AND statement for mysqli

[V]

I'm trying to use the AND statement for an object oriented query using mysqli but I get

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '.0.1 AND post_id = 23' at line 1

 

The entire code:

 

 

require_once("functions.php");

$connection = dbConnect();


$_SERVER['REMOTE_ADDR'];
$ip = $_SERVER['REMOTE_ADDR'];

$sql = "SELECT * FROM unique_views WHERE ip = $ip AND post_id = {$_GET['post']}";

$result = $connection->query($sql) or die(mysqli_error($connection));

if (mysqli_num_rows($result) == 0)
{

$sql = "INSERT INTO unique_views
                 (ip, post_id)
          VALUES ('$ip', '$post')";
	  		  
	    $result = $connection->query($sql) or die(mysqli_error($connection));			

}

 

I first suspected that I'm doing this part

if (mysqli_num_rows($result) == 0)

wrong  :-\

 

So I tried..

 

$num_rows= $result->num_rows;

 

if ($num_rows == 0)

 

and I get the same error..

 

Do you think the AND statement is causing it?

 

[Mchl]

$ip is a string and as such should be queted in your query.

 

 

$sql = "SELECT * FROM unique_views WHERE ip = '$ip' AND post_id = {$_GET['post']}";

 

And BTW: putting a $_GET variable straight into your query is asking for trouble.

[V]

Ooh! I had used strings without the quotes before in simpler queries and got no syntax error. I guess I should add quotes fro now on.

 

Thanks!

[Mchl]

Ooh! I had used strings without the quotes before in simpler queries and got no syntax error. I guess I should add quotes fro now on.

 

Thanks!

 

It is not possible, unless these strings represented numeric values.