views:

80

answers:

3

It's 12:30am and I have been coding for 9 hours straight. I really need to get this project done, but MySQL is messing with my deadline. Could you examine this snippet for me and see if you can find out what is wrong?

PHP/MySQL Query

$q = $this->db->query("SELECT * FROM bans WHERE ip='".$ip."'");

Keeps returning the following error...

MYSQL Error [Oct 6th, 2010 11:31pm CDT]
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '* FROM bans WHERE ip='206.53.90.231'' at line 1 (1064)

I do not see anything wrong with the query. I've even tried different methods of including the variable $ip but with no avail.

EDIT:
Just to add in here, the ip column in my database is a varchar(255).

EDIT 2:
Here is the whole affected code. Keep in mind that this is all in a class. If I'm missing something, let me know.

Line from another Function

if($this->isBanned($_SERVER['REMOTE_ADDR'])===true) { return json_encode(array('error'=>'You are banned from this ShoutBox.')); }

Affected Function

function isBanned($ip) {
    $q = $this->db->query("SELECT * FROM bans WHERE ip='".$ip."'"); $num = $this->db->affected_rows;
    if($num>0) { $row = $this->db->fetch_array($q); if(($row['expires'] < time()) && ($row['expires'] !== 0)) { $this->unbanUser($ip,'internal'); return false; } return true; } return false;
}

unbanUser function

function unbanUser($ip,$t='box') {
    $q = $this->db->query("SELECT * FROM bans WHERE ip='".$ip."'"); $num = $this->db->affected_rows; if($num>0) { $q = $this->db->query("DELETE * FROM bans WHERE ip='".$ip."'"); 
    return (($t=='box') ? json_encode(array('status'=>'removed')) : true); } else { return (($t=='box') ? json_encode(array('error'=>'Unable to locate the user.')) : true); }
}
A: 

Try this:

$q = $this->db->query('SELECT * FROM bans WHERE ip="' . $ip . '"');
dminorstudio
What difference would that make to MySQL?
BoltClock
Yea, exactly what I was thinking.
BigRossLabs
Actually, the SQL standard says that string literals MUST be single-quoted, but MySQL allows double quotes (double quotes in the SQL standard are analogous to MySQL's back quotes). This might save you few hours of head scratching if you ever use a different DBMS.
imgx64
A: 

Check if you are using the ' character or the ´ character (the last one is an accent)

Nicolas Bottarini
The error is somewhere before the *
Nirmal
I'm using ' not ´ but it has never mattered.
BigRossLabs
+5  A: 

I think it may be It is your DELETE statement which is causing the error.

Remove the * after the DELETE and it should be fine.

Jarod Elliott
It is definitively the `DELETE` that is causing the issue here.
Andrew Moore
Oh my god. I was writing too many queries today and completely was not thinking straight when it came to <pre>DELETE</pre>. Yea, that fixed my issues. Thank you very much for helping me out on this one.
BigRossLabs
That's the knot in the story!
Nirmal