WHERE ip = '" . $client_ip . "'"; -- in php dot(.) is used for concatenation not plus(+)

Yassine · Accepted Answer · 2014-11-05 10:36:14Z

0

try this one :

$search = "SELECT * FROM table WHERE ip = '{$client_ip}'";

answered Nov 5, 2014 at 10:36

Yassine

351 silver badge7 bronze badges

1 Comment

fejese Over a year ago

Please add some explanation as well to make it more clear what is the fix.

Collectives™ on Stack Overflow

Check in mysql if entry exists and not insert with php

2 Answers 2

5 Comments

1 Comment

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

5 Comments

1 Comment

Your Answer

Sign up or log in

Post as a guest

Related