I'm practicing PHP and now, I'm studying inserting values to database using MySQLi, but I'm getting this error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
and I don't know what I'm doing wrong!. Here is my code:
header('Content-Type: text/html; charset=utf-8');
ini_set("display_errors", 1);
function getUserIP()
{
// Get real visitor IP behind CloudFlare network
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
$_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
$client = @$_SERVER['HTTP_CLIENT_IP'];
$forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
$remote = $_SERVER['REMOTE_ADDR'];
if(filter_var($client, FILTER_VALIDATE_IP))
{
$ip = $client;
}
elseif(filter_var($forward, FILTER_VALIDATE_IP))
{
$ip = $forward;
}
else
{
$ip = $remote;
}
return $ip;
}
if(isset($_GET['lat']) && !empty($_GET['lat']))
{
$lat = $_GET['lat'];
} else {
die();
}
if(isset($_GET['lon']) && !empty($_GET['lon']))
{
$lon = $_GET['lon'];
} else {
die();
}
$ip = getUserIP();
require('database.php');
$query = mysqli_query($mysqli, "SELECT * FROM `tracking` WHERE ip='".$ip."'");
if (!$query)
{
die('Error: ' . mysqli_error($mysqli));
}
if(mysqli_num_rows($query) > 0){
mysqli_query($mysqli,"UPDATE `tracking` SET lat='".$lat."', lon='".$lon."' WHERE ip='".$ip."'") or die(mysqli_error($mysqli)); echo "x1";
}
if(mysqli_num_rows($query) == 0){
mysqli_query($mysqli,"INSERT INTO `tracking` (id, ip, lat, lon) VALUES (NULL, '".$ip."', '".$lat."', '".$lon."'") or die(mysqli_error($mysqli));
}
mysqli_close($mysqli);
The line that is giving the error is:
mysqli_query($mysqli,"INSERT INTO
tracking(id, ip, lat, lon) VALUES (NULL, '".$ip."', '".$lat."', '".$lon."'") or die(mysqli_error($mysqli));
I hope that you understand what I'm trying to say here. Can you help me? Thank you!