Dirks
01-13-2015, 09:54 PM
Hey everyone, I run a creative writing website that rewards people by number of words written rather than posts. I'm trying to come up with a rudimentary webpage that searches word count in a thread with a mySQL query. By searching online, my coder and I have hacked together what appears on paper to be a workable code, but it still produces a database error when the query is made. I was hoping someone here could help me out.
Here's the code: <?php
require_once('./global.php');
error_reporting(E_ALL & ~E_NOTICE & ~8192);
// define variables and set to empty values
$threadID = $threadIDErr = "";
$totalWords = 0;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["threadID"])) {
$threadIDErr = "threadID is required";
} else {
$threadID = test_input($_POST["threadID"]);
// check if threadID only contains numbers
if (!preg_match("/^[1-9]+$/",$name)) {
$threadIDErr = "Only numbers allowed";
}
}
// fetch all post from a specfic thread
$posts = $vbulletin->db->query_read("
SELECT pagetext
FROM " . TABLE_PREFIX . "post
WHERE threadid = $threadid
");
while ($post = $vbulletin->db->fetch_array($posts)) {
$totalWords = $totalWords + str_word_count($post['pagetext']);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Thread Word Count</h2>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Thread ID: <input type="text" name="threadID" value="<?php echo $threadID;?>">
<span class="error">* <?php echo $threadIDErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo sprintf("Thread ID %i contains %s words", $threadID, vb_number_format($totalWords));
?>
Here's the error I'm getting: Database error in vBulletin 4.2.2:
Invalid SQL:
SELECT pagetext
FROM post
WHERE threadid =;
MySQL Error : You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '' at line 3
Error Number : 1064
Any help you can provide would be great. Here's the sample: www.althanas.com/world/postcount.php
Here's the code: <?php
require_once('./global.php');
error_reporting(E_ALL & ~E_NOTICE & ~8192);
// define variables and set to empty values
$threadID = $threadIDErr = "";
$totalWords = 0;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["threadID"])) {
$threadIDErr = "threadID is required";
} else {
$threadID = test_input($_POST["threadID"]);
// check if threadID only contains numbers
if (!preg_match("/^[1-9]+$/",$name)) {
$threadIDErr = "Only numbers allowed";
}
}
// fetch all post from a specfic thread
$posts = $vbulletin->db->query_read("
SELECT pagetext
FROM " . TABLE_PREFIX . "post
WHERE threadid = $threadid
");
while ($post = $vbulletin->db->fetch_array($posts)) {
$totalWords = $totalWords + str_word_count($post['pagetext']);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Thread Word Count</h2>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Thread ID: <input type="text" name="threadID" value="<?php echo $threadID;?>">
<span class="error">* <?php echo $threadIDErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo sprintf("Thread ID %i contains %s words", $threadID, vb_number_format($totalWords));
?>
Here's the error I'm getting: Database error in vBulletin 4.2.2:
Invalid SQL:
SELECT pagetext
FROM post
WHERE threadid =;
MySQL Error : You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '' at line 3
Error Number : 1064
Any help you can provide would be great. Here's the sample: www.althanas.com/world/postcount.php